Merge remote-tracking branch 'origin/development' into safer-ct5

2025-08-08 17:42:09 +03:00 · 2023-06-28 18:52:02 +01:00
parent c882adf0ca 92a55bf5ea
commit 9fbb0cf08e
66 changed files with 1354 additions and 1199 deletions
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -1294,72 +1294,72 @@ void ecp_mod_p_generic_raw(int curve_id,
    bytes = limbs_N * sizeof(mbedtls_mpi_uint);

    switch (curve_id) {
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
        case MBEDTLS_ECP_DP_SECP192R1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(192) * 2;
            curve_bits = 192;
            curve_func = &mbedtls_ecp_mod_p192_raw;
            break;
 #endif
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
        case MBEDTLS_ECP_DP_SECP224R1:
-            limbs = 448 / biL;
+            limbs = BITS_TO_LIMBS(224) * 2;
            curve_bits = 224;
            curve_func = &mbedtls_ecp_mod_p224_raw;
            break;
 #endif
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
        case MBEDTLS_ECP_DP_SECP256R1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(256) * 2;
            curve_bits = 256;
            curve_func = &mbedtls_ecp_mod_p256_raw;
            break;
 #endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
        case MBEDTLS_ECP_DP_SECP384R1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(384) * 2;
            curve_bits = 384;
            curve_func = &mbedtls_ecp_mod_p384_raw;
            break;
 #endif
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM)
        case MBEDTLS_ECP_DP_SECP521R1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(522) * 2;
            curve_bits = 522;
            curve_func = &mbedtls_ecp_mod_p521_raw;
            break;
 #endif
 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
        case MBEDTLS_ECP_DP_SECP192K1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(192) * 2;
            curve_bits = 192;
            curve_func = &mbedtls_ecp_mod_p192k1_raw;
            break;
 #endif
 #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
        case MBEDTLS_ECP_DP_SECP224K1:
-            limbs = 448 / biL;
+            limbs = BITS_TO_LIMBS(224) * 2;
            curve_bits = 224;
            curve_func = &mbedtls_ecp_mod_p224k1_raw;
            break;
 #endif
 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
        case MBEDTLS_ECP_DP_SECP256K1:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(256) * 2;
            curve_bits = 256;
            curve_func = &mbedtls_ecp_mod_p256k1_raw;
            break;
 #endif
 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
        case MBEDTLS_ECP_DP_CURVE25519:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(255) * 2;
            curve_bits = 255;
            curve_func = &mbedtls_ecp_mod_p255_raw;
            break;
 #endif
 #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
        case MBEDTLS_ECP_DP_CURVE448:
-            limbs = 2 * limbs_N;
+            limbs = BITS_TO_LIMBS(448) * 2;
            curve_bits = 448;
            curve_func = &mbedtls_ecp_mod_p448_raw;
            break;
@@ -1373,8 +1373,7 @@ void ecp_mod_p_generic_raw(int curve_id,
    TEST_EQUAL(limbs_res, limbs_N);

    TEST_EQUAL(mbedtls_mpi_mod_modulus_setup(
-                   &m, N, limbs_N,
-                   MBEDTLS_MPI_MOD_REP_OPT_RED), 0);
+                   &m, N, limbs_N), 0);

    TEST_EQUAL((*curve_func)(X, limbs_X), 0);

@@ -1407,16 +1406,18 @@ void ecp_mod_setup(char *input_A, int id, int ctype, int iret)
    TEST_EQUAL(ret, iret);

    if (ret == 0) {
-
+        TEST_ASSERT(m.int_rep != MBEDTLS_MPI_MOD_REP_INVALID);
        /* Test for limb sizes */
        TEST_EQUAL(m.limbs, p_limbs);
        bytes = p_limbs * sizeof(mbedtls_mpi_uint);

-        /* Test for validity of moduli by the presence of Montgomery consts */
-
-        TEST_ASSERT(m.rep.mont.mm != 0);
-        TEST_ASSERT(m.rep.mont.rr != NULL);
-
+        if (m.int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) {
+            /* Test for validity of moduli by the presence of Montgomery consts */
+            TEST_ASSERT(m.rep.mont.mm != 0);
+            TEST_ASSERT(m.rep.mont.rr != NULL);
+        } else {
+            TEST_ASSERT(m.rep.ored.modp != NULL);
+        }

        /* Compare output byte-by-byte */
        ASSERT_COMPARE(p, bytes, m.p, bytes);