yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 16:35:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Extract code to separate function

Browse Source 
ecp_mul_comb() is already 110 lines long and we're going to add complexity
with the early-return+restart code, so let's try to make it simpler first.
This commit is contained in:
Manuel Pégourié-Gonnard 2017-03-09 12:46:45 +01:00
parent 7306dff01f
commit ec5606ad0c
1 changed files with 35 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
library/ecp.c
View File

@ -1376,6 +1376,37 @@ cleanup:
return( ret ); return( ret );
} }
/*
* Set M to either m or -m, depending on which one is odd
*/
static int ecp_make_scalar_odd( const mbedtls_ecp_group *grp,
mbedtls_mpi *M,
const mbedtls_mpi *m,
const unsigned char m_is_odd )
{
int ret;
mbedtls_mpi mm;
mbedtls_mpi_init( &mm );
/* we need N to be odd to transform m in an odd number, check now */
if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/*
* Make sure M is odd (M = m or M = N - m, since N is odd)
* using the fact that m * P = - (N - m) * P
*/
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( M, m ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( M, &mm, ! m_is_odd ) );
cleanup:
mbedtls_mpi_free( &mm );
return( ret );
}
/* /*
* Multiplication using the comb method, * Multiplication using the comb method,
* for curves in short Weierstrass form * for curves in short Weierstrass form
@ -1390,7 +1421,7 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
size_t d; size_t d;
unsigned char k[COMB_MAX_D + 1]; unsigned char k[COMB_MAX_D + 1];
mbedtls_ecp_point *T = NULL; mbedtls_ecp_point *T = NULL;
mbedtls_mpi M, mm; mbedtls_mpi M;
#if defined(MBEDTLS_ECP_EARLY_RETURN) #if defined(MBEDTLS_ECP_EARLY_RETURN)
if( ecp_restart.fake_it++ != 0 && ecp_max_ops != 0 ) if( ecp_restart.fake_it++ != 0 && ecp_max_ops != 0 )
@ -1398,20 +1429,13 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
#endif #endif
mbedtls_mpi_init( &M ); mbedtls_mpi_init( &M );
mbedtls_mpi_init( &mm );
/* we need N to be odd to transform m in an odd number, check now */
if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* /*
* Make sure M is odd (M = m or M = N - m, since N is odd) * We need an odd scalar for recoding. Ensure that by replacing it with
* using the fact that m * P = - (N - m) * P * its opposite, then negating the result to compensate if needed.
*/ */
m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 ); m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); MBEDTLS_MPI_CHK( ecp_make_scalar_odd( grp, &M, m, m_is_odd ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) );
/* /*
* Minimize the number of multiplications, that is minimize * Minimize the number of multiplications, that is minimize
@ -1493,7 +1517,6 @@ cleanup:
} }
mbedtls_mpi_free( &M ); mbedtls_mpi_free( &M );
mbedtls_mpi_free( &mm );
if( ret != 0 ) if( ret != 0 )
mbedtls_ecp_point_free( R ); mbedtls_ecp_point_free( R );