commit c8dc295e8363deacb511f051d01bd13280b752be
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jul 01 14:06:13 2013 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jul 08 15:31:18 2013 +0200
tree e845adbf7c391e2ae0598aa8cab99fbc05bf876b
parent b8c6e0e3e9eee83c481aef30d78296d612301e81

Add ecp_check_prvkey, with test

Also group key checking and generation functions in ecp.h and ecp.c.

library/ecp.c

diff --git a/library/ecp.c b/library/ecp.c
index 216fc43..29cfce5 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -728,51 +728,6 @@
         MPI_CHK( mpi_sub_mpi( &N, &N, &grp->P ) )
 
 /*
- * Check that a point is valid as a public key (SEC1 3.2.3.1)
- */
-int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
-{
-    int ret;
-    mpi YY, RHS;
-
-    if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
-        return( POLARSSL_ERR_ECP_GENERIC );
-
-    /*
-     * pt coordinates must be normalized for our checks
-     */
-    if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
-        return( POLARSSL_ERR_ECP_GENERIC );
-
-    if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
-        mpi_cmp_int( &pt->Y, 0 ) < 0 ||
-        mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
-        mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
-        return( POLARSSL_ERR_ECP_GENERIC );
-
-    mpi_init( &YY ); mpi_init( &RHS );
-
-    /*
-     * YY = Y^2
-     * RHS = X (X^2 - 3) + B = X^3 - 3X + B
-     */
-    MPI_CHK( mpi_mul_mpi( &YY,  &pt->Y,  &pt->Y   ) );  MOD_MUL( YY  );
-    MPI_CHK( mpi_mul_mpi( &RHS, &pt->X,  &pt->X   ) );  MOD_MUL( RHS );
-    MPI_CHK( mpi_sub_int( &RHS, &RHS,    3        ) );  MOD_SUB( RHS );
-    MPI_CHK( mpi_mul_mpi( &RHS, &RHS,    &pt->X   ) );  MOD_MUL( RHS );
-    MPI_CHK( mpi_add_mpi( &RHS, &RHS,    &grp->B  ) );  MOD_ADD( RHS );
-
-    if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
-        ret = POLARSSL_ERR_ECP_GENERIC;
-
-cleanup:
-
-    mpi_free( &YY ); mpi_free( &RHS );
-
-    return( ret );
-}
-
-/*
  * Normalize jacobian coordinates so that Z == 0 || Z == 1  (GECC 3.2.1)
  */
 static int ecp_normalize( const ecp_group *grp, ecp_point *pt )
@@ -1306,6 +1261,63 @@
 }
 
 /*
+ * Check that a point is valid as a public key (SEC1 3.2.3.1)
+ */
+int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
+{
+    int ret;
+    mpi YY, RHS;
+
+    if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
+    /*
+     * pt coordinates must be normalized for our checks
+     */
+    if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
+    if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
+        mpi_cmp_int( &pt->Y, 0 ) < 0 ||
+        mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
+        mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
+    mpi_init( &YY ); mpi_init( &RHS );
+
+    /*
+     * YY = Y^2
+     * RHS = X (X^2 - 3) + B = X^3 - 3X + B
+     */
+    MPI_CHK( mpi_mul_mpi( &YY,  &pt->Y,  &pt->Y   ) );  MOD_MUL( YY  );
+    MPI_CHK( mpi_mul_mpi( &RHS, &pt->X,  &pt->X   ) );  MOD_MUL( RHS );
+    MPI_CHK( mpi_sub_int( &RHS, &RHS,    3        ) );  MOD_SUB( RHS );
+    MPI_CHK( mpi_mul_mpi( &RHS, &RHS,    &pt->X   ) );  MOD_MUL( RHS );
+    MPI_CHK( mpi_add_mpi( &RHS, &RHS,    &grp->B  ) );  MOD_ADD( RHS );
+
+    if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
+        ret = POLARSSL_ERR_ECP_GENERIC;
+
+cleanup:
+
+    mpi_free( &YY ); mpi_free( &RHS );
+
+    return( ret );
+}
+
+/*
+ * Check that an mpi is valid as a private key (SEC1 3.2)
+ */
+int ecp_check_prvkey( const ecp_group *grp, const mpi *d )
+{
+    /* We want 1 <= d <= N-1 */
+    if ( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
+    return( 0 );
+}
+
+/*
  * Generate a keypair (SEC1 3.2.1)
  */
 int ecp_gen_keypair( const ecp_group *grp, mpi *d, ecp_point *Q,