mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-21 15:41:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ecp_curves: Minor rework for p384

Browse Source 
This patch adjusts formatting, documentation and testing.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit is contained in:
Minos Galanakis 2023-03-09 11:15:15 +00:00
parent f359c91f9b
commit 37f4cb6d0e
4 changed files with 45 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
library/ecp_curves.c
View File

@ -4586,7 +4586,7 @@ int mbedtls_ecp_mod_p256_raw(mbedtls_mpi_uint *X, size_t X_limbs);
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
static int ecp_mod_p384(mbedtls_mpi *); static int ecp_mod_p384(mbedtls_mpi *);
MBEDTLS_STATIC_TESTABLE MBEDTLS_STATIC_TESTABLE
int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *N_p, size_t N_n); int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs);
#endif #endif
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
static int ecp_mod_p521(mbedtls_mpi *); static int ecp_mod_p521(mbedtls_mpi *);
@ -5207,69 +5207,70 @@ int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs)
INIT(384); INIT(384);
ADD(12); ADD(21); ADD(20); ADD(12); ADD(21); ADD(20);
SUB(23); NEXT; // A0 SUB(23); NEXT; // A0
ADD(13); ADD(22); ADD(23); ADD(13); ADD(22); ADD(23);
SUB(12); SUB(20); NEXT; // A1 SUB(12); SUB(20); NEXT; // A1
ADD(14); ADD(23); ADD(14); ADD(23);
SUB(13); SUB(21); NEXT; // A2 SUB(13); SUB(21); NEXT; // A2
ADD(15); ADD(12); ADD(20); ADD(21); ADD(15); ADD(12); ADD(20); ADD(21);
SUB(14); SUB(22); SUB(23); NEXT; // A3 SUB(14); SUB(22); SUB(23); NEXT; // A3
ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22); ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22);
SUB(15); SUB(23); SUB(23); NEXT; // A4 SUB(15); SUB(23); SUB(23); NEXT; // A4
ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23); ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23);
SUB(16); NEXT; // A5 SUB(16); NEXT; // A5
ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22); ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22);
SUB(17); NEXT; // A6 SUB(17); NEXT; // A6
ADD(19); ADD(16); ADD(15); ADD(23); ADD(19); ADD(16); ADD(15); ADD(23);
SUB(18); NEXT; // A7 SUB(18); NEXT; // A7
ADD(20); ADD(17); ADD(16); ADD(20); ADD(17); ADD(16);
SUB(19); NEXT; // A8 SUB(19); NEXT; // A8
ADD(21); ADD(18); ADD(17); ADD(21); ADD(18); ADD(17);
SUB(20); NEXT; // A9 SUB(20); NEXT; // A9
ADD(22); ADD(19); ADD(18); ADD(22); ADD(19); ADD(18);
SUB(21); NEXT; // A10 SUB(21); NEXT; // A10
ADD(23); ADD(20); ADD(19); ADD(23); ADD(20); ADD(19);
SUB(22); // A11 SUB(22); // A11
RESET; RESET;
/* Use 2^384 = P + 2^128 + 2^96 - 2^32 + 1 to modulo reduce the final carry */
ADD_LAST; NEXT; // A0 ADD_LAST; NEXT; // A0
SUB_LAST; NEXT; // A1 SUB_LAST; NEXT; // A1
NEXT; // A2 ; NEXT; // A2
ADD_LAST; NEXT; // A3 ADD_LAST; NEXT; // A3
ADD_LAST; NEXT; // A4 ADD_LAST; NEXT; // A4
NEXT; // A5 ; NEXT; // A5
NEXT; // A6 ; NEXT; // A6
NEXT; // A7 ; NEXT; // A7
NEXT; // A8 ; NEXT; // A8
NEXT; // A9 ; NEXT; // A9
NEXT; // A10 ; NEXT; // A10
// A11 // A11
RESET; RESET;
ADD_LAST; NEXT; // A0 ADD_LAST; NEXT; // A0
SUB_LAST; NEXT; // A1 SUB_LAST; NEXT; // A1
NEXT; // A2 ; NEXT; // A2
ADD_LAST; NEXT; // A3 ADD_LAST; NEXT; // A3
ADD_LAST; NEXT; // A4 ADD_LAST; NEXT; // A4
NEXT; // A5 ; NEXT; // A5
NEXT; // A6 ; NEXT; // A6
NEXT; // A7 ; NEXT; // A7
NEXT; // A8 ; NEXT; // A8
NEXT; // A9 ; NEXT; // A9
NEXT; // A10 ; NEXT; // A10
// A11 // A11
LAST; LAST;

2
library/ecp_invasive.h
View File

@ -165,7 +165,7 @@ int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *X, size_t X_limbs);
/** Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) /** Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4)
* *
* \param[in,out] X The address of the MPI to be converted. * \param[in,out] X The address of the MPI to be converted.
* Must have exact limb size of `(766 / biL) + 1`. * Must have exact limb size of `768 / biL`.
* Upon return holds the reduced value which is * Upon return holds the reduced value which is
* in range `0 <= X < 2 * N` (where N is the modulus). * in range `0 <= X < 2 * N` (where N is the modulus).
* The bitlength of the reduced value is the same as * The bitlength of the reduced value is the same as

23
scripts/mbedtls_dev/ecp.py
View File

@ -144,12 +144,13 @@ class EcpP224R1Raw(bignum_common.ModOperationCommon,
def is_valid(self) -> bool: def is_valid(self) -> bool:
return True return True
class EcpPp384R1Raw(bignum_common.ModOperationCommon,
EcpTarget): class EcpP384R1Raw(bignum_common.ModOperationCommon,
EcpTarget):
"""Test cases for ecp quasi_reduction modulo p384.""" """Test cases for ecp quasi_reduction modulo p384."""
test_function = "ecp_mod_p384_raw" test_function = "ecp_mod_p384_raw"
test_name = "ecp_mod_p384_raw" test_name = "ecp_mod_p384_raw"
input_style = "arch_split" input_style = "fixed"
arity = 1 arity = 1
moduli = [("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" moduli = [("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
@ -164,7 +165,7 @@ class EcpPp384R1Raw(bignum_common.ModOperationCommon,
"fffffff0000000000000000fffffffe"), "fffffff0000000000000000fffffffe"),
# Maximum canonical P384 multiplication result # Maximum canonical P384 multiplication result
("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" ("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
"fdfffffffe0000000000000001fffffffc0000000000000000000000000000000" "fdfffffffe0000000000000001fffffffc0000000000000000000000000000000"
"10000000200000000fffffffe000000020000000400000000fffffffc00000004"), "10000000200000000fffffffe000000020000000400000000fffffffc00000004"),
@ -178,6 +179,16 @@ class EcpPp384R1Raw(bignum_common.ModOperationCommon,
"b68abef41dbd35183a0614fb7222606ffffffff84396eee542f18a9189d94396c" "b68abef41dbd35183a0614fb7222606ffffffff84396eee542f18a9189d94396c"
"784059c17a9f18f807214ef32f2f10ffffffff8a77fac20000000000000000"), "784059c17a9f18f807214ef32f2f10ffffffff8a77fac20000000000000000"),
# Testing with overflow in A(23) + A(20) + A(19) - A(22);
("783753f8a5afba6c1862eead1deb2fcdd907272be3ffd18542b24a71ee8b26ca"
"b0aa33513610ff973042bbe1637cc9fc99ad36c7f703514572cf4f5c3044469a"
"8f5be6312c19e5d3f8fc1ac6ffffffffffffffff8c86252400000000ffffffff"),
# Testing with underflow in A(23) + A(20) + A(19) - A(22);
("65e1d2362fce922663b7fd517586e88842a9b4bd092e93e6251c9c69f278cbf8"
"285d99ae3b53da5ba36e56701e2b17c225f1239556c5f00117fa140218b46ebd8"
"e34f50d0018701fa8a0a5cc00000000000000004410bcb4ffffffff00000000"),
# First 8 number generated by random.getrandbits(768) - seed(2,2) # First 8 number generated by random.getrandbits(768) - seed(2,2)
("ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd9b1f282e" ("ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd9b1f282e"
"4067c3584ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124" "4067c3584ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124"
@ -213,9 +224,7 @@ class EcpPp384R1Raw(bignum_common.ModOperationCommon,
@property @property
def arg_a(self) -> str: def arg_a(self) -> str:
hex_digits = bignum_common.hex_digits_for_limb((766 // self.bits_in_limb) + 1, return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits)
self.bits_in_limb)
return super().format_arg('{:x}'.format(self.int_a)).zfill(hex_digits)
def result(self) -> List[str]: def result(self) -> List[str]:
result = self.int_a % self.int_n result = self.int_a % self.int_n

2
tests/suites/test_suite_ecp.function
View File

@ -1452,7 +1452,7 @@ void ecp_mod_p384_raw(char *input_N,
size_t limbs = limbs_N; size_t limbs = limbs_N;
size_t bytes = limbs * sizeof(mbedtls_mpi_uint); size_t bytes = limbs * sizeof(mbedtls_mpi_uint);
TEST_EQUAL(limbs_X, (766 / biL) + 1); TEST_EQUAL(limbs_X, 2 * limbs);
TEST_EQUAL(limbs_res, limbs); TEST_EQUAL(limbs_res, limbs);
TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(