diff options
| author | Kenny Root <kroot@google.com> | 2013-10-10 11:17:57 -0700 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2013-10-10 11:17:57 -0700 |
| commit | df206c8e46699bda2b496ad3f9b24a6eb07f6047 (patch) | |
| tree | 8a76315d966e9a226de3d00c5a53ad632ce906fa /libmincrypt/p256_ecdsa.c | |
| parent | cd8ab5e458e89785c185fd009a6593393abe0dc3 (diff) | |
| parent | 33d1e6294f609c4f417905239bd5a086f3ef880f (diff) | |
| download | system_core-df206c8e46699bda2b496ad3f9b24a6eb07f6047.zip system_core-df206c8e46699bda2b496ad3f9b24a6eb07f6047.tar.gz system_core-df206c8e46699bda2b496ad3f9b24a6eb07f6047.tar.bz2 | |
am 33d1e629: am 4ff9c3f7: am aab1670b: Merge "Add support for ECDSA P-256 with SHA256"
* commit '33d1e6294f609c4f417905239bd5a086f3ef880f':
Add support for ECDSA P-256 with SHA256
Diffstat (limited to 'libmincrypt/p256_ecdsa.c')
| -rw-r--r-- | libmincrypt/p256_ecdsa.c | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/libmincrypt/p256_ecdsa.c b/libmincrypt/p256_ecdsa.c new file mode 100644 index 0000000..f2264b0 --- /dev/null +++ b/libmincrypt/p256_ecdsa.c @@ -0,0 +1,56 @@ +/* + * Copyright 2013 The Android Open Source Project + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of Google Inc. nor the names of its contributors may + * be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Google Inc. ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL Google Inc. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <string.h> + +#include "mincrypt/p256_ecdsa.h" +#include "mincrypt/p256.h" + +int p256_ecdsa_verify(const p256_int* key_x, const p256_int* key_y, + const p256_int* message, + const p256_int* r, const p256_int* s) { + p256_int u, v; + + // Check public key. + if (!p256_is_valid_point(key_x, key_y)) return 0; + + // Check r and s are != 0 % n. + p256_mod(&SECP256r1_n, r, &u); + p256_mod(&SECP256r1_n, s, &v); + if (p256_is_zero(&u) || p256_is_zero(&v)) return 0; + + p256_modinv_vartime(&SECP256r1_n, s, &v); + p256_modmul(&SECP256r1_n, message, 0, &v, &u); // message / s % n + p256_modmul(&SECP256r1_n, r, 0, &v, &v); // r / s % n + + p256_points_mul_vartime(&u, &v, + key_x, key_y, + &u, &v); + + p256_mod(&SECP256r1_n, &u, &u); // (x coord % p) % n + return p256_cmp(r, &u) == 0; +} + |