mirror of https://github.com/golang/go.git
[release-branch.go1.8] crypto/elliptic: fix carry bug in x86-64 P-256 implementation.
Patch from Vlad Krasnov and confirmed to be under CLA.
Fixes #20040.
Change-Id: Ieb8436c4dcb6669a1620f1e0d257efd047b1b87c
Reviewed-on: https://go-review.googlesource.com/41070
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
(cherry picked from commit 9294fa2749)
Reviewed-on: https://go-review.googlesource.com/43770
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Chris Broadfoot <cbro@golang.org>
This commit is contained in:
Adam Langley
Chris Broadfoot
parent
8babce23e3
commit
38d35f49e7
|
|
@ -300,6 +300,29 @@ var p224BaseMultTests = []baseMultTest{
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type scalarMultTest struct {
|
||||||
|
k string
|
||||||
|
xIn, yIn string
|
||||||
|
xOut, yOut string
|
||||||
|
}
|
||||||
|
|
||||||
|
var p256MultTests = []scalarMultTest{
|
||||||
|
{
|
||||||
|
"2a265f8bcbdcaf94d58519141e578124cb40d64a501fba9c11847b28965bc737",
|
||||||
|
"023819813ac969847059028ea88a1f30dfbcde03fc791d3a252c6b41211882ea",
|
||||||
|
"f93e4ae433cc12cf2a43fc0ef26400c0e125508224cdb649380f25479148a4ad",
|
||||||
|
"4d4de80f1534850d261075997e3049321a0864082d24a917863366c0724f5ae3",
|
||||||
|
"a22d2b7f7818a3563e0f7a76c9bf0921ac55e06e2e4d11795b233824b1db8cc0",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"313f72ff9fe811bf573176231b286a3bdb6f1b14e05c40146590727a71c3bccd",
|
||||||
|
"cc11887b2d66cbae8f4d306627192522932146b42f01d3c6f92bd5c8ba739b06",
|
||||||
|
"a2f08a029cd06b46183085bae9248b0ed15b70280c7ef13a457f5af382426031",
|
||||||
|
"831c3f6b5f762d2f461901577af41354ac5f228c2591f84f8a6e51e2e3f17991",
|
||||||
|
"93f90934cd0ef2c698cc471c60a93524e87ab31ca2412252337f364513e43684",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
func TestBaseMult(t *testing.T) {
|
func TestBaseMult(t *testing.T) {
|
||||||
p224 := P224()
|
p224 := P224()
|
||||||
for i, e := range p224BaseMultTests {
|
for i, e := range p224BaseMultTests {
|
||||||
|
|
@ -379,6 +402,19 @@ func TestP256Mult(t *testing.T) {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for i, e := range p256MultTests {
|
||||||
|
x, _ := new(big.Int).SetString(e.xIn, 16)
|
||||||
|
y, _ := new(big.Int).SetString(e.yIn, 16)
|
||||||
|
k, _ := new(big.Int).SetString(e.k, 16)
|
||||||
|
expectedX, _ := new(big.Int).SetString(e.xOut, 16)
|
||||||
|
expectedY, _ := new(big.Int).SetString(e.yOut, 16)
|
||||||
|
|
||||||
|
xx, yy := p256.ScalarMult(x, y, k.Bytes())
|
||||||
|
if xx.Cmp(expectedX) != 0 || yy.Cmp(expectedY) != 0 {
|
||||||
|
t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, expectedX, expectedY)
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestInfinity(t *testing.T) {
|
func TestInfinity(t *testing.T) {
|
||||||
|
|
|
||||||
|
|
@ -1314,12 +1314,12 @@ TEXT p256SubInternal(SB),NOSPLIT,$0
|
||||||
ADCQ p256const0<>(SB), acc5
|
ADCQ p256const0<>(SB), acc5
|
||||||
ADCQ $0, acc6
|
ADCQ $0, acc6
|
||||||
ADCQ p256const1<>(SB), acc7
|
ADCQ p256const1<>(SB), acc7
|
||||||
ADCQ $0, mul0
|
ANDQ $1, mul0
|
||||||
|
|
||||||
CMOVQNE acc0, acc4
|
CMOVQEQ acc0, acc4
|
||||||
CMOVQNE acc1, acc5
|
CMOVQEQ acc1, acc5
|
||||||
CMOVQNE acc2, acc6
|
CMOVQEQ acc2, acc6
|
||||||
CMOVQNE acc3, acc7
|
CMOVQEQ acc3, acc7
|
||||||
|
|
||||||
RET
|
RET
|
||||||
/* ---------------------------------------*/
|
/* ---------------------------------------*/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue