1 /*******************************************************************************
2 * Copyright 2002-2018 Intel Corporation
3 * All Rights Reserved.
4 *
5 * If this software was obtained under the Intel Simplified Software License,
6 * the following terms apply:
7 *
8 * The source code, information and material ("Material") contained herein is
9 * owned by Intel Corporation or its suppliers or licensors, and title to such
10 * Material remains with Intel Corporation or its suppliers or licensors. The
11 * Material contains proprietary information of Intel or its suppliers and
12 * licensors. The Material is protected by worldwide copyright laws and treaty
13 * provisions. No part of the Material may be used, copied, reproduced,
14 * modified, published, uploaded, posted, transmitted, distributed or disclosed
15 * in any way without Intel's prior express written permission. No license under
16 * any patent, copyright or other intellectual property rights in the Material
17 * is granted to or conferred upon you, either expressly, by implication,
18 * inducement, estoppel or otherwise. Any license under such intellectual
19 * property rights must be express and approved by Intel in writing.
20 *
21 * Unless otherwise agreed by Intel in writing, you may not remove or alter this
22 * notice or any other notice embedded in Materials by Intel or Intel's
23 * suppliers or licensors in any way.
24 *
25 *
26 * If this software was obtained under the Apache License, Version 2.0 (the
27 * "License"), the following terms apply:
28 *
29 * You may not use this file except in compliance with the License. You may
30 * obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
31 *
32 *
33 * Unless required by applicable law or agreed to in writing, software
34 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
35 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
36 *
37 * See the License for the specific language governing permissions and
38 * limitations under the License.
39 *******************************************************************************/
40
41 /*
42 // Intel(R) Integrated Performance Primitives
43 // Cryptographic Primitives (ippcp)
44 //
45 //
46 */
47
48 #if !defined(_CP_MONTGOMETRY_H)
49 #define _CP_MONTGOMETRY_H
50
51 #include "pcpbn.h"
52 #include "gsmodstuff.h"
53
54 //tbcd: temporary excluded: #include <assert.h>
55
56 #define MONT_DEFAULT_POOL_LENGTH (6)
57
58 /*
59 // Montgomery spec structure
60 */
61 struct _cpMontgomery
62 {
63 IppCtxId idCtx; /* Montgomery spec identifier */
64 cpSize maxLen; /* Maximum length of modulus being stored */
65 gsModEngine* pEngine; /* Modular arith engine structure */
66 };
67
68 /* accessory macros */
69 #define MNT_ID(eng) ((eng)->idCtx)
70 #define MNT_ROOM(eng) ((eng)->maxLen)
71 #define MNT_ENGINE(eng) ((eng)->pEngine)
72
73 #define MNT_VALID_ID(eng) (MNT_ID((eng))==idCtxMontgomery)
74
75 /* default methos */
76 #define EXPONENT_METHOD (ippBinaryMethod)
77
78 /* alignment */
79 #define MONT_ALIGNMENT ((int)(sizeof(void*)))
80
81
82 /*
83 // Pacp/unpack Montgomery context
84 */
85 #define cpPackMontCtx OWNAPI(cpPackMontCtx)
86 void cpPackMontCtx(const IppsMontState* pCtx, Ipp8u* pBuffer);
87 #define cpUnpackMontCtx OWNAPI(cpUnpackMontCtx)
88 void cpUnpackMontCtx(const Ipp8u* pBuffer, IppsMontState* pCtx);
89
90
91 /*
92 // Montgomery reduction, multiplication and squaring
93 */
cpMontRed_BNU(BNU_CHUNK_T * pR,BNU_CHUNK_T * pProduct,gsModEngine * pModEngine)94 __INLINE void cpMontRed_BNU(BNU_CHUNK_T* pR,
95 BNU_CHUNK_T* pProduct,
96 gsModEngine* pModEngine)
97 {
98 MOD_METHOD( pModEngine )->red(pR, pProduct, pModEngine);
99 }
100
cpMontMul_BNU(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pA,const BNU_CHUNK_T * pB,gsModEngine * pModEngine)101 __INLINE void cpMontMul_BNU(BNU_CHUNK_T* pR,
102 const BNU_CHUNK_T* pA,
103 const BNU_CHUNK_T* pB,
104 gsModEngine* pModEngine)
105 {
106 MOD_METHOD( pModEngine )->mul(pR, pA, pB, pModEngine);
107 }
108
cpMontMul_BNU_EX(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pA,cpSize nsA,const BNU_CHUNK_T * pB,cpSize nsB,gsModEngine * pModEngine)109 __INLINE cpSize cpMontMul_BNU_EX(BNU_CHUNK_T* pR,
110 const BNU_CHUNK_T* pA, cpSize nsA,
111 const BNU_CHUNK_T* pB, cpSize nsB,
112 gsModEngine* pModEngine)
113 {
114 const int usedPoolLen = 1;
115 cpSize nsM = MOD_LEN( pModEngine );
116 BNU_CHUNK_T* pDataR = pR;
117 BNU_CHUNK_T* pDataA = gsModPoolAlloc(pModEngine, usedPoolLen);
118 //tbcd: temporary excluded: assert(NULL!=pDataA);
119
120 ZEXPAND_COPY_BNU(pDataA, nsM, pA, nsA);
121 ZEXPAND_COPY_BNU(pDataR, nsM, pB, nsB);
122
123 MOD_METHOD( pModEngine )->mul(pDataR, pDataA, pDataR, pModEngine);
124
125 gsModPoolFree(pModEngine, usedPoolLen);
126 return nsM;
127 }
128
cpMontSqr_BNU(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pA,gsModEngine * pModEngine)129 __INLINE void cpMontSqr_BNU(BNU_CHUNK_T* pR,
130 const BNU_CHUNK_T* pA,
131 gsModEngine* pModEngine)
132 {
133 MOD_METHOD( pModEngine )->sqr(pR, pA, pModEngine);
134 }
135
cpMontSqr_BNU_EX(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pA,cpSize nsA,gsModEngine * pModEngine)136 __INLINE void cpMontSqr_BNU_EX(BNU_CHUNK_T* pR,
137 const BNU_CHUNK_T* pA, cpSize nsA,
138 gsModEngine* pModEngine)
139 {
140 cpSize nsM = MOD_LEN( pModEngine );
141 ZEXPAND_COPY_BNU(pR, nsM, pA, nsA);
142
143 MOD_METHOD( pModEngine )->sqr(pR, pR, pModEngine);
144 }
145
146 /*
147 // Montgomery encoding/decoding
148 */
cpMontEnc_BNU(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pXreg,gsModEngine * pModEngine)149 __INLINE cpSize cpMontEnc_BNU(BNU_CHUNK_T* pR,
150 const BNU_CHUNK_T* pXreg,
151 gsModEngine* pModEngine)
152 {
153 cpSize nsM = MOD_LEN(pModEngine);
154
155 MOD_METHOD( pModEngine )->encode(pR, pXreg, pModEngine);
156
157 FIX_BNU(pR, nsM);
158 return nsM;
159 }
160
cpMontEnc_BNU_EX(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pXreg,cpSize nsX,gsModEngine * pModEngine)161 __INLINE cpSize cpMontEnc_BNU_EX(BNU_CHUNK_T* pR,
162 const BNU_CHUNK_T* pXreg, cpSize nsX,
163 gsModEngine* pModEngine)
164 {
165 cpSize nsM = MOD_LEN(pModEngine);
166
167 ZEXPAND_COPY_BNU(pR, nsM, pXreg, nsX);
168
169 MOD_METHOD( pModEngine )->encode(pR, pR, pModEngine);
170
171 FIX_BNU(pR, nsM);
172
173 return nsM;
174 }
175
cpMontDec_BNU(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pXmont,cpSize nsX,gsModEngine * pModEngine)176 __INLINE cpSize cpMontDec_BNU(BNU_CHUNK_T* pR,
177 const BNU_CHUNK_T* pXmont, cpSize nsX,
178 gsModEngine* pModEngine)
179 {
180 cpSize nsM = MOD_LEN( pModEngine );
181
182 ZEXPAND_COPY_BNU(pR, nsM, pXmont, nsX);
183
184 MOD_METHOD( pModEngine )->decode(pR, pR, pModEngine);
185
186 FIX_BNU(pR, nsM);
187 return nsM;
188 }
189
cpMontMul_BN(IppsBigNumState * pRbn,const IppsBigNumState * pXbn,const IppsBigNumState * pYbn,gsModEngine * pModEngine)190 __INLINE void cpMontMul_BN(IppsBigNumState* pRbn,
191 const IppsBigNumState* pXbn,
192 const IppsBigNumState* pYbn,
193 gsModEngine* pModEngine)
194 {
195 cpSize nsM = cpMontMul_BNU_EX(BN_NUMBER(pRbn),
196 BN_NUMBER(pXbn), BN_SIZE(pXbn),
197 BN_NUMBER(pYbn), BN_SIZE(pYbn),
198 pModEngine);
199
200 FIX_BNU(BN_NUMBER(pRbn), nsM);
201 BN_SIZE(pRbn) = nsM;
202 BN_SIGN(pRbn) = ippBigNumPOS;
203 }
204
cpMontEnc_BN(IppsBigNumState * pRbn,const IppsBigNumState * pXbn,gsModEngine * pModEngine)205 __INLINE void cpMontEnc_BN(IppsBigNumState* pRbn,
206 const IppsBigNumState* pXbn,
207 gsModEngine* pModEngine)
208 {
209 cpSize nsM = cpMontEnc_BNU_EX(BN_NUMBER(pRbn),
210 BN_NUMBER(pXbn), BN_SIZE(pXbn),
211 pModEngine);
212
213 BN_SIZE(pRbn) = nsM;
214 BN_SIGN(pRbn) = ippBigNumPOS;
215 }
216
cpMontDec_BN(IppsBigNumState * pRbn,const IppsBigNumState * pXbn,gsModEngine * pModEngine)217 __INLINE void cpMontDec_BN(IppsBigNumState* pRbn,
218 const IppsBigNumState* pXbn,
219 gsModEngine* pModEngine)
220 {
221 cpSize nsM = MOD_LEN(pModEngine);
222 cpMontDec_BNU(BN_NUMBER(pRbn), BN_NUMBER(pXbn), BN_SIZE(pXbn), pModEngine);
223
224 BN_SIZE(pRbn) = nsM;
225 BN_SIGN(pRbn) = ippBigNumPOS;
226 }
227
228 /*
229 // Montgomery exponentiation (binary) "fast" and "safe" versions
230 */
231 #define cpMontExpBin_BNU_sscm OWNAPI(cpMontExpBin_BNU_sscm)
232 cpSize cpMontExpBin_BNU_sscm(BNU_CHUNK_T* pY,
233 const BNU_CHUNK_T* pX, cpSize nsX,
234 const BNU_CHUNK_T* pE, cpSize nsE,
235 gsModEngine* pModEngine);
236
237 #define cpMontExpBin_BNU OWNAPI(cpMontExpBin_BNU)
238 cpSize cpMontExpBin_BNU(BNU_CHUNK_T* pY,
239 const BNU_CHUNK_T* pX, cpSize nsX,
240 const BNU_CHUNK_T* pE, cpSize nsE,
241 gsModEngine* pModEngine);
242
cpMontExpBin_BN_sscm(IppsBigNumState * pYbn,const IppsBigNumState * pXbn,const IppsBigNumState * pEbn,gsModEngine * pMont)243 __INLINE void cpMontExpBin_BN_sscm(IppsBigNumState* pYbn,
244 const IppsBigNumState* pXbn,
245 const IppsBigNumState* pEbn,
246 gsModEngine* pMont)
247 {
248 BNU_CHUNK_T* pX = BN_NUMBER(pXbn);
249 cpSize nsX = BN_SIZE(pXbn);
250 BNU_CHUNK_T* pE = BN_NUMBER(pEbn);
251 cpSize nsE = BN_SIZE(pEbn);
252 BNU_CHUNK_T* pY = BN_NUMBER(pYbn);
253 cpSize nsY = cpMontExpBin_BNU_sscm(pY, pX,nsX, pE,nsE, pMont);
254 FIX_BNU(pY, nsY);
255 BN_SIZE(pYbn) = nsY;
256 BN_SIGN(pYbn) = ippBigNumPOS;
257 }
258
cpMontExpBin_BN(IppsBigNumState * pYbn,const IppsBigNumState * pXbn,const IppsBigNumState * pEbn,gsModEngine * pModEngine)259 __INLINE void cpMontExpBin_BN(IppsBigNumState* pYbn,
260 const IppsBigNumState* pXbn,
261 const IppsBigNumState* pEbn,
262 gsModEngine* pModEngine)
263 {
264 BNU_CHUNK_T* pX = BN_NUMBER(pXbn);
265 cpSize nsX = BN_SIZE(pXbn);
266 BNU_CHUNK_T* pE = BN_NUMBER(pEbn);
267 cpSize nsE = BN_SIZE(pEbn);
268 BNU_CHUNK_T* pY = BN_NUMBER(pYbn);
269 cpSize nsY = cpMontExpBin_BNU(pY, pX,nsX, pE,nsE, pModEngine);
270 FIX_BNU(pY, nsY);
271 BN_SIZE(pYbn) = nsY;
272 BN_SIGN(pYbn) = ippBigNumPOS;
273 }
274
275
276 /*
277 // Montgomery exponentiation (fixed window)
278 */
279 #define cpMontExp_WinSize OWNAPI(cpMontExp_WinSize)
280 cpSize cpMontExp_WinSize(int bitsize);
281
282 #if defined(_USE_WINDOW_EXP_)
283 #define cpMontExpWin_BN_sscm OWNAPI(cpMontExpWin_BN_sscm)
284 void cpMontExpWin_BN_sscm(IppsBigNumState* pY,
285 const IppsBigNumState* pX, const IppsBigNumState* pE,
286 gsModEngine* pMont,
287 BNU_CHUNK_T* pPrecompResource);
288
289 #define cpMontExpWin_BN OWNAPI(cpMontExpWin_BN)
290 void cpMontExpWin_BN(IppsBigNumState* pY,
291 const IppsBigNumState* pX, const IppsBigNumState* pE,
292 gsModEngine* pMont,
293 BNU_CHUNK_T* pPrecompResource);
294 #endif
295
296 /*
297 // Montgomery multi-exponentiation
298 */
299 /* precompute table for multi-exponentiation */
300 #define cpMontMultiExpInitArray OWNAPI(cpMontMultiExpInitArray)
301 void cpMontMultiExpInitArray(BNU_CHUNK_T* pPrecomTbl,
302 const BNU_CHUNK_T** ppX, cpSize xItemBitSize, cpSize numItems,
303 gsModEngine* pMont);
304
305 /* multi-exponentiation */
306 #define cpFastMontMultiExp OWNAPI(cpFastMontMultiExp)
307 void cpFastMontMultiExp(BNU_CHUNK_T* pY,
308 const BNU_CHUNK_T* pPrecomTbl,
309 const Ipp8u** ppE, cpSize eItemBitSize, cpSize numItems,
310 gsModEngine* pMont);
311 /*
312 // Montgomery inversion
313 */
314 #define cpMontInv_BNU OWNAPI(cpMontInv_BNU)
315 BNU_CHUNK_T* cpMontInv_BNU(BNU_CHUNK_T* pR, const BNU_CHUNK_T* pA, IppsMontState* pMont);
316 #define cpRegInv_BNU OWNAPI(cpRegInv_BNU)
317 BNU_CHUNK_T* cpRegInv_BNU(BNU_CHUNK_T* pR, const BNU_CHUNK_T* pA, IppsMontState* pMont);
318
319
320 /*
321 // Montgomery internal GetSize/Init functions
322 */
323 #define cpMontGetSize OWNAPI(cpMontGetSize)
324 IppStatus cpMontGetSize(cpSize maxLen32, int poolLength, cpSize* pCtxSize);
325
326 #define cpMontInit OWNAPI(cpMontInit)
327 IppStatus cpMontInit(int maxLen32, int poolLength, IppsMontState* pMont);
328
329 #define cpMontSet OWNAPI(cpMontSet)
330 IppStatus cpMontSet(const Ipp32u* pModulus, cpSize len32, IppsMontState* pMont);
331
332 #endif /* _CP_MONTGOMETRY_H */
333