X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fec%2Fec_prime_i31.c;h=b205f367aebaec00048bec5a68fdc09999a58914;hp=0f2baa0f2e0d183eac34e6eabdc103079d0761d9;hb=b2ec2030e40acf5e9e4cd0f2669aacb27eadb540;hpb=44c79c1add4cd4a217b1dd77c8421c1d3a08dcef diff --git a/src/ec/ec_prime_i31.c b/src/ec/ec_prime_i31.c index 0f2baa0..b205f36 100644 --- a/src/ec/ec_prime_i31.c +++ b/src/ec/ec_prime_i31.c @@ -107,15 +107,16 @@ typedef struct { const uint32_t *b; const uint32_t *R2; uint32_t p0i; + size_t point_len; } curve_params; static inline const curve_params * id_to_curve(int curve) { static const curve_params pp[] = { - { P256_P, P256_B, P256_R2, 0x00000001 }, - { P384_P, P384_B, P384_R2, 0x00000001 }, - { P521_P, P521_B, P521_R2, 0x00000001 } + { P256_P, P256_B, P256_R2, 0x00000001, 65 }, + { P384_P, P384_B, P384_R2, 0x00000001, 97 }, + { P521_P, P521_B, P521_R2, 0x00000001, 133 } }; return &pp[curve - BR_EC_secp256r1]; @@ -717,6 +718,14 @@ api_order(int curve, size_t *len) return cd->order; } +static size_t +api_xoff(int curve, size_t *len) +{ + api_generator(curve, len); + *len >>= 1; + return 1; +} + static uint32_t api_mul(unsigned char *G, size_t Glen, const unsigned char *x, size_t xlen, int curve) @@ -726,6 +735,9 @@ api_mul(unsigned char *G, size_t Glen, jacobian P; cc = id_to_curve(curve); + if (Glen != cc->point_len) { + return 0; + } r = point_decode(&P, G, Glen, cc); point_mul(&P, x, xlen, cc); point_encode(G, &P, cc); @@ -756,11 +768,14 @@ api_muladd(unsigned char *A, const unsigned char *B, size_t len, /* * TODO: see about merging the two ladders. Right now, we do - * two independant point multiplications, which is a bit + * two independent point multiplications, which is a bit * wasteful of CPU resources (but yields short code). */ cc = id_to_curve(curve); + if (len != cc->point_len) { + return 0; + } r = point_decode(&P, A, len, cc); if (B == NULL) { size_t Glen; @@ -804,6 +819,7 @@ const br_ec_impl br_ec_prime_i31 = { (uint32_t)0x03800000, &api_generator, &api_order, + &api_xoff, &api_mul, &api_mulgen, &api_muladd