wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve code comments to explain FP_ECC limitation for SECP160R1, SECP160R2, SECP160K1 and SECP224K1.

Browse Source
This commit is contained in:
David Garske
2021-06-08 08:41:36 -07:00
parent 6bf9a887e1
commit de70681229
1 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
wolfcrypt/src/ecc.c
View File

@@ -49,17 +49,21 @@ Possible ECC enable options:
* Includes the curve "a" variable in calculation * Includes the curve "a" variable in calculation
* ECC_DUMP_OID: Enables dump of OID encoding and sum default: off * ECC_DUMP_OID: Enables dump of OID encoding and sum default: off
* ECC_CACHE_CURVE: Enables cache of curve info to improve performance * ECC_CACHE_CURVE: Enables cache of curve info to improve performance
default: off * default: off
* FP_ECC: ECC Fixed Point Cache default: off * FP_ECC: ECC Fixed Point Cache default: off
* FP cache is not supported for SECP160R1, SECP160R2,
* SECP160K1 and SECP224K1. These do not work with scalars
* that are the length of the order when the order is
* longer than the prime.
* USE_ECC_B_PARAM: Enable ECC curve B param default: off * USE_ECC_B_PARAM: Enable ECC curve B param default: off
(on for HAVE_COMP_KEY) * (on for HAVE_COMP_KEY)
* WOLFSSL_ECC_CURVE_STATIC: default off (on for windows) * WOLFSSL_ECC_CURVE_STATIC: default off (on for windows)
For the ECC curve paramaters `ecc_set_type` use fixed * For the ECC curve paramaters `ecc_set_type` use fixed
array for hex string * array for hex string
* WC_ECC_NONBLOCK: Enable non-blocking support for sign/verify. * WC_ECC_NONBLOCK: Enable non-blocking support for sign/verify.
Requires SP with WOLFSSL_SP_NONBLOCK * Requires SP with WOLFSSL_SP_NONBLOCK
* WC_ECC_NONBLOCK_ONLY Enable the non-blocking function only, no fall-back to * WC_ECC_NONBLOCK_ONLY Enable the non-blocking function only, no fall-back to
normal blocking API's * normal blocking API's
* WOLFSSL_ECDSA_SET_K: Enables the setting of the 'k' value to use during ECDSA * WOLFSSL_ECDSA_SET_K: Enables the setting of the 'k' value to use during ECDSA
* signing. If the value is invalid, a new random 'k' is * signing. If the value is invalid, a new random 'k' is
* generated in the loop. (For testing) * generated in the loop. (For testing)
@@ -342,7 +346,7 @@ enum {
#endif #endif
#define ecc_oid_secp160k1_sz CODED_SECP160K1_SZ #define ecc_oid_secp160k1_sz CODED_SECP160K1_SZ
#endif /* HAVE_ECC_KOBLITZ */ #endif /* HAVE_ECC_KOBLITZ */
#endif #endif /* !FP_ECC */
#ifdef HAVE_ECC_BRAINPOOL #ifdef HAVE_ECC_BRAINPOOL
#ifdef HAVE_OID_ENCODING #ifdef HAVE_OID_ENCODING
#define CODED_BRAINPOOLP160R1 {1,3,36,3,3,2,8,1,1,1} #define CODED_BRAINPOOLP160R1 {1,3,36,3,3,2,8,1,1,1}
@@ -466,7 +470,7 @@ enum {
#define ecc_oid_secp224k1 CODED_SECP224K1 #define ecc_oid_secp224k1 CODED_SECP224K1
#endif #endif
#define ecc_oid_secp224k1_sz CODED_SECP224K1_SZ #define ecc_oid_secp224k1_sz CODED_SECP224K1_SZ
#endif /* HAVE_ECC_KOBLITZ */ #endif /* HAVE_ECC_KOBLITZ && !FP_ECC */
#ifdef HAVE_ECC_BRAINPOOL #ifdef HAVE_ECC_BRAINPOOL
#ifdef HAVE_OID_ENCODING #ifdef HAVE_OID_ENCODING
#define CODED_BRAINPOOLP224R1 {1,3,36,3,3,2,8,1,1,5} #define CODED_BRAINPOOLP224R1 {1,3,36,3,3,2,8,1,1,5}
@@ -792,7 +796,7 @@ const ecc_set_type ecc_sets[] = {
1, /* cofactor */ 1, /* cofactor */
}, },
#endif /* HAVE_ECC_KOBLITZ */ #endif /* HAVE_ECC_KOBLITZ */
#endif #endif /* !FP_ECC */
#ifdef HAVE_ECC_BRAINPOOL #ifdef HAVE_ECC_BRAINPOOL
{ {
20, /* size/bytes */ 20, /* size/bytes */