yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-22 10:50:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove curve parameter from (semi-)internal functions

Browse source 
By semi-internal I mean functions that are only public because they're used in
more than once compilation unit in the library (for example in ecc.c and
ecc_dsa.c) but should not really be part of the public-facing API.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-11-21 11:02:38 +01:00
parent bc3f49011a
commit be5f833c9c
3 changed files with 22 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
include/tinycrypt/ecc.h
View file

@ -134,7 +134,7 @@ typedef enum {
* @param curve IN -- elliptic curve
*/
void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1,
uECC_word_t * Z1, uECC_Curve curve);
uECC_word_t * Z1);
/*
* @brief Computes result = product % curve_p
@ -265,10 +265,9 @@ uECC_word_t uECC_vli_isZero(const uECC_word_t *vli);
/*
* @brief Check if 'point' is the point at infinity
* @param point IN -- elliptic curve point
* @param curve IN -- elliptic curve
* @return if 'point' is the point at infinity, 0 otherwise.
*/
uECC_word_t EccPoint_isZero(const uECC_word_t *point, uECC_Curve curve);
uECC_word_t EccPoint_isZero(const uECC_word_t *point);
/*
* @brief computes the sign of left - right, in constant time.
@ -313,7 +312,7 @@ void uECC_vli_modSub(uECC_word_t *result, const uECC_word_t *left,
* @param curve IN -- elliptic curve
*/
void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * X2,
uECC_word_t * Y2, uECC_Curve curve);
uECC_word_t * Y2);
/*
* @brief Computes (x1 * z^2, y1 * z^3)
@ -444,7 +443,7 @@ void uECC_vli_clear(uECC_word_t *vli);
* @exception returns -2 if x or y is smaller than p,
* @exception returns -3 if y^2 != x^3 + ax + b.
*/
int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve);
int uECC_valid_point(const uECC_word_t *point);
/*
* @brief Check if a public key is valid.
@ -460,7 +459,7 @@ int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve);
* time computing a shared secret or verifying a signature using an invalid
* public key.
*/
int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve);
int uECC_valid_public_key(const uint8_t *public_key);
/*
* @brief Converts an integer in uECC native format to big-endian bytes.

38
tinycrypt/ecc.c
View file

@ -608,15 +608,13 @@ void uECC_vli_modInv(uECC_word_t *result, const uECC_word_t *input,
/* ------ Point operations ------ */
void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1,
uECC_word_t * Z1, uECC_Curve curve)
uECC_word_t * Z1)
{
/* t1 = X, t2 = Y, t3 = Z */
uECC_word_t t4[NUM_ECC_WORDS];
uECC_word_t t5[NUM_ECC_WORDS];
wordcount_t num_words = NUM_ECC_WORDS;
(void) curve;
if (uECC_vli_isZero(Z1)) {
return;
}
@ -663,13 +661,10 @@ void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1,
* @param curve IN -- elliptic curve
*/
static void x_side_default(uECC_word_t *result,
const uECC_word_t *x,
uECC_Curve curve)
const uECC_word_t *x)
{
uECC_word_t _3[NUM_ECC_WORDS] = {3}; /* -a = 3 */
(void) curve;
uECC_vli_modMult_fast(result, x, x); /* r = x^2 */
uECC_vli_modSub(result, result, _3, curve_p); /* r = x^2 - 3 */
uECC_vli_modMult_fast(result, result, x); /* r = x^3 - 3x */
@ -783,9 +778,8 @@ void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int*product)
}
}
uECC_word_t EccPoint_isZero(const uECC_word_t *point, uECC_Curve curve)
uECC_word_t EccPoint_isZero(const uECC_word_t *point)
{
(void) curve;
return uECC_vli_isZero(point);
}
@ -802,8 +796,7 @@ void apply_z(uECC_word_t * X1, uECC_word_t * Y1, const uECC_word_t * const Z)
/* P = (x1, y1) => 2P, (x2, y2) => P' */
static void XYcZ_initial_double(uECC_word_t * X1, uECC_word_t * Y1,
uECC_word_t * X2, uECC_word_t * Y2,
const uECC_word_t * const initial_Z,
uECC_Curve curve)
const uECC_word_t * const initial_Z)
{
uECC_word_t z[NUM_ECC_WORDS];
if (initial_Z) {
@ -817,7 +810,7 @@ static void XYcZ_initial_double(uECC_word_t * X1, uECC_word_t * Y1,
uECC_vli_set(Y2, Y1);
apply_z(X1, Y1, z);
double_jacobian_default(X1, Y1, z, curve);
double_jacobian_default(X1, Y1, z);
apply_z(X2, Y2, z);
}
@ -847,10 +840,8 @@ static void XYcZ_add_rnd(uECC_word_t * X1, uECC_word_t * Y1,
}
void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1,
uECC_word_t * X2, uECC_word_t * Y2,
uECC_Curve curve)
uECC_word_t * X2, uECC_word_t * Y2)
{
(void) curve;
XYcZ_add_rnd(X1, Y1, X2, Y2, NULL);
}
@ -907,14 +898,13 @@ static void EccPoint_mult(uECC_word_t * result, const uECC_word_t * point,
uECC_word_t nb;
const wordcount_t num_words = NUM_ECC_WORDS;
const bitcount_t num_bits = NUM_ECC_BITS + 1; /* from regularize_k */
const uECC_Curve curve = uECC_secp256r1();
ecc_wait_state_t wait_state;
ecc_wait_state_t * const ws = g_rng_function ? &wait_state : NULL;
uECC_vli_set(Rx[1], point);
uECC_vli_set(Ry[1], point + num_words);
XYcZ_initial_double(Rx[1], Ry[1], Rx[0], Ry[0], initial_Z, curve);
XYcZ_initial_double(Rx[1], Ry[1], Rx[0], Ry[0], initial_Z);
for (i = num_bits - 2; i > 0; --i) {
ecc_wait_state_reset(ws);
@ -976,7 +966,7 @@ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point,
return 0;
/* Protects against invalid curves attacks */
if (uECC_valid_point(point, curve) != 0 ) {
if (uECC_valid_point(point) != 0 ) {
return 0;
}
@ -998,7 +988,7 @@ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point,
/* Protect against fault injections that would make the resulting
* point not lie on the intended curve */
if (uECC_valid_point(result, curve) != 0 ) {
if (uECC_valid_point(result) != 0 ) {
r = 0;
goto clear_and_out;
}
@ -1071,14 +1061,14 @@ int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
}
int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve)
int uECC_valid_point(const uECC_word_t *point)
{
uECC_word_t tmp1[NUM_ECC_WORDS];
uECC_word_t tmp2[NUM_ECC_WORDS];
wordcount_t num_words = NUM_ECC_WORDS;
/* The point at infinity is invalid. */
if (EccPoint_isZero(point, curve)) {
if (EccPoint_isZero(point)) {
return -1;
}
@ -1089,7 +1079,7 @@ int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve)
}
uECC_vli_modMult_fast(tmp1, point + num_words, point + num_words);
x_side_default(tmp2, point, curve); /* tmp2 = x^3 + ax + b */
x_side_default(tmp2, point); /* tmp2 = x^3 + ax + b */
/* Make sure that y^2 == x^3 + ax + b */
if (uECC_vli_equal(tmp1, tmp2) != 0)
@ -1098,7 +1088,7 @@ int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve)
return 0;
}
int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve)
int uECC_valid_public_key(const uint8_t *public_key)
{
uECC_word_t _public[NUM_ECC_WORDS * 2];
@ -1113,7 +1103,7 @@ int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve)
return -4;
}
return uECC_valid_point(_public, curve);
return uECC_valid_point(_public);
}
int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key,

6
tinycrypt/ecc_dsa.c
View file

@ -261,7 +261,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
uECC_vli_set(tx, curve_G);
uECC_vli_set(ty, curve_G + num_words);
uECC_vli_modSub(z, sum, tx, curve_p); /* z = x2 - x1 */
XYcZ_add(tx, ty, sum, sum + num_words, curve);
XYcZ_add(tx, ty, sum, sum + num_words);
uECC_vli_modInv(z, z, curve_p); /* z = 1/z */
apply_z(sum, sum + num_words, z);
@ -282,7 +282,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
for (i = num_bits - 2; i >= 0; --i) {
uECC_word_t index;
double_jacobian_default(rx, ry, z, curve);
double_jacobian_default(rx, ry, z);
index = (!!uECC_vli_testBit(u1, i)) | ((!!uECC_vli_testBit(u2, i)) << 1);
point = points[index];
@ -291,7 +291,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash,
uECC_vli_set(ty, point + num_words);
apply_z(tx, ty, z);
uECC_vli_modSub(tz, rx, tx, curve_p); /* Z = x2 - x1 */
XYcZ_add(tx, ty, rx, ry, curve);
XYcZ_add(tx, ty, rx, ry);
uECC_vli_modMult_fast(z, z, tz);
}
}