diff options
author | Jack Lloyd <[email protected]> | 2018-04-17 18:06:34 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-04-17 18:07:25 -0400 |
commit | 2cfa191a940b7b884f24d23d94227ff382c672b4 (patch) | |
tree | 1faccd9cdaa635141783b685b3d5267f5bceac0c /src/lib/pubkey | |
parent | 4ef7125afe98fafa261cec0b083b69a029aaf678 (diff) |
Add EC_Group::inverse_mod_order
Centralizing this logic allows curve specific implementations such
as using a precomputed ladder for exponentiating by p - 2
GH #1479
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r-- | src/lib/pubkey/ec_group/ec_group.cpp | 10 | ||||
-rw-r--r-- | src/lib/pubkey/ec_group/ec_group.h | 5 | ||||
-rw-r--r-- | src/lib/pubkey/ecdh/ecdh.cpp | 2 | ||||
-rw-r--r-- | src/lib/pubkey/ecdsa/ecdsa.cpp | 4 | ||||
-rw-r--r-- | src/lib/pubkey/ecgdsa/ecgdsa.cpp | 2 | ||||
-rw-r--r-- | src/lib/pubkey/sm2/sm2.cpp | 4 |
6 files changed, 21 insertions, 6 deletions
diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp index fc512b733..ac23aa151 100644 --- a/src/lib/pubkey/ec_group/ec_group.cpp +++ b/src/lib/pubkey/ec_group/ec_group.cpp @@ -89,6 +89,11 @@ class EC_Group_Data final return m_mod_order.multiply(x, y); } + BigInt inverse_mod_order(const BigInt& x) const + { + return inverse_mod(x, m_order); + } + PointGFp blinded_base_point_multiply(const BigInt& k, RandomNumberGenerator& rng, std::vector<BigInt>& ws) const @@ -477,6 +482,11 @@ BigInt EC_Group::multiply_mod_order(const BigInt& x, const BigInt& y) const return data().multiply_mod_order(x, y); } +BigInt EC_Group::inverse_mod_order(const BigInt& x) const + { + return data().inverse_mod_order(x); + } + const OID& EC_Group::get_curve_oid() const { return data().oid(); diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h index 8bb1a3044..f273108d2 100644 --- a/src/lib/pubkey/ec_group/ec_group.h +++ b/src/lib/pubkey/ec_group/ec_group.h @@ -199,6 +199,11 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final BigInt mod_order(const BigInt& x) const; /* + * Return inverse of x modulo the order + */ + BigInt inverse_mod_order(const BigInt& x) const; + + /* * Reduce (x*y) modulo the order */ BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const; diff --git a/src/lib/pubkey/ecdh/ecdh.cpp b/src/lib/pubkey/ecdh/ecdh.cpp index adadb2703..59f245a00 100644 --- a/src/lib/pubkey/ecdh/ecdh.cpp +++ b/src/lib/pubkey/ecdh/ecdh.cpp @@ -31,7 +31,7 @@ class ECDH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF m_group(key.domain()), m_rng(rng) { - m_l_times_priv = inverse_mod(m_group.get_cofactor(), m_group.get_order()) * key.private_value(); + m_l_times_priv = m_group.inverse_mod_order(m_group.get_cofactor()) * key.private_value(); } secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp index 03f5e57ab..6e104f164 100644 --- a/src/lib/pubkey/ecdsa/ecdsa.cpp +++ b/src/lib/pubkey/ecdsa/ecdsa.cpp @@ -89,7 +89,7 @@ ECDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len, const BigInt k = m_group.random_scalar(rng); #endif - const BigInt k_inv = inverse_mod(k, m_group.get_order()); + const BigInt k_inv = m_group.inverse_mod_order(k); const BigInt r = m_group.mod_order( m_group.blinded_base_point_multiply_x(k, rng, m_ws)); @@ -142,7 +142,7 @@ bool ECDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len, if(r <= 0 || r >= m_group.get_order() || s <= 0 || s >= m_group.get_order()) return false; - const BigInt w = inverse_mod(s, m_group.get_order()); + const BigInt w = m_group.inverse_mod_order(s); const BigInt u1 = m_group.multiply_mod_order(e, w); const BigInt u2 = m_group.multiply_mod_order(r, w); diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp index 192d999a8..61b7ae055 100644 --- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp +++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp @@ -116,7 +116,7 @@ bool ECGDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len, if(r <= 0 || r >= m_group.get_order() || s <= 0 || s >= m_group.get_order()) return false; - const BigInt w = inverse_mod(r, m_group.get_order()); + const BigInt w = m_group.inverse_mod_order(r); const BigInt u1 = m_group.multiply_mod_order(e, w); const BigInt u2 = m_group.multiply_mod_order(s, w); diff --git a/src/lib/pubkey/sm2/sm2.cpp b/src/lib/pubkey/sm2/sm2.cpp index 95fe28f14..1096ea99f 100644 --- a/src/lib/pubkey/sm2/sm2.cpp +++ b/src/lib/pubkey/sm2/sm2.cpp @@ -31,7 +31,7 @@ SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(const AlgorithmIdentifier& al const secure_vector<uint8_t>& key_bits) : EC_PrivateKey(alg_id, key_bits) { - m_da_inv = inverse_mod(m_private_key + 1, domain().get_order()); + m_da_inv = domain().inverse_mod_order(m_private_key + 1); } SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(RandomNumberGenerator& rng, @@ -39,7 +39,7 @@ SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(RandomNumberGenerator& rng, const BigInt& x) : EC_PrivateKey(rng, domain, x) { - m_da_inv = inverse_mod(m_private_key + 1, domain.get_order()); + m_da_inv = domain.inverse_mod_order(m_private_key + 1); } std::vector<uint8_t> sm2_compute_za(HashFunction& hash, |