Andy Polyakov
127d6cf747
crypto/ec/curve25519.c: remove redundant fe[51]_cswap.
...
3 least significant bits of the input scalar are explicitly cleared,
hence swap variable has fixed value [of zero] upon exit from the loop.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5408 )
2018-02-21 10:12:55 +01:00
Matt Caswell
59bf467cca
Add tests for newly added constant time functions
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:52 +00:00
Matt Caswell
dd8796c551
Some more cleanups of curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
a4e6dd819a
fixup! More style fixes for the curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
18985129eb
fixup! Improve readability of f_impl.c and f_impl.h
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
8e32ec7a56
Improve readability of f_impl.c and f_impl.h
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
cb5ed32665
Remove unrolled loops
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
909c68ae72
Yet more style updates to the curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
c1f15b76ef
Further style changes to curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
9c9d6ff41c
Simplify some code
...
The original curve448 code was templated to allow for a 25519
implementation. We've just imported the 448 stuff - but a remnant of
the original templated approach remained. This just simplifies that.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
a7232276fe
Remove some unneccessary use of constant time code in curve448
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
434149c744
Fix a travis failure in the curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
2abe3cad23
Remove the curve448 vector code
...
We removed various platform specific optimisation files in an earlier
commit. The vector code was related to that and therefore is no longer
required. It may be resurrected at a later point if we reintroduce the
opimtisations.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
53ef3252fa
More style fixes for the curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:31 +00:00
Matt Caswell
9fd3c858b4
Remove a strict aliasing issue with pre-computed curve448 constants
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
68b20c0065
More style fixes to Curve448 code based on review feedback
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
04ebd4e17e
Some style fixes
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
e411822318
Formatting tweak based on review feedback
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
756b5af71c
Use NLIMBS where appropriate to simplify the code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
8855a9a110
Remove cplusplus guards in internal headers
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
f918504f91
Remove the curve448 specific constant time implementation
...
Instead we should use the standard OpenSSL constant time routines.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
e0fa632420
Add some new constant time functions needed by curve448
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
7114a5a17a
Use the NLIMBS macro rather than try and calculate the number of limbs
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
bd74eae1be
Rename a function to avoid a clash
...
We already have a constant_time_select() function so, to avoid
confusion/clashing we shouldn't have a second one.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
7e492f3372
Remove curve448 architecture specific files
...
Remove all architecture specific files except for the reference arch_32
version. These files provide archicture specific performance optimisation.
However they have not been integrated yet. In order to avoid review issues
they are removed for now. They may be reintroduced at a later time.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
0cdcdacc33
Fix AppVeyor failure in eddsa.c
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
dd03fd7e3a
Fix travis failure in f_impl.c
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
06d72c2c64
Fix a typo in a comment
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
f53c77648c
Update Curve448 copyright for 2018
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
bce3108161
Code tidy up
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
7d9e120fea
Fixes for compilation using clang
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
e54f5f397a
Update the curve448 internal test to use testutil.h
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
2c9def25b1
Move curve448_test.c to be a full internal test
...
This ensures that this test is run as part of the test suite
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
52a9587c78
Fix build errors for Curve448 code on Windows (VC-WIN32 and VC-WIN64A)
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
575d5afcf8
Remove some gcc/clang specific attributes we don't support
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
db90b274a1
Remove duplicated 448 in the names of various things
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
001a093419
Merge f_field.h into field.h
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
b47758dbd0
Merge f_arithmetic.c into f_generic.c
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
aeeef83cb5
Remove references to libdecaf
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
35b7c85a22
Remove some unneeded code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
8d55f844b0
Manual formatting tweaks to Curve448 code
...
Following running openssl-format-source there were a lot of manual tweaks
that were requried.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
205fd63881
Run util/openssl-format-source on the Curve448 code
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
1308e022e1
Update the imported curve448 code to use OpenSSL copyright headers
...
Some files talk about the MIT license. This code was contributed under
CLA and was relicensed to the OpenSSL licence when imported.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
22bcc9cb7f
Fix the ED448 key lengths
...
Unlike X448 the key lengths for ED448 are 57 bytes (as opposed to 56)
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
ff489fb472
Integrate Curve448 into the build system
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
094c071cbf
Convert to C90 from C99
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
bb6e60adc5
Rename the decaf files to curve448 files
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
c4148792cf
Remove portable_endian.h
...
It is no longer used
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
2799d38540
Remove the old shake256 implementation
...
We have fully converted curve448 to use the OpenSSL shake256 implementation
so we can now remove the old one.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00
Matt Caswell
a242839f75
Convert Curve448 internals to use OpenSSL shake256
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105 )
2018-02-20 12:59:30 +00:00