From: Daiki Ueno <du...@redhat.com>
This makes it possible to share the same code for curve25519 and
curve448 primitives, which use different underlying formulas for
addition and doubling.
Signed-off-by: Daiki Ueno <du...@redhat.com>
---
ecc-192.c | 4 ++++
ecc-224.c | 4 ++++
ecc-25519.c | 4 ++++
ecc-256.c | 4 ++++
ecc-384.c | 4 ++++
ecc-521.c | 4 ++++
ecc-internal.h | 8 ++++++++
ecc-mul-a-eh.c | 12 ++++++------
ecc-mul-g-eh.c | 4 ++--
testsuite/ecc-add-test.c | 43 +++++++++++++++++++++++++------------------
testsuite/ecc-dup-test.c | 10 +++++-----
11 files changed, 70 insertions(+), 31 deletions(-)
diff --git a/ecc-192.c b/ecc-192.c
index 5c52b043..1fbbcded 100644
--- a/ecc-192.c
+++ b/ecc-192.c
@@ -155,12 +155,16 @@ const struct ecc_curve nettle_secp_192r1 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE),
ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
+ ecc_add_jja,
ecc_add_jjj,
+ ecc_dup_jj,
ecc_mul_a,
ecc_mul_g,
ecc_j_to_a,
diff --git a/ecc-224.c b/ecc-224.c
index cdb42197..b1ff0578 100644
--- a/ecc-224.c
+++ b/ecc-224.c
@@ -107,12 +107,16 @@ const struct ecc_curve nettle_secp_224r1 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE),
ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
+ ecc_add_jja,
ecc_add_jjj,
+ ecc_dup_jj,
ecc_mul_a,
ecc_mul_g,
ecc_j_to_a,
diff --git a/ecc-25519.c b/ecc-25519.c
index 92de49be..16073ecf 100644
--- a/ecc-25519.c
+++ b/ecc-25519.c
@@ -335,12 +335,16 @@ const struct ecc_curve _nettle_curve25519 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_EH_ITCH (ECC_LIMB_SIZE),
ECC_ADD_EHH_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_EH_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_EH_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_EH_ITCH (ECC_LIMB_SIZE),
ECC_EH_TO_A_ITCH (ECC_LIMB_SIZE, ECC_25519_INV_ITCH),
+ ecc_add_eh,
ecc_add_ehh,
+ ecc_dup_eh,
ecc_mul_a_eh,
ecc_mul_g_eh,
ecc_eh_to_a,
diff --git a/ecc-256.c b/ecc-256.c
index e757985c..d0870657 100644
--- a/ecc-256.c
+++ b/ecc-256.c
@@ -284,12 +284,16 @@ const struct ecc_curve nettle_secp_256r1 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE),
ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
+ ecc_add_jja,
ecc_add_jjj,
+ ecc_dup_jj,
ecc_mul_a,
ecc_mul_g,
ecc_j_to_a,
diff --git a/ecc-384.c b/ecc-384.c
index a393c61f..006c4568 100644
--- a/ecc-384.c
+++ b/ecc-384.c
@@ -192,12 +192,16 @@ const struct ecc_curve nettle_secp_384r1 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE),
ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
+ ecc_add_jja,
ecc_add_jjj,
+ ecc_dup_jj,
ecc_mul_a,
ecc_mul_g,
ecc_j_to_a,
diff --git a/ecc-521.c b/ecc-521.c
index 1a08f209..9d32b54e 100644
--- a/ecc-521.c
+++ b/ecc-521.c
@@ -120,12 +120,16 @@ const struct ecc_curve nettle_secp_521r1 =
ECC_PIPPENGER_K,
ECC_PIPPENGER_C,
+ ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE),
ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE),
+ ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE),
ECC_MUL_A_ITCH (ECC_LIMB_SIZE),
ECC_MUL_G_ITCH (ECC_LIMB_SIZE),
ECC_J_TO_A_ITCH (ECC_LIMB_SIZE),
+ ecc_add_jja,
ecc_add_jjj,
+ ecc_dup_jj,
ecc_mul_a,
ecc_mul_g,
ecc_j_to_a,
diff --git a/ecc-internal.h b/ecc-internal.h
index ce1e34fb..643277c0 100644
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -112,6 +112,10 @@ typedef void ecc_add_func (const struct ecc_curve *ecc,
const mp_limb_t *p, const mp_limb_t *q,
mp_limb_t *scratch);
+typedef void ecc_dup_func (const struct ecc_curve *ecc,
+ mp_limb_t *r, const mp_limb_t *p,
+ mp_limb_t *scratch);
+
typedef void ecc_mul_g_func (const struct ecc_curve *ecc, mp_limb_t *r,
const mp_limb_t *np, mp_limb_t *scratch);
@@ -168,12 +172,16 @@ struct ecc_curve
unsigned short pippenger_k;
unsigned short pippenger_c;
+ unsigned short add_hh_itch;
unsigned short add_hhh_itch;
+ unsigned short dup_itch;
unsigned short mul_itch;
unsigned short mul_g_itch;
unsigned short h_to_a_itch;
+ ecc_add_func *add_hh;
ecc_add_func *add_hhh;
+ ecc_dup_func *dup;
ecc_mul_func *mul;
ecc_mul_g_func *mul_g;
ecc_h_to_a_func *h_to_a;
diff --git a/ecc-mul-a-eh.c b/ecc-mul-a-eh.c
index cf743236..e9b22cd4 100644
--- a/ecc-mul-a-eh.c
+++ b/ecc-mul-a-eh.c
@@ -75,8 +75,8 @@ ecc_mul_a_eh (const struct ecc_curve *ecc,
{
int digit;
- ecc_dup_eh (ecc, r, r, scratch_out);
- ecc_add_ehh (ecc, tp, r, pe, scratch_out);
+ ecc->dup (ecc, r, r, scratch_out);
+ ecc->add_hhh (ecc, tp, r, pe, scratch_out);
digit = (w & bit) > 0;
/* If we had a one-bit, use the sum. */
@@ -107,8 +107,8 @@ table_init (const struct ecc_curve *ecc,
for (j = 2; j < size; j += 2)
{
- ecc_dup_eh (ecc, TABLE(j), TABLE(j/2), scratch);
- ecc_add_ehh (ecc, TABLE(j+1), TABLE(j), TABLE(1), scratch);
+ ecc->dup (ecc, TABLE(j), TABLE(j/2), scratch);
+ ecc->add_hhh (ecc, TABLE(j+1), TABLE(j), TABLE(1), scratch);
}
}
@@ -163,11 +163,11 @@ ecc_mul_a_eh (const struct ecc_curve *ecc,
bits |= w >> shift;
}
for (j = 0; j < ECC_MUL_A_EH_WBITS; j++)
- ecc_dup_eh (ecc, r, r, scratch_out);
+ ecc->dup (ecc, r, r, scratch_out);
bits &= TABLE_MASK;
sec_tabselect (tp, 3*ecc->p.size, table, TABLE_SIZE, bits);
- ecc_add_ehh (ecc, r, tp, r, scratch_out);
+ ecc->add_hhh (ecc, r, tp, r, scratch_out);
}
#undef table
#undef tp
diff --git a/ecc-mul-g-eh.c b/ecc-mul-g-eh.c
index a945494d..971bc6c5 100644
--- a/ecc-mul-g-eh.c
+++ b/ecc-mul-g-eh.c
@@ -64,7 +64,7 @@ ecc_mul_g_eh (const struct ecc_curve *ecc, mp_limb_t *r,
for (i = k; i-- > 0; )
{
- ecc_dup_eh (ecc, r, r, scratch);
+ ecc->dup (ecc, r, r, scratch);
for (j = 0; j * c < bit_rows; j++)
{
unsigned bits;
@@ -93,7 +93,7 @@ ecc_mul_g_eh (const struct ecc_curve *ecc, mp_limb_t *r,
+ (2*ecc->p.size * (mp_size_t) j << c)),
1<<c, bits);
- ecc_add_eh (ecc, r, r, tp, scratch_out);
+ ecc->add_hh (ecc, r, r, tp, scratch_out);
}
}
#undef tp
diff --git a/testsuite/ecc-add-test.c b/testsuite/ecc-add-test.c
index 54fae31f..8e88a76b 100644
--- a/testsuite/ecc-add-test.c
+++ b/testsuite/ecc-add-test.c
@@ -1,4 +1,5 @@
#include "testutils.h"
+#include <assert.h>
void
test_main (void)
@@ -20,64 +21,70 @@ test_main (void)
/* Zero point has x = 0, y = 1, z = 1 */
mpn_zero (z, 3*ecc->p.size);
z[ecc->p.size] = z[2*ecc->p.size] = 1;
-
+
+ assert (ecc->add_hh == ecc_add_eh);
+ assert (ecc->add_hhh == ecc_add_ehh);
+
ecc_a_to_j (ecc, g, ecc->g);
- ecc_add_ehh (ecc, p, z, z, scratch);
+ ecc->add_hhh (ecc, p, z, z, scratch);
test_ecc_mul_h (i, 0, p);
- ecc_add_eh (ecc, p, z, z, scratch);
+ ecc->add_hh (ecc, p, z, z, scratch);
test_ecc_mul_h (i, 0, p);
- ecc_add_ehh (ecc, p, g, p, scratch);
+ ecc->add_hhh (ecc, p, g, p, scratch);
test_ecc_mul_h (i, 1, p);
- ecc_add_eh (ecc, p, z, g, scratch);
+ ecc->add_hh (ecc, p, z, g, scratch);
test_ecc_mul_h (i, 1, p);
- ecc_add_ehh (ecc, g2, g, p, scratch);
+ ecc->add_hhh (ecc, g2, g, p, scratch);
test_ecc_mul_h (i, 2, g2);
- ecc_add_eh (ecc, g2, g, g, scratch);
+ ecc->add_hh (ecc, g2, g, g, scratch);
test_ecc_mul_h (i, 2, g2);
- ecc_add_ehh (ecc, g3, g, g2, scratch);
+ ecc->add_hhh (ecc, g3, g, g2, scratch);
test_ecc_mul_h (i, 3, g3);
- ecc_add_eh (ecc, g3, g2, g, scratch);
+ ecc->add_hh (ecc, g3, g2, g, scratch);
test_ecc_mul_h (i, 3, g3);
- ecc_add_ehh (ecc, p, g, g3, scratch);
+ ecc->add_hhh (ecc, p, g, g3, scratch);
test_ecc_mul_h (i, 4, p);
- ecc_add_eh (ecc, p, g3, g, scratch);
+ ecc->add_hh (ecc, p, g3, g, scratch);
test_ecc_mul_h (i, 4, p);
- ecc_add_ehh (ecc, p, g2, g2, scratch);
+ ecc->add_hhh (ecc, p, g2, g2, scratch);
test_ecc_mul_h (i, 4, p);
free (z);
}
else
{
+ assert (ecc->add_hhh == ecc_add_jjj);
+ assert (ecc->dup == ecc_dup_jj);
+
ecc_a_to_j (ecc, g, ecc->g);
- ecc_dup_jj (ecc, g2, g, scratch);
+ ecc->dup (ecc, g2, g, scratch);
test_ecc_mul_h (i, 2, g2);
- ecc_add_jjj (ecc, g3, g, g2, scratch);
+ ecc->add_hhh (ecc, g3, g, g2, scratch);
test_ecc_mul_h (i, 3, g3);
- ecc_add_jjj (ecc, g3, g2, g, scratch);
+ ecc->add_hhh (ecc, g3, g2, g, scratch);
test_ecc_mul_h (i, 3, g3);
- ecc_add_jjj (ecc, p, g, g3, scratch);
+ ecc->add_hhh (ecc, p, g, g3, scratch);
test_ecc_mul_h (i, 4, p);
- ecc_add_jjj (ecc, p, g3, g, scratch);
+ ecc->add_hhh (ecc, p, g3, g, scratch);
test_ecc_mul_h (i, 4, p);
- ecc_dup_jj (ecc, p, g2, scratch);
+ ecc->dup (ecc, p, g2, scratch);
test_ecc_mul_h (i, 4, p);
}
free (g);
diff --git a/testsuite/ecc-dup-test.c b/testsuite/ecc-dup-test.c
index b92352c1..f987b165 100644
--- a/testsuite/ecc-dup-test.c
+++ b/testsuite/ecc-dup-test.c
@@ -21,13 +21,13 @@ test_main (void)
ecc_a_to_j (ecc, g, ecc->g);
- ecc_dup_eh (ecc, p, z, scratch);
+ ecc->dup (ecc, p, z, scratch);
test_ecc_mul_h (i, 0, p);
- ecc_dup_eh (ecc, p, g, scratch);
+ ecc->dup (ecc, p, g, scratch);
test_ecc_mul_h (i, 2, p);
- ecc_dup_eh (ecc, p, p, scratch);
+ ecc->dup (ecc, p, p, scratch);
test_ecc_mul_h (i, 4, p);
free (z);
}
@@ -35,10 +35,10 @@ test_main (void)
{
ecc_a_to_j (ecc, g, ecc->g);
- ecc_dup_jj (ecc, p, g, scratch);
+ ecc->dup (ecc, p, g, scratch);
test_ecc_mul_h (i, 2, p);
- ecc_dup_jj (ecc, p, p, scratch);
+ ecc->dup (ecc, p, p, scratch);
test_ecc_mul_h (i, 4, p);
}
free (p);
--
2.13.3
_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
