yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bigint: Store bit length of modulus in OwnedModulusWithOne.

Browse Source
This commit is contained in:
Brian Smith 2023-11-07 10:44:31 -08:00
parent d8e9a9172c
commit 2f01ebfe32
4 changed files with 33 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/arithmetic/bigint.rs
View File

@ -974,7 +974,7 @@ mod tests {
#[test]
fn test_modulus_debug() {
let (modulus, _) = OwnedModulusWithOne::<M>::from_be_bytes_with_bit_length(
let modulus = OwnedModulusWithOne::<M>::from_be_bytes(
untrusted::Input::from(&[0xff; LIMB_BYTES * MODULUS_MIN_LIMBS]),
cpu::features(),
)
@ -1011,12 +1011,7 @@ mod tests {
cpu_features: cpu::Features,
) -> OwnedModulusWithOne<M> {
let value = test_case.consume_bytes(name);
let (value, _) = OwnedModulusWithOne::from_be_bytes_with_bit_length(
untrusted::Input::from(&value),
cpu_features,
)
.unwrap();
value
OwnedModulusWithOne::from_be_bytes(untrusted::Input::from(&value), cpu_features).unwrap()
}
fn consume_nonnegative(test_case: &mut test::TestCase, name: &str) -> Nonnegative {

45
src/arithmetic/bigint/modulus.rs
View File

@ -20,7 +20,8 @@ use super::{
BoxedLimbs, Elem, Nonnegative, One, PublicModulus, SlightlySmallerModulus, SmallerModulus,
};
use crate::{
bits, cpu, error,
bits::BitLength,
cpu, error,
limb::{self, Limb, LimbMask, LIMB_BITS},
polyfill::LeadingZerosStripped,
};
@ -81,6 +82,8 @@ pub struct OwnedModulusWithOne<M> {
oneRR: One<M, RR>,
len_bits: BitLength,
cpu_features: cpu::Features,
}
@ -90,6 +93,7 @@ impl<M: PublicModulus> Clone for OwnedModulusWithOne<M> {
limbs: self.limbs.clone(),
n0: self.n0.clone(),
oneRR: self.oneRR.clone(),
len_bits: self.len_bits,
cpu_features: self.cpu_features,
}
}
@ -104,18 +108,18 @@ impl<M: PublicModulus> core::fmt::Debug for OwnedModulusWithOne<M> {
}
impl<M> OwnedModulusWithOne<M> {
pub(crate) fn from_be_bytes_with_bit_length(
pub(crate) fn from_be_bytes(
input: untrusted::Input,
cpu_features: cpu::Features,
) -> Result<(Self, bits::BitLength), error::KeyRejected> {
) -> Result<Self, error::KeyRejected> {
let limbs = BoxedLimbs::positive_minimal_width_from_be_bytes(input)?;
Self::from_boxed_limbs(limbs, cpu_features)
}
pub(crate) fn from_nonnegative_with_bit_length(
pub(crate) fn from_nonnegative(
n: Nonnegative,
cpu_features: cpu::Features,
) -> Result<(Self, bits::BitLength), error::KeyRejected> {
) -> Result<Self, error::KeyRejected> {
let limbs = BoxedLimbs::new_unchecked(n.into_limbs());
Self::from_boxed_limbs(limbs, cpu_features)
}
@ -127,17 +131,16 @@ impl<M> OwnedModulusWithOne<M> {
where
M: SlightlySmallerModulus<L>,
{
let (m, _bits) = Self::from_boxed_limbs(
Self::from_boxed_limbs(
BoxedLimbs::minimal_width_from_unpadded(&elem.limbs),
cpu_features,
)?;
Ok(m)
)
}
fn from_boxed_limbs(
n: BoxedLimbs<M>,
cpu_features: cpu::Features,
) -> Result<(Self, bits::BitLength), error::KeyRejected> {
) -> Result<Self, error::KeyRejected> {
if n.len() > MODULUS_MAX_LIMBS {
return Err(error::KeyRejected::too_large());
}
@ -171,7 +174,7 @@ impl<M> OwnedModulusWithOne<M> {
N0::from(unsafe { bn_neg_inv_mod_r_u64(n_mod_r) })
};
let bits = limb::limbs_minimal_bits(&n);
let len_bits = limb::limbs_minimal_bits(&n);
let oneRR = {
let partial = Modulus {
limbs: &n,
@ -180,18 +183,16 @@ impl<M> OwnedModulusWithOne<M> {
cpu_features,
};
One::newRR(&partial, bits)
One::newRR(&partial, len_bits)
};
Ok((
Self {
limbs: n,
n0,
oneRR,
cpu_features,
},
bits,
))
Ok(Self {
limbs: n,
n0,
oneRR,
len_bits,
cpu_features,
})
}
pub fn oneRR(&self) -> &One<M, RR> {
@ -217,6 +218,10 @@ impl<M> OwnedModulusWithOne<M> {
cpu_features: self.cpu_features,
}
}
pub fn len_bits(&self) -> BitLength {
self.len_bits
}
}
impl<M: PublicModulus> OwnedModulusWithOne<M> {

5
src/rsa/keypair.rs
View File

@ -486,9 +486,8 @@ impl<M: Prime> PrivatePrime<M> {
dP: untrusted::Input,
cpu_features: cpu::Features,
) -> Result<Self, KeyRejected> {
let (p, p_bits) =
bigint::OwnedModulusWithOne::from_nonnegative_with_bit_length(p, cpu_features)?;
if p_bits.as_usize_bits() % 512 != 0 {
let p = bigint::OwnedModulusWithOne::from_nonnegative(p, cpu_features)?;
if p.len_bits().as_usize_bits() % 512 != 0 {
return Err(error::KeyRejected::private_modulus_len_not_multiple_of_512_bits());
}

9
src/rsa/public_modulus.rs
View File

@ -5,7 +5,6 @@ use core::ops::RangeInclusive;
#[derive(Clone)]
pub struct PublicModulus {
value: bigint::OwnedModulusWithOne<N>,
bits: bits::BitLength,
}
/*
@ -33,8 +32,8 @@ impl PublicModulus {
const MIN_BITS: bits::BitLength = bits::BitLength::from_usize_bits(1024);
// Step 3 / Step c for `n` (out of order).
let (value, bits) =
bigint::OwnedModulusWithOne::from_be_bytes_with_bit_length(n, cpu_features)?;
let value = bigint::OwnedModulusWithOne::from_be_bytes(n, cpu_features)?;
let bits = value.len_bits();
// Step 1 / Step a. XXX: SP800-56Br1 and SP800-89 require the length of
// the public modulus to be exactly 2048 or 3072 bits, but we are more
@ -49,7 +48,7 @@ impl PublicModulus {
return Err(error::KeyRejected::too_large());
}
Ok(Self { value, bits })
Ok(Self { value })
}
/// The big-endian encoding of the modulus.
@ -61,7 +60,7 @@ impl PublicModulus {
/// The length of the modulus in bits.
pub fn len_bits(&self) -> bits::BitLength {
self.bits
self.value.len_bits()
}
pub(super) fn value(&self) -> &bigint::OwnedModulusWithOne<N> {