Lines Matching refs:group
77 static void scalar_add_loose(const EC_GROUP *group, EC_LOOSE_SCALAR *r, in scalar_add_loose() argument
82 const BIGNUM *order = &group->order; in scalar_add_loose()
94 static int scalar_mod_mul_montgomery(const EC_GROUP *group, EC_SCALAR *r, in scalar_mod_mul_montgomery() argument
96 const BIGNUM *order = &group->order; in scalar_mod_mul_montgomery()
98 b->words, order->top, group->order_mont); in scalar_mod_mul_montgomery()
101 static int scalar_mod_mul_montgomery_loose(const EC_GROUP *group, EC_SCALAR *r, in scalar_mod_mul_montgomery_loose() argument
107 const BIGNUM *order = &group->order; in scalar_mod_mul_montgomery_loose()
109 b->words, order->top, group->order_mont); in scalar_mod_mul_montgomery_loose()
115 static void digest_to_scalar(const EC_GROUP *group, EC_LOOSE_SCALAR *out, in digest_to_scalar() argument
117 const BIGNUM *order = &group->order; in digest_to_scalar()
141 static int field_element_to_scalar(const EC_GROUP *group, BIGNUM *r) { in field_element_to_scalar() argument
163 assert(BN_cmp(r, &group->field) < 0); in field_element_to_scalar()
164 if (BN_cmp(r, &group->order) >= 0 && in field_element_to_scalar()
165 !BN_sub(r, r, &group->order)) { in field_element_to_scalar()
169 assert(BN_cmp(r, &group->order) < 0); in field_element_to_scalar()
220 const EC_GROUP *group = EC_KEY_get0_group(eckey); in ECDSA_do_verify() local
222 if (group == NULL || pub_key == NULL || sig == NULL) { in ECDSA_do_verify()
243 const BIGNUM *order = EC_GROUP_get0_order(group); in ECDSA_do_verify()
245 !ec_bignum_to_scalar(group, &r, sig->r) || in ECDSA_do_verify()
247 !ec_bignum_to_scalar(group, &s, sig->s)) { in ECDSA_do_verify()
257 !ec_bignum_to_scalar_unchecked(group, &s_inv_mont, X) || in ECDSA_do_verify()
259 order->top, group->order_mont)) { in ECDSA_do_verify()
267 digest_to_scalar(group, &m, digest, digest_len); in ECDSA_do_verify()
268 if (!scalar_mod_mul_montgomery_loose(group, &u1, &m, &s_inv_mont) || in ECDSA_do_verify()
269 !scalar_mod_mul_montgomery(group, &u2, &r, &s_inv_mont)) { in ECDSA_do_verify()
273 point = EC_POINT_new(group); in ECDSA_do_verify()
278 if (!ec_point_mul_scalar_public(group, point, &u1, pub_key, &u2, ctx)) { in ECDSA_do_verify()
282 if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { in ECDSA_do_verify()
286 if (!field_element_to_scalar(group, X)) { in ECDSA_do_verify()
317 const EC_GROUP *group = EC_KEY_get0_group(eckey); in ecdsa_sign_setup() local
318 const BIGNUM *order = EC_GROUP_get0_order(group); in ecdsa_sign_setup()
319 tmp_point = EC_POINT_new(group); in ecdsa_sign_setup()
335 if (!ec_bignum_to_scalar(group, &k, eckey->fixed_k)) { in ecdsa_sign_setup()
349 if (!ec_random_nonzero_scalar(group, &k, additional_data)) { in ecdsa_sign_setup()
357 order->top, group->order_mont) || in ecdsa_sign_setup()
360 group->order_mont)) { in ecdsa_sign_setup()
365 if (!ec_point_mul_scalar(group, tmp_point, &k, NULL, NULL, ctx) || in ecdsa_sign_setup()
366 !EC_POINT_get_affine_coordinates_GFp(group, tmp_point, r, NULL, in ecdsa_sign_setup()
371 if (!field_element_to_scalar(group, r)) { in ecdsa_sign_setup()
395 const EC_GROUP *group = EC_KEY_get0_group(eckey); in ECDSA_do_sign() local
397 if (group == NULL || priv_key_bn == NULL) { in ECDSA_do_sign()
401 const BIGNUM *order = EC_GROUP_get0_order(group); in ECDSA_do_sign()
413 digest_to_scalar(group, &m, digest, digest_len); in ECDSA_do_sign()
416 if (!ec_bignum_to_scalar_unchecked(group, &priv_key, priv_key_bn)) { in ECDSA_do_sign()
428 if (!ec_bignum_to_scalar(group, &r_mont, ret->r) || in ECDSA_do_sign()
430 order->top, group->order_mont) || in ECDSA_do_sign()
431 !scalar_mod_mul_montgomery(group, &s, &priv_key, &r_mont)) { in ECDSA_do_sign()
436 scalar_add_loose(group, &tmp, &m, &s); in ECDSA_do_sign()
440 if (!scalar_mod_mul_montgomery_loose(group, &s, &tmp, &kinv_mont) || in ECDSA_do_sign()