diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2014-09-22 22:07:41 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2014-09-22 22:07:41 +0200 |
| commit | 64b9a7f8b361db607a64fd1366dc74f1b73da1e9 (patch) | |
| tree | f8fd945525f68f4aa8b53985d4e682f19439ea13 | |
| parent | 296b09cc68dbc1918693ce5c60f0a88ab8aeadb7 (diff) | |
| download | nettle-64b9a7f8b361db607a64fd1366dc74f1b73da1e9.tar.gz | |
Renamed and generalized ecc_modq_random -> ecc_mod_random.
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | ecc-internal.h | 8 | ||||
| -rw-r--r-- | ecc-random.c | 32 | ||||
| -rw-r--r-- | ecdsa-keygen.c | 2 | ||||
| -rw-r--r-- | ecdsa-sign.c | 2 |
5 files changed, 25 insertions, 23 deletions
@@ -1,5 +1,9 @@ 2014-09-22 Niels Möller <nisse@lysator.liu.se> + * ecc-random.c (ecc_mod_random): Renamed, and take a const struct + ecc_modulo * as argument. Updated callers. + (ecc_modq_random): ... old name. + * ecc-mod-arith.c: New file, replacing ecc-modp.c and ecc-modq.c. All functions take a struct ecc_modulo as argument. (ecc_mod_add, ecc_mod_sub, ecc_mod_mul_1, ecc_mod_addmul_1) diff --git a/ecc-internal.h b/ecc-internal.h index 852662ac..b96751f8 100644 --- a/ecc-internal.h +++ b/ecc-internal.h @@ -49,7 +49,7 @@ #define ecc_mod_submul_1 _nettle_ecc_mod_submul_1 #define ecc_mod_mul _nettle_ecc_mod_mul #define ecc_mod_sqr _nettle_ecc_mod_sqr -#define ecc_modq_random _nettle_ecc_modq_random +#define ecc_mod_random _nettle_ecc_mod_random #define ecc_mod _nettle_ecc_mod #define ecc_mod_inv _nettle_ecc_mod_inv #define ecc_hash _nettle_ecc_hash @@ -232,8 +232,8 @@ ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp, /* mod q operations. */ void -ecc_modq_random (const struct ecc_curve *ecc, mp_limb_t *xp, - void *ctx, nettle_random_func *random, mp_limb_t *scratch); +ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp, + void *ctx, nettle_random_func *random, mp_limb_t *scratch); void ecc_hash (const struct ecc_curve *ecc, @@ -287,7 +287,7 @@ curve25519_eh_to_x (mp_limb_t *xp, const mp_limb_t *p, (((3 << ECC_MUL_A_EH_WBITS) + 10) * (size)) #endif #define ECC_ECDSA_SIGN_ITCH(size) (12*(size)) -#define ECC_MODQ_RANDOM_ITCH(size) (size) +#define ECC_MOD_RANDOM_ITCH(size) (size) #define ECC_HASH_ITCH(size) (1+(size)) #endif /* NETTLE_ECC_INTERNAL_H_INCLUDED */ diff --git a/ecc-random.c b/ecc-random.c index f3c83f53..79df511c 100644 --- a/ecc-random.c +++ b/ecc-random.c @@ -42,56 +42,54 @@ #include "nettle-internal.h" static int -zero_p (const struct ecc_curve *ecc, +zero_p (const struct ecc_modulo *m, const mp_limb_t *xp) { mp_limb_t t; mp_size_t i; - for (i = t = 0; i < ecc->p.size; i++) + for (i = t = 0; i < m->size; i++) t |= xp[i]; return t == 0; } static int -ecdsa_in_range (const struct ecc_curve *ecc, +ecdsa_in_range (const struct ecc_modulo *m, const mp_limb_t *xp, mp_limb_t *scratch) { /* Check if 0 < x < q, with data independent timing. */ - return !zero_p (ecc, xp) - & (mpn_sub_n (scratch, xp, ecc->q.m, ecc->p.size) != 0); + return !zero_p (m, xp) + & (mpn_sub_n (scratch, xp, m->m, m->size) != 0); } void -ecc_modq_random (const struct ecc_curve *ecc, mp_limb_t *xp, - void *ctx, nettle_random_func *random, mp_limb_t *scratch) +ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp, + void *ctx, nettle_random_func *random, mp_limb_t *scratch) { uint8_t *buf = (uint8_t *) scratch; - unsigned nbytes = (ecc->q.bit_size + 7)/8; + unsigned nbytes = (m->bit_size + 7)/8; /* The bytes ought to fit in the scratch area, unless we have very unusual limb and byte sizes. */ - assert (nbytes <= ecc->p.size * sizeof (mp_limb_t)); + assert (nbytes <= m->size * sizeof (mp_limb_t)); do { random (ctx, nbytes, buf); - buf[0] &= 0xff >> (nbytes * 8 - ecc->q.bit_size); + buf[0] &= 0xff >> (nbytes * 8 - m->bit_size); - mpn_set_base256 (xp, ecc->p.size, buf, nbytes); + mpn_set_base256 (xp, m->size, buf, nbytes); } - while (!ecdsa_in_range (ecc, xp, scratch)); + while (!ecdsa_in_range (m, xp, scratch)); } void ecc_scalar_random (struct ecc_scalar *x, void *random_ctx, nettle_random_func *random) { - TMP_DECL (scratch, mp_limb_t, ECC_MODQ_RANDOM_ITCH (ECC_MAX_SIZE)); - TMP_ALLOC (scratch, ECC_MODQ_RANDOM_ITCH (x->ecc->p.size)); + TMP_DECL (scratch, mp_limb_t, ECC_MOD_RANDOM_ITCH (ECC_MAX_SIZE)); + TMP_ALLOC (scratch, ECC_MOD_RANDOM_ITCH (x->ecc->q.size)); - ecc_modq_random (x->ecc, x->p, random_ctx, random, scratch); + ecc_mod_random (&x->ecc->q, x->p, random_ctx, random, scratch); } - - diff --git a/ecdsa-keygen.c b/ecdsa-keygen.c index ec3ecfdc..fa559a9e 100644 --- a/ecdsa-keygen.c +++ b/ecdsa-keygen.c @@ -55,7 +55,7 @@ ecdsa_generate_keypair (struct ecc_point *pub, TMP_ALLOC (p, itch); - ecc_modq_random (ecc, key->p, random_ctx, random, p); + ecc_mod_random (&ecc->q, key->p, random_ctx, random, p); ecc->mul_g (ecc, p, key->p, p + 3*ecc->p.size); ecc->h_to_a (ecc, 0, pub->p, p, p + 3*ecc->p.size); } diff --git a/ecdsa-sign.c b/ecdsa-sign.c index 11987eea..e6fb3287 100644 --- a/ecdsa-sign.c +++ b/ecdsa-sign.c @@ -61,7 +61,7 @@ ecdsa_sign (const struct ecc_scalar *key, timing is still independent of the secret k finally used. */ do { - ecc_modq_random (key->ecc, k, random_ctx, random, k + size); + ecc_mod_random (&key->ecc->q, k, random_ctx, random, k + size); ecc_ecdsa_sign (key->ecc, key->p, k, digest_length, digest, rp, sp, k + size); mpz_limbs_finish (signature->r, size); |