Changed ecc_hash argument type from struct ecc_curve to struct ecc_modulo.

diff --git a/ChangeLog b/ChangeLog
index c50ee4b05c96366fb91dc72f32d72643b937ee66..e64889eff83668ca2d29c69b3d25ba81dc79dbfa 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2014-09-23  Niels Möller  <nisse@lysator.liu.se>
 
+       * ecc-hash.c (ecc_hash): Changed argument type from struct
+       ecc_curve to struct ecc_modulo. Updated callers.
+       * testsuite/ecdsa-sign-test.c (test_main): Updated curve25519
+       signature s. Changed since the hash value is truncated a few bits
+       more, to match the size of q.
+       * testsuite/ecdsa-verify-test.c (test_main): Likewise.
+
        * testsuite/ecc-modinv-test.c (zero_p): New function, checking for
        zero modulo p.
        (test_modulo): Use zero_p. Switch to dynamic allocation. Updated

diff --git a/ecc-ecdsa-sign.c b/ecc-ecdsa-sign.c
index 57e05a41aaafaf95df59079186274a65033357b6..3b9e9cc1a35d024a3fc75cfa393a69e56f39d51b 100644 (file)
--- a/ecc-ecdsa-sign.c
+++ b/ecc-ecdsa-sign.c
@@ -86,7 +86,7 @@ ecc_ecdsa_sign (const struct ecc_curve *ecc,
   ecc->q.invert (&ecc->q, kinv, kp, tp); /* NOTE: Also clobbers hp */
   
   /* Process hash digest */
-  ecc_hash (ecc, hp, length, digest);
+  ecc_hash (&ecc->q, hp, length, digest);
 
   ecc_modq_mul (ecc, tp, zp, rp);
   ecc_modq_add (ecc, hp, hp, tp);

diff --git a/ecc-ecdsa-verify.c b/ecc-ecdsa-verify.c
index a60c89d6eed869208a739a5f92433e3b67dd471d..d7f5b684841ad47bbd89f5110d08c2732b75bf12 100644 (file)
--- a/ecc-ecdsa-verify.c
+++ b/ecc-ecdsa-verify.c
@@ -111,7 +111,7 @@ ecc_ecdsa_verify (const struct ecc_curve *ecc,
   ecc->q.invert (&ecc->q, sinv, sp, sinv + 2*ecc->p.size);
 
   /* u1 = h / s, P1 = u1 * G */
-  ecc_hash (ecc, hp, length, digest);
+  ecc_hash (&ecc->q, hp, length, digest);
   ecc_modq_mul (ecc, u1, hp, sinv);
 
   /* u2 = r / s, P2 = u2 * Y */

diff --git a/ecc-hash.c b/ecc-hash.c
index 780d0a666f0ee62c113108535ba241c196f9b10e..4e830a514ac4381ff1368d7e2829eebf09e6bd5e 100644 (file)
--- a/ecc-hash.c
+++ b/ecc-hash.c
@@ -44,23 +44,21 @@
 /* NOTE: We don't considered the hash value to be secret, so it's ok
    if the running time of this conversion depends on h.
 
-   Requires ecc->size + 1 limbs, the extra limb may be needed for
+   Requires m->size + 1 limbs, the extra limb may be needed for
    unusual limb sizes.
 */
 
-/* FIXME: Take a struct ecc_modulo * as argument, and it would make
-   more sense to pass q than p. */
 void
-ecc_hash (const struct ecc_curve *ecc,
+ecc_hash (const struct ecc_modulo *m,
          mp_limb_t *hp,
          size_t length, const uint8_t *digest)
 {
-  if (length > ((size_t) ecc->p.bit_size + 7) / 8)
-    length = (ecc->p.bit_size + 7) / 8;
+  if (length > ((size_t) m->bit_size + 7) / 8)
+    length = (m->bit_size + 7) / 8;
 
-  mpn_set_base256 (hp, ecc->p.size + 1, digest, length);
+  mpn_set_base256 (hp, m->size + 1, digest, length);
 
-  if (8 * length > ecc->p.bit_size)
+  if (8 * length > m->bit_size)
     /* We got a few extra bits, at the low end. Discard them. */
-    mpn_rshift (hp, hp, ecc->p.size + 1, 8*length - ecc->p.bit_size);
+    mpn_rshift (hp, hp, m->size + 1, 8*length - m->bit_size);
 }

diff --git a/ecc-internal.h b/ecc-internal.h
index c07fdcfcd86adb6385a55454f19151ff5541079d..04ca9668b627103981b38545c3013397d8df32dd 100644 (file)
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -237,7 +237,7 @@ ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp,
                void *ctx, nettle_random_func *random, mp_limb_t *scratch);
 
 void
-ecc_hash (const struct ecc_curve *ecc,
+ecc_hash (const struct ecc_modulo *m,
          mp_limb_t *hp,
          size_t length, const uint8_t *digest);
 

diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c
index f111b38c922ca660dc4bf5bdc3bfe0f9726d3a2d..ac08b52c257c6ea0a9b33043cae4ccadc335090e 100644 (file)
--- a/testsuite/ecdsa-sign-test.c
+++ b/testsuite/ecdsa-sign-test.c
@@ -168,6 +168,6 @@ test_main (void)
                   "ae760d5331496119 5d967fd881e3b0f5"), /* h */
              " 515c3a485f57432 0daf3353a0d08110"
              "64157c556296de09 4132f74865961b37", /* r */
-             " 9ddd3e2fa87328c 372e28ac7a1c0c65"
-             "697196d643238fd0 c4caa4d1d88a62fe"); /* s */
+             "  78f23367291b01 3fc430fb09322d95"
+             "4384723649868d8e 88effc7ac8b141d7"); /* s */
 }

diff --git a/testsuite/ecdsa-verify-test.c b/testsuite/ecdsa-verify-test.c
index 4e0fd80f7ab86d631db614432336be083f1d8ada..54e489f22ec7c25fdb986577f5c78178dbb28ce2 100644 (file)
--- a/testsuite/ecdsa-verify-test.c
+++ b/testsuite/ecdsa-verify-test.c
@@ -156,6 +156,6 @@ test_main (void)
                   "ae760d5331496119 5d967fd881e3b0f5"), /* h */
              " 515c3a485f57432 0daf3353a0d08110"
              "64157c556296de09 4132f74865961b37", /* r */
-             " 9ddd3e2fa87328c 372e28ac7a1c0c65"
-             "697196d643238fd0 c4caa4d1d88a62fe"); /* s */
+             "  78f23367291b01 3fc430fb09322d95"
+             "4384723649868d8e 88effc7ac8b141d7"); /* s */
 }