Lines Matching +full:num +full:- +full:vectors

2  *  Copyright (C) 2017 - This file is part of libecc project
7 * Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr>
29 q = &(priv_key->params->ec_gen_order); in generic_gen_priv_key()
32 ret = nn_get_random_mod(&(priv_key->x), q); in generic_gen_priv_key()
47 ret = -1; in gen_priv_key()
49 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in gen_priv_key()
50 if (sm->type == priv_key->key_type) { in gen_priv_key()
55 MUST_HAVE((sm->gen_priv_key != NULL), ret, err); in gen_priv_key()
56 ret = sm->gen_priv_key(priv_key); in gen_priv_key()
68 * (e.g. Y=xG, Y=(x^-1)G, etc). It returns -1 on error (i.e. if the signature
80 ret = -1; in init_pubkey_from_privkey()
82 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in init_pubkey_from_privkey()
83 if (sm->type == priv_key->key_type) { in init_pubkey_from_privkey()
88 MUST_HAVE((sm->init_pub_key != NULL), ret, err); in init_pubkey_from_privkey()
89 ret = sm->init_pub_key(pub_key, priv_key); in init_pubkey_from_privkey()
101 * 'sig_name' (a null-terminated string, e.g. "ECDSA"). -1 is returned on error
113 ret = -1; in get_sig_by_name()
115 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in get_sig_by_name()
116 if((!are_str_equal(ec_sig_name, sm->name, &check)) && check){ in get_sig_by_name()
130 * 'sig_type' (e.g. ECDSA, ECSDA). -1 is returned on error in which
141 ret = -1; in get_sig_by_type()
143 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in get_sig_by_type()
144 if (sm->type == sig_type) { in get_sig_by_type()
157 * mapping against the constant ones. 0 is returned on success, -1 on
163 int ret = -1, check; in ec_sig_mapping_callbacks_sanity_check()
172 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in ec_sig_mapping_callbacks_sanity_check()
173 if (sm->type == sig->type){ in ec_sig_mapping_callbacks_sanity_check()
174 if ((!are_str_equal_nlen(sm->name, sig->name, MAX_SIG_ALG_NAME_LEN, &check)) && (!check)){ in ec_sig_mapping_callbacks_sanity_check()
176 } else if (sm->siglen != sig->siglen){ in ec_sig_mapping_callbacks_sanity_check()
178 } else if (sm->gen_priv_key != sig->gen_priv_key){ in ec_sig_mapping_callbacks_sanity_check()
180 } else if (sm->init_pub_key != sig->init_pub_key){ in ec_sig_mapping_callbacks_sanity_check()
182 } else if (sm->sign_init != sig->sign_init){ in ec_sig_mapping_callbacks_sanity_check()
184 } else if (sm->sign_update != sig->sign_update){ in ec_sig_mapping_callbacks_sanity_check()
186 } else if (sm->sign_finalize != sig->sign_finalize){ in ec_sig_mapping_callbacks_sanity_check()
188 } else if (sm->sign != sig->sign){ in ec_sig_mapping_callbacks_sanity_check()
190 } else if (sm->verify_init != sig->verify_init){ in ec_sig_mapping_callbacks_sanity_check()
192 } else if (sm->verify_update != sig->verify_update){ in ec_sig_mapping_callbacks_sanity_check()
194 } else if (sm->verify_finalize != sig->verify_finalize){ in ec_sig_mapping_callbacks_sanity_check()
196 } else if (sm->verify != sig->verify){ in ec_sig_mapping_callbacks_sanity_check()
210 * returned on cucces, -1 on error.
216 MUST_HAVE((sig_ctx != NULL) && (sig_ctx->ctx_magic == SIG_SIGN_MAGIC), ret, err); in ec_sig_ctx_callbacks_sanity_check()
218 ret = hash_mapping_callbacks_sanity_check(sig_ctx->h); EG(ret, err); in ec_sig_ctx_callbacks_sanity_check()
219 ret = ec_sig_mapping_callbacks_sanity_check(sig_ctx->sig); in ec_sig_ctx_callbacks_sanity_check()
227 * OK. 0 is returned on success, -1 on error.
233 MUST_HAVE((verify_ctx != NULL) && (verify_ctx->ctx_magic == SIG_VERIFY_MAGIC), ret, err); in ec_verify_ctx_callbacks_sanity_check()
235 ret = hash_mapping_callbacks_sanity_check(verify_ctx->h); EG(ret, err); in ec_verify_ctx_callbacks_sanity_check()
236 ret = ec_sig_mapping_callbacks_sanity_check(verify_ctx->sig); in ec_verify_ctx_callbacks_sanity_check()
246 * returned and The signature length is returned using 'siglen' parameter. -1 is
262 ret = -1; in ec_get_sig_len()
264 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in ec_get_sig_len()
265 if (sm->type == sig_type) { in ec_get_sig_len()
270 MUST_HAVE((sm->siglen != NULL), ret, err); in ec_get_sig_len()
271 ret = sm->siglen(params->ec_fp.p_bitlen, in ec_get_sig_len()
272 params->ec_gen_order_bitlen, in ec_get_sig_len()
288 * a specific nn random function. It returns 0 on success, -1 on error.
291 * uniformly at random in [1, q-1]. It returns 0 on success and -1 on error. See
310 ret = -1; in _ec_sign_init()
312 hm->type != UNKNOWN_HASH_ALG; hm = &hash_maps[++i]) { in _ec_sign_init()
313 if (hm->type == hash_type) { in _ec_sign_init()
323 ret = -1; in _ec_sign_init()
325 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in _ec_sign_init()
326 if ((sm->type == sig_type) && (sm->sign_init != NULL)) { in _ec_sign_init()
337 * NOTE: when we do not need self tests for known vectors, in _ec_sign_init()
361 ctx->key_pair = key_pair; in _ec_sign_init()
362 ctx->rand = rand; in _ec_sign_init()
363 ctx->h = hm; in _ec_sign_init()
364 ctx->sig = sm; in _ec_sign_init()
365 ctx->adata = adata; in _ec_sign_init()
366 ctx->adata_len = adata_len; in _ec_sign_init()
367 ctx->ctx_magic = SIG_SIGN_MAGIC; in _ec_sign_init()
373 ret = sm->sign_init(ctx); in _ec_sign_init()
386 * function (nn_get_random_mod()). Returns 0 on success, -1 on error.
397 * Signature update function. Returns 0 on success, -1 on error. On error,
406 ret = sig_mapping_sanity_check(ctx->sig); EG(ret, err); in ec_sign_update()
407 ret = hash_mapping_sanity_check(ctx->h); EG(ret, err); in ec_sign_update()
409 ret = ctx->sig->sign_update(ctx, chunk, chunklen); in ec_sign_update()
421 * Signature finalization function. Returns 0 on success, -1 on error.
430 ret = sig_mapping_sanity_check(ctx->sig); EG(ret, err); in ec_sign_finalize()
431 ret = hash_mapping_sanity_check(ctx->h); EG(ret, err); in ec_sign_finalize()
433 ret = ctx->sig->sign_finalize(ctx, sig, siglen); in ec_sign_finalize()
446 * returns 0 on success, -1 on error. This version allows passing a custom
447 * random function. This is useful for test vectors but should be done with
451 * uniformly at random in [1, q-1]. It returns 0 on success and -1 on error. See
483 MUST_HAVE(((sm != NULL) && (sm->sign != NULL)), ret, err); in _ec_sign()
485 ret = sm->sign(sig, siglen, key_pair, m, mlen, rand, in _ec_sign()
495 * _ec_sign(). Returns 0 on success, -1 on error.
508 * -1 on error. On error, verification context is cleared to prevent further
526 ret = -1; in ec_verify_init()
528 hm->type != UNKNOWN_HASH_ALG; hm = &hash_maps[++i]) { in ec_verify_init()
529 if (hm->type == hash_type) { in ec_verify_init()
542 ret = -1; in ec_verify_init()
544 sm->type != UNKNOWN_ALG; sm = &ec_sig_maps[++i]) { in ec_verify_init()
545 if ((sm->type == sig_type) && (sm->verify_init != NULL)) { in ec_verify_init()
560 ctx->pub_key = pub_key; in ec_verify_init()
561 ctx->h = hm; in ec_verify_init()
562 ctx->sig = sm; in ec_verify_init()
563 ctx->adata = adata; in ec_verify_init()
564 ctx->adata_len = adata_len; in ec_verify_init()
565 ctx->ctx_magic = SIG_VERIFY_MAGIC; in ec_verify_init()
572 ret = sm->verify_init(ctx, sig, siglen); in ec_verify_init()
585 * Signature verification update function. Returns 0 on success, -1 on error.
594 ret = sig_mapping_sanity_check(ctx->sig); EG(ret, err); in ec_verify_update()
595 ret = hash_mapping_sanity_check(ctx->h); EG(ret, err); in ec_verify_update()
599 ret = ctx->sig->verify_update(ctx, chunk, chunklen); in ec_verify_update()
611 * Signature verification finalize function. Returns 0 on success, -1 on error.
619 ret = sig_mapping_sanity_check(ctx->sig); EG(ret, err); in ec_verify_finalize()
620 ret = hash_mapping_sanity_check(ctx->h); EG(ret, err); in ec_verify_finalize()
624 ret = ctx->sig->verify_finalize(ctx); in ec_verify_finalize()
636 * finalize). It returns 0 on success, -1 on error.
666 MUST_HAVE((sm != NULL) && (sm->verify != NULL), ret, err); in ec_verify()
668 ret = sm->verify(sig, siglen, pub_key, m, mlen, sig_type, in ec_verify()
676 const u8 **m, const u32 *m_len, u32 num, ec_alg_type sig_type, in ec_verify_batch() argument
686 MUST_HAVE((sm != NULL) && (sm->verify_batch != NULL), ret, err); in ec_verify_batch()
688 ret = sm->verify_batch(s, s_len, pub_keys, m, m_len, num, sig_type, in ec_verify_batch()
699 * The function returns 0 on success, -1 on error. out parameters (sig_type,
717 * - One byte = the EC algorithm type in ec_structured_sig_import_from_buf()
718 * - One byte = the hash algorithm type in ec_structured_sig_import_from_buf()
719 * - One byte = the curve type (FRP256V1, ...) in ec_structured_sig_import_from_buf()
738 * function returns 0 on success, -1 on error.
758 * - One byte = the EC algorithm type in ec_structured_sig_export_to_buf()
759 * - One byte = the hash algorithm type in ec_structured_sig_export_to_buf()
760 * - One byte = the curve type (FRP256V1, ...) in ec_structured_sig_export_to_buf()
790 return -1; in unsupported_sign_init()
802 return -1; in unsupported_sign_update()
813 return -1; in unsupported_sign_finalize()
825 return -1; in unsupported_verify_init()
837 return -1; in unsupported_verify_update()
846 return -1; in unsupported_verify_finalize()
851 const u8 **m, const u32 *m_len, u32 num, ec_alg_type sig_type, in unsupported_verify_batch() argument
859 FORCE_USED_VAR(num); in unsupported_verify_batch()
870 return -1; in unsupported_verify_batch()
876 * Return value is 0 on success, -1 on error. 'check' is only meaningful on
889 if ((sig->sign_init == unsupported_sign_init) || in is_sign_streaming_mode_supported()
890 (sig->sign_update == unsupported_sign_update) || in is_sign_streaming_mode_supported()
891 (sig->sign_finalize == unsupported_sign_finalize)) { in is_sign_streaming_mode_supported()
905 * Return value is 0 on success, -1 on error. 'check' is only meaningful on
918 if ((sig->verify_init == unsupported_verify_init) || in is_verify_streaming_mode_supported()
919 (sig->verify_update == unsupported_verify_update) || in is_verify_streaming_mode_supported()
920 (sig->verify_finalize == unsupported_verify_finalize)) { in is_verify_streaming_mode_supported()
934 * Return value is 0 on success, -1 on error. 'check' is only meaningful on
947 if (sig->verify_batch == unsupported_verify_batch) { in is_verify_batch_mode_supported()
963 * Return value is 0 on success, -1 on error. 'check' is only meaningful on
1011 ATTRIBUTE_WARN_UNUSED_RET static int _bubble_sort(verify_batch_scratch_pad *elements, u32 num) in _bubble_sort() argument
1017 MUST_HAVE((num >= 1), ret, err); in _bubble_sort()
1018 for(i = 0; i < (num - 1); i++){ in _bubble_sort()
1020 for(j = 0; j < (num - i - 1); j++){ in _bubble_sort()
1045 * Bos-Coster algorithm, presented e.g. in https://ed25519.cr.yp.to/ed25519-20110705.pdf
1047 * The Bos-Coster algorithm allows to optimize a sum of multi-scalar multiplications using
1052 int ec_verify_bos_coster(verify_batch_scratch_pad *elements, u32 num, bitcnt_t bits) in ec_verify_bos_coster() argument
1058 MUST_HAVE((num > 1), ret, err); in ec_verify_bos_coster()
1064 * the Bos-Coster algorithm supposes uniformly randomized in ec_verify_bos_coster()
1072 * of num to be lax). in ec_verify_bos_coster()
1074 MUST_HAVE((num * bits) >= num, ret, err); in ec_verify_bos_coster()
1075 MUST_HAVE((num * bits) >= bits, ret, err); in ec_verify_bos_coster()
1076 max_bos_coster_iterations = (num * bits); in ec_verify_bos_coster()
1079 /****** Bos-Coster algorithm ****************/ in ec_verify_bos_coster()
1080 for(i = 0; i < num; i++){ in ec_verify_bos_coster()
1086 ret = _bubble_sort(elements, num); EG(ret, err); in ec_verify_bos_coster()
1100 ret = -2; in ec_verify_bos_coster()