1 // SPDX-License-Identifier: BSD-2-Clause
2 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
3 *
4 * LibTomCrypt is a library that provides various cryptographic
5 * algorithms in a highly modular and flexible manner.
6 *
7 * The library is free for all purposes without any express
8 * guarantee it works.
9 */
10
11 #include "tomcrypt_private.h"
12
13 /* origin of this code - OLPC */
14
15 #ifdef LTC_MECC
16
17 /**
18 Verify a key according to ANSI spec
19 @param key The key to validate
20 @return CRYPT_OK if successful
21 */
22
ltc_ecc_verify_key(const ecc_key * key)23 int ltc_ecc_verify_key(const ecc_key *key)
24 {
25 int err, inf;
26 ecc_point *point;
27 void *prime = key->dp.prime;
28 void *order = key->dp.order;
29 void *a = key->dp.A;
30
31 /* Test 1: Are the x and y points of the public key in the field? */
32 if (ltc_mp.compare_d(key->pubkey.z, 1) == LTC_MP_EQ) {
33 if ((ltc_mp.compare(key->pubkey.x, prime) != LTC_MP_LT) ||
34 (ltc_mp.compare(key->pubkey.y, prime) != LTC_MP_LT) ||
35 (ltc_mp.compare_d(key->pubkey.x, 0) == LTC_MP_LT) ||
36 (ltc_mp.compare_d(key->pubkey.y, 0) == LTC_MP_LT) ||
37 (mp_iszero(key->pubkey.x) && mp_iszero(key->pubkey.y))
38 )
39 {
40 err = CRYPT_INVALID_PACKET;
41 goto done2;
42 }
43 }
44
45 /* Test 2: is the public key on the curve? */
46 if ((err = ltc_ecc_is_point(&key->dp, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { goto done2; }
47
48 /* Test 3: does nG = O? (n = order, O = point at infinity, G = public key) */
49 point = ltc_ecc_new_point();
50 if ((err = ltc_ecc_mulmod(order, &(key->pubkey), point, a, prime, 1)) != CRYPT_OK) { goto done1; }
51
52 err = ltc_ecc_is_point_at_infinity(point, prime, &inf);
53 if (err != CRYPT_OK || inf) {
54 err = CRYPT_ERROR;
55 }
56 else {
57 err = CRYPT_OK;
58 }
59
60 done1:
61 ltc_ecc_del_point(point);
62 done2:
63 return err;
64 }
65
66 #endif
67
68 /* ref: $Format:%D$ */
69 /* git commit: $Format:%H$ */
70 /* commit time: $Format:%ai$ */
71