diff options
author | Brian Smith <brian@briansmith.org> | 2016-02-06 03:04:09 +0300 |
---|---|---|
committer | David Benjamin <davidben@google.com> | 2016-02-08 21:31:46 +0300 |
commit | fce76043509eacff9c8ea7a60846e420e76d7c70 (patch) | |
tree | 1273aee0686a4f5905b955cc57370e43c6261e05 | |
parent | aadf1ee77f6d612f3b24df61e36cb2e1606361d8 (diff) |
Remove duplicative ECC |group_init| and |group_set_curve| methods.
|a_is_minus_3| is calculated in |ec_GFp_simple_group_set_curve|, so
the custom |group_init| functions are unnecessary. Just as in
commit 9f1f04f31359330702451bc74ab98dca3abca602, it is never the case
that custom parameters are passed to the |group_set_curve| method for
these curves.
Change-Id: I18a38b104bc332e44cc2053c465cf234f4c5163b
Reviewed-on: https://boringssl-review.googlesource.com/7090
Reviewed-by: David Benjamin <davidben@google.com>
-rw-r--r-- | crypto/ec/p224-64.c | 65 | ||||
-rw-r--r-- | crypto/ec/p256-64.c | 66 |
2 files changed, 5 insertions, 126 deletions
diff --git a/crypto/ec/p224-64.c b/crypto/ec/p224-64.c index 790b1e7b..9de6cd49 100644 --- a/crypto/ec/p224-64.c +++ b/crypto/ec/p224-64.c @@ -61,23 +61,6 @@ typedef widelimb widefelem[7]; * scalars for point multiplication. */ typedef u8 felem_bytearray[28]; -static const felem_bytearray nistp224_curve_params[5] = { - {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* p */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* a */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE}, - {0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, /* b */ - 0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, - 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4}, - {0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, /* x */ - 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, - 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21}, - {0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, /* y */ - 0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, - 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34}}; - /* Precomputed multiples of the standard generator * Points are given in coordinates (X, Y, Z) where Z normally is 1 * (0 for the point at infinity). @@ -1020,50 +1003,6 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, felem_assign(z_out, nq[2]); } -int ec_GFp_nistp224_group_init(EC_GROUP *group) { - int ret; - ret = ec_GFp_simple_group_init(group); - group->a_is_minus3 = 1; - return ret; -} - -int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, - const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx) { - int ret = 0; - BN_CTX *new_ctx = NULL; - BIGNUM *curve_p, *curve_a, *curve_b; - - if (ctx == NULL) { - ctx = BN_CTX_new(); - new_ctx = ctx; - if (ctx == NULL) { - return 0; - } - } - BN_CTX_start(ctx); - if (((curve_p = BN_CTX_get(ctx)) == NULL) || - ((curve_a = BN_CTX_get(ctx)) == NULL) || - ((curve_b = BN_CTX_get(ctx)) == NULL)) { - goto err; - } - BN_bin2bn(nistp224_curve_params[0], sizeof(felem_bytearray), curve_p); - BN_bin2bn(nistp224_curve_params[1], sizeof(felem_bytearray), curve_a); - BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b); - if (BN_cmp(curve_p, p) || - BN_cmp(curve_a, a) || - BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); - goto err; - } - ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); - -err: - BN_CTX_end(ctx); - BN_CTX_free(new_ctx); - return ret; -} - /* Takes the Jacobian coordinates (X, Y, Z) of a point and returns * (X', Y') = (X/Z^2, Y/Z^3) */ int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group, @@ -1286,10 +1225,10 @@ err: } const EC_METHOD *EC_GFp_nistp224_method(void) { - static const EC_METHOD ret = {ec_GFp_nistp224_group_init, + static const EC_METHOD ret = {ec_GFp_simple_group_init, ec_GFp_simple_group_finish, ec_GFp_simple_group_copy, - ec_GFp_nistp224_group_set_curve, + ec_GFp_simple_group_set_curve, ec_GFp_nistp224_point_get_affine_coordinates, ec_GFp_nistp224_points_mul, 0 /* check_pub_key_order */, diff --git a/crypto/ec/p256-64.c b/crypto/ec/p256-64.c index a5b64f3c..b94e226e 100644 --- a/crypto/ec/p256-64.c +++ b/crypto/ec/p256-64.c @@ -44,26 +44,6 @@ typedef int64_t s64; * felem_bytearray. */ typedef u8 felem_bytearray[32]; -/* These are the parameters of P256, taken from FIPS 186-3, page 86. These - * values are big-endian. */ -static const felem_bytearray nistp256_curve_params[5] = { - {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* p */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* a = -3 */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xfc}, /* b */ - {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, 0xbd, 0x55, - 0x76, 0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6, - 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b}, - {0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, /* x */ - 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, - 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96}, - {0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, /* y */ - 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, - 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}}; - /* The representation of field elements. * ------------------------------------ * @@ -1601,47 +1581,6 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, * OPENSSL EC_METHOD FUNCTIONS */ -int ec_GFp_nistp256_group_init(EC_GROUP *group) { - int ret = ec_GFp_simple_group_init(group); - group->a_is_minus3 = 1; - return ret; -} - -int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, - const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx) { - int ret = 0; - BN_CTX *new_ctx = NULL; - BIGNUM *curve_p, *curve_a, *curve_b; - - if (ctx == NULL) { - if ((ctx = new_ctx = BN_CTX_new()) == NULL) { - return 0; - } - } - BN_CTX_start(ctx); - if (((curve_p = BN_CTX_get(ctx)) == NULL) || - ((curve_a = BN_CTX_get(ctx)) == NULL) || - ((curve_b = BN_CTX_get(ctx)) == NULL)) { - goto err; - } - BN_bin2bn(nistp256_curve_params[0], sizeof(felem_bytearray), curve_p); - BN_bin2bn(nistp256_curve_params[1], sizeof(felem_bytearray), curve_a); - BN_bin2bn(nistp256_curve_params[2], sizeof(felem_bytearray), curve_b); - if (BN_cmp(curve_p, p) || - BN_cmp(curve_a, a) || - BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); - goto err; - } - ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); - -err: - BN_CTX_end(ctx); - BN_CTX_free(new_ctx); - return ret; -} - /* Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') = * (X/Z^2, Y/Z^3). */ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, @@ -1860,9 +1799,10 @@ err: const EC_METHOD *EC_GFp_nistp256_method(void) { static const EC_METHOD ret = { - ec_GFp_nistp256_group_init, + ec_GFp_simple_group_init, ec_GFp_simple_group_finish, - ec_GFp_simple_group_copy, ec_GFp_nistp256_group_set_curve, + ec_GFp_simple_group_copy, + ec_GFp_simple_group_set_curve, ec_GFp_nistp256_point_get_affine_coordinates, ec_GFp_nistp256_points_mul, 0 /* check_pub_key_order */, |