diff options
| author | Nicola Tuveri <nic.tuv@gmail.com> | 2018-06-21 19:08:50 +0300 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2018-06-25 16:40:00 +0200 |
| commit | 5a2124620cb2893b2d5c40be75579cd9c35c839c (patch) | |
| tree | 02ac4dbdbd0e604b1d20d97539d244d4eeff2f0b /crypto/include | |
| parent | c35e96691ff3415e68531076ff9f011703524c0a (diff) | |
Add inter-module private header for EC functions
Internal submodules of libcrypto may require non-public functions from
the EC submodule.
In preparation to use `ec_group_do_inverse_ord()` (from #6116) inside
the SM2 submodule to apply a SCA mitigation on the modular inversion,
this commit moves the `ec_group_do_inverse_ord()` prototype declaration
from the EC-local `crypto/ec/ec_lcl.h` header to the
`crypto/include/internal/ec_int.h` inter-module private header.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6521)
Diffstat (limited to 'crypto/include')
| -rw-r--r-- | crypto/include/internal/ec_int.h | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/crypto/include/internal/ec_int.h b/crypto/include/internal/ec_int.h new file mode 100644 index 0000000000..bb4b5129d0 --- /dev/null +++ b/crypto/include/internal/ec_int.h @@ -0,0 +1,45 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Internal EC functions for other submodules: not for application use */ + +#ifndef HEADER_OSSL_EC_INTERNAL_H +# define HEADER_OSSL_EC_INTERNAL_H +# include <openssl/opensslconf.h> + +# ifndef OPENSSL_NO_EC + +# include <openssl/ec.h> + +/*- + * Computes the multiplicative inverse of x in the range + * [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the + * subgroup generated by the generator G: + * + * res := x^(-1) (mod EC_GROUP::order). + * + * This function expects the following two conditions to hold: + * - the EC_GROUP order is prime, and + * - x is included in the range [1, EC_GROUP::order). + * + * This function returns 1 on success, 0 on error. + * + * If the EC_GROUP order is even, this function explicitly returns 0 as + * an error. + * In case any of the two conditions stated above is not satisfied, + * the correctness of its output is not guaranteed, even if the return + * value could still be 1 (as primality testing and a conditional modular + * reduction round on the input can be omitted by the underlying + * implementations for better SCA properties on regular input values). + */ +__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res, + const BIGNUM *x, BN_CTX *ctx); + +# endif /* OPENSSL_NO_EC */ +#endif |