feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #415 from dgarske/customcurve-mathupdate

Browse Source 
Support for custom ECC curves and math lib updates
This commit is contained in:
toddouska
2016-06-17 12:56:52 -07:00
committed by GitHub
parent 16b85cee8f 6da166d83b
commit 4fc07a2e9e
12 changed files with 1192 additions and 839 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
configure.ac
View File

@ -768,6 +768,18 @@ fi
AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
# ECC Custom Curves
AC_ARG_ENABLE([ecccustcurves],
[AS_HELP_STRING([--enable-ecccustcurves],[Enable ECC custom curves (default: disabled)])],
[ ENABLED_ECCCUSTCURVES=$enableval ],
[ ENABLED_ECCCUSTCURVES=no ]
)
if test "$ENABLED_ECCCUSTCURVES" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CUSTOM_CURVES"
fi
# for using memory optimization setting on both curve25519 and ed25519
ENABLED_CURVED25519_SMALL=no

20
src/ssl.c
View File

@ -16341,7 +16341,7 @@ int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group)
}
switch(group->curve_nid) {
case NID_X9_62_prime256v1:
case NID_secp256k1:
return 256;
case NID_secp384r1:
return 384;
@ -16527,7 +16527,7 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
const WOLFSSL_BIGNUM *n, const WOLFSSL_EC_POINT *q,
const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx)
{
mp_int prime;
mp_int a, prime;
(void)ctx;
(void)n;
@ -16549,25 +16549,29 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
}
}
/* compute the prime value of the curve */
if (mp_init(&prime) != MP_OKAY) {
WOLFSSL_MSG("wolfSSL_EC_POINT_mul init BN failed");
/* read the curve prime and a */
if (mp_init_multi(&prime, &a, NULL, NULL, NULL, NULL) != MP_OKAY) {
WOLFSSL_MSG("wolfSSL_EC_POINT_mul init 'prime/A' failed");
return SSL_FAILURE;
}
if (mp_read_radix(&prime, ecc_sets[group->curve_idx].prime, 16) != MP_OKAY){
WOLFSSL_MSG("wolfSSL_EC_POINT_mul read prime curve value failed");
WOLFSSL_MSG("wolfSSL_EC_POINT_mul read 'prime' curve value failed");
return SSL_FAILURE;
}
if (mp_read_radix(&a, ecc_sets[group->curve_idx].Af, 16) != MP_OKAY){
WOLFSSL_MSG("wolfSSL_EC_POINT_mul read 'A' curve value failed");
return SSL_FAILURE;
}
/* r = q * m % prime */
if (wc_ecc_mulmod((mp_int*)m->internal, (ecc_point*)q->internal,
(ecc_point*)r->internal, &prime, 1) != MP_OKAY) {
(ecc_point*)r->internal, &a, &prime, 1) != MP_OKAY) {
WOLFSSL_MSG("ecc_mulmod failure");
mp_clear(&prime);
return SSL_FAILURE;
}
mp_clear(&a);
mp_clear(&prime);
/* set the external value for the computed point */

26
wolfcrypt/src/asm.c
View File

@ -136,7 +136,7 @@ __asm__( \
"adcl $0,%%edx \n\t" \
"movl %%edx,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy), "g"(mu), "g"(*tmpm++) \
:"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++) \
: "%eax", "%edx", "cc")
#define PROPCARRY \
@ -533,25 +533,21 @@ __asm__( \
mu = c[x] * mp
#define INNERMUL \
__asm__( \
__asm__( \
" mullw 16,%3,%4 \n\t" \
" mulhwu 17,%3,%4 \n\t" \
" addc 16,16,%0 \n\t" \
" addc 16,16,%2 \n\t" \
" addze 17,17 \n\t" \
" lwz 18,%1 \n\t" \
" addc 16,16,18 \n\t" \
" addc %1,16,%5 \n\t" \
" addze %0,17 \n\t" \
" stw 16,%1 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
:"=r"(cy),"=r"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "cc"); ++tmpm;
#define PROPCARRY \
__asm__( \
" lwz 16,%1 \n\t" \
" addc 16,16,%0 \n\t" \
" stw 16,%1 \n\t" \
" xor %0,%0,%0 \n\t" \
" addze %0,%0 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
__asm__( \
" addc %1,%3,%2 \n\t" \
" xor %0,%2,%2 \n\t" \
" addze %0,%2 \n\t" \
:"=r"(cy),"=r"(_c[0]):"0"(cy),"1"(_c[0]):"cc");
#elif defined(TFM_PPC64)
@ -740,7 +736,7 @@ __asm__( \
"addq %%rax,%0 \n\t" \
"adcq %%rdx,%1 \n\t" \
"adcq $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "x"(i) :"%rax","%rdx","cc");
#define SQRADD2(i, j) \
__asm__( \

1514
wolfcrypt/src/ecc.c
View File

File diff suppressed because it is too large Load Diff

159
wolfcrypt/src/integer.c
View File

@ -252,7 +252,7 @@ int mp_leading_bit (mp_int * a)
if (mp_init_copy(&t, a) != MP_OKAY)
return 0;
while (mp_iszero(&t) == 0) {
while (mp_iszero(&t) == MP_NO) {
#ifndef MP_8BIT
bit = (t.dp[0] & 0x80) != 0;
#else
@ -277,7 +277,7 @@ int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
}
x = 0;
while (mp_iszero (&t) == 0) {
while (mp_iszero (&t) == MP_NO) {
#ifndef MP_8BIT
b[x++] = (unsigned char) (t.dp[0] & 255);
#else
@ -329,7 +329,7 @@ int mp_copy (mp_int * a, mp_int * b)
/* zero b and copy the parameters over */
{
register mp_digit *tmpa, *tmpb;
mp_digit *tmpa, *tmpb;
/* pointer aliases */
@ -507,7 +507,7 @@ void mp_exch (mp_int * a, mp_int * b)
/* shift right a certain number of bits */
void mp_rshb (mp_int *c, int x)
{
register mp_digit *tmpc, mask, shift;
mp_digit *tmpc, mask, shift;
mp_digit r, rr;
mp_digit D = x;
@ -553,7 +553,7 @@ void mp_rshd (mp_int * a, int b)
}
{
register mp_digit *bottom, *top;
mp_digit *bottom, *top;
/* shift the digits down */
@ -686,8 +686,8 @@ int mp_mul_2d (mp_int * a, int b, mp_int * c)
/* shift any bit count < DIGIT_BIT */
d = (mp_digit) (b % DIGIT_BIT);
if (d != 0) {
register mp_digit *tmpc, shift, mask, r, rr;
register int x;
mp_digit *tmpc, shift, mask, r, rr;
int x;
/* bitmask for carries */
mask = (((mp_digit)1) << d) - 1;
@ -740,7 +740,7 @@ int mp_lshd (mp_int * a, int b)
}
{
register mp_digit *top, *bottom;
mp_digit *top, *bottom;
/* increment the used by the shift amount then copy upwards */
a->used += b;
@ -845,7 +845,7 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
/* if the modulus is odd or dr != 0 use the montgomery method */
#ifdef BN_MP_EXPTMOD_FAST_C
if (mp_isodd (P) == 1 || dr != 0) {
if (mp_isodd (P) == MP_YES || dr != 0) {
return mp_exptmod_fast (G, X, P, Y, dr);
} else {
#endif
@ -888,13 +888,13 @@ int mp_abs (mp_int * a, mp_int * b)
int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
{
/* b cannot be negative */
if (b->sign == MP_NEG || mp_iszero(b) == 1) {
if (b->sign == MP_NEG || mp_iszero(b) == MP_YES) {
return MP_VAL;
}
#ifdef BN_FAST_MP_INVMOD_C
/* if the modulus is odd we can use a faster routine instead */
if (mp_isodd (b) == 1) {
if (mp_isodd (b) == MP_YES) {
return fast_mp_invmod (a, b, c);
}
#endif
@ -917,7 +917,7 @@ int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
int res, neg, loop_check = 0;
/* 2. [modified] b must be odd */
if (mp_iseven (b) == 1) {
if (mp_iseven (b) == MP_YES) {
return MP_VAL;
}
@ -947,13 +947,13 @@ int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
top:
/* 4. while u is even do */
while (mp_iseven (&u) == 1) {
while (mp_iseven (&u) == MP_YES) {
/* 4.1 u = u/2 */
if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
goto LBL_ERR;
}
/* 4.2 if B is odd then */
if (mp_isodd (&B) == 1) {
if (mp_isodd (&B) == MP_YES) {
if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) {
goto LBL_ERR;
}
@ -965,13 +965,13 @@ top:
}
/* 5. while v is even do */
while (mp_iseven (&v) == 1) {
while (mp_iseven (&v) == MP_YES) {
/* 5.1 v = v/2 */
if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
goto LBL_ERR;
}
/* 5.2 if D is odd then */
if (mp_isodd (&D) == 1) {
if (mp_isodd (&D) == MP_YES) {
/* D = (D-x)/2 */
if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) {
goto LBL_ERR;
@ -1005,7 +1005,7 @@ top:
}
/* if not zero goto step 4 */
if (mp_iszero (&u) == 0) {
if (mp_iszero (&u) == MP_NO) {
if (++loop_check > 4096) {
res = MP_VAL;
goto LBL_ERR;
@ -1055,7 +1055,7 @@ int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
int res;
/* b cannot be negative */
if (b->sign == MP_NEG || mp_iszero(b) == 1) {
if (b->sign == MP_NEG || mp_iszero(b) == MP_YES) {
return MP_VAL;
}
@ -1079,7 +1079,7 @@ int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
}
/* 2. [modified] if x,y are both even then return an error! */
if (mp_iseven (&x) == 1 && mp_iseven (&y) == 1) {
if (mp_iseven (&x) == MP_YES && mp_iseven (&y) == MP_YES) {
res = MP_VAL;
goto LBL_ERR;
}
@ -1096,13 +1096,13 @@ int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
top:
/* 4. while u is even do */
while (mp_iseven (&u) == 1) {
while (mp_iseven (&u) == MP_YES) {
/* 4.1 u = u/2 */
if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
goto LBL_ERR;
}
/* 4.2 if A or B is odd then */
if (mp_isodd (&A) == 1 || mp_isodd (&B) == 1) {
if (mp_isodd (&A) == MP_YES || mp_isodd (&B) == MP_YES) {
/* A = (A+y)/2, B = (B-x)/2 */
if ((res = mp_add (&A, &y, &A)) != MP_OKAY) {
goto LBL_ERR;
@ -1121,13 +1121,13 @@ top:
}
/* 5. while v is even do */
while (mp_iseven (&v) == 1) {
while (mp_iseven (&v) == MP_YES) {
/* 5.1 v = v/2 */
if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
goto LBL_ERR;
}
/* 5.2 if C or D is odd then */
if (mp_isodd (&C) == 1 || mp_isodd (&D) == 1) {
if (mp_isodd (&C) == MP_YES || mp_isodd (&D) == MP_YES) {
/* C = (C+y)/2, D = (D-x)/2 */
if ((res = mp_add (&C, &y, &C)) != MP_OKAY) {
goto LBL_ERR;
@ -1175,7 +1175,7 @@ top:
}
/* if not zero goto step 4 */
if (mp_iszero (&u) == 0)
if (mp_iszero (&u) == MP_NO)
goto top;
/* now a = C, b = D, gcd == g*v */
@ -1347,7 +1347,7 @@ int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
int res, n, n2;
/* is divisor zero ? */
if (mp_iszero (b) == 1) {
if (mp_iszero (b) == MP_YES) {
return MP_VAL;
}
@ -1427,7 +1427,7 @@ int mp_div_2(mp_int * a, mp_int * b)
oldused = b->used;
b->used = a->used;
{
register mp_digit r, rr, *tmpa, *tmpb;
mp_digit r, rr, *tmpa, *tmpb;
/* source alias */
tmpa = a->dp + b->used - 1;
@ -1463,7 +1463,7 @@ int mp_div_2(mp_int * a, mp_int * b)
/* high level addition (handles signs) */
int mp_add (mp_int * a, mp_int * b, mp_int * c)
{
int sa, sb, res;
int sa, sb, res;
/* get sign of both inputs */
sa = a->sign;
@ -1523,8 +1523,8 @@ int s_mp_add (mp_int * a, mp_int * b, mp_int * c)
c->used = max + 1;
{
register mp_digit u, *tmpa, *tmpb, *tmpc;
register int i;
mp_digit u, *tmpa, *tmpb, *tmpc;
int i;
/* alias for digit pointers */
@ -1599,8 +1599,8 @@ int s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
c->used = max;
{
register mp_digit u, *tmpa, *tmpb, *tmpc;
register int i;
mp_digit u, *tmpa, *tmpb, *tmpc;
int i;
/* alias for digit pointers */
tmpa = a->dp;
@ -2165,8 +2165,8 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* an array of double precision words W[...]
*/
{
register mp_word *_W;
register mp_digit *tmpx;
mp_word *_W;
mp_digit *tmpx;
/* alias for the W[] array */
_W = W;
@ -2195,7 +2195,7 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* by casting the value down to a mp_digit. Note this requires
* that W[ix-1] have the carry cleared (see after the inner loop)
*/
register mp_digit mu;
mp_digit mu;
mu = (mp_digit) (((W[ix] & MP_MASK) * rho) & MP_MASK);
/* a = a + mu * m * b**i
@ -2213,9 +2213,9 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* first m->used words of W[] have the carries fixed
*/
{
register int iy;
register mp_digit *tmpn;
register mp_word *_W;
int iy;
mp_digit *tmpn;
mp_word *_W;
/* alias for the digits of the modulus */
tmpn = n->dp;
@ -2238,8 +2238,8 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
* significant digits we zeroed].
*/
{
register mp_digit *tmpx;
register mp_word *_W, *_W1;
mp_digit *tmpx;
mp_word *_W, *_W1;
/* nox fix rest of carries */
@ -2334,9 +2334,9 @@ int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
/* a = a + mu * m * b**i */
{
register int iy;
register mp_digit *tmpn, *tmpx, u;
register mp_word r;
int iy;
mp_digit *tmpn, *tmpx, u;
mp_word r;
/* alias for digits of the modulus */
tmpn = n->dp;
@ -2643,16 +2643,56 @@ int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
return res;
}
if ((res = mp_mul (a, b, &t)) != MP_OKAY) {
mp_clear (&t);
return res;
res = mp_mul (a, b, &t);
if (res == MP_OKAY) {
res = mp_mod (&t, c, d);
}
res = mp_mod (&t, c, d);
mp_clear (&t);
return res;
}
/* d = a - b (mod c) */
int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
{
int res;
mp_int t;
if ((res = mp_init (&t)) != MP_OKAY) {
return res;
}
res = mp_sub (a, b, &t);
if (res == MP_OKAY) {
res = mp_mod (&t, c, d);
}
mp_clear (&t);
return res;
}
/* d = a + b (mod c) */
int mp_addmod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
{
int res;
mp_int t;
if ((res = mp_init (&t)) != MP_OKAY) {
return res;
}
res = mp_add (a, b, &t);
if (res == MP_OKAY) {
res = mp_mod (&t, c, d);
}
mp_clear (&t);
return res;
}
/* computes b = a*a */
int mp_sqr (mp_int * a, mp_int * b)
{
@ -2728,7 +2768,7 @@ int mp_mul_2(mp_int * a, mp_int * b)
b->used = a->used;
{
register mp_digit r, rr, *tmpa, *tmpb;
mp_digit r, rr, *tmpa, *tmpb;
/* alias for source */
tmpa = a->dp;
@ -2997,7 +3037,7 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
#else
mp_digit W[MP_WARRAY];
#endif
register mp_word _W;
mp_word _W;
/* grow the destination as required */
if (c->alloc < digs) {
@ -3055,7 +3095,7 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
c->used = pa;
{
register mp_digit *tmpc;
mp_digit *tmpc;
tmpc = c->dp;
for (ix = 0; ix < pa+1; ix++) {
/* now extract the previous digit [below the carry] */
@ -3234,7 +3274,6 @@ int mp_montgomery_calc_normalization (mp_int * a, mp_int * b)
bits = 1;
}
/* now compute C = A * B mod b */
for (x = bits - 1; x < (int)DIGIT_BIT; x++) {
if ((res = mp_mul_2 (a, a)) != MP_OKAY) {
@ -3777,7 +3816,7 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
c->used = pa;
{
register mp_digit *tmpc;
mp_digit *tmpc;
tmpc = c->dp + digs;
for (ix = digs; ix < pa; ix++) { /* TAO, <= could potentially overwrite */
@ -4034,12 +4073,12 @@ int mp_cnt_lsb(mp_int *a)
mp_digit q, qq;
/* easy out */
if (mp_iszero(a) == 1) {
if (mp_iszero(a) == MP_YES) {
return 0;
}
/* scan lower digits until non-zero */
for (x = 0; x < a->used && a->dp[x] == 0; x++);
for (x = 0; x < a->used && a->dp[x] == 0; x++) {}
q = a->dp[x];
x *= DIGIT_BIT;
@ -4089,7 +4128,7 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
}
/* quick outs */
if (b == 1 || mp_iszero(a) == 1) {
if (b == 1 || mp_iszero(a) == MP_YES) {
if (d != NULL) {
*d = 0;
}
@ -4539,7 +4578,7 @@ int mp_gcd (mp_int * a, mp_int * b, mp_int * c)
}
}
while (mp_iszero(&v) == 0) {
while (mp_iszero(&v) == MP_NO) {
/* make sure v is the largest */
if (mp_cmp_mag(&u, &v) == MP_GT) {
/* swap u and v to make sure v is >= u */
@ -4608,11 +4647,11 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
/* process each digit of the string */
while (*str) {
/* if the radix < 36 the conversion is case insensitive
/* if the radix <= 36 the conversion is case insensitive
* this allows numbers like 1AB and 1ab to represent the same value
* [e.g. in hex]
*/
ch = (char) ((radix < 36) ? XTOUPPER((unsigned char)*str) : *str);
ch = (radix <= 36) ? (char)XTOUPPER((unsigned char)*str) : *str;
for (y = 0; y < 64; y++) {
if (ch == mp_s_rmap[y]) {
break;
@ -4637,7 +4676,7 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
}
/* set the sign only if a != 0 */
if (mp_iszero(a) != 1) {
if (mp_iszero(a) != MP_YES) {
a->sign = neg;
}
return MP_OKAY;
@ -4717,7 +4756,7 @@ int mp_toradix (mp_int *a, char *str, int radix)
}
/* quick out if its zero */
if (mp_iszero(a) == 1) {
if (mp_iszero(a) == MP_YES) {
*str++ = '0';
*str = '\0';
return MP_OKAY;
@ -4735,7 +4774,7 @@ int mp_toradix (mp_int *a, char *str, int radix)
}
digs = 0;
while (mp_iszero (&t) == 0) {
while (mp_iszero (&t) == MP_NO) {
if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
mp_clear (&t);
return res;

20
wolfcrypt/src/srp.c
View File

@ -428,7 +428,7 @@ int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size)
if (!srp || !verifier || !size || srp->side != SRP_CLIENT_SIDE)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
if (mp_iszero(&srp->auth) == MP_YES)
return SRP_CALL_ORDER_E;
r = mp_init(&v);
@ -462,7 +462,7 @@ int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size)
if (!srp || !private || !size)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
if (mp_iszero(&srp->auth) == MP_YES)
return SRP_CALL_ORDER_E;
r = mp_init(&p);
@ -470,7 +470,7 @@ int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size)
return MP_INIT_E;
if (!r) r = mp_read_unsigned_bin(&p, private, size);
if (!r) r = mp_mod(&p, &srp->N, &srp->priv);
if (!r) r = mp_iszero(&srp->priv) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_iszero(&srp->priv) == MP_YES ? SRP_BAD_KEY_E : 0;
mp_clear(&p);
@ -499,7 +499,7 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
if (!srp || !pub || !size)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
if (mp_iszero(&srp->auth) == MP_YES)
return SRP_CALL_ORDER_E;
modulusSz = mp_unsigned_bin_size(&srp->N);
@ -511,7 +511,7 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
return MP_INIT_E;
/* priv = random() */
if (mp_iszero(&srp->priv))
if (mp_iszero(&srp->priv) == MP_YES)
r = wc_SrpGenPrivate(srp, pub, modulusSz);
/* client side: A = g ^ a % N */
@ -524,7 +524,7 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
if (mp_init_multi(&i, &j, 0, 0, 0, 0) == MP_OKAY) {
if (!r) r = mp_read_unsigned_bin(&i, srp->k,SrpHashSize(srp->type));
if (!r) r = mp_iszero(&i) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_iszero(&i) == MP_YES ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, &pubkey);
if (!r) r = mp_mulmod(&i, &srp->auth, &srp->N, &j);
if (!r) r = mp_add(&j, &pubkey, &i);
@ -601,7 +601,7 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|| !serverPubKey || serverPubKeySz == 0)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->priv))
if (mp_iszero(&srp->priv) == MP_YES)
return SRP_CALL_ORDER_E;
/* initializing variables */
@ -642,11 +642,11 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
/* temp1 = B - k * v; rejects k == 0, B == 0 and B >= N. */
r = mp_read_unsigned_bin(&temp1, srp->k, digestSz);
if (!r) r = mp_iszero(&temp1) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_iszero(&temp1) == MP_YES ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_exptmod(&srp->g, &srp->auth, &srp->N, &temp2);
if (!r) r = mp_mulmod(&temp1, &temp2, &srp->N, &s);
if (!r) r = mp_read_unsigned_bin(&temp2, serverPubKey, serverPubKeySz);
if (!r) r = mp_iszero(&temp2) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_iszero(&temp2) == MP_YES ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_cmp(&temp2, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_sub(&temp2, &s, &temp1);
@ -663,7 +663,7 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
/* temp2 = A * temp1 % N; rejects A == 0, A >= N */
if (!r) r = mp_read_unsigned_bin(&s, clientPubKey, clientPubKeySz);
if (!r) r = mp_iszero(&s) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_iszero(&s) == MP_YES ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_cmp(&s, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_mulmod(&s, &temp1, &srp->N, &temp2);

105
wolfcrypt/src/tfm.c
View File

@ -104,7 +104,7 @@ void fp_add(fp_int *a, fp_int *b, fp_int *c)
void s_fp_add(fp_int *a, fp_int *b, fp_int *c)
{
int x, y, oldused;
register fp_word t;
fp_word t;
y = MAX(a->used, b->used);
oldused = MIN(c->used, FP_SIZE); /* help static analysis w/ largest size */
@ -323,7 +323,7 @@ void fp_mul_2(fp_int * a, fp_int * b)
b->used = a->used;
{
register fp_digit r, rr, *tmpa, *tmpb;
fp_digit r, rr, *tmpa, *tmpb;
/* alias for source */
tmpa = a->dp;
@ -498,8 +498,9 @@ void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
/* execute loop */
COMBA_FORWARD;
for (iz = 0; iz < iy; ++iz) {
/* TAO change COMBA_ADD back to MULADD */
MULADD(*tmpx++, *tmpy--);
fp_digit _tmpx = *tmpx++;
fp_digit _tmpy = *tmpy--;
MULADD(_tmpx, _tmpy);
}
/* store term */
@ -662,7 +663,7 @@ void fp_div_2(fp_int * a, fp_int * b)
oldused = b->used;
b->used = a->used;
{
register fp_digit r, rr, *tmpa, *tmpb;
fp_digit r, rr, *tmpa, *tmpb;
/* source alias */
tmpa = a->dp + b->used - 1;
@ -983,10 +984,55 @@ top:
/* d = a * b (mod c) */
int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
{
fp_int tmp;
fp_init(&tmp);
fp_mul(a, b, &tmp);
return fp_mod(&tmp, c, d);
int err;
fp_int t;
fp_init(&t);
fp_mul(a, b, &t);
#ifdef ALT_ECC_SIZE
err = fp_mod(&t, c, &t);
fp_copy(&t, d);
#else
err = fp_mod(&t, c, d);
#endif
return err;
}
/* d = a - b (mod c) */
int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
{
int err;
fp_int t;
fp_init(&t);
fp_sub(a, b, &t);
#ifdef ALT_ECC_SIZE
err = fp_mod(&t, c, &t);
fp_copy(&t, d);
#else
err = fp_mod(&t, c, d);
#endif
return err;
}
/* d = a + b (mod c) */
int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
{
int err;
fp_int t;
fp_init(&t);
fp_add(a, b, &t);
#ifdef ALT_ECC_SIZE
err = fp_mod(&t, c, &t);
fp_copy(&t, d);
#else
err = fp_mod(&t, c, d);
#endif
return err;
}
#ifdef TFM_TIMING_RESISTANT
@ -1056,7 +1102,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
return FP_OKAY;
}
#else
#else /* TFM_TIMING_RESISTANT */
/* y = g**x (mod b)
* Some restrictions... x must be positive and < b
@ -1750,13 +1796,13 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
_c = c + x;
tmpm = m->dp;
y = 0;
#if (defined(TFM_SSE2) || defined(TFM_X86_64))
#if defined(INNERMUL8)
for (; y < (pa & ~7); y += 8) {
INNERMUL8 ;
_c += 8;
tmpm += 8;
}
#endif
#endif
for (; y < pa; y++) {
INNERMUL;
++_c;
@ -1791,7 +1837,7 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
}
}
void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c)
void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
{
/* zero the int */
fp_zero (a);
@ -1978,7 +2024,7 @@ void fp_lshd(fp_int *a, int x)
/* right shift by bit count */
void fp_rshb(fp_int *c, int x)
{
register fp_digit *tmpc, mask, shift;
fp_digit *tmpc, mask, shift;
fp_digit r, rr;
fp_digit D = x;
@ -2057,6 +2103,7 @@ void fp_sub_d(fp_int *a, fp_digit b, fp_int *c)
fp_init(&tmp);
fp_set(&tmp, b);
fp_sub(a, &tmp, c);
fp_clear(&tmp);
}
@ -2146,6 +2193,18 @@ int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
return fp_mulmod(a, b, c, d);
}
/* d = a - b (mod c) */
int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
{
return fp_submod(a, b, c, d);
}
/* d = a + b (mod c) */
int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
{
return fp_addmod(a, b, c, d);
}
/* c = a mod b, 0 <= c < b */
int mp_mod (mp_int * a, mp_int * b, mp_int * c)
{
@ -2196,7 +2255,7 @@ int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
/* reads a unsigned char array, assumes the msb is stored first [big endian] */
int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
{
fp_read_unsigned_bin(a, (unsigned char *)b, c);
fp_read_unsigned_bin(a, b, c);
return MP_OKAY;
}
@ -2263,6 +2322,10 @@ int mp_iszero(mp_int* a)
return fp_iszero(a);
}
int mp_isneg(mp_int* a)
{
return fp_isneg(a);
}
int mp_count_bits (mp_int* a)
{
@ -2778,7 +2841,7 @@ void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
fp_int tmp;
fp_init(&tmp);
fp_set(&tmp, b);
fp_add(a,&tmp,c);
fp_add(a, &tmp, c);
}
/* external compatibility */
@ -2804,6 +2867,9 @@ static int fp_read_radix(fp_int *a, const char *str, int radix)
int y, neg;
char ch;
/* set the integer to the default of zero */
fp_zero (a);
/* make sure the radix is ok */
if (radix < 2 || radix > 64) {
return FP_VAL;
@ -2819,16 +2885,13 @@ static int fp_read_radix(fp_int *a, const char *str, int radix)
neg = FP_ZPOS;
}
/* set the integer to the default of zero */
fp_zero (a);
/* process each digit of the string */
while (*str) {
/* if the radix < 36 the conversion is case insensitive
/* if the radix <= 36 the conversion is case insensitive
* this allows numbers like 1AB and 1ab to represent the same value
* [e.g. in hex]
*/
ch = (char) ((radix < 36) ? XTOUPPER((unsigned char)*str) : *str);
ch = (char)((radix <= 36) ? XTOUPPER((unsigned char)*str) : *str);
for (y = 0; y < 64; y++) {
if (ch == fp_s_rmap[y]) {
break;

106
wolfcrypt/test/test.c
View File

@ -253,6 +253,9 @@ int idea_test(void);
#define FOURK_BUF 4096
#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
static int err_sys(const char* msg, int es)
{
@ -6466,7 +6469,7 @@ static int ecc_test_vector(int keySize)
vec.d = "e14f37b3d1374ff8b03f41b9b3fdd2f0ebccf275d660d7f3";
vec.R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
vec.S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
vec.curveName = "ECC-192";
vec.curveName = "SECP192R1";
break;
#endif /* HAVE_ECC192 */
@ -6494,7 +6497,7 @@ static int ecc_test_vector(int keySize)
vec.d = "97c4b796e1639dd1035b708fc00dc7ba1682cec44a1002a1a820619f";
vec.R = "147b33758321e722a0360a4719738af848449e2c1d08defebc1671a7";
vec.S = "24fc7ed7f1352ca3872aa0916191289e2e04d454935d50fe6af3ad5b";
vec.curveName = "ECC-224";
vec.curveName = "SECP224R1";
break;
#endif /* HAVE_ECC224 */
@ -6522,7 +6525,7 @@ static int ecc_test_vector(int keySize)
vec.d = "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
vec.R = "2b826f5d44e2d0b6de531ad96b51e8f0c56fdfead3c236892e4d84eacfc3b75c";
vec.S = "a2248b62c03db35a7cd63e8a120a3521a89d3d2f61ff99035a2148ae32e3a248";
vec.curveName = "nistp256";
vec.curveName = "SECP256R1";
break;
#endif /* !NO_ECC256 */
@ -6550,7 +6553,7 @@ static int ecc_test_vector(int keySize)
vec.d = "a492ce8fa90084c227e1a32f7974d39e9ff67a7e8705ec3419b35fb607582bebd461e0b1520ac76ec2dd4e9b63ebae71";
vec.R = "6820b8585204648aed63bdff47f6d9acebdea62944774a7d14f0e14aa0b9a5b99545b2daee6b3c74ebf606667a3f39b7";
vec.S = "491af1d0cccd56ddd520b233775d0bc6b40a6255cc55207d8e9356741f23c96c14714221078dbd5c17f4fdd89b32a907";
vec.curveName = "nistp384";
vec.curveName = "SECP384R1";
break;
#endif /* HAVE_ECC384 */
@ -6578,7 +6581,7 @@ static int ecc_test_vector(int keySize)
vec.d = "1bd56bd106118eda246155bd43b42b8e13f0a6e25dd3bb376026fab4dc92b6157bc6dfec2d15dd3d0cf2a39aa68494042af48ba9601118da82c6f2108a3a203ad74";
vec.R = "0bd117b4807710898f9dd7778056485777668f0e78e6ddf5b000356121eb7a220e9493c7f9a57c077947f89ac45d5acb6661bbcd17abb3faea149ba0aa3bb1521be";
vec.S = "019cd2c5c3f9870ecdeb9b323abdf3a98cd5e231d85c6ddc5b71ab190739f7f226e6b134ba1d5889ddeb2751dabd97911dff90c34684cdbe7bb669b6c3d22f2480c";
vec.curveName = "nistp521";
vec.curveName = "SECP521R1";
break;
#endif /* HAVE_ECC521 */
default:
@ -6672,7 +6675,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
}
#endif /* WOLFSSL_KEY_GEN */
static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
int testCompressedKey)
int testCompressedKey, const ecc_set_type* dp)
{
#ifdef BENCH_EMBEDDED
byte sharedA[128]; /* Needs to be at least keySize */
@ -6700,34 +6703,34 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
wc_ecc_init(&userB);
wc_ecc_init(&pubKey);
ret = wc_ecc_make_key(rng, keySize, &userA);
ret = wc_ecc_make_key_ex(rng, keySize, &userA, dp);
if (ret != 0)
return -1014;
ERROR_OUT(-1014, done);
ret = wc_ecc_check_key(&userA);
if (ret != 0)
return -1023;
ERROR_OUT(-1023, done);
ret = wc_ecc_make_key(rng, keySize, &userB);
ret = wc_ecc_make_key_ex(rng, keySize, &userB, dp);
if (ret != 0)
return -1002;
ERROR_OUT(-1002, done);
#ifdef HAVE_ECC_DHE
x = sizeof(sharedA);
ret = wc_ecc_shared_secret(&userA, &userB, sharedA, &x);
if (ret != 0)
return -1015;
ERROR_OUT(-1015, done);
y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &userA, sharedB, &y);
if (ret != 0)
return -1003;
ERROR_OUT(-1003, done);
if (y != x)
return -1004;
ERROR_OUT(-1004, done);
if (memcmp(sharedA, sharedB, x))
return -1005;
ERROR_OUT(-1005, done);
#endif /* HAVE_ECC_DHE */
#ifdef HAVE_ECC_KEY_EXPORT
@ -6735,21 +6738,21 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
ret = wc_ecc_export_x963(&userA, exportBuf, &x);
if (ret != 0)
return -1006;
ERROR_OUT(-1006, done);
#ifdef HAVE_ECC_KEY_IMPORT
ret = wc_ecc_import_x963(exportBuf, x, &pubKey);
ret = wc_ecc_import_x963_ex(exportBuf, x, &pubKey, dp);
if (ret != 0)
return -1007;
ERROR_OUT(-1007, done);
#ifdef HAVE_ECC_DHE
y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
if (ret != 0)
return -1008;
ERROR_OUT(-1008, done);
if (memcmp(sharedA, sharedB, y))
return -1009;
ERROR_OUT(-1009, done);
#endif /* HAVE_ECC_DHE */
if (testCompressedKey) {
@ -6759,22 +6762,22 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
ret = wc_ecc_export_x963_ex(&userA, exportBuf, &x, 1);
if (ret != 0)
return -1010;
ERROR_OUT(-1010, done);
wc_ecc_free(&pubKey);
wc_ecc_init(&pubKey);
ret = wc_ecc_import_x963(exportBuf, x, &pubKey);
if (ret != 0)
return -1011;
ERROR_OUT(-1011, done);
#ifdef HAVE_ECC_DHE
y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
if (ret != 0)
return -1012;
ERROR_OUT(-1012, done);
if (memcmp(sharedA, sharedB, y))
return -1013;
ERROR_OUT(-1013, done);
#endif /* HAVE_ECC_DHE */
#endif /* HAVE_COMP_KEY */
}
@ -6792,16 +6795,16 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, rng, &userA);
if (ret != 0)
return -1014;
ERROR_OUT(-1014, done);
#ifdef HAVE_ECC_VERIFY
for (i=0; i<testVerifyCount; i++) {
verify = 0;
ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
if (ret != 0)
return -1015;
ERROR_OUT(-1015, done);
if (verify != 1)
return -1016;
ERROR_OUT(-1016, done);
}
#endif /* HAVE_ECC_VERIFY */
@ -6814,16 +6817,16 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, rng, &userA);
if (ret != 0)
return -1014;
ERROR_OUT(-1014, done);
#ifdef HAVE_ECC_VERIFY
for (i=0; i<testVerifyCount; i++) {
verify = 0;
ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
if (ret != 0)
return -1015;
ERROR_OUT(-1015, done);
if (verify != 1)
return -1016;
ERROR_OUT(-1016, done);
}
#endif /* HAVE_ECC_VERIFY */
#endif /* HAVE_ECC_SIGN */
@ -6832,14 +6835,15 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
x = sizeof(exportBuf);
ret = wc_ecc_export_private_only(&userA, exportBuf, &x);
if (ret != 0)
return -1017;
ERROR_OUT(-1017, done);
#endif /* HAVE_ECC_KEY_EXPORT */
done:
wc_ecc_free(&pubKey);
wc_ecc_free(&userB);
wc_ecc_free(&userA);
return 0;
return ret;
}
#undef ECC_TEST_VERIFY_COUNT
@ -6854,7 +6858,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
}
ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT,
testCompressedKey);
testCompressedKey, NULL);
if (ret < 0) {
printf("ecc_test_curve_size %d failed!: %d\n", keySize, ret);
return ret;
@ -6891,37 +6895,58 @@ int ecc_test(void)
#if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
ret = ecc_test_curve(&rng, 24);
if (ret < 0) {
return ret;
goto done;
}
#endif /* HAVE_ECC192 */
#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
ret = ecc_test_curve(&rng, 28);
if (ret < 0) {
return ret;
goto done;
}
#endif /* HAVE_ECC224 */
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
ret = ecc_test_curve(&rng, 32);
if (ret < 0) {
return ret;
goto done;
}
#endif /* !NO_ECC256 */
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
ret = ecc_test_curve(&rng, 48);
if (ret < 0) {
return ret;
goto done;
}
#endif /* HAVE_ECC384 */
#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
ret = ecc_test_curve(&rng, 66);
if (ret < 0) {
return ret;
goto done;
}
#endif /* HAVE_ECC521 */
#if defined(WOLFSSL_CUSTOM_CURVES)
/* Test and demonstrate use of Brainpool256 curve */
const ecc_set_type ecc_cust_dp = {
32, /* size/bytes */
0, /* NID - not required */
"BRAINPOOLP256R1", /* curve name */
"A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", /* prime */
"7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", /* A */
"26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", /* B */
"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", /* order */
"8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", /* Gx */
"547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", /* Gy */
};
ret = ecc_test_curve_size(&rng, -1, ECC_TEST_VERIFY_COUNT, 0, &ecc_cust_dp);
if (ret < 0) {
printf("ecc_test_curve_size custom failed!: %d\n", ret);
goto done;
}
#endif
done:
wc_FreeRng(&rng);
return 0;
return ret;
}
#ifdef HAVE_ECC_ENCRYPT
@ -8293,6 +8318,9 @@ int pkcs7signed_test(void)
}
#endif /* HAVE_PKCS7 */
#undef ERROR_OUT
#else
#ifndef NO_MAIN_DRIVER
int main() { return 0; }

6
wolfssl/openssl/ec.h
View File

@ -16,9 +16,9 @@ enum {
NID_secp112r1 = 0,
NID_secp128r1 = 1,
NID_secp160r1 = 2,
NID_cert192 = 3,
NID_cert224 = 4,
NID_X9_62_prime256v1 = 5,
NID_secp192k1 = 3,
NID_secp224r1 = 4,
NID_secp256k1 = 5,
NID_secp384r1 = 6,
NID_secp521r1 = 7,
NID_X9_62_prime_field = 100,

15
wolfssl/wolfcrypt/ecc.h
View File

@ -60,6 +60,8 @@ typedef struct {
const char* Gy; /* y coordinate of the base point on curve (hex) */
} ecc_set_type;
#define ECC_CUSTOM_IDX (-1)
/* Determine max ECC bits based on enabled curves */
#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
@ -177,6 +179,9 @@ extern const ecc_set_type ecc_sets[];
WOLFSSL_API
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_API
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
const ecc_set_type* dp);
WOLFSSL_API
int wc_ecc_check_key(ecc_key* key);
#ifdef HAVE_ECC_DHE
@ -233,11 +238,11 @@ WOLFSSL_API
int wc_ecc_is_valid_idx(int n);
WOLFSSL_API
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map);
mp_int* a, mp_int* modulus, int map);
WOLFSSL_LOCAL
int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map, void* heap);
mp_int* a, mp_int* modulus, int map, void* heap);
#ifdef HAVE_ECC_KEY_EXPORT
/* ASN key helpers */
WOLFSSL_API
@ -251,6 +256,9 @@ int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
WOLFSSL_API
int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
WOLFSSL_API
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
const ecc_set_type* dp);
WOLFSSL_API
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
WOLFSSL_API
@ -258,6 +266,9 @@ int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
WOLFSSL_API
int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
const char* d, const char* curveName);
WOLFSSL_API
int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
const char* d, const ecc_set_type* dp);
#endif /* HAVE_ECC_KEY_IMPORT */
#ifdef HAVE_ECC_KEY_EXPORT

8
wolfssl/wolfcrypt/integer.h
View File

@ -196,10 +196,10 @@ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
/* ---> Basic Manipulations <--- */
#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
#define mp_iseven(a) \
(((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
(((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO)
#define mp_isodd(a) \
(((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
(((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
#define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
/* number of primes */
#ifdef MP_8BIT
@ -296,6 +296,8 @@ int mp_mul_2(mp_int * a, mp_int * b);
int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_sqr (mp_int * a, mp_int * b);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
int mp_2expt (mp_int * a, int b);
int mp_set_bit (mp_int * a, int b);

40
wolfssl/wolfcrypt/tfm.h
View File

@ -383,6 +383,7 @@ typedef struct {
#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO)
#define fp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO)
#define fp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO)
#define fp_isneg(a) (((a)->sign != 0) ? FP_YES : FP_NO)
/* set to a small digit */
void fp_set(fp_int *a, fp_digit b);
@ -480,6 +481,12 @@ void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
/* d = a * b (mod c) */
int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* d = a - b (mod c) */
int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* d = a + b (mod c) */
int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/* c = a * a (mod b) */
int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
@ -527,16 +534,16 @@ int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
/*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/
/* radix conersions */
/* radix conversions */
int fp_count_bits(fp_int *a);
int fp_leading_bit(fp_int *a);
int fp_unsigned_bin_size(fp_int *a);
void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c);
void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
void fp_to_unsigned_bin(fp_int *a, unsigned char *b);
/*int fp_signed_bin_size(fp_int *a);*/
/*void fp_read_signed_bin(fp_int *a, unsigned char *b, int c);*/
/*void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c);*/
/*void fp_to_signed_bin(fp_int *a, unsigned char *b);*/
/*int fp_read_radix(fp_int *a, char *str, int radix);*/
@ -591,20 +598,20 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
*/
/* Types */
typedef fp_digit mp_digit;
typedef fp_word mp_word;
typedef fp_int mp_int;
typedef fp_digit mp_digit;
typedef fp_word mp_word;
typedef fp_int mp_int;
/* Constants */
#define MP_LT FP_LT /* less than */
#define MP_EQ FP_EQ /* equal to */
#define MP_GT FP_GT /* greater than */
#define MP_VAL FP_VAL /* invalid */
#define MP_MEM FP_MEM /* memory error */
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
#define MP_OKAY FP_OKAY /* ok result */
#define MP_NO FP_NO /* yes/no result */
#define MP_YES FP_YES /* yes/no result */
#define MP_LT FP_LT /* less than */
#define MP_EQ FP_EQ /* equal to */
#define MP_GT FP_GT /* greater than */
#define MP_VAL FP_VAL /* invalid */
#define MP_MEM FP_MEM /* memory error */
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
#define MP_OKAY FP_OKAY /* ok result */
#define MP_NO FP_NO /* yes/no result */
#define MP_YES FP_YES /* yes/no result */
/* Prototypes */
#define mp_zero(a) fp_zero(a)
@ -620,6 +627,8 @@ int mp_add_d (mp_int * a, mp_digit b, mp_int * c);
int mp_mul (mp_int * a, mp_int * b, mp_int * c);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
int mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
int mp_mod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
@ -637,6 +646,7 @@ int mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
int mp_copy(fp_int* a, fp_int* b);
int mp_isodd(mp_int* a);
int mp_iszero(mp_int* a);
int mp_isneg(mp_int* a);
int mp_count_bits(mp_int *a);
int mp_leading_bit(mp_int *a);
int mp_set_int(mp_int *a, mp_digit b);