Commit f8870f78 authored by Niels Möller's avatar Niels Möller

Moved internal declarations from ecc.h to ecc-internal.h.

parent cedb87cd
2015-01-27 Niels Möller <nisse@lysator.liu.se>
* ecc.h: Deleted declarations of unused itch functions. Moved
declarations of internal functions to...
* ecc-internal.h: ...new location. Also added a leading under
score on the symbols.
(ecc_a_to_j, ecc_j_to_a, ecc_eh_to_a, ecc_dup_jj, ecc_add_jja)
(ecc_add_jjj, ecc_dup_eh, ecc_add_eh, ecc_add_ehh, ecc_mul_g)
(ecc_mul_a, ecc_mul_g_eh, ecc_mul_a_eh): Affected functions.
2015-01-26 Niels Möller <nisse@lysator.liu.se>
* ecc-add-eh.c (ecc_add_eh_itch): Deleted.
* ecc-add-ehh.c (ecc_add_ehh_itch): Deleted.
* ecc-add-jja.c (ecc_add_jja_itch): Deleted.
* ecc-add-jjj.c (ecc_add_jjj_itch): Deleted.
* ecc-dup-eh.c (ecc_dup_eh_itch): Deleted.
* ecc-dup-jj.c (ecc_dup_jj_itch): Deleted.
* ecc-eh-to-a.c (ecc_eh_to_a_itch): Deleted.
* ecc-j-to-a.c (ecc_j_to_a_itch): Deleted.
* ecc-mul-a-eh.c (ecc_mul_a_eh_itch): Deleted.
* ecc-mul-a.c (ecc_mul_a_itch): Deleted.
* ecc-mul-g-eh.c (ecc_mul_g_eh_itch): Deleted.
* ecc-mul-g.c (ecc_mul_g_itch): Deleted.
2015-01-25 Niels Möller <nisse@lysator.liu.se>
* arm/fat/sha1-compress-2.asm: New file.
......
......@@ -36,12 +36,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_add_eh_itch (const struct ecc_curve *ecc)
{
return ECC_ADD_EH_ITCH (ecc->p.size);
}
/* Add two points on an Edwards curve, with result and first point in
homogeneous coordinates. */
void
......
......@@ -36,12 +36,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_add_ehh_itch (const struct ecc_curve *ecc)
{
return ECC_ADD_EHH_ITCH (ecc->p.size);
}
/* Add two points on an Edwards curve, in homogeneous coordinates */
void
ecc_add_ehh (const struct ecc_curve *ecc,
......
......@@ -49,12 +49,6 @@
+ p = q ==> r = 0, invalid
*/
mp_size_t
ecc_add_jja_itch (const struct ecc_curve *ecc)
{
return ECC_ADD_JJA_ITCH (ecc->p.size);
}
void
ecc_add_jja (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
......
......@@ -38,13 +38,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_add_jjj_itch (const struct ecc_curve *ecc)
{
/* Needs 8 * ecc->p.size */
return ECC_ADD_JJJ_ITCH (ecc->p.size);
}
void
ecc_add_jjj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
......
......@@ -36,12 +36,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_dup_eh_itch (const struct ecc_curve *ecc)
{
return ECC_DUP_EH_ITCH (ecc->p.size);
}
/* Double a point on an Edwards curve, in homogeneous coordinates */
void
ecc_dup_eh (const struct ecc_curve *ecc,
......
......@@ -42,12 +42,6 @@
+ p = 0 ==> r = 0, correct!
*/
mp_size_t
ecc_dup_jj_itch (const struct ecc_curve *ecc)
{
return ECC_DUP_JJ_ITCH (ecc->p.size);
}
void
ecc_dup_jj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
......
......@@ -38,14 +38,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_eh_to_a_itch (const struct ecc_curve *ecc)
{
/* Needs 2*ecc->p.size + scratch for ecc_modq_inv */
return ECC_EH_TO_A_ITCH (ecc->p.size, ecc->p.invert_itch);
}
/* Convert from homogeneous coordinates on the Edwards curve to affine
coordinates. */
void
......
......@@ -53,6 +53,19 @@
#define ecc_mod _nettle_ecc_mod
#define ecc_mod_inv _nettle_ecc_mod_inv
#define ecc_hash _nettle_ecc_hash
#define ecc_a_to_j _nettle_ecc_a_to_j
#define ecc_j_to_a _nettle_ecc_j_to_a
#define ecc_eh_to_a _nettle_ecc_eh_to_a
#define ecc_dup_jj _nettle_ecc_dup_jj
#define ecc_add_jja _nettle_ecc_add_jja
#define ecc_add_jjj _nettle_ecc_add_jjj
#define ecc_dup_eh _nettle_ecc_dup_eh
#define ecc_add_eh _nettle_ecc_add_eh
#define ecc_add_ehh _nettle_ecc_add_ehh
#define ecc_mul_g _nettle_ecc_mul_g
#define ecc_mul_a _nettle_ecc_mul_a
#define ecc_mul_g_eh _nettle_ecc_mul_g_eh
#define ecc_mul_a_eh _nettle_ecc_mul_a_eh
#define cnd_copy _nettle_cnd_copy
#define sec_add_1 _nettle_sec_add_1
#define sec_sub_1 _nettle_sec_sub_1
......@@ -248,6 +261,102 @@ ecc_hash (const struct ecc_modulo *m,
mp_limb_t *hp,
size_t length, const uint8_t *digest);
/* Converts a point P in affine coordinates into a point R in jacobian
coordinates. */
void
ecc_a_to_j (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p);
/* Converts a point P in jacobian coordinates into a point R in affine
coordinates. If op == 1, produce x coordinate only. If op == 2,
produce the x coordiante only, and in also it modulo q. FIXME: For
the public interface, have separate for the three cases, and use
this flag argument only for the internal ecc->h_to_a function. */
void
ecc_j_to_a (const struct ecc_curve *ecc,
int op,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Converts a point P on an Edwards curve to affine coordinates on
the corresponding Montgomery curve. */
void
ecc_eh_to_a (const struct ecc_curve *ecc,
int op,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Group operations */
/* Point doubling, with jacobian input and output. Corner cases:
Correctly sets R = 0 (r_Z = 0) if p = 0 or 2p = 0. */
void
ecc_dup_jj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Point addition, with jacobian output, one jacobian input and one
affine input. Corner cases: Fails for the cases
P = Q != 0 Duplication of non-zero point
P = 0, Q != 0 or P != 0, Q = 0 One input zero
Correctly gives R = 0 if P = Q = 0 or P = -Q. */
void
ecc_add_jja (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* Point addition with Jacobian input and output. */
void
ecc_add_jjj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* Point doubling on an Edwards curve, with homogeneous
cooordinates. */
void
ecc_dup_eh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
void
ecc_add_eh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
void
ecc_add_ehh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* Computes N * the group generator. N is an array of ecc_size()
limbs. It must be in the range 0 < N < group order, then R != 0,
and the algorithm can work without any intermediate values getting
to zero. */
void
ecc_mul_g (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch);
/* Computes N * P. The scalar N is the same as for ecc_mul_g. P is a
non-zero point on the curve, in affine coordinates. Output R is a
non-zero point, in Jacobian coordinates. */
void
ecc_mul_a (const struct ecc_curve *ecc,
mp_limb_t *r,
const mp_limb_t *np, const mp_limb_t *p,
mp_limb_t *scratch);
void
ecc_mul_g_eh (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch);
void
ecc_mul_a_eh (const struct ecc_curve *ecc,
mp_limb_t *r,
const mp_limb_t *np, const mp_limb_t *p,
mp_limb_t *scratch);
void
cnd_copy (int cnd, mp_limb_t *rp, const mp_limb_t *ap, mp_size_t n);
......
......@@ -38,13 +38,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_j_to_a_itch (const struct ecc_curve *ecc)
{
/* Needs 2*ecc->size + scratch for ecc_modq_inv */
return ECC_J_TO_A_ITCH (ecc->p.size);
}
void
ecc_j_to_a (const struct ecc_curve *ecc,
int op,
......
......@@ -38,17 +38,12 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_mul_a_eh_itch (const struct ecc_curve *ecc)
{
/* Binary algorithm needs 6*ecc->p.size + scratch for ecc_add_ehh,
total 13 ecc->p.size
/* Binary algorithm needs 6*ecc->p.size + scratch for ecc_add_ehh,
total 13 ecc->p.size
Window algorithm needs (3<<w) * ecc->p.size for the table,
3*ecc->p.size for a temporary point, and scratch for
ecc_add_ehh. */
return ECC_MUL_A_EH_ITCH (ecc->p.size);
}
Window algorithm needs (3<<w) * ecc->p.size for the table,
3*ecc->p.size for a temporary point, and scratch for
ecc_add_ehh. */
#if ECC_MUL_A_EH_WBITS == 0
void
......
......@@ -40,17 +40,12 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_mul_a_itch (const struct ecc_curve *ecc)
{
/* Binary algorithm needs 6*ecc->p.size + scratch for ecc_add_jja.
Current total is 12 ecc->p.size, at most 864 bytes.
/* Binary algorithm needs 6*ecc->p.size + scratch for ecc_add_jja.
Current total is 12 ecc->p.size, at most 864 bytes.
Window algorithm needs (3<<w) * ecc->p.size for the table,
3*ecc->p.size for a temporary point, and scratch for
ecc_add_jjj. */
return ECC_MUL_A_ITCH (ecc->p.size);
}
Window algorithm needs (3<<w) * ecc->p.size for the table,
3*ecc->p.size for a temporary point, and scratch for
ecc_add_jjj. */
#if ECC_MUL_A_WBITS == 0
void
......
......@@ -40,13 +40,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_mul_g_eh_itch (const struct ecc_curve *ecc)
{
/* Needs 3*ecc->p.size + scratch for ecc_add_jja. */
return ECC_MUL_G_EH_ITCH (ecc->p.size);
}
void
ecc_mul_g_eh (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch)
......
......@@ -40,13 +40,6 @@
#include "ecc.h"
#include "ecc-internal.h"
mp_size_t
ecc_mul_g_itch (const struct ecc_curve *ecc)
{
/* Needs 3*ecc->p.size + scratch for ecc_add_jja. */
return ECC_MUL_G_ITCH (ecc->p.size);
}
void
ecc_mul_g (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch)
......
......@@ -58,31 +58,6 @@ extern "C" {
#define ecc_size nettle_ecc_size
#define ecc_size_a nettle_ecc_size_a
#define ecc_size_j nettle_ecc_size_j
#define ecc_a_to_j nettle_ecc_a_to_j
#define ecc_j_to_a_itch nettle_ecc_j_to_a_itch
#define ecc_j_to_a nettle_ecc_j_to_a
#define ecc_eh_to_a_itch nettle_ecc_eh_to_a_itch
#define ecc_eh_to_a nettle_ecc_eh_to_a
#define ecc_dup_jj_itch nettle_ecc_dup_jj_itch
#define ecc_dup_jj nettle_ecc_dup_jj
#define ecc_add_jja_itch nettle_ecc_add_jja_itch
#define ecc_add_jja nettle_ecc_add_jja
#define ecc_add_jjj_itch nettle_ecc_add_jjj_itch
#define ecc_add_jjj nettle_ecc_add_jjj
#define ecc_dup_eh_itch nettle_ecc_dup_eh_itch
#define ecc_dup_eh nettle_ecc_dup_eh
#define ecc_add_eh_itch nettle_ecc_add_eh_itch
#define ecc_add_eh nettle_ecc_add_eh
#define ecc_add_ehh_itch nettle_ecc_add_ehh_itch
#define ecc_add_ehh nettle_ecc_add_ehh
#define ecc_mul_g_itch nettle_ecc_mul_g_itch
#define ecc_mul_g nettle_ecc_mul_g
#define ecc_mul_a_itch nettle_ecc_mul_a_itch
#define ecc_mul_a nettle_ecc_mul_a
#define ecc_mul_g_eh_itch nettle_ecc_mul_g_eh_itch
#define ecc_mul_g_eh nettle_ecc_mul_g_eh
#define ecc_mul_a_eh_itch nettle_ecc_mul_a_eh_itch
#define ecc_mul_a_eh nettle_ecc_mul_a_eh
struct ecc_curve;
......@@ -174,133 +149,8 @@ ecc_size_a (const struct ecc_curve *ecc);
mp_size_t
ecc_size_j (const struct ecc_curve *ecc);
/* FIXME: Rename the low-level (and side-channel silent) functions to
_ecc_*, and provide public ecc_* functions which handle the
infinity points properly? */
/* Converts a point P in affine coordinates into a point R in jacobian
coordinates. */
void
ecc_a_to_j (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p);
/* Converts a point P in jacobian coordinates into a point R in affine
coordinates. If op == 1, produce x coordinate only. If op == 2,
produce the x coordiante only, and in also it modulo q. FIXME: For
the public interface, have separate for the three cases, and use
this flag argument only for the internal ecc->h_to_a function. */
mp_size_t
ecc_j_to_a_itch (const struct ecc_curve *ecc);
void
ecc_j_to_a (const struct ecc_curve *ecc,
int op,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Converts a point P on an Edwards curve to affine coordinates on
the corresponding Montgomery curve. */
mp_size_t
ecc_eh_to_a_itch (const struct ecc_curve *ecc);
void
ecc_eh_to_a (const struct ecc_curve *ecc,
int op,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Group operations */
/* Point doubling, with jacobian input and output. Corner cases:
Correctly sets R = 0 (r_Z = 0) if p = 0 or 2p = 0. */
mp_size_t
ecc_dup_jj_itch (const struct ecc_curve *ecc);
void
ecc_dup_jj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
/* Point addition, with jacobian output, one jacobian input and one
affine input. Corner cases: Fails for the cases
P = Q != 0 Duplication of non-zero point
P = 0, Q != 0 or P != 0, Q = 0 One input zero
Correctly gives R = 0 if P = Q = 0 or P = -Q. */
mp_size_t
ecc_add_jja_itch (const struct ecc_curve *ecc);
void
ecc_add_jja (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* Point addition with Jacobian input and output. */
mp_size_t
ecc_add_jjj_itch (const struct ecc_curve *ecc);
void
ecc_add_jjj (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* FIXME: Use a generic ecc_dup, ecc_add, for any type of curve. */
/* Point doubling on an Edwards curve, with homogeneous
cooordinates. */
mp_size_t
ecc_dup_eh_itch (const struct ecc_curve *ecc);
void
ecc_dup_eh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
mp_size_t
ecc_add_eh_itch (const struct ecc_curve *ecc);
void
ecc_add_eh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
mp_size_t
ecc_add_ehh_itch (const struct ecc_curve *ecc);
void
ecc_add_ehh (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
/* Computes N * the group generator. N is an array of ecc_size()
limbs. It must be in the range 0 < N < group order, then R != 0,
and the algorithm can work without any intermediate values getting
to zero. */
mp_size_t
ecc_mul_g_itch (const struct ecc_curve *ecc);
void
ecc_mul_g (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch);
/* Computes N * P. The scalar N is the same as for ecc_mul_g. P is a
non-zero point on the curve, in affine coordinates. Output R is a
non-zero point, in Jacobian coordinates. */
mp_size_t
ecc_mul_a_itch (const struct ecc_curve *ecc);
void
ecc_mul_a (const struct ecc_curve *ecc,
mp_limb_t *r,
const mp_limb_t *np, const mp_limb_t *p,
mp_limb_t *scratch);
mp_size_t
ecc_mul_g_eh_itch (const struct ecc_curve *ecc);
void
ecc_mul_g_eh (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch);
mp_size_t
ecc_mul_a_eh_itch (const struct ecc_curve *ecc);
void
ecc_mul_a_eh (const struct ecc_curve *ecc,
mp_limb_t *r,
const mp_limb_t *np, const mp_limb_t *p,
mp_limb_t *scratch);
/* FIXME: Define a generic ecc_dup, ecc_add, for any type of curve. Do
they need to handle infinity points? */
#ifdef __cplusplus
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment