Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Nettle
nettle
Commits
64b9a7f8
Commit
64b9a7f8
authored
Sep 22, 2014
by
Niels Möller
Browse files
Renamed and generalized ecc_modq_random -> ecc_mod_random.
parent
296b09cc
Changes
5
Hide whitespace changes
Inline
Side-by-side
ChangeLog
View file @
64b9a7f8
2014-09-22 Niels Möller <nisse@lysator.liu.se>
* ecc-random.c (ecc_mod_random): Renamed, and take a const struct
ecc_modulo * as argument. Updated callers.
(ecc_modq_random): ... old name.
* ecc-mod-arith.c: New file, replacing ecc-modp.c and ecc-modq.c.
All functions take a struct ecc_modulo as argument.
(ecc_mod_add, ecc_mod_sub, ecc_mod_mul_1, ecc_mod_addmul_1)
...
...
ecc-internal.h
View file @
64b9a7f8
...
...
@@ -49,7 +49,7 @@
#define ecc_mod_submul_1 _nettle_ecc_mod_submul_1
#define ecc_mod_mul _nettle_ecc_mod_mul
#define ecc_mod_sqr _nettle_ecc_mod_sqr
#define ecc_mod
q
_random _nettle_ecc_mod
q
_random
#define ecc_mod_random _nettle_ecc_mod_random
#define ecc_mod _nettle_ecc_mod
#define ecc_mod_inv _nettle_ecc_mod_inv
#define ecc_hash _nettle_ecc_hash
...
...
@@ -232,8 +232,8 @@ ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp,
/* mod q operations. */
void
ecc_mod
q
_random
(
const
struct
ecc_
curve
*
ecc
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
);
ecc_mod_random
(
const
struct
ecc_
modulo
*
m
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
);
void
ecc_hash
(
const
struct
ecc_curve
*
ecc
,
...
...
@@ -287,7 +287,7 @@ curve25519_eh_to_x (mp_limb_t *xp, const mp_limb_t *p,
(((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
#endif
#define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
#define ECC_MOD
Q
_RANDOM_ITCH(size) (size)
#define ECC_MOD_RANDOM_ITCH(size) (size)
#define ECC_HASH_ITCH(size) (1+(size))
#endif
/* NETTLE_ECC_INTERNAL_H_INCLUDED */
ecc-random.c
View file @
64b9a7f8
...
...
@@ -42,56 +42,54 @@
#include
"nettle-internal.h"
static
int
zero_p
(
const
struct
ecc_
curve
*
ecc
,
zero_p
(
const
struct
ecc_
modulo
*
m
,
const
mp_limb_t
*
xp
)
{
mp_limb_t
t
;
mp_size_t
i
;
for
(
i
=
t
=
0
;
i
<
ecc
->
p
.
size
;
i
++
)
for
(
i
=
t
=
0
;
i
<
m
->
size
;
i
++
)
t
|=
xp
[
i
];
return
t
==
0
;
}
static
int
ecdsa_in_range
(
const
struct
ecc_
curve
*
ecc
,
ecdsa_in_range
(
const
struct
ecc_
modulo
*
m
,
const
mp_limb_t
*
xp
,
mp_limb_t
*
scratch
)
{
/* Check if 0 < x < q, with data independent timing. */
return
!
zero_p
(
ecc
,
xp
)
&
(
mpn_sub_n
(
scratch
,
xp
,
ecc
->
q
.
m
,
ecc
->
p
.
size
)
!=
0
);
return
!
zero_p
(
m
,
xp
)
&
(
mpn_sub_n
(
scratch
,
xp
,
m
->
m
,
m
->
size
)
!=
0
);
}
void
ecc_mod
q
_random
(
const
struct
ecc_
curve
*
ecc
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
)
ecc_mod_random
(
const
struct
ecc_
modulo
*
m
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
)
{
uint8_t
*
buf
=
(
uint8_t
*
)
scratch
;
unsigned
nbytes
=
(
ecc
->
q
.
bit_size
+
7
)
/
8
;
unsigned
nbytes
=
(
m
->
bit_size
+
7
)
/
8
;
/* The bytes ought to fit in the scratch area, unless we have very
unusual limb and byte sizes. */
assert
(
nbytes
<=
ecc
->
p
.
size
*
sizeof
(
mp_limb_t
));
assert
(
nbytes
<=
m
->
size
*
sizeof
(
mp_limb_t
));
do
{
random
(
ctx
,
nbytes
,
buf
);
buf
[
0
]
&=
0xff
>>
(
nbytes
*
8
-
ecc
->
q
.
bit_size
);
buf
[
0
]
&=
0xff
>>
(
nbytes
*
8
-
m
->
bit_size
);
mpn_set_base256
(
xp
,
ecc
->
p
.
size
,
buf
,
nbytes
);
mpn_set_base256
(
xp
,
m
->
size
,
buf
,
nbytes
);
}
while
(
!
ecdsa_in_range
(
ecc
,
xp
,
scratch
));
while
(
!
ecdsa_in_range
(
m
,
xp
,
scratch
));
}
void
ecc_scalar_random
(
struct
ecc_scalar
*
x
,
void
*
random_ctx
,
nettle_random_func
*
random
)
{
TMP_DECL
(
scratch
,
mp_limb_t
,
ECC_MOD
Q
_RANDOM_ITCH
(
ECC_MAX_SIZE
));
TMP_ALLOC
(
scratch
,
ECC_MOD
Q
_RANDOM_ITCH
(
x
->
ecc
->
p
.
size
));
TMP_DECL
(
scratch
,
mp_limb_t
,
ECC_MOD_RANDOM_ITCH
(
ECC_MAX_SIZE
));
TMP_ALLOC
(
scratch
,
ECC_MOD_RANDOM_ITCH
(
x
->
ecc
->
q
.
size
));
ecc_mod
q
_random
(
x
->
ecc
,
x
->
p
,
random_ctx
,
random
,
scratch
);
ecc_mod_random
(
&
x
->
ecc
->
q
,
x
->
p
,
random_ctx
,
random
,
scratch
);
}
ecdsa-keygen.c
View file @
64b9a7f8
...
...
@@ -55,7 +55,7 @@ ecdsa_generate_keypair (struct ecc_point *pub,
TMP_ALLOC
(
p
,
itch
);
ecc_mod
q
_random
(
ecc
,
key
->
p
,
random_ctx
,
random
,
p
);
ecc_mod_random
(
&
ecc
->
q
,
key
->
p
,
random_ctx
,
random
,
p
);
ecc
->
mul_g
(
ecc
,
p
,
key
->
p
,
p
+
3
*
ecc
->
p
.
size
);
ecc
->
h_to_a
(
ecc
,
0
,
pub
->
p
,
p
,
p
+
3
*
ecc
->
p
.
size
);
}
ecdsa-sign.c
View file @
64b9a7f8
...
...
@@ -61,7 +61,7 @@ ecdsa_sign (const struct ecc_scalar *key,
timing is still independent of the secret k finally used. */
do
{
ecc_mod
q
_random
(
key
->
ecc
,
k
,
random_ctx
,
random
,
k
+
size
);
ecc_mod_random
(
&
key
->
ecc
->
q
,
k
,
random_ctx
,
random
,
k
+
size
);
ecc_ecdsa_sign
(
key
->
ecc
,
key
->
p
,
k
,
digest_length
,
digest
,
rp
,
sp
,
k
+
size
);
mpz_limbs_finish
(
signature
->
r
,
size
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
