Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
ecp_internal.h File Reference
Function declarations for alternative implementation of elliptic curve point arithmetic. More...
Go to the source code of this file.
Functions | |
| unsigned char | mbedtls_internal_ecp_grp_capable (const mbedtls_ecp_group *grp) |
| Indicate if the Elliptic Curve Point module extension can handle the group. | |
| int | mbedtls_internal_ecp_init (const mbedtls_ecp_group *grp) |
| Initialise the Elliptic Curve Point module extension. | |
| void | mbedtls_internal_ecp_free (const mbedtls_ecp_group *grp) |
| Frees and deallocates the Elliptic Curve Point module extension. | |
| int | mbedtls_internal_ecp_randomize_jac (const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
| Randomize jacobian coordinates: (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l. | |
| int | mbedtls_internal_ecp_add_mixed (const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q) |
| Addition: R = P + Q, mixed affine-Jacobian coordinates. | |
| int | mbedtls_internal_ecp_double_jac (const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P) |
| Point doubling R = 2 P, Jacobian coordinates. | |
| int | mbedtls_internal_ecp_normalize_jac_many (const mbedtls_ecp_group *grp, mbedtls_ecp_point *T[], size_t t_len) |
| Normalize jacobian coordinates of an array of (pointers to) points. | |
| int | mbedtls_internal_ecp_normalize_jac (const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt) |
| Normalize jacobian coordinates so that Z == 0 || Z == 1. | |
| int | mbedtls_internal_ecp_randomize_mxz (const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
| Randomize projective x/z coordinates: (X, Z) -> (l X, l Z) for random l. | |
| int | mbedtls_internal_ecp_normalize_mxz (const mbedtls_ecp_group *grp, mbedtls_ecp_point *P) |
| Normalize Montgomery x/z coordinates: X = X/Z, Z = 1. | |
Detailed Description
Function declarations for alternative implementation of elliptic curve point arithmetic.
Definition in file ecp_internal.h.
Function Documentation
| int mbedtls_internal_ecp_add_mixed | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | R, | ||
| const mbedtls_ecp_point * | P, | ||
| const mbedtls_ecp_point * | Q | ||
| ) |
Addition: R = P + Q, mixed affine-Jacobian coordinates.
The coordinates of Q must be normalized (= affine), but those of P don't need to. R is not normalized.
This function is used only as a subrutine of ecp_mul_comb().
Special cases: (1) P or Q is zero, (2) R is zero, (3) P == Q. None of these cases can happen as intermediate step in ecp_mul_comb():
- at each step, P, Q and R are multiples of the base point, the factor being less than its order, so none of them is zero;
- Q is an odd multiple of the base point, P an even multiple, due to the choice of precomputed points in the modified comb method. So branches for these cases do not leak secret information.
We accept Q->Z being unset (saving memory in tables) as meaning 1.
Cost in field operations if done by [5] 3.22: 1A := 8M + 3S
- Parameters:
-
grp Pointer to the group representing the curve. R Pointer to a point structure to hold the result. P Pointer to the first summand, given with Jacobian coordinates Q Pointer to the second summand, given with affine coordinates.
- Returns:
- 0 if successful.
| int mbedtls_internal_ecp_double_jac | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | R, | ||
| const mbedtls_ecp_point * | P | ||
| ) |
Point doubling R = 2 P, Jacobian coordinates.
Cost: 1D := 3M + 4S (A == 0) 4M + 4S (A == -3) 3M + 6S + 1a otherwise when the implementation is based on the "dbl-1998-cmo-2" doubling formulas in [8] and standard optimizations are applied when curve parameter A is one of { 0, -3 }.
- Parameters:
-
grp Pointer to the group representing the curve. R Pointer to a point structure to hold the result. P Pointer to the point that has to be doubled, given with Jacobian coordinates.
- Returns:
- 0 if successful.
| void mbedtls_internal_ecp_free | ( | const mbedtls_ecp_group * | grp ) |
Frees and deallocates the Elliptic Curve Point module extension.
- Parameters:
-
grp The pointer to the group the module was initialised for.
| unsigned char mbedtls_internal_ecp_grp_capable | ( | const mbedtls_ecp_group * | grp ) |
Indicate if the Elliptic Curve Point module extension can handle the group.
- Parameters:
-
grp The pointer to the elliptic curve group that will be the basis of the cryptographic computations.
- Returns:
- Non-zero if successful.
| int mbedtls_internal_ecp_init | ( | const mbedtls_ecp_group * | grp ) |
Initialise the Elliptic Curve Point module extension.
If mbedtls_internal_ecp_grp_capable returns true for a group, this function has to be able to initialise the module for it.
This module can be a driver to a crypto hardware accelerator, for which this could be an initialise function.
- Parameters:
-
grp The pointer to the group the module needs to be initialised for.
- Returns:
- 0 if successful.
| int mbedtls_internal_ecp_normalize_jac | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | pt | ||
| ) |
Normalize jacobian coordinates so that Z == 0 || Z == 1.
Cost in field operations if done by [5] 3.2.1: 1N := 1I + 3M + 1S
- Parameters:
-
grp Pointer to the group representing the curve. pt pointer to the point to be normalised. This is an input/output parameter.
- Returns:
- 0 if successful.
| int mbedtls_internal_ecp_normalize_jac_many | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | T[], | ||
| size_t | t_len | ||
| ) |
Normalize jacobian coordinates of an array of (pointers to) points.
Using Montgomery's trick to perform only one inversion mod P the cost is: 1N(t) := 1I + (6t - 3)M + 1S (See for example Algorithm 10.3.4. in [9])
This function is used only as a subrutine of ecp_mul_comb().
Warning: fails (returning an error) if one of the points is zero! This should never happen, see choice of w in ecp_mul_comb().
- Parameters:
-
grp Pointer to the group representing the curve. T Array of pointers to the points to normalise. t_len Number of elements in the array.
- Returns:
- 0 if successful, an error if one of the points is zero.
| int mbedtls_internal_ecp_normalize_mxz | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | P | ||
| ) |
Normalize Montgomery x/z coordinates: X = X/Z, Z = 1.
- Parameters:
-
grp pointer to the group representing the curve P pointer to the point to be normalised. This is an input/output parameter.
- Returns:
- 0 if successful
| int mbedtls_internal_ecp_randomize_jac | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | pt, | ||
| int(*)(void *, unsigned char *, size_t) | f_rng, | ||
| void * | p_rng | ||
| ) |
Randomize jacobian coordinates: (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l.
- Parameters:
-
grp Pointer to the group representing the curve. pt The point on the curve to be randomised, given with Jacobian coordinates. f_rng A function pointer to the random number generator. p_rng A pointer to the random number generator state.
- Returns:
- 0 if successful.
| int mbedtls_internal_ecp_randomize_mxz | ( | const mbedtls_ecp_group * | grp, |
| mbedtls_ecp_point * | P, | ||
| int(*)(void *, unsigned char *, size_t) | f_rng, | ||
| void * | p_rng | ||
| ) |
Randomize projective x/z coordinates: (X, Z) -> (l X, l Z) for random l.
- Parameters:
-
grp pointer to the group representing the curve P the point on the curve to be randomised given with projective coordinates. This is an input/output parameter. f_rng a function pointer to the random number generator p_rng a pointer to the random number generator state
- Returns:
- 0 if successful
Generated on Tue Jul 12 2022 14:25:30 by
1.7.2