yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor away parse_big_endian_in_range_partially_reduced_and_pad_consttime.

Browse Source 
It only had one caller and it contained unreached code.
This commit is contained in:
Brian Smith 2023-11-22 11:39:28 -08:00
parent 57fc4860d0
commit 3afbcc5dc5
3 changed files with 8 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/ec/suite_b/ecdsa/digest_scalar.rs
View File

@ -14,11 +14,7 @@
//! ECDSA Signatures using the P-256 and P-384 curves. //! ECDSA Signatures using the P-256 and P-384 curves.
use crate::{ use crate::{digest, ec::suite_b::ops::*, limb::LIMB_BYTES};
digest,
ec::suite_b::ops::*,
limb::{self, LIMB_BYTES},
};
/// Calculate the digest of `msg` using the digest algorithm `digest_alg`. Then /// Calculate the digest of `msg` using the digest algorithm `digest_alg`. Then
/// convert the digest to a scalar in the range [0, n) as described in /// convert the digest to a scalar in the range [0, n) as described in
@ -68,7 +64,6 @@ fn digest_scalar_(ops: &ScalarOps, digest: &[u8]) -> Scalar {
scalar_parse_big_endian_partially_reduced_variable_consttime( scalar_parse_big_endian_partially_reduced_variable_consttime(
cops, cops,
limb::AllowZero::Yes,
untrusted::Input::from(digest), untrusted::Input::from(digest),
) )
.unwrap() .unwrap()

14
src/ec/suite_b/ops.rs
View File

@ -393,16 +393,16 @@ pub fn scalar_parse_big_endian_variable(
pub fn scalar_parse_big_endian_partially_reduced_variable_consttime( pub fn scalar_parse_big_endian_partially_reduced_variable_consttime(
ops: &CommonOps, ops: &CommonOps,
allow_zero: AllowZero,
bytes: untrusted::Input, bytes: untrusted::Input,
) -> Result<Scalar, error::Unspecified> { ) -> Result<Scalar, error::Unspecified> {
let mut r = Scalar::zero(); let mut r = Scalar::zero();
parse_big_endian_in_range_partially_reduced_and_pad_consttime(
bytes, {
allow_zero, let r = &mut r.limbs[..ops.num_limbs];
&ops.n.limbs[..ops.num_limbs], parse_big_endian_and_pad_consttime(bytes, r)?;
&mut r.limbs[..ops.num_limbs], limbs_reduce_once_constant_time(r, &ops.n.limbs[..ops.num_limbs]);
)?; }
Ok(r) Ok(r)
} }

22
src/limb.rs
View File

@ -141,28 +141,6 @@ pub enum AllowZero {
Yes, Yes,
} }
/// Parses `input` into `result`, reducing it via conditional subtraction
/// (mod `m`). Assuming 2**((self.num_limbs * LIMB_BITS) - 1) < m and
/// m < 2**(self.num_limbs * LIMB_BITS), the value will be reduced mod `m` in
/// constant time so that the result is in the range [0, m) if `allow_zero` is
/// `AllowZero::Yes`, or [1, m) if `allow_zero` is `AllowZero::No`. `result` is
/// padded with zeros to its length.
pub fn parse_big_endian_in_range_partially_reduced_and_pad_consttime(
input: untrusted::Input,
allow_zero: AllowZero,
m: &[Limb],
result: &mut [Limb],
) -> Result<(), error::Unspecified> {
parse_big_endian_and_pad_consttime(input, result)?;
limbs_reduce_once_constant_time(result, m);
if allow_zero != AllowZero::Yes {
if limbs_are_zero_constant_time(result) != LimbMask::False {
return Err(error::Unspecified);
}
}
Ok(())
}
/// Parses `input` into `result`, verifies that the value is less than /// Parses `input` into `result`, verifies that the value is less than
/// `max_exclusive`, and pads `result` with zeros to its length. If `allow_zero` /// `max_exclusive`, and pads `result` with zeros to its length. If `allow_zero`
/// is not `AllowZero::Yes`, zero values are rejected. /// is not `AllowZero::Yes`, zero values are rejected.