From: Niels Möller Date: Tue, 28 Jan 2020 15:51:29 +0000 (+0100) Subject: Merge branch 'delete-ecc-g' X-Git-Tag: nettle_3.6rc1~31 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bbed494d439a3f45026c63af57ae969713bd3e0a;p=thirdparty%2Fnettle.git Merge branch 'delete-ecc-g' --- bbed494d439a3f45026c63af57ae969713bd3e0a diff --cc ChangeLog index 38781996,1af94c09..bc70e5f1 --- a/ChangeLog +++ b/ChangeLog @@@ -1,34 -1,25 +1,54 @@@ 2020-01-26 Niels Möller + * ecc-internal.h (struct ecc_curve): Delete g, the curve + generator, since it was used only by tests. Update all curve + instances. + + * eccdata.c (output_curve): Delete output of ecc_g. + (output_point): Delete name argument, and update callers. + + * testsuite/testutils.c (ecc_ref): Table of reference points moved + out of test_ecc_mul_a. Add generator to the list of points. + (test_ecc_mul_a): Use ecc_ref table also for the n == 1 case. + (test_ecc_ga, test_ecc_get_g, test_ecc_get_ga): New functions, + using the tabulated generator. + + * testsuite/ecc-add-test.c: Use test_ecc_get_g, instead of + accessing ecc->g. + * testsuite/ecc-dup-test.c: Likewise. + * testsuite/ecc-mul-a-test.c: Use test_ecc_get_ga and test_ecc_ga. + Delete special case for n == 1. + * testsuite/ecc-mul-g-test.c: Use test_ecc_ga. + + Support for GOST DSA, contributed by Dmitry Baryshkov. + * gostdsa-verify.c (gostdsa_verify): New file and function. + * gostdsa-sign.c (gostdsa_sign): New file and function. + * ecc-gostdsa-verify.c (ecdsa_in_range, ecc_gostdsa_verify_itch) + (ecc_gostdsa_verify): New file and functions. + * ecc-gostdsa-sign.c (ecc_gostdsa_sign_itch, ecc_gostdsa_sign): + New file and functions. + * ecc-internal.h (ECC_GOSTDSA_SIGN_ITCH): New macro. + * ecc-hash.c (gost_hash): New function. + * testsuite/gostdsa-verify-test.c: New test. + * testsuite/gostdsa-sign-test.c: New test. + * testsuite/gostdsa-keygen-test.c: New test. + * testsuite/Makefile.in (TS_HOGWEED_SOURCES): Add new tests. + + Support for GOST gc256b and gc512a curves, contributed by Dmitry + Baryshkov. + * eccdata.c (ecc_curve_init): Add parameters for gost_gc256b and + gost_gc512a. + * ecc-gost-gc256b.c: New file, define _nettle_gost_gc256b. + * ecc-gost-gc512a.c: New file, define _nettle_gost_gc512a. + * Makefile.in: Add rules to generate ecc-gost-gc256b.h and + ecc-gost-gc512a.h. + (hogweed_SOURCES): Add ecc-gost-gc256b.c ecc-gost-gc512a.c. + * examples/ecc-benchmark.c (curves): Add to list. + * testsuite/testutils.c (ecc_curves): Add to list. + (test_ecc_mul_a): Reference points for new curves. + + * NEWS: Started on entries for Nettle-3.6. + 2020-01-25 Niels Möller * examples/hogweed-benchmark.c (bench_curve_init): Pass correct diff --cc ecc-gost-gc256b.c index 8adc8e17,00000000..a23d46fc mode 100644,000000..100644 --- a/ecc-gost-gc256b.c +++ b/ecc-gost-gc256b.c @@@ -1,128 -1,0 +1,127 @@@ +/* ecc-gost-gc256b.c + + Copyright (C) 2016-2020 Dmitry Eremin-Solenikov + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "ecc.h" +#include "ecc-internal.h" + +#define USE_REDC 0 + +#include "ecc-gost-gc256b.h" + +static void +ecc_gost_gc256b_modp (const struct ecc_modulo *m, mp_limb_t *rp) +{ + mp_size_t mn = m->size; + mp_limb_t hi; + + hi = mpn_addmul_1(rp, rp + mn, mn, 0x269); + hi = sec_add_1 (rp, rp, mn, hi * 0x269); + hi = sec_add_1 (rp, rp, mn, hi * 0x269); + assert(hi == 0); +} + +#define ecc_gost_gc256b_modp ecc_gost_gc256b_modp +#define ecc_gost_gc256b_modq ecc_mod + +const struct ecc_curve _nettle_gost_gc256b = +{ + { + 256, + ECC_LIMB_SIZE, + ECC_BMODP_SIZE, + ECC_REDC_SIZE, + ECC_MOD_INV_ITCH (ECC_LIMB_SIZE), + 0, + + ecc_p, + ecc_Bmodp, + ecc_Bmodp_shifted, + ecc_redc_ppm1, + + ecc_pp1h, + ecc_gost_gc256b_modp, + ecc_gost_gc256b_modp, + ecc_mod_inv, + NULL, + }, + { + 256, + ECC_LIMB_SIZE, + ECC_BMODQ_SIZE, + 0, + ECC_MOD_INV_ITCH (ECC_LIMB_SIZE), + 0, + + ecc_q, + ecc_Bmodq, + ecc_Bmodq_shifted, + NULL, + ecc_qp1h, + + ecc_gost_gc256b_modq, + ecc_gost_gc256b_modq, + ecc_mod_inv, + NULL, + }, + + USE_REDC, + ECC_PIPPENGER_K, + ECC_PIPPENGER_C, + + ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE), + ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE), + ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE), + ECC_MUL_A_ITCH (ECC_LIMB_SIZE), + ECC_MUL_G_ITCH (ECC_LIMB_SIZE), + ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), + + ecc_add_jja, + ecc_add_jjj, + ecc_dup_jj, + ecc_mul_a, + ecc_mul_g, + ecc_j_to_a, + + ecc_b, - ecc_g, + ecc_unit, + ecc_table +}; + +const struct ecc_curve *nettle_get_gost_gc256b(void) +{ + return &_nettle_gost_gc256b; +} diff --cc ecc-gost-gc512a.c index 6d210925,00000000..398762c3 mode 100644,000000..100644 --- a/ecc-gost-gc512a.c +++ b/ecc-gost-gc512a.c @@@ -1,128 -1,0 +1,127 @@@ +/* ecc-gost-gc512a.c + + Copyright (C) 2016-2020 Dmitry Eremin-Solenikov + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "ecc.h" +#include "ecc-internal.h" + +#define USE_REDC 0 + +#include "ecc-gost-gc512a.h" + +static void +ecc_gost_gc512a_modp (const struct ecc_modulo *m, mp_limb_t *rp) +{ + mp_size_t mn = m->size; + mp_limb_t hi; + + hi = mpn_addmul_1(rp, rp + mn, mn, 0x239); + hi = sec_add_1 (rp, rp, mn, hi * 0x239); + hi = sec_add_1 (rp, rp, mn, hi * 0x239); + assert(hi == 0); +} + +#define ecc_gost_gc512a_modp ecc_gost_gc512a_modp +#define ecc_gost_gc512a_modq ecc_mod + +const struct ecc_curve _nettle_gost_gc512a = +{ + { + 512, + ECC_LIMB_SIZE, + ECC_BMODP_SIZE, + ECC_REDC_SIZE, + ECC_MOD_INV_ITCH (ECC_LIMB_SIZE), + 0, + + ecc_p, + ecc_Bmodp, + ecc_Bmodp_shifted, + ecc_redc_ppm1, + + ecc_pp1h, + ecc_gost_gc512a_modp, + ecc_gost_gc512a_modp, + ecc_mod_inv, + NULL, + }, + { + 512, + ECC_LIMB_SIZE, + ECC_BMODQ_SIZE, + 0, + ECC_MOD_INV_ITCH (ECC_LIMB_SIZE), + 0, + + ecc_q, + ecc_Bmodq, + ecc_Bmodq_shifted, + NULL, + ecc_qp1h, + + ecc_gost_gc512a_modq, + ecc_gost_gc512a_modq, + ecc_mod_inv, + NULL, + }, + + USE_REDC, + ECC_PIPPENGER_K, + ECC_PIPPENGER_C, + + ECC_ADD_JJA_ITCH (ECC_LIMB_SIZE), + ECC_ADD_JJJ_ITCH (ECC_LIMB_SIZE), + ECC_DUP_JJ_ITCH (ECC_LIMB_SIZE), + ECC_MUL_A_ITCH (ECC_LIMB_SIZE), + ECC_MUL_G_ITCH (ECC_LIMB_SIZE), + ECC_J_TO_A_ITCH (ECC_LIMB_SIZE), + + ecc_add_jja, + ecc_add_jjj, + ecc_dup_jj, + ecc_mul_a, + ecc_mul_g, + ecc_j_to_a, + + ecc_b, - ecc_g, + ecc_unit, + ecc_table +}; + +const struct ecc_curve *nettle_get_gost_gc512a(void) +{ + return &_nettle_gost_gc512a; +} diff --cc testsuite/testutils.c index 61d52d92,39dd88c0..bb6ad54b --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@@ -1726,33 -1724,40 +1726,40 @@@ test_ecc_point (const struct ecc_curve } } - void - test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) - { - /* For each curve, the points 2 g, 3 g and 4 g */ - static const struct ecc_ref_point ref[9][3] = { - { { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", + /* For each curve, the points g, 2 g, 3 g and 4 g */ -static const struct ecc_ref_point ecc_ref[7][4] = { ++static const struct ecc_ref_point ecc_ref[9][4] = { + { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", + "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" }, + { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" }, - { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", + { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" }, - { "35433907297cc378b0015703374729d7a4fe46647084e4ba", + { "35433907297cc378b0015703374729d7a4fe46647084e4ba", "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } - }, - { { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", + }, + { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", + "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" }, + { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" }, - { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", + { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" }, - { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", + { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, - }, - { { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", + }, + { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", + "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" }, + { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", "7775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1" }, - { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c", + { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c", "8734640c4998ff7e374b06ce1a64a2ecd82ab036384fb83d9a79b127a27d5032" }, - { "e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852", + { "e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852", "e0f1575a4c633cc719dfee5fda862d764efc96c3f30ee0055c42c23f184ed8c6" }, - }, - { { "8d999057ba3d2d969260045c55b97f089025959a6f434d651d207d19fb96e9e" + }, + { { "aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a38" + "5502f25dbf55296c3a545e3872760ab7", + "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0" + "0a60b1ce1d7e819d7a431d7c90ea0e5f" }, + { "8d999057ba3d2d969260045c55b97f089025959a6f434d651d207d19fb96e9e" "4fe0e86ebe0e64f85b96a9c75295df61", "8e80f1fa5b1b3cedb7bfe8dffd6dba74b275d875bc6cc43e904e505f256ab425" "5ffd43e94d39e22d61501e700a940e80" }, @@@ -1784,43 -1795,37 +1797,63 @@@ "82" "096f84261279d2b673e0178eb0b4abb65521aef6e6e32e1b5ae63fe2f19907f2" "79f283e54ba385405224f750a95b85eebb7faef04699d1d9e21f47fc346e4d0d" }, - }, - { { "36ab384c9f5a046c3d043b7d1833e7ac080d8e4515d7a45f83c5a14e2843ce0e", + }, + { { "216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a", + "6666666666666666666666666666666666666666666666666666666666666658" }, + { "36ab384c9f5a046c3d043b7d1833e7ac080d8e4515d7a45f83c5a14e2843ce0e", "2260cdf3092329c21da25ee8c9a21f5697390f51643851560e5f46ae6af8a3c9" }, - { "67ae9c4a22928f491ff4ae743edac83a6343981981624886ac62485fd3f8e25c", + { "67ae9c4a22928f491ff4ae743edac83a6343981981624886ac62485fd3f8e25c", "1267b1d177ee69aba126a18e60269ef79f16ec176724030402c3684878f5b4d4" }, - { "203da8db56cff1468325d4b87a3520f91a739ec193ce1547493aa657c4c9f870", + { "203da8db56cff1468325d4b87a3520f91a739ec193ce1547493aa657c4c9f870", "47d0e827cb1595e1470eb88580d5716c4cf22832ea2f0ff0df38ab61ca32112f" }, - }, - { { "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa955555555555555555555555555555555555555555555555555555555", + }, + { { "4f1970c66bed0ded221d15a622bf36da9e146570470f1767ea6de324a3d3a46412ae1af72ab66511433b80e18b00938e2626a82bc70cc05e", + "693f46716eb6bc248876203756c9c7624bea73736ca3984087789c1e05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14" }, + { "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa955555555555555555555555555555555555555555555555555555555", "ae05e9634ad7048db359d6205086c2b0036ed7a035884dd7b7e36d728ad8c4b80d6565833a2a3098bbbcb2bed1cda06bdaeafbcdea9386ed" }, - { "865886b9108af6455bd64316cb6943332241b8b8cda82c7e2ba077a4a3fcfe8daa9cbf7f6271fd6e862b769465da8575728173286ff2f8f", + { "865886b9108af6455bd64316cb6943332241b8b8cda82c7e2ba077a4a3fcfe8daa9cbf7f6271fd6e862b769465da8575728173286ff2f8f", "e005a8dbd5125cf706cbda7ad43aa6449a4a8d952356c3b9fce43c82ec4e1d58bb3a331bdb6767f0bffa9a68fed02dafb822ac13588ed6fc" }, - { "49dcbc5c6c0cce2c1419a17226f929ea255a09cf4e0891c693fda4be70c74cc301b7bdf1515dd8ba21aee1798949e120e2ce42ac48ba7f30", + { "49dcbc5c6c0cce2c1419a17226f929ea255a09cf4e0891c693fda4be70c74cc301b7bdf1515dd8ba21aee1798949e120e2ce42ac48ba7f30", "d49077e4accde527164b33a5de021b979cb7c02f0457d845c90dc3227b8a5bc1c0d8f97ea1ca9472b5d444285d0d4f5b32e236f86de51839" }, - }, - { { "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd95", - "726e1b8e1f676325d820afa5bac0d489cad6b0d220dc1c4edd5336636160df83" }, - { "8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38d2c", - "76bcd1ca9a23b041d4d9baf507a6cd821267a94c838768e8486117796b788a51" }, - { "f7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e4b7", - "83ccf17ba6706d73625cc3534c7a2b9d6ec1ee6a9a7e07c10d84b388de59f741" }, - }, - { { "3b89dcfc622996ab97a5869dbff15cf51db00954f43a58a5e5f6b0470a132b2f" - "4434bbcd405d2a9516151d2a6a04f2e4375bf48de1fdb21fb982afd9d2ea137c", - "c813c4e2e2e0a8a391774c7903da7a6f14686e98e183e670ee6fb784809a3e92" - "ca209dc631d85b1c7534ed3b37fddf64d854d7e01f91f18bb3fd307591afc051" }, - { "a1ff1ab2712a267eb53935ddb5a567f84db156cc096168a1174291d5f488fba5" - "43d2840b4d2dd35d764b2f57b308907aec55cfba10544e8416e134687ccb87c3", - "3cb5c4417ec4637f30374f189bb5b984c41e3a48d7f84fbfa3819e3f333f7eb3" - "11d3af7e67c4c16eeacfac2fe94c6dd4c6366f711a4fb6c7125cd7ec518d90d6" }, - { "b7bfb80956c8670031ba191929f64e301d681634236d47a60e571a4bedc0ef25" - "7452ef78b5b98dbb3d9f3129d9349433ce2a3a35cb519c91e2d633d7b373ae16", - "3bee95e29eecc5d5ad2beba941abcbf9f1cad478df0fecf614f63aeebef77850" - "da7efdb93de8f3df80bc25eac09239c14175f5c29704ce9a3e383f1b3ec0e929" }, - } - }; ++ }, ++ { { "0000000000000000000000000000000000000000000000000000000000000001", ++ "8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b122acc99c9e9f1e14" }, ++ { "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd95", ++ "726e1b8e1f676325d820afa5bac0d489cad6b0d220dc1c4edd5336636160df83" }, ++ { "8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38d2c", ++ "76bcd1ca9a23b041d4d9baf507a6cd821267a94c838768e8486117796b788a51" }, ++ { "f7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e4b7", ++ "83ccf17ba6706d73625cc3534c7a2b9d6ec1ee6a9a7e07c10d84b388de59f741" }, ++ }, ++ { { "0000000000000000000000000000000000000000000000000000000000000000" ++ "0000000000000000000000000000000000000000000000000000000000000003", ++ "7503cfe87a836ae3a61b8816e25450e6ce5e1c93acf1abc1778064fdcbefa921" ++ "df1626be4fd036e93d75e6a50e3a41e98028fe5fc235f5b889a589cb5215f2a4" }, ++ { "3b89dcfc622996ab97a5869dbff15cf51db00954f43a58a5e5f6b0470a132b2f" ++ "4434bbcd405d2a9516151d2a6a04f2e4375bf48de1fdb21fb982afd9d2ea137c", ++ "c813c4e2e2e0a8a391774c7903da7a6f14686e98e183e670ee6fb784809a3e92" ++ "ca209dc631d85b1c7534ed3b37fddf64d854d7e01f91f18bb3fd307591afc051" }, ++ { "a1ff1ab2712a267eb53935ddb5a567f84db156cc096168a1174291d5f488fba5" ++ "43d2840b4d2dd35d764b2f57b308907aec55cfba10544e8416e134687ccb87c3", ++ "3cb5c4417ec4637f30374f189bb5b984c41e3a48d7f84fbfa3819e3f333f7eb3" ++ "11d3af7e67c4c16eeacfac2fe94c6dd4c6366f711a4fb6c7125cd7ec518d90d6" }, ++ { "b7bfb80956c8670031ba191929f64e301d681634236d47a60e571a4bedc0ef25" ++ "7452ef78b5b98dbb3d9f3129d9349433ce2a3a35cb519c91e2d633d7b373ae16", ++ "3bee95e29eecc5d5ad2beba941abcbf9f1cad478df0fecf614f63aeebef77850" ++ "da7efdb93de8f3df80bc25eac09239c14175f5c29704ce9a3e383f1b3ec0e929" }, + } + }; + + void + test_ecc_ga (unsigned curve, const mp_limb_t *p) + { + return test_ecc_point (ecc_curves[curve], &ecc_ref[curve][0], p); + } + + void + test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) + { - assert (curve < 7); + assert (curve < 9); assert (n <= 4); if (n == 0) {