line |
true |
false |
branch |
235
|
0 |
6668 |
if (!key) |
255
|
0 |
4477 |
psAssert(key); |
282
|
0 |
4316 |
if ((k = psMalloc(pool, sizeof(psEccKey_t))) == NULL) |
287
|
0 |
4316 |
if ((rc = psEccInitKey(pool, k, curve)) < 0) |
301
|
2203 |
0 |
if (to->pool == NULL) |
314
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.x, &from->pubkey.x, 0)) |
319
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.y, &from->pubkey.y, 0)) |
324
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->pubkey.z, &from->pubkey.z, 0)) |
331
|
2203 |
0 |
if (to->type == PS_PRIVKEY) |
333
|
0 |
2203 |
if ((rc = pstm_init_copy(to->pool, &to->k, &from->k, 0)) |
341
|
0 |
2203 |
if (rc < 0) |
369
|
105 |
0 |
if (key && key->curve) |
|
105 |
0 |
if (key && key->curve) |
396
|
105 |
0 |
if (len < 1 || |
|
105 |
0 |
if (len < 1 || |
397
|
105 |
0 |
*(p++) != ASN_OID || |
398
|
0 |
105 |
getAsnLength(&p, (uint16_t) (end - p), &arcLen) < 0 || |
420
|
555 |
105 |
while (arcLen > 0) |
426
|
0 |
105 |
if (getEccParamByOid(oid, &eccCurve) < 0) |
432
|
105 |
0 |
if ((uint16_t) (end - p) < 1 || (*(p++) != ASN_BIT_STRING) || |
433
|
105 |
0 |
getAsnLength(&p, len - 1, &arcLen) < 0 || |
434
|
0 |
105 |
(uint16_t) (end - p) < arcLen || |
460
|
0 |
105 |
if (psEccX963ImportKey(pool, p, arcLen, pubKey, eccCurve) < 0) |
491
|
29 |
0 |
if (!key || !curve) |
|
0 |
29 |
if (!key || !curve) |
504
|
0 |
29 |
if (buf == NULL) |
512
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &order, keysize) < 0) |
518
|
0 |
29 |
if ((err = pstm_read_radix(pool, &order, key->curve->order, slen, 16)) |
527
|
0 |
3344 |
if (psGetPrngLocked(buf, keysize, usrData) != keysize) |
534
|
0 |
3344 |
if (pstm_init_for_read_unsigned_bin(pool, &rand, keysize) < 0) |
541
|
0 |
3344 |
if ((err = pstm_read_unsigned_bin(&rand, buf, keysize)) != PS_SUCCESS) |
549
|
3315 |
29 |
if (pstm_cmp(&rand, &order) == PSTM_GT) |
557
|
0 |
29 |
if (key->curve->isOptimized == 0) |
559
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
564
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, keysize) < 0) |
570
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, key->curve->A, slen, 16)) |
577
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &prime, keysize) < 0) |
584
|
0 |
29 |
if (base == NULL) |
591
|
0 |
29 |
if ((err = pstm_read_radix(pool, &prime, key->curve->prime, slen, 16)) |
596
|
0 |
29 |
if ((err = pstm_read_radix(pool, &base->x, key->curve->Gx, slen, 16)) |
601
|
0 |
29 |
if ((err = pstm_read_radix(pool, &base->y, key->curve->Gy, slen, 16)) |
608
|
0 |
29 |
if (pstm_init_for_read_unsigned_bin(pool, &key->k, keysize) < 0) |
613
|
0 |
29 |
if ((err = pstm_read_unsigned_bin(&key->k, buf, keysize)) |
620
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.x, (key->k.used * 2) + 1) < 0) |
625
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.y, (key->k.used * 2) + 1) < 0) |
630
|
0 |
29 |
if (pstm_init_size(pool, &key->pubkey.z, (key->k.used * 2) + 1) < 0) |
635
|
0 |
29 |
if ((err = eccMulmod(pool, &key->k, base, &key->pubkey, &prime, 1, A)) != |
646
|
0 |
29 |
if (A) |
659
|
0 |
0 |
if (A) |
693
|
0 |
0 |
if ((rc = psPkcs1DecodePrivFile(pool, fileName, password, &DERout, &DERlen)) < 0) |
698
|
0 |
0 |
if ((rc = psEccParsePrivKey(pool, DERout, DERlen, key, NULL)) < 0) |
704
|
0 |
0 |
if ((rc = psPkcs8ParsePrivBin(pool, DERout, DERlen, (char *) password, |
737
|
0 |
0 |
if (getAsnSequence(&buf, (uint16_t) (end - buf), &len) < 0) |
742
|
0 |
0 |
if (getAsnInteger(&buf, (uint16_t) (end - buf), &asnInt) < 0 || |
|
0 |
0 |
if (getAsnInteger(&buf, (uint16_t) (end - buf), &asnInt) < 0 || |
750
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
751
|
0 |
0 |
(uint16_t) (end - buf) < len || |
760
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &key->k, len) != PS_SUCCESS) |
765
|
0 |
0 |
if (pstm_read_unsigned_bin(&key->k, buf, len) != PS_SUCCESS) |
773
|
0 |
0 |
if (*buf == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) |
778
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
779
|
0 |
0 |
(uint16_t) (end - buf) < len || |
787
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
796
|
0 |
0 |
while (len > 0) |
801
|
0 |
0 |
if (getEccParamByOid(oid, &eccCurve) < 0) |
806
|
0 |
0 |
if (curve != NULL && curve != eccCurve) |
|
0 |
0 |
if (curve != NULL && curve != eccCurve) |
814
|
0 |
0 |
else if (curve != NULL) |
824
|
0 |
0 |
if (*buf == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1)) |
828
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
|
0 |
0 |
if (getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
829
|
0 |
0 |
(uint16_t) (end - buf) < len || |
837
|
0 |
0 |
getAsnLength(&buf, (uint16_t) (end - buf), &len) < 0 || |
838
|
0 |
0 |
(uint16_t) (end - buf) < len || |
846
|
0 |
0 |
if (ignore_bits != 0) |
853
|
0 |
0 |
if (psEccX963ImportKey(pool, buf, len, key, key->curve) < 0) |
864
|
0 |
0 |
if (buf < end && |
|
0 |
0 |
if (buf < end && |
865
|
0 |
0 |
*buf == ANSI_UNCOMPRESSED && /* Uncompressed is the only format we support. */ |
868
|
0 |
0 |
if (psEccX963ImportKey(pool, buf, (end - buf), key, key->curve) < 0) |
877
|
0 |
0 |
if (end != buf) |
882
|
0 |
0 |
while (buf < end) |
884
|
0 |
0 |
if (*buf != len) |
904
|
0 |
2233 |
if (curveId == 0) |
911
|
2295 |
0 |
while (eccCurves[i].size > 0) |
913
|
2233 |
62 |
if (curveId == eccCurves[i].curveId) |
928
|
220 |
0 |
while (eccCurves[i].size > 0) |
930
|
105 |
115 |
if (oid == eccCurves[i].OIDsum) |
946
|
0 |
0 |
while (eccCurves[i].size > 0) |
948
|
0 |
0 |
if (strcmp(curveName, eccCurves[i].name) == 0) |
967
|
55780 |
11156 |
while (eccCurves[i].size > 0) |
969
|
55780 |
0 |
if (listLen < (*len - 2)) |
989
|
6 |
0 |
if (curves & IS_SECP521R1) |
991
|
6 |
0 |
if (getEccParamById(IANA_SECP521R1, &curve) == 0) |
993
|
6 |
0 |
if (listLen < (*len - 2)) |
1000
|
0 |
6 |
if (curves & IS_BRAIN512R1) |
1002
|
0 |
0 |
if (getEccParamById(IANA_BRAIN512R1, &curve) == 0) |
1004
|
0 |
0 |
if (listLen < (*len - 2)) |
1011
|
6 |
0 |
if (curves & IS_SECP384R1) |
1013
|
6 |
0 |
if (getEccParamById(IANA_SECP384R1, &curve) == 0) |
1015
|
6 |
0 |
if (listLen < (*len - 2)) |
1022
|
0 |
6 |
if (curves & IS_BRAIN384R1) |
1024
|
0 |
0 |
if (getEccParamById(IANA_BRAIN384R1, &curve) == 0) |
1026
|
0 |
0 |
if (listLen < (*len - 2)) |
1033
|
6 |
0 |
if (curves & IS_SECP256R1) |
1035
|
6 |
0 |
if (getEccParamById(IANA_SECP256R1, &curve) == 0) |
1037
|
6 |
0 |
if (listLen < (*len - 2)) |
1044
|
0 |
6 |
if (curves & IS_BRAIN256R1) |
1046
|
0 |
0 |
if (getEccParamById(IANA_BRAIN256R1, &curve) == 0) |
1048
|
0 |
0 |
if (listLen < (*len - 2)) |
1055
|
6 |
0 |
if (curves & IS_SECP224R1) |
1057
|
6 |
0 |
if (getEccParamById(IANA_SECP224R1, &curve) == 0) |
1059
|
6 |
0 |
if (listLen < (*len - 2)) |
1066
|
0 |
6 |
if (curves & IS_BRAIN224R1) |
1068
|
0 |
0 |
if (getEccParamById(IANA_BRAIN224R1, &curve) == 0) |
1070
|
0 |
0 |
if (listLen < (*len - 2)) |
1077
|
6 |
0 |
if (curves & IS_SECP192R1) |
1079
|
6 |
0 |
if (getEccParamById(IANA_SECP192R1, &curve) == 0) |
1081
|
6 |
0 |
if (listLen < (*len - 2)) |
1136
|
19268 |
0 |
return (n >= a->used) ? (pstm_digit) 0 : a->dp[n]; |
1165
|
0 |
2142 |
if ((err = pstm_montgomery_setup(modulus, &mp)) != PS_SUCCESS) |
1169
|
0 |
2142 |
if ((err = pstm_init_size(pool, &mu, modulus->alloc)) != PS_SUCCESS) |
1173
|
0 |
2142 |
if ((err = pstm_montgomery_calc_normalization(&mu, modulus)) != PS_SUCCESS) |
1180
|
17136 |
2142 |
for (i = 0; i < 8; i++) |
1183
|
0 |
17136 |
if (M[i] == NULL) |
1185
|
0 |
0 |
for (j = 0; j < i; j++) |
1196
|
0 |
2142 |
if (tG == NULL) |
1203
|
0 |
2142 |
if (pstm_cmp_d(&mu, 1) == PSTM_EQ) |
1205
|
0 |
0 |
if ((err = pstm_copy(&G->x, &tG->x)) != PS_SUCCESS) |
1209
|
0 |
0 |
if ((err = pstm_copy(&G->y, &tG->y)) != PS_SUCCESS) |
1213
|
0 |
0 |
if ((err = pstm_copy(&G->z, &tG->z)) != PS_SUCCESS) |
1220
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->x, &mu, modulus, &tG->x)) != PS_SUCCESS) |
1224
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->y, &mu, modulus, &tG->y)) != PS_SUCCESS) |
1228
|
0 |
2142 |
if ((err = pstm_mulmod(pool, &G->z, &mu, modulus, &tG->z)) != PS_SUCCESS) |
1237
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, tG, M[0], modulus, &mp, tmp_int)) != PS_SUCCESS) |
1241
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, M[0], M[0], modulus, &mp, tmp_int)) != |
1246
|
0 |
2142 |
if ((err = eccProjectiveDblPoint(pool, M[0], M[0], modulus, &mp, tmp_int)) != |
1253
|
14994 |
2142 |
for (j = 9; j < 16; j++) |
1255
|
0 |
14994 |
if ((err = eccProjectiveAddPoint(pool, M[j - 9], tG, M[j - 8], modulus, |
1274
|
21410 |
1213884 |
if (--bitcnt == 0) |
1276
|
2142 |
19268 |
if (digidx == -1) |
1290
|
122945 |
1110207 |
if (mode == 0 && i == 0) |
|
120803 |
2142 |
if (mode == 0 && i == 0) |
1296
|
418424 |
693925 |
if (mode == 1 && i == 0) |
|
188616 |
229808 |
if (mode == 1 && i == 0) |
1298
|
0 |
188616 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) != |
1310
|
229961 |
693772 |
if (bitcpy == ECC_MULMOD_WINSIZE) |
1313
|
2142 |
227819 |
if (first == 1) |
1316
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->x, &R->x)) != PS_SUCCESS) |
1320
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->y, &R->y)) != PS_SUCCESS) |
1324
|
0 |
2142 |
if ((err = pstm_copy(&M[bitbuf - 8]->z, &R->z)) != PS_SUCCESS) |
1335
|
911276 |
227819 |
for (j = 0; j < ECC_MULMOD_WINSIZE; j++) |
1337
|
0 |
911276 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) |
1345
|
0 |
227819 |
if ((err = eccProjectiveAddPoint(pool, R, M[bitbuf - 8], R, |
1358
|
1989 |
153 |
if (mode == 2 && bitcpy > 0) |
|
1989 |
0 |
if (mode == 2 && bitcpy > 0) |
1361
|
3889 |
1989 |
for (j = 0; j < bitcpy; j++) |
1364
|
3889 |
0 |
if (first == 0) |
1366
|
0 |
3889 |
if ((err = eccProjectiveDblPoint(pool, R, R, modulus, &mp, tmp_int)) != |
1374
|
2921 |
968 |
if ((bitbuf & (1 << ECC_MULMOD_WINSIZE)) != 0) |
1376
|
0 |
2921 |
if (first == 1) |
1379
|
0 |
0 |
if ((err = pstm_copy(&tG->x, &R->x)) != PS_SUCCESS) |
1383
|
0 |
0 |
if ((err = pstm_copy(&tG->y, &R->y)) != PS_SUCCESS) |
1387
|
0 |
0 |
if ((err = pstm_copy(&tG->z, &R->z)) != PS_SUCCESS) |
1396
|
0 |
2921 |
if ((err = eccProjectiveAddPoint(pool, R, tG, R, modulus, |
1407
|
2142 |
0 |
if (map) |
1419
|
17136 |
2142 |
for (i = 0; i < 8; i++) |
1434
|
0 |
2218 |
if ((err = pstm_init(pool, &t1)) < 0) |
1438
|
0 |
2218 |
if ((err = pstm_init(pool, &t2)) < 0) |
1445
|
0 |
2218 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
1453
|
0 |
2218 |
if ((err = pstm_sqr_comba(pool, &P->y, &t1, paD, paDlen)) < 0) |
1459
|
0 |
2218 |
if ((err = pstm_sqr_comba(pool, &P->x, &t2, paD, paDlen)) < 0) |
1463
|
0 |
2218 |
if ((err = pstm_mod(pool, &t2, prime, &t2)) < 0) |
1468
|
0 |
2218 |
if ((err = pstm_mul_comba(pool, &P->x, &t2, &t2, paD, paDlen)) < 0) |
1474
|
0 |
2218 |
if ((err = pstm_sub(&t1, &t2, &t1)) < 0) |
1480
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
1484
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
1488
|
0 |
2218 |
if ((err = pstm_add(&t1, &P->x, &t1)) < 0) |
1492
|
0 |
2218 |
if ((err = pstm_mod(pool, &t1, prime, &t1)) < 0) |
1496
|
0 |
2218 |
while (pstm_cmp_d(&t1, 0) == PSTM_LT) |
1498
|
0 |
0 |
if ((err = pstm_add(&t1, prime, &t1)) < 0) |
1503
|
0 |
2218 |
while (pstm_cmp(&t1, prime) != PSTM_LT) |
1505
|
0 |
0 |
if ((err = pstm_sub(&t1, prime, &t1)) < 0) |
1512
|
0 |
2218 |
if (pstm_cmp(&t1, b) != PSTM_EQ) |
1555
|
2218 |
0 |
if (inlen < ((2 * (MIN_ECC_BITS / 8)) + 1) || (inlen & 1) == 0) |
|
0 |
2218 |
if (inlen < ((2 * (MIN_ECC_BITS / 8)) + 1) || (inlen & 1) == 0) |
1562
|
2218 |
0 |
if (key->type != PS_PRIVKEY) |
1564
|
0 |
2218 |
if (psEccInitKey(pool, key, curve) < 0) |
1570
|
0 |
2218 |
if (pstm_init_for_read_unsigned_bin(pool, &key->pubkey.x, |
1575
|
0 |
2218 |
if (pstm_init_for_read_unsigned_bin(pool, &key->pubkey.y, |
1581
|
0 |
2218 |
if (pstm_init_size(pool, &key->pubkey.z, 1) < 0) |
1588
|
2218 |
0 |
switch (*in) |
1603
|
0 |
2218 |
if ((err = pstm_read_unsigned_bin(&key->pubkey.x, (unsigned char *) in + 1, |
1608
|
0 |
2218 |
if ((err = pstm_read_unsigned_bin(&key->pubkey.y, |
1617
|
2218 |
0 |
if (curve != NULL && curve->isOptimized) |
|
2218 |
0 |
if (curve != NULL && curve->isOptimized) |
1619
|
0 |
2218 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &prime, curve->size)) < 0) |
1623
|
0 |
2218 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &b, curve->size)) < 0) |
1628
|
0 |
2218 |
if ((err = pstm_read_radix(pool, &prime, curve->prime, |
1636
|
0 |
2218 |
if ((err = pstm_read_radix(pool, &b, curve->B, curve->size * 2, 16)) < 0) |
1642
|
0 |
2218 |
if ((err = eccTestPoint(pool, &key->pubkey, &prime, &b)) < 0) |
1680
|
0 |
2203 |
if (*outlen < (1 + 2 * numlen)) |
1690
|
0 |
2203 |
if ((res = pstm_to_unsigned_bin(pool, &key->pubkey.x, buf + |
1699
|
0 |
2203 |
if ((res = pstm_to_unsigned_bin(pool, &key->pubkey.y, buf + |
1733
|
0 |
2113 |
if (private_key->type != PS_PRIVKEY) |
1737
|
2113 |
0 |
if (public_key->curve != NULL) |
1739
|
0 |
2113 |
if (private_key->curve != public_key->curve) |
1747
|
0 |
2113 |
if (result == NULL) |
1752
|
0 |
2113 |
if (private_key->curve->isOptimized == 0) |
1754
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
1760
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, private_key->curve->size) < 0) |
1767
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, private_key->curve->A, |
1778
|
0 |
2113 |
if ((err = pstm_init_for_read_unsigned_bin(pool, &prime, |
1781
|
0 |
0 |
if (A) |
1790
|
0 |
2113 |
if ((err = pstm_read_radix(pool, &prime, private_key->curve->prime, |
1795
|
0 |
2113 |
if ((err = eccMulmod(pool, &private_key->k, &public_key->pubkey, result, |
1802
|
0 |
2113 |
if (*outlen < x) |
1809
|
0 |
2113 |
if ((err = pstm_to_unsigned_bin(pool, &result->x, |
1818
|
0 |
2113 |
if (A) |
1848
|
0 |
245734 |
if (pstm_init_size(pool, &t1, P->x.alloc) < 0) |
1853
|
0 |
245734 |
if (pstm_init_size(pool, &t2, P->x.alloc) < 0) |
1857
|
0 |
245734 |
if (pstm_init_size(pool, &x, P->x.alloc) < 0) |
1861
|
0 |
245734 |
if (pstm_init_size(pool, &y, P->y.alloc) < 0) |
1865
|
0 |
245734 |
if (pstm_init_size(pool, &z, P->z.alloc) < 0) |
1871
|
0 |
245734 |
if ((err = pstm_sub(modulus, &Q->y, &t1)) != PS_SUCCESS) |
1878
|
0 |
0 |
(pstm_cmp(&P->z, &Q->z) == PSTM_EQ) && |
1879
|
0 |
0 |
(pstm_cmp(&P->y, &Q->y) == PSTM_EQ || |
1886
|
0 |
245734 |
if ((err = pstm_copy(&P->x, &x)) != PS_SUCCESS) |
1890
|
0 |
245734 |
if ((err = pstm_copy(&P->y, &y)) != PS_SUCCESS) |
1894
|
0 |
245734 |
if ((err = pstm_copy(&P->z, &z)) != PS_SUCCESS) |
1902
|
0 |
245734 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
1909
|
245734 |
0 |
if (pstm_cmp_d(&Q->z, 1) != PSTM_EQ) |
1912
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &Q->z, &t1, paD, paDlen)) |
1917
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
1923
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &x, paD, paDlen)) |
1928
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
1934
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->z, &t1, &t1, paD, paDlen)) |
1939
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
1945
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &y, &y, paD, paDlen)) |
1950
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &y, modulus, *mp, paD, paDlen)) |
1958
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &z, &t1, paD, paDlen)) != PS_SUCCESS) |
1962
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
1968
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->x, &t1, &t2, paD, paDlen)) |
1973
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
1979
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &t1, &t1, paD, paDlen)) != PS_SUCCESS) |
1983
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
1989
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &Q->y, &t1, &t1, paD, paDlen)) |
1994
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
2001
|
0 |
245734 |
if ((err = pstm_sub(&y, &t1, &y)) != PS_SUCCESS) |
2005
|
108048 |
137686 |
if (pstm_cmp_d(&y, 0) == PSTM_LT) |
2007
|
0 |
108048 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
2013
|
0 |
245734 |
if ((err = pstm_add(&t1, &t1, &t1)) != PS_SUCCESS) |
2017
|
120799 |
124935 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2019
|
0 |
120799 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2025
|
0 |
245734 |
if ((err = pstm_add(&t1, &y, &t1)) != PS_SUCCESS) |
2029
|
117179 |
128555 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2031
|
0 |
117179 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2037
|
0 |
245734 |
if ((err = pstm_sub(&x, &t2, &x)) != PS_SUCCESS) |
2041
|
113436 |
132298 |
if (pstm_cmp_d(&x, 0) == PSTM_LT) |
2043
|
0 |
113436 |
if ((err = pstm_add(&x, modulus, &x)) != PS_SUCCESS) |
2049
|
0 |
245734 |
if ((err = pstm_add(&t2, &t2, &t2)) != PS_SUCCESS) |
2053
|
114465 |
131269 |
if (pstm_cmp(&t2, modulus) != PSTM_LT) |
2055
|
0 |
114465 |
if ((err = pstm_sub(&t2, modulus, &t2)) != PS_SUCCESS) |
2061
|
0 |
245734 |
if ((err = pstm_add(&t2, &x, &t2)) != PS_SUCCESS) |
2065
|
116974 |
128760 |
if (pstm_cmp(&t2, modulus) != PSTM_LT) |
2067
|
0 |
116974 |
if ((err = pstm_sub(&t2, modulus, &t2)) != PS_SUCCESS) |
2074
|
245734 |
0 |
if (pstm_cmp_d(&Q->z, 1) != PSTM_EQ) |
2077
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &Q->z, &z, paD, paDlen)) |
2082
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &z, modulus, *mp, paD, paDlen)) |
2090
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &z, &x, &z, paD, paDlen)) != PS_SUCCESS) |
2094
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &z, modulus, *mp, paD, paDlen)) |
2101
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &t1, paD, paDlen)) != PS_SUCCESS) |
2105
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
2111
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &x, &x, paD, paDlen)) != PS_SUCCESS) |
2115
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
2121
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t2, &x, &t2, paD, paDlen)) != PS_SUCCESS) |
2125
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
2131
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t1, &x, &t1, paD, paDlen)) != PS_SUCCESS) |
2135
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
2142
|
0 |
245734 |
if ((err = pstm_sqr_comba(pool, &y, &x, paD, paDlen)) != PS_SUCCESS) |
2146
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &x, modulus, *mp, paD, paDlen)) |
2152
|
0 |
245734 |
if ((err = pstm_sub(&x, &t2, &x)) != PS_SUCCESS) |
2156
|
129332 |
116402 |
if (pstm_cmp_d(&x, 0) == PSTM_LT) |
2158
|
0 |
129332 |
if ((err = pstm_add(&x, modulus, &x)) != PS_SUCCESS) |
2165
|
0 |
245734 |
if ((err = pstm_sub(&t2, &x, &t2)) != PS_SUCCESS) |
2169
|
120598 |
125136 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
2171
|
0 |
120598 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
2177
|
0 |
245734 |
if ((err = pstm_sub(&t2, &x, &t2)) != PS_SUCCESS) |
2181
|
110753 |
134981 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
2183
|
0 |
110753 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
2189
|
0 |
245734 |
if ((err = pstm_mul_comba(pool, &t2, &y, &t2, paD, paDlen)) != PS_SUCCESS) |
2193
|
0 |
245734 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
2199
|
0 |
245734 |
if ((err = pstm_sub(&t2, &t1, &y)) != PS_SUCCESS) |
2203
|
123892 |
121842 |
if (pstm_cmp_d(&y, 0) == PSTM_LT) |
2205
|
0 |
123892 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
2211
|
245734 |
0 |
if (pstm_isodd(&y)) |
|
113542 |
132192 |
if (pstm_isodd(&y)) |
2213
|
0 |
113542 |
if ((err = pstm_add(&y, modulus, &y)) != PS_SUCCESS) |
2218
|
0 |
245734 |
if ((err = pstm_div_2(&y, &y)) != PS_SUCCESS) |
2223
|
0 |
245734 |
if ((err = pstm_copy(&x, &R->x)) != PS_SUCCESS) |
2227
|
0 |
245734 |
if ((err = pstm_copy(&y, &R->y)) != PS_SUCCESS) |
2231
|
0 |
245734 |
if ((err = pstm_copy(&z, &R->z)) != PS_SUCCESS) |
2248
|
245734 |
0 |
if (paD) |
2276
|
2142 |
1108065 |
if (P != R) |
2278
|
0 |
2142 |
if (pstm_copy(&P->x, &R->x) < 0) |
2282
|
0 |
2142 |
if (pstm_copy(&P->y, &R->y) < 0) |
2286
|
0 |
2142 |
if (pstm_copy(&P->z, &R->z) < 0) |
2293
|
1337 |
1108870 |
if (R->y.used > initSize) |
2297
|
0 |
1110207 |
if (R->z.used > initSize) |
2302
|
0 |
1110207 |
if (pstm_init_size(pool, &t1, (initSize * 2) + 1) < 0) |
2306
|
0 |
1110207 |
if (pstm_init_size(pool, &t2, (initSize * 2) + 1) < 0) |
2315
|
0 |
1110207 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
2322
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->z, &t1, paD, paDlen)) != PS_SUCCESS) |
2326
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t1, modulus, *mp, paD, paDlen)) |
2332
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->z, &R->y, &R->z, paD, paDlen)) |
2337
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->z, modulus, *mp, paD, paDlen)) |
2343
|
0 |
1110207 |
if ((err = pstm_add(&R->z, &R->z, &R->z)) != PS_SUCCESS) |
2347
|
537122 |
573085 |
if (pstm_cmp(&R->z, modulus) != PSTM_LT) |
2349
|
0 |
537122 |
if ((err = pstm_sub(&R->z, modulus, &R->z)) != PS_SUCCESS) |
2356
|
1110207 |
0 |
if (A == NULL) |
2359
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &t1, &t2)) != PS_SUCCESS) |
2363
|
577888 |
532319 |
if (pstm_cmp_d(&t2, 0) == PSTM_LT) |
2365
|
0 |
577888 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
2371
|
0 |
1110207 |
if ((err = pstm_add(&t1, &R->x, &t1)) != PS_SUCCESS) |
2375
|
533544 |
576663 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2377
|
0 |
533544 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2383
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &t1, &t2, &t2, paD, paDlen)) != PS_SUCCESS) |
2387
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
2393
|
0 |
1110207 |
if ((err = pstm_add(&t2, &t2, &t1)) != PS_SUCCESS) |
2397
|
542035 |
568172 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2399
|
0 |
542035 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2405
|
0 |
1110207 |
if ((err = pstm_add(&t1, &t2, &t1)) != PS_SUCCESS) |
2409
|
567417 |
542790 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2411
|
0 |
567417 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2422
|
0 |
0 |
if (pstm_init_size(pool, &t3, (initSize * 2) + 1) < 0) |
2426
|
0 |
0 |
if (pstm_init_size(pool, &t4, (initSize * 2) + 1) < 0) |
2433
|
0 |
0 |
if ((err = pstm_sqr_comba(pool, &R->x, &t3, paD, paDlen)) != PS_SUCCESS) |
2437
|
0 |
0 |
if ((err = pstm_montgomery_reduce(pool, &t3, modulus, *mp, paD, paDlen)) |
2444
|
0 |
0 |
if ((err = pstm_add(&t3, &t3, &t4)) != PS_SUCCESS) |
2448
|
0 |
0 |
if (pstm_cmp(&t4, modulus) != PSTM_LT) |
2450
|
0 |
0 |
if ((err = pstm_sub(&t4, modulus, &t4)) != PS_SUCCESS) |
2457
|
0 |
0 |
if ((err = pstm_add(&t3, &t4, &t3)) != PS_SUCCESS) |
2461
|
0 |
0 |
if (pstm_cmp(&t3, modulus) != PSTM_LT) |
2463
|
0 |
0 |
if ((err = pstm_sub(&t3, modulus, &t3)) != PS_SUCCESS) |
2470
|
0 |
0 |
if ((err = pstm_sqr_comba(pool, &t1, &t4, paD, paDlen)) != PS_SUCCESS) |
2474
|
0 |
0 |
if ((err = pstm_mod(pool, &t4, modulus, &t4)) != PS_SUCCESS) |
2480
|
0 |
0 |
if ((err = pstm_mul_comba(pool, &t4, A, &t4, paD, paDlen)) != PS_SUCCESS) |
2485
|
0 |
0 |
if ((err = pstm_montgomery_reduce(pool, &t4, modulus, *mp, paD, paDlen)) |
2492
|
0 |
0 |
if ((err = pstm_add(&t3, &t4, &t1)) != PS_SUCCESS) |
2496
|
0 |
0 |
if (pstm_cmp(&t1, modulus) != PSTM_LT) |
2498
|
0 |
0 |
if ((err = pstm_sub(&t1, modulus, &t1)) != PS_SUCCESS) |
2508
|
0 |
1110207 |
if ((err = pstm_add(&R->y, &R->y, &R->y)) != PS_SUCCESS) |
2512
|
558135 |
552072 |
if (pstm_cmp(&R->y, modulus) != PSTM_LT) |
2514
|
0 |
558135 |
if ((err = pstm_sub(&R->y, modulus, &R->y)) != PS_SUCCESS) |
2520
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->y, &R->y, paD, paDlen)) != PS_SUCCESS) |
2524
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
2530
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &R->y, &t2, paD, paDlen)) != PS_SUCCESS) |
2534
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &t2, modulus, *mp, paD, paDlen)) |
2540
|
1110207 |
0 |
if (pstm_isodd(&t2)) |
|
566850 |
543357 |
if (pstm_isodd(&t2)) |
2542
|
0 |
566850 |
if ((err = pstm_add(&t2, modulus, &t2)) != PS_SUCCESS) |
2547
|
0 |
1110207 |
if ((err = pstm_div_2(&t2, &t2)) != PS_SUCCESS) |
2552
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->y, &R->x, &R->y, paD, paDlen)) |
2557
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
2564
|
0 |
1110207 |
if ((err = pstm_sqr_comba(pool, &t1, &R->x, paD, paDlen)) != PS_SUCCESS) |
2568
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->x, modulus, *mp, paD, paDlen)) |
2574
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &R->y, &R->x)) != PS_SUCCESS) |
2578
|
561429 |
548778 |
if (pstm_cmp_d(&R->x, 0) == PSTM_LT) |
2580
|
0 |
561429 |
if ((err = pstm_add(&R->x, modulus, &R->x)) != PS_SUCCESS) |
2586
|
0 |
1110207 |
if ((err = pstm_sub(&R->x, &R->y, &R->x)) != PS_SUCCESS) |
2590
|
553863 |
556344 |
if (pstm_cmp_d(&R->x, 0) == PSTM_LT) |
2592
|
0 |
553863 |
if ((err = pstm_add(&R->x, modulus, &R->x)) != PS_SUCCESS) |
2599
|
0 |
1110207 |
if ((err = pstm_sub(&R->y, &R->x, &R->y)) != PS_SUCCESS) |
2603
|
524235 |
585972 |
if (pstm_cmp_d(&R->y, 0) == PSTM_LT) |
2605
|
0 |
524235 |
if ((err = pstm_add(&R->y, modulus, &R->y)) != PS_SUCCESS) |
2611
|
0 |
1110207 |
if ((err = pstm_mul_comba(pool, &R->y, &t1, &R->y, paD, paDlen)) |
2616
|
0 |
1110207 |
if ((err = pstm_montgomery_reduce(pool, &R->y, modulus, *mp, paD, paDlen)) |
2622
|
0 |
1110207 |
if ((err = pstm_sub(&R->y, &t2, &R->y)) != PS_SUCCESS) |
2626
|
574032 |
536175 |
if (pstm_cmp_d(&R->y, 0) == PSTM_LT) |
2628
|
0 |
574032 |
if ((err = pstm_add(&R->y, modulus, &R->y)) != PS_SUCCESS) |
2637
|
1110207 |
0 |
if (paD) |
2654
|
0 |
21420 |
if (p == NULL) |
2659
|
0 |
21420 |
if (size == 0) |
2661
|
0 |
0 |
if (pstm_init(pool, &p->x) != PSTM_OKAY) |
2665
|
0 |
0 |
if (pstm_init(pool, &p->y) != PSTM_OKAY) |
2669
|
0 |
0 |
if (pstm_init(pool, &p->z) != PSTM_OKAY) |
2676
|
0 |
21420 |
if (pstm_init_size(pool, &p->x, size) != PSTM_OKAY) |
2680
|
0 |
21420 |
if (pstm_init_size(pool, &p->y, size) != PSTM_OKAY) |
2684
|
0 |
21420 |
if (pstm_init_size(pool, &p->z, size) != PSTM_OKAY) |
2705
|
21420 |
0 |
if (p != NULL) |
2729
|
0 |
2142 |
if (pstm_init_size(pool, &t1, P->x.alloc) < 0) |
2733
|
0 |
2142 |
if (pstm_init_size(pool, &t2, P->x.alloc) < 0) |
2741
|
0 |
2142 |
if ((paD = psMalloc(pool, paDlen)) == NULL) |
2748
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->z, modulus, *mp, paD, paDlen)) |
2755
|
0 |
2142 |
if ((err = pstm_invmod(pool, &P->z, modulus, &t1)) != PS_SUCCESS) |
2761
|
0 |
2142 |
if ((err = pstm_sqr_comba(pool, &t1, &t2, paD, paDlen)) != PS_SUCCESS) |
2765
|
0 |
2142 |
if ((err = pstm_mod(pool, &t2, modulus, &t2)) != PS_SUCCESS) |
2769
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &t1, &t2, &t1, paD, paDlen)) != PS_SUCCESS) |
2773
|
0 |
2142 |
if ((err = pstm_mod(pool, &t1, modulus, &t1)) != PS_SUCCESS) |
2779
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &P->x, &t2, &P->x, paD, paDlen)) |
2784
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->x, modulus, *mp, paD, paDlen)) |
2789
|
0 |
2142 |
if ((err = pstm_mul_comba(pool, &P->y, &t1, &P->y, paD, paDlen)) |
2794
|
0 |
2142 |
if ((err = pstm_montgomery_reduce(pool, &P->y, modulus, *mp, paD, paDlen)) |
2803
|
2142 |
0 |
if (paD) |
2844
|
0 |
0 |
if ((err = getAsnSequence(&c, (uint16_t) (end - c), &len)) < 0) |
2849
|
0 |
0 |
if ((err = pstm_read_asn(pool, &c, (uint16_t) (end - c), &r)) < 0) |
2854
|
0 |
0 |
if ((err = pstm_read_asn(pool, &c, (uint16_t) (end - c), &s)) < 0) |
2863
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &p, key->curve->size) < 0) |
2870
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &m, key->curve->size) < 0) |
2874
|
0 |
0 |
if (pstm_init_size(pool, &v, key->pubkey.x.alloc) < 0) |
2878
|
0 |
0 |
if (pstm_init_size(pool, &w, s.alloc) < 0) |
2883
|
0 |
0 |
if (buflen > key->curve->size) |
2887
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &e, buflen) < 0) |
2891
|
0 |
0 |
if (pstm_init_size(pool, &u1, e.alloc + w.alloc) < 0) |
2895
|
0 |
0 |
if (pstm_init_size(pool, &u2, r.alloc + w.alloc) < 0) |
2901
|
0 |
0 |
if ((mG = eccNewPoint(pool, key->pubkey.x.alloc * 2)) == NULL) |
2905
|
0 |
0 |
if ((mQ = eccNewPoint(pool, key->pubkey.x.alloc * 2)) == NULL) |
2911
|
0 |
0 |
if ((err = pstm_read_radix(pool, &p, key->curve->order, radlen, 16)) |
2918
|
0 |
0 |
if ((err = pstm_read_radix(pool, &m, key->curve->prime, radlen, 16)) |
2925
|
0 |
0 |
if (pstm_iszero(&r) || pstm_iszero(&s) || pstm_cmp(&r, &p) != PSTM_LT || |
|
0 |
0 |
if (pstm_iszero(&r) || pstm_iszero(&s) || pstm_cmp(&r, &p) != PSTM_LT || |
2933
|
0 |
0 |
if ((err = pstm_read_unsigned_bin(&e, buf, buflen)) != PS_SUCCESS) |
2939
|
0 |
0 |
if ((err = pstm_invmod(pool, &s, &p, &w)) != PS_SUCCESS) |
2945
|
0 |
0 |
if ((err = pstm_mulmod(pool, &e, &w, &p, &u1)) != PS_SUCCESS) |
2951
|
0 |
0 |
if ((err = pstm_mulmod(pool, &r, &w, &p, &u2)) != PS_SUCCESS) |
2957
|
0 |
0 |
if ((err = pstm_read_radix(pool, &mG->x, key->curve->Gx, radlen, 16)) |
2962
|
0 |
0 |
if ((err = pstm_read_radix(pool, &mG->y, key->curve->Gy, radlen, 16)) |
2969
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.x, &mQ->x)) != PS_SUCCESS) |
2973
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.y, &mQ->y)) != PS_SUCCESS) |
2977
|
0 |
0 |
if ((err = pstm_copy(&key->pubkey.z, &mQ->z)) != PS_SUCCESS) |
2982
|
0 |
0 |
if (key->curve->isOptimized == 0) |
2984
|
0 |
0 |
if ((A = psMalloc(pool, sizeof(pstm_int))) == NULL) |
2989
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, A, key->curve->size) < 0) |
2994
|
0 |
0 |
if ((err = pstm_read_radix(pool, A, key->curve->A, |
3003
|
0 |
0 |
if ((err = eccMulmod(pool, &u1, mG, mG, &m, 0, A)) != PS_SUCCESS) |
3007
|
0 |
0 |
if ((err = eccMulmod(pool, &u2, mQ, mQ, &m, 0, A)) != PS_SUCCESS) |
3013
|
0 |
0 |
if ((err = pstm_montgomery_setup(&m, &mp)) != PS_SUCCESS) |
3019
|
0 |
0 |
if ((err = eccProjectiveAddPoint(pool, mQ, mG, mG, &m, &mp, A)) != PS_SUCCESS) |
3025
|
0 |
0 |
if ((err = eccMap(pool, mG, &m, &mp)) != PS_SUCCESS) |
3031
|
0 |
0 |
if ((err = pstm_mod(pool, &mG->x, &p, &v)) != PS_SUCCESS) |
3037
|
0 |
0 |
if (pstm_cmp(&v, &r) == PSTM_EQ) |
3046
|
0 |
0 |
if (A) |
3106
|
0 |
0 |
if (privKey->type != PS_PRIVKEY) |
3112
|
0 |
0 |
if (buflen > privKey->curve->size) |
3118
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &p, privKey->curve->size) < 0) |
3122
|
0 |
0 |
if (pstm_init_for_read_unsigned_bin(pool, &e, buflen) < 0) |
3126
|
0 |
0 |
if (pstm_init_size(pool, &r, p.alloc) < 0) |
3130
|
0 |
0 |
if (pstm_init_size(pool, &s, p.alloc) < 0) |
3135
|
0 |
0 |
if ((err = pstm_read_radix(pool, &p, privKey->curve->order, radlen, |
3140
|
0 |
0 |
if ((err = pstm_read_unsigned_bin(&e, buf, buflen)) != PS_SUCCESS) |
3149
|
0 |
0 |
if (sanity++ > 99) |
3155
|
0 |
0 |
if ((err = psEccGenKey(pool, &pubKey, privKey->curve, usrData)) |
3161
|
0 |
0 |
if ((err = pstm_mod(pool, &pubKey.pubkey.x, &p, &r)) != PS_SUCCESS) |
3166
|
0 |
0 |
if (pstm_iszero(&r) == PS_TRUE) |
3173
|
0 |
0 |
if ((err = pstm_invmod(pool, &pubKey.k, &p, &pubKey.k)) != |
3178
|
0 |
0 |
if ((err = pstm_mulmod(pool, &privKey->k, &r, &p, &s)) |
3183
|
0 |
0 |
if ((err = pstm_add(&e, &s, &s)) != PS_SUCCESS) |
3187
|
0 |
0 |
if ((err = pstm_mod(pool, &s, &p, &s)) != PS_SUCCESS) |
3191
|
0 |
0 |
if ((err = pstm_mulmod(pool, &s, &pubKey.k, &p, &s)) |
3202
|
0 |
0 |
if (((rLen + 6) >= privKey->curve->size) && |
|
0 |
0 |
if (((rLen + 6) >= privKey->curve->size) && |
3205
|
0 |
0 |
if (pstm_iszero(&s) == PS_FALSE) |
3216
|
0 |
0 |
if (negative[rLen - 1] & 0x80) |
3222
|
0 |
0 |
if (negative[sLen - 1] & 0x80) /* GOOD ONE */ |
3230
|
0 |
0 |
if (olen - 3 >= 128) |
3236
|
0 |
0 |
if (includeSize) |
3238
|
0 |
0 |
if (olen + 2 > *siglen) |
3249
|
0 |
0 |
if (olen > *siglen) |
3258
|
0 |
0 |
if ((olen - 3) >= 128) |
3271
|
0 |
0 |
if (includeSize) |
3279
|
0 |
0 |
if (rflag) |
3283
|
0 |
0 |
if ((err = pstm_to_unsigned_bin(pool, &r, sig)) != PSTM_OKAY) |
3291
|
0 |
0 |
if (sflag) |
3295
|
0 |
0 |
if ((err = pstm_to_unsigned_bin(pool, &s, sig)) != PSTM_OKAY) |