## OpenJDK / jdk9 / jdk9 / jdk

### comparison src/jdk.crypto.ec/share/native/libsunec/impl/ecp.h @ 17280:f09a6beb1e23

Find changesets by keywords (author, files, the commit message), revision
number or hash, or revset expression.

8175110: Higher quality ECDSA operations
Reviewed-by: jnimeh, valeriep, vinnie, xuelei

author | apetcher |
---|---|

date | Fri, 12 May 2017 17:30:47 +0100 |

parents | f08705540498 |

children |

comparison

equal
deleted
inserted
replaced

0:4173ee34ff3f | 1:97c87342b294 |
---|---|

1 /* | 1 /* |

2 * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. | 2 * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. |

3 * Use is subject to license terms. | 3 * Use is subject to license terms. |

4 * | 4 * |

5 * This library is free software; you can redistribute it and/or | 5 * This library is free software; you can redistribute it and/or |

6 * modify it under the terms of the GNU Lesser General Public | 6 * modify it under the terms of the GNU Lesser General Public |

7 * License as published by the Free Software Foundation; either | 7 * License as published by the Free Software Foundation; either |

31 * the Initial Developer. All Rights Reserved. | 31 * the Initial Developer. All Rights Reserved. |

32 * | 32 * |

33 * Contributor(s): | 33 * Contributor(s): |

34 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories | 34 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories |

35 * | 35 * |

36 * Last Modified Date from the Original Code: May 2017 | |

36 *********************************************************************** */ | 37 *********************************************************************** */ |

37 | 38 |

38 #ifndef _ECP_H | 39 #ifndef _ECP_H |

39 #define _ECP_H | 40 #define _ECP_H |

40 | 41 |

120 * coordinates. Input and output values are assumed to be NOT | 121 * coordinates. Input and output values are assumed to be NOT |

121 * field-encoded and are in affine form. */ | 122 * field-encoded and are in affine form. */ |

122 mp_err | 123 mp_err |

123 ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px, | 124 ec_GFp_pts_mul_jac(const mp_int *k1, const mp_int *k2, const mp_int *px, |

124 const mp_int *py, mp_int *rx, mp_int *ry, | 125 const mp_int *py, mp_int *rx, mp_int *ry, |

125 const ECGroup *group); | 126 const ECGroup *group, int timing); |

126 | 127 |

127 /* Computes R = nP where R is (rx, ry) and P is the base point. Elliptic | 128 /* Computes R = nP where R is (rx, ry) and P is the base point. Elliptic |

128 * curve points P and R can be identical. Uses mixed Modified-Jacobian | 129 * curve points P and R can be identical. Uses mixed Modified-Jacobian |

129 * co-ordinates for doubling and Chudnovsky Jacobian coordinates for | 130 * co-ordinates for doubling and Chudnovsky Jacobian coordinates for |

130 * additions. Assumes input is already field-encoded using field_enc, and | 131 * additions. Assumes input is already field-encoded using field_enc, and |

131 * returns output that is still field-encoded. Uses 5-bit window NAF | 132 * returns output that is still field-encoded. Uses 5-bit window NAF |

132 * method (algorithm 11) for scalar-point multiplication from Brown, | 133 * method (algorithm 11) for scalar-point multiplication from Brown, |

133 * Hankerson, Lopez, Menezes. Software Implementation of the NIST Elliptic | 134 * Hankerson, Lopez, Menezes. Software Implementation of the NIST Elliptic |

134 * Curves Over Prime Fields. */ | 135 * Curves Over Prime Fields. The implementation includes a countermeasure |

136 * that attempts to hide the size of n from timing channels. This counter- | |

137 * measure is enabled using the timing argument. The high-rder bits of timing | |

138 * must be uniformly random in order for this countermeasure to work. */ | |

135 mp_err | 139 mp_err |

136 ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py, | 140 ec_GFp_pt_mul_jm_wNAF(const mp_int *n, const mp_int *px, const mp_int *py, |

137 mp_int *rx, mp_int *ry, const ECGroup *group); | 141 mp_int *rx, mp_int *ry, const ECGroup *group, |

142 int timing); | |

138 | 143 |

139 #endif /* _ECP_H */ | 144 #endif /* _ECP_H */ |