diff --git a/include/tinycrypt/ecc.h b/include/tinycrypt/ecc.h index 5a487436a..d50183813 100644 --- a/include/tinycrypt/ecc.h +++ b/include/tinycrypt/ecc.h @@ -120,12 +120,6 @@ typedef uint64_t uECC_dword_t; #define NUM_ECC_BYTES (uECC_WORD_SIZE*NUM_ECC_WORDS) #define NUM_ECC_BITS 256 -/* curve identifier (for API compatility - only P-256 is supported) */ -typedef enum { - curve_invalid = 0, - curve_secp256r1 = 0xff -} uECC_Curve; - /* * @brief computes doubling of point ion jacobian coordinates, in place. * @param X1 IN/OUT -- x coordinate @@ -156,8 +150,6 @@ extern const uECC_word_t curve_n[NUM_ECC_WORDS]; extern const uECC_word_t curve_G[2 * NUM_ECC_WORDS]; extern const uECC_word_t curve_b[NUM_ECC_WORDS]; -uECC_Curve uECC_secp256r1(void); - /* * @brief Generates a random integer in the range 0 < random < top. * Both random and top have num_words words. @@ -211,14 +203,14 @@ uECC_RNG_Function uECC_get_rng(void); * @param curve IN -- elliptic curve * @return size of a private key for the curve in bytes. */ -int uECC_curve_private_key_size(uECC_Curve curve); +int uECC_curve_private_key_size(void); /* * @brief computes the size of a public key for the curve in bytes. * @param curve IN -- elliptic curve * @return the size of a public key for the curve in bytes. */ -int uECC_curve_public_key_size(uECC_Curve curve); +int uECC_curve_public_key_size(void); /* * @brief Compute the corresponding public key for a private key. @@ -228,7 +220,7 @@ int uECC_curve_public_key_size(uECC_Curve curve); * @return Returns 1 if key was computed successfully, 0 if an error occurred. */ int uECC_compute_public_key(const uint8_t *private_key, - uint8_t *public_key, uECC_Curve curve); + uint8_t *public_key); /* * @brief Compute public-key. @@ -238,7 +230,7 @@ int uECC_compute_public_key(const uint8_t *private_key, * @param curve IN -- elliptic curve */ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result, - uECC_word_t *private_key, uECC_Curve curve); + uECC_word_t *private_key); /* * @brief Point multiplication algorithm using Montgomery's ladder with co-Z @@ -249,10 +241,9 @@ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result, * @param result OUT -- returns scalar*point * @param point IN -- elliptic curve point * @param scalar IN -- scalar - * @param curve IN -- elliptic curve */ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point, - const uECC_word_t * scalar, uECC_Curve curve); + const uECC_word_t * scalar); /* * @brief Constant-time comparison to zero - secure way to compare long integers diff --git a/include/tinycrypt/ecc_dh.h b/include/tinycrypt/ecc_dh.h index a2edb0155..61e4c52ba 100644 --- a/include/tinycrypt/ecc_dh.h +++ b/include/tinycrypt/ecc_dh.h @@ -97,7 +97,7 @@ extern "C" { * @warning A cryptographically-secure PRNG function must be set (using * uECC_set_rng()) before calling uECC_make_key(). */ -int uECC_make_key(uint8_t *p_public_key, uint8_t *p_private_key, uECC_Curve curve); +int uECC_make_key(uint8_t *p_public_key, uint8_t *p_private_key); #ifdef ENABLE_TESTS @@ -108,7 +108,7 @@ int uECC_make_key(uint8_t *p_public_key, uint8_t *p_private_key, uECC_Curve curv * uECC_make_key() function for real applications. */ int uECC_make_key_with_d(uint8_t *p_public_key, uint8_t *p_private_key, - unsigned int *d, uECC_Curve curve); + unsigned int *d); #endif /** @@ -128,7 +128,7 @@ int uECC_make_key_with_d(uint8_t *p_public_key, uint8_t *p_private_key, * order to produce a cryptographically secure symmetric key. */ int uECC_shared_secret(const uint8_t *p_public_key, const uint8_t *p_private_key, - uint8_t *p_secret, uECC_Curve curve); + uint8_t *p_secret); #ifdef __cplusplus } diff --git a/include/tinycrypt/ecc_dsa.h b/include/tinycrypt/ecc_dsa.h index 55b9d43f3..5985c7f0c 100644 --- a/include/tinycrypt/ecc_dsa.h +++ b/include/tinycrypt/ecc_dsa.h @@ -109,7 +109,7 @@ extern "C" { * attack. */ int uECC_sign(const uint8_t *p_private_key, const uint8_t *p_message_hash, - unsigned p_hash_size, uint8_t *p_signature, uECC_Curve curve); + unsigned p_hash_size, uint8_t *p_signature); #ifdef ENABLE_TESTS /* @@ -117,8 +117,7 @@ int uECC_sign(const uint8_t *p_private_key, const uint8_t *p_message_hash, * Refer to uECC_sign() function for real applications. */ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, - unsigned int hash_size, uECC_word_t *k, uint8_t *signature, - uECC_Curve curve); + unsigned int hash_size, uECC_word_t *k, uint8_t *signature) #endif /** @@ -136,7 +135,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, * the signature values (hash_size and signature). */ int uECC_verify(const uint8_t *p_public_key, const uint8_t *p_message_hash, - unsigned int p_hash_size, const uint8_t *p_signature, uECC_Curve curve); + unsigned int p_hash_size, const uint8_t *p_signature); #ifdef __cplusplus } diff --git a/library/pk.c b/library/pk.c index 9c81ccc4d..05ffe1c70 100644 --- a/library/pk.c +++ b/library/pk.c @@ -580,7 +580,6 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, volatile int ret_fi; uint8_t signature[2*NUM_ECC_BYTES]; unsigned char *p; - uECC_Curve uecc_curve = uECC_secp256r1(); const mbedtls_uecc_keypair *keypair = (const mbedtls_uecc_keypair *) ctx; ((void) md_alg); @@ -591,7 +590,7 @@ static int uecc_eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, return( ret ); ret_fi = uECC_verify( keypair->public_key, hash, - (unsigned) hash_len, signature, uecc_curve ); + (unsigned) hash_len, signature ); if( ret_fi == UECC_ATTACK_DETECTED ) return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); @@ -704,7 +703,6 @@ static int uecc_eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { const mbedtls_uecc_keypair *keypair = (const mbedtls_uecc_keypair *) ctx; - uECC_Curve uecc_curve = uECC_secp256r1(); int ret; /* @@ -724,7 +722,7 @@ static int uecc_eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, */ #define MAX_SECP256R1_ECDSA_SIG_LEN ( 3 + 2 * ( 3 + NUM_ECC_BYTES ) ) - ret = uECC_sign( keypair->private_key, hash, hash_len, sig, uecc_curve ); + ret = uECC_sign( keypair->private_key, hash, hash_len, sig ); /* TinyCrypt uses 0 to signal errors. */ if( ret == 0 ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); diff --git a/library/pkparse.c b/library/pkparse.c index 4562f6547..6a2507aa3 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -986,8 +986,7 @@ static int pk_parse_key_sec1_der( mbedtls_uecc_keypair *keypair, if( !pubkey_done ) { ret = uECC_compute_public_key( keypair->private_key, - keypair->public_key, - uECC_secp256r1() ); + keypair->public_key ); if( ret == 0 ) return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9d2af94e8..3a5671e64 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3567,7 +3567,6 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl, == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { - uECC_Curve uecc_curve = uECC_secp256r1(); ((void) n); ((void) ret); @@ -3577,8 +3576,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl, *p++ = 2 * NUM_ECC_BYTES + 1; *p++ = 0x04; /* uncompressed point presentation */ - if( !uECC_make_key( p, ssl->handshake->ecdh_privkey, - uecc_curve ) ) + if( !uECC_make_key( p, ssl->handshake->ecdh_privkey ) ) { return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } @@ -3718,7 +3716,6 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl, == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { #if defined(MBEDTLS_USE_TINYCRYPT) - uECC_Curve uecc_curve = uECC_secp256r1(); ((void) n); ((void) ret); @@ -3728,8 +3725,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl, *p++ = 2 * NUM_ECC_BYTES + 1; *p++ = 0x04; /* uncompressed point presentation */ - if( !uECC_make_key( p, ssl->handshake->ecdh_privkey, - uecc_curve ) ) + if( !uECC_make_key( p, ssl->handshake->ecdh_privkey ) ) { return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index d3bcd807a..43ca2cac3 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3279,9 +3279,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, unsigned char *dig_signed = NULL; #endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ -#if defined(MBEDTLS_USE_TINYCRYPT) - uECC_Curve uecc_curve = uECC_secp256r1(); -#endif (void) ciphersuite_info; /* unused in some configurations */ #if !defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) @@ -3430,8 +3427,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen += sizeof( ecdh_param_hdr ); if( !uECC_make_key( &ssl->out_msg[ ssl->out_msglen ], - ssl->handshake->ecdh_privkey, - uecc_curve ) ) + ssl->handshake->ecdh_privkey ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bf24a98ab..2fc569c2f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1973,13 +1973,11 @@ int mbedtls_ssl_build_pms( mbedtls_ssl_context *ssl ) mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { - uECC_Curve uecc_curve = uECC_secp256r1(); ((void) ret); if( !uECC_shared_secret( ssl->handshake->ecdh_peerkey, ssl->handshake->ecdh_privkey, - ssl->handshake->premaster, - uecc_curve ) ) + ssl->handshake->premaster ) ) { return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } @@ -2170,13 +2168,11 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch size_t zlen; #if defined(MBEDTLS_USE_TINYCRYPT) - uECC_Curve uecc_curve = uECC_secp256r1(); ((void) ret); if( !uECC_shared_secret( ssl->handshake->ecdh_peerkey, ssl->handshake->ecdh_privkey, - p + 2, - uecc_curve ) ) + p + 2 ) ) { return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2fd48c2a4..94e10bab9 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -35,8 +35,7 @@ static int pk_genkey( mbedtls_pk_context *pk ) int ret; ret = uECC_make_key( mbedtls_pk_uecc( *pk )->public_key, - mbedtls_pk_uecc( *pk )->private_key, - uECC_secp256r1() ); + mbedtls_pk_uecc( *pk )->private_key ); if( ret == 0 ) return( -1 ); diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index a4d9466c4..5563d60bc 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -93,8 +93,7 @@ void pk_parse_public_keyfile_ec( char * key_file, int result ) TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 ); #else uecckey = mbedtls_pk_uecc( ctx ); - TEST_ASSERT( uECC_valid_public_key( uecckey->public_key, - uECC_secp256r1() ) == 0 ); + TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 ); #endif /* MBEDTLS_USE_TINYCRYPT */ } @@ -136,11 +135,9 @@ void pk_parse_keyfile_ec( char * key_file, char * password, int result ) TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 ); #else uecckey = mbedtls_pk_uecc( ctx ); - TEST_ASSERT( uECC_valid_public_key( uecckey->public_key, - uECC_secp256r1() ) == 0 ); + TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 ); TEST_ASSERT( uECC_compute_public_key( uecckey->private_key, - tmp_pubkey, - uECC_secp256r1() ) != 0 ); + tmp_pubkey ) != 0 ); TEST_ASSERT( memcmp( tmp_pubkey, uecckey->public_key, sizeof( tmp_pubkey ) ) == 0 ); #endif /* MBEDTLS_USE_TINYCRYPT */ diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index 51e3e32d5..3e41720ee 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -21,17 +21,15 @@ void test_ecdh() uint8_t secret1[NUM_ECC_BYTES] = {0}; uint8_t secret2[NUM_ECC_BYTES] = {0}; - uECC_Curve curve = uECC_secp256r1(); - uECC_set_rng( &uecc_rng_wrapper ); - TEST_ASSERT( uECC_make_key( public1, private1, curve ) != 0 ); + TEST_ASSERT( uECC_make_key( public1, private1 ) != 0 ); - TEST_ASSERT( uECC_make_key( public2, private2, curve ) != 0 ); + TEST_ASSERT( uECC_make_key( public2, private2 ) != 0 ); - TEST_ASSERT( uECC_shared_secret( public2, private1, secret1, curve ) != 0 ); + TEST_ASSERT( uECC_shared_secret( public2, private1, secret1 ) != 0 ); - TEST_ASSERT( uECC_shared_secret( public1, private2, secret2, curve ) != 0 ); + TEST_ASSERT( uECC_shared_secret( public1, private2, secret2 ) != 0 ); TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 ); } @@ -45,17 +43,15 @@ void test_ecdsa() uint8_t hash[NUM_ECC_BYTES] = {0}; uint8_t sig[2*NUM_ECC_BYTES] = {0}; - uECC_Curve curve = uECC_secp256r1(); - uECC_set_rng( &uecc_rng_wrapper ); TEST_ASSERT( rnd_std_rand( NULL, hash, NUM_ECC_BYTES ) == 0 ); - TEST_ASSERT( uECC_make_key( public, private, curve ) != 0 ); + TEST_ASSERT( uECC_make_key( public, private ) != 0 ); - TEST_ASSERT( uECC_sign( private, hash, sizeof( hash ), sig, curve ) != 0 ); + TEST_ASSERT( uECC_sign( private, hash, sizeof( hash ), sig ) != 0 ); - TEST_ASSERT( uECC_verify( public, hash, sizeof( hash ), sig, curve ) == UECC_SUCCESS ); + TEST_ASSERT( uECC_verify( public, hash, sizeof( hash ), sig ) == UECC_SUCCESS ); } /* END_CASE */ @@ -64,7 +60,6 @@ void ecdh_primitive_testvec( data_t * private1, data_t * xA_str, data_t * yA_str, data_t * private2, data_t * xB_str, data_t * yB_str, data_t * z_str ) { - uECC_Curve curve = uECC_secp256r1(); uint8_t public1[2*NUM_ECC_BYTES] = {0}; uint8_t public2[2*NUM_ECC_BYTES] = {0}; uint8_t secret1[NUM_ECC_BYTES] = {0}; @@ -76,9 +71,9 @@ void ecdh_primitive_testvec( data_t * private1, data_t * xA_str, memcpy( public2 + NUM_ECC_BYTES, yB_str->x, yB_str->len ); // Compute shared secrets and compare to test vector secret - TEST_ASSERT( uECC_shared_secret( public2, private1->x, secret1, curve ) != 0 ); + TEST_ASSERT( uECC_shared_secret( public2, private1->x, secret1 ) != 0 ); - TEST_ASSERT( uECC_shared_secret( public1, private2->x, secret2, curve ) != 0 ); + TEST_ASSERT( uECC_shared_secret( public1, private2->x, secret2 ) != 0 ); TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 ); TEST_ASSERT( memcmp( secret1, z_str->x, sizeof( secret1 ) ) == 0 ); @@ -90,7 +85,6 @@ void ecdh_primitive_testvec( data_t * private1, data_t * xA_str, void ecdsa_primitive_testvec( data_t * xQ_str, data_t * yQ_str, data_t * hash, data_t * r_str, data_t * s_str ) { - uECC_Curve curve = uECC_secp256r1(); uint8_t pub_bytes[2*NUM_ECC_BYTES] = {0}; uint8_t sig_bytes[2*NUM_ECC_BYTES] = {0}; @@ -100,7 +94,7 @@ void ecdsa_primitive_testvec( data_t * xQ_str, data_t * yQ_str, memcpy( sig_bytes + NUM_ECC_BYTES, s_str->x, r_str->len ); TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len, - sig_bytes, curve ) == UECC_SUCCESS ); + sig_bytes ) == UECC_SUCCESS ); // Alter the signature and check the verification fails for( int i = 0; i < 2*NUM_ECC_BYTES; i++ ) @@ -108,7 +102,7 @@ void ecdsa_primitive_testvec( data_t * xQ_str, data_t * yQ_str, uint8_t temp = sig_bytes[i]; sig_bytes[i] = ( sig_bytes[i] + 1 ) % 256; TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len, - sig_bytes, curve ) == UECC_FAILURE ); + sig_bytes ) == UECC_FAILURE ); sig_bytes[i] = temp; } diff --git a/tinycrypt/ecc.c b/tinycrypt/ecc.c index 0c53f9dd6..62517df5a 100644 --- a/tinycrypt/ecc.c +++ b/tinycrypt/ecc.c @@ -116,15 +116,13 @@ uECC_RNG_Function uECC_get_rng(void) return g_rng_function; } -int uECC_curve_private_key_size(uECC_Curve curve) +int uECC_curve_private_key_size(void) { - (void) curve; return BITS_TO_BYTES(NUM_ECC_BITS); } -int uECC_curve_public_key_size(uECC_Curve curve) +int uECC_curve_public_key_size(void) { - (void) curve; return 2 * NUM_ECC_BYTES; } @@ -672,11 +670,6 @@ static void x_side_default(uECC_word_t *result, uECC_vli_modAdd(result, result, curve_b, curve_p); } -uECC_Curve uECC_secp256r1(void) -{ - return curve_secp256r1; -} - void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int*product) { unsigned int tmp[NUM_ECC_WORDS]; @@ -952,7 +945,7 @@ static uECC_word_t regularize_k(const uECC_word_t * const k, uECC_word_t *k0, } int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point, - const uECC_word_t * scalar, uECC_Curve curve) + const uECC_word_t * scalar) { uECC_word_t tmp[NUM_ECC_WORDS]; uECC_word_t s[NUM_ECC_WORDS]; @@ -962,9 +955,6 @@ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point, uECC_word_t *initial_Z = 0; int r; - if (curve != uECC_secp256r1()) - return 0; - /* Protects against invalid curves attacks */ if (uECC_valid_point(point) != 0 ) { return 0; @@ -1005,10 +995,9 @@ clear_and_out: } uECC_word_t EccPoint_compute_public_key(uECC_word_t *result, - uECC_word_t *private_key, - uECC_Curve curve) + uECC_word_t *private_key) { - return EccPoint_mult_safer(result, curve_G, private_key, curve); + return EccPoint_mult_safer(result, curve_G, private_key); } /* Converts an integer in uECC native format to big-endian bytes. */ @@ -1106,8 +1095,7 @@ int uECC_valid_public_key(const uint8_t *public_key) return uECC_valid_point(_public); } -int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key, - uECC_Curve curve) +int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key) { uECC_word_t _private[NUM_ECC_WORDS]; @@ -1128,7 +1116,7 @@ int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key, } /* Compute public key. */ - if (!EccPoint_compute_public_key(_public, _private, curve)) { + if (!EccPoint_compute_public_key(_public, _private)) { return 0; } diff --git a/tinycrypt/ecc_dh.c b/tinycrypt/ecc_dh.c index fc429fe47..9fe03ca9a 100644 --- a/tinycrypt/ecc_dh.c +++ b/tinycrypt/ecc_dh.c @@ -73,7 +73,7 @@ #include "mbedtls/platform_util.h" int uECC_make_key_with_d(uint8_t *public_key, uint8_t *private_key, - unsigned int *d, uECC_Curve curve) + unsigned int *d) { uECC_word_t _private[NUM_ECC_WORDS]; @@ -85,7 +85,7 @@ int uECC_make_key_with_d(uint8_t *public_key, uint8_t *private_key, mbedtls_platform_memcpy (_private, d, NUM_ECC_BYTES); /* Computing public-key from private: */ - if (EccPoint_compute_public_key(_public, _private, curve)) { + if (EccPoint_compute_public_key(_public, _private)) { /* Converting buffers to correct bit order: */ uECC_vli_nativeToBytes(private_key, @@ -106,7 +106,7 @@ int uECC_make_key_with_d(uint8_t *public_key, uint8_t *private_key, return 0; } -int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve) +int uECC_make_key(uint8_t *public_key, uint8_t *private_key) { uECC_word_t _random[NUM_ECC_WORDS * 2]; @@ -126,7 +126,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve) uECC_vli_mmod(_private, _random, curve_n); /* Computing public-key from private: */ - if (EccPoint_compute_public_key(_public, _private, curve)) { + if (EccPoint_compute_public_key(_public, _private)) { /* Converting buffers to correct bit order: */ uECC_vli_nativeToBytes(private_key, @@ -149,7 +149,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve) } int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key, - uint8_t *secret, uECC_Curve curve) + uint8_t *secret) { uECC_word_t _public[NUM_ECC_WORDS * 2]; @@ -169,7 +169,7 @@ int uECC_shared_secret(const uint8_t *public_key, const uint8_t *private_key, public_key + num_bytes, num_bytes); - r = EccPoint_mult_safer(_public, _public, _private, curve); + r = EccPoint_mult_safer(_public, _public, _private); uECC_vli_nativeToBytes(secret, num_bytes, _public); /* erasing temporary buffer used to store secret: */ diff --git a/tinycrypt/ecc_dsa.c b/tinycrypt/ecc_dsa.c index 0f7a9fd2f..87fa53bf3 100644 --- a/tinycrypt/ecc_dsa.c +++ b/tinycrypt/ecc_dsa.c @@ -76,7 +76,7 @@ static uECC_RNG_Function g_rng_function = 0; #endif static void bits2int(uECC_word_t *native, const uint8_t *bits, - unsigned bits_size, uECC_Curve curve) + unsigned bits_size) { unsigned num_n_bytes = BITS_TO_BYTES(NUM_ECC_BITS); unsigned num_n_words = BITS_TO_WORDS(NUM_ECC_BITS); @@ -84,8 +84,6 @@ static void bits2int(uECC_word_t *native, const uint8_t *bits, uECC_word_t carry; uECC_word_t *ptr; - (void) curve; - if (bits_size > num_n_bytes) { bits_size = num_n_bytes; } @@ -111,8 +109,7 @@ static void bits2int(uECC_word_t *native, const uint8_t *bits, } int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, - unsigned hash_size, uECC_word_t *k, uint8_t *signature, - uECC_Curve curve) + unsigned hash_size, uECC_word_t *k, uint8_t *signature) { uECC_word_t tmp[NUM_ECC_WORDS]; @@ -128,7 +125,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, return 0; } - r = EccPoint_mult_safer(p, curve_G, k, curve); + r = EccPoint_mult_safer(p, curve_G, k); if (r == 0 || uECC_vli_isZero(p)) { return 0; } @@ -158,7 +155,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, uECC_vli_set(s, p); uECC_vli_modMult(s, tmp, s, curve_n); /* s = r*d */ - bits2int(tmp, message_hash, hash_size, curve); + bits2int(tmp, message_hash, hash_size); uECC_vli_modAdd(s, tmp, s, curve_n); /* s = e + r*d */ uECC_vli_modMult(s, s, k, curve_n); /* s = (e + r*d) / k */ if (uECC_vli_numBits(s) > (bitcount_t)NUM_ECC_BYTES * 8) { @@ -170,7 +167,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, } int uECC_sign(const uint8_t *private_key, const uint8_t *message_hash, - unsigned hash_size, uint8_t *signature, uECC_Curve curve) + unsigned hash_size, uint8_t *signature) { uECC_word_t _random[2*NUM_ECC_WORDS]; uECC_word_t k[NUM_ECC_WORDS]; @@ -187,8 +184,7 @@ int uECC_sign(const uint8_t *private_key, const uint8_t *message_hash, // computing k as modular reduction of _random (see FIPS 186.4 B.5.1): uECC_vli_mmod(k, _random, curve_n); - if (uECC_sign_with_k(private_key, message_hash, hash_size, k, signature, - curve)) { + if (uECC_sign_with_k(private_key, message_hash, hash_size, k, signature)) { return 1; } } @@ -201,8 +197,7 @@ static bitcount_t smax(bitcount_t a, bitcount_t b) } int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash, - unsigned hash_size, const uint8_t *signature, - uECC_Curve curve) + unsigned hash_size, const uint8_t *signature) { uECC_word_t u1[NUM_ECC_WORDS], u2[NUM_ECC_WORDS]; @@ -224,9 +219,6 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash, wordcount_t num_words = NUM_ECC_WORDS; wordcount_t num_n_words = BITS_TO_WORDS(NUM_ECC_BITS); - if (curve != uECC_secp256r1()) - return 0; - rx[num_n_words - 1] = 0; r[num_n_words - 1] = 0; s[num_n_words - 1] = 0; @@ -251,7 +243,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash, /* Calculate u1 and u2. */ uECC_vli_modInv(z, s, curve_n); /* z = 1/s */ u1[num_n_words - 1] = 0; - bits2int(u1, message_hash, hash_size, curve); + bits2int(u1, message_hash, hash_size); uECC_vli_modMult(u1, u1, z, curve_n); /* u1 = e/s */ uECC_vli_modMult(u2, r, z, curve_n); /* u2 = r/s */