Mercurial > dropbear

comparison libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c @ 1511:5916af64acd4 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge from main
author Matt Johnston <matt@ucc.asn.au>
date Sat, 17 Feb 2018 19:29:51 +0800
parents 6dba84798cd5
children
comparison
equal deleted inserted replaced
1457:32f990cc96b1 1511:5916af64acd4
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 9
12 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b 10 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
13 * 11 *
14 * All curves taken from NIST recommendation paper of July 1999 12 * All curves taken from NIST recommendation paper of July 1999
17 #include "tomcrypt.h" 15 #include "tomcrypt.h"
18 16
19 /** 17 /**
20 @file ltc_ecc_mulmod.c 18 @file ltc_ecc_mulmod.c
21 ECC Crypto, Tom St Denis 19 ECC Crypto, Tom St Denis
22 */ 20 */
23 21
24 #ifdef LTC_MECC 22 #ifdef LTC_MECC
25 #ifndef LTC_ECC_TIMING_RESISTANT 23 #ifndef LTC_ECC_TIMING_RESISTANT
26 24
27 /* size of sliding window, don't change this! */ 25 /* size of sliding window, don't change this! */
28 #define WINSIZE 4 26 #define WINSIZE 4
29 27
30 /** 28 /**
31 Perform a point multiplication 29 Perform a point multiplication
32 @param k The scalar to multiply by 30 @param k The scalar to multiply by
33 @param G The base point 31 @param G The base point
34 @param R [out] Destination for kG 32 @param R [out] Destination for kG
35 @param modulus The modulus of the field the ECC curve is in 33 @param modulus The modulus of the field the ECC curve is in
36 @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) 34 @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective)
39 int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) 37 int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
40 { 38 {
41 ecc_point *tG, *M[8]; 39 ecc_point *tG, *M[8];
42 int i, j, err; 40 int i, j, err;
43 void *mu, *mp; 41 void *mu, *mp;
44 unsigned long buf; 42 ltc_mp_digit buf;
45 int first, bitbuf, bitcpy, bitcnt, mode, digidx; 43 int first, bitbuf, bitcpy, bitcnt, mode, digidx;
46 44
47 LTC_ARGCHK(k != NULL); 45 LTC_ARGCHK(k != NULL);
48 LTC_ARGCHK(G != NULL); 46 LTC_ARGCHK(G != NULL);
49 LTC_ARGCHK(R != NULL); 47 LTC_ARGCHK(R != NULL);
60 if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { 58 if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
61 mp_montgomery_free(mp); 59 mp_montgomery_free(mp);
62 mp_clear(mu); 60 mp_clear(mu);
63 return err; 61 return err;
64 } 62 }
65 63
66 /* alloc ram for window temps */ 64 /* alloc ram for window temps */
67 for (i = 0; i < 8; i++) { 65 for (i = 0; i < 8; i++) {
68 M[i] = ltc_ecc_new_point(); 66 M[i] = ltc_ecc_new_point();
69 if (M[i] == NULL) { 67 if (M[i] == NULL) {
70 for (j = 0; j < i; j++) { 68 for (j = 0; j < i; j++) {
83 /* tG = G and convert to montgomery */ 81 /* tG = G and convert to montgomery */
84 if (mp_cmp_d(mu, 1) == LTC_MP_EQ) { 82 if (mp_cmp_d(mu, 1) == LTC_MP_EQ) {
85 if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; } 83 if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; }
86 if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; } 84 if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; }
87 if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; } 85 if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; }
88 } else { 86 } else {
89 if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } 87 if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; }
90 if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } 88 if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; }
91 if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; } 89 if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; }
92 } 90 }
93 mp_clear(mu); 91 mp_clear(mu);
94 mu = NULL; 92 mu = NULL;
95 93
96 /* calc the M tab, which holds kG for k==8..15 */ 94 /* calc the M tab, which holds kG for k==8..15 */
97 /* M[0] == 8G */ 95 /* M[0] == 8G */
98 if ((err = ltc_mp.ecc_ptdbl(tG, M[0], modulus, mp)) != CRYPT_OK) { goto done; } 96 if ((err = ltc_mp.ecc_ptdbl(tG, M[0], modulus, mp)) != CRYPT_OK) { goto done; }
99 if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } 97 if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; }
100 if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } 98 if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; }
215 213
216 #undef WINSIZE 214 #undef WINSIZE
217 215
218 #endif 216 #endif
219 217
220 /* $Source$ */ 218 /* ref: $Format:%D$ */
221 /* $Revision$ */ 219 /* git commit: $Format:%H$ */
222 /* $Date$ */ 220 /* commit time: $Format:%ai$ */