1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 01:37:36 +00:00

LibCrypto: Move all elliptic curve private methods into .cpp

All the elliptic curve implementations had a long list of private
methods which were all stored in a single .cpp file. Now we simply use
static methods instead.
This commit is contained in:
Michiel Visser 2022-03-18 19:18:29 +01:00 committed by Ali Mohammad Pur
parent 596391a4ee
commit e07ec02470
6 changed files with 171 additions and 220 deletions

View file

@ -14,6 +14,14 @@
namespace Crypto::Curves {
static constexpr u256 REDUCE_PRIME { u128 { 0x0000000000000001ull, 0xffffffff00000000ull }, u128 { 0xffffffffffffffffull, 0x00000000fffffffe } };
static constexpr u256 REDUCE_ORDER { u128 { 0x0c46353d039cdaafull, 0x4319055258e8617bull }, u128 { 0x0000000000000000ull, 0x00000000ffffffff } };
static constexpr u256 PRIME_INVERSE_MOD_R { u128 { 0x0000000000000001ull, 0x0000000100000000ull }, u128 { 0x0000000000000000ull, 0xffffffff00000002ull } };
static constexpr u256 PRIME { u128 { 0xffffffffffffffffull, 0x00000000ffffffffull }, u128 { 0x0000000000000000ull, 0xffffffff00000001ull } };
static constexpr u256 R2_MOD_PRIME { u128 { 0x0000000000000003ull, 0xfffffffbffffffffull }, u128 { 0xfffffffffffffffeull, 0x00000004fffffffdull } };
static constexpr u256 ONE { 1u };
static constexpr u256 B_MONTGOMERY { u128 { 0xd89cdf6229c4bddfull, 0xacf005cd78843090ull }, u128 { 0xe5a220abf7212ed6ull, 0xdc30061d04874834ull } };
static u256 import_big_endian(ReadonlyBytes data)
{
VERIFY(data.size() == 32);
@ -53,7 +61,7 @@ static u512 multiply(u256 const& left, u256 const& right)
return { result.low, result.high };
}
u256 SECP256r1::modular_reduce(u256 const& value)
static u256 modular_reduce(u256 const& value)
{
// Add -prime % 2^256 = 2^224-2^192-2^96+1
bool carry = false;
@ -63,7 +71,7 @@ u256 SECP256r1::modular_reduce(u256 const& value)
return select(value, other, carry);
}
u256 SECP256r1::modular_reduce_order(u256 const& value)
static u256 modular_reduce_order(u256 const& value)
{
// Add -order % 2^256
bool carry = false;
@ -73,7 +81,7 @@ u256 SECP256r1::modular_reduce_order(u256 const& value)
return select(value, other, carry);
}
u256 SECP256r1::modular_add(u256 const& left, u256 const& right, bool carry_in)
static u256 modular_add(u256 const& left, u256 const& right, bool carry_in = false)
{
bool carry = carry_in;
u256 output = left.addc(right, carry);
@ -90,7 +98,7 @@ u256 SECP256r1::modular_add(u256 const& left, u256 const& right, bool carry_in)
return output + addend;
}
u256 SECP256r1::modular_sub(u256 const& left, u256 const& right)
static u256 modular_sub(u256 const& left, u256 const& right)
{
bool borrow = false;
u256 output = left.subc(right, borrow);
@ -107,7 +115,7 @@ u256 SECP256r1::modular_sub(u256 const& left, u256 const& right)
return output - sub;
}
u256 SECP256r1::modular_multiply(u256 const& left, u256 const& right)
static u256 modular_multiply(u256 const& left, u256 const& right)
{
// Modular multiplication using the Montgomery method: https://en.wikipedia.org/wiki/Montgomery_modular_multiplication
// This requires that the inputs to this function are in Montgomery form.
@ -129,22 +137,22 @@ u256 SECP256r1::modular_multiply(u256 const& left, u256 const& right)
return modular_add(mult.high(), mp.high(), carry);
}
u256 SECP256r1::modular_square(u256 const& value)
static u256 modular_square(u256 const& value)
{
return modular_multiply(value, value);
}
u256 SECP256r1::to_montgomery(u256 const& value)
static u256 to_montgomery(u256 const& value)
{
return modular_multiply(value, R2_MOD_PRIME);
}
u256 SECP256r1::from_montgomery(u256 const& value)
static u256 from_montgomery(u256 const& value)
{
return modular_multiply(value, ONE);
}
u256 SECP256r1::modular_inverse(u256 const& value)
static u256 modular_inverse(u256 const& value)
{
// Modular inverse modulo the curve prime can be computed using Fermat's little theorem: a^(p-2) mod p = a^-1 mod p.
// Calculating a^(p-2) mod p can be done using the square-and-multiply exponentiation method, as p-2 is constant.
@ -193,7 +201,7 @@ u256 SECP256r1::modular_inverse(u256 const& value)
return result;
}
void SECP256r1::point_double(JacobianPoint& output_point, JacobianPoint const& point)
static void point_double(JacobianPoint& output_point, JacobianPoint const& point)
{
// Based on "Point Doubling" from http://point-at-infinity.org/ecc/Prime_Curve_Jacobian_Coordinates.html
@ -247,7 +255,7 @@ void SECP256r1::point_double(JacobianPoint& output_point, JacobianPoint const& p
output_point.z = zp;
}
void SECP256r1::point_add(JacobianPoint& output_point, JacobianPoint const& point_a, JacobianPoint const& point_b)
static void point_add(JacobianPoint& output_point, JacobianPoint const& point_a, JacobianPoint const& point_b)
{
// Based on "Point Addition" from http://point-at-infinity.org/ecc/Prime_Curve_Jacobian_Coordinates.html
if (point_a.x.is_zero_constant_time() && point_a.y.is_zero_constant_time() && point_a.z.is_zero_constant_time()) {
@ -314,7 +322,7 @@ void SECP256r1::point_add(JacobianPoint& output_point, JacobianPoint const& poin
output_point.z = z3;
}
void SECP256r1::convert_jacobian_to_affine(JacobianPoint& point)
static void convert_jacobian_to_affine(JacobianPoint& point)
{
u256 temp;
// X' = X/Z^2
@ -328,7 +336,7 @@ void SECP256r1::convert_jacobian_to_affine(JacobianPoint& point)
point.y = modular_multiply(point.y, temp);
}
bool SECP256r1::is_point_on_curve(JacobianPoint const& point)
static bool is_point_on_curve(JacobianPoint const& point)
{
// This check requires the point to be in Montgomery form, with Z=1
u256 temp, temp2;