From c1a5fb54dd57088c1b0acd99c4cc8c2b7cafe51a Mon Sep 17 00:00:00 2001 From: "Diego F. Aranha" Date: Sat, 28 Dec 2024 20:31:08 +0100 Subject: [PATCH] Fix regressions from last commit. --- src/bn/relic_bn_rec.c | 50 ++++++++++++++++++----------------------- src/ep/relic_ep_curve.c | 8 +++---- test/test_bn.c | 12 ++++------ test/test_ep.c | 4 ++-- 4 files changed, 32 insertions(+), 42 deletions(-) diff --git a/src/bn/relic_bn_rec.c b/src/bn/relic_bn_rec.c index 69c46196f..0e05cae33 100644 --- a/src/bn/relic_bn_rec.c +++ b/src/bn/relic_bn_rec.c @@ -829,11 +829,11 @@ void bn_rec_jsf(int8_t *jsf, size_t *len, const bn_t k, const bn_t l) { } -void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_t *v1, - const bn_t *v2) { +void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_st *v1, + const bn_st *v2) { bn_t t, b1, b2; int r1, r2; - size_t bits = bn_bits(n), d = bits >> (RLC_DIG_LOG), b = bits % RLC_DIG; + size_t bits; bn_null(b1); bn_null(b2); @@ -844,35 +844,26 @@ void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_t *v1, bn_new(b2); bn_new(t); - dv_zero(t->dp, RLC_BN_SIZE); - dv_copy(t->dp, k->dp, k->used); - - dv_zero(b1->dp, RLC_BN_SIZE); - dv_copy(b1->dp, v1[0]->dp, v1[0]->used); - b1->sign = v1[0]->sign; - b1->used = v1[0]->used; - - dv_zero(b2->dp, RLC_BN_SIZE); - t->used = k->used; - bn_mul(b1, b1, t); - r1 = (b1->dp[d] >> b) & (dig_t)1; - dv_rshd(b1->dp, b1->dp, RLC_BN_SIZE, d); - bn_rshb_low(b1->dp, b1->dp, RLC_BN_SIZE, b + 1); + bn_abs(t, k); + bits = bn_bits(n); + + bn_mul(b1, t, &(v1[0])); + r1 = bn_get_bit(b1, bits); + bn_rsh(b1, b1, bits + 1); bn_add_dig(b1, b1, r1); - bn_mul(b2, t, v2[0]); - r2 = (b2->dp[d] >> b) & (dig_t)1; - dv_rshd(b2->dp, b2->dp, RLC_BN_SIZE, d); - bn_rshb_low(b2->dp, b2->dp, RLC_BN_SIZE, b + 1); + bn_mul(b2, t, &(v2[0])); + r2 = bn_get_bit(b2, bits); + bn_rsh(b2, b2, bits + 1); bn_add_dig(b2, b2, r2); - bn_mul(k0, b1, v1[1]); - bn_mul(k1, b2, v2[1]); + bn_mul(k0, b1, &(v1[1])); + bn_mul(k1, b2, &(v2[1])); bn_add(k0, k0, k1); bn_sub(k0, t, k0); - bn_mul(k1, b1, v1[2]); - bn_mul(t, b2, v2[2]); + bn_mul(k1, b1, &(v1[2])); + bn_mul(t, b2, &(v2[2])); bn_add(k1, k1, t); bn_neg(k1, k1); } @@ -886,7 +877,7 @@ void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_t *v1, } } -void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t c, size_t m, size_t n) { +void bn_rec_sac(int8_t *b, size_t *len, const bn_t *k, size_t c, size_t m, size_t n) { /* Assume k0 is the sign-aligner. */ bn_t *t = RLC_ALLOCA(bn_t, m); size_t l = RLC_CEIL(n, c * m) + 1; @@ -905,11 +896,14 @@ void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t c, size_t m, size_t n) { } RLC_TRY { - fp_prime_get_par(t[0]); - l = RLC_MAX(l, bn_bits(t[0]) + 1); for (size_t i = 0; i < m; i++) { bn_null(t[i]); bn_new(t[i]); + } + + fp_prime_get_par(t[0]); + l = RLC_MAX(l, bn_bits(t[0]) + 1); + for (size_t i = 0; i < m; i++) { bn_copy(t[i], k[i]); /* The current basis for some curves might be one bit longer. */ if (ep_curve_is_pairf() == EP_BN) { diff --git a/src/ep/relic_ep_curve.c b/src/ep/relic_ep_curve.c index ebb78d054..9659ebf96 100644 --- a/src/ep/relic_ep_curve.c +++ b/src/ep/relic_ep_curve.c @@ -272,12 +272,12 @@ dig_t *ep_curve_get_beta(void) { return core_get()->beta; } -const bn_t *ep_curve_get_v1(void) { - return (const bn_t *)core_get()->ep_v1; +const bn_st *ep_curve_get_v1(void) { + return (const bn_st *)core_get()->ep_v1; } -const bn_t *ep_curve_get_v2(void) { - return (const bn_t *)core_get()->ep_v2; +const bn_st *ep_curve_get_v2(void) { + return (const bn_st *)core_get()->ep_v2; } #endif diff --git a/test/test_bn.c b/test/test_bn.c index 8c4e4c7fc..8e435c413 100644 --- a/test/test_bn.c +++ b/test/test_bn.c @@ -2244,12 +2244,12 @@ static int recoding(void) { TEST_CASE("glv recoding is correct") { if (ep_param_set_any_endom() == RLC_OK) { for (size_t i = 0; i < 3; i++) { - bn_copy(v1[i], ep_curve_get_v1()[i]); - bn_copy(v2[i], ep_curve_get_v2()[i]); + bn_copy(v1[i], &(core_get()->ep_v1[i])); + bn_copy(v2[i], &(core_get()->ep_v2[i])); } ep_curve_get_ord(b); bn_rand_mod(a, b); - bn_rec_glv(b, c, a, b, (const bn_t *)v1, (const bn_t *)v2); + bn_rec_glv(b, c, a, b, ep_curve_get_v1(), ep_curve_get_v2()); ep_curve_get_ord(v2[0]); /* Check that subscalars have the right length. */ TEST_ASSERT(bn_bits(b) <= 1 + (bn_bits(v2[0]) >> 1), end); @@ -2288,13 +2288,9 @@ static int recoding(void) { size_t l = RLC_BN_BITS; int8_t ptr[2 * RLC_BN_BITS] = { 0 }; if (ep_param_set_any_endom() == RLC_OK) { - for (size_t i = 0; i < 3; i++) { - bn_copy(v1[i], ep_curve_get_v1()[i]); - bn_copy(v2[i], ep_curve_get_v2()[i]); - } ep_curve_get_ord(b); bn_rand_mod(a, b); - bn_rec_glv(b, c, a, b, (const bn_t *)v1, (const bn_t *)v2); + bn_rec_glv(b, c, a, b, ep_curve_get_v1(), ep_curve_get_v2()); ep_curve_get_ord(v2[0]); bn_rec_sac(ptr, &l, v1, 1, 2, bn_bits(v2[0])); if (bn_is_even(b)) { diff --git a/test/test_ep.c b/test/test_ep.c index 391943a84..c7a7c1bdb 100644 --- a/test/test_ep.c +++ b/test/test_ep.c @@ -500,8 +500,8 @@ static int endomorphism(void) { if (ep_curve_is_endom()) { /* Recover lambda parameter. */ for (size_t i = 0; i < 3; i++) { - bn_copy(v1[i], ep_curve_get_v1()[i]); - bn_copy(v2[i], ep_curve_get_v2()[i]); + bn_copy(v1[i], &(core_get()->ep_v1[i])); + bn_copy(v2[i], &(core_get()->ep_v2[i])); } ep_curve_get_ord(v2[0]); if (bn_cmp_dig(v1[2], 1) == RLC_EQ) {