Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
nettle
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
5
Merge Requests
5
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
Nettle
nettle
Commits
6f544435
Commit
6f544435
authored
Aug 28, 2014
by
Niels Möller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Deleted ECC_ECDSA_VERIFY_ITCH macro. Tweak the corresponding function, and use it.
parent
24c9769b
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
12 additions
and
8 deletions
+12
-8
ChangeLog
ChangeLog
+7
-0
ecc-ecdsa-verify.c
ecc-ecdsa-verify.c
+4
-5
ecc-internal.h
ecc-internal.h
+0
-2
ecdsa-verify.c
ecdsa-verify.c
+1
-1
No files found.
ChangeLog
View file @
6f544435
2014-08-28 Niels Möller <nisse@lysator.liu.se>
* ecc-internal.h (ECC_ECDSA_VERIFY_ITCH): Deleted macro. Needed
scratch depends on curve type, not just size.
* ecdsa-verify.c (ecdsa_verify): Use the ecc_ecdsa_verify_itch
function, not the corresponding macro.
* ecc-ecdsa-verify.c (ecc_ecdsa_verify_itch): Take ecc->mul_itch
into account. Also reduce to 5*ecc->size + ecc->mul_itch.
* testsuite/ecdsa-sign-test.c (test_main): Added test for the
obscure case of ecdsa using curve25519.
...
...
ecc-ecdsa-verify.c
View file @
6f544435
...
...
@@ -62,9 +62,8 @@ ecdsa_in_range (const struct ecc_curve *ecc, const mp_limb_t *xp)
mp_size_t
ecc_ecdsa_verify_itch
(
const
struct
ecc_curve
*
ecc
)
{
/* Largest storage need is for the ecc_mul_a call, 6 * ecc->size +
ECC_MUL_A_ITCH (size) */
return
ECC_ECDSA_VERIFY_ITCH
(
ecc
->
size
);
/* Largest storage need is for the ecc->mul call. */
return
5
*
ecc
->
size
+
ecc
->
mul_itch
;
}
/* FIXME: Use faster primitives, not requiring side-channel silence. */
...
...
@@ -113,7 +112,7 @@ ecc_ecdsa_verify (const struct ecc_curve *ecc,
/* u2 = r / s, P2 = u2 * Y */
ecc_modq_mul
(
ecc
,
u2
,
rp
,
sinv
);
/* Total storage: 5*ecc->size +
ECC_MUL_A_ITCH (ecc->size)
*/
/* Total storage: 5*ecc->size +
ecc->mul_itch
*/
ecc_mul_a
(
ecc
,
P2
,
u2
,
pp
,
u2
+
ecc
->
size
);
/* u1 = h / s, P1 = u1 * G */
...
...
@@ -124,7 +123,7 @@ ecc_ecdsa_verify (const struct ecc_curve *ecc,
unlikely. */
if
(
!
zero_p
(
u1
,
ecc
->
size
))
{
/* Total storage: 6*ecc->size +
ECC_MUL_G_ITCH
(ecc->size) */
/* Total storage: 6*ecc->size +
ecc->mul_g_itch
(ecc->size) */
ecc_mul_g
(
ecc
,
P1
,
u1
,
u1
+
ecc
->
size
);
/* NOTE: ecc_add_jjj and/or ecc_j_to_a will produce garbage in
...
...
ecc-internal.h
View file @
6f544435
...
...
@@ -285,8 +285,6 @@ ecc_25519_sqrt(mp_limb_t *rp, const mp_limb_t *ap);
(((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
#endif
#define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
#define ECC_ECDSA_VERIFY_ITCH(size) \
(6*(size) + ECC_MUL_A_ITCH ((size)))
#define ECC_MODQ_RANDOM_ITCH(size) (size)
#define ECC_HASH_ITCH(size) (1+(size))
...
...
ecdsa-verify.c
View file @
6f544435
...
...
@@ -47,7 +47,7 @@ ecdsa_verify (const struct ecc_point *pub,
const
struct
dsa_signature
*
signature
)
{
mp_limb_t
size
=
pub
->
ecc
->
size
;
mp_size_t
itch
=
2
*
size
+
ECC_ECDSA_VERIFY_ITCH
(
size
);
mp_size_t
itch
=
2
*
size
+
ecc_ecdsa_verify_itch
(
pub
->
ecc
);
/* For ECC_MUL_A_WBITS == 0, at most 1512 bytes. With
ECC_MUL_A_WBITS == 4, currently needs 67 * ecc->size, at most
4824 bytes. Don't use stack allocation for this. */
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment