mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-09 21:44:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Correct some comments about ECC in mbedtls_mpi_random

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-04-15 11:45:19 +02:00
parent 3270b14d4b
commit e842e58f61
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/bignum.c
View File

@ -2460,7 +2460,6 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
/* SEC1 3.2.1: Generate X such that 1 <= n < N */
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
int count; int count;
unsigned cmp = 0; unsigned cmp = 0;
@ -2478,9 +2477,9 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
* be < N), so after 30 tries failure probability is a most 2**(-30). * be < N), so after 30 tries failure probability is a most 2**(-30).
* *
* When N is just below a power of 2, as is the case when generating * When N is just below a power of 2, as is the case when generating
* a random point on most elliptic curves, 1 try is enough with * a random scalar on most elliptic curves, 1 try is enough with
* overwhelming probability. When N is just above a power of 2, * overwhelming probability. When N is just above a power of 2,
* as when generating a random point on secp224k1, each try has * as when generating a random scalar on secp224k1, each try has
* a probability of failing that is almost 1/2. * a probability of failing that is almost 1/2.
* *
* The probabilities are almost the same if min is nonzero but negligible * The probabilities are almost the same if min is nonzero but negligible