shared/ecc: Allow pre-composed Private Keys
Add function ecc_make_public_key() which takes a const private_key
and generates a validated public_key to complete the pair.
Non-ephemeral key sets are required to support Bluetooth Mesh.
diff --git a/src/shared/ecc.c b/src/shared/ecc.c
index eb2cc00..15f6b8a 100644
--- a/src/shared/ecc.c
+++ b/src/shared/ecc.c
@@ -856,33 +856,49 @@
}
}
-bool ecc_make_key(uint8_t public_key[64], uint8_t private_key[32])
+bool ecc_make_public_key(const uint8_t private_key[32], uint8_t public_key[64])
{
struct ecc_point pk;
uint64_t priv[NUM_ECC_DIGITS];
- unsigned tries = 0;
- do {
- if (!get_random_number(priv) || (tries++ >= MAX_TRIES))
- return false;
+ ecc_bytes2native(private_key, priv);
- if (vli_is_zero(priv))
- continue;
+ if (vli_is_zero(priv))
+ return false;
- /* Make sure the private key is in the range [1, n-1]. */
- if (vli_cmp(curve_n, priv) != 1)
- continue;
+ /* Make sure the private key is in the range [1, n-1]. */
+ if (vli_cmp(curve_n, priv) != 1)
+ return false;
- ecc_point_mult(&pk, &curve_g, priv, NULL, vli_num_bits(priv));
- } while (ecc_point_is_zero(&pk));
+ ecc_point_mult(&pk, &curve_g, priv, NULL, vli_num_bits(priv));
- ecc_native2bytes(priv, private_key);
+ if (ecc_point_is_zero(&pk))
+ return false;
+
ecc_native2bytes(pk.x, public_key);
ecc_native2bytes(pk.y, &public_key[32]);
return true;
}
+bool ecc_make_key(uint8_t public_key[64], uint8_t private_key[32])
+{
+ uint64_t priv[NUM_ECC_DIGITS];
+ unsigned int tries = 0;
+ bool result = false;
+
+ for (tries = 0; !result && tries < MAX_TRIES; tries++) {
+ if (!get_random_number(priv))
+ continue;
+
+ ecc_native2bytes(priv, private_key);
+
+ result = ecc_make_public_key(private_key, public_key);
+ }
+
+ return result;
+}
+
bool ecc_valid_public_key(const uint8_t public_key[64])
{
struct ecc_point pk;
diff --git a/src/shared/ecc.h b/src/shared/ecc.h
index f89f2b0..a88e735 100644
--- a/src/shared/ecc.h
+++ b/src/shared/ecc.h
@@ -27,14 +27,25 @@
#include <stdbool.h>
#include <stdint.h>
+/* Create a public key from a private key.
+ *
+ * Outputs:
+ * private_key - Const private key
+ * public_key - Will be filled in with the public key.
+ *
+ * Returns true if the public key was generated successfully, false
+ * if an error occurred. The keys are with the LSB first.
+ */
+bool ecc_make_public_key(const uint8_t private_key[32], uint8_t public_key[64]);
+
/* Create a public/private key pair.
*
* Outputs:
* public_key - Will be filled in with the public key.
- * private_Key - Will be filled in with the private key.
+ * private_key - Will be filled in with the private key.
*
* Returns true if the key pair was generated successfully, false
- * if an error occurred. They keys are with the LSB first.
+ * if an error occurred. The keys are with the LSB first.
*/
bool ecc_make_key(uint8_t public_key[64], uint8_t private_key[32]);
@@ -54,7 +65,7 @@
*
* Inputs:
* public_key - The public key of the remote party.
- * private_Key - Your private key.
+ * private_key - Your private key.
*
* Outputs:
* secret - Will be filled in with the shared secret value.