Symbols ![]()
loading...
Files ![]()
loading...
mbedtls_ecp_mul() function
This function performs a scalar multiplication of a point by an integer: \p R = \p m * \p P. It is not thread-safe to use same group in multiple threads.
Syntax
int mbedtls_ecp_mul(mbedtls_ecp_group *grp,
mbedtls_ecp_point *R,
const mbedtls_mpi *m,
const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
Implemented in ![]()
ecp.c:2758
Return value
\c 0 on success. #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private key, or \p P is not a valid public key. #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. Another negative error code on other kinds of failure.
Notes
To prevent timing attacks, this function executes the exact same sequence of base-field operations for any valid \p m. It avoids any if-branch or array index depending on the value of \p m. If \p f_rng is not NULL, it is used to randomize intermediate results to prevent potential timing attacks targeting these results. We recommend always providing a non-NULL \p f_rng. The overhead is negligible. Note: unless #MBEDTLS_ECP_NO_INTERNAL_RNG is defined, when \p f_rng is NULL, an internal RNG (seeded from the value of \p m) will be used instead.
Related Functions
Found 57 other functions taking a ![]()
mbedtls_ecp_group
argument:
Function
Description
This function sets up an ECP group context from a standardized set of domain parameters.
This function frees the components of an ECP group.
This function performs multiplication of a point by an integer: \p R = \p m * \p P in a restartable way. \see mbedtls_ecp_mul()
This function checks that a point is a valid public key on this curve. It only checks that the point is non-zero, has valid coordinates and lies on the curve. It does not verify that it is indeed a multiple of \c G. This additional check is computationally more expensive, is not required by standards, and should not be necessary if the group used has a small cofactor. In particular, it is useless for the NIST groups which all have a cofactor of 1.
This function initializes an ECP group context without loading any domain parameters.
This function generates a private key.
This function checks that an \c mbedtls_mpi is a valid private key for this curve.
This function imports a point from unsigned binary data.
This function imports a point from a TLS ECPoint record.
This function exports a point as a TLS ECPoint record defined in RFC 4492, Section 5.4.
This function copies the contents of group \p src into group \p dst.
This function generates an ECP keypair.
This function performs multiplication and addition of two points by integers: \p R = \p m * \p P + \p n * \p Q in a restartable way. \see \c mbedtls_ecp_muladd()
This function generates an ECDH keypair on an elliptic curve. This function performs the first of two core computations implemented during the ECDH key exchange. The second core computation is performed by mbedtls_ecdh_compute_shared(). \see ecp.h
This function exports a point into unsigned binary data.
This function exports an elliptic curve as a TLS ECParameters record as defined in RFC 4492, Section 5.4.
This function generates a keypair with a configurable base point.
This function computes the shared secret. This function performs the second of two core computations implemented during the ECDH key exchange. The first core computation is performed by mbedtls_ecdh_gen_public(). \see ecp.h
This function sets up an ECP group context from a TLS ECParameters record as defined in RFC 4492, Section 5.4.
This function performs multiplication and addition of two points by integers: \p R = \p m * \p P + \p n * \p Q It is not thread-safe to use same group in multiple threads.
This function computes the ECDSA signature of a previously-hashed message. \see ecp.h
This function verifies the ECDSA signature of a previously-hashed message. \see ecp.h
This function checks if domain parameter A of the curve is \c -3.