commit 0082f9df6f26b982f74a3301399f66ba7a6eb039
author Christoph M. Wintersteiger <cwinter@microsoft.com> Mon Jan 07 13:47:30 2019 +0000
committer Janos Follath <janos.follath@arm.com> Mon Aug 19 13:36:44 2019 +0100
tree 81ab6f08274e8f9e814c430442628e42bbe6bfa2
parent 8a0f5bb3c11196a5bc0df6393a47e56c40adb7ac

ECDSA: Add mbedtls_ecdsa_can_do

include/mbedtls/ecdsa.h

diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
old mode 100644
new mode 100755
index effbb1e..e19d8d1
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -126,6 +126,16 @@
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 /**
+ * \brief          This function checks whether a given group can be used
+ *                 for ECDSA.
+ *
+ * \param gid      The ECP group ID to check.
+ *
+ * \return         \c 1 if the group can be used, \c 0 otherwise
+ */
+int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
+
+/**
  * \brief           This function computes the ECDSA signature of a
  *                  previously-hashed message.
  *
@@ -469,7 +479,6 @@
                           const unsigned char *hash, size_t hlen,
                           const unsigned char *sig, size_t slen,
                           mbedtls_ecdsa_restart_ctx *rs_ctx );
-
 /**
  * \brief          This function generates an ECDSA keypair on the given curve.
  *

library/ecdsa.c

diff --git a/library/ecdsa.c b/library/ecdsa.c
old mode 100644
new mode 100755
index 2daabee..f346526
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -263,9 +263,7 @@
     mbedtls_mpi *pk = &k, *pr = r;
 
     /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
-    if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ||
-        grp->id == MBEDTLS_ECP_DP_CURVE448 ||
-        grp->N.p == NULL )
+    if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
         return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
 
     /* Make sure d is in range 1..n-1 */
@@ -380,6 +378,20 @@
     return( ret );
 }
 
+int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid )
+{
+    switch( gid )
+    {
+#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED
+    case MBEDTLS_ECP_DP_CURVE25519: return 0;
+#endif
+#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED
+    case MBEDTLS_ECP_DP_CURVE448: return 0;
+#endif
+    default: return 1;
+    }
+}
+
 /*
  * Compute ECDSA signature of a hashed message
  */
@@ -504,7 +516,7 @@
     mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
 
     /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
-    if( grp->N.p == NULL )
+    if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
         return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
 
     ECDSA_RS_ENTER( ver );

programs/test/benchmark.c

diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 0d4837f..a53851a 100755
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -835,6 +835,9 @@
              curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
              curve_info++ )
         {
+            if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 )
+                continue;
+
             mbedtls_ecdsa_init( &ecdsa );
 
             if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
@@ -854,6 +857,9 @@
              curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
              curve_info++ )
         {
+            if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 )
+                continue;
+
             mbedtls_ecdsa_init( &ecdsa );
 
             if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||