mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-25 17:21:08 +00:00
Adjust ECP self-test to support Curve448
Adjust the Montgomery self-test to use Curve448 in builds without Curve25519. Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>
This commit is contained in:
parent
24666795e4
commit
a088c81fcb
|
@ -3292,6 +3292,39 @@ cleanup:
|
||||||
|
|
||||||
#if defined(MBEDTLS_SELF_TEST)
|
#if defined(MBEDTLS_SELF_TEST)
|
||||||
|
|
||||||
|
static int self_test_adjust_exponent( const mbedtls_ecp_group *grp,
|
||||||
|
mbedtls_mpi *m )
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
switch( grp->id )
|
||||||
|
{
|
||||||
|
/* If Curve25519 is available, then that's what we use for the
|
||||||
|
* Montgomery test, so we don't need the adjustment code. */
|
||||||
|
#if ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
|
||||||
|
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
|
||||||
|
case MBEDTLS_ECP_DP_CURVE448:
|
||||||
|
/* Move highest bit from 254 to N-1. Setting bit N-1 is
|
||||||
|
* necessary to enforce the highest-bit-set constraint. */
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, 254, 0 ) );
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, grp->nbits, 1 ) );
|
||||||
|
/* Copy second-highest bit from 253 to N-2. This is not
|
||||||
|
* necessary but improves the test variety a bit. */
|
||||||
|
MBEDTLS_MPI_CHK(
|
||||||
|
mbedtls_mpi_set_bit( m, grp->nbits - 1,
|
||||||
|
mbedtls_mpi_get_bit( m, 253 ) ) );
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
#endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */
|
||||||
|
default:
|
||||||
|
/* Non-Montgomery curves and Curve25519 need no adjustment. */
|
||||||
|
(void) grp;
|
||||||
|
(void) m;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
cleanup:
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
static int self_test_point( int verbose,
|
static int self_test_point( int verbose,
|
||||||
mbedtls_ecp_group *grp,
|
mbedtls_ecp_group *grp,
|
||||||
mbedtls_ecp_point *R,
|
mbedtls_ecp_point *R,
|
||||||
|
@ -3306,7 +3339,9 @@ static int self_test_point( int verbose,
|
||||||
add_count = 0;
|
add_count = 0;
|
||||||
dbl_count = 0;
|
dbl_count = 0;
|
||||||
mul_count = 0;
|
mul_count = 0;
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
|
||||||
|
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
|
||||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
|
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
|
||||||
|
|
||||||
for( i = 1; i < n_exponents; i++ )
|
for( i = 1; i < n_exponents; i++ )
|
||||||
|
@ -3319,6 +3354,7 @@ static int self_test_point( int verbose,
|
||||||
mul_count = 0;
|
mul_count = 0;
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
|
||||||
|
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
|
||||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
|
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
|
||||||
|
|
||||||
if( add_count != add_c_prev ||
|
if( add_count != add_c_prev ||
|
||||||
|
|
Loading…
Reference in a new issue