diff --git a/ChangeLog b/ChangeLog index e5a3f1eb5161d59aae5cc06ba2129885b9a1007b..d3b66d1ad88eb4d092cc8338a6d29aaae672cc0b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ 2014-09-22 Niels Möller + * ecc-mod-arith.c: New file, replacing ecc-modp.c and ecc-modq.c. + All functions take a struct ecc_modulo as argument. + (ecc_mod_add, ecc_mod_sub, ecc_mod_mul_1, ecc_mod_addmul_1) + (ecc_mod_submul_1, ecc_mod_mul, ecc_mod_sqr): New functions, + replacing the corresponding ecc_modp_* functions. For convenience, + old names are defined as macros wrapping the new functions. + * ecc-modp.c: Deleted file. + * ecc-modq.c: Deleted file. + * Makefile.in (hogweed_SOURCES): Updated accordingly. + * testsuite/ecc-redc-test.c (test_main): Relaxed tests for which tests to run. diff --git a/Makefile.in b/Makefile.in index aae7c1aa173d288554365c901536aaaaf64c6034..5345e88746ed0200a553721df181d9c03a8c85e4 100644 --- a/Makefile.in +++ b/Makefile.in @@ -163,7 +163,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ sec-add-1.c sec-sub-1.c sec-tabselect.c \ gmp-glue.c cnd-copy.c \ ecc-mod.c ecc-mod-inv.c \ - ecc-modp.c ecc-modq.c ecc-pp1-redc.c ecc-pm1-redc.c \ + ecc-mod-arith.c ecc-pp1-redc.c ecc-pm1-redc.c \ ecc-192.c ecc-224.c ecc-256.c ecc-384.c ecc-521.c \ ecc-25519.c \ ecc-size.c ecc-j-to-a.c ecc-a-to-j.c \ diff --git a/ecc-internal.h b/ecc-internal.h index 263b82168df67d35b3a3f3ab36fb2d440b65ec20..852662ac7638013939e1f5312b36eb2c67a909c5 100644 --- a/ecc-internal.h +++ b/ecc-internal.h @@ -42,15 +42,13 @@ /* Name mangling */ #define ecc_pp1_redc _nettle_ecc_pp1_redc #define ecc_pm1_redc _nettle_ecc_pm1_redc -#define ecc_modp_add _nettle_ecc_modp_add -#define ecc_modp_sub _nettle_ecc_modp_sub -#define ecc_modp_mul_1 _nettle_ecc_modp_mul_1 -#define ecc_modp_addmul_1 _nettle_ecc_modp_addmul_1 -#define ecc_modp_submul_1 _nettle_ecc_modp_submul_1 -#define ecc_modp_mul _nettle_ecc_modp_mul -#define ecc_modp_sqr _nettle_ecc_modp_sqr -#define ecc_modq_mul _nettle_ecc_modq_mul -#define ecc_modq_add _nettle_ecc_modq_add +#define ecc_mod_add _nettle_ecc_mod_add +#define ecc_mod_sub _nettle_ecc_mod_sub +#define ecc_mod_mul_1 _nettle_ecc_mod_mul_1 +#define ecc_mod_addmul_1 _nettle_ecc_mod_addmul_1 +#define ecc_mod_submul_1 _nettle_ecc_mod_submul_1 +#define ecc_mod_mul _nettle_ecc_mod_mul +#define ecc_mod_sqr _nettle_ecc_mod_sqr #define ecc_modq_random _nettle_ecc_modq_random #define ecc_mod _nettle_ecc_mod #define ecc_mod_inv _nettle_ecc_mod_inv @@ -78,7 +76,7 @@ struct ecc_modulo; /* Reduces from 2*ecc->size to ecc->size. */ /* Required to return a result < 2q. This property is inherited by - modp_mul and modp_sqr. */ + mod_mul and mod_sqr. */ typedef void ecc_mod_func (const struct ecc_modulo *m, mp_limb_t *rp); typedef void ecc_mod_inv_func (const struct ecc_modulo *m, @@ -162,7 +160,7 @@ struct ecc_curve equivalent Edwards curve. */ const mp_limb_t *edwards_root; - /* For redc, same as Bmodp, otherwise 1. */ + /* For redc, same as B mod p, otherwise 1. */ const mp_limb_t *unit; /* Tables for multiplying by the generator, size determined by k and @@ -186,40 +184,53 @@ ecc_mod_func ecc_pm1_redc; ecc_mod_inv_func ecc_mod_inv; void -ecc_modp_add (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp); +ecc_mod_add (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp); void -ecc_modp_sub (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp); +ecc_mod_sub (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp); void -ecc_modp_mul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t b); +ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t b); void -ecc_modp_addmul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b); +ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b); void -ecc_modp_submul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b); +ecc_mod_submul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b); /* NOTE: mul and sqr needs 2*ecc->size limbs at rp */ void -ecc_modp_mul (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp); +ecc_mod_mul (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp); void -ecc_modp_sqr (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap); +ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap); + +#define ecc_modp_add(ecc, r, a, b) \ + ecc_mod_add (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_sub(ecc, r, a, b) \ + ecc_mod_sub (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_mul_1(ecc, r, a, b) \ + ecc_mod_mul_1 (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_addmul_1(ecc, r, a, b) \ + ecc_mod_addmul_1 (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_submul_1(ecc, r, a, b) \ + ecc_mod_submul_1 (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_mul(ecc, r, a, b) \ + ecc_mod_mul (&(ecc)->p, (r), (a), (b)) +#define ecc_modp_sqr(ecc, r, a) \ + ecc_mod_sqr (&(ecc)->p, (r), (a)) + +#define ecc_modq_add(ecc, r, a, b) \ + ecc_mod_add (&(ecc)->q, (r), (a), (b)) +#define ecc_modq_mul(ecc, r, a, b) \ + ecc_mod_mul (&(ecc)->q, (r), (a), (b)) /* mod q operations. */ -void -ecc_modq_mul (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp); -void -ecc_modq_add (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp); - void ecc_modq_random (const struct ecc_curve *ecc, mp_limb_t *xp, void *ctx, nettle_random_func *random, mp_limb_t *scratch); diff --git a/ecc-modp.c b/ecc-mod-arith.c similarity index 51% rename from ecc-modp.c rename to ecc-mod-arith.c index 9f196243fdfa69c229d34d857648787ec53698db..f2e47f6747c11ead4ef8ce62a34517006aa6c172 100644 --- a/ecc-modp.c +++ b/ecc-mod-arith.c @@ -1,6 +1,6 @@ -/* ecc-modp.c +/* ecc-mod-arith.c - Copyright (C) 2013 Niels Möller + Copyright (C) 2013, 2014 Niels Möller This file is part of GNU Nettle. @@ -43,85 +43,85 @@ not necessarily < p. */ void -ecc_modp_add (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp) +ecc_mod_add (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp) { mp_limb_t cy; - cy = mpn_add_n (rp, ap, bp, ecc->p.size); - cy = cnd_add_n (cy, rp, ecc->p.B, ecc->p.size); - cy = cnd_add_n (cy, rp, ecc->p.B, ecc->p.size); + cy = mpn_add_n (rp, ap, bp, m->size); + cy = cnd_add_n (cy, rp, m->B, m->size); + cy = cnd_add_n (cy, rp, m->B, m->size); assert (cy == 0); } void -ecc_modp_sub (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp) +ecc_mod_sub (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp) { mp_limb_t cy; - cy = mpn_sub_n (rp, ap, bp, ecc->p.size); - cy = cnd_sub_n (cy, rp, ecc->p.B, ecc->p.size); - cy = cnd_sub_n (cy, rp, ecc->p.B, ecc->p.size); + cy = mpn_sub_n (rp, ap, bp, m->size); + cy = cnd_sub_n (cy, rp, m->B, m->size); + cy = cnd_sub_n (cy, rp, m->B, m->size); assert (cy == 0); } void -ecc_modp_mul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi; assert (b <= 0xffffffff); - hi = mpn_mul_1 (rp, ap, ecc->p.size, b); - hi = mpn_addmul_1 (rp, ecc->p.B, ecc->p.size, hi); + hi = mpn_mul_1 (rp, ap, m->size, b); + hi = mpn_addmul_1 (rp, m->B, m->size, hi); assert (hi <= 1); - hi = cnd_add_n (hi, rp, ecc->p.B, ecc->p.size); + hi = cnd_add_n (hi, rp, m->B, m->size); /* Sufficient if b < B^size / p */ assert (hi == 0); } void -ecc_modp_addmul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi; assert (b <= 0xffffffff); - hi = mpn_addmul_1 (rp, ap, ecc->p.size, b); - hi = mpn_addmul_1 (rp, ecc->p.B, ecc->p.size, hi); + hi = mpn_addmul_1 (rp, ap, m->size, b); + hi = mpn_addmul_1 (rp, m->B, m->size, hi); assert (hi <= 1); - hi = cnd_add_n (hi, rp, ecc->p.B, ecc->p.size); + hi = cnd_add_n (hi, rp, m->B, m->size); /* Sufficient roughly if b < B^size / p */ assert (hi == 0); } void -ecc_modp_submul_1 (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_submul_1 (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi; assert (b <= 0xffffffff); - hi = mpn_submul_1 (rp, ap, ecc->p.size, b); - hi = mpn_submul_1 (rp, ecc->p.B, ecc->p.size, hi); + hi = mpn_submul_1 (rp, ap, m->size, b); + hi = mpn_submul_1 (rp, m->B, m->size, hi); assert (hi <= 1); - hi = cnd_sub_n (hi, rp, ecc->p.B, ecc->p.size); + hi = cnd_sub_n (hi, rp, m->B, m->size); /* Sufficient roughly if b < B^size / p */ assert (hi == 0); } -/* NOTE: mul and sqr needs 2*ecc->p.size limbs at rp */ +/* NOTE: mul and sqr needs 2*m->size limbs at rp */ void -ecc_modp_mul (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp) +ecc_mod_mul (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t *bp) { - mpn_mul_n (rp, ap, bp, ecc->p.size); - ecc->p.reduce (&ecc->p, rp); + mpn_mul_n (rp, ap, bp, m->size); + m->reduce (m, rp); } void -ecc_modp_sqr (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap) +ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap) { - mpn_sqr (rp, ap, ecc->p.size); - ecc->p.reduce (&ecc->p, rp); + mpn_sqr (rp, ap, m->size); + m->reduce (m, rp); } diff --git a/ecc-modq.c b/ecc-modq.c deleted file mode 100644 index c15f2a463e39c2ced356ff8968664819615d44e5..0000000000000000000000000000000000000000 --- a/ecc-modq.c +++ /dev/null @@ -1,61 +0,0 @@ -/* ecc-modq.c - - Copyright (C) 2013 Niels Möller - - This file is part of GNU Nettle. - - GNU Nettle is free software: you can redistribute it and/or - modify it under the terms of either: - - * the GNU Lesser General Public License as published by the Free - Software Foundation; either version 3 of the License, or (at your - option) any later version. - - or - - * the GNU General Public License as published by the Free - Software Foundation; either version 2 of the License, or (at your - option) any later version. - - or both in parallel, as here. - - GNU Nettle is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received copies of the GNU General Public License and - the GNU Lesser General Public License along with this program. If - not, see http://www.gnu.org/licenses/. -*/ - -/* Development of Nettle's ECC support was funded by the .SE Internet Fund. */ - -#if HAVE_CONFIG_H -# include "config.h" -#endif - -#include - -#include "ecc-internal.h" - -/* Arithmetic mod q, the group order. */ - -void -ecc_modq_add (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp) -{ - mp_limb_t cy; - cy = mpn_add_n (rp, ap, bp, ecc->q.size); - cy = cnd_add_n (cy, rp, ecc->q.B, ecc->q.size); - cy = cnd_add_n (cy, rp, ecc->q.B, ecc->q.size); - assert (cy == 0); -} - -void -ecc_modq_mul (const struct ecc_curve *ecc, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t *bp) -{ - mpn_mul_n (rp, ap, bp, ecc->q.size); - ecc->q.mod (&ecc->q, rp); -}