Marco Zecchini
Rtos API example
mbedtls_ecp_group Struct Reference
ECP group structure. More...
#include <ecp.h>
Data Fields | |
| mbedtls_ecp_group_id | id |
| mbedtls_mpi | P |
| mbedtls_mpi | A |
| mbedtls_mpi | B |
| mbedtls_ecp_point | G |
| mbedtls_mpi | N |
| size_t | pbits |
| size_t | nbits |
| unsigned int | h |
| int(* | modp )(mbedtls_mpi *) |
| int(* | t_pre )(mbedtls_ecp_point *, void *) |
| int(* | t_post )(mbedtls_ecp_point *, void *) |
| void * | t_data |
| mbedtls_ecp_point * | T |
| size_t | T_size |
Detailed Description
ECP group structure.
We consider two types of curves equations: 1. Short Weierstrass y^2 = x^3 + A x + B mod P (SEC1 + RFC 4492) 2. Montgomery, y^2 = x^3 + A x^2 + x mod P (Curve25519 + draft) In both cases, a generator G for a prime-order subgroup is fixed. In the short weierstrass, this subgroup is actually the whole curve, and its cardinal is denoted by N.
In the case of Short Weierstrass curves, our code requires that N is an odd prime. (Use odd in mbedtls_ecp_mul() and prime in mbedtls_ecdsa_sign() for blinding.)
In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is the quantity actually used in the formulas. Also, nbits is not the size of N but the required size for private keys.
If modp is NULL, reduction modulo P is done using a generic algorithm. Otherwise, it must point to a function that takes an mbedtls_mpi in the range 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more than pbits, so that the integer may be efficiently brought in the 0..P-1 range by a few additions or substractions. It must return 0 on success and non-zero on failure.
Definition at line 138 of file mbedtls/inc/mbedtls/ecp.h.
Field Documentation
1. A in the equation, or 2. (A + 2) / 4
Definition at line 142 of file mbedtls/inc/mbedtls/ecp.h.
1. B in the equation, or 2. unused
Definition at line 143 of file mbedtls/inc/mbedtls/ecp.h.
generator of the (sub)group used
Definition at line 144 of file mbedtls/inc/mbedtls/ecp.h.
| unsigned int h |
internal: 1 if the constants are static
Definition at line 148 of file mbedtls/inc/mbedtls/ecp.h.
| mbedtls_ecp_group_id id |
internal group identifier
Definition at line 140 of file mbedtls/inc/mbedtls/ecp.h.
| int(* modp)(mbedtls_mpi *) |
function for fast reduction mod P
Definition at line 149 of file mbedtls/inc/mbedtls/ecp.h.
1. the order of G, or 2. unused
Definition at line 145 of file mbedtls/inc/mbedtls/ecp.h.
| size_t nbits |
number of bits in 1. P, or 2. private keys
Definition at line 147 of file mbedtls/inc/mbedtls/ecp.h.
prime modulus of the base field
Definition at line 141 of file mbedtls/inc/mbedtls/ecp.h.
| size_t pbits |
number of bits in P
Definition at line 146 of file mbedtls/inc/mbedtls/ecp.h.
pre-computed points for ecp_mul_comb()
Definition at line 153 of file mbedtls/inc/mbedtls/ecp.h.
| void* t_data |
unused
Definition at line 152 of file mbedtls/inc/mbedtls/ecp.h.
| int(* t_post)(mbedtls_ecp_point *, void *) |
unused
Definition at line 151 of file mbedtls/inc/mbedtls/ecp.h.
| int(* t_pre)(mbedtls_ecp_point *, void *) |
unused
Definition at line 150 of file mbedtls/inc/mbedtls/ecp.h.
| size_t T_size |
number for pre-computed points
Definition at line 154 of file mbedtls/inc/mbedtls/ecp.h.
Generated on Sun Jul 17 2022 08:25:41 by
1.7.2