summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2023-03-07 05:54:40 +0000
committerjsing <>2023-03-07 05:54:40 +0000
commitd92645e4cc1bfb53f3218199eb21c2e876dbd098 (patch)
tree07d53a2b726919335b3c36251e87d4935cb61573
parent0daa6622d61e367179eb7a4e37fa9171ddf92484 (diff)
downloadopenbsd-d92645e4cc1bfb53f3218199eb21c2e876dbd098.tar.gz
openbsd-d92645e4cc1bfb53f3218199eb21c2e876dbd098.tar.bz2
openbsd-d92645e4cc1bfb53f3218199eb21c2e876dbd098.zip
Move EC_GFp_simple_method() to the bottom of the file.
Most of the implemeentation functions for EC_GFp_simple_method() are reused by other code, hence they cannot be made static. However, this keeps the pattern consistent. ok tb@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c126
1 files changed, 51 insertions, 75 deletions
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index dc3b3926d1..8f53b150b8 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecp_smpl.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */ 1/* $OpenBSD: ecp_smpl.c,v 1.39 2023/03/07 05:54:40 jsing Exp $ */
2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * for the OpenSSL project. 3 * for the OpenSSL project.
4 * Includes code written by Bodo Moeller for the OpenSSL project. 4 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,69 +67,20 @@
67#include "bn_local.h" 67#include "bn_local.h"
68#include "ec_local.h" 68#include "ec_local.h"
69 69
70const EC_METHOD * 70/*
71EC_GFp_simple_method(void) 71 * Most method functions in this file are designed to work with
72{
73 static const EC_METHOD ret = {
74 .flags = EC_FLAGS_DEFAULT_OCT,
75 .field_type = NID_X9_62_prime_field,
76 .group_init = ec_GFp_simple_group_init,
77 .group_finish = ec_GFp_simple_group_finish,
78 .group_clear_finish = ec_GFp_simple_group_clear_finish,
79 .group_copy = ec_GFp_simple_group_copy,
80 .group_set_curve = ec_GFp_simple_group_set_curve,
81 .group_get_curve = ec_GFp_simple_group_get_curve,
82 .group_get_degree = ec_GFp_simple_group_get_degree,
83 .group_order_bits = ec_group_simple_order_bits,
84 .group_check_discriminant =
85 ec_GFp_simple_group_check_discriminant,
86 .point_init = ec_GFp_simple_point_init,
87 .point_finish = ec_GFp_simple_point_finish,
88 .point_clear_finish = ec_GFp_simple_point_clear_finish,
89 .point_copy = ec_GFp_simple_point_copy,
90 .point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
91 .point_set_Jprojective_coordinates =
92 ec_GFp_simple_set_Jprojective_coordinates,
93 .point_get_Jprojective_coordinates =
94 ec_GFp_simple_get_Jprojective_coordinates,
95 .point_set_affine_coordinates =
96 ec_GFp_simple_point_set_affine_coordinates,
97 .point_get_affine_coordinates =
98 ec_GFp_simple_point_get_affine_coordinates,
99 .add = ec_GFp_simple_add,
100 .dbl = ec_GFp_simple_dbl,
101 .invert = ec_GFp_simple_invert,
102 .is_at_infinity = ec_GFp_simple_is_at_infinity,
103 .is_on_curve = ec_GFp_simple_is_on_curve,
104 .point_cmp = ec_GFp_simple_cmp,
105 .make_affine = ec_GFp_simple_make_affine,
106 .points_make_affine = ec_GFp_simple_points_make_affine,
107 .mul_generator_ct = ec_GFp_simple_mul_generator_ct,
108 .mul_single_ct = ec_GFp_simple_mul_single_ct,
109 .mul_double_nonct = ec_GFp_simple_mul_double_nonct,
110 .field_mul = ec_GFp_simple_field_mul,
111 .field_sqr = ec_GFp_simple_field_sqr,
112 .blind_coordinates = ec_GFp_simple_blind_coordinates,
113 };
114
115 return &ret;
116}
117
118
119/* Most method functions in this file are designed to work with
120 * non-trivial representations of field elements if necessary 72 * non-trivial representations of field elements if necessary
121 * (see ecp_mont.c): while standard modular addition and subtraction 73 * (see ecp_mont.c): while standard modular addition and subtraction
122 * are used, the field_mul and field_sqr methods will be used for 74 * are used, the field_mul and field_sqr methods will be used for
123 * multiplication, and field_encode and field_decode (if defined) 75 * multiplication, and field_encode and field_decode (if defined)
124 * will be used for converting between representations. 76 * will be used for converting between representations.
125 77 *
126 * Functions ec_GFp_simple_points_make_affine() and 78 * Functions ec_GFp_simple_points_make_affine() and
127 * ec_GFp_simple_point_get_affine_coordinates() specifically assume 79 * ec_GFp_simple_point_get_affine_coordinates() specifically assume
128 * that if a non-trivial representation is used, it is a Montgomery 80 * that if a non-trivial representation is used, it is a Montgomery
129 * representation (i.e. 'encoding' means multiplying by some factor R). 81 * representation (i.e. 'encoding' means multiplying by some factor R).
130 */ 82 */
131 83
132
133int 84int
134ec_GFp_simple_group_init(EC_GROUP *group) 85ec_GFp_simple_group_init(EC_GROUP *group)
135{ 86{
@@ -140,7 +91,6 @@ ec_GFp_simple_group_init(EC_GROUP *group)
140 return 1; 91 return 1;
141} 92}
142 93
143
144void 94void
145ec_GFp_simple_group_finish(EC_GROUP *group) 95ec_GFp_simple_group_finish(EC_GROUP *group)
146{ 96{
@@ -149,7 +99,6 @@ ec_GFp_simple_group_finish(EC_GROUP *group)
149 BN_free(&group->b); 99 BN_free(&group->b);
150} 100}
151 101
152
153void 102void
154ec_GFp_simple_group_clear_finish(EC_GROUP *group) 103ec_GFp_simple_group_clear_finish(EC_GROUP *group)
155{ 104{
@@ -158,7 +107,6 @@ ec_GFp_simple_group_clear_finish(EC_GROUP *group)
158 BN_clear_free(&group->b); 107 BN_clear_free(&group->b);
159} 108}
160 109
161
162int 110int
163ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src) 111ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
164{ 112{
@@ -174,7 +122,6 @@ ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
174 return 1; 122 return 1;
175} 123}
176 124
177
178int 125int
179ec_GFp_simple_group_set_curve(EC_GROUP *group, 126ec_GFp_simple_group_set_curve(EC_GROUP *group,
180 const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) 127 const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
@@ -231,7 +178,6 @@ ec_GFp_simple_group_set_curve(EC_GROUP *group,
231 return ret; 178 return ret;
232} 179}
233 180
234
235int 181int
236ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) 182ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
237{ 183{
@@ -275,14 +221,12 @@ ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNU
275 return ret; 221 return ret;
276} 222}
277 223
278
279int 224int
280ec_GFp_simple_group_get_degree(const EC_GROUP *group) 225ec_GFp_simple_group_get_degree(const EC_GROUP *group)
281{ 226{
282 return BN_num_bits(&group->field); 227 return BN_num_bits(&group->field);
283} 228}
284 229
285
286int 230int
287ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) 231ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
288{ 232{
@@ -358,7 +302,6 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
358 return ret; 302 return ret;
359} 303}
360 304
361
362int 305int
363ec_GFp_simple_point_init(EC_POINT * point) 306ec_GFp_simple_point_init(EC_POINT * point)
364{ 307{
@@ -370,7 +313,6 @@ ec_GFp_simple_point_init(EC_POINT * point)
370 return 1; 313 return 1;
371} 314}
372 315
373
374void 316void
375ec_GFp_simple_point_finish(EC_POINT *point) 317ec_GFp_simple_point_finish(EC_POINT *point)
376{ 318{
@@ -379,7 +321,6 @@ ec_GFp_simple_point_finish(EC_POINT *point)
379 BN_free(&point->Z); 321 BN_free(&point->Z);
380} 322}
381 323
382
383void 324void
384ec_GFp_simple_point_clear_finish(EC_POINT *point) 325ec_GFp_simple_point_clear_finish(EC_POINT *point)
385{ 326{
@@ -389,7 +330,6 @@ ec_GFp_simple_point_clear_finish(EC_POINT *point)
389 point->Z_is_one = 0; 330 point->Z_is_one = 0;
390} 331}
391 332
392
393int 333int
394ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src) 334ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
395{ 335{
@@ -404,7 +344,6 @@ ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
404 return 1; 344 return 1;
405} 345}
406 346
407
408int 347int
409ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point) 348ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
410{ 349{
@@ -413,7 +352,6 @@ ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
413 return 1; 352 return 1;
414} 353}
415 354
416
417int 355int
418ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group, 356ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
419 EC_POINT *point, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, 357 EC_POINT *point, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z,
@@ -822,7 +760,6 @@ ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const E
822 return ret; 760 return ret;
823} 761}
824 762
825
826int 763int
827ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) 764ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
828{ 765{
@@ -964,7 +901,6 @@ ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX
964 return ret; 901 return ret;
965} 902}
966 903
967
968int 904int
969ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) 905ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
970{ 906{
@@ -975,14 +911,12 @@ ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
975 return BN_usub(&point->Y, &group->field, &point->Y); 911 return BN_usub(&point->Y, &group->field, &point->Y);
976} 912}
977 913
978
979int 914int
980ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) 915ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
981{ 916{
982 return BN_is_zero(&point->Z); 917 return BN_is_zero(&point->Z);
983} 918}
984 919
985
986int 920int
987ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) 921ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
988{ 922{
@@ -1085,7 +1019,6 @@ ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *
1085 return ret; 1019 return ret;
1086} 1020}
1087 1021
1088
1089int 1022int
1090ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) 1023ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
1091{ 1024{
@@ -1187,7 +1120,6 @@ ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, B
1187 return ret; 1120 return ret;
1188} 1121}
1189 1122
1190
1191int 1123int
1192ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) 1124ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
1193{ 1125{
@@ -1225,7 +1157,6 @@ ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
1225 return ret; 1157 return ret;
1226} 1158}
1227 1159
1228
1229int 1160int
1230ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx) 1161ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
1231{ 1162{
@@ -1400,7 +1331,6 @@ ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *po
1400 return ret; 1331 return ret;
1401} 1332}
1402 1333
1403
1404int 1334int
1405ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) 1335ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1406{ 1336{
@@ -1471,7 +1401,6 @@ ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx)
1471 return ret; 1401 return ret;
1472} 1402}
1473 1403
1474
1475#define EC_POINT_BN_set_flags(P, flags) do { \ 1404#define EC_POINT_BN_set_flags(P, flags) do { \
1476 BN_set_flags(&(P)->X, (flags)); \ 1405 BN_set_flags(&(P)->X, (flags)); \
1477 BN_set_flags(&(P)->Y, (flags)); \ 1406 BN_set_flags(&(P)->Y, (flags)); \
@@ -1723,3 +1652,50 @@ ec_GFp_simple_mul_double_nonct(const EC_GROUP *group, EC_POINT *r,
1723{ 1652{
1724 return ec_wNAF_mul(group, r, g_scalar, 1, &point, &p_scalar, ctx); 1653 return ec_wNAF_mul(group, r, g_scalar, 1, &point, &p_scalar, ctx);
1725} 1654}
1655
1656static const EC_METHOD ec_GFp_simple_method = {
1657 .flags = EC_FLAGS_DEFAULT_OCT,
1658 .field_type = NID_X9_62_prime_field,
1659 .group_init = ec_GFp_simple_group_init,
1660 .group_finish = ec_GFp_simple_group_finish,
1661 .group_clear_finish = ec_GFp_simple_group_clear_finish,
1662 .group_copy = ec_GFp_simple_group_copy,
1663 .group_set_curve = ec_GFp_simple_group_set_curve,
1664 .group_get_curve = ec_GFp_simple_group_get_curve,
1665 .group_get_degree = ec_GFp_simple_group_get_degree,
1666 .group_order_bits = ec_group_simple_order_bits,
1667 .group_check_discriminant = ec_GFp_simple_group_check_discriminant,
1668 .point_init = ec_GFp_simple_point_init,
1669 .point_finish = ec_GFp_simple_point_finish,
1670 .point_clear_finish = ec_GFp_simple_point_clear_finish,
1671 .point_copy = ec_GFp_simple_point_copy,
1672 .point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
1673 .point_set_Jprojective_coordinates =
1674 ec_GFp_simple_set_Jprojective_coordinates,
1675 .point_get_Jprojective_coordinates =
1676 ec_GFp_simple_get_Jprojective_coordinates,
1677 .point_set_affine_coordinates =
1678 ec_GFp_simple_point_set_affine_coordinates,
1679 .point_get_affine_coordinates =
1680 ec_GFp_simple_point_get_affine_coordinates,
1681 .add = ec_GFp_simple_add,
1682 .dbl = ec_GFp_simple_dbl,
1683 .invert = ec_GFp_simple_invert,
1684 .is_at_infinity = ec_GFp_simple_is_at_infinity,
1685 .is_on_curve = ec_GFp_simple_is_on_curve,
1686 .point_cmp = ec_GFp_simple_cmp,
1687 .make_affine = ec_GFp_simple_make_affine,
1688 .points_make_affine = ec_GFp_simple_points_make_affine,
1689 .mul_generator_ct = ec_GFp_simple_mul_generator_ct,
1690 .mul_single_ct = ec_GFp_simple_mul_single_ct,
1691 .mul_double_nonct = ec_GFp_simple_mul_double_nonct,
1692 .field_mul = ec_GFp_simple_field_mul,
1693 .field_sqr = ec_GFp_simple_field_sqr,
1694 .blind_coordinates = ec_GFp_simple_blind_coordinates,
1695};
1696
1697const EC_METHOD *
1698EC_GFp_simple_method(void)
1699{
1700 return &ec_GFp_simple_method;
1701}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-17 15:09:16 +0000