Revert itch macro changes.curve448

We now have h_to_a_itch <= mul_itch, mul_g_itch. Add asserts at a few places relying on this. (ECC_ECDSA_KEYGEN_ITCH, ECC_MAX): Delete macros. (ECC_ECDSA_SIGN_ITCH): Revert previous change.
author: Niels Möller <nisse@lysator.liu.se> 2019-12-09 19:28:15 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2019-12-09 19:28:15 +0100
commit: a5e0d46377dd0c0331c3990ef7ce377564726919 (patch)
tree: 8f81bbec3a62b71edbbf8e03728833775fa8a96d
parent: b5ae97a8892fd4ad2021d58d4af87d95314a8f44 (diff)
download: nettle-curve448.tar.gz
7 files changed, 16 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 373abae9..0c6725ab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2019-12-09  Niels Möller  <nisse@lysator.liu.se>
 
+	* ecc-internal.h: Revert itch macro changes. We now have
+	h_to_a_itch <= mul_itch, mul_g_itch. Add asserts at a few places
+	relying on this.
+	(ECC_ECDSA_KEYGEN_ITCH, ECC_MAX): Delete macros.
+	(ECC_ECDSA_SIGN_ITCH): Revert previous change.
+
 	* ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n
 	to 6*n.
 	(ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly.
diff --git a/ecc-internal.h b/ecc-internal.h
index a3116101..a7c7fa15 100644
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -439,11 +439,8 @@ curve448_eh_to_x (mp_limb_t *xp, const mp_limb_t *p,
 #define ECC_MUL_A_EH_ITCH(size) \
   (((3 << ECC_MUL_A_EH_WBITS) + 10) * (size))
 #endif
-#define ECC_ECDSA_KEYGEN_ITCH(size) (11*(size))
-#define ECC_ECDSA_SIGN_ITCH(size) (13*(size))
+#define ECC_ECDSA_SIGN_ITCH(size) (12*(size))
 #define ECC_MOD_RANDOM_ITCH(size) (size)
 #define ECC_HASH_ITCH(size) (1+(size))
 
-#define ECC_MAX(x,y) ((x) > (y) ? (x) : (y))
-
 #endif /* NETTLE_ECC_INTERNAL_H_INCLUDED */
diff --git a/ecc-point-mul-g.c b/ecc-point-mul-g.c
index 02cce0d7..b6196150 100644
--- a/ecc-point-mul-g.c
+++ b/ecc-point-mul-g.c
@@ -46,10 +46,11 @@ ecc_point_mul_g (struct ecc_point *r, const struct ecc_scalar *n)
 {
   const struct ecc_curve *ecc = r->ecc;
   mp_limb_t size = ecc->p.size;
-  mp_size_t itch = 3*size + ECC_MAX(ecc->mul_g_itch, ecc->h_to_a_itch);
+  mp_size_t itch = 3*size + ecc->mul_g_itch;
   mp_limb_t *scratch = gmp_alloc_limbs (itch);
 
   assert (n->ecc == ecc);
+  assert (ecc->h_to_a_itch <= ecc->mul_g_itch);
 
   ecc->mul_g (ecc, scratch, n->p, scratch + 3*size);
   ecc->h_to_a (ecc, 0, r->p, scratch, scratch + 3*size);
diff --git a/ecc-point-mul.c b/ecc-point-mul.c
index deb7d8ad..d297602e 100644
--- a/ecc-point-mul.c
+++ b/ecc-point-mul.c
@@ -46,11 +46,12 @@ ecc_point_mul (struct ecc_point *r, const struct ecc_scalar *n,
 {
   const struct ecc_curve *ecc = r->ecc;
   mp_limb_t size = ecc->p.size;
-  mp_size_t itch = 3*size + ECC_MAX(ecc->mul_itch, ecc->h_to_a_itch);
+  mp_size_t itch = 3*size + ecc->mul_itch;
   mp_limb_t *scratch = gmp_alloc_limbs (itch);
 
   assert (n->ecc == ecc);
   assert (p->ecc == ecc);
+  assert (ecc->h_to_a_itch <= ecc->mul_itch);
 
   ecc->mul (ecc, scratch, n->p, p->p, scratch + 3*size);
   ecc->h_to_a (ecc, 0, r->p, scratch, scratch + 3*size);
diff --git a/ecdsa-keygen.c b/ecdsa-keygen.c
index aa2dfb08..870282b0 100644
--- a/ecdsa-keygen.c
+++ b/ecdsa-keygen.c
@@ -47,11 +47,12 @@ ecdsa_generate_keypair (struct ecc_point *pub,
 			struct ecc_scalar *key,
 			void *random_ctx, nettle_random_func *random)
 {
-  TMP_DECL(p, mp_limb_t, 3*ECC_MAX_SIZE + ECC_ECDSA_KEYGEN_ITCH (ECC_MAX_SIZE));
+  TMP_DECL(p, mp_limb_t, 3*ECC_MAX_SIZE + ECC_MUL_G_ITCH (ECC_MAX_SIZE));
   const struct ecc_curve *ecc = pub->ecc;
-  mp_size_t itch = 3*ecc->p.size + ECC_ECDSA_KEYGEN_ITCH (ecc->p.size);
+  mp_size_t itch = 3*ecc->p.size + ecc->mul_g_itch;
 
   assert (key->ecc == ecc);
+  assert (ecc->h_to_a_itch <= ecc->mul_g_itch);
 
   TMP_ALLOC (p, itch);
 
diff --git a/testsuite/ecc-mul-a-test.c b/testsuite/ecc-mul-a-test.c
index 019f4d34..0e1457bd 100644
--- a/testsuite/ecc-mul-a-test.c
+++ b/testsuite/ecc-mul-a-test.c
@@ -17,7 +17,7 @@ test_main (void)
       mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
       mp_limb_t *q = xalloc_limbs (ecc_size_j (ecc));
       mp_limb_t *n = xalloc_limbs (size);
-      mp_limb_t *scratch = xalloc_limbs (ecc->mul_itch + ecc->h_to_a_itch);
+      mp_limb_t *scratch = xalloc_limbs (ecc->mul_itch);
       unsigned j;
       
       mpn_zero (n, size);
diff --git a/testsuite/ecc-mul-g-test.c b/testsuite/ecc-mul-g-test.c
index 0bedfdea..04501b38 100644
--- a/testsuite/ecc-mul-g-test.c
+++ b/testsuite/ecc-mul-g-test.c
@@ -17,7 +17,7 @@ test_main (void)
       mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
       mp_limb_t *q = xalloc_limbs (ecc_size_j (ecc));
       mp_limb_t *n = xalloc_limbs (size);
-      mp_limb_t *scratch = xalloc_limbs (ecc->mul_g_itch + ecc->h_to_a_itch);
+      mp_limb_t *scratch = xalloc_limbs (ecc->mul_g_itch);
 
       mpn_zero (n, size);
author	Niels Möller <nisse@lysator.liu.se>	2019-12-09 19:28:15 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2019-12-09 19:28:15 +0100
commit	a5e0d46377dd0c0331c3990ef7ce377564726919 (patch)
tree	8f81bbec3a62b71edbbf8e03728833775fa8a96d
parent	b5ae97a8892fd4ad2021d58d4af87d95314a8f44 (diff)
download	nettle-curve448.tar.gz