diff --git a/ChangeLog b/ChangeLog index 41dab74fe220352173f4b5e6217457422a4547ec..05bac6a75eb3bc9a0bf62bc6ff3b5dbfdb1a4d3b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2019-12-07 Niels Möller <nisse@lysator.liu.se> + + * ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only + used for non-standard ecdsa over curve25519. + * testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa + over curve25519. + * testsuite/ecdsa-verify-test.c (test_main): Likewise. + * testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519 + from test. + 2019-12-05 Niels Möller <nisse@lysator.liu.se> * configure.ac: Use AC_TRY_LINK rather than AC_TRY_COMPILE to diff --git a/ecc-eh-to-a.c b/ecc-eh-to-a.c index 8173b887d59d918740e8320edba74d4c0f50d81a..89d2b6e3bcae7fae94169b9ff6d40552915f70e5 100644 --- a/ecc-eh-to-a.c +++ b/ecc-eh-to-a.c @@ -56,6 +56,8 @@ ecc_eh_to_a (const struct ecc_curve *ecc, mp_limb_t cy; + assert(op == 0); + /* Needs 2*size + scratch for the invert call. */ ecc->p.invert (&ecc->p, izp, zp, tp + ecc->p.size); @@ -63,25 +65,6 @@ ecc_eh_to_a (const struct ecc_curve *ecc, cy = mpn_sub_n (r, tp, ecc->p.m, ecc->p.size); cnd_copy (cy, r, tp, ecc->p.size); - if (op) - { - /* Skip y coordinate */ - if (op > 1) - { - /* Reduce modulo q. Hardcoded for curve25519, duplicates end - of ecc_25519_modq. FIXME: Is this needed at all? op > 0 - is only used by ecdsa code, and ecdsa on Edwards curves - makes little sense and is is only used by tests. */ - unsigned shift; - assert (ecc->p.bit_size == 255); - shift = ecc->q.bit_size - 1 - GMP_NUMB_BITS * (ecc->p.size - 1); - cy = mpn_submul_1 (r, ecc->q.m, ecc->p.size, - r[ecc->p.size-1] >> shift); - assert (cy < 2); - cnd_add_n (cy, r, ecc->q.m, ecc->p.size); - } - return; - } ecc_modp_mul (ecc, tp, yp, izp); cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size); cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size); diff --git a/testsuite/ecdsa-keygen-test.c b/testsuite/ecdsa-keygen-test.c index a96c09effeef6c7a679513b2e71fcc1ae6a230e3..0deb7214f23db6ee6cf82a6dfbfcbb393c25c589 100644 --- a/testsuite/ecdsa-keygen-test.c +++ b/testsuite/ecdsa-keygen-test.c @@ -78,6 +78,10 @@ test_main (void) struct ecc_point pub; struct ecc_scalar key; + if (ecc->p.bit_size == 255) + /* Exclude curve25519, which isn't supported with ECDSA. */ + continue; + if (verbose) fprintf (stderr, "Curve %d\n", ecc->p.bit_size); diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c index 23275357bbc133fdf86bb23bc864ac22c051c8e9..b240a31b237e0a7dceb73d594db331016bb9029d 100644 --- a/testsuite/ecdsa-sign-test.c +++ b/testsuite/ecdsa-sign-test.c @@ -156,18 +156,4 @@ test_main (void) "97536710 1F67D1CF 9BCCBF2F 3D239534" "FA509E70 AAC851AE 01AAC68D 62F86647" "2660"); /* s */ - - /* Non-standard ecdsa using curve25519. Not interop-tested with - anything else. */ - test_ecdsa (&_nettle_curve25519, - "1db511101b8fd16f e0212c5679ef53f3" - "323bde77f9efa442 617314d576d1dbcb", /* z */ - "aa2fa8facfdc3a99 ec466d41a2c9211c" - "e62e1706f54037ff 8486e26153b0fa79", /* k */ - SHEX("e99df2a098c3c590 ea1e1db6d9547339" - "ae760d5331496119 5d967fd881e3b0f5"), /* h */ - " 515c3a485f57432 0daf3353a0d08110" - "64157c556296de09 4132f74865961b37", /* r */ - " 78f23367291b01 3fc430fb09322d95" - "4384723649868d8e 88effc7ac8b141d7"); /* s */ } diff --git a/testsuite/ecdsa-verify-test.c b/testsuite/ecdsa-verify-test.c index 971988c30d81276596cc1fe4ad3f1e60cc78053f..6a593d6fed6dacb4ffeef271f61b007b984e3b54 100644 --- a/testsuite/ecdsa-verify-test.c +++ b/testsuite/ecdsa-verify-test.c @@ -145,17 +145,4 @@ test_main (void) "97536710 1F67D1CF 9BCCBF2F 3D239534" "FA509E70 AAC851AE 01AAC68D 62F86647" "2660"); /* s */ - - test_ecdsa (&_nettle_curve25519, - /* Public key corresponding to the key in ecdsa-sign-test */ - "59f8f317fd5f4e82 c02f8d4dec665fe1" - "230f83b8572638e1 b2ac34a30028e24d", /* x */ - "1902a72dc1a6525a 811b9c1845978d56" - "fd97dce5e278ebdd ec695349d7e41498", /* y */ - SHEX("e99df2a098c3c590 ea1e1db6d9547339" - "ae760d5331496119 5d967fd881e3b0f5"), /* h */ - " 515c3a485f57432 0daf3353a0d08110" - "64157c556296de09 4132f74865961b37", /* r */ - " 78f23367291b01 3fc430fb09322d95" - "4384723649868d8e 88effc7ac8b141d7"); /* s */ }