mpi: Improve support for non-Weierstrass support.

* mpi/ec.c (ec_p_init): Add args MODEL and P. Change all callers. (_gcry_mpi_ec_p_internal_new): Ditto. (_gcry_mpi_ec_p_new): Ditto. * cipher/ecc-curves.c (_gcry_ecc_fill_in_curve): Return GPG_ERR_UNKNOWN_CURVE instead of invalid value. Init curve model. * cipher/ecc.c (ecc_verify, ecc_encrypt_raw): Ditto. * cipher/pubkey.c (sexp_data_to_mpi): Fix EDDSA flag error checking. -- (fixes commit c26be7a337d0bf98193bc58e043209e46d0769bb)
author: Werner Koch <wk@gnupg.org> 2013-09-07 10:06:46 +0200
committer: Werner Koch <wk@gnupg.org> 2013-09-07 10:16:45 +0200
commit: 4d8c8c7aa88cddb1624301957e6245405f46d027 (patch)
tree: c8b7e7550a0beccfaa547e241bcbfda3417f3c4b /mpi/ec.c
parent: ddfefe429660cc5d798f3517208936449247ae5c (diff)
download: libgcrypt-4d8c8c7aa88cddb1624301957e6245405f46d027.tar.gz
1 files changed, 39 insertions, 22 deletions
diff --git a/mpi/ec.c b/mpi/ec.c
index 7da2e3b7..049afa9e 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -386,14 +386,18 @@ ec_get_two_inv_p (mpi_ec_t ec)
    field GF(p).  P is the prime specifying this field, A is the first
    coefficient.  CTX is expected to be zeroized.  */
 static void
-ec_p_init (mpi_ec_t ctx, gcry_mpi_t p, gcry_mpi_t a)
+ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model,
+           gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
 {
   int i;
 
   /* Fixme: Do we want to check some constraints? e.g.  a < p  */
 
+  ctx->model = model;
   ctx->p = mpi_copy (p);
   ctx->a = mpi_copy (a);
+  if (b && model == MPI_EC_TWISTEDEDWARDS)
+    ctx->b = mpi_copy (b);
 
   ec_get_reset (ctx);
 
@@ -461,41 +465,35 @@ ec_deinit (void *opaque)
 
 /* This function returns a new context for elliptic curve based on the
    field GF(p).  P is the prime specifying this field, A is the first
-   coefficient.  This function is only used within Libgcrypt and not
+   coefficient, B is the second coefficient, and MODEL is the model
+   for the curve.  This function is only used within Libgcrypt and not
    part of the public API.
 
    This context needs to be released using _gcry_mpi_ec_free.  */
 mpi_ec_t
-_gcry_mpi_ec_p_internal_new (gcry_mpi_t p, gcry_mpi_t a)
+_gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model,
+                             gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
 {
   mpi_ec_t ctx;
 
   ctx = gcry_xcalloc (1, sizeof *ctx);
-  ec_p_init (ctx, p, a);
+  ec_p_init (ctx, model, p, a, b);
 
   return ctx;
 }
 
 
-void
-_gcry_mpi_ec_free (mpi_ec_t ctx)
-{
-  if (ctx)
-    {
-      ec_deinit (ctx);
-      gcry_free (ctx);
-    }
-}
+/* This is a variant of _gcry_mpi_ec_p_internal_new which returns an
+   public contect and does some error checking on the supplied
+   arguments.  On success the new context is stored at R_CTX and 0 is
+   returned; on error NULL is stored at R_CTX and an error code is
+   returned.
 
-
-/* This function returns a new context for elliptic curve operations
-   based on the field GF(p).  P is the prime specifying this field, A
-   is the first coefficient.  On success the new context is stored at
-   R_CTX and 0 is returned; on error NULL is stored at R_CTX and an
-   error code is returned.  The context needs to be released using
-   gcry_ctx_release.  This is an internal fucntions.  */
+   The context needs to be released using gcry_ctx_release.  */
 gpg_err_code_t
-_gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, gcry_mpi_t p, gcry_mpi_t a)
+_gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx,
+                    enum gcry_mpi_ec_models model,
+                    gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
 {
   gcry_ctx_t ctx;
   mpi_ec_t ec;
@@ -508,12 +506,24 @@ _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, gcry_mpi_t p, gcry_mpi_t a)
   if (!ctx)
     return gpg_err_code_from_syserror ();
   ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC);
-  ec_p_init (ec, p, a);
+  ec_p_init (ec, model, p, a, b);
 
   *r_ctx = ctx;
   return 0;
 }
 
+
+void
+_gcry_mpi_ec_free (mpi_ec_t ctx)
+{
+  if (ctx)
+    {
+      ec_deinit (ctx);
+      gcry_free (ctx);
+    }
+}
+
+
 gcry_mpi_t
 _gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy)
 {
@@ -772,6 +782,9 @@ dup_point_weierstrass (mpi_point_t result, mpi_point_t point, mpi_ec_t ctx)
 static void
 dup_point_montgomery (mpi_point_t result, mpi_point_t point, mpi_ec_t ctx)
 {
+  (void)result;
+  (void)point;
+  (void)ctx;
   log_fatal ("%s: %s not yet supported\n",
              "_gcry_mpi_ec_dup_point", "Montgomery");
 }
@@ -953,6 +966,10 @@ add_points_montgomery (mpi_point_t result,
                        mpi_point_t p1, mpi_point_t p2,
                        mpi_ec_t ctx)
 {
+  (void)result;
+  (void)p1;
+  (void)p2;
+  (void)ctx;
   log_fatal ("%s: %s not yet supported\n",
              "_gcry_mpi_ec_add_points", "Montgomery");
 }
author	Werner Koch <wk@gnupg.org>	2013-09-07 10:06:46 +0200
committer	Werner Koch <wk@gnupg.org>	2013-09-07 10:16:45 +0200
commit	4d8c8c7aa88cddb1624301957e6245405f46d027 (patch)
tree	c8b7e7550a0beccfaa547e241bcbfda3417f3c4b /mpi/ec.c
parent	ddfefe429660cc5d798f3517208936449247ae5c (diff)
download	libgcrypt-4d8c8c7aa88cddb1624301957e6245405f46d027.tar.gz