CoCalc -- ec_dispatch.c

GitHub Repository: wine-mirror/wine
Path: blob/master/libs/symcrypt/lib/ec_dispatch.c
¹⁵⁰¹⁰ views
1
//
2
// ec_dispatch.c   Dispatch file for elliptic curve crypto functions
3
//
4
// Copyright (c) Microsoft Corporation. Licensed under the MIT license.
5
//
6
//
7

8
#include "precomp.h"
9

10
// Table with all the pointers to SYMCRYPT_ECURVE_FUNCTIONS
11
const SYMCRYPT_ECURVE_FUNCTIONS SymCryptEcurveDispatchTable[] =
12
{
13
    // NULL Type
14
    {
15
        NULL,       // SymCryptEcpointSetZeroNotImplemented,
16
        NULL,       // SymCryptEcpointSetDistinguishedPointNotImplemented,
17
        NULL,       // SymCryptEcpointSetRandomNotImplemented,
18
        NULL,       // SymCryptEcpointIsEqualNotImplemented,
19
        NULL,       // SymCryptEcpointIsZeroNotImplemented,
20
        NULL,       // SymCryptEcpointOnCurveNotImplemented,
21
        NULL,       // SymCryptEcpointAddNotImplemented,
22
        NULL,       // SymCryptEcpointAddDiffNonZeroNotImplemented,
23
        NULL,       // SymCryptEcpointDoubleNotImplemented,
24
        NULL,       // SymCryptEcpointNegateNotImplemented,
25
        NULL,       // SymCryptEcpointScalarMulNotImplemented,
26
        NULL,       // SymCryptEcpointMultiScalarMulNotImplemented,
27
        NULL,       // SymCryptEcurveFillScratchSpacesNotImplemented,
28
    },
29
    // Short Weierstrass
30
    {
31
        SymCryptShortWeierstrassSetZero,
32
        SymCryptShortWeierstrassSetDistinguished,
33
        SymCryptEcpointGenericSetRandom,
34
        SymCryptShortWeierstrassIsEqual,
35
        SymCryptShortWeierstrassIsZero,
36
        SymCryptShortWeierstrassOnCurve,
37
        SymCryptShortWeierstrassAdd,
38
        SymCryptShortWeierstrassAddDiffNonZero,
39
        SymCryptShortWeierstrassDouble,
40
        SymCryptShortWeierstrassNegate,
41
        SymCryptEcpointScalarMulFixedWindow,
42
        SymCryptEcpointMultiScalarMulWnafWithInterleaving,
43
        SymCryptShortWeierstrassFillScratchSpaces,
44
    },
45
    // Twisted Edwards
46
    {
47
        SymCryptTwistedEdwardsSetZero,
48
        SymCryptTwistedEdwardsSetDistinguished,
49
        SymCryptEcpointGenericSetRandom,
50
        SymCryptTwistedEdwardsIsEqual,
51
        SymCryptTwistedEdwardsIsZero,
52
        SymCryptTwistedEdwardsOnCurve,
53
        SymCryptTwistedEdwardsAdd,
54
        SymCryptTwistedEdwardsAddDiffNonZero,
55
        SymCryptTwistedEdwardsDouble,
56
        SymCryptTwistedEdwardsNegate,
57
        SymCryptEcpointScalarMulFixedWindow,
58
        SymCryptEcpointMultiScalarMulWnafWithInterleaving,
59
        SymCryptTwistedEdwardsFillScratchSpaces,
60
    },
61
    // Montgomery
62
    {
63
        NULL,       // SymCryptEcpointSetZeroNotImplemented,
64
        SymCryptMontgomerySetDistinguished,
65
        SymCryptEcpointGenericSetRandom,
66
        SymCryptMontgomeryIsEqual,
67
        SymCryptMontgomeryIsZero,
68
        NULL,       // SymCryptEcpointOnCurveNotImplemented,
69
        NULL,       // SymCryptEcpointAddNotImplemented,
70
        NULL,       // SymCryptEcpointAddDiffNonZeroNotImplemented,
71
        NULL,       // SymCryptEcpointDoubleNotImplemented,
72
        NULL,       // SymCryptEcpointNegateNotImplemented,
73
        SymCryptMontgomeryPointScalarMul,
74
        NULL,       // SymCryptEcpointMultiScalarMulNotImplemented,
75
        SymCryptMontgomeryFillScratchSpaces,
76
    },
77
    // Short Weierstrass with A==-3
78
    {
79
        SymCryptShortWeierstrassSetZero,
80
        SymCryptShortWeierstrassSetDistinguished,
81
        SymCryptEcpointGenericSetRandom,
82
        SymCryptShortWeierstrassIsEqual,
83
        SymCryptShortWeierstrassIsZero,
84
        SymCryptShortWeierstrassOnCurve,
85
        SymCryptShortWeierstrassAdd,
86
        SymCryptShortWeierstrassAddDiffNonZero,
87
        SymCryptShortWeierstrassDoubleSpecializedAm3,
88
        SymCryptShortWeierstrassNegate,
89
        SymCryptEcpointScalarMulFixedWindow,
90
        SymCryptEcpointMultiScalarMulWnafWithInterleaving,
91
        SymCryptShortWeierstrassFillScratchSpaces,
92
    },
93
    // Slack to make dispatch table size a power of 2
94
    {NULL,},
95
    {NULL,},
96
    {NULL,},
97
};
98

99
#define SYMCRYPT_ECURVE_DISPATCH_TABLE_SIZE (sizeof( SymCryptEcurveDispatchTable ))
100

101
// Ensure the table size is a power of 2
102
C_ASSERT( (SYMCRYPT_ECURVE_DISPATCH_TABLE_SIZE & (SYMCRYPT_ECURVE_DISPATCH_TABLE_SIZE - 1)) == 0 );
103

104
// For now the ECurve type encodes the index into this dispatch table, so we just mask by the size of the table
105
//
106
// We could instead encode the absolute offset into the table in the type field (similar to the Modulus dispatch table),
107
// and this mask would be multiplied by SYMCRYPT_ECURVE_FUNCTIONS_SIZE
108
#define SYMCRYPT_ECURVE_DISPATCH_TABLE_MASK ((SYMCRYPT_ECURVE_DISPATCH_TABLE_SIZE / SYMCRYPT_ECURVE_FUNCTIONS_SIZE)-1)
109

110
// We mask to constrain the unpredictable behaviour in the case of memory corruption; we do not want to interpret some data
111
// beyond the end of the dispatch table as function pointers
112
#define SYMCRYPT_ECURVE_CALL(v) (SymCryptEcurveDispatchTable[SYMCRYPT_FORCE_READ32(&(v)->type) & SYMCRYPT_ECURVE_DISPATCH_TABLE_MASK]).
113

114
// We read the curve's internal type with a 32b read so it must be 4 bytes large
115
C_ASSERT(sizeof(((PCSYMCRYPT_ECURVE)0)->type) == 4);
116

117
// Main functions
118
SYMCRYPT_DISABLE_CFG
119
VOID
120
SYMCRYPT_CALL
121
SymCryptEcpointSetZero(
122
    _In_    PCSYMCRYPT_ECURVE   pCurve,
123
    _Out_   PSYMCRYPT_ECPOINT   poDst,
124
    _Out_writes_bytes_opt_( cbScratch )
125
            PBYTE               pbScratch,
126
            SIZE_T              cbScratch )
127
{
128
    SYMCRYPT_ECURVE_CALL( pCurve ) setZeroFunc( pCurve, poDst, pbScratch, cbScratch );
129
}
130

131
SYMCRYPT_DISABLE_CFG
132
VOID
133
SYMCRYPT_CALL
134
SymCryptEcpointSetDistinguishedPoint(
135
    _In_    PCSYMCRYPT_ECURVE   pCurve,
136
    _Out_   PSYMCRYPT_ECPOINT   poDst,
137
    _Out_writes_bytes_opt_( cbScratch )
138
            PBYTE               pbScratch,
139
            SIZE_T              cbScratch )
140
{
141
    SYMCRYPT_ECURVE_CALL( pCurve ) setDistinguishedFunc( pCurve, poDst, pbScratch, cbScratch );
142
}
143

144
SYMCRYPT_DISABLE_CFG
145
VOID
146
SYMCRYPT_CALL
147
SymCryptEcpointSetRandom(
148
    _In_    PCSYMCRYPT_ECURVE       pCurve,
149
    _Out_   PSYMCRYPT_INT           piScalar,
150
    _Out_   PSYMCRYPT_ECPOINT       poDst,
151
    _Out_writes_bytes_opt_( cbScratch )
152
            PBYTE                   pbScratch,
153
            SIZE_T                  cbScratch )
154
{
155
    SYMCRYPT_ECURVE_CALL( pCurve ) setRandomFunc( pCurve, piScalar, poDst, pbScratch, cbScratch );
156
}
157

158
SYMCRYPT_DISABLE_CFG
159
UINT32
160
SYMCRYPT_CALL
161
SymCryptEcpointIsEqual(
162
    _In_    PCSYMCRYPT_ECURVE   pCurve,
163
    _In_    PCSYMCRYPT_ECPOINT  poSrc1,
164
    _In_    PCSYMCRYPT_ECPOINT  poSrc2,
165
            UINT32              flags,
166
    _Out_writes_bytes_opt_( cbScratch )
167
            PBYTE               pbScratch,
168
            SIZE_T              cbScratch )
169
{
170
    return SYMCRYPT_ECURVE_CALL( pCurve ) isEqualFunc( pCurve, poSrc1, poSrc2, flags, pbScratch, cbScratch );
171
}
172

173
SYMCRYPT_DISABLE_CFG
174
UINT32
175
SYMCRYPT_CALL
176
SymCryptEcpointIsZero(
177
    _In_    PCSYMCRYPT_ECURVE   pCurve,
178
    _In_    PCSYMCRYPT_ECPOINT  poSrc,
179
    _Out_writes_bytes_opt_( cbScratch )
180
            PBYTE               pbScratch,
181
            SIZE_T              cbScratch )
182
{
183
    return SYMCRYPT_ECURVE_CALL( pCurve ) isZeroFunc( pCurve, poSrc, pbScratch, cbScratch );
184
}
185

186
SYMCRYPT_DISABLE_CFG
187
UINT32
188
SYMCRYPT_CALL
189
SymCryptEcpointOnCurve(
190
    _In_    PCSYMCRYPT_ECURVE   pCurve,
191
    _In_    PCSYMCRYPT_ECPOINT  poSrc,
192
    _Out_writes_bytes_opt_( cbScratch )
193
            PBYTE               pbScratch,
194
            SIZE_T              cbScratch )
195
{
196
    return SYMCRYPT_ECURVE_CALL( pCurve ) onCurveFunc( pCurve, poSrc, pbScratch, cbScratch );
197
}
198

199
SYMCRYPT_DISABLE_CFG
200
VOID
201
SYMCRYPT_CALL
202
SymCryptEcpointAdd(
203
    _In_    PCSYMCRYPT_ECURVE   pCurve,
204
    _In_    PCSYMCRYPT_ECPOINT  poSrc1,
205
    _In_    PCSYMCRYPT_ECPOINT  poSrc2,
206
    _Out_   PSYMCRYPT_ECPOINT   poDst,
207
            UINT32              flags,
208
    _Out_writes_bytes_opt_( cbScratch )
209
            PBYTE               pbScratch,
210
            SIZE_T              cbScratch )
211
{
212
    SYMCRYPT_ECURVE_CALL( pCurve ) addFunc( pCurve, poSrc1, poSrc2, poDst, flags, pbScratch, cbScratch );
213
}
214

215
SYMCRYPT_DISABLE_CFG
216
VOID
217
SYMCRYPT_CALL
218
SymCryptEcpointAddDiffNonZero(
219
    _In_    PCSYMCRYPT_ECURVE   pCurve,
220
    _In_    PCSYMCRYPT_ECPOINT  poSrc1,
221
    _In_    PCSYMCRYPT_ECPOINT  poSrc2,
222
    _Out_   PSYMCRYPT_ECPOINT   poDst,
223
    _Out_writes_bytes_opt_( cbScratch )
224
            PBYTE               pbScratch,
225
            SIZE_T              cbScratch )
226
{
227
    SYMCRYPT_ECURVE_CALL( pCurve ) addDiffFunc( pCurve, poSrc1, poSrc2, poDst, pbScratch, cbScratch );
228
}
229

230
SYMCRYPT_DISABLE_CFG
231
VOID
232
SYMCRYPT_CALL
233
SymCryptEcpointDouble(
234
    _In_    PCSYMCRYPT_ECURVE   pCurve,
235
    _In_    PCSYMCRYPT_ECPOINT  poSrc,
236
    _Out_   PSYMCRYPT_ECPOINT   poDst,
237
            UINT32              flags,
238
    _Out_writes_bytes_opt_( cbScratch )
239
            PBYTE               pbScratch,
240
            SIZE_T              cbScratch )
241
{
242
    SYMCRYPT_ECURVE_CALL( pCurve ) doubleFunc( pCurve, poSrc, poDst, flags, pbScratch, cbScratch );
243
}
244

245
SYMCRYPT_DISABLE_CFG
246
VOID
247
SYMCRYPT_CALL
248
SymCryptEcpointNegate(
249
    _In_    PCSYMCRYPT_ECURVE   pCurve,
250
    _Inout_ PSYMCRYPT_ECPOINT   poSrc,
251
            UINT32              mask,
252
    _Out_writes_bytes_opt_( cbScratch )
253
            PBYTE               pbScratch,
254
            SIZE_T              cbScratch )
255
{
256
    SYMCRYPT_ECURVE_CALL( pCurve ) negateFunc( pCurve, poSrc, mask, pbScratch, cbScratch );
257
}
258

259
SYMCRYPT_DISABLE_CFG
260
SYMCRYPT_ERROR
261
SYMCRYPT_CALL
262
SymCryptEcpointScalarMul(
263
    _In_    PCSYMCRYPT_ECURVE   pCurve,
264
    _In_    PCSYMCRYPT_INT      piScalar,
265
    _In_opt_
266
            PCSYMCRYPT_ECPOINT  poSrc,
267
            UINT32              flags,
268
    _Out_   PSYMCRYPT_ECPOINT   poDst,
269
    _Out_writes_bytes_opt_( cbScratch )
270
            PBYTE               pbScratch,
271
            SIZE_T              cbScratch )
272
{
273
    return SYMCRYPT_ECURVE_CALL( pCurve ) scalarMulFunc( pCurve, piScalar, poSrc, flags, poDst, pbScratch, cbScratch );
274
}
275

276
SYMCRYPT_DISABLE_CFG
277
SYMCRYPT_ERROR
278
SYMCRYPT_CALL
279
SymCryptEcpointMultiScalarMul(
280
    _In_    PCSYMCRYPT_ECURVE       pCurve,
281
    _In_    PCSYMCRYPT_INT *        piSrcScalarArray,
282
    _In_    PCSYMCRYPT_ECPOINT *    poSrcEcpointArray,
283
            UINT32                  nPoints,
284
            UINT32                  flags,
285
    _Out_   PSYMCRYPT_ECPOINT       poDst,
286
    _Out_writes_bytes_opt_( cbScratch )
287
            PBYTE                   pbScratch,
288
            SIZE_T                  cbScratch )
289
{
290
    return SYMCRYPT_ECURVE_CALL( pCurve ) multiScalarMulFunc( pCurve, piSrcScalarArray, poSrcEcpointArray, nPoints, flags, poDst, pbScratch, cbScratch );
291
}
292

293
SYMCRYPT_DISABLE_CFG
294
VOID
295
SYMCRYPT_CALL
296
SymCryptEcurveFillScratchSpaces(
297
    _Inout_    PSYMCRYPT_ECURVE pCurve )
298
{
299
    SYMCRYPT_ECURVE_CALL( pCurve ) fillScratchSpacesFunc( pCurve );
300
}
301

302
Product

Resources

Company
