Remove reduction in |ec_GFp_simple_set_Jprojective_coordinates_GFp|.

The (internal) constant-time callers of this function already do a
constant-time reduction before calling. And, nobody should be calling
this function with out-of-range coordinates anyway. So, just require
valid coordinates as input.

Further, this function is rarely called, so don't bother with the
optimization to avoid encoding Montgomery encoding of 1 for the Z
coordinate.

Change-Id: I637ffaf4d39135ca17214915b9a8582ea052eea8
Reviewed-on: https://boringssl-review.googlesource.com/7441
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
Brian Smith 2016-03-10 16:50:25 -10:00 committed by David Benjamin
parent 8542daa22d
commit 6603b76f76

View File

@ -271,6 +271,22 @@ int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
return 1;
}
static int set_Jprojective_coordinate_GFp(const EC_GROUP *group, BIGNUM *out,
const BIGNUM *in, BN_CTX *ctx) {
if (in == NULL) {
return 1;
}
if (BN_is_negative(in) ||
BN_cmp(in, &group->field) >= 0) {
OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE);
return 0;
}
if (group->meth->field_encode) {
return group->meth->field_encode(group, out, in, ctx);
}
return BN_copy(out, in) != NULL;
}
int ec_GFp_simple_set_Jprojective_coordinates_GFp(
const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y,
const BIGNUM *z, BN_CTX *ctx) {
@ -284,41 +300,11 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(
}
}
if (x != NULL) {
if (!BN_nnmod(&point->X, x, &group->field, ctx)) {
if (!set_Jprojective_coordinate_GFp(group, &point->X, x, ctx) ||
!set_Jprojective_coordinate_GFp(group, &point->Y, y, ctx) ||
!set_Jprojective_coordinate_GFp(group, &point->Z, z, ctx)) {
goto err;
}
if (group->meth->field_encode &&
!group->meth->field_encode(group, &point->X, &point->X, ctx)) {
goto err;
}
}
if (y != NULL) {
if (!BN_nnmod(&point->Y, y, &group->field, ctx)) {
goto err;
}
if (group->meth->field_encode &&
!group->meth->field_encode(group, &point->Y, &point->Y, ctx)) {
goto err;
}
}
if (z != NULL) {
if (!BN_nnmod(&point->Z, z, &group->field, ctx)) {
goto err;
}
int Z_is_one = BN_is_one(&point->Z);
if (group->meth->field_encode) {
if (Z_is_one) {
if (BN_copy(&point->Z, &group->one) == NULL) {
goto err;
}
} else if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx)) {
goto err;
}
}
}
ret = 1;