这篇教程C++ EC_POINT_get_affine_coordinates_GF2m函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中EC_POINT_get_affine_coordinates_GF2m函数的典型用法代码示例。如果您正苦于以下问题:C++ EC_POINT_get_affine_coordinates_GF2m函数的具体用法?C++ EC_POINT_get_affine_coordinates_GF2m怎么用?C++ EC_POINT_get_affine_coordinates_GF2m使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了EC_POINT_get_affine_coordinates_GF2m函数的26个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: MKEM_decode_messageintMKEM_decode_message(const MKEM *kp, uint8_t *secret, const uint8_t *message){ int use_curve0 = !(message[0] & kp->params->curve_bit); const EC_GROUP *ca = use_curve0 ? kp->params->c0 : kp->params->c1; const BIGNUM *sa = use_curve0 ? kp->s0 : kp->s1; EC_POINT *q = 0, *r = 0; uint8_t *unpadded = 0; BIGNUM x, y; size_t mlen = kp->params->msgsize; int rv; if (!kp->s0 || !kp->s1) /* secret key not available */ return -1; BN_init(&x); BN_init(&y); FAILZ(q = EC_POINT_new(ca)); FAILZ(r = EC_POINT_new(ca)); FAILZ(unpadded = malloc(mlen + 1)); /* Copy the message, erase the padding bits, and put an 0x02 byte on the front so we can use EC_POINT_oct2point to recover the y-coordinate. */ unpadded[0] = 0x02; unpadded[1] = (message[0] & ~(kp->params->pad_mask|kp->params->curve_bit)); memcpy(&unpadded[2], &message[1], mlen - 1); FAILZ(EC_POINT_oct2point(ca, q, unpadded, mlen + 1, kp->params->ctx)); FAILZ(EC_POINT_mul(ca, r, 0, q, sa, kp->params->ctx)); FAILZ(EC_POINT_get_affine_coordinates_GF2m(ca, q, &x, &y, kp->params->ctx)); if (bn2bin_padhi(&x, secret, mlen) != mlen) goto fail; FAILZ(EC_POINT_get_affine_coordinates_GF2m(ca, r, &x, &y, kp->params->ctx)); if (bn2bin_padhi(&x, secret + mlen, mlen) != mlen) goto fail; rv = 0; done: if (unpadded) { memset(unpadded, 0, mlen + 1); free(unpadded); } if (q) EC_POINT_clear_free(q); if (r) EC_POINT_clear_free(r); BN_clear(&x); BN_clear(&y); return rv; fail: rv = -1; memset(secret, 0, mlen * 2); goto done;}
开发者ID:zackw,项目名称:moeller-ref,代码行数:57,
示例2: ec_get_pubkeystatic int ec_get_pubkey(EC_KEY *key, BIGNUM *x, BIGNUM *y){ const EC_POINT *pt; const EC_GROUP *grp; const EC_METHOD *meth; int rv; BN_CTX *ctx; ctx = BN_CTX_new(); if (!ctx) return 0; grp = EC_KEY_get0_group(key); pt = EC_KEY_get0_public_key(key); meth = EC_GROUP_method_of(grp); if (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field) rv = EC_POINT_get_affine_coordinates_GFp(grp, pt, x, y, ctx); else# ifdef OPENSSL_NO_EC2M { fprintf(stderr, "ERROR: GF2m not supported/n"); exit(1); }# else rv = EC_POINT_get_affine_coordinates_GF2m(grp, pt, x, y, ctx);# endif BN_CTX_free(ctx); return rv;}
开发者ID:davidlt,项目名称:openssl-fedora,代码行数:30,
示例3: ec_GF2m_simple_make_affine/* Forces the given EC_POINT to internally use affine coordinates. */int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { BN_CTX *new_ctx = NULL; BIGNUM *x, *y; int ret = 0; if (point->Z_is_one || EC_POINT_is_at_infinity(group, point)) return 1; if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; if (!BN_copy(&point->X, x)) goto err; if (!BN_copy(&point->Y, y)) goto err; if (!BN_one(&point->Z)) goto err; ret = 1; err: if (ctx) BN_CTX_end(ctx); if (new_ctx) BN_CTX_free(new_ctx); return ret; }
开发者ID:vmlemon,项目名称:OpenBSD-lib-patches,代码行数:34,
示例4: ec_GF2m_simple_cmp/*- * Indicates whether two points are equal. * Return values: * -1 error * 0 equal (in affine coordinates) * 1 not equal */int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx){ BIGNUM *aX, *aY, *bX, *bY; BN_CTX *new_ctx = NULL; int ret = -1; if (EC_POINT_is_at_infinity(group, a)) { return EC_POINT_is_at_infinity(group, b) ? 0 : 1; } if (EC_POINT_is_at_infinity(group, b)) return 1; if (a->Z_is_one && b->Z_is_one) { return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return -1; } BN_CTX_start(ctx); aX = BN_CTX_get(ctx); aY = BN_CTX_get(ctx); bX = BN_CTX_get(ctx); bY = BN_CTX_get(ctx); if (bY == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, b, bX, bY, ctx)) goto err; ret = ((BN_cmp(aX, bX) == 0) && BN_cmp(aY, bY) == 0) ? 0 : 1; err: if (ctx) BN_CTX_end(ctx); if (new_ctx) BN_CTX_free(new_ctx); return ret;}
开发者ID:commshare,项目名称:testST,代码行数:53,
示例5: LOG_FUNCHandle<JwkEc> JwkEc::From(Handle<ScopedEVP_PKEY> pkey, int &key_type) { LOG_FUNC(); LOG_INFO("Check key_type"); if (!(key_type == NODESSL_KT_PRIVATE || key_type == NODESSL_KT_PUBLIC)) { THROW_ERROR("Wrong value of key_type"); } LOG_INFO("Check pkey"); if (pkey == nullptr) { THROW_ERROR("Key value is nullptr"); } if (pkey->Get()->type != EVP_PKEY_EC) { THROW_ERROR("Key is not EC type"); } LOG_INFO("Create JWK Object"); Handle<JwkEc> jwk(new JwkEc()); EC_KEY *ec = nullptr; const EC_POINT *point = nullptr; ScopedBN_CTX ctx(nullptr); const EC_GROUP *group = nullptr; LOG_INFO("Convert EC to JWK"); ec = pkey->Get()->pkey.ec; point = EC_KEY_get0_public_key(const_cast<const EC_KEY*>(ec)); group = EC_KEY_get0_group(ec); ctx = BN_CTX_new(); LOG_INFO("Get curve name"); jwk->crv = EC_GROUP_get_curve_name(group); ScopedBIGNUM x, y; x = BN_CTX_get(ctx.Get()); y = BN_CTX_get(ctx.Get()); LOG_INFO("Get public key"); if (1 != EC_POINT_get_affine_coordinates_GF2m(group, point, x.Get(), y.Get(), ctx.Get())) { THROW_OPENSSL("EC_POINT_get_affine_coordinates_GF2m"); } jwk->x = BN_dup(x.Get()); jwk->y = BN_dup(y.Get()); if (key_type == NODESSL_KT_PRIVATE) { const BIGNUM *d = EC_KEY_get0_private_key(const_cast<const EC_KEY*>(ec)); jwk->d = BN_dup(d); if (jwk->d.isEmpty()) { THROW_OPENSSL("EC_KEY_get0_private_key"); } } return jwk;}
开发者ID:Seikho,项目名称:node-webcrypto-ossl,代码行数:56,
示例6: test_ecdh_curvestatic int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out){ EC_KEY *a = NULL; EC_KEY *b = NULL; BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL; char buf[12]; unsigned char *abuf = NULL, *bbuf = NULL; int i, alen, blen, aout, bout, ret = 0; const EC_GROUP *group; a = EC_KEY_new_by_curve_name(nid); b = EC_KEY_new_by_curve_name(nid); if (a == NULL || b == NULL) goto err; group = EC_KEY_get0_group(a); if ((x_a = BN_new()) == NULL) goto err; if ((y_a = BN_new()) == NULL) goto err; if ((x_b = BN_new()) == NULL) goto err; if ((y_b = BN_new()) == NULL) goto err; BIO_puts(out, "Testing key generation with "); BIO_puts(out, text);# ifdef NOISY BIO_puts(out, "/n");# else (void)BIO_flush(out);# endif if (!EC_KEY_generate_key(a)) goto err; if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; }# ifndef OPENSSL_NO_EC2M else { if (!EC_POINT_get_affine_coordinates_GF2m(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; }# endif# ifdef NOISY BIO_puts(out, " pri 1="); BN_print(out, a->priv_key); BIO_puts(out, "/n pub 1="); BN_print(out, x_a); BIO_puts(out, ","); BN_print(out, y_a); BIO_puts(out, "/n");# else BIO_printf(out, " ."); (void)BIO_flush(out);# endif if (!EC_KEY_generate_key(b)) goto err; if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; }# ifndef OPENSSL_NO_EC2M else { if (!EC_POINT_get_affine_coordinates_GF2m(group, EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; }# endif# ifdef NOISY BIO_puts(out, " pri 2="); BN_print(out, b->priv_key); BIO_puts(out, "/n pub 2="); BN_print(out, x_b); BIO_puts(out, ","); BN_print(out, y_b); BIO_puts(out, "/n");# else BIO_printf(out, "."); (void)BIO_flush(out);# endif alen = KDF1_SHA1_len; abuf = (unsigned char *)OPENSSL_malloc(alen); aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);//.........这里部分代码省略.........
开发者ID:derekmarcotte,项目名称:freebsd,代码行数:101,
示例7: ecdsa_sign_setupstatic int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp){ BN_CTX *ctx = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; EC_POINT *tmp_point=NULL; const EC_GROUP *group; int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE); return 0; } } else ctx = ctx_in; k = BN_new(); /* this value is later returned in *kinvp */ r = BN_new(); /* this value is later returned in *rp */ order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } do { /* get random k */ do if (!BN_rand_range(k, order)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } while (BN_is_zero(k)); /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } } else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } } if (!BN_nnmod(r, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); goto err; } } while (BN_is_zero(r)); /* compute the inverse of k */ if (!BN_mod_inverse(k, k, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); goto err; } /* clear old values if necessary */ if (*rp != NULL) BN_clear_free(*rp); if (*kinvp != NULL) //.........这里部分代码省略.........
开发者ID:12019,项目名称:vendor_st-ericsson_u8500,代码行数:101,
示例8: ecdsa_do_verify//.........这里部分代码省略......... goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (8 * dgst_len > BN_num_bits(order)) { /* XXX * * Should provide for optional hash truncation: * Keep the BN_num_bits(order) leftmost bits of dgst * (see March 2006 FIPS 186-3 draft, which has a few * confusing errors in this part though) */ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); ret = 0; goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE); ret = 0; /* signature is invalid */ goto err; } /* calculate tmp1 = inv(S) mod order */ if (!BN_mod_inverse(u2, sig->s, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* digest -> m */ if (!BN_bin2bn(dgst, dgst_len, m)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* u1 = m * tmp mod order */ if (!BN_mod_mul(u1, m, u2, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* u2 = r * w mod q */ if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } if ((point = EC_POINT_new(group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } } else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } } if (!BN_nnmod(u1, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* if the signature is correct u1 is equal to sig->r */ ret = (BN_ucmp(u1, sig->r) == 0);err: BN_CTX_end(ctx); BN_CTX_free(ctx); if (point) EC_POINT_free(point); return ret;}
开发者ID:LucidOne,项目名称:Rovio,代码行数:101,
示例9: SM2err//.........这里部分代码省略......... ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR); goto end; } nbytes = (EC_GROUP_get_degree(group) + 7) / 8; /* check [h]P_B != O */ if (!EC_POINT_mul(group, share_point, NULL, pub_key, h, bn_ctx)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } if (EC_POINT_is_at_infinity(group, share_point)) { SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_PUBLIC_KEY); goto end; } do { size_t size; /* rand k in [1, n-1] */ do { BN_rand_range(k, n); } while (BN_is_zero(k)); /* compute ephem_point [k]G = (x1, y1) */ if (!EC_POINT_mul(group, ephem_point, k, NULL, NULL, bn_ctx)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } /* compute ECDH share_point [k]P_B = (x2, y2) */ if (!EC_POINT_mul(group, share_point, NULL, pub_key, k, bn_ctx)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } /* compute t = KDF(x2 || y2, klen) */ if (!(len = EC_POINT_point2oct(group, share_point, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), bn_ctx))) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } size = cv->ciphertext->length; kdf(buf + 1, len - 1, cv->ciphertext->data, &size); if (size != inlen) { SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_KDF_FAILURE); goto end; } /* ASN1_OCTET_STRING_is_zero in asn1.h and a_octet.c */ } while (ASN1_OCTET_STRING_is_zero(cv->ciphertext)); /* set x/yCoordinates as (x1, y1) */ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, ephem_point, cv->xCoordinate, cv->yCoordinate, bn_ctx)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } } else { if (!EC_POINT_get_affine_coordinates_GF2m(group, ephem_point, cv->xCoordinate, cv->yCoordinate, bn_ctx)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB); goto end; } } /* ciphertext = t xor in */ for (i = 0; i < inlen; i++) { cv->ciphertext->data[i] ^= in[i]; } /* generate hash = Hash(x2 || M || y2) */ hashlen = cv->hash->length; if (!EVP_DigestInit_ex(md_ctx, md, NULL) || !EVP_DigestUpdate(md_ctx, buf + 1, nbytes) || !EVP_DigestUpdate(md_ctx, in, inlen) || !EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes) || !EVP_DigestFinal_ex(md_ctx, cv->hash->data, &hashlen)) { SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EVP_LIB); goto end; } ret = cv; cv = NULL;end: SM2CiphertextValue_free(cv); EC_POINT_free(share_point); EC_POINT_free(ephem_point); BN_free(n); BN_free(h); BN_clear_free(k); BN_CTX_free(bn_ctx); EVP_MD_CTX_free(md_ctx); return ret;}
开发者ID:winstard,项目名称:GmSSL,代码行数:101,
示例10: ecdh_compute_key/* This implementation is based on the following primitives in the IEEE 1363 standard: * - ECKAS-DH1 * - ECSVDP-DH * Finally an optional KDF is applied. */static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) { BN_CTX *ctx; EC_POINT *tmp=NULL; BIGNUM *x=NULL, *y=NULL; const BIGNUM *priv_key; const EC_GROUP* group; int ret= -1; size_t buflen, len; unsigned char *buf=NULL; if (outlen > INT_MAX) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ return -1; } if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); priv_key = EC_KEY_get0_private_key(ecdh); if (priv_key == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); goto err; } group = EC_KEY_get0_group(ecdh); if ((tmp=EC_POINT_new(group)) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } }#ifndef OPENSSL_NO_EC2M else { if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } }#endif buflen = (EC_GROUP_get_degree(group) + 7)/8; len = BN_num_bytes(x); if (len > buflen) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); goto err; } if ((buf = malloc(buflen)) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); goto err; } memset(buf, 0, buflen - len); if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); goto err; } if (KDF != 0) { if (KDF(buf, buflen, out, &outlen) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED); goto err; } ret = outlen; } else { /* no KDF, just copy as much as we can *///.........这里部分代码省略.........
开发者ID:Basskrapfen,项目名称:openbsd,代码行数:101,
示例11: char2_field_testsvoid char2_field_tests() { BN_CTX *ctx = NULL; BIGNUM *p, *a, *b; EC_GROUP *group; EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 = NULL, *C2_K571 = NULL; EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; EC_POINT *P, *Q, *R; BIGNUM *x, *y, *z, *cof; unsigned char buf[100]; size_t i, len; int k; #if 1 /* optional */ ctx = BN_CTX_new(); if (!ctx) ABORT;#endif p = BN_new(); a = BN_new(); b = BN_new(); if (!p || !a || !b) ABORT; if (!BN_hex2bn(&p, "13")) ABORT; if (!BN_hex2bn(&a, "3")) ABORT; if (!BN_hex2bn(&b, "1")) ABORT; group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use EC_GROUP_new_curve_GF2m * so that the library gets to choose the EC_METHOD */ if (!group) ABORT; if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; { EC_GROUP *tmp; tmp = EC_GROUP_new(EC_GROUP_method_of(group)); if (!tmp) ABORT; if (!EC_GROUP_copy(tmp, group)) ABORT; EC_GROUP_free(group); group = tmp; } if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx)) ABORT; fprintf(stdout, "Curve defined by Weierstrass equation/n y^2 + x*y = x^3 + a*x^2 + b (mod 0x"); BN_print_fp(stdout, p); fprintf(stdout, ")/n a = 0x"); BN_print_fp(stdout, a); fprintf(stdout, "/n b = 0x"); BN_print_fp(stdout, b); fprintf(stdout, "/n(0x... means binary polynomial)/n"); P = EC_POINT_new(group); Q = EC_POINT_new(group); R = EC_POINT_new(group); if (!P || !Q || !R) ABORT; if (!EC_POINT_set_to_infinity(group, P)) ABORT; if (!EC_POINT_is_at_infinity(group, P)) ABORT; buf[0] = 0; if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT; if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, P)) ABORT; x = BN_new(); y = BN_new(); z = BN_new(); cof = BN_new(); if (!x || !y || !z || !cof) ABORT; if (!BN_hex2bn(&x, "6")) ABORT;/* Change test based on whether binary point compression is enabled or not. */#ifdef OPENSSL_EC_BIN_PT_COMP if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx)) ABORT;#else if (!BN_hex2bn(&y, "8")) ABORT; if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT;#endif if (!EC_POINT_is_on_curve(group, Q, ctx)) {/* Change test based on whether binary point compression is enabled or not. */#ifdef OPENSSL_EC_BIN_PT_COMP if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT;#endif fprintf(stderr, "Point is not on curve: x = 0x"); BN_print_fp(stderr, x); fprintf(stderr, ", y = 0x"); BN_print_fp(stderr, y); fprintf(stderr, "/n"); ABORT; } fprintf(stdout, "A cyclic subgroup:/n"); k = 100; do { if (k-- == 0) ABORT; if (EC_POINT_is_at_infinity(group, P))//.........这里部分代码省略.........
开发者ID:174high,项目名称:openssl-0.9.8e_linux_porting,代码行数:101,
示例12: ec_GF2m_simple_add/* * Computes a + b and stores the result in r. r could be a or b, a could be * b. Uses algorithm A.10.2 of IEEE P1363. */int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx){ BN_CTX *new_ctx = NULL; BIGNUM *x0, *y0, *x1, *y1, *x2, *y2, *s, *t; int ret = 0; if (EC_POINT_is_at_infinity(group, a)) { if (!EC_POINT_copy(r, b)) return 0; return 1; } if (EC_POINT_is_at_infinity(group, b)) { if (!EC_POINT_copy(r, a)) return 0; return 1; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); x0 = BN_CTX_get(ctx); y0 = BN_CTX_get(ctx); x1 = BN_CTX_get(ctx); y1 = BN_CTX_get(ctx); x2 = BN_CTX_get(ctx); y2 = BN_CTX_get(ctx); s = BN_CTX_get(ctx); t = BN_CTX_get(ctx); if (t == NULL) goto err; if (a->Z_is_one) { if (!BN_copy(x0, &a->X)) goto err; if (!BN_copy(y0, &a->Y)) goto err; } else { if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x0, y0, ctx)) goto err; } if (b->Z_is_one) { if (!BN_copy(x1, &b->X)) goto err; if (!BN_copy(y1, &b->Y)) goto err; } else { if (!EC_POINT_get_affine_coordinates_GF2m(group, b, x1, y1, ctx)) goto err; } if (BN_GF2m_cmp(x0, x1)) { if (!BN_GF2m_add(t, x0, x1)) goto err; if (!BN_GF2m_add(s, y0, y1)) goto err; if (!group->meth->field_div(group, s, s, t, ctx)) goto err; if (!group->meth->field_sqr(group, x2, s, ctx)) goto err; if (!BN_GF2m_add(x2, x2, &group->a)) goto err; if (!BN_GF2m_add(x2, x2, s)) goto err; if (!BN_GF2m_add(x2, x2, t)) goto err; } else { if (BN_GF2m_cmp(y0, y1) || BN_is_zero(x1)) { if (!EC_POINT_set_to_infinity(group, r)) goto err; ret = 1; goto err; } if (!group->meth->field_div(group, s, y1, x1, ctx)) goto err; if (!BN_GF2m_add(s, s, x1)) goto err; if (!group->meth->field_sqr(group, x2, s, ctx)) goto err; if (!BN_GF2m_add(x2, x2, s)) goto err; if (!BN_GF2m_add(x2, x2, &group->a)) goto err; } if (!BN_GF2m_add(y2, x1, x2)) goto err; if (!group->meth->field_mul(group, y2, y2, s, ctx)) goto err; if (!BN_GF2m_add(y2, y2, x2))//.........这里部分代码省略.........
开发者ID:commshare,项目名称:testST,代码行数:101,
示例13: eccVerifySignature//.........这里部分代码省略......... ctx = BN_CTX_new(); order = BN_new(); e = BN_new(); t = BN_new(); if (!ctx || !order || !e || !t) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_GROUP_get_order(ec_group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } /* check r, s in [1, n-1] and r + s != 0 (mod n) */ if (BN_is_zero(r) || BN_is_negative(r) || BN_ucmp(r, order) >= 0 || BN_is_zero(s) || BN_is_negative(s) || BN_ucmp(s, order) >= 0) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE); ret = 0; goto err; } /* check t = r + s != 0 */ if (!BN_mod_add(t, r, s, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } if (BN_is_zero(t)) { ret = 0; goto err; } /* convert digest to e */ i = BN_num_bits(order);#if 0 if (8 * dgstlen > i) { dgstlen = (i + 7)/8; }#endif if (!BN_bin2bn(rgbHashData, 32, e)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; }#if 0 if ((8 * dgstlen > i) && !BN_rshift(e, e, 8 - (i & 0x7))) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; }#endif /* compute (x, y) = sG + tP, P is pub_key */ if (!(point = EC_POINT_new(ec_group))) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(ec_group, point, s, pub_key, t, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, t, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } } else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, t, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } } if (!BN_nnmod(t, t, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* check (sG + tP).x + e == sig.r */ if (!BN_mod_add(t, t, e, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } if (BN_ucmp(t, r) == 0) { ret = SM2_VERIFY_SUCCESS; } else { ret = SM2_VERIFY_FAILED; }err: if (point) EC_POINT_free(point); if (order) BN_free(order); if (e) BN_free(e); if (t) BN_free(t); if (ctx) BN_CTX_free(ctx); return 0;}
开发者ID:chanuei,项目名称:dmverify-analysis,代码行数:101,
示例14: ecdsa_do_verify//.........这里部分代码省略......... { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE); ret = 0; /* signature is invalid */ goto err; } /* calculate tmp1 = inv(S) mod order */ if (!BN_mod_inverse(u2, sig->s, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* digest -> m */ i = BN_num_bits(order); /* Need to truncate digest if it is too long: first truncate whole * bytes. */ if (8 * dgst_len > i) dgst_len = (i + 7)/8; if (!BN_bin2bn(dgst, dgst_len, m)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* If still too long truncate remaining bits with a shift */ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* u1 = m * tmp mod order */ if (!BN_mod_mul(u1, m, u2, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* u2 = r * w mod q */ if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } if ((point = EC_POINT_new(group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } }#ifndef OPENSSL_NO_EC2M else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; } }#endif if (!BN_nnmod(u1, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } /* if the signature is correct u1 is equal to sig->r */ ret = (BN_ucmp(u1, sig->r) == 0);err: BN_CTX_end(ctx); BN_CTX_free(ctx); if (point) EC_POINT_free(point); return ret;}
开发者ID:izick,项目名称:eme,代码行数:101,
示例15: compute_keystatic int compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)){ const EC_GROUP* group; int ret; group = EC_KEY_get0_group(ecdh); // only use our solution if the curve name is SECT163K1 if (EC_GROUP_get_curve_name(group) == NID_sect163k1) { const BIGNUM* rkey; BN_CTX *ctx; BIGNUM* x, *y; mm256_point_t p, q; mm_256 mkey; int r; ctx = BN_CTX_new(); BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); rkey = EC_KEY_get0_private_key(ecdh); memset(&mkey, 0, sizeof(mkey)); memcpy(&mkey, rkey->d, sizeof(rkey->d[0]) * rkey->top); ec2m_import_key(&mkey); r = EC_POINT_get_affine_coordinates_GF2m(group, pub_key, x, y, ctx); memset(&p, 0, sizeof(p)); memcpy(&p.x, x->d, sizeof(x->d[0]) * x->top); memcpy(&p.y, y->d, sizeof(y->d[0]) * y->top); p.z.iv[0] = 1; r = ec2m_private_operation(&p, &q); if (r < 0) { fprintf(stderr, "invalid result: %d/n", r); } int xlen = (163 + 7) / 8; if (KDF != 0) { if (KDF(&q.x, xlen, out, &outlen) == NULL) { return -1; } ret = outlen; } else { /* no KDF, just copy as much as we can */ if (outlen > xlen) outlen = xlen; memcpy(out, &q.x, outlen); ret = outlen; } BN_CTX_end(ctx); BN_CTX_free(ctx); } else { // use the default method const ECDH_METHOD* meth = ECDH_OpenSSL(); return meth->compute_key(out, outlen, pub_key, ecdh, KDF); } return ret;}
开发者ID:winstard,项目名称:GmSSL,代码行数:69,
示例16: ecdh_simple_compute_key/*- * This implementation is based on the following primitives in the IEEE 1363 standard: * - ECKAS-DH1 * - ECSVDP-DH */int ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, const EC_POINT *pub_key, const EC_KEY *ecdh){ BN_CTX *ctx; EC_POINT *tmp = NULL; BIGNUM *x = NULL, *y = NULL; const BIGNUM *priv_key; const EC_GROUP *group; int ret = 0; size_t buflen, len; unsigned char *buf = NULL; if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); priv_key = EC_KEY_get0_private_key(ecdh); if (priv_key == NULL) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_NO_PRIVATE_VALUE); goto err; } group = EC_KEY_get0_group(ecdh); if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) { if (!EC_GROUP_get_cofactor(group, x, NULL) || !BN_mul(x, x, priv_key, ctx)) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); goto err; } priv_key = x; } if ((tmp = EC_POINT_new(group)) == NULL) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE); goto err; } }#ifndef OPENSSL_NO_EC2M else { if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE); goto err; } }#endif buflen = (EC_GROUP_get_degree(group) + 7) / 8; len = BN_num_bytes(x); if (len > buflen) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); goto err; } if ((buf = OPENSSL_malloc(buflen)) == NULL) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); goto err; } memset(buf, 0, buflen - len); if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) { ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, ERR_R_BN_LIB); goto err; } *pout = buf; *poutlen = buflen; buf = NULL; ret = 1; err: EC_POINT_free(tmp); if (ctx) BN_CTX_end(ctx); BN_CTX_free(ctx); OPENSSL_free(buf); return ret;}
开发者ID:277800076,项目名称:openssl,代码行数:97,
示例17: mainint main(int argc, char *argv[]) { void *bb; BN_CTX *ctx = NULL; int nid; BIO *out; CRYPTO_malloc_debug_init(); CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); const char *text = "NIST Prime-Curve P-192";#ifdef OPENSSL_SYS_WIN32 CRYPTO_malloc_init();#endif RAND_seed(rnd_seed, sizeof rnd_seed); out = BIO_new(BIO_s_file()); if (out == NULL) EXIT(1); BIO_set_fp(out, stdout, BIO_NOCLOSE); if ((ctx = BN_CTX_new()) == NULL) goto err; nid = NID_X9_62_prime192v1; //EC_POINT *bb; EC_KEY *a = NULL; //EC_KEY is a structure BIGNUM *x_a = NULL, *y_a = NULL; char buf[12]; //unsigned char *abuf=NULL,*bbuf=NULL; int i, alen, blen, aout, bout; const EC_GROUP *group; a = EC_KEY_new_by_curve_name(nid); if (a == NULL) goto err; group = EC_KEY_get0_group(a); if ((x_a = BN_new()) == NULL) goto err; //BN_new returns a pointer to the bignum if ((y_a = BN_new()) == NULL) goto err; BIO_puts(out, "Testing key generation with "); BIO_puts(out, text); if (!EC_KEY_generate_key(a)) goto err; printf("/n1 ) generating keys/n"); if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } //returns the public key else { if (!EC_POINT_get_affine_coordinates_GF2m(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } BIO_puts(out, " pri 1="); BN_print(out, EC_KEY_get0_private_key(a)); BIO_puts(out, "/n pub 1="); BN_print(out, x_a); BIO_puts(out, ","); BN_print(out, y_a); BIO_puts(out, "/n"); func(EC_KEY_get0_public_key(a)); err: ERR_print_errors_fp(stderr); if (x_a) BN_free(x_a); if (y_a) BN_free(y_a); if (a) EC_KEY_free(a); if (ctx) BN_CTX_free(ctx); BIO_free(out); CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); CRYPTO_mem_leaks_fp(stderr); return 0;}
开发者ID:AIdrifter,项目名称:EllipticCurveCryptography,代码行数:92,
示例18: main return NULL;#endif}int main(void) { unsigned char *abuf = NULL; //const EC_POINT *public_key; int i, alen, aout, jj = 0; int sockfd, new_fd; // listen on sock_fd, new connection on new_fd struct sockaddr_in my_addr; // my address information struct sockaddr_in their_addr; // connector's address information socklen_t sin_size; int yes = 1, numbytes; char buf[MAXDATASIZE]; /*//////////////////////////////////////////////////////////////Generating Keys/////////////////////////////////////*/ BN_CTX *ctx = NULL; int nid; BIO *out; CRYPTO_malloc_debug_init(); CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); const char *text = "NIST Prime-Curve P-192";#ifdef OPENSSL_SYS_WIN32 CRYPTO_malloc_init();#endif RAND_seed(rnd_seed, sizeof rnd_seed); out = BIO_new(BIO_s_file()); if (out == NULL) EXIT(1); BIO_set_fp(out, stdout, BIO_NOCLOSE); if ((ctx = BN_CTX_new()) == NULL) goto err; nid = NID_X9_62_prime192v1; EC_KEY *a = NULL; //EC_KEY is a structure BIGNUM *x_a = NULL, *y_a = NULL; const BIGNUM *BIG = NULL; char *buff; //unsigned char *abuf=NULL,*bbuf=NULL; const EC_GROUP *group; a = EC_KEY_new_by_curve_name(nid); if (a == NULL) goto err; group = EC_KEY_get0_group(a); // aa=EC_POINT_new(group); if ((x_a = BN_new()) == NULL) goto err; //BN_new returns a pointer to the bignum if ((y_a = BN_new()) == NULL) goto err; // if ((BIG=BN_new()) == NULL) goto err; BIO_puts(out, "Testing key generation with "); BIO_puts(out, text); if (!EC_KEY_generate_key(a)) goto err; printf("/n1 ) generating keys/n"); if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } //returns the public key else { if (!EC_POINT_get_affine_coordinates_GF2m(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } BIO_puts(out, " pri 1="); BN_print(out, EC_KEY_get0_private_key(a)); BIO_puts(out, "/n pub 1="); BN_print(out, x_a); BIO_puts(out, ","); BN_print(out, y_a); BIO_puts(out, "/n"); /* printf("importnt work/n"); //BN_print(out,x_a); buff=BN_bn2dec(x_a); printf("%s/n",buff); BN_dec2bn(&(x_a),buff); printf("%s/n",buff); BN_print(out,x_a); */ /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////*///.........这里部分代码省略.........
开发者ID:AIdrifter,项目名称:EllipticCurveCryptography,代码行数:101,
示例19: test_ecdh_curvestatic int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) { printf("in ecdh test/n"); EC_KEY *a = NULL; //EC_KEY is a structure EC_KEY *b = NULL; BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL; char buf[12]; unsigned char *abuf = NULL, *bbuf = NULL; int i, alen, blen, aout, bout, ret = 0; const EC_GROUP *group; a = EC_KEY_new_by_curve_name(nid);// creates a new key according to the curve specified//it fills in the EC_KEY structure // use function called EC_KEY *EC_KEY_new(void)//also use a function called EC_GROUP_new_by_curve_name() creates a EC_GROUP structure specified by a curve name (in form of a NID) */// the group returned is set in the EC_KEY structure. b = EC_KEY_new_by_curve_name(nid); if (a == NULL || b == NULL) goto err; group = EC_KEY_get0_group(a); //returns the EC_GROUP structure created by the EC_KEY structure//EC_GROUP structure is present in the EC_KEY structure. if ((x_a = BN_new()) == NULL) goto err; //BN_new returns a pointer to the bignum if ((y_a = BN_new()) == NULL) goto err; if ((x_b = BN_new()) == NULL) goto err; if ((y_b = BN_new()) == NULL) goto err; BIO_puts(out, "Testing key generation with "); BIO_puts(out, text);#ifdef NOISY printf ("noisy"); BIO_puts(out,"/n"); BIO_puts(out,"/n"); BIO_puts(out,"/n");#else BIO_flush(out);#endif//public key number one is created here if (!EC_KEY_generate_key(a)) goto err; //pass the filled EC_KEY structure and it will create a public or private ec key.//it places the key in a->priv_key a->pub_key /// PUBLIC AND PVT KEYS ARE GENERATED BY THE SCALAR MULTIPLICATION printf("/n1 ) generating keys/n"); if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } //returns the public key else { if (!EC_POINT_get_affine_coordinates_GF2m(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } //BN_print_fp(stdout, a->pub_key); printf("private key is : "); BN_print_fp(stdout, EC_KEY_get0_private_key(a)); printf("/nAffine cordinates x:"); BN_print_fp(stdout, x_a); printf("/nAffine cordinates y:"); BN_print_fp(stdout, y_a); printf( "/n2 ) generated keys , generated affine points x and y , and also determided the primse brinary case/n");#ifdef NOISY printf("no generation"); BIO_puts(out," pri 1="); BN_print(out,a->priv_key); BIO_puts(out,"/n pub 1="); BN_print(out,x_a); BIO_puts(out,","); BN_print(out,y_a); BIO_puts(out,"/n");#else BIO_printf(out, " ."); BIO_flush(out);#endif//public key number two is created here if (!EC_KEY_generate_key(b)) goto err; if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group,//.........这里部分代码省略.........
开发者ID:AIdrifter,项目名称:EllipticCurveCryptography,代码行数:101,
示例20: EC_KEY_set_public_key_affine_coordinatesint EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y){ BN_CTX *ctx = NULL; BIGNUM *tx, *ty; EC_POINT *point = NULL; int ok = 0;#ifndef OPENSSL_NO_EC2M int tmp_nid, is_char_two = 0;#endif if (key == NULL || key->group == NULL || x == NULL || y == NULL) { ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx = BN_CTX_new(); if (ctx == NULL) return 0; BN_CTX_start(ctx); point = EC_POINT_new(key->group); if (point == NULL) goto err; tx = BN_CTX_get(ctx); ty = BN_CTX_get(ctx); if (ty == NULL) goto err;#ifndef OPENSSL_NO_EC2M tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group)); if (tmp_nid == NID_X9_62_characteristic_two_field) is_char_two = 1; if (is_char_two) { if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, x, y, ctx)) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point, tx, ty, ctx)) goto err; } else#endif { if (!EC_POINT_set_affine_coordinates_GFp(key->group, point, x, y, ctx)) goto err; if (!EC_POINT_get_affine_coordinates_GFp(key->group, point, tx, ty, ctx)) goto err; } /* * Check if retrieved coordinates match originals and are less than field * order: if not values are out of range. */ if (BN_cmp(x, tx) || BN_cmp(y, ty) || (BN_cmp(x, key->group->field) >= 0) || (BN_cmp(y, key->group->field) >= 0)) { ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, EC_R_COORDINATES_OUT_OF_RANGE); goto err; } if (!EC_KEY_set_public_key(key, point)) goto err; if (EC_KEY_check_key(key) == 0) goto err; ok = 1; err: BN_CTX_end(ctx); BN_CTX_free(ctx); EC_POINT_free(point); return ok;}
开发者ID:PeterMosmans,项目名称:openssl,代码行数:81,
示例21: ec_GF2m_simple_point2oct/* * Converts an EC_POINT to an octet string. If buf is NULL, the encoded * length will be returned. If the length len of buf is smaller than required * an error will be returned. */size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *ctx){ size_t ret; BN_CTX *new_ctx = NULL; int used_ctx = 0; BIGNUM *x, *y, *yxi; size_t field_len, i, skip; if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM); goto err; } if (EC_POINT_is_at_infinity(group, point)) { /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; } return 1; } /* ret := required output buffer length */ field_len = (EC_GROUP_get_degree(group) + 7) / 8; ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL); goto err; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); used_ctx = 1; x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); yxi = BN_CTX_get(ctx); if (yxi == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; buf[0] = form; if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) { if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err; if (BN_is_odd(yxi)) buf[0]++; } i = 1; skip = field_len - BN_num_bytes(x); if (skip > field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } while (skip > 0) { buf[i++] = 0; skip--; } skip = BN_bn2bin(x, buf + i); i += skip; if (i != 1 + field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID) { skip = field_len - BN_num_bytes(y); if (skip > field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } while (skip > 0) { buf[i++] = 0; skip--;//.........这里部分代码省略.........
开发者ID:commshare,项目名称:testST,代码行数:101,
示例22: ecdsa_sign_setupstatic int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp, const unsigned char *dgst, int dlen){ BN_CTX *ctx = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; EC_POINT *tmp_point = NULL; const EC_GROUP *group; int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); return 0; } } else ctx = ctx_in; k = BN_new(); /* this value is later returned in *kinvp */ r = BN_new(); /* this value is later returned in *rp */ order = BN_new(); X = BN_new(); if (k == NULL || r == NULL || order == NULL || X == NULL) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } do { /* get random k */ do if (dgst != NULL) { if (!BN_generate_dsa_nonce (k, order, EC_KEY_get0_private_key(eckey), dgst, dlen, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, EC_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } else { if (!BN_rand_range(k, order)) { ECerr(EC_F_ECDSA_SIGN_SETUP, EC_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } while (BN_is_zero(k)); /* * We do not want timing information to leak the length of k, so we * compute G*k using an equivalent scalar of fixed bit-length. */ if (!BN_add(k, k, order)) goto err; if (BN_num_bits(k) <= BN_num_bits(order)) if (!BN_add(k, k, order)) goto err; /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp (group, tmp_point, X, NULL, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } }#ifndef OPENSSL_NO_EC2M else { /* NID_X9_62_characteristic_two_field */ if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp_point, X, NULL, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } }#endif if (!BN_nnmod(r, X, order, ctx)) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); goto err; } }//.........这里部分代码省略.........
开发者ID:AndreV84,项目名称:openssl,代码行数:101,
示例23: ecdsa_sign_setupstatic int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp){ BN_CTX *ctx = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; EC_POINT *tmp_point = NULL; const EC_GROUP *group; int ret = 0; int order_bits; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); return 0; } } else ctx = ctx_in; k = BN_new(); /* this value is later returned in *kinvp */ r = BN_new(); /* this value is later returned in *rp */ order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } /* Preallocate space */ order_bits = BN_num_bits(order); if (!BN_set_bit(k, order_bits) || !BN_set_bit(r, order_bits) || !BN_set_bit(X, order_bits)) goto err; do { /* get random k */ do if (!BN_rand_range(k, order)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } while (BN_is_zero(k)) ; /* * We do not want timing information to leak the length of k, so we * compute G*k using an equivalent scalar of fixed bit-length. * * We unconditionally perform both of these additions to prevent a * small timing information leakage. We then choose the sum that is * one bit longer than the order. This guarantees the code * path used in the constant time implementations elsewhere. * * TODO: revisit the BN_copy aiming for a memory access agnostic * conditional copy. */ if (!BN_add(r, k, order) || !BN_add(X, r, order) || !BN_copy(k, BN_num_bits(r) > order_bits ? r : X)) goto err; /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp (group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } }#ifndef OPENSSL_NO_EC2M else { /* NID_X9_62_characteristic_two_field */ if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } }#endif if (!BN_nnmod(r, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);//.........这里部分代码省略.........
开发者ID:pavel-pimenov,项目名称:flylinkdc-r5xx,代码行数:101,
示例24: MKEM_generate_message_uintMKEM_generate_message_u(const MKEM *kp, const BIGNUM *uraw, uint8_t pad, uint8_t *secret, uint8_t *message){ BIGNUM u, x, y; int use_curve0 = (BN_cmp(uraw, kp->params->n0) < 0); const EC_GROUP *ca; const EC_POINT *ga; const EC_POINT *pa; EC_POINT *q = 0, *r = 0; size_t mlen = kp->params->msgsize; int rv; BN_init(&u); BN_init(&x); BN_init(&y); if (use_curve0) { ca = kp->params->c0; ga = kp->params->g0; pa = kp->p0; FAILZ(BN_copy(&u, uraw)); } else { ca = kp->params->c1; ga = kp->params->g1; pa = kp->p1; FAILZ(BN_sub(&u, uraw, kp->params->n0)); FAILZ(BN_add(&u, &u, BN_value_one())); } FAILZ(q = EC_POINT_new(ca)); FAILZ(r = EC_POINT_new(ca)); FAILZ(EC_POINT_mul(ca, q, 0, ga, &u, kp->params->ctx)); FAILZ(EC_POINT_mul(ca, r, 0, pa, &u, kp->params->ctx)); FAILZ(EC_POINT_get_affine_coordinates_GF2m(ca, q, &x, &y, kp->params->ctx)); if (bn2bin_padhi(&x, message, mlen) != mlen) goto fail; if (message[0] & (kp->params->pad_mask|kp->params->curve_bit)) /* see below */ goto fail; memcpy(secret, message, mlen); FAILZ(EC_POINT_get_affine_coordinates_GF2m(ca, r, &x, &y, kp->params->ctx)); if (bn2bin_padhi(&x, secret + mlen, mlen) != mlen) goto fail; /* K high bits of the message will be zero. Fill in the high K-1 of them with random bits from the pad, and use the lowest bit to identify the curve in use. That bit will have a bias on the order of 2^{-d/2} where d is the bit-degree of the curve; 2^{-81} for the only curve presently implemented. This is acceptably small since an elliptic curve of d bits gives only about d/2 bits of security anyway, and is much better than allowing a timing attack via the recipient having to attempt point decompression twice for curve 1 but only once for curve 0 (or, alternatively, doubling the time required for all decryptions). */ pad &= kp->params->pad_mask; pad |= (use_curve0 ? 0 : kp->params->curve_bit); message[0] |= pad; rv = 0; done: BN_clear(&u); BN_clear(&x); BN_clear(&y); if (q) EC_POINT_clear_free(q); if (r) EC_POINT_clear_free(r); return rv; fail: memset(message, 0, mlen); memset(secret, 0, mlen * 2); rv = -1; goto done;}
开发者ID:zackw,项目名称:moeller-ref,代码行数:76,
示例25: ecdsa_sign_setupstatic int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp){ BN_CTX *ctx = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; EC_POINT *tmp_point=NULL; const EC_GROUP *group; int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE); return 0; } } else ctx = ctx_in; k = BN_new(); /* this value is later returned in *kinvp */ r = BN_new(); /* this value is later returned in *rp */ order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; }#ifdef OPENSSL_FIPS if (!fips_check_ec_prng(eckey)) goto err;#endif do { /* get random k */ do if (!BN_rand_range(k, order)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } while (BN_is_zero(k));#ifdef ECDSA_POINT_MUL_NO_CONSTTIME /* We do not want timing information to leak the length of k, * so we compute G*k using an equivalent scalar of fixed * bit-length. */ if (!BN_add(k, k, order)) goto err; if (BN_num_bits(k) <= BN_num_bits(order)) if (!BN_add(k, k, order)) goto err;#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */ /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } }#ifndef OPENSSL_NO_EC2M else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp_point, X, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } }#endif if (!BN_nnmod(r, X, order, ctx))//.........这里部分代码省略.........
开发者ID:izick,项目名称:eme,代码行数:101,
示例26: sm2_sign_setup/* k in [1, n-1], (x, y) = kG */static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **xp){ int ret = 0; const EC_GROUP *ec_group; BN_CTX *ctx = NULL; BIGNUM *k = NULL; BIGNUM *x = NULL; BIGNUM *order = NULL; EC_POINT *point = NULL; if (ec_key == NULL || (ec_group = EC_KEY_get0_group(ec_key)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE); return 0; } } else { ctx = ctx_in; } k = BN_new(); x = BN_new(); order = BN_new(); if (!k || !x || !order) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_GROUP_get_order(ec_group, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if ((point = EC_POINT_new(ec_group)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } do { /* get random k */ do { if (!BN_rand_range(k, order)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } while (BN_is_zero(k)); /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(ec_group, point, k, NULL, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) { if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, x, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } } else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, x, NULL, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB); goto err; } } //FIXME: do we need this? if (!BN_nnmod(x, x, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); goto err; } } while (BN_is_zero(x)); /* clear old values if necessary */ if (*kp != NULL) BN_clear_free(*kp); if (*xp != NULL) BN_clear_free(*xp); /* save the pre-computed values */ *kp = k; *xp = x; ret = 1;err: if (!ret) { if (k) BN_clear_free(k); if (x) BN_clear_free(x); } if (ctx_in == NULL) BN_CTX_free(ctx); if (order) BN_free(order); if (point) EC_POINT_free(point);//.........这里部分代码省略.........
开发者ID:chanuei,项目名称:dmverify-analysis,代码行数:101,
注:本文中的EC_POINT_get_affine_coordinates_GF2m函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。
C++ EC_POINT_is_at_infinity函数代码示例
C++ EC_POINT_free函数代码示例 |
