diff options
Diffstat (limited to 'src/crypto/fipsmodule/ec/p256.c')
| -rw-r--r-- | src/crypto/fipsmodule/ec/p256.c | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/src/crypto/fipsmodule/ec/p256.c b/src/crypto/fipsmodule/ec/p256.c index d67f6c0..af211be 100644 --- a/src/crypto/fipsmodule/ec/p256.c +++ b/src/crypto/fipsmodule/ec/p256.c @@ -31,8 +31,9 @@ #include "./internal.h" #if defined(BORINGSSL_HAS_UINT128) -#define BORINGSSL_NISTP256_64BIT 1 #include "../../../third_party/fiat/p256_64.h" +#elif defined(OPENSSL_64_BIT) +#include "../../../third_party/fiat/p256_64_msvc.h" #else #include "../../../third_party/fiat/p256_32.h" #endif @@ -40,7 +41,7 @@ // utility functions, handwritten -#if defined(BORINGSSL_NISTP256_64BIT) +#if defined(OPENSSL_64_BIT) #define FIAT_P256_NLIMBS 4 typedef uint64_t fiat_p256_limb_t; typedef uint64_t fiat_p256_felem[FIAT_P256_NLIMBS]; @@ -413,7 +414,7 @@ static crypto_word_t fiat_p256_get_bit(const EC_SCALAR *in, int i) { // Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') = // (X/Z^2, Y/Z^3). static int ec_GFp_nistp256_point_get_affine_coordinates( - const EC_GROUP *group, const EC_RAW_POINT *point, EC_FELEM *x_out, + const EC_GROUP *group, const EC_JACOBIAN *point, EC_FELEM *x_out, EC_FELEM *y_out) { if (ec_GFp_simple_is_at_infinity(group, point)) { OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); @@ -443,8 +444,8 @@ static int ec_GFp_nistp256_point_get_affine_coordinates( return 1; } -static void ec_GFp_nistp256_add(const EC_GROUP *group, EC_RAW_POINT *r, - const EC_RAW_POINT *a, const EC_RAW_POINT *b) { +static void ec_GFp_nistp256_add(const EC_GROUP *group, EC_JACOBIAN *r, + const EC_JACOBIAN *a, const EC_JACOBIAN *b) { fiat_p256_felem x1, y1, z1, x2, y2, z2; fiat_p256_from_generic(x1, &a->X); fiat_p256_from_generic(y1, &a->Y); @@ -459,8 +460,8 @@ static void ec_GFp_nistp256_add(const EC_GROUP *group, EC_RAW_POINT *r, fiat_p256_to_generic(&r->Z, z1); } -static void ec_GFp_nistp256_dbl(const EC_GROUP *group, EC_RAW_POINT *r, - const EC_RAW_POINT *a) { +static void ec_GFp_nistp256_dbl(const EC_GROUP *group, EC_JACOBIAN *r, + const EC_JACOBIAN *a) { fiat_p256_felem x, y, z; fiat_p256_from_generic(x, &a->X); fiat_p256_from_generic(y, &a->Y); @@ -471,8 +472,8 @@ static void ec_GFp_nistp256_dbl(const EC_GROUP *group, EC_RAW_POINT *r, fiat_p256_to_generic(&r->Z, z); } -static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_RAW_POINT *r, - const EC_RAW_POINT *p, +static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_JACOBIAN *r, + const EC_JACOBIAN *p, const EC_SCALAR *scalar) { fiat_p256_felem p_pre_comp[17][3]; OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp)); @@ -539,7 +540,7 @@ static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_RAW_POINT *r, } static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group, - EC_RAW_POINT *r, + EC_JACOBIAN *r, const EC_SCALAR *scalar) { // Set nq to the point at infinity. fiat_p256_felem nq[3] = {{0}, {0}, {0}}, tmp[3]; @@ -587,9 +588,9 @@ static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group, } static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group, - EC_RAW_POINT *r, + EC_JACOBIAN *r, const EC_SCALAR *g_scalar, - const EC_RAW_POINT *p, + const EC_JACOBIAN *p, const EC_SCALAR *p_scalar) { #define P256_WSIZE_PUBLIC 4 // Precompute multiples of |p|. p_pre_comp[i] is (2*i+1) * |p|. @@ -679,7 +680,7 @@ static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group, } static int ec_GFp_nistp256_cmp_x_coordinate(const EC_GROUP *group, - const EC_RAW_POINT *p, + const EC_JACOBIAN *p, const EC_SCALAR *r) { if (ec_GFp_simple_is_at_infinity(group, p)) { return 0; @@ -748,5 +749,3 @@ DEFINE_METHOD_FUNCTION(EC_METHOD, EC_GFp_nistp256_method) { ec_simple_scalar_to_montgomery_inv_vartime; out->cmp_x_coordinate = ec_GFp_nistp256_cmp_x_coordinate; } - -#undef BORINGSSL_NISTP256_64BIT |