Commit 56079909 authored by Niels Möller's avatar Niels Möller

Moved mod and reduce function pointers to struct ecc_modulo.

parent 46bfb297
...@@ -3,6 +3,8 @@ ...@@ -3,6 +3,8 @@
* ecc-internal.h (struct ecc_curve): Deleted redc function * ecc-internal.h (struct ecc_curve): Deleted redc function
pointer. Use only reduce pointer, which is redc or modp as pointer. Use only reduce pointer, which is redc or modp as
applicable. Updated all users. applicable. Updated all users.
(struct ecc_modulo): Moved mod and reduce function pointers to
this struct.
* ecc-generic-modp.c (ecc_generic_modp): Deleted file and * ecc-generic-modp.c (ecc_generic_modp): Deleted file and
function. We no longer need a wrapper around ecc_mod. function. We no longer need a wrapper around ecc_mod.
......
...@@ -121,6 +121,8 @@ const struct ecc_curve nettle_secp_192r1 = ...@@ -121,6 +121,8 @@ const struct ecc_curve nettle_secp_192r1 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
ecc_redc_ppm1, ecc_redc_ppm1,
ecc_192_modp,
ecc_192_modp,
}, },
{ {
192, 192,
...@@ -131,6 +133,8 @@ const struct ecc_curve nettle_secp_192r1 = ...@@ -131,6 +133,8 @@ const struct ecc_curve nettle_secp_192r1 =
ecc_Bmodq, ecc_Bmodq,
ecc_Bmodq_shifted, ecc_Bmodq_shifted,
NULL, NULL,
ecc_mod,
ecc_mod,
}, },
USE_REDC, USE_REDC,
...@@ -142,10 +146,6 @@ const struct ecc_curve nettle_secp_192r1 = ...@@ -142,10 +146,6 @@ const struct ecc_curve nettle_secp_192r1 =
ECC_MUL_G_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_192_modp,
ecc_192_modp,
ecc_mod,
ecc_add_jjj, ecc_add_jjj,
ecc_mul_a, ecc_mul_a,
ecc_mul_g, ecc_mul_g,
......
...@@ -73,6 +73,8 @@ const struct ecc_curve nettle_secp_224r1 = ...@@ -73,6 +73,8 @@ const struct ecc_curve nettle_secp_224r1 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
ecc_redc_ppm1, ecc_redc_ppm1,
ecc_224_modp,
USE_REDC ? ecc_224_redc : ecc_224_modp,
}, },
{ {
224, 224,
...@@ -83,6 +85,8 @@ const struct ecc_curve nettle_secp_224r1 = ...@@ -83,6 +85,8 @@ const struct ecc_curve nettle_secp_224r1 =
ecc_Bmodq, ecc_Bmodq,
ecc_Bmodq_shifted, ecc_Bmodq_shifted,
NULL, NULL,
ecc_mod,
ecc_mod,
}, },
USE_REDC, USE_REDC,
...@@ -94,10 +98,6 @@ const struct ecc_curve nettle_secp_224r1 = ...@@ -94,10 +98,6 @@ const struct ecc_curve nettle_secp_224r1 =
ECC_MUL_G_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_224_modp,
USE_REDC ? ecc_224_redc : ecc_224_modp,
ecc_mod,
ecc_add_jjj, ecc_add_jjj,
ecc_mul_a, ecc_mul_a,
ecc_mul_g, ecc_mul_g,
......
...@@ -241,6 +241,8 @@ const struct ecc_curve nettle_curve25519 = ...@@ -241,6 +241,8 @@ const struct ecc_curve nettle_curve25519 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
NULL, NULL,
ecc_25519_modp,
ecc_25519_modp,
}, },
{ {
253, 253,
...@@ -251,6 +253,8 @@ const struct ecc_curve nettle_curve25519 = ...@@ -251,6 +253,8 @@ const struct ecc_curve nettle_curve25519 =
ecc_Bmodq, ecc_Bmodq,
ecc_mBmodq_shifted, /* Use q - 2^{252} instead. */ ecc_mBmodq_shifted, /* Use q - 2^{252} instead. */
NULL, NULL,
ecc_25519_modq,
ecc_25519_modq,
}, },
0, /* No redc */ 0, /* No redc */
...@@ -262,10 +266,6 @@ const struct ecc_curve nettle_curve25519 = ...@@ -262,10 +266,6 @@ const struct ecc_curve nettle_curve25519 =
ECC_MUL_G_EH_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_EH_ITCH (ECC_LIMB_SIZE),
ECC_EH_TO_A_ITCH (ECC_LIMB_SIZE), ECC_EH_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_25519_modp,
ecc_25519_modp,
ecc_25519_modq,
ecc_add_ehh, ecc_add_ehh,
ecc_mul_a_eh, ecc_mul_a_eh,
ecc_mul_g_eh, ecc_mul_g_eh,
......
...@@ -236,6 +236,8 @@ const struct ecc_curve nettle_secp_256r1 = ...@@ -236,6 +236,8 @@ const struct ecc_curve nettle_secp_256r1 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
ecc_redc_ppm1, ecc_redc_ppm1,
ecc_256_modp,
USE_REDC ? ecc_256_redc : ecc_256_modp,
}, },
{ {
256, 256,
...@@ -246,6 +248,8 @@ const struct ecc_curve nettle_secp_256r1 = ...@@ -246,6 +248,8 @@ const struct ecc_curve nettle_secp_256r1 =
ecc_Bmodq, ecc_Bmodq,
ecc_Bmodq_shifted, ecc_Bmodq_shifted,
NULL, NULL,
ecc_256_modq,
ecc_256_modq,
}, },
USE_REDC, USE_REDC,
...@@ -257,10 +261,6 @@ const struct ecc_curve nettle_secp_256r1 = ...@@ -257,10 +261,6 @@ const struct ecc_curve nettle_secp_256r1 =
ECC_MUL_G_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_256_modp,
USE_REDC ? ecc_256_redc : ecc_256_modp,
ecc_256_modq,
ecc_add_jjj, ecc_add_jjj,
ecc_mul_a, ecc_mul_a,
ecc_mul_g, ecc_mul_g,
......
...@@ -158,6 +158,8 @@ const struct ecc_curve nettle_secp_384r1 = ...@@ -158,6 +158,8 @@ const struct ecc_curve nettle_secp_384r1 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
ecc_redc_ppm1, ecc_redc_ppm1,
ecc_384_modp,
ecc_384_modp,
}, },
{ {
384, 384,
...@@ -168,6 +170,8 @@ const struct ecc_curve nettle_secp_384r1 = ...@@ -168,6 +170,8 @@ const struct ecc_curve nettle_secp_384r1 =
ecc_Bmodq, ecc_Bmodq,
ecc_Bmodq_shifted, ecc_Bmodq_shifted,
NULL, NULL,
ecc_mod,
ecc_mod,
}, },
USE_REDC, USE_REDC,
...@@ -179,10 +183,6 @@ const struct ecc_curve nettle_secp_384r1 = ...@@ -179,10 +183,6 @@ const struct ecc_curve nettle_secp_384r1 =
ECC_MUL_G_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_384_modp,
ecc_384_modp,
ecc_mod,
ecc_add_jjj, ecc_add_jjj,
ecc_mul_a, ecc_mul_a,
ecc_mul_g, ecc_mul_g,
......
...@@ -86,6 +86,8 @@ const struct ecc_curve nettle_secp_521r1 = ...@@ -86,6 +86,8 @@ const struct ecc_curve nettle_secp_521r1 =
ecc_Bmodp, ecc_Bmodp,
ecc_Bmodp_shifted, ecc_Bmodp_shifted,
ecc_redc_ppm1, ecc_redc_ppm1,
ecc_521_modp,
ecc_521_modp,
}, },
{ {
521, 521,
...@@ -96,6 +98,8 @@ const struct ecc_curve nettle_secp_521r1 = ...@@ -96,6 +98,8 @@ const struct ecc_curve nettle_secp_521r1 =
ecc_Bmodq, ecc_Bmodq,
ecc_Bmodq_shifted, ecc_Bmodq_shifted,
NULL, NULL,
ecc_mod,
ecc_mod,
}, },
USE_REDC, USE_REDC,
...@@ -107,10 +111,6 @@ const struct ecc_curve nettle_secp_521r1 = ...@@ -107,10 +111,6 @@ const struct ecc_curve nettle_secp_521r1 =
ECC_MUL_G_ITCH (ECC_LIMB_SIZE), ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
ecc_521_modp,
ecc_521_modp,
ecc_mod,
ecc_add_jjj, ecc_add_jjj,
ecc_mul_a, ecc_mul_a,
ecc_mul_g, ecc_mul_g,
......
...@@ -47,10 +47,10 @@ ecc_a_to_j (const struct ecc_curve *ecc, ...@@ -47,10 +47,10 @@ ecc_a_to_j (const struct ecc_curve *ecc,
mpn_copyd (r + ecc->p.size, p, 2*ecc->p.size); mpn_copyd (r + ecc->p.size, p, 2*ecc->p.size);
mpn_zero (r, ecc->p.size); mpn_zero (r, ecc->p.size);
ecc->modp (&ecc->p, r); ecc->p.mod (&ecc->p, r);
mpn_zero (r + ecc->p.size, ecc->p.size); mpn_zero (r + ecc->p.size, ecc->p.size);
ecc->modp (&ecc->p, r + ecc->p.size); ecc->p.mod (&ecc->p, r + ecc->p.size);
} }
else if (r != p) else if (r != p)
mpn_copyi (r, p, 2*ecc->p.size); mpn_copyi (r, p, 2*ecc->p.size);
......
...@@ -75,22 +75,7 @@ ...@@ -75,22 +75,7 @@
/* And for ecc_mul_a_eh */ /* And for ecc_mul_a_eh */
#define ECC_MUL_A_EH_WBITS 4 #define ECC_MUL_A_EH_WBITS 4
struct ecc_modulo struct ecc_modulo;
{
unsigned short bit_size;
unsigned short size;
unsigned short B_size;
unsigned short redc_size;
const mp_limb_t *m;
/* B^size mod m. Expected to have at least 32 leading zeros
(equality for secp_256r1). */
const mp_limb_t *B;
/* 2^{bit_size} - p, same value as above, but shifted. */
const mp_limb_t *B_shifted;
/* m +/- 1, for redc, excluding redc_size low limbs. */
const mp_limb_t *redc_mpm1;
};
/* Reduces from 2*ecc->size to ecc->size. */ /* Reduces from 2*ecc->size to ecc->size. */
/* Required to return a result < 2q. This property is inherited by /* Required to return a result < 2q. This property is inherited by
...@@ -115,6 +100,26 @@ typedef void ecc_h_to_a_func (const struct ecc_curve *ecc, ...@@ -115,6 +100,26 @@ typedef void ecc_h_to_a_func (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch); mp_limb_t *scratch);
struct ecc_modulo
{
unsigned short bit_size;
unsigned short size;
unsigned short B_size;
unsigned short redc_size;
const mp_limb_t *m;
/* B^size mod m. Expected to have at least 32 leading zeros
(equality for secp_256r1). */
const mp_limb_t *B;
/* 2^{bit_size} - p, same value as above, but shifted. */
const mp_limb_t *B_shifted;
/* m +/- 1, for redc, excluding redc_size low limbs. */
const mp_limb_t *redc_mpm1;
ecc_mod_func *mod;
ecc_mod_func *reduce;
};
/* Represents an elliptic curve of the form /* Represents an elliptic curve of the form
y^2 = x^3 - 3x + b (mod p) y^2 = x^3 - 3x + b (mod p)
...@@ -137,10 +142,6 @@ struct ecc_curve ...@@ -137,10 +142,6 @@ struct ecc_curve
unsigned short mul_g_itch; unsigned short mul_g_itch;
unsigned short h_to_a_itch; unsigned short h_to_a_itch;
ecc_mod_func *modp;
ecc_mod_func *reduce;
ecc_mod_func *modq;
ecc_add_func *add_hhh; ecc_add_func *add_hhh;
ecc_mul_func *mul; ecc_mul_func *mul;
ecc_mul_g_func *mul_g; ecc_mul_g_func *mul_g;
......
...@@ -73,16 +73,16 @@ ecc_j_to_a (const struct ecc_curve *ecc, ...@@ -73,16 +73,16 @@ ecc_j_to_a (const struct ecc_curve *ecc,
mpn_copyi (up, p + 2*ecc->p.size, ecc->p.size); mpn_copyi (up, p + 2*ecc->p.size, ecc->p.size);
mpn_zero (up + ecc->p.size, ecc->p.size); mpn_zero (up + ecc->p.size, ecc->p.size);
ecc->reduce (&ecc->p, up); ecc->p.reduce (&ecc->p, up);
mpn_zero (up + ecc->p.size, ecc->p.size); mpn_zero (up + ecc->p.size, ecc->p.size);
ecc->reduce (&ecc->p, up); ecc->p.reduce (&ecc->p, up);
ecc_modp_inv (ecc, izp, up, up + ecc->p.size); ecc_modp_inv (ecc, izp, up, up + ecc->p.size);
/* Divide this common factor by B */ /* Divide this common factor by B */
mpn_copyi (izBp, izp, ecc->p.size); mpn_copyi (izBp, izp, ecc->p.size);
mpn_zero (izBp + ecc->p.size, ecc->p.size); mpn_zero (izBp + ecc->p.size, ecc->p.size);
ecc->reduce (&ecc->p, izBp); ecc->p.reduce (&ecc->p, izBp);
ecc_modp_mul (ecc, iz2p, izp, izBp); ecc_modp_mul (ecc, iz2p, izp, izBp);
} }
......
...@@ -115,7 +115,7 @@ ecc_modp_mul (const struct ecc_curve *ecc, mp_limb_t *rp, ...@@ -115,7 +115,7 @@ ecc_modp_mul (const struct ecc_curve *ecc, mp_limb_t *rp,
const mp_limb_t *ap, const mp_limb_t *bp) const mp_limb_t *ap, const mp_limb_t *bp)
{ {
mpn_mul_n (rp, ap, bp, ecc->p.size); mpn_mul_n (rp, ap, bp, ecc->p.size);
ecc->reduce (&ecc->p, rp); ecc->p.reduce (&ecc->p, rp);
} }
void void
...@@ -123,7 +123,7 @@ ecc_modp_sqr (const struct ecc_curve *ecc, mp_limb_t *rp, ...@@ -123,7 +123,7 @@ ecc_modp_sqr (const struct ecc_curve *ecc, mp_limb_t *rp,
const mp_limb_t *ap) const mp_limb_t *ap)
{ {
mpn_sqr (rp, ap, ecc->p.size); mpn_sqr (rp, ap, ecc->p.size);
ecc->reduce (&ecc->p, rp); ecc->p.reduce (&ecc->p, rp);
} }
void void
......
...@@ -57,7 +57,7 @@ ecc_modq_mul (const struct ecc_curve *ecc, mp_limb_t *rp, ...@@ -57,7 +57,7 @@ ecc_modq_mul (const struct ecc_curve *ecc, mp_limb_t *rp,
const mp_limb_t *ap, const mp_limb_t *bp) const mp_limb_t *ap, const mp_limb_t *bp)
{ {
mpn_mul_n (rp, ap, bp, ecc->q.size); mpn_mul_n (rp, ap, bp, ecc->q.size);
ecc->modq (&ecc->q, rp); ecc->q.mod (&ecc->q, rp);
} }
void void
......
...@@ -150,7 +150,7 @@ bench_modp (void *p) ...@@ -150,7 +150,7 @@ bench_modp (void *p)
{ {
struct ecc_ctx *ctx = (struct ecc_ctx *) p; struct ecc_ctx *ctx = (struct ecc_ctx *) p;
mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size); mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size);
ctx->ecc->modp (&ctx->ecc->p, ctx->rp); ctx->ecc->p.mod (&ctx->ecc->p, ctx->rp);
} }
static void static void
...@@ -158,7 +158,7 @@ bench_reduce (void *p) ...@@ -158,7 +158,7 @@ bench_reduce (void *p)
{ {
struct ecc_ctx *ctx = (struct ecc_ctx *) p; struct ecc_ctx *ctx = (struct ecc_ctx *) p;
mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size); mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size);
ctx->ecc->reduce (&ctx->ecc->p, ctx->rp); ctx->ecc->p.reduce (&ctx->ecc->p, ctx->rp);
} }
static void static void
...@@ -166,7 +166,7 @@ bench_modq (void *p) ...@@ -166,7 +166,7 @@ bench_modq (void *p)
{ {
struct ecc_ctx *ctx = (struct ecc_ctx *) p; struct ecc_ctx *ctx = (struct ecc_ctx *) p;
mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size); mpn_copyi (ctx->rp, ctx->ap, 2*ctx->ecc->p.size);
ctx->ecc->modq (&ctx->ecc->q, ctx->rp); ctx->ecc->q.mod(&ctx->ecc->q, ctx->rp);
} }
static void static void
......
...@@ -42,7 +42,7 @@ test_curve (gmp_randstate_t rands, const struct ecc_curve *ecc) ...@@ -42,7 +42,7 @@ test_curve (gmp_randstate_t rands, const struct ecc_curve *ecc)
ref_mod (ref, a, ecc->p.m, ecc->p.size); ref_mod (ref, a, ecc->p.m, ecc->p.size);
mpn_copyi (m, a, 2*ecc->p.size); mpn_copyi (m, a, 2*ecc->p.size);
ecc->modp (&ecc->p, m); ecc->p.mod (&ecc->p, m);
if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0) if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0)
mpn_sub_n (m, m, ecc->p.m, ecc->p.size); mpn_sub_n (m, m, ecc->p.m, ecc->p.size);
...@@ -77,7 +77,7 @@ test_curve (gmp_randstate_t rands, const struct ecc_curve *ecc) ...@@ -77,7 +77,7 @@ test_curve (gmp_randstate_t rands, const struct ecc_curve *ecc)
ref_mod (ref, a, ecc->q.m, ecc->p.size); ref_mod (ref, a, ecc->q.m, ecc->p.size);
mpn_copyi (m, a, 2*ecc->p.size); mpn_copyi (m, a, 2*ecc->p.size);
ecc->modq (&ecc->q, m); ecc->q.mod (&ecc->q, m);
if (mpn_cmp (m, ecc->q.m, ecc->p.size) >= 0) if (mpn_cmp (m, ecc->q.m, ecc->p.size) >= 0)
mpn_sub_n (m, m, ecc->q.m, ecc->p.size); mpn_sub_n (m, m, ecc->q.m, ecc->p.size);
......
...@@ -57,7 +57,7 @@ test_main (void) ...@@ -57,7 +57,7 @@ test_main (void)
{ {
const struct ecc_curve *ecc = ecc_curves[i]; const struct ecc_curve *ecc = ecc_curves[i];
unsigned j; unsigned j;
if (ecc->reduce == ecc->modp) if (ecc->p.reduce == ecc->p.mod)
continue; continue;
ASSERT (ecc->p.redc_size != 0); ASSERT (ecc->p.redc_size != 0);
...@@ -73,7 +73,7 @@ test_main (void) ...@@ -73,7 +73,7 @@ test_main (void)
ref_redc (ref, a, ecc->p.m, ecc->p.size); ref_redc (ref, a, ecc->p.m, ecc->p.size);
mpn_copyi (m, a, 2*ecc->p.size); mpn_copyi (m, a, 2*ecc->p.size);
ecc->reduce (&ecc->p, m); ecc->p.reduce (&ecc->p, m);
if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0) if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0)
mpn_sub_n (m, m, ecc->p.m, ecc->p.size); mpn_sub_n (m, m, ecc->p.m, ecc->p.size);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment