Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2218035/?format=api
{ "id": 2218035, "url": "http://patchwork.ozlabs.org/api/patches/2218035/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20260331100047.34618-3-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260331100047.34618-3-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-03-31T10:00:34", "name": "[v3,02/15] ecdsa: initial support of ecdsa using mbedtls", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": false, "hash": "b66eb291b7cc47b2ad5dc32878070dca1ac1643b", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "delegate": { "id": 161313, "url": "http://patchwork.ozlabs.org/api/users/161313/?format=api", "username": "raymo200915", "first_name": "Raymond", "last_name": "Mao", "email": "raymondmaoca@gmail.com" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20260331100047.34618-3-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 498164, "url": "http://patchwork.ozlabs.org/api/series/498164/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=498164", "date": "2026-03-31T10:00:34", "name": "add software ecdsa support", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/498164/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2218035/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2218035/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=kuejoSJn;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"kuejoSJn\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4flNt72TF8z1y1q\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 31 Mar 2026 21:01:03 +1100 (AEDT)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 3654B84090;\n\tTue, 31 Mar 2026 12:00:58 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 12FCA840AA; Tue, 31 Mar 2026 12:00:57 +0200 (CEST)", "from PAUP264CU001.outbound.protection.outlook.com\n (mail-francecentralazlp170110002.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c20a::2])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id B9A9783DBF\n for <u-boot@lists.denx.de>; Tue, 31 Mar 2026 12:00:54 +0200 (CEST)", "from PR3P192CA0029.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:56::34)\n by PATP264MB6790.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:533::10) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.15; Tue, 31 Mar\n 2026 10:00:52 +0000", "from PA3PEPF000089B8.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:102:56:cafe::d5) by PR3P192CA0029.outlook.office365.com\n (2603:10a6:102:56::34) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9745.28 via Frontend Transport; Tue,\n 31 Mar 2026 10:00:52 +0000", "from proxy.softathome.com (149.6.166.170) by\n PA3PEPF000089B8.mail.protection.outlook.com (10.167.242.20) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9745.21\n via Frontend Transport; Tue, 31 Mar 2026 10:00:52 +0000", "from sah1lpt726.home (unknown [192.168.72.39])\n by proxy.softathome.com (Postfix) with ESMTPSA id 850C420389;\n Tue, 31 Mar 2026 12:00:52 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=WI51bgvWz+7JQXb/oMU7olezsp9wugAdM8Gzrve8206a7WR0ZiRw4vO8c218p1k7VweaVV0l3ugGyQJKobFF0FpXJqqA37iHVCdEcuoQXX+5Ta8bCAtDvTaFr0Q2No4R6aHjxzjRBGp+f0Zk+9jJ17HBT4SY129+TDUMw467gPj02v6rcQmqhqRT6NciaJO6rudewFFWesCVNGKLtYLeRkAU6BGRict9ExJ92t1qdWEZGk9H4t3yi9Koe2jjDNdJjcD1f3y1GjSjiQ+R7epbncGLylFOkZa1PtzsyFAot6ryd8tzd721Bzwqm3j94aXQxWBA8jhUWdJNr81F7CiiJQ==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=ZTZWzDGwfK65LxDwOFXdUMbbyHDIvcnuXHYKPVjn/e0=;\n b=ecJ40bo/zCMEN3Vi7NUbZqK9/WhMp4nVmkOQjalXAPQtfafzGKU+STG58rd7SZUuExHpGM7UsApRpLw7ALSTvMcVZBBrWJt5ekLx+XGcWD0xwfEuH4SXULtIfyy9t1O5/vcaZhBaMjEiN6x9wqbG43Ah4L6mmNlfpNlQLZcxeEYbDtcElz14vqTQ9TCOHVYeMOs5c3ptyUKXHr9UyXxuMclcKM3VX+ssQnoEUlk7vF5KX3ps2g12H5bFODyrjmHLlzx7cKvwJNZTym//5s1ogHfEVhlLXIUEtu31xAvpDeJI+n6M6uXEGYQ8j+VhG9fSrPxR/m3VofZTDsjY071d8A==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=ZTZWzDGwfK65LxDwOFXdUMbbyHDIvcnuXHYKPVjn/e0=;\n b=kuejoSJnPpiJp37sggQ1nxXh59Suy+r+0L4MgBof/NwPecSVg1TPAKilsiz5M2SKXmef+I+j/hi8OWY6sWkiQTvnKLmLGo0ra3kWSgGNFmV0wmeEF+rSUsS+h+X58kEQqtZrzsxlJZczPF3u7pV2dC7YFpeRfNYU5xCEdgTHes/LPO80el2G6C3/UO7Lm0q0eiYvqhIp5Hc5jT3sv1KfkSMkH9nRT+ovckbUUF9D1+oD9PQzqxBDulwfiiBTtl92TNGcgsRuRLaZJSnIgLa70cCLP2IfkjDG35xNvY8uqMfvCX1Hoq9ASfQo6b66NqmXmuoD8v+MKO4oo6noXC3zsA==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de,\n\tPhilippe Reynes <philippe.reynes@softathome.com>", "Subject": "[PATCH v3 02/15] ecdsa: initial support of ecdsa using mbedtls", "Date": "Tue, 31 Mar 2026 12:00:34 +0200", "Message-ID": "<20260331100047.34618-3-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "In-Reply-To": "<20260331100047.34618-1-philippe.reynes@softathome.com>", "References": "<20260331100047.34618-1-philippe.reynes@softathome.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "PA3PEPF000089B8:EE_|PATP264MB6790:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "4d325948-975d-4bcc-16ee-08de8f0c64d6", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|1800799024|82310400026|36860700016|376014|18002099003|22082099003|56012099003;", "X-Microsoft-Antispam-Message-Info": "\n qzvs8/gNk3u9oM3lTSisF5n3BHGJU/Jv7Nt8HgQ16KGvyVdGf/jNJaX6xzQbARa0rYpoh02Q1m2FXk+yOwTEL+rpDGMFrQw3pC0nJQCP8dGdh7pbdOoLOXAheoDIywqMnAE82p3gTbnLMMYrxHfdkd5v6HxVA5yw3zktQ5zDAPaLggKJjEox6cU8kcwk9DPvooPnCApS5sqe4nF79GyWbmFeYbHvsHniYnO5V2K1Iq3IDhNb0K1ge46OSqVHXiOZCb3aJ9D5snYKrSm8VkAgpRkCHIXP3k2DuIluic6ZzTqa0IR5+rnD50figq2tQHyo94dOSb52eXIFg6B2b/SmDOFPmtaBLLZ7lxYqzfRdTZk3EegKmMrjWYAUQxKtDyTqx6ZKnx1kVLZhWmc10oCZH1SBS05jQ7tGxq+HjYeZT+0eN1NmJFsD0QilDWs9vSACWbtV9Pv60Od7mcJSW0yNLNkRM0OkfE2x4Rzsb32bYcMa8U7Vfrxx/1R7aLGIMrxjDb00MA0wmJe0tgXN455AGS30X1164PeQdNv9XK9xJBtBlx7Cxfrjt5W6k4c3QI0XkmHiP1lLVSKHGv/2wV6BUlucBxZua7dBc+pltRLvjnHfLlQ70LxfXARt6VVKVXiZSo/YR9shvEVy17ErUym9dEDdNPFk9XrNjGiYjasuHDQl80ULHmSgDc8zIhTmiqnsMpeoMlKS/mhlg1Sf08SRiv82DQpFhkBARptC+Zpo3EQ1f0r+CfjWd912/bVlUqgswrZbxnWv7wLFpA1Pn5lGDQ==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(1800799024)(82310400026)(36860700016)(376014)(18002099003)(22082099003)(56012099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n Vqod9rMG/6+NaOxgR9V8Lj7ZAtV6R7ErI+Be0pzq8Jh45O8pUmCpf1HhHNVUIwnPgZtAI8dTuyOLneuYhlVqhh3y3KmxLJdmAbDdKdEEOhOdDL8tHZ2J6O9By8iiIxONJqX2F0tZQDTgWuVgFDaPa8or+v+iyG57a0G+R8axWYh4FnOydKa4TL/193RK6sfDl4GwmUde8LmTwql7TrweI1mgMXU2o9npv9XTI8jyJtMndDmJW66Uvlu5rG1MURSOKK/T+UlVB/ydqRwZMSr3oM31SYuvY3jkj7VJ7DKOlU7NKIzpXLCoK25zbInYO3e/mtc/tyoD2aIaaC5egz48kDLgDZ6M5jy+zPp8UtR/k0W9D1eqSnIC3lJqAon/V4k6+3HZTKzdZiTrg42ruzRkEyYlH7o4R1GVo3V50LoWOl5w3icOTA5Qjg0NsoP+irHa", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "31 Mar 2026 10:00:52.6839 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n 4d325948-975d-4bcc-16ee-08de8f0c64d6", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "PA3PEPF000089B8.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "PATP264MB6790", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "Adds an initial support of ecdsa verify using mbedtls.\n\nSigned-off-by: Philippe Reynes <philippe.reynes@softathome.com>\n---\nv2:\n- rename sw_ecdsa.c to ecdsa.c\nv3:\n- rename sw_ecdsa_verify to ecdsa_hash_verify\n- stop on first group found\n- check signature len\n- use debug instead of printf\n- check function returns\n- fix memleaks in ecdsa_hash_verify\n\n include/crypto/internal/ecdsa.h | 14 ++++\n lib/mbedtls/Makefile | 3 +\n lib/mbedtls/ecdsa.c | 141 ++++++++++++++++++++++++++++++++\n 3 files changed, 158 insertions(+)\n create mode 100644 include/crypto/internal/ecdsa.h\n create mode 100644 lib/mbedtls/ecdsa.c", "diff": "diff --git a/include/crypto/internal/ecdsa.h b/include/crypto/internal/ecdsa.h\nnew file mode 100644\nindex 00000000000..d2edc006cc2\n--- /dev/null\n+++ b/include/crypto/internal/ecdsa.h\n@@ -0,0 +1,14 @@\n+/* SPDX-License-Identifier: GPL-2.0+ */\n+/*\n+ * Copyright (c) 2026, Philippe Reynes <philippe.reynes@softathome.com>\n+ */\n+#ifndef __ECDSA_HELPER\n+#define __ECDSA_HELPER\n+\n+struct ecdsa_public_key;\n+\n+int ecdsa_hash_verify(const struct ecdsa_public_key *pubkey,\n+\t\t const void *hash, size_t hash_len,\n+\t\t const void *signature, size_t sig_len);\n+\n+#endif\ndiff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile\nindex 5433e17cc64..6db06092cee 100644\n--- a/lib/mbedtls/Makefile\n+++ b/lib/mbedtls/Makefile\n@@ -11,6 +11,9 @@ obj-$(CONFIG_$(PHASE_)SHA1_MBEDTLS) += sha1.o\n obj-$(CONFIG_$(PHASE_)SHA256_MBEDTLS) += sha256.o\n obj-$(CONFIG_$(PHASE_)SHA512_MBEDTLS) += sha512.o\n \n+# shim layer for ecdsa\n+obj-$(CONFIG_$(PHASE_)ECDSA_MBEDTLS) += ecdsa.o\n+\n # x509 libraries\n obj-$(CONFIG_$(PHASE_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \\\n \tpublic_key.o\ndiff --git a/lib/mbedtls/ecdsa.c b/lib/mbedtls/ecdsa.c\nnew file mode 100644\nindex 00000000000..c2ba5c3d72b\n--- /dev/null\n+++ b/lib/mbedtls/ecdsa.c\n@@ -0,0 +1,141 @@\n+// SPDX-License-Identifier: GPL-2.0+\n+/*\n+ * Copyright (C) 2026 Philippe Reynes <philippe.reynes@softathome.com>\n+ */\n+\n+#include <crypto/ecdsa-uclass.h>\n+#include \"mbedtls_options.h\" /* required to access private fields */\n+#include <mbedtls/ecdsa.h>\n+#include <mbedtls/ecp.h>\n+\n+static mbedtls_ecp_group_id ecdsa_search_group_id(const char *curve_name)\n+{\n+\tmbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;\n+\tconst mbedtls_ecp_curve_info *info;\n+\n+\tif (!curve_name)\n+\t\tgoto out;\n+\n+\tif (!strcmp(curve_name, \"prime256v1\"))\n+\t\tgrp_id = MBEDTLS_ECP_DP_SECP256R1;\n+\n+\tinfo = mbedtls_ecp_curve_list();\n+\twhile (info && info->name) {\n+\t\tif (!strcmp(curve_name, info->name)) {\n+\t\t\tgrp_id = info->grp_id;\n+\t\t\tbreak;\n+\t\t}\n+\t\tinfo++;\n+\t}\n+\n+ out:\n+\treturn grp_id;\n+}\n+\n+int ecdsa_hash_verify(const struct ecdsa_public_key *pubkey,\n+\t\t const void *hash, size_t hash_len,\n+\t\t const void *signature, size_t sig_len)\n+{\n+\tmbedtls_ecp_group_id grp_id;\n+\tmbedtls_ecp_group grp;\n+\tconst unsigned char *buf = hash;\n+\tsize_t blen = hash_len;\n+\tmbedtls_ecp_point Q;\n+\tmbedtls_mpi r, s;\n+\tint key_len;\n+\tint err = -1;\n+\n+\tif (!(pubkey->size_bits % 8))\n+\t\tkey_len = pubkey->size_bits / 8;\n+\telse\n+\t\tkey_len = pubkey->size_bits / 8 + 1;\n+\n+\t/* check the signature len */\n+\tif (sig_len != 2 * key_len) {\n+\t\tdebug(\"%s: sig len should be twice the key len (sig len = %ld, key len = %d)\\n\",\n+\t\t __func__, sig_len, key_len);\n+\t\terr = -EINVAL;\n+\t\tgoto out;\n+\t}\n+\n+\t/* search the group */\n+\tgrp_id = ecdsa_search_group_id(pubkey->curve_name);\n+\tif (grp_id == MBEDTLS_ECP_DP_NONE) {\n+\t\tdebug(\"%s: curve name %s not found\\n\",\n+\t\t __func__, pubkey->curve_name);\n+\t\terr = -EINVAL;\n+\t\tgoto out;\n+\t}\n+\n+\t/* init and load the group */\n+\tmbedtls_ecp_group_init(&grp);\n+\terr = mbedtls_ecp_group_load(&grp, grp_id);\n+\tif (err) {\n+\t\terr = -EINVAL;\n+\t\tgoto out1;\n+\t}\n+\n+\t/* prepare the pubkey */\n+\tmbedtls_ecp_point_init(&Q);\n+\terr = mbedtls_mpi_read_binary(&Q.X, pubkey->x, key_len);\n+\tif (err) {\n+\t\tdebug(\"%s: could not read value x of the public key (err = %d)\\n\",\n+\t\t __func__, err);\n+\t\terr = -EINVAL;\n+\t\tgoto out2;\n+\t}\n+\terr = mbedtls_mpi_read_binary(&Q.Y, pubkey->y, key_len);\n+\tif (err) {\n+\t\tdebug(\"%s: could not read value y of the public key (err = %d)\\n\",\n+\t\t __func__, err);\n+\t\terr = -EINVAL;\n+\t\tgoto out2;\n+\t}\n+\tmbedtls_mpi_lset(&Q.Z, 1);\n+\n+\t/* check if the pubkey is valid */\n+\terr = mbedtls_ecp_check_pubkey(&grp, &Q);\n+\tif (err < 0) {\n+\t\tdebug(\"%s: public key is invalid (err = %d)\\n\", __func__, err);\n+\t\terr = -EKEYREJECTED;\n+\t\tgoto out2;\n+\t}\n+\n+\t/* compute r */\n+\tmbedtls_mpi_init(&r);\n+\terr = mbedtls_mpi_read_binary(&r, signature, key_len);\n+\tif (err) {\n+\t\tdebug(\"%s: could not read value r of the signature (err = %d)\\n\",\n+\t\t __func__, err);\n+\t\terr = -EINVAL;\n+\t\tgoto out3;\n+\t}\n+\n+\t/* compute s */\n+\tmbedtls_mpi_init(&s);\n+\terr = mbedtls_mpi_read_binary(&s, (unsigned char *)signature + key_len,\n+\t\t\t\t key_len);\n+\tif (err) {\n+\t\tdebug(\"%s: could not read value s of the signature (err = %d)\\n\",\n+\t\t __func__, err);\n+\t\terr = -EINVAL;\n+\t\tgoto out4;\n+\t}\n+\n+\t/* check the signature */\n+\terr = mbedtls_ecdsa_verify(&grp, buf, blen, &Q, &r, &s);\n+\tif (err)\n+\t\terr = -EINVAL;\n+\n+ out4:\n+\tmbedtls_mpi_free(&s);\n+ out3:\n+\tmbedtls_mpi_free(&r);\n+ out2:\n+\tmbedtls_ecp_point_free(&Q);\n+ out1:\n+\tmbedtls_ecp_group_free(&grp);\n+ out:\n+\n+\treturn err;\n+}\n", "prefixes": [ "v3", "02/15" ] }