aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-04-17 18:06:34 -0400
committerJack Lloyd <[email protected]>2018-04-17 18:07:25 -0400
commit2cfa191a940b7b884f24d23d94227ff382c672b4 (patch)
tree1faccd9cdaa635141783b685b3d5267f5bceac0c /src/lib/pubkey
parent4ef7125afe98fafa261cec0b083b69a029aaf678 (diff)
Add EC_Group::inverse_mod_order
Centralizing this logic allows curve specific implementations such as using a precomputed ladder for exponentiating by p - 2 GH #1479
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r--src/lib/pubkey/ec_group/ec_group.cpp10
-rw-r--r--src/lib/pubkey/ec_group/ec_group.h5
-rw-r--r--src/lib/pubkey/ecdh/ecdh.cpp2
-rw-r--r--src/lib/pubkey/ecdsa/ecdsa.cpp4
-rw-r--r--src/lib/pubkey/ecgdsa/ecgdsa.cpp2
-rw-r--r--src/lib/pubkey/sm2/sm2.cpp4
6 files changed, 21 insertions, 6 deletions
diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp
index fc512b733..ac23aa151 100644
--- a/src/lib/pubkey/ec_group/ec_group.cpp
+++ b/src/lib/pubkey/ec_group/ec_group.cpp
@@ -89,6 +89,11 @@ class EC_Group_Data final
return m_mod_order.multiply(x, y);
}
+ BigInt inverse_mod_order(const BigInt& x) const
+ {
+ return inverse_mod(x, m_order);
+ }
+
PointGFp blinded_base_point_multiply(const BigInt& k,
RandomNumberGenerator& rng,
std::vector<BigInt>& ws) const
@@ -477,6 +482,11 @@ BigInt EC_Group::multiply_mod_order(const BigInt& x, const BigInt& y) const
return data().multiply_mod_order(x, y);
}
+BigInt EC_Group::inverse_mod_order(const BigInt& x) const
+ {
+ return data().inverse_mod_order(x);
+ }
+
const OID& EC_Group::get_curve_oid() const
{
return data().oid();
diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h
index 8bb1a3044..f273108d2 100644
--- a/src/lib/pubkey/ec_group/ec_group.h
+++ b/src/lib/pubkey/ec_group/ec_group.h
@@ -199,6 +199,11 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final
BigInt mod_order(const BigInt& x) const;
/*
+ * Return inverse of x modulo the order
+ */
+ BigInt inverse_mod_order(const BigInt& x) const;
+
+ /*
* Reduce (x*y) modulo the order
*/
BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const;
diff --git a/src/lib/pubkey/ecdh/ecdh.cpp b/src/lib/pubkey/ecdh/ecdh.cpp
index adadb2703..59f245a00 100644
--- a/src/lib/pubkey/ecdh/ecdh.cpp
+++ b/src/lib/pubkey/ecdh/ecdh.cpp
@@ -31,7 +31,7 @@ class ECDH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF
m_group(key.domain()),
m_rng(rng)
{
- m_l_times_priv = inverse_mod(m_group.get_cofactor(), m_group.get_order()) * key.private_value();
+ m_l_times_priv = m_group.inverse_mod_order(m_group.get_cofactor()) * key.private_value();
}
secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
index 03f5e57ab..6e104f164 100644
--- a/src/lib/pubkey/ecdsa/ecdsa.cpp
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -89,7 +89,7 @@ ECDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
const BigInt k = m_group.random_scalar(rng);
#endif
- const BigInt k_inv = inverse_mod(k, m_group.get_order());
+ const BigInt k_inv = m_group.inverse_mod_order(k);
const BigInt r = m_group.mod_order(
m_group.blinded_base_point_multiply_x(k, rng, m_ws));
@@ -142,7 +142,7 @@ bool ECDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len,
if(r <= 0 || r >= m_group.get_order() || s <= 0 || s >= m_group.get_order())
return false;
- const BigInt w = inverse_mod(s, m_group.get_order());
+ const BigInt w = m_group.inverse_mod_order(s);
const BigInt u1 = m_group.multiply_mod_order(e, w);
const BigInt u2 = m_group.multiply_mod_order(r, w);
diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
index 192d999a8..61b7ae055 100644
--- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp
+++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
@@ -116,7 +116,7 @@ bool ECGDSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len,
if(r <= 0 || r >= m_group.get_order() || s <= 0 || s >= m_group.get_order())
return false;
- const BigInt w = inverse_mod(r, m_group.get_order());
+ const BigInt w = m_group.inverse_mod_order(r);
const BigInt u1 = m_group.multiply_mod_order(e, w);
const BigInt u2 = m_group.multiply_mod_order(s, w);
diff --git a/src/lib/pubkey/sm2/sm2.cpp b/src/lib/pubkey/sm2/sm2.cpp
index 95fe28f14..1096ea99f 100644
--- a/src/lib/pubkey/sm2/sm2.cpp
+++ b/src/lib/pubkey/sm2/sm2.cpp
@@ -31,7 +31,7 @@ SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(const AlgorithmIdentifier& al
const secure_vector<uint8_t>& key_bits) :
EC_PrivateKey(alg_id, key_bits)
{
- m_da_inv = inverse_mod(m_private_key + 1, domain().get_order());
+ m_da_inv = domain().inverse_mod_order(m_private_key + 1);
}
SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(RandomNumberGenerator& rng,
@@ -39,7 +39,7 @@ SM2_Signature_PrivateKey::SM2_Signature_PrivateKey(RandomNumberGenerator& rng,
const BigInt& x) :
EC_PrivateKey(rng, domain, x)
{
- m_da_inv = inverse_mod(m_private_key + 1, domain.get_order());
+ m_da_inv = domain.inverse_mod_order(m_private_key + 1);
}
std::vector<uint8_t> sm2_compute_za(HashFunction& hash,