X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fec%2Fec_prime_i15.c;h=f86dbe6ff0dbc036af470e369048c4ae02d33337;hp=04bdd5da977d31935384817d3ae420d48d3d76d7;hb=dda1f8a0c46e15b4a235163470ff700b2f13dcc5;hpb=28e4e120b84dacdf53963639f1a8a6fec2793662 diff --git a/src/ec/ec_prime_i15.c b/src/ec/ec_prime_i15.c index 04bdd5d..f86dbe6 100644 --- a/src/ec/ec_prime_i15.c +++ b/src/ec/ec_prime_i15.c @@ -716,6 +716,14 @@ api_order(int curve, size_t *len) return cd->order; } +static size_t +api_xoff(int curve, size_t *len) +{ + api_generator(curve, len); + *len >>= 1; + return 1; +} + static uint32_t api_mul(unsigned char *G, size_t Glen, const unsigned char *x, size_t xlen, int curve) @@ -725,14 +733,28 @@ api_mul(unsigned char *G, size_t Glen, jacobian P; cc = id_to_curve(curve); + if (Glen != cc->point_len) { + return 0; + } r = point_decode(&P, G, Glen, cc); point_mul(&P, x, xlen, cc); - if (Glen == cc->point_len) { - point_encode(G, &P, cc); - } + point_encode(G, &P, cc); return r; } +static size_t +api_mulgen(unsigned char *R, + const unsigned char *x, size_t xlen, int curve) +{ + const unsigned char *G; + size_t Glen; + + G = api_generator(curve, &Glen); + memcpy(R, G, Glen); + api_mul(R, Glen, x, xlen, curve); + return Glen; +} + static uint32_t api_muladd(unsigned char *A, const unsigned char *B, size_t len, const unsigned char *x, size_t xlen, @@ -744,12 +766,20 @@ api_muladd(unsigned char *A, const unsigned char *B, size_t len, /* * TODO: see about merging the two ladders. Right now, we do - * two independant point multiplications, which is a bit + * two independent point multiplications, which is a bit * wasteful of CPU resources (but yields short code). */ cc = id_to_curve(curve); + if (len != cc->point_len) { + return 0; + } r = point_decode(&P, A, len, cc); + if (B == NULL) { + size_t Glen; + + B = api_generator(curve, &Glen); + } r &= point_decode(&Q, B, len, cc); point_mul(&P, x, xlen, cc); point_mul(&Q, y, ylen, cc); @@ -787,6 +817,8 @@ const br_ec_impl br_ec_prime_i15 = { (uint32_t)0x03800000, &api_generator, &api_order, + &api_xoff, &api_mul, + &api_mulgen, &api_muladd };