* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
ret = 1;
err:
- if (ctx != NULL)
- BN_CTX_end(ctx);
+ BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
return ret;
}
if (!BN_copy(y0, a->Y))
goto err;
} else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x0, y0, ctx))
+ if (!EC_POINT_get_affine_coordinates(group, a, x0, y0, ctx))
goto err;
}
if (b->Z_is_one) {
if (!BN_copy(y1, b->Y))
goto err;
} else {
- if (!EC_POINT_get_affine_coordinates_GF2m(group, b, x1, y1, ctx))
+ if (!EC_POINT_get_affine_coordinates(group, b, x1, y1, ctx))
goto err;
}
if (!BN_GF2m_add(y2, y2, y1))
goto err;
- if (!EC_POINT_set_affine_coordinates_GF2m(group, r, x2, y2, ctx))
+ if (!EC_POINT_set_affine_coordinates(group, r, x2, y2, ctx))
goto err;
ret = 1;
if (bY == NULL)
goto err;
- if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
+ if (!EC_POINT_get_affine_coordinates(group, a, aX, aY, ctx))
goto err;
- if (!EC_POINT_get_affine_coordinates_GF2m(group, b, bX, bY, ctx))
+ if (!EC_POINT_get_affine_coordinates(group, b, bX, bY, ctx))
goto err;
ret = ((BN_cmp(aX, bX) == 0) && BN_cmp(aY, bY) == 0) ? 0 : 1;
if (y == NULL)
goto err;
- if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
+ if (!EC_POINT_get_affine_coordinates(group, point, x, y, ctx))
goto err;
if (!BN_copy(point->X, x))
goto err;
|| !group->meth->field_mul(group, t2, t2, t0, ctx)
|| !BN_GF2m_add(t1, t2, t1)
|| !group->meth->field_mul(group, t2, p->X, t0, ctx)
- || !BN_GF2m_mod_inv(t2, t2, group->field, ctx)
+ || !group->meth->field_inv(group, t2, t2, ctx)
|| !group->meth->field_mul(group, t1, t1, t2, ctx)
|| !group->meth->field_mul(group, r->X, r->Z, t2, ctx)
|| !BN_GF2m_add(t2, p->X, r->X)
return ret;
}
+/*-
+ * Computes the multiplicative inverse of a in GF(2^m), storing the result in r.
+ * If a is zero (or equivalent), you'll get a EC_R_CANNOT_INVERT error.
+ * SCA hardening is with blinding: BN_GF2m_mod_inv does that.
+ */
+static int ec_GF2m_simple_field_inv(const EC_GROUP *group, BIGNUM *r,
+ const BIGNUM *a, BN_CTX *ctx)
+{
+ int ret;
+
+ if (!(ret = BN_GF2m_mod_inv(r, a, group->field, ctx)))
+ ECerr(EC_F_EC_GF2M_SIMPLE_FIELD_INV, EC_R_CANNOT_INVERT);
+ return ret;
+}
+
const EC_METHOD *EC_GF2m_simple_method(void)
{
static const EC_METHOD ret = {
ec_GF2m_simple_field_mul,
ec_GF2m_simple_field_sqr,
ec_GF2m_simple_field_div,
+ ec_GF2m_simple_field_inv,
0, /* field_encode */
0, /* field_decode */
0, /* field_set_to_one */
projects / openssl.git / blobdiff