mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-26 04:31:07 +00:00
Add public function generating private keys
We need to separate the uses of the RNG for blinding and for key generation for the sake of an upcoming security fix in deterministic ECDSA.
This commit is contained in:
parent
78f040cf33
commit
c80555d835
|
@ -595,6 +595,22 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_po
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
|
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Generate a private key
|
||||||
|
*
|
||||||
|
* \param grp ECP group
|
||||||
|
* \param d Destination MPI (secret part)
|
||||||
|
* \param f_rng RNG function
|
||||||
|
* \param p_rng RNG parameter
|
||||||
|
*
|
||||||
|
* \return 0 if successful,
|
||||||
|
* or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
|
||||||
|
*/
|
||||||
|
int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
|
||||||
|
mbedtls_mpi *d,
|
||||||
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
|
void *p_rng );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Generate a keypair with configurable base point
|
* \brief Generate a keypair with configurable base point
|
||||||
*
|
*
|
||||||
|
|
|
@ -1918,15 +1918,14 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generate a keypair with configurable base point
|
* Generate a private key
|
||||||
*/
|
*/
|
||||||
int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
|
int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
|
||||||
const mbedtls_ecp_point *G,
|
mbedtls_mpi *d,
|
||||||
mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
||||||
size_t n_size = ( grp->nbits + 7 ) / 8;
|
size_t n_size = ( grp->nbits + 7 ) / 8;
|
||||||
|
|
||||||
#if defined(ECP_MONTGOMERY)
|
#if defined(ECP_MONTGOMERY)
|
||||||
|
@ -1951,8 +1950,8 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
|
||||||
}
|
}
|
||||||
else
|
|
||||||
#endif /* ECP_MONTGOMERY */
|
#endif /* ECP_MONTGOMERY */
|
||||||
|
|
||||||
#if defined(ECP_SHORTWEIERSTRASS)
|
#if defined(ECP_SHORTWEIERSTRASS)
|
||||||
if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
|
if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
|
||||||
{
|
{
|
||||||
|
@ -1986,15 +1985,28 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
|
||||||
while( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
|
while( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
|
||||||
mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 );
|
mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 );
|
||||||
}
|
}
|
||||||
else
|
|
||||||
#endif /* ECP_SHORTWEIERSTRASS */
|
#endif /* ECP_SHORTWEIERSTRASS */
|
||||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
if( ret != 0 )
|
return( ret );
|
||||||
return( ret );
|
}
|
||||||
|
|
||||||
return( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
|
/*
|
||||||
|
* Generate a keypair with configurable base point
|
||||||
|
*/
|
||||||
|
int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
|
||||||
|
const mbedtls_ecp_point *G,
|
||||||
|
mbedtls_mpi *d, mbedtls_ecp_point *Q,
|
||||||
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
|
void *p_rng )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
Loading…
Reference in a new issue