dropbear: libtommath/bn_s_mp

annotate libtommath/bn_s_mp_sub.c @ 1659:d32bcb5c557d

Add Ed25519 support (#91) * Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys

author	Vladislav Grishenko <themiron@users.noreply.github.com>
date	Wed, 11 Mar 2020 21:09:45 +0500
parents	f52919ffd3b1
children	1051e4eea25a

rev	line source
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	1 #include "tommath_private.h"
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 #ifdef BN_S_MP_SUB_C
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 /* LibTomMath, multiple-precision integer library -- Tom St Denis
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 *
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 * LibTomMath is a library that provides multiple-precision
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 * integer arithmetic as well as number theoretic functionality.
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 *
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * The library was designed directly after the MPI library by
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * Michael Fromberger but has been written from scratch with
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * additional optimizations in place.
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 *
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	12 * SPDX-License-Identifier: Unlicense
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 */
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 /* low level subtraction (assumes \|a\| > \|b\|), HAC pp.595 Algorithm 14.9 */
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	16 int s_mp_sub(const mp_int a, const mp_int b, mp_int *c)
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 {
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	18 int olduse, res, min, max;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	20 /* find sizes */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	21 min = b->used;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	22 max = a->used;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	24 /* init result */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	25 if (c->alloc < max) {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	26 if ((res = mp_grow(c, max)) != MP_OKAY) {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	27 return res;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	28 }
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	29 }
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	30 olduse = c->used;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	31 c->used = max;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	33 {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	34 mp_digit u, tmpa, tmpb, *tmpc;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	35 int i;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	37 /* alias for digit pointers */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	38 tmpa = a->dp;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	39 tmpb = b->dp;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	40 tmpc = c->dp;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	41
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	42 /* set carry to zero */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	43 u = 0;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	44 for (i = 0; i < min; i++) {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	45 /* T[i] = A[i] - B[i] - U */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	46 tmpc = (tmpa++ - *tmpb++) - u;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	47
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	48 /* U = carry bit of T[i]
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	49 * Note this saves performing an AND operation since
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	50 * if a carry does occur it will propagate all the way to the
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	51 * MSB. As a result a single shift is enough to get the carry
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	52 */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	53 u = tmpc >> (((size_t)CHAR_BIT sizeof(mp_digit)) - 1u);
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	55 /* Clear carry from T[i] */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	56 *tmpc++ &= MP_MASK;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	57 }
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	58
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	59 /* now copy higher words if any, e.g. if A has more digits than B */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	60 for (; i < max; i++) {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	61 /* T[i] = A[i] - U */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	62 tmpc = tmpa++ - u;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	64 /* U = carry bit of T[i] */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	65 u = tmpc >> (((size_t)CHAR_BIT sizeof(mp_digit)) - 1u);
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	67 /* Clear carry from T[i] */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	68 *tmpc++ &= MP_MASK;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	69 }
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	71 /* clear digits above used (since we may not have grown result above) */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	72 for (i = c->used; i < olduse; i++) {
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	73 *tmpc++ = 0;
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	74 }
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	75 }
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	77 mp_clamp(c);
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	78 return MP_OKAY;
284 eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	79 }
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	80
eed26cff980b propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 6c790cad5a7fa866ad062cb3a0c279f7ba788583) Matt Johnston <matt@ucc.asn.au> parents: diff changeset	81 #endif
389 5ff8218bcee9 propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 2af95f00ebd5bb7a28b3817db1218442c935388e) Matt Johnston <matt@ucc.asn.au> parents: 284 diff changeset	82
1655 f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	83 /* ref: HEAD -> master, tag: v1.1.0 */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	84 /* git commit: 08549ad6bc8b0cede0b357a9c341c5c6473a9c55 */
f52919ffd3b1 update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79) Steffen Jaeckel <s_jaeckel@gmx.de> parents: 1470 diff changeset	85 /* commit time: 2019-01-28 20:32:32 +0100 */

Mercurial > dropbear

annotate libtommath/bn_s_mp_sub.c @ 1659:d32bcb5c557d