Mercurial > dropbear

comparison libtomcrypt/src/math/tfm_desc.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 9
12 #define DESC_DEF_ONLY 10 #define DESC_DEF_ONLY
13 #include "tomcrypt.h" 11 #include "tomcrypt.h"
14 12
23 { FP_MEM , CRYPT_MEM}, 21 { FP_MEM , CRYPT_MEM},
24 { FP_VAL , CRYPT_INVALID_ARG}, 22 { FP_VAL , CRYPT_INVALID_ARG},
25 }; 23 };
26 24
27 /** 25 /**
28 Convert a tfm error to a LTC error (Possibly the most powerful function ever! Oh wait... no) 26 Convert a tfm error to a LTC error (Possibly the most powerful function ever! Oh wait... no)
29 @param err The error to convert 27 @param err The error to convert
30 @return The equivalent LTC error code or CRYPT_ERROR if none found 28 @return The equivalent LTC error code or CRYPT_ERROR if none found
31 */ 29 */
32 static int tfm_to_ltc_error(int err) 30 static int tfm_to_ltc_error(int err)
33 { 31 {
34 int x; 32 int x;
35 33
36 for (x = 0; x < (int)(sizeof(tfm_to_ltc_codes)/sizeof(tfm_to_ltc_codes[0])); x++) { 34 for (x = 0; x < (int)(sizeof(tfm_to_ltc_codes)/sizeof(tfm_to_ltc_codes[0])); x++) {
37 if (err == tfm_to_ltc_codes[x].tfm_code) { 35 if (err == tfm_to_ltc_codes[x].tfm_code) {
38 return tfm_to_ltc_codes[x].ltc_code; 36 return tfm_to_ltc_codes[x].ltc_code;
39 } 37 }
40 } 38 }
41 return CRYPT_ERROR; 39 return CRYPT_ERROR;
42 } 40 }
82 } 80 }
83 return copy(b, *a); 81 return copy(b, *a);
84 } 82 }
85 83
86 /* ---- trivial ---- */ 84 /* ---- trivial ---- */
87 static int set_int(void *a, unsigned long b) 85 static int set_int(void *a, ltc_mp_digit b)
88 { 86 {
89 LTC_ARGCHK(a != NULL); 87 LTC_ARGCHK(a != NULL);
90 fp_set(a, b); 88 fp_set(a, b);
91 return CRYPT_OK; 89 return CRYPT_OK;
92 } 90 }
97 LTC_ARGCHK(a != NULL); 95 LTC_ARGCHK(a != NULL);
98 A = a; 96 A = a;
99 return A->used > 0 ? A->dp[0] : 0; 97 return A->used > 0 ? A->dp[0] : 0;
100 } 98 }
101 99
102 static unsigned long get_digit(void *a, int n) 100 static ltc_mp_digit get_digit(void *a, int n)
103 { 101 {
104 fp_int *A; 102 fp_int *A;
105 LTC_ARGCHK(a != NULL); 103 LTC_ARGCHK(a != NULL);
106 A = a; 104 A = a;
107 return (n >= A->used || n < 0) ? 0 : A->dp[n]; 105 return (n >= A->used || n < 0) ? 0 : A->dp[n];
112 fp_int *A; 110 fp_int *A;
113 LTC_ARGCHK(a != NULL); 111 LTC_ARGCHK(a != NULL);
114 A = a; 112 A = a;
115 return A->used; 113 return A->used;
116 } 114 }
117 115
118 static int compare(void *a, void *b) 116 static int compare(void *a, void *b)
119 { 117 {
120 int ret; 118 int ret;
121 LTC_ARGCHK(a != NULL); 119 LTC_ARGCHK(a != NULL);
122 LTC_ARGCHK(b != NULL); 120 LTC_ARGCHK(b != NULL);
127 case FP_GT: return LTC_MP_GT; 125 case FP_GT: return LTC_MP_GT;
128 } 126 }
129 return 0; 127 return 0;
130 } 128 }
131 129
132 static int compare_d(void *a, unsigned long b) 130 static int compare_d(void *a, ltc_mp_digit b)
133 { 131 {
134 int ret; 132 int ret;
135 LTC_ARGCHK(a != NULL); 133 LTC_ARGCHK(a != NULL);
136 ret = fp_cmp_d(a, b); 134 ret = fp_cmp_d(a, b);
137 switch (ret) { 135 switch (ret) {
211 LTC_ARGCHK(b != NULL); 209 LTC_ARGCHK(b != NULL);
212 LTC_ARGCHK(c != NULL); 210 LTC_ARGCHK(c != NULL);
213 fp_add(a, b, c); 211 fp_add(a, b, c);
214 return CRYPT_OK; 212 return CRYPT_OK;
215 } 213 }
216 214
217 static int addi(void *a, unsigned long b, void *c) 215 static int addi(void *a, ltc_mp_digit b, void *c)
218 { 216 {
219 LTC_ARGCHK(a != NULL); 217 LTC_ARGCHK(a != NULL);
220 LTC_ARGCHK(c != NULL); 218 LTC_ARGCHK(c != NULL);
221 fp_add_d(a, b, c); 219 fp_add_d(a, b, c);
222 return CRYPT_OK; 220 return CRYPT_OK;
230 LTC_ARGCHK(c != NULL); 228 LTC_ARGCHK(c != NULL);
231 fp_sub(a, b, c); 229 fp_sub(a, b, c);
232 return CRYPT_OK; 230 return CRYPT_OK;
233 } 231 }
234 232
235 static int subi(void *a, unsigned long b, void *c) 233 static int subi(void *a, ltc_mp_digit b, void *c)
236 { 234 {
237 LTC_ARGCHK(a != NULL); 235 LTC_ARGCHK(a != NULL);
238 LTC_ARGCHK(c != NULL); 236 LTC_ARGCHK(c != NULL);
239 fp_sub_d(a, b, c); 237 fp_sub_d(a, b, c);
240 return CRYPT_OK; 238 return CRYPT_OK;
244 static int mul(void *a, void *b, void *c) 242 static int mul(void *a, void *b, void *c)
245 { 243 {
246 LTC_ARGCHK(a != NULL); 244 LTC_ARGCHK(a != NULL);
247 LTC_ARGCHK(b != NULL); 245 LTC_ARGCHK(b != NULL);
248 LTC_ARGCHK(c != NULL); 246 LTC_ARGCHK(c != NULL);
249 fp_mul(a, b, c); 247 fp_mul(a, b, c);
250 return CRYPT_OK; 248 return CRYPT_OK;
251 } 249 }
252 250
253 static int muli(void *a, unsigned long b, void *c) 251 static int muli(void *a, ltc_mp_digit b, void *c)
254 { 252 {
255 LTC_ARGCHK(a != NULL); 253 LTC_ARGCHK(a != NULL);
256 LTC_ARGCHK(c != NULL); 254 LTC_ARGCHK(c != NULL);
257 fp_mul_d(a, b, c); 255 fp_mul_d(a, b, c);
258 return CRYPT_OK; 256 return CRYPT_OK;
282 fp_div_2(a, b); 280 fp_div_2(a, b);
283 return CRYPT_OK; 281 return CRYPT_OK;
284 } 282 }
285 283
286 /* modi */ 284 /* modi */
287 static int modi(void *a, unsigned long b, unsigned long *c) 285 static int modi(void *a, ltc_mp_digit b, ltc_mp_digit *c)
288 { 286 {
289 fp_digit tmp; 287 fp_digit tmp;
290 int err; 288 int err;
291 289
292 LTC_ARGCHK(a != NULL); 290 LTC_ARGCHK(a != NULL);
295 if ((err = tfm_to_ltc_error(fp_mod_d(a, b, &tmp))) != CRYPT_OK) { 293 if ((err = tfm_to_ltc_error(fp_mod_d(a, b, &tmp))) != CRYPT_OK) {
296 return err; 294 return err;
297 } 295 }
298 *c = tmp; 296 *c = tmp;
299 return CRYPT_OK; 297 return CRYPT_OK;
300 } 298 }
301 299
302 /* gcd */ 300 /* gcd */
303 static int gcd(void *a, void *b, void *c) 301 static int gcd(void *a, void *b, void *c)
304 { 302 {
305 LTC_ARGCHK(a != NULL); 303 LTC_ARGCHK(a != NULL);
315 LTC_ARGCHK(a != NULL); 313 LTC_ARGCHK(a != NULL);
316 LTC_ARGCHK(b != NULL); 314 LTC_ARGCHK(b != NULL);
317 LTC_ARGCHK(c != NULL); 315 LTC_ARGCHK(c != NULL);
318 fp_lcm(a, b, c); 316 fp_lcm(a, b, c);
319 return CRYPT_OK; 317 return CRYPT_OK;
318 }
319
320 static int addmod(void *a, void *b, void *c, void *d)
321 {
322 LTC_ARGCHK(a != NULL);
323 LTC_ARGCHK(b != NULL);
324 LTC_ARGCHK(c != NULL);
325 LTC_ARGCHK(d != NULL);
326 return tfm_to_ltc_error(fp_addmod(a,b,c,d));
327 }
328
329 static int submod(void *a, void *b, void *c, void *d)
330 {
331 LTC_ARGCHK(a != NULL);
332 LTC_ARGCHK(b != NULL);
333 LTC_ARGCHK(c != NULL);
334 LTC_ARGCHK(d != NULL);
335 return tfm_to_ltc_error(fp_submod(a,b,c,d));
320 } 336 }
321 337
322 static int mulmod(void *a, void *b, void *c, void *d) 338 static int mulmod(void *a, void *b, void *c, void *d)
323 { 339 {
324 LTC_ARGCHK(a != NULL); 340 LTC_ARGCHK(a != NULL);
391 LTC_ARGCHK(a != NULL); 407 LTC_ARGCHK(a != NULL);
392 LTC_ARGCHK(b != NULL); 408 LTC_ARGCHK(b != NULL);
393 LTC_ARGCHK(c != NULL); 409 LTC_ARGCHK(c != NULL);
394 LTC_ARGCHK(d != NULL); 410 LTC_ARGCHK(d != NULL);
395 return tfm_to_ltc_error(fp_exptmod(a,b,c,d)); 411 return tfm_to_ltc_error(fp_exptmod(a,b,c,d));
396 } 412 }
397 413
398 static int isprime(void *a, int *b) 414 static int isprime(void *a, int b, int *c)
399 { 415 {
400 LTC_ARGCHK(a != NULL); 416 LTC_ARGCHK(a != NULL);
401 LTC_ARGCHK(b != NULL); 417 LTC_ARGCHK(c != NULL);
402 *b = (fp_isprime(a) == FP_YES) ? LTC_MP_YES : LTC_MP_NO; 418 if (b == 0) {
419 b = LTC_MILLER_RABIN_REPS;
420 } /* if */
421 *c = (fp_isprime_ex(a, b) == FP_YES) ? LTC_MP_YES : LTC_MP_NO;
403 return CRYPT_OK; 422 return CRYPT_OK;
404 } 423 }
405 424
406 #if defined(LTC_MECC) && defined(LTC_MECC_ACCEL) 425 #if defined(LTC_MECC) && defined(LTC_MECC_ACCEL)
407 426
435 /* Z = 2Z */ 454 /* Z = 2Z */
436 fp_add(R->z, R->z, R->z); 455 fp_add(R->z, R->z, R->z);
437 if (fp_cmp(R->z, modulus) != FP_LT) { 456 if (fp_cmp(R->z, modulus) != FP_LT) {
438 fp_sub(R->z, modulus, R->z); 457 fp_sub(R->z, modulus, R->z);
439 } 458 }
440 459
441 /* &t2 = X - T1 */ 460 /* &t2 = X - T1 */
442 fp_sub(R->x, &t1, &t2); 461 fp_sub(R->x, &t1, &t2);
443 if (fp_cmp_d(&t2, 0) == FP_LT) { 462 if (fp_cmp_d(&t2, 0) == FP_LT) {
444 fp_add(&t2, modulus, &t2); 463 fp_add(&t2, modulus, &t2);
445 } 464 }
494 fp_sub(R->x, R->y, R->x); 513 fp_sub(R->x, R->y, R->x);
495 if (fp_cmp_d(R->x, 0) == FP_LT) { 514 if (fp_cmp_d(R->x, 0) == FP_LT) {
496 fp_add(R->x, modulus, R->x); 515 fp_add(R->x, modulus, R->x);
497 } 516 }
498 517
499 /* Y = Y - X */ 518 /* Y = Y - X */
500 fp_sub(R->y, R->x, R->y); 519 fp_sub(R->y, R->x, R->y);
501 if (fp_cmp_d(R->y, 0) == FP_LT) { 520 if (fp_cmp_d(R->y, 0) == FP_LT) {
502 fp_add(R->y, modulus, R->y); 521 fp_add(R->y, modulus, R->y);
503 } 522 }
504 /* Y = Y * T1 */ 523 /* Y = Y * T1 */
507 /* Y = Y - T2 */ 526 /* Y = Y - T2 */
508 fp_sub(R->y, &t2, R->y); 527 fp_sub(R->y, &t2, R->y);
509 if (fp_cmp_d(R->y, 0) == FP_LT) { 528 if (fp_cmp_d(R->y, 0) == FP_LT) {
510 fp_add(R->y, modulus, R->y); 529 fp_add(R->y, modulus, R->y);
511 } 530 }
512 531
513 return CRYPT_OK; 532 return CRYPT_OK;
514 } 533 }
515 534
516 /** 535 /**
517 Add two ECC points 536 Add two ECC points
518 @param P The point to add 537 @param P The point to add
519 @param Q The point to add 538 @param Q The point to add
520 @param R [out] The destination of the double 539 @param R [out] The destination of the double
521 @param modulus The modulus of the field the ECC curve is in 540 @param modulus The modulus of the field the ECC curve is in
522 @param mp The "b" value from montgomery_setup() 541 @param Mp The "b" value from montgomery_setup()
523 @return CRYPT_OK on success 542 @return CRYPT_OK on success
524 */ 543 */
525 static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *Mp) 544 static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *Mp)
526 { 545 {
527 fp_int t1, t2, x, y, z; 546 fp_int t1, t2, x, y, z;
528 fp_digit mp; 547 fp_digit mp;
529 548
530 LTC_ARGCHK(P != NULL); 549 LTC_ARGCHK(P != NULL);
531 LTC_ARGCHK(Q != NULL); 550 LTC_ARGCHK(Q != NULL);
532 LTC_ARGCHK(R != NULL); 551 LTC_ARGCHK(R != NULL);
533 LTC_ARGCHK(modulus != NULL); 552 LTC_ARGCHK(modulus != NULL);
534 LTC_ARGCHK(Mp != NULL); 553 LTC_ARGCHK(Mp != NULL);
541 fp_init(&y); 560 fp_init(&y);
542 fp_init(&z); 561 fp_init(&z);
543 562
544 /* should we dbl instead? */ 563 /* should we dbl instead? */
545 fp_sub(modulus, Q->y, &t1); 564 fp_sub(modulus, Q->y, &t1);
546 if ( (fp_cmp(P->x, Q->x) == FP_EQ) && 565 if ( (fp_cmp(P->x, Q->x) == FP_EQ) &&
547 (Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) && 566 (Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) &&
548 (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) { 567 (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) {
549 return tfm_ecc_projective_dbl_point(P, R, modulus, Mp); 568 return tfm_ecc_projective_dbl_point(P, R, modulus, Mp);
550 } 569 }
551 570
634 fp_mul(&t2, &x, &t2); 653 fp_mul(&t2, &x, &t2);
635 fp_montgomery_reduce(&t2, modulus, mp); 654 fp_montgomery_reduce(&t2, modulus, mp);
636 /* T1 = T1 * X */ 655 /* T1 = T1 * X */
637 fp_mul(&t1, &x, &t1); 656 fp_mul(&t1, &x, &t1);
638 fp_montgomery_reduce(&t1, modulus, mp); 657 fp_montgomery_reduce(&t1, modulus, mp);
639 658
640 /* X = Y*Y */ 659 /* X = Y*Y */
641 fp_sqr(&y, &x); 660 fp_sqr(&y, &x);
642 fp_montgomery_reduce(&x, modulus, mp); 661 fp_montgomery_reduce(&x, modulus, mp);
643 /* X = X - T2 */ 662 /* X = X - T2 */
644 fp_sub(&x, &t2, &x); 663 fp_sub(&x, &t2, &x);
648 667
649 /* T2 = T2 - X */ 668 /* T2 = T2 - X */
650 fp_sub(&t2, &x, &t2); 669 fp_sub(&t2, &x, &t2);
651 if (fp_cmp_d(&t2, 0) == FP_LT) { 670 if (fp_cmp_d(&t2, 0) == FP_LT) {
652 fp_add(&t2, modulus, &t2); 671 fp_add(&t2, modulus, &t2);
653 } 672 }
654 /* T2 = T2 - X */ 673 /* T2 = T2 - X */
655 fp_sub(&t2, &x, &t2); 674 fp_sub(&t2, &x, &t2);
656 if (fp_cmp_d(&t2, 0) == FP_LT) { 675 if (fp_cmp_d(&t2, 0) == FP_LT) {
657 fp_add(&t2, modulus, &t2); 676 fp_add(&t2, modulus, &t2);
658 } 677 }
671 fp_div_2(&y, &y); 690 fp_div_2(&y, &y);
672 691
673 fp_copy(&x, R->x); 692 fp_copy(&x, R->x);
674 fp_copy(&y, R->y); 693 fp_copy(&y, R->y);
675 fp_copy(&z, R->z); 694 fp_copy(&z, R->z);
676 695
677 return CRYPT_OK; 696 return CRYPT_OK;
678 } 697 }
679 698
680 699
681 #endif 700 #endif
701
702 static int set_rand(void *a, int size)
703 {
704 LTC_ARGCHK(a != NULL);
705 fp_rand(a, size);
706 return CRYPT_OK;
707 }
682 708
683 const ltc_math_descriptor tfm_desc = { 709 const ltc_math_descriptor tfm_desc = {
684 710
685 "TomsFastMath", 711 "TomsFastMath",
686 (int)DIGIT_BIT, 712 (int)DIGIT_BIT,
762 788
763 #ifdef LTC_MRSA 789 #ifdef LTC_MRSA
764 &rsa_make_key, 790 &rsa_make_key,
765 &rsa_exptmod, 791 &rsa_exptmod,
766 #else 792 #else
767 NULL, NULL 793 NULL, NULL,
768 #endif 794 #endif
769 795 &addmod,
796 &submod,
797
798 set_rand,
799
770 }; 800 };
771 801
772 802
773 #endif 803 #endif
774 804
775 /* $Source$ */ 805 /* ref: $Format:%D$ */
776 /* $Revision$ */ 806 /* git commit: $Format:%H$ */
777 /* $Date$ */ 807 /* commit time: $Format:%ai$ */