Remove reduction in |ec_GFp_simple_set_Jprojective_coordinates_GFp|.
The (internal) constant-time callers of this function already do a constant-time reduction before calling. And, nobody should be calling this function with out-of-range coordinates anyway. So, just require valid coordinates as input. Further, this function is rarely called, so don't bother with the optimization to avoid encoding Montgomery encoding of 1 for the Z coordinate. Change-Id: I637ffaf4d39135ca17214915b9a8582ea052eea8 Reviewed-on: https://boringssl-review.googlesource.com/7441 Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
parent
8542daa22d
commit
6603b76f76
@ -271,6 +271,22 @@ int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int set_Jprojective_coordinate_GFp(const EC_GROUP *group, BIGNUM *out,
|
||||
const BIGNUM *in, BN_CTX *ctx) {
|
||||
if (in == NULL) {
|
||||
return 1;
|
||||
}
|
||||
if (BN_is_negative(in) ||
|
||||
BN_cmp(in, &group->field) >= 0) {
|
||||
OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth->field_encode) {
|
||||
return group->meth->field_encode(group, out, in, ctx);
|
||||
}
|
||||
return BN_copy(out, in) != NULL;
|
||||
}
|
||||
|
||||
int ec_GFp_simple_set_Jprojective_coordinates_GFp(
|
||||
const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y,
|
||||
const BIGNUM *z, BN_CTX *ctx) {
|
||||
@ -284,41 +300,11 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(
|
||||
}
|
||||
}
|
||||
|
||||
if (x != NULL) {
|
||||
if (!BN_nnmod(&point->X, x, &group->field, ctx)) {
|
||||
if (!set_Jprojective_coordinate_GFp(group, &point->X, x, ctx) ||
|
||||
!set_Jprojective_coordinate_GFp(group, &point->Y, y, ctx) ||
|
||||
!set_Jprojective_coordinate_GFp(group, &point->Z, z, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
if (group->meth->field_encode &&
|
||||
!group->meth->field_encode(group, &point->X, &point->X, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
if (y != NULL) {
|
||||
if (!BN_nnmod(&point->Y, y, &group->field, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
if (group->meth->field_encode &&
|
||||
!group->meth->field_encode(group, &point->Y, &point->Y, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
if (z != NULL) {
|
||||
if (!BN_nnmod(&point->Z, z, &group->field, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
int Z_is_one = BN_is_one(&point->Z);
|
||||
if (group->meth->field_encode) {
|
||||
if (Z_is_one) {
|
||||
if (BN_copy(&point->Z, &group->one) == NULL) {
|
||||
goto err;
|
||||
}
|
||||
} else if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx)) {
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
ret = 1;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user