mbedtls_ecp_gen_privkey_mx: rename n_bits to high_bit
For Montgomery keys, n_bits is actually the position of the highest bit and not the number of bits, which would be 1 more (fence vs posts). Rename the variable accordingly to lessen the confusion. No semantic change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
72fcc98d23
commit
55c46040f6
2 changed files with 9 additions and 9 deletions
|
@ -3059,32 +3059,32 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
|
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
|
||||||
MBEDTLS_STATIC_TESTABLE
|
MBEDTLS_STATIC_TESTABLE
|
||||||
int mbedtls_ecp_gen_privkey_mx( size_t n_bits,
|
int mbedtls_ecp_gen_privkey_mx( size_t high_bit,
|
||||||
mbedtls_mpi *d,
|
mbedtls_mpi *d,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng )
|
void *p_rng )
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
||||||
size_t b;
|
size_t b;
|
||||||
size_t n_bytes = ( n_bits + 7 ) / 8;
|
size_t n_bytes = ( high_bit + 7 ) / 8;
|
||||||
|
|
||||||
/* [Curve25519] page 5 */
|
/* [Curve25519] page 5 */
|
||||||
do {
|
do {
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) );
|
||||||
} while( mbedtls_mpi_bitlen( d ) == 0);
|
} while( mbedtls_mpi_bitlen( d ) == 0);
|
||||||
|
|
||||||
/* Make sure the most significant bit is n_bits */
|
/* Make sure the most significant bit is high_bit */
|
||||||
b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */
|
b = mbedtls_mpi_bitlen( d ) - 1; /* position of the highest bit in d */
|
||||||
if( b > n_bits )
|
if( b > high_bit )
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - n_bits ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - high_bit ) );
|
||||||
else
|
else
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, n_bits, 1 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) );
|
||||||
|
|
||||||
/* Make sure the last two bits are unset for Curve448, three bits for
|
/* Make sure the last two bits are unset for Curve448, three bits for
|
||||||
Curve25519 */
|
Curve25519 */
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
|
||||||
if( n_bits == 254 )
|
if( high_bit == 254 )
|
||||||
{
|
{
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
|
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
|
||||||
}
|
}
|
||||||
|
|
|
@ -57,7 +57,7 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits );
|
||||||
* \note - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
|
* \note - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
|
||||||
* - [RFC7748] https://tools.ietf.org/html/rfc7748
|
* - [RFC7748] https://tools.ietf.org/html/rfc7748
|
||||||
*
|
*
|
||||||
* \p n_bits The position of the high-order bit of the key to generate.
|
* \p high_bit The position of the high-order bit of the key to generate.
|
||||||
* This is the bit-size of the key minus 1:
|
* This is the bit-size of the key minus 1:
|
||||||
* 254 for Curve25519 or 447 for Curve448.
|
* 254 for Curve25519 or 447 for Curve448.
|
||||||
* \param d The randomly generated key. This is a number of size
|
* \param d The randomly generated key. This is a number of size
|
||||||
|
|
Loading…
Reference in a new issue