Skip to content

Commit

Permalink
montgomery: Use a distinct error for length checks.
Browse files Browse the repository at this point in the history
  • Loading branch information
briansmith committed Dec 6, 2023
1 parent 939fee0 commit 780ed2e
Show file tree
Hide file tree
Showing 5 changed files with 50 additions and 13 deletions.
2 changes: 2 additions & 0 deletions src/arithmetic.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,9 @@ mod constant;
#[cfg(feature = "alloc")]
pub mod bigint;

mod error;
pub mod montgomery;

mod n0;
pub use constant::limbs_from_hex;
pub(crate) use error::ImpossibleLengthError;
7 changes: 4 additions & 3 deletions src/arithmetic/bigint.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ pub(crate) use self::{
modulus::{Modulus, OwnedModulus, MODULUS_MAX_LIMBS},
private_exponent::PrivateExponent,
};
use super::ImpossibleLengthError;
use crate::{
arithmetic::montgomery::*,
bits::BitLength,
Expand Down Expand Up @@ -404,7 +405,7 @@ pub fn elem_exp_consttime<M>(
base: Elem<M, R>,
exponent: &PrivateExponent,
m: &Modulus<M>,
) -> Result<Elem<M, Unencoded>, error::Unspecified> {
) -> Result<Elem<M, Unencoded>, ImpossibleLengthError> {
use crate::{bssl, limb::Window};

const WINDOW_BITS: usize = 5;
Expand Down Expand Up @@ -490,7 +491,7 @@ pub fn elem_exp_consttime<M>(
base: Elem<M, R>,
exponent: &PrivateExponent,
m: &Modulus<M>,
) -> Result<Elem<M, Unencoded>, error::Unspecified> {
) -> Result<Elem<M, Unencoded>, ImpossibleLengthError> {
use crate::{cpu, limb::LIMB_BYTES};

// Pretty much all the math here requires CPU feature detection to have
Expand Down Expand Up @@ -629,7 +630,7 @@ pub fn elem_exp_consttime<M>(
mut i: Window,
num_limbs: usize,
cpu_features: cpu::Features,
) -> Result<(), error::Unspecified> {
) -> Result<(), ImpossibleLengthError> {
loop {
scatter(table, acc, i, num_limbs);
i *= 2;
Expand Down
32 changes: 32 additions & 0 deletions src/arithmetic/error.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
// Copyright 2023 Brian Smith.
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

use crate::error;

/// `ImpossibleLengthError` should never occur.
#[derive(Debug)]

Check warning on line 18 in src/arithmetic/error.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/error.rs#L18

Added line #L18 was not covered by tests
pub struct ImpossibleLengthError(());

impl ImpossibleLengthError {
pub(super) fn new() -> Self {
// unreachable!();
Self(())
}

Check warning on line 25 in src/arithmetic/error.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/error.rs#L22-L25

Added lines #L22 - L25 were not covered by tests
}

impl From<ImpossibleLengthError> for error::Unspecified {
fn from(_: ImpossibleLengthError) -> Self {
Self
}

Check warning on line 31 in src/arithmetic/error.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/error.rs#L29-L31

Added lines #L29 - L31 were not covered by tests
}
19 changes: 10 additions & 9 deletions src/arithmetic/montgomery.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

pub use super::n0::N0;
use crate::{cpu, error};
use super::ImpossibleLengthError;
use crate::cpu;

// Indicates that the element is not encoded; there is no *R* factor
// that needs to be canceled out.
Expand Down Expand Up @@ -133,9 +134,9 @@ unsafe fn mul_mont(
m: &[Limb],
n0: &N0,
_: cpu::Features,
) -> Result<(), error::Unspecified> {
) -> Result<(), ImpossibleLengthError> {
if m.len() < MIN_LIMBS || m.len() > MAX_LIMBS {
return Err(error::Unspecified);
return Err(ImpossibleLengthError::new());

Check warning on line 139 in src/arithmetic/montgomery.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/montgomery.rs#L139

Added line #L139 was not covered by tests
}
bn_mul_mont(r, a, b, m.as_ptr(), n0, m.len());
Ok(())
Expand Down Expand Up @@ -273,9 +274,9 @@ pub(super) fn limbs_mont_mul(
m: &[Limb],
n0: &N0,
cpu_features: cpu::Features,
) -> Result<(), error::Unspecified> {
) -> Result<(), ImpossibleLengthError> {
if r.len() != m.len() || a.len() != m.len() {
return Err(error::Unspecified);
return Err(ImpossibleLengthError::new());

Check warning on line 279 in src/arithmetic/montgomery.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/montgomery.rs#L279

Added line #L279 was not covered by tests
}
unsafe { mul_mont(r.as_mut_ptr(), r.as_ptr(), a.as_ptr(), m, n0, cpu_features) }
}
Expand All @@ -289,9 +290,9 @@ pub(super) fn limbs_mont_product(
m: &[Limb],
n0: &N0,
cpu_features: cpu::Features,
) -> Result<(), error::Unspecified> {
) -> Result<(), ImpossibleLengthError> {
if r.len() != m.len() || a.len() != m.len() || b.len() != m.len() {
return Err(error::Unspecified);
return Err(ImpossibleLengthError::new());

Check warning on line 295 in src/arithmetic/montgomery.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/montgomery.rs#L295

Added line #L295 was not covered by tests
}
unsafe { mul_mont(r.as_mut_ptr(), a.as_ptr(), b.as_ptr(), m, n0, cpu_features) }
}
Expand All @@ -302,9 +303,9 @@ pub(super) fn limbs_mont_square(
m: &[Limb],
n0: &N0,
cpu_features: cpu::Features,
) -> Result<(), error::Unspecified> {
) -> Result<(), ImpossibleLengthError> {
if r.len() != m.len() {
return Err(error::Unspecified);
return Err(ImpossibleLengthError::new());

Check warning on line 308 in src/arithmetic/montgomery.rs

View check run for this annotation

Codecov / codecov/patch

src/arithmetic/montgomery.rs#L308

Added line #L308 was not covered by tests
}
unsafe { mul_mont(r.as_mut_ptr(), r.as_ptr(), r.as_ptr(), m, n0, cpu_features) }
}
Expand Down
3 changes: 2 additions & 1 deletion src/rsa/keypair.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ use crate::{
arithmetic::{
bigint,
montgomery::{R, RR, RRR},
ImpossibleLengthError,
},
bits::BitLength,
cpu, digest,
Expand Down Expand Up @@ -482,7 +483,7 @@ fn elem_exp_consttime<M>(
c: &bigint::Elem<N>,
p: &PrivateCrtPrime<M>,
other_prime_len_bits: BitLength,
) -> Result<bigint::Elem<M>, error::Unspecified> {
) -> Result<bigint::Elem<M>, ImpossibleLengthError> {
let m = &p.modulus.modulus();
let c_mod_m = bigint::elem_reduced(c, m, other_prime_len_bits);
let c_mod_m = bigint::elem_mul(p.oneRRR.as_ref(), c_mod_m, m);
Expand Down

0 comments on commit 780ed2e

Please sign in to comment.