diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 6ee3d6c538..c23ff2c7e4 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -5299,39 +5299,6 @@ int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs) MBEDTLS_ECP_DP_SECP256R1_ENABLED || MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C) -MBEDTLS_STATIC_TESTABLE -void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits) -{ - size_t i; - - /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so - * set the absolute value to 0xfff...fff - N. There is no carry - * since we're subtracting from all-bits-one. */ - for (i = 0; i <= bits / 8 / sizeof(mbedtls_mpi_uint); i++) { - N->p[i] = ~(mbedtls_mpi_uint) 0 - N->p[i]; - } - /* Add 1, taking care of the carry. */ - i = 0; - do { - ++N->p[i]; - } while (N->p[i++] == 0 && i <= bits / 8 / sizeof(mbedtls_mpi_uint)); - /* Invert the sign. - * Now N = N0 - 2^bits where N0 is the initial value of N. */ - N->s = -1; - - /* Add |c| * 2^bits to the absolute value. Since c and N are - * negative, this adds c * 2^bits. */ - mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c; -#if defined(MBEDTLS_HAVE_INT64) - if (bits == 224) { - msw <<= 32; - } -#endif - N->p[bits / 8 / sizeof(mbedtls_mpi_uint)] += msw; -} -#endif /* MBEDTLS_TEST_HOOKS & MBEDTLS_ECP_C */ - #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) /* Size of p521 in terms of mbedtls_mpi_uint */ #define P521_WIDTH (521 / 8 / sizeof(mbedtls_mpi_uint) + 1) diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index 05522b6a52..8b8ac8ada0 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -33,19 +33,6 @@ #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C) -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -/* Preconditions: - * - bits is a multiple of 64 or is 224 - * - c is -1 or -2 - * - 0 <= N < 2^bits - * - N has room for bits plus one limb - * - * Behavior: - * Set N to c * 2^bits + old_value_of_N. - */ -void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); -#endif - #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) /** Generate a private key on a Montgomery curve (Curve25519 or Curve448). * diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 3fbad92a59..1f6dfc11d4 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -855,130 +855,6 @@ ECP restartable muladd secp256r1 max_ops=250 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64 -ECP fix_negative: 0, -1, 224 -fix_negative:"00":-1:224 - -ECP fix_negative: 1, -1, 224 -fix_negative:"01":-1:224 - -ECP fix_negative: 2^32-1, -1, 224 -fix_negative:"ffffffff":-1:224 - -ECP fix_negative: 2^32, -1, 224 -fix_negative:"0100000000":-1:224 - -ECP fix_negative: 2^64-1, -1, 224 -fix_negative:"ffffffffffffffff":-1:224 - -ECP fix_negative: 2^64, -1, 224 -fix_negative:"010000000000000000":-1:224 - -ECP fix_negative: 2^128-1, -1, 224 -fix_negative:"ffffffffffffffffffffffffffffffff":-1:224 - -ECP fix_negative: 2^128, -1, 224 -fix_negative:"0100000000000000000000000000000000":-1:224 - -ECP fix_negative: 2^128+1, -1, 224 -fix_negative:"0100000000000000000000000000000001":-1:224 - -ECP fix_negative: 2^224-1, -1, 224 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224 - -ECP fix_negative: 0, -2, 224 -fix_negative:"00":-2:224 - -ECP fix_negative: 1, -2, 224 -fix_negative:"01":-2:224 - -ECP fix_negative: 2^32-1, -2, 224 -fix_negative:"ffffffff":-2:224 - -ECP fix_negative: 2^32, -2, 224 -fix_negative:"0100000000":-2:224 - -ECP fix_negative: 2^64-1, -2, 224 -fix_negative:"ffffffffffffffff":-2:224 - -ECP fix_negative: 2^64, -2, 224 -fix_negative:"010000000000000000":-2:224 - -ECP fix_negative: 2^128-1, -2, 224 -fix_negative:"ffffffffffffffffffffffffffffffff":-2:224 - -ECP fix_negative: 2^128, -2, 224 -fix_negative:"0100000000000000000000000000000000":-2:224 - -ECP fix_negative: 2^128+1, -2, 224 -fix_negative:"0100000000000000000000000000000001":-2:224 - -ECP fix_negative: 2^224-1, -2, 224 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224 - -ECP fix_negative: 0, -1, 256 -fix_negative:"00":-1:256 - -ECP fix_negative: 1, -1, 256 -fix_negative:"01":-1:256 - -ECP fix_negative: 2^32-1, -1, 256 -fix_negative:"ffffffff":-1:256 - -ECP fix_negative: 2^32, -1, 256 -fix_negative:"0100000000":-1:256 - -ECP fix_negative: 2^64-1, -1, 256 -fix_negative:"ffffffffffffffff":-1:256 - -ECP fix_negative: 2^64, -1, 256 -fix_negative:"010000000000000000":-1:256 - -ECP fix_negative: 2^128-1, -1, 256 -fix_negative:"ffffffffffffffffffffffffffffffff":-1:256 - -ECP fix_negative: 2^128, -1, 256 -fix_negative:"0100000000000000000000000000000000":-1:256 - -ECP fix_negative: 2^128+1, -1, 256 -fix_negative:"0100000000000000000000000000000001":-1:256 - -ECP fix_negative: 2^256-1, -1, 256 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256 - -ECP fix_negative: 0, -2, 256 -fix_negative:"00":-2:256 - -ECP fix_negative: 1, -2, 256 -fix_negative:"01":-2:256 - -ECP fix_negative: 2^32-1, -2, 256 -fix_negative:"ffffffff":-2:256 - -ECP fix_negative: 2^32, -2, 256 -fix_negative:"0100000000":-2:256 - -ECP fix_negative: 2^64-1, -2, 256 -fix_negative:"ffffffffffffffff":-2:256 - -ECP fix_negative: 2^64, -2, 256 -fix_negative:"010000000000000000":-2:256 - -ECP fix_negative: 2^128-1, -2, 256 -fix_negative:"ffffffffffffffffffffffffffffffff":-2:256 - -ECP fix_negative: 2^128, -2, 256 -fix_negative:"0100000000000000000000000000000000":-2:256 - -ECP fix_negative: 2^128+1, -2, 256 -fix_negative:"0100000000000000000000000000000001":-2:256 - -ECP fix_negative: 2^256-1, -2, 256 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256 - -# The first call to fix_negative in the test case of issue #4296. -ECP fix_negative: #4296.1 -fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256 - ECP export key parameters #1 (OK) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 71fd4e1553..408fe5dfff 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -8,11 +8,6 @@ #include "ecp_invasive.h" #include "bignum_mod_raw_invasive.h" -#if defined(MBEDTLS_TEST_HOOKS) && \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#define HAVE_FIX_NEGATIVE -#endif - #define ECP_PF_UNKNOWN -1 #define ECP_PT_RESET(x) \ @@ -1091,36 +1086,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */ -void fix_negative(data_t *N_bin, int c, int bits) -{ - mbedtls_mpi C, M, N; - - mbedtls_mpi_init(&C); - mbedtls_mpi_init(&M); - mbedtls_mpi_init(&N); - - /* C = - c * 2^bits (positive since c is negative) */ - TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c)); - TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits)); - - TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len)); - TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n)); - - /* M = N - C = - ( C - N ) (expected result of fix_negative) */ - TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C)); - - mbedtls_ecp_fix_negative(&N, c, bits); - - TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M)); - -exit: - mbedtls_mpi_free(&C); - mbedtls_mpi_free(&M); - mbedtls_mpi_free(&N); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */ void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) {