release/src/router/nettle/ecc-521.c

   1 /* ecc-521.c.c */
   2
   3 /* Compile time constant (but machine dependent) tables. */
   4
   5 /* nettle, low-level cryptographics library
   6  *
   7  * Copyright (C) 2013 Niels Möller
   8  *
   9  * The nettle library is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU Lesser General Public License as published by
  11  * the Free Software Foundation; either version 2.1 of the License, or (at your
  12  * option) any later version.
  13  *
  14  * The nettle library is distributed in the hope that it will be useful, but
  15  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  16  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
  17  * License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public License
  20  * along with the nettle library; see the file COPYING.LIB.  If not, write to
  21  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  22  * MA 02111-1301, USA.
  23  */
  24
  25 /* Development of Nettle's ECC support was funded by the .SE Internet Fund. */
  26
  27 #if HAVE_CONFIG_H
  28 # include "config.h"
  29 #endif
  30
  31 #include "ecc-internal.h"
  32
  33 #define USE_REDC 0
  34
  35 #include "ecc-521.h"
  36
  37 #if HAVE_NATIVE_ecc_521_modp
  38 #define ecc_521_modp nettle_ecc_521_modp
  39 void
  40 ecc_521_modp (const struct ecc_curve *ecc, mp_limb_t *rp);
  41
  42 #else
  43
  44 #define B_SHIFT (521 % GMP_NUMB_BITS)
  45 #define BMODP_SHIFT (GMP_NUMB_BITS - B_SHIFT)
  46 #define BMODP ((mp_limb_t) 1 << BMODP_SHIFT)
  47
  48 /* Result may be *slightly* larger than 2^521 */
  49 static void
  50 ecc_521_modp (const struct ecc_curve *ecc UNUSED, mp_limb_t *rp)
  51 {
  52   /* FIXME: Should use mpn_addlsh_n_ip1 */
  53   mp_limb_t hi;
  54   /* Reduce from 2*ECC_LIMB_SIZE to ECC_LIMB_SIZE + 1 */
  55   rp[ECC_LIMB_SIZE]
  56     = mpn_addmul_1 (rp, rp + ECC_LIMB_SIZE, ECC_LIMB_SIZE, BMODP);
  57   hi = mpn_addmul_1 (rp, rp + ECC_LIMB_SIZE, 1, BMODP);
  58   hi = sec_add_1 (rp + 1, rp + 1, ECC_LIMB_SIZE - 1, hi);
  59
  60   /* Combine hi with top bits, and add in. */
  61   hi = (hi << BMODP_SHIFT) | (rp[ECC_LIMB_SIZE-1] >> B_SHIFT);
  62   rp[ECC_LIMB_SIZE-1] = (rp[ECC_LIMB_SIZE-1]
  63                          & (((mp_limb_t) 1 << B_SHIFT)-1))
  64     + sec_add_1 (rp, rp, ECC_LIMB_SIZE - 1, hi);
  65 }
  66 #endif
  67
  68 const struct ecc_curve nettle_secp_521r1 =
  69 {
  70   521,
  71   ECC_LIMB_SIZE,
  72   ECC_BMODP_SIZE,
  73   ECC_BMODQ_SIZE,
  74   USE_REDC,
  75   ECC_REDC_SIZE,
  76   ECC_PIPPENGER_K,
  77   ECC_PIPPENGER_C,
  78   ecc_p,
  79   ecc_b,
  80   ecc_q,
  81   ecc_g,
  82   ecc_redc_g,
  83   ecc_521_modp,
  84   ecc_generic_redc,
  85   ecc_521_modp,
  86   ecc_generic_modq,
  87   ecc_Bmodp,
  88   ecc_Bmodp_shifted,
  89   ecc_pp1h,
  90   ecc_redc_ppm1,
  91   ecc_unit,
  92   ecc_Bmodq,
  93   ecc_Bmodq_shifted,
  94   ecc_qp1h,
  95   ecc_table
  96 };
  97