Renamed and generalized ecc_modq_random -> ecc_mod_random.

diff --git a/ChangeLog b/ChangeLog
index d3b66d1ad88eb4d092cc8338a6d29aaae672cc0b..2d084646f5ac4aa97e45fc98afc5ee8831196098 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2014-09-22  Niels Möller  <nisse@lysator.liu.se>
 
+       * ecc-random.c (ecc_mod_random): Renamed, and take a const struct
+       ecc_modulo * as argument. Updated callers.
+       (ecc_modq_random): ... old name.
+
        * ecc-mod-arith.c: New file, replacing ecc-modp.c and ecc-modq.c.
        All functions take a struct ecc_modulo as argument.
        (ecc_mod_add, ecc_mod_sub, ecc_mod_mul_1, ecc_mod_addmul_1)

diff --git a/ecc-internal.h b/ecc-internal.h
index 852662ac7638013939e1f5312b36eb2c67a909c5..b96751f8a2f91ceaf9e4b377e0aea6666c0638b4 100644 (file)
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -49,7 +49,7 @@
 #define ecc_mod_submul_1 _nettle_ecc_mod_submul_1
 #define ecc_mod_mul _nettle_ecc_mod_mul
 #define ecc_mod_sqr _nettle_ecc_mod_sqr
-#define ecc_modq_random _nettle_ecc_modq_random
+#define ecc_mod_random _nettle_ecc_mod_random
 #define ecc_mod _nettle_ecc_mod
 #define ecc_mod_inv _nettle_ecc_mod_inv
 #define ecc_hash _nettle_ecc_hash
@@ -232,8 +232,8 @@ ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp,
 
 /* mod q operations. */
 void
-ecc_modq_random (const struct ecc_curve *ecc, mp_limb_t *xp,
-                void *ctx, nettle_random_func *random, mp_limb_t *scratch);
+ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp,
+               void *ctx, nettle_random_func *random, mp_limb_t *scratch);
 
 void
 ecc_hash (const struct ecc_curve *ecc,
@@ -287,7 +287,7 @@ curve25519_eh_to_x (mp_limb_t *xp, const mp_limb_t *p,
   (((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
 #endif
 #define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
-#define ECC_MODQ_RANDOM_ITCH(size) (size)
+#define ECC_MOD_RANDOM_ITCH(size) (size)
 #define ECC_HASH_ITCH(size) (1+(size))
 
 #endif /* NETTLE_ECC_INTERNAL_H_INCLUDED */

diff --git a/ecc-random.c b/ecc-random.c
index f3c83f5323e939beeb8f3f73df861d46fe35caa5..79df511cb6b6668c97f16b944c2e9776e7ad5e85 100644 (file)
--- a/ecc-random.c
+++ b/ecc-random.c
@@ -42,56 +42,54 @@
 #include "nettle-internal.h"
 
 static int
-zero_p (const struct ecc_curve *ecc,
+zero_p (const struct ecc_modulo *m,
        const mp_limb_t *xp)
 {
   mp_limb_t t;
   mp_size_t i;
 
-  for (i = t = 0; i < ecc->p.size; i++)
+  for (i = t = 0; i < m->size; i++)
     t |= xp[i];
 
   return t == 0;
 }
 
 static int
-ecdsa_in_range (const struct ecc_curve *ecc,
+ecdsa_in_range (const struct ecc_modulo *m,
                const mp_limb_t *xp, mp_limb_t *scratch)
 {
   /* Check if 0 < x < q, with data independent timing. */
-  return !zero_p (ecc, xp)
-    & (mpn_sub_n (scratch, xp, ecc->q.m, ecc->p.size) != 0);
+  return !zero_p (m, xp)
+    & (mpn_sub_n (scratch, xp, m->m, m->size) != 0);
 }
 
 void
-ecc_modq_random (const struct ecc_curve *ecc, mp_limb_t *xp,
-                void *ctx, nettle_random_func *random, mp_limb_t *scratch)
+ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp,
+               void *ctx, nettle_random_func *random, mp_limb_t *scratch)
 {
   uint8_t *buf = (uint8_t *) scratch;
-  unsigned nbytes = (ecc->q.bit_size + 7)/8;
+  unsigned nbytes = (m->bit_size + 7)/8;
 
   /* The bytes ought to fit in the scratch area, unless we have very
      unusual limb and byte sizes. */
-  assert (nbytes <= ecc->p.size * sizeof (mp_limb_t));
+  assert (nbytes <= m->size * sizeof (mp_limb_t));
 
   do
     {
       random (ctx, nbytes, buf);
-      buf[0] &= 0xff >> (nbytes * 8 - ecc->q.bit_size);
+      buf[0] &= 0xff >> (nbytes * 8 - m->bit_size);
 
-      mpn_set_base256 (xp, ecc->p.size, buf, nbytes);
+      mpn_set_base256 (xp, m->size, buf, nbytes);
     }
-  while (!ecdsa_in_range (ecc, xp, scratch));
+  while (!ecdsa_in_range (m, xp, scratch));
 }
 
 void
 ecc_scalar_random (struct ecc_scalar *x,
                   void *random_ctx, nettle_random_func *random)
 {
-  TMP_DECL (scratch, mp_limb_t, ECC_MODQ_RANDOM_ITCH (ECC_MAX_SIZE));
-  TMP_ALLOC (scratch, ECC_MODQ_RANDOM_ITCH (x->ecc->p.size));
+  TMP_DECL (scratch, mp_limb_t, ECC_MOD_RANDOM_ITCH (ECC_MAX_SIZE));
+  TMP_ALLOC (scratch, ECC_MOD_RANDOM_ITCH (x->ecc->q.size));
 
-  ecc_modq_random (x->ecc, x->p, random_ctx, random, scratch);
+  ecc_mod_random (&x->ecc->q, x->p, random_ctx, random, scratch);
 }
-
-

diff --git a/ecdsa-keygen.c b/ecdsa-keygen.c
index ec3ecfdc8022a21ebfdf4484b2f30c2af5829378..fa559a9e3b436d742c96f23eca08a909c7aef2c3 100644 (file)
--- a/ecdsa-keygen.c
+++ b/ecdsa-keygen.c
@@ -55,7 +55,7 @@ ecdsa_generate_keypair (struct ecc_point *pub,
 
   TMP_ALLOC (p, itch);
 
-  ecc_modq_random (ecc, key->p, random_ctx, random, p);
+  ecc_mod_random (&ecc->q, key->p, random_ctx, random, p);
   ecc->mul_g (ecc, p, key->p, p + 3*ecc->p.size);
   ecc->h_to_a (ecc, 0, pub->p, p, p + 3*ecc->p.size);
 }

diff --git a/ecdsa-sign.c b/ecdsa-sign.c
index 11987eea35e51d51ee533cf5d3e90750d377cb19..e6fb32874f91b18845603696cc827d9c5b1995ae 100644 (file)
--- a/ecdsa-sign.c
+++ b/ecdsa-sign.c
@@ -61,7 +61,7 @@ ecdsa_sign (const struct ecc_scalar *key,
      timing is still independent of the secret k finally used. */
   do
     {
-      ecc_modq_random (key->ecc, k, random_ctx, random, k + size);
+      ecc_mod_random (&key->ecc->q, k, random_ctx, random, k + size);
       ecc_ecdsa_sign (key->ecc, key->p, k, digest_length, digest,
                   rp, sp, k + size);
       mpz_limbs_finish (signature->r, size);