RetroArch
Functions
ecdsa.c File Reference
#include "mbedtls/config.h"
#include "mbedtls/ecdsa.h"
#include "mbedtls/asn1write.h"
#include <string.h>
#include "mbedtls/hmac_drbg.h"
Include dependency graph for ecdsa.c:

Functions

static int derive_mpi (const mbedtls_ecp_group *grp, mbedtls_mpi *x, const unsigned char *buf, size_t blen)
 
int mbedtls_ecdsa_sign (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Compute ECDSA signature of a previously hashed message. More...
 
int mbedtls_ecdsa_sign_det (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg)
 Compute ECDSA signature of a previously hashed message, deterministic version (RFC 6979). More...
 
int mbedtls_ecdsa_verify (mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
 Verify ECDSA signature of a previously hashed message. More...
 
static int ecdsa_signature_to_asn1 (const mbedtls_mpi *r, const mbedtls_mpi *s, unsigned char *sig, size_t *slen)
 
int mbedtls_ecdsa_write_signature (mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. (Not thread-safe to use same context in multiple threads) More...
 
int mbedtls_ecdsa_write_signature_det (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg)
 Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. Deterministic version, RFC 6979. (Not thread-safe to use same context in multiple threads) More...
 
int mbedtls_ecdsa_read_signature (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
 Read and verify an ECDSA signature. More...
 
int mbedtls_ecdsa_genkey (mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate an ECDSA keypair on the given curve. More...
 
int mbedtls_ecdsa_from_keypair (mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key)
 Set an ECDSA context from an EC key pair. More...
 
void mbedtls_ecdsa_init (mbedtls_ecdsa_context *ctx)
 Initialize context. More...
 
void mbedtls_ecdsa_free (mbedtls_ecdsa_context *ctx)
 Free context. More...
 

Function Documentation

◆ derive_mpi()

static int derive_mpi ( const mbedtls_ecp_group grp,
mbedtls_mpi x,
const unsigned char *  buf,
size_t  blen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ecdsa_signature_to_asn1()

static int ecdsa_signature_to_asn1 ( const mbedtls_mpi r,
const mbedtls_mpi s,
unsigned char *  sig,
size_t *  slen 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_free()

void mbedtls_ecdsa_free ( mbedtls_ecdsa_context ctx)

Free context.

Parameters
ctxContext to free
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_from_keypair()

int mbedtls_ecdsa_from_keypair ( mbedtls_ecdsa_context ctx,
const mbedtls_ecp_keypair key 
)

Set an ECDSA context from an EC key pair.

Parameters
ctxECDSA context to set
keyEC key to use
Returns
0 on success, or a MBEDTLS_ERR_ECP_XXX code.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_genkey()

int mbedtls_ecdsa_genkey ( mbedtls_ecdsa_context ctx,
mbedtls_ecp_group_id  gid,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Generate an ECDSA keypair on the given curve.

Parameters
ctxECDSA context in which the keypair should be stored
gidGroup (elliptic curve) to use. One of the various MBEDTLS_ECP_DP_XXX macros depending on configuration.
f_rngRNG function
p_rngRNG parameter
Returns
0 on success, or a MBEDTLS_ERR_ECP_XXX code.
Here is the call graph for this function:

◆ mbedtls_ecdsa_init()

void mbedtls_ecdsa_init ( mbedtls_ecdsa_context ctx)

Initialize context.

Parameters
ctxContext to initialize
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_read_signature()

int mbedtls_ecdsa_read_signature ( mbedtls_ecdsa_context ctx,
const unsigned char *  hash,
size_t  hlen,
const unsigned char *  sig,
size_t  slen 
)

Read and verify an ECDSA signature.

Parameters
ctxECDSA context
hashMessage hash
hlenSize of hash
sigSignature to read and verify
slenSize of sig
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.4 step 3.
Returns
0 if successful, MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid, MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is valid but its actual length is less than siglen, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_sign()

int mbedtls_ecdsa_sign ( mbedtls_ecp_group grp,
mbedtls_mpi r,
mbedtls_mpi s,
const mbedtls_mpi d,
const unsigned char *  buf,
size_t  blen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Compute ECDSA signature of a previously hashed message.

Note
The deterministic version is usually prefered.
Parameters
grpECP group
rFirst output integer
sSecond output integer
dPrivate signing key
bufMessage hash
blenLength of buf
f_rngRNG function
p_rngRNG parameter
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_sign_det()

int mbedtls_ecdsa_sign_det ( mbedtls_ecp_group grp,
mbedtls_mpi r,
mbedtls_mpi s,
const mbedtls_mpi d,
const unsigned char *  buf,
size_t  blen,
mbedtls_md_type_t  md_alg 
)

Compute ECDSA signature of a previously hashed message, deterministic version (RFC 6979).

Parameters
grpECP group
rFirst output integer
sSecond output integer
dPrivate signing key
bufMessage hash
blenLength of buf
md_algMD algorithm used to hash the message
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_verify()

int mbedtls_ecdsa_verify ( mbedtls_ecp_group grp,
const unsigned char *  buf,
size_t  blen,
const mbedtls_ecp_point Q,
const mbedtls_mpi r,
const mbedtls_mpi s 
)

Verify ECDSA signature of a previously hashed message.

Parameters
grpECP group
bufMessage hash
blenLength of buf
QPublic key to use for verification
rFirst integer of the signature
sSecond integer of the signature
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.4 step 3.
Returns
0 if successful, MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_write_signature()

int mbedtls_ecdsa_write_signature ( mbedtls_ecdsa_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hlen,
unsigned char *  sig,
size_t *  slen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. (Not thread-safe to use same context in multiple threads)

Note
The deterministic version (RFC 6979) is used if MBEDTLS_ECDSA_DETERMINISTIC is defined.
Parameters
ctxECDSA context
md_algAlgorithm that was used to hash the message
hashMessage hash
hlenLength of hash
sigBuffer that will hold the signature
slenLength of the signature written
f_rngRNG function
p_rngRNG parameter
Note
The "sig" buffer must be at least as large as twice the size of the curve used, plus 9 (eg. 73 bytes if a 256-bit curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_write_signature_det()

int mbedtls_ecdsa_write_signature_det ( mbedtls_ecdsa_context ctx,
const unsigned char *  hash,
size_t  hlen,
unsigned char *  sig,
size_t *  slen,
mbedtls_md_type_t  md_alg 
)

Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. Deterministic version, RFC 6979. (Not thread-safe to use same context in multiple threads)

Deprecated:
Superseded by mbedtls_ecdsa_write_signature() in 2.0.0
Parameters
ctxECDSA context
hashMessage hash
hlenLength of hash
sigBuffer that will hold the signature
slenLength of the signature written
md_algMD algorithm used to hash the message
Note
The "sig" buffer must be at least as large as twice the size of the curve used, plus 9 (eg. 73 bytes if a 256-bit curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
Here is the call graph for this function:
Generated by   doxygen 1.8.15