Re: [PATCH 0/2] two small fixes for ecc-gost branch
пн, 27 янв. 2020 г. в 17:26, Niels Möller : > > Dmitry Eremin-Solenikov writes: > > > This is strange. I have checked the e-mail from my 'sent' mailbox, it > > applies cleanly. Anyway, I have uploaded the diff to paste server. You > > can download and apply it: > > https://paste.debian.net/1127852/ . The download link is close to the > > bottom of the page. > > Done! I also added two index entries. Great, thank you! I've sent two patches for next curve (the 256-bit 8.0c99 one) for review. I still hope to get most curves into next release. I'm perfectly fine with releasing nettle without additional curves though. -- With best wishes Dmitry ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH 0/2] two small fixes for ecc-gost branch
Dmitry Eremin-Solenikov writes: > This is strange. I have checked the e-mail from my 'sent' mailbox, it > applies cleanly. Anyway, I have uploaded the diff to paste server. You > can download and apply it: > https://paste.debian.net/1127852/ . The download link is close to the > bottom of the page. Done! I also added two index entries. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
[PATCH 2/2] Add support for GOST GC256C curve
From: Dmitry Baryshkov
Add support for GC256C curve ("TLS Supported Groups" registry,
draft-smyshlyaev-tls12-gost-suites) also known as
GostR3410-2001-CryptoPro-B (RFC 4357).
Signed-off-by: Dmitry Baryshkov
---
.gitignore | 1 +
Makefile.in | 10 +-
ecc-curve.h | 1 +
ecc-gost-gc256c.c | 191
ecc-internal.h | 1 +
eccdata.c | 32 ++
examples/ecc-benchmark.c| 1 +
nettle.texinfo | 8 ++
testsuite/gostdsa-sign-test.c | 11 ++
testsuite/gostdsa-verify-test.c | 11 ++
testsuite/testutils.c | 12 +-
11 files changed, 275 insertions(+), 4 deletions(-)
create mode 100644 ecc-gost-gc256c.c
diff --git a/.gitignore b/.gitignore
index 48e2b7f464da..a94d279e5d18 100644
--- a/.gitignore
+++ b/.gitignore
@@ -46,6 +46,7 @@ core
/ecc-curve25519.h
/ecc-curve448.h
/ecc-gost-gc256b.h
+/ecc-gost-gc256c.h
/ecc-gost-gc512a.h
/ecc-secp192r1.h
/ecc-secp224r1.h
diff --git a/Makefile.in b/Makefile.in
index f876e5e82197..9400a357fe81 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -176,7 +176,8 @@ hogweed_SOURCES = sexp.c sexp-format.c \
ecc-mod.c ecc-mod-inv.c \
ecc-mod-arith.c ecc-pp1-redc.c ecc-pm1-redc.c \
ecc-curve25519.c ecc-curve448.c \
- ecc-gost-gc256b.c ecc-gost-gc512a.c \
+ ecc-gost-gc256b.c ecc-gost-gc256c.c \
+ ecc-gost-gc512a.c \
ecc-secp192r1.c ecc-secp224r1.c ecc-secp256r1.c \
ecc-secp384r1.c ecc-secp521r1.c \
ecc-size.c ecc-j-to-a.c ecc-a-to-j.c \
@@ -387,6 +388,9 @@ ecc-curve448.h: eccdata.stamp
ecc-gost-gc256b.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) gost_gc256b 11 6 $(NUMB_BITS) > $@T && mv
$@T $@
+ecc-gost-gc256c.h: eccdata.stamp
+ ./eccdata$(EXEEXT_FOR_BUILD) gost_gc256c 11 6 $(NUMB_BITS) > $@T && mv
$@T $@
+
# Some reasonable choices for 512:
# k = 22, c = 6, S = 256, T = 110 ( 88 A + 22 D) 32 KB
# k = 29, c = 6, S = 192, T = 116 ( 87 A + 29 D) 24 KB
@@ -403,6 +407,7 @@ eccdata.stamp: eccdata.c
ecc-curve25519.$(OBJEXT): ecc-curve25519.h
ecc-curve448.$(OBJEXT): ecc-curve448.h
ecc-gost-gc256b.$(OBJEXT): ecc-gost-gc256b.h
+ecc-gost-gc256c.$(OBJEXT): ecc-gost-gc256c.h
ecc-gost-gc512a.$(OBJEXT): ecc-gost-gc512a.h
ecc-secp192r1.$(OBJEXT): ecc-secp192r1.h
ecc-secp224r1.$(OBJEXT): ecc-secp224r1.h
@@ -657,7 +662,8 @@ distcheck: dist
clean-here:
-rm -f $(TARGETS) *.$(OBJEXT) *.$(OBJEXT).d *.s *.so *.dll *.a \
ecc-curve25519.h ecc-curve448.h \
- ecc-gost-gc256b.h ecc-gost-gc512a.h \
+ ecc-gost-gc256b.h ecc-gost-gc256c.h \
+ ecc-gost-gc512a.h \
ecc-secp192r1.h ecc-secp224r1.h ecc-secp256r1.h \
ecc-secp384r1.h ecc-secp521r1.h \
aesdata$(EXEEXT_FOR_BUILD) \
diff --git a/ecc-curve.h b/ecc-curve.h
index 8f050404a944..30a33d43782b 100644
--- a/ecc-curve.h
+++ b/ecc-curve.h
@@ -44,6 +44,7 @@ extern "C" {
struct ecc_curve;
const struct ecc_curve * _NETTLE_ATTRIBUTE_PURE nettle_get_gost_gc256b(void);
+const struct ecc_curve * _NETTLE_ATTRIBUTE_PURE nettle_get_gost_gc256c(void);
const struct ecc_curve * _NETTLE_ATTRIBUTE_PURE nettle_get_gost_gc512a(void);
const struct ecc_curve * _NETTLE_ATTRIBUTE_PURE nettle_get_secp_192r1(void);
const struct ecc_curve * _NETTLE_ATTRIBUTE_PURE nettle_get_secp_224r1(void);
diff --git a/ecc-gost-gc256c.c b/ecc-gost-gc256c.c
new file mode 100644
index ..9725ff65e6e2
--- /dev/null
+++ b/ecc-gost-gc256c.c
@@ -0,0 +1,191 @@
+/* ecc-gost-gc256c.c
+
+ Compile time constant (but machine dependent) tables.
+
+ Copyright (C) 2016, 2019 Dmitry Eremin-Solenikov
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include
+
+#include "ecc.h"
+#include "ecc-internal.h"
+
+#define USE_REDC 0
+
+#include
[PATCH 1/2] Change ecc_mod_*mul_1 to be per-module callbacks
From: Dmitry Baryshkov
GOST curves will require different "fixups" for fast (mul X mod p)
operations. Move these operations to ecc_modulo structure and call them
via function pointer.
Signed-off-by: Dmitry Baryshkov
---
ecc-curve25519.c | 8
ecc-curve448.c| 8
ecc-gost-gc256b.c | 8
ecc-gost-gc512a.c | 8
ecc-internal.h| 32
ecc-mod-arith.c | 12 ++--
ecc-mul-m.c | 6 +++---
ecc-secp192r1.c | 8
ecc-secp224r1.c | 8
ecc-secp256r1.c | 8
ecc-secp384r1.c | 8
ecc-secp521r1.c | 8
12 files changed, 101 insertions(+), 21 deletions(-)
diff --git a/ecc-curve25519.c b/ecc-curve25519.c
index 0ad3017c9ebc..4ee80c8d4463 100644
--- a/ecc-curve25519.c
+++ b/ecc-curve25519.c
@@ -310,6 +310,10 @@ const struct ecc_curve _nettle_curve25519 =
ecc_curve25519_modp,
ecc_curve25519_inv,
ecc_curve25519_sqrt,
+
+ecc_mod_mul_1_std,
+ecc_mod_addmul_1_std,
+ecc_mod_submul_1_std,
},
{
253,
@@ -329,6 +333,10 @@ const struct ecc_curve _nettle_curve25519 =
ecc_curve25519_modq,
ecc_mod_inv,
NULL,
+
+NULL,
+NULL,
+NULL,
},
0, /* No redc */
diff --git a/ecc-curve448.c b/ecc-curve448.c
index c31a0eb26ba4..71634b855af8 100644
--- a/ecc-curve448.c
+++ b/ecc-curve448.c
@@ -288,6 +288,10 @@ const struct ecc_curve _nettle_curve448 =
ecc_curve448_modp,
ecc_curve448_inv,
ecc_curve448_sqrt,
+
+ecc_mod_mul_1_std,
+ecc_mod_addmul_1_std,
+ecc_mod_submul_1_std,
},
{
446,
@@ -307,6 +311,10 @@ const struct ecc_curve _nettle_curve448 =
ecc_mod, /* FIXME: Implement optimized reduce function */
ecc_mod_inv,
NULL,
+
+NULL,
+NULL,
+NULL,
},
0, /* No redc */
diff --git a/ecc-gost-gc256b.c b/ecc-gost-gc256b.c
index 8adc8e1763b9..acf3b56c8955 100644
--- a/ecc-gost-gc256b.c
+++ b/ecc-gost-gc256b.c
@@ -77,6 +77,10 @@ const struct ecc_curve _nettle_gost_gc256b =
ecc_gost_gc256b_modp,
ecc_mod_inv,
NULL,
+
+ecc_mod_mul_1_std,
+ecc_mod_addmul_1_std,
+ecc_mod_submul_1_std,
},
{
256,
@@ -96,6 +100,10 @@ const struct ecc_curve _nettle_gost_gc256b =
ecc_gost_gc256b_modq,
ecc_mod_inv,
NULL,
+
+NULL,
+NULL,
+NULL,
},
USE_REDC,
diff --git a/ecc-gost-gc512a.c b/ecc-gost-gc512a.c
index 6d210925b609..79d084f38d33 100644
--- a/ecc-gost-gc512a.c
+++ b/ecc-gost-gc512a.c
@@ -77,6 +77,10 @@ const struct ecc_curve _nettle_gost_gc512a =
ecc_gost_gc512a_modp,
ecc_mod_inv,
NULL,
+
+ecc_mod_mul_1_std,
+ecc_mod_addmul_1_std,
+ecc_mod_submul_1_std,
},
{
512,
@@ -96,6 +100,10 @@ const struct ecc_curve _nettle_gost_gc512a =
ecc_gost_gc512a_modq,
ecc_mod_inv,
NULL,
+
+NULL,
+NULL,
+NULL,
},
USE_REDC,
diff --git a/ecc-internal.h b/ecc-internal.h
index 0022e0ab6cc2..ddeb6d3cb1f3 100644
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -44,9 +44,9 @@
#define ecc_pm1_redc _nettle_ecc_pm1_redc
#define ecc_mod_add _nettle_ecc_mod_add
#define ecc_mod_sub _nettle_ecc_mod_sub
-#define ecc_mod_mul_1 _nettle_ecc_mod_mul_1
-#define ecc_mod_addmul_1 _nettle_ecc_mod_addmul_1
-#define ecc_mod_submul_1 _nettle_ecc_mod_submul_1
+#define ecc_mod_mul_1_std _nettle_ecc_mod_mul_1_std
+#define ecc_mod_addmul_1_std _nettle_ecc_mod_addmul_1_std
+#define ecc_mod_submul_1_std _nettle_ecc_mod_submul_1_std
#define ecc_mod_mul _nettle_ecc_mod_mul
#define ecc_mod_sqr _nettle_ecc_mod_sqr
#define ecc_mod_random _nettle_ecc_mod_random
@@ -146,6 +146,10 @@ typedef void ecc_h_to_a_func (const struct ecc_curve *ecc,
mp_limb_t *r, const mp_limb_t *p,
mp_limb_t *scratch);
+typedef void ecc_mod_mul_1_func (const struct ecc_modulo *m,
+mp_limb_t *rp,
+const mp_limb_t *ap, mp_limb_t b);
+
struct ecc_modulo
{
unsigned short bit_size;
@@ -170,6 +174,10 @@ struct ecc_modulo
ecc_mod_func *reduce;
ecc_mod_inv_func *invert;
ecc_mod_sqrt_func *sqrt;
+
+ ecc_mod_mul_1_func *mul_1;
+ ecc_mod_mul_1_func *addmul_1;
+ ecc_mod_mul_1_func *submul_1;
};
/* Represents an elliptic curve of the form
@@ -240,15 +248,15 @@ ecc_mod_sub (const struct ecc_modulo *m, mp_limb_t *rp,
const mp_limb_t *ap, const mp_limb_t *bp);
void
-ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp,
- const mp_limb_t *ap, const mp_limb_t b);
+ecc_mod_mul_1_std (const struct ecc_modulo *m, mp_limb_t *rp,
+ const mp_limb_t *ap, const mp_limb_t b);
void
-ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp,
- const mp_limb_t *ap, mp_limb_t b);
+ecc_mod_addmul_1_std (const struct ecc_modulo *m, mp_limb_t *rp,
+ const mp_limb_t *ap, mp_limb_t b);
void
-ecc_mod_submul_1 (const stru
Re: [PATCH 0/2] two small fixes for ecc-gost branch
Hello, сб, 25 янв. 2020 г. в 18:23, Niels Möller : > > Dmitry Eremin-Solenikov writes: > > > Thank you! What about GOST DSA v5 patches? > > Look good, I'm trying them out right now, before leaving for the next > airport. Running the benchmark, signing looks a bit faster than the > ecdsa variants, > > name size sign/ms verify/ms > >ecdsa 2563.02180.9877 >ecdsa 5210.70550.2278 > gostdsa 2563.74800.9381 > gostdsa 5120.96420.2403 > > The doc patch didn't apply cleanly, though, > > Applying: Add documentation for GOSTDSA and GOST curves. > error: corrupt patch at line 65 > error: could not build fake ancestor > > (I haven't looked into what the problem might be). This is strange. I have checked the e-mail from my 'sent' mailbox, it applies cleanly. Anyway, I have uploaded the diff to paste server. You can download and apply it: https://paste.debian.net/1127852/ . The download link is close to the bottom of the page. -- With best wishes Dmitry ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
