ble_mesh: Format source and header files of tinycrypt
This commit is contained in:
lly
bot
parent
f1f3c7afd6
commit
3c0584f013
28 changed files with 2128 additions and 2123 deletions
|
|
@ -62,7 +62,7 @@ extern "C" {
|
|||
#define TC_AES_KEY_SIZE (Nb*Nk)
|
||||
|
||||
typedef struct tc_aes_key_sched_struct {
|
||||
unsigned int words[Nb*(Nr+1)];
|
||||
unsigned int words[Nb * (Nr + 1)];
|
||||
} *TCAesKeySched_t;
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -110,21 +110,21 @@ extern "C" {
|
|||
|
||||
/* struct tc_cmac_struct represents the state of a CMAC computation */
|
||||
typedef struct tc_cmac_struct {
|
||||
/* initialization vector */
|
||||
/* initialization vector */
|
||||
uint8_t iv[TC_AES_BLOCK_SIZE];
|
||||
/* used if message length is a multiple of block_size bytes */
|
||||
/* used if message length is a multiple of block_size bytes */
|
||||
uint8_t K1[TC_AES_BLOCK_SIZE];
|
||||
/* used if message length isn't a multiple block_size bytes */
|
||||
/* used if message length isn't a multiple block_size bytes */
|
||||
uint8_t K2[TC_AES_BLOCK_SIZE];
|
||||
/* where to put bytes that didn't fill a block */
|
||||
/* where to put bytes that didn't fill a block */
|
||||
uint8_t leftover[TC_AES_BLOCK_SIZE];
|
||||
/* identifies the encryption key */
|
||||
/* identifies the encryption key */
|
||||
unsigned int keyid;
|
||||
/* next available leftover location */
|
||||
/* next available leftover location */
|
||||
unsigned int leftover_offset;
|
||||
/* AES key schedule */
|
||||
/* AES key schedule */
|
||||
TCAesKeySched_t sched;
|
||||
/* calls to tc_cmac_update left before re-key */
|
||||
/* calls to tc_cmac_update left before re-key */
|
||||
uint64_t countdown;
|
||||
} *TCCmacState_t;
|
||||
|
||||
|
|
|
|||
|
|
@ -98,10 +98,10 @@ typedef struct {
|
|||
* @param plen IN -- personalization length in bytes
|
||||
*
|
||||
*/
|
||||
int tc_ctr_prng_init(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const entropy,
|
||||
int tc_ctr_prng_init(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const entropy,
|
||||
unsigned int entropyLen,
|
||||
uint8_t const * const personalization,
|
||||
uint8_t const *const personalization,
|
||||
unsigned int pLen);
|
||||
|
||||
/**
|
||||
|
|
@ -123,10 +123,10 @@ int tc_ctr_prng_init(TCCtrPrng_t * const ctx,
|
|||
* @param additional_input IN -- additional input to the prng (may be null)
|
||||
* @param additionallen IN -- additional input length in bytes
|
||||
*/
|
||||
int tc_ctr_prng_reseed(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const entropy,
|
||||
int tc_ctr_prng_reseed(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const entropy,
|
||||
unsigned int entropyLen,
|
||||
uint8_t const * const additional_input,
|
||||
uint8_t const *const additional_input,
|
||||
unsigned int additionallen);
|
||||
|
||||
/**
|
||||
|
|
@ -145,10 +145,10 @@ int tc_ctr_prng_reseed(TCCtrPrng_t * const ctx,
|
|||
* @param out IN/OUT -- buffer to receive output
|
||||
* @param outlen IN -- size of out buffer in bytes
|
||||
*/
|
||||
int tc_ctr_prng_generate(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const additional_input,
|
||||
int tc_ctr_prng_generate(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const additional_input,
|
||||
unsigned int additionallen,
|
||||
uint8_t * const out,
|
||||
uint8_t *const out,
|
||||
unsigned int outlen);
|
||||
|
||||
/**
|
||||
|
|
@ -157,7 +157,7 @@ int tc_ctr_prng_generate(TCCtrPrng_t * const ctx,
|
|||
* @return none
|
||||
* @param ctx IN/OUT -- the PRNG context
|
||||
*/
|
||||
void tc_ctr_prng_uninstantiate(TCCtrPrng_t * const ctx);
|
||||
void tc_ctr_prng_uninstantiate(TCCtrPrng_t *const ctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ typedef uint64_t uECC_dword_t;
|
|||
|
||||
/* structure that represents an elliptic curve (e.g. p256):*/
|
||||
struct uECC_Curve_t;
|
||||
typedef const struct uECC_Curve_t * uECC_Curve;
|
||||
typedef const struct uECC_Curve_t *uECC_Curve;
|
||||
struct uECC_Curve_t {
|
||||
wordcount_t num_words;
|
||||
wordcount_t num_bytes;
|
||||
|
|
@ -117,7 +117,7 @@ struct uECC_Curve_t {
|
|||
uECC_word_t n[NUM_ECC_WORDS];
|
||||
uECC_word_t G[NUM_ECC_WORDS * 2];
|
||||
uECC_word_t b[NUM_ECC_WORDS];
|
||||
void (*double_jacobian)(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * Z1,
|
||||
void (*double_jacobian)(uECC_word_t *X1, uECC_word_t *Y1, uECC_word_t *Z1,
|
||||
uECC_Curve curve);
|
||||
void (*x_side)(uECC_word_t *result, const uECC_word_t *x, uECC_Curve curve);
|
||||
void (*mmod_fast)(uECC_word_t *result, uECC_word_t *product);
|
||||
|
|
@ -130,8 +130,8 @@ struct uECC_Curve_t {
|
|||
* @param Z1 IN/OUT -- z coordinate
|
||||
* @param curve IN -- elliptic curve
|
||||
*/
|
||||
void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1,
|
||||
uECC_word_t * Z1, uECC_Curve curve);
|
||||
void double_jacobian_default(uECC_word_t *X1, uECC_word_t *Y1,
|
||||
uECC_word_t *Z1, uECC_Curve curve);
|
||||
|
||||
/*
|
||||
* @brief Computes x^3 + ax + b. result must not overlap x.
|
||||
|
|
@ -285,7 +285,7 @@ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result,
|
|||
* @param k1 IN/OUT -- regularized k
|
||||
* @param curve IN -- elliptic curve
|
||||
*/
|
||||
uECC_word_t regularize_k(const uECC_word_t * const k, uECC_word_t *k0,
|
||||
uECC_word_t regularize_k(const uECC_word_t *const k, uECC_word_t *k0,
|
||||
uECC_word_t *k1, uECC_Curve curve);
|
||||
|
||||
/*
|
||||
|
|
@ -299,8 +299,8 @@ uECC_word_t regularize_k(const uECC_word_t * const k, uECC_word_t *k0,
|
|||
* @param num_bits IN -- number of bits in scalar
|
||||
* @param curve IN -- elliptic curve
|
||||
*/
|
||||
void EccPoint_mult(uECC_word_t * result, const uECC_word_t * point,
|
||||
const uECC_word_t * scalar, const uECC_word_t * initial_Z,
|
||||
void EccPoint_mult(uECC_word_t *result, const uECC_word_t *point,
|
||||
const uECC_word_t *scalar, const uECC_word_t *initial_Z,
|
||||
bitcount_t num_bits, uECC_Curve curve);
|
||||
|
||||
/*
|
||||
|
|
@ -364,8 +364,8 @@ void uECC_vli_modSub(uECC_word_t *result, const uECC_word_t *left,
|
|||
* @param Y2 IN -- y coordinate of Q
|
||||
* @param curve IN -- elliptic curve
|
||||
*/
|
||||
void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * X2,
|
||||
uECC_word_t * Y2, uECC_Curve curve);
|
||||
void XYcZ_add(uECC_word_t *X1, uECC_word_t *Y1, uECC_word_t *X2,
|
||||
uECC_word_t *Y2, uECC_Curve curve);
|
||||
|
||||
/*
|
||||
* @brief Computes (x1 * z^2, y1 * z^3)
|
||||
|
|
@ -374,7 +374,7 @@ void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * X2,
|
|||
* @param Z IN -- z value
|
||||
* @param curve IN -- elliptic curve
|
||||
*/
|
||||
void apply_z(uECC_word_t * X1, uECC_word_t * Y1, const uECC_word_t * const Z,
|
||||
void apply_z(uECC_word_t *X1, uECC_word_t *Y1, const uECC_word_t *const Z,
|
||||
uECC_Curve curve);
|
||||
|
||||
/*
|
||||
|
|
@ -520,7 +520,7 @@ int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve);
|
|||
*/
|
||||
int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve);
|
||||
|
||||
/*
|
||||
/*
|
||||
* @brief Converts an integer in uECC native format to big-endian bytes.
|
||||
* @param bytes OUT -- bytes representation
|
||||
* @param num_bytes IN -- number of bytes
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ struct tc_hmac_state_struct {
|
|||
/* the internal state required by h */
|
||||
struct tc_sha256_state_struct hash_state;
|
||||
/* HMAC key schedule */
|
||||
uint8_t key[2*TC_SHA256_BLOCK_SIZE];
|
||||
uint8_t key[2 * TC_SHA256_BLOCK_SIZE];
|
||||
};
|
||||
typedef struct tc_hmac_state_struct *TCHmacState_t;
|
||||
|
||||
|
|
|
|||
|
|
@ -80,12 +80,12 @@ static inline void mult_row_column(uint8_t *out, const uint8_t *in)
|
|||
|
||||
static inline void inv_mix_columns(uint8_t *s)
|
||||
{
|
||||
uint8_t t[Nb*Nk];
|
||||
uint8_t t[Nb * Nk];
|
||||
|
||||
mult_row_column(t, s);
|
||||
mult_row_column(&t[Nb], s+Nb);
|
||||
mult_row_column(&t[2*Nb], s+(2*Nb));
|
||||
mult_row_column(&t[3*Nb], s+(3*Nb));
|
||||
mult_row_column(&t[Nb], s + Nb);
|
||||
mult_row_column(&t[2 * Nb], s + (2 * Nb));
|
||||
mult_row_column(&t[3 * Nb], s + (3 * Nb));
|
||||
(void)_copy(s, sizeof(t), t, sizeof(t));
|
||||
}
|
||||
|
||||
|
|
@ -105,7 +105,7 @@ static inline void inv_sub_bytes(uint8_t *s)
|
|||
{
|
||||
unsigned int i;
|
||||
|
||||
for (i = 0; i < (Nb*Nk); ++i) {
|
||||
for (i = 0; i < (Nb * Nk); ++i) {
|
||||
s[i] = inv_sbox[s[i]];
|
||||
}
|
||||
}
|
||||
|
|
@ -117,7 +117,7 @@ static inline void inv_sub_bytes(uint8_t *s)
|
|||
*/
|
||||
static inline void inv_shift_rows(uint8_t *s)
|
||||
{
|
||||
uint8_t t[Nb*Nk];
|
||||
uint8_t t[Nb * Nk];
|
||||
|
||||
t[0] = s[0]; t[1] = s[13]; t[2] = s[10]; t[3] = s[7];
|
||||
t[4] = s[4]; t[5] = s[1]; t[6] = s[14]; t[7] = s[11];
|
||||
|
|
@ -128,7 +128,7 @@ static inline void inv_shift_rows(uint8_t *s)
|
|||
|
||||
int tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
|
||||
{
|
||||
uint8_t state[Nk*Nb];
|
||||
uint8_t state[Nk * Nb];
|
||||
unsigned int i;
|
||||
|
||||
if (out == (uint8_t *) 0) {
|
||||
|
|
@ -141,12 +141,12 @@ int tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
|
|||
|
||||
(void)_copy(state, sizeof(state), in, sizeof(state));
|
||||
|
||||
add_round_key(state, s->words + Nb*Nr);
|
||||
add_round_key(state, s->words + Nb * Nr);
|
||||
|
||||
for (i = Nr - 1; i > 0; --i) {
|
||||
inv_shift_rows(state);
|
||||
inv_sub_bytes(state);
|
||||
add_round_key(state, s->words + Nb*i);
|
||||
add_round_key(state, s->words + Nb * i);
|
||||
inv_mix_columns(state);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ static const uint8_t sbox[256] = {
|
|||
|
||||
static inline unsigned int rotword(unsigned int a)
|
||||
{
|
||||
return (((a) >> 24)|((a) << 8));
|
||||
return (((a) >> 24) | ((a) << 8));
|
||||
}
|
||||
|
||||
#define subbyte(a, o)(sbox[((a) >> (o))&0xff] << (o))
|
||||
|
|
@ -83,16 +83,16 @@ int tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k)
|
|||
}
|
||||
|
||||
for (i = 0; i < Nk; ++i) {
|
||||
s->words[i] = (k[Nb*i]<<24) | (k[Nb*i+1]<<16) |
|
||||
(k[Nb*i+2]<<8) | (k[Nb*i+3]);
|
||||
s->words[i] = (k[Nb * i] << 24) | (k[Nb * i + 1] << 16) |
|
||||
(k[Nb * i + 2] << 8) | (k[Nb * i + 3]);
|
||||
}
|
||||
|
||||
for (; i < (Nb * (Nr + 1)); ++i) {
|
||||
t = s->words[i-1];
|
||||
t = s->words[i - 1];
|
||||
if ((i % Nk) == 0) {
|
||||
t = subword(rotword(t)) ^ rconst[i/Nk];
|
||||
t = subword(rotword(t)) ^ rconst[i / Nk];
|
||||
}
|
||||
s->words[i] = s->words[i-Nk] ^ t;
|
||||
s->words[i] = s->words[i - Nk] ^ t;
|
||||
}
|
||||
|
||||
return TC_CRYPTO_SUCCESS;
|
||||
|
|
@ -131,10 +131,10 @@ static inline void mult_row_column(uint8_t *out, const uint8_t *in)
|
|||
|
||||
static inline void mix_columns(uint8_t *s)
|
||||
{
|
||||
uint8_t t[Nb*Nk];
|
||||
uint8_t t[Nb * Nk];
|
||||
|
||||
mult_row_column(t, s);
|
||||
mult_row_column(&t[Nb], s+Nb);
|
||||
mult_row_column(&t[Nb], s + Nb);
|
||||
mult_row_column(&t[2 * Nb], s + (2 * Nb));
|
||||
mult_row_column(&t[3 * Nb], s + (3 * Nb));
|
||||
(void) _copy(s, sizeof(t), t, sizeof(t));
|
||||
|
|
@ -157,7 +157,7 @@ static inline void shift_rows(uint8_t *s)
|
|||
|
||||
int tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
|
||||
{
|
||||
uint8_t state[Nk*Nb];
|
||||
uint8_t state[Nk * Nb];
|
||||
unsigned int i;
|
||||
|
||||
if (out == (uint8_t *) 0) {
|
||||
|
|
@ -175,12 +175,12 @@ int tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
|
|||
sub_bytes(state);
|
||||
shift_rows(state);
|
||||
mix_columns(state);
|
||||
add_round_key(state, s->words + Nb*(i+1));
|
||||
add_round_key(state, s->words + Nb * (i + 1));
|
||||
}
|
||||
|
||||
sub_bytes(state);
|
||||
shift_rows(state);
|
||||
add_round_key(state, s->words + Nb*(i+1));
|
||||
add_round_key(state, s->words + Nb * (i + 1));
|
||||
|
||||
(void)_copy(out, sizeof(state), state, sizeof(state));
|
||||
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@ static int ccm_ctr_mode(uint8_t *out, unsigned int outlen, const uint8_t *in,
|
|||
(void) _copy(nonce, sizeof(nonce), ctr, sizeof(nonce));
|
||||
|
||||
/* select the last 2 bytes of the nonce to be incremented */
|
||||
block_num = (uint16_t) ((nonce[14] << 8)|(nonce[15]));
|
||||
block_num = (uint16_t) ((nonce[14] << 8) | (nonce[15]));
|
||||
for (i = 0; i < inlen; ++i) {
|
||||
if ((i % (TC_AES_BLOCK_SIZE)) == 0) {
|
||||
block_num++;
|
||||
|
|
@ -158,7 +158,7 @@ int tc_ccm_generation_encryption(uint8_t *out, unsigned int olen,
|
|||
/* GENERATING THE AUTHENTICATION TAG: */
|
||||
|
||||
/* formatting the sequence b for authentication: */
|
||||
b[0] = ((alen > 0) ? 0x40:0) | (((c->mlen - 2) / 2 << 3)) | (1);
|
||||
b[0] = ((alen > 0) ? 0x40 : 0) | (((c->mlen - 2) / 2 << 3)) | (1);
|
||||
for (i = 1; i <= 13; ++i) {
|
||||
b[i] = c->nonce[i - 1];
|
||||
}
|
||||
|
|
@ -239,7 +239,7 @@ int tc_ccm_decryption_verification(uint8_t *out, unsigned int olen,
|
|||
/* VERIFYING THE AUTHENTICATION TAG: */
|
||||
|
||||
/* formatting the sequence b for authentication: */
|
||||
b[0] = ((alen > 0) ? 0x40:0)|(((c->mlen - 2) / 2 << 3)) | (1);
|
||||
b[0] = ((alen > 0) ? 0x40 : 0) | (((c->mlen - 2) / 2 << 3)) | (1);
|
||||
for (i = 1; i < 14; ++i) {
|
||||
b[i] = c->nonce[i - 1];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ int tc_ctr_mode(uint8_t *out, unsigned int outlen, const uint8_t *in,
|
|||
}
|
||||
}
|
||||
/* update the output */
|
||||
*out++ = buffer[i%(TC_AES_BLOCK_SIZE)] ^ *in++;
|
||||
*out++ = buffer[i % (TC_AES_BLOCK_SIZE)] ^ *in++;
|
||||
}
|
||||
|
||||
/* update the counter */
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ static void arrInc(uint8_t arr[], unsigned int len)
|
|||
unsigned int i;
|
||||
if (0 != arr) {
|
||||
for (i = len; i > 0U; i--) {
|
||||
if (++arr[i-1] != 0U) {
|
||||
if (++arr[i - 1] != 0U) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
@ -71,7 +71,7 @@ static void arrInc(uint8_t arr[], unsigned int len)
|
|||
* @param ctx IN/OUT -- CTR PRNG state
|
||||
* @param providedData IN -- data used when updating the internal state
|
||||
*/
|
||||
static void tc_ctr_prng_update(TCCtrPrng_t * const ctx, uint8_t const * const providedData)
|
||||
static void tc_ctr_prng_update(TCCtrPrng_t *const ctx, uint8_t const *const providedData)
|
||||
{
|
||||
if (0 != ctx) {
|
||||
/* 10.2.1.2 step 1 */
|
||||
|
|
@ -114,10 +114,10 @@ static void tc_ctr_prng_update(TCCtrPrng_t * const ctx, uint8_t const * const pr
|
|||
}
|
||||
}
|
||||
|
||||
int tc_ctr_prng_init(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const entropy,
|
||||
int tc_ctr_prng_init(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const entropy,
|
||||
unsigned int entropyLen,
|
||||
uint8_t const * const personalization,
|
||||
uint8_t const *const personalization,
|
||||
unsigned int pLen)
|
||||
{
|
||||
int result = TC_CRYPTO_FAIL;
|
||||
|
|
@ -161,10 +161,10 @@ int tc_ctr_prng_init(TCCtrPrng_t * const ctx,
|
|||
return result;
|
||||
}
|
||||
|
||||
int tc_ctr_prng_reseed(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const entropy,
|
||||
int tc_ctr_prng_reseed(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const entropy,
|
||||
unsigned int entropyLen,
|
||||
uint8_t const * const additional_input,
|
||||
uint8_t const *const additional_input,
|
||||
unsigned int additionallen)
|
||||
{
|
||||
unsigned int i;
|
||||
|
|
@ -202,10 +202,10 @@ int tc_ctr_prng_reseed(TCCtrPrng_t * const ctx,
|
|||
return result;
|
||||
}
|
||||
|
||||
int tc_ctr_prng_generate(TCCtrPrng_t * const ctx,
|
||||
uint8_t const * const additional_input,
|
||||
int tc_ctr_prng_generate(TCCtrPrng_t *const ctx,
|
||||
uint8_t const *const additional_input,
|
||||
unsigned int additionallen,
|
||||
uint8_t * const out,
|
||||
uint8_t *const out,
|
||||
unsigned int outlen)
|
||||
{
|
||||
/* 2^48 - see section 10.2.1 */
|
||||
|
|
@ -269,7 +269,7 @@ int tc_ctr_prng_generate(TCCtrPrng_t * const ctx,
|
|||
return result;
|
||||
}
|
||||
|
||||
void tc_ctr_prng_uninstantiate(TCCtrPrng_t * const ctx)
|
||||
void tc_ctr_prng_uninstantiate(TCCtrPrng_t *const ctx)
|
||||
{
|
||||
if (0 != ctx) {
|
||||
memset(ctx->key.words, 0x00, sizeof ctx->key.words);
|
||||
|
|
|
|||
|
|
@ -183,7 +183,7 @@ uECC_word_t uECC_vli_equal(const uECC_word_t *left, const uECC_word_t *right,
|
|||
|
||||
uECC_word_t cond_set(uECC_word_t p_true, uECC_word_t p_false, unsigned int cond)
|
||||
{
|
||||
return (p_true*(cond)) | (p_false*(!cond));
|
||||
return (p_true * (cond)) | (p_false * (!cond));
|
||||
}
|
||||
|
||||
/* Computes result = left - right, returning borrow, in constant time.
|
||||
|
|
@ -333,7 +333,7 @@ void uECC_vli_mmod(uECC_word_t *result, uECC_word_t *product,
|
|||
uECC_word_t carry = 0;
|
||||
uECC_vli_clear(mod_multiple, word_shift);
|
||||
if (bit_shift > 0) {
|
||||
for(index = 0; index < (uECC_word_t)num_words; ++index) {
|
||||
for (index = 0; index < (uECC_word_t)num_words; ++index) {
|
||||
mod_multiple[word_shift + index] = (mod[index] << bit_shift) | carry;
|
||||
carry = mod[index] >> (uECC_WORD_BITS - bit_shift);
|
||||
}
|
||||
|
|
@ -452,8 +452,8 @@ void uECC_vli_modInv(uECC_word_t *result, const uECC_word_t *input,
|
|||
|
||||
/* ------ Point operations ------ */
|
||||
|
||||
void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1,
|
||||
uECC_word_t * Z1, uECC_Curve curve)
|
||||
void double_jacobian_default(uECC_word_t *X1, uECC_word_t *Y1,
|
||||
uECC_word_t *Z1, uECC_Curve curve)
|
||||
{
|
||||
/* t1 = X, t2 = Y, t3 = Z */
|
||||
uECC_word_t t4[NUM_ECC_WORDS];
|
||||
|
|
@ -518,7 +518,7 @@ uECC_Curve uECC_secp256r1(void)
|
|||
return &curve_secp256r1;
|
||||
}
|
||||
|
||||
void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int*product)
|
||||
void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int *product)
|
||||
{
|
||||
unsigned int tmp[NUM_ECC_WORDS];
|
||||
int carry;
|
||||
|
|
@ -609,8 +609,7 @@ void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int*product)
|
|||
if (carry < 0) {
|
||||
do {
|
||||
carry += uECC_vli_add(result, result, curve_secp256r1.p, NUM_ECC_WORDS);
|
||||
}
|
||||
while (carry < 0);
|
||||
} while (carry < 0);
|
||||
} else {
|
||||
while (carry ||
|
||||
uECC_vli_cmp_unsafe(curve_secp256r1.p, result, NUM_ECC_WORDS) != 1) {
|
||||
|
|
@ -624,7 +623,7 @@ uECC_word_t EccPoint_isZero(const uECC_word_t *point, uECC_Curve curve)
|
|||
return uECC_vli_isZero(point, curve->num_words * 2);
|
||||
}
|
||||
|
||||
void apply_z(uECC_word_t * X1, uECC_word_t * Y1, const uECC_word_t * const Z,
|
||||
void apply_z(uECC_word_t *X1, uECC_word_t *Y1, const uECC_word_t *const Z,
|
||||
uECC_Curve curve)
|
||||
{
|
||||
uECC_word_t t1[NUM_ECC_WORDS];
|
||||
|
|
@ -636,9 +635,9 @@ void apply_z(uECC_word_t * X1, uECC_word_t * Y1, const uECC_word_t * const Z,
|
|||
}
|
||||
|
||||
/* P = (x1, y1) => 2P, (x2, y2) => P' */
|
||||
static void XYcZ_initial_double(uECC_word_t * X1, uECC_word_t * Y1,
|
||||
uECC_word_t * X2, uECC_word_t * Y2,
|
||||
const uECC_word_t * const initial_Z,
|
||||
static void XYcZ_initial_double(uECC_word_t *X1, uECC_word_t *Y1,
|
||||
uECC_word_t *X2, uECC_word_t *Y2,
|
||||
const uECC_word_t *const initial_Z,
|
||||
uECC_Curve curve)
|
||||
{
|
||||
uECC_word_t z[NUM_ECC_WORDS];
|
||||
|
|
@ -658,8 +657,8 @@ static void XYcZ_initial_double(uECC_word_t * X1, uECC_word_t * Y1,
|
|||
apply_z(X2, Y2, z, curve);
|
||||
}
|
||||
|
||||
void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1,
|
||||
uECC_word_t * X2, uECC_word_t * Y2,
|
||||
void XYcZ_add(uECC_word_t *X1, uECC_word_t *Y1,
|
||||
uECC_word_t *X2, uECC_word_t *Y2,
|
||||
uECC_Curve curve)
|
||||
{
|
||||
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
|
||||
|
|
@ -688,8 +687,8 @@ void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1,
|
|||
Output P + Q = (x3, y3, Z3), P - Q = (x3', y3', Z3)
|
||||
or P => P - Q, Q => P + Q
|
||||
*/
|
||||
static void XYcZ_addC(uECC_word_t * X1, uECC_word_t * Y1,
|
||||
uECC_word_t * X2, uECC_word_t * Y2,
|
||||
static void XYcZ_addC(uECC_word_t *X1, uECC_word_t *Y1,
|
||||
uECC_word_t *X2, uECC_word_t *Y2,
|
||||
uECC_Curve curve)
|
||||
{
|
||||
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
|
||||
|
|
@ -726,9 +725,9 @@ static void XYcZ_addC(uECC_word_t * X1, uECC_word_t * Y1,
|
|||
uECC_vli_set(X1, t7, num_words);
|
||||
}
|
||||
|
||||
void EccPoint_mult(uECC_word_t * result, const uECC_word_t * point,
|
||||
const uECC_word_t * scalar,
|
||||
const uECC_word_t * initial_Z,
|
||||
void EccPoint_mult(uECC_word_t *result, const uECC_word_t *point,
|
||||
const uECC_word_t *scalar,
|
||||
const uECC_word_t *initial_Z,
|
||||
bitcount_t num_bits, uECC_Curve curve)
|
||||
{
|
||||
/* R0 and R1 */
|
||||
|
|
@ -771,7 +770,7 @@ void EccPoint_mult(uECC_word_t * result, const uECC_word_t * point,
|
|||
uECC_vli_set(result + num_words, Ry[0], num_words);
|
||||
}
|
||||
|
||||
uECC_word_t regularize_k(const uECC_word_t * const k, uECC_word_t *k0,
|
||||
uECC_word_t regularize_k(const uECC_word_t *const k, uECC_word_t *k0,
|
||||
uECC_word_t *k1, uECC_Curve curve)
|
||||
{
|
||||
|
||||
|
|
@ -837,7 +836,7 @@ void uECC_vli_bytesToNative(unsigned int *native, const uint8_t *bytes,
|
|||
int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top,
|
||||
wordcount_t num_words)
|
||||
{
|
||||
uECC_word_t mask = (uECC_word_t)-1;
|
||||
uECC_word_t mask = (uECC_word_t) - 1;
|
||||
uECC_word_t tries;
|
||||
bitcount_t num_bits = uECC_vli_numBits(top, num_words);
|
||||
|
||||
|
|
@ -881,8 +880,9 @@ int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve)
|
|||
curve->x_side(tmp2, point, curve); /* tmp2 = x^3 + ax + b */
|
||||
|
||||
/* Make sure that y^2 == x^3 + ax + b */
|
||||
if (uECC_vli_equal(tmp1, tmp2, num_words) != 0)
|
||||
if (uECC_vli_equal(tmp1, tmp2, num_words) != 0) {
|
||||
return -3;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve)
|
|||
/* Generating _private uniformly at random: */
|
||||
uECC_RNG_Function rng_function = uECC_get_rng();
|
||||
if (!rng_function ||
|
||||
!rng_function((uint8_t *)_random, 2 * NUM_ECC_WORDS*uECC_WORD_SIZE)) {
|
||||
!rng_function((uint8_t *)_random, 2 * NUM_ECC_WORDS * uECC_WORD_SIZE)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -127,8 +127,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash,
|
|||
if (!g_rng_function) {
|
||||
uECC_vli_clear(tmp, num_n_words);
|
||||
tmp[0] = 1;
|
||||
}
|
||||
else if (!uECC_generate_random_int(tmp, curve->n, num_n_words)) {
|
||||
} else if (!uECC_generate_random_int(tmp, curve->n, num_n_words)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -161,7 +160,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash,
|
|||
int uECC_sign(const uint8_t *private_key, const uint8_t *message_hash,
|
||||
unsigned hash_size, uint8_t *signature, uECC_Curve curve)
|
||||
{
|
||||
uECC_word_t _random[2*NUM_ECC_WORDS];
|
||||
uECC_word_t _random[2 * NUM_ECC_WORDS];
|
||||
uECC_word_t k[NUM_ECC_WORDS];
|
||||
uECC_word_t tries;
|
||||
|
||||
|
|
@ -169,7 +168,7 @@ int uECC_sign(const uint8_t *private_key, const uint8_t *message_hash,
|
|||
/* Generating _random uniformly at random: */
|
||||
uECC_RNG_Function rng_function = uECC_get_rng();
|
||||
if (!rng_function ||
|
||||
!rng_function((uint8_t *)_random, 2*NUM_ECC_WORDS*uECC_WORD_SIZE)) {
|
||||
!rng_function((uint8_t *)_random, 2 * NUM_ECC_WORDS * uECC_WORD_SIZE)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -71,11 +71,13 @@
|
|||
#define O_CLOEXEC 0
|
||||
#endif
|
||||
|
||||
int default_CSPRNG(uint8_t *dest, unsigned int size) {
|
||||
int default_CSPRNG(uint8_t *dest, unsigned int size)
|
||||
{
|
||||
|
||||
/* input sanity check: */
|
||||
if (dest == (uint8_t *) 0 || (size <= 0))
|
||||
if (dest == (uint8_t *) 0 || (size <= 0)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
|
||||
if (fd == -1) {
|
||||
|
|
|
|||
|
|
@ -88,10 +88,12 @@ static void update(TCHmacPrng_t prng, const uint8_t *data, unsigned int datalen,
|
|||
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
|
||||
(void)tc_hmac_update(&prng->h, &separator0, sizeof(separator0));
|
||||
|
||||
if (data && datalen)
|
||||
if (data && datalen) {
|
||||
(void)tc_hmac_update(&prng->h, data, datalen);
|
||||
if (additional_data && additional_datalen)
|
||||
}
|
||||
if (additional_data && additional_datalen) {
|
||||
(void)tc_hmac_update(&prng->h, additional_data, additional_datalen);
|
||||
}
|
||||
|
||||
(void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h);
|
||||
|
||||
|
|
@ -103,8 +105,9 @@ static void update(TCHmacPrng_t prng, const uint8_t *data, unsigned int datalen,
|
|||
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
|
||||
(void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h);
|
||||
|
||||
if (data == 0 || datalen == 0)
|
||||
if (data == 0 || datalen == 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
/* configure the new prng key into the prng's instance of hmac */
|
||||
tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key));
|
||||
|
|
@ -114,8 +117,9 @@ static void update(TCHmacPrng_t prng, const uint8_t *data, unsigned int datalen,
|
|||
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
|
||||
(void)tc_hmac_update(&prng->h, &separator1, sizeof(separator1));
|
||||
(void)tc_hmac_update(&prng->h, data, datalen);
|
||||
if (additional_data && additional_datalen)
|
||||
if (additional_data && additional_datalen) {
|
||||
(void)tc_hmac_update(&prng->h, additional_data, additional_datalen);
|
||||
}
|
||||
(void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h);
|
||||
|
||||
/* configure the new prng key into the prng's instance of hmac */
|
||||
|
|
|
|||
|
|
@ -200,12 +200,12 @@ static void compress(unsigned int *iv, const uint8_t *data)
|
|||
}
|
||||
|
||||
for ( ; i < 64; ++i) {
|
||||
s0 = work_space[(i+1)&0x0f];
|
||||
s0 = work_space[(i + 1) & 0x0f];
|
||||
s0 = sigma0(s0);
|
||||
s1 = work_space[(i+14)&0x0f];
|
||||
s1 = work_space[(i + 14) & 0x0f];
|
||||
s1 = sigma1(s1);
|
||||
|
||||
t1 = work_space[i&0xf] += s0 + s1 + work_space[(i+9)&0xf];
|
||||
t1 = work_space[i & 0xf] += s0 + s1 + work_space[(i + 9) & 0xf];
|
||||
t1 += h + Sigma1(e) + Ch(e, f, g) + k256[i];
|
||||
t2 = Sigma0(a) + Maj(a, b, c);
|
||||
h = g; g = f; f = e; e = d + t1;
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ void _set(void *to, uint8_t val, unsigned int len)
|
|||
*/
|
||||
uint8_t _double_byte(uint8_t a)
|
||||
{
|
||||
return ((a<<1) ^ ((a>>7) * MASK_TWENTY_SEVEN));
|
||||
return ((a << 1) ^ ((a >> 7) * MASK_TWENTY_SEVEN));
|
||||
}
|
||||
|
||||
int _compare(const uint8_t *a, const uint8_t *b, size_t size)
|
||||
|
|
|
|||
Loading…
Reference in a new issue