Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
nettle
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
3
Merge Requests
3
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
Nettle
nettle
Commits
64b9a7f8
Commit
64b9a7f8
authored
Sep 22, 2014
by
Niels Möller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Renamed and generalized ecc_modq_random -> ecc_mod_random.
parent
296b09cc
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
25 additions
and
23 deletions
+25
-23
ChangeLog
ChangeLog
+4
-0
ecc-internal.h
ecc-internal.h
+4
-4
ecc-random.c
ecc-random.c
+15
-17
ecdsa-keygen.c
ecdsa-keygen.c
+1
-1
ecdsa-sign.c
ecdsa-sign.c
+1
-1
No files found.
ChangeLog
View file @
64b9a7f8
2014-09-22 Niels Möller <nisse@lysator.liu.se>
* ecc-random.c (ecc_mod_random): Renamed, and take a const struct
ecc_modulo * as argument. Updated callers.
(ecc_modq_random): ... old name.
* ecc-mod-arith.c: New file, replacing ecc-modp.c and ecc-modq.c.
All functions take a struct ecc_modulo as argument.
(ecc_mod_add, ecc_mod_sub, ecc_mod_mul_1, ecc_mod_addmul_1)
...
...
ecc-internal.h
View file @
64b9a7f8
...
...
@@ -49,7 +49,7 @@
#define ecc_mod_submul_1 _nettle_ecc_mod_submul_1
#define ecc_mod_mul _nettle_ecc_mod_mul
#define ecc_mod_sqr _nettle_ecc_mod_sqr
#define ecc_mod
q_random _nettle_ecc_modq
_random
#define ecc_mod
_random _nettle_ecc_mod
_random
#define ecc_mod _nettle_ecc_mod
#define ecc_mod_inv _nettle_ecc_mod_inv
#define ecc_hash _nettle_ecc_hash
...
...
@@ -232,8 +232,8 @@ ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp,
/* mod q operations. */
void
ecc_mod
q_random
(
const
struct
ecc_curve
*
ecc
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
);
ecc_mod
_random
(
const
struct
ecc_modulo
*
m
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
);
void
ecc_hash
(
const
struct
ecc_curve
*
ecc
,
...
...
@@ -287,7 +287,7 @@ curve25519_eh_to_x (mp_limb_t *xp, const mp_limb_t *p,
(((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
#endif
#define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
#define ECC_MOD
Q
_RANDOM_ITCH(size) (size)
#define ECC_MOD_RANDOM_ITCH(size) (size)
#define ECC_HASH_ITCH(size) (1+(size))
#endif
/* NETTLE_ECC_INTERNAL_H_INCLUDED */
ecc-random.c
View file @
64b9a7f8
...
...
@@ -42,56 +42,54 @@
#include "nettle-internal.h"
static
int
zero_p
(
const
struct
ecc_
curve
*
ecc
,
zero_p
(
const
struct
ecc_
modulo
*
m
,
const
mp_limb_t
*
xp
)
{
mp_limb_t
t
;
mp_size_t
i
;
for
(
i
=
t
=
0
;
i
<
ecc
->
p
.
size
;
i
++
)
for
(
i
=
t
=
0
;
i
<
m
->
size
;
i
++
)
t
|=
xp
[
i
];
return
t
==
0
;
}
static
int
ecdsa_in_range
(
const
struct
ecc_
curve
*
ecc
,
ecdsa_in_range
(
const
struct
ecc_
modulo
*
m
,
const
mp_limb_t
*
xp
,
mp_limb_t
*
scratch
)
{
/* Check if 0 < x < q, with data independent timing. */
return
!
zero_p
(
ecc
,
xp
)
&
(
mpn_sub_n
(
scratch
,
xp
,
ecc
->
q
.
m
,
ecc
->
p
.
size
)
!=
0
);
return
!
zero_p
(
m
,
xp
)
&
(
mpn_sub_n
(
scratch
,
xp
,
m
->
m
,
m
->
size
)
!=
0
);
}
void
ecc_mod
q_random
(
const
struct
ecc_curve
*
ecc
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
)
ecc_mod
_random
(
const
struct
ecc_modulo
*
m
,
mp_limb_t
*
xp
,
void
*
ctx
,
nettle_random_func
*
random
,
mp_limb_t
*
scratch
)
{
uint8_t
*
buf
=
(
uint8_t
*
)
scratch
;
unsigned
nbytes
=
(
ecc
->
q
.
bit_size
+
7
)
/
8
;
unsigned
nbytes
=
(
m
->
bit_size
+
7
)
/
8
;
/* The bytes ought to fit in the scratch area, unless we have very
unusual limb and byte sizes. */
assert
(
nbytes
<=
ecc
->
p
.
size
*
sizeof
(
mp_limb_t
));
assert
(
nbytes
<=
m
->
size
*
sizeof
(
mp_limb_t
));
do
{
random
(
ctx
,
nbytes
,
buf
);
buf
[
0
]
&=
0xff
>>
(
nbytes
*
8
-
ecc
->
q
.
bit_size
);
buf
[
0
]
&=
0xff
>>
(
nbytes
*
8
-
m
->
bit_size
);
mpn_set_base256
(
xp
,
ecc
->
p
.
size
,
buf
,
nbytes
);
mpn_set_base256
(
xp
,
m
->
size
,
buf
,
nbytes
);
}
while
(
!
ecdsa_in_range
(
ecc
,
xp
,
scratch
));
while
(
!
ecdsa_in_range
(
m
,
xp
,
scratch
));
}
void
ecc_scalar_random
(
struct
ecc_scalar
*
x
,
void
*
random_ctx
,
nettle_random_func
*
random
)
{
TMP_DECL
(
scratch
,
mp_limb_t
,
ECC_MOD
Q
_RANDOM_ITCH
(
ECC_MAX_SIZE
));
TMP_ALLOC
(
scratch
,
ECC_MOD
Q_RANDOM_ITCH
(
x
->
ecc
->
p
.
size
));
TMP_DECL
(
scratch
,
mp_limb_t
,
ECC_MOD_RANDOM_ITCH
(
ECC_MAX_SIZE
));
TMP_ALLOC
(
scratch
,
ECC_MOD
_RANDOM_ITCH
(
x
->
ecc
->
q
.
size
));
ecc_mod
q_random
(
x
->
ecc
,
x
->
p
,
random_ctx
,
random
,
scratch
);
ecc_mod
_random
(
&
x
->
ecc
->
q
,
x
->
p
,
random_ctx
,
random
,
scratch
);
}
ecdsa-keygen.c
View file @
64b9a7f8
...
...
@@ -55,7 +55,7 @@ ecdsa_generate_keypair (struct ecc_point *pub,
TMP_ALLOC
(
p
,
itch
);
ecc_mod
q_random
(
ecc
,
key
->
p
,
random_ctx
,
random
,
p
);
ecc_mod
_random
(
&
ecc
->
q
,
key
->
p
,
random_ctx
,
random
,
p
);
ecc
->
mul_g
(
ecc
,
p
,
key
->
p
,
p
+
3
*
ecc
->
p
.
size
);
ecc
->
h_to_a
(
ecc
,
0
,
pub
->
p
,
p
,
p
+
3
*
ecc
->
p
.
size
);
}
ecdsa-sign.c
View file @
64b9a7f8
...
...
@@ -61,7 +61,7 @@ ecdsa_sign (const struct ecc_scalar *key,
timing is still independent of the secret k finally used. */
do
{
ecc_mod
q_random
(
key
->
ecc
,
k
,
random_ctx
,
random
,
k
+
size
);
ecc_mod
_random
(
&
key
->
ecc
->
q
,
k
,
random_ctx
,
random
,
k
+
size
);
ecc_ecdsa_sign
(
key
->
ecc
,
key
->
p
,
k
,
digest_length
,
digest
,
rp
,
sp
,
k
+
size
);
mpz_limbs_finish
(
signature
->
r
,
size
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
