Comments (11)
sjaeckel
commented on June 30, 2024
@karel-m has an updated version of ecc in the miko-ecc-enhancements branch.
Does this issue still apply there?
from libtomcrypt.
KimSangpil
commented on June 30, 2024
yes.
I checked out miko-ecc-enhancements
and doing same test.
It has same problem, too.
I changed somes parameters in above test code.
void *a, *modulus, *order;
ecc_point *Q, *Result;
int i, err, primality;
/* ECC-224 */
i=13;
/* read A */
if ((err = mp_read_radix(a, (char *)ltc_ecc_sets[i].A, 16)) != CRYPT_OK) { goto done; }
/* read modulus */
if ((err = mp_read_radix(modulus, (char *)ltc_ecc_sets[i].prime, 16)) != CRYPT_OK) { goto done; }
/* read order */
if ((err = mp_read_radix(order, (char *)ltc_ecc_sets[i].order, 16)) != CRYPT_OK) { goto done; }
/* read Q */
if ((err = mp_read_radix(Q->x, (char *)"EA3745501BBC6A70BBFDD8AEEDB18CF5073C6DC9AA7CBB5915170D60", 16)) != C
RYPT_OK) { goto done; }
if ((err = mp_read_radix(Q->y, (char *)"6C9CB8E68AABFEC989CAC5E2326E0448B7E69C3E56039BA21A44FDAC", 16)) != C
RYPT_OK) { goto done; }
mp_set(Q->z, 1);
/* calculate nQ */
if ((err = ltc_mp.ecc_ptmul(order, Q, Result, a, modulus, 1)) != CRYPT_OK) { goto done; }
And I find out it stucks at ltc_ecc_map()
I think module does not have checking whether the point is at infinity
when doing calculating ecc math.
Shouldn't we add this logic in module doing math?
Could you describe the math logic to me in libtomcrypt module when doing ecc?
I think I can help it.
from libtomcrypt.
KimSangpil
commented on June 30, 2024
I think this would be an answer
When doing ltc_mp.ecc_ptmul()
Add checks the point whether the point is at infinity before ltc_ecc_map()
// point at inifinity check function
int ltc_is_point_at_infinity(ecc_point *in)
{
if(mp_cmp_d(&in->z, 0)==LTC_MP_EQ)
{
return 1;
}
else
{
return 0;
}
}
// modified ltc_ecc_mulmod function
int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map)
{
ecc_point *tG, *M[8];
int i, j, err;
void *mu, *mp;
ltc_mp_digit buf;
int first, bitbuf, bitcpy, bitcnt, mode, digidx;
LTC_ARGCHK(k != NULL);
LTC_ARGCHK(G != NULL);
LTC_ARGCHK(R != NULL);
LTC_ARGCHK(a != NULL);
LTC_ARGCHK(modulus != NULL);
// ..... mulmod operation
/* map R back from projective space */
if (map) {
err = ltc_is_point_at_infinity(R);
if(err)
{
err = ltc_ecc_map(R, modulus, mp);
}
else
{
fprintf(stderr, "point at infinity!!\n");
}
} else {
err = CRYPT_OK;
}
done:
if (mu != NULL) {
mp_clear(mu);
}
mp_montgomery_free(mp);
ltc_ecc_del_point(tG);
for (i = 0; i < 8; i++) {
ltc_ecc_del_point(M[i]);
}
return err;
}
but, ltc_is_point_at_infinity(R) returns LTC_MP_GT
because of R->z has used of 4
What was wrong ?
I think logic is quite simple and will be working.
It would be very appreciated If you give me a comment.
from libtomcrypt.
sjaeckel
commented on June 30, 2024
@karel-m can you please have a look and integrate that case in your ecc branch and fix it?
from libtomcrypt.
karel-m
commented on June 30, 2024
Could you please test the latest branch miko-ecc-enhancements - the fix is: b744d26 (although we should perhaps review handling of points at infinity also at other places).
Any improvements to _ecc_issue108 test (based on your example) are welcome:
https://github.com/libtom/libtomcrypt/blob/miko-ecc-enhancements/testprof/ecc_test.c#L109
from libtomcrypt.
sjaeckel
commented on June 30, 2024
@karel-m should I open a PR with the backported fix and testcase?
from libtomcrypt.
karel-m
commented on June 30, 2024
should I open a PR with the backported fix and testcase?
No, handling "point at infinity" is not a simple patch.
It is fixed in miko-ecc-enhancements (just checkout and grep for "infinity" to see all places that need fixing).
from libtomcrypt.
karel-m
commented on June 30, 2024
Unfortunately rebasing miko-ecc-enhancements on current develop fails very badly and I am currently short of time to investigate more.
from libtomcrypt.
sjaeckel
commented on June 30, 2024
No, handling "point at infinity" is not a simple patch.
Damn, but that patch at least fixes this issue ;-)
Unfortunately rebasing miko-ecc-enhancements on current develop fails very badly and I am currently short of time to investigate more.
That's also out of discussion for now, I'd prefer to have the remaining issues solved that we accepted to go into 1.18
Ah damn, this one is in 1.18... either we push it to next or we have to backport the "point at infinity" checks...
from libtomcrypt.
sjaeckel
commented on June 30, 2024
@karel-m how should we proceed with this issue?
from libtomcrypt.
karel-m
commented on June 30, 2024
This should be fixed in develop. I'll close this issue in 2 weeks unless there is a feedback that it is still a problem.
from libtomcrypt.
Related Issues (20)
- Support for reading SHAKE output in chunks. HOT 5
- Request to make project status (no more releases?) transparent on main page
- Format of r in poly1305?
- 3 Warnings 'Implicit conversion loses integer precision' in tweetnacl.c HOT 1
- Warning 'Implicit conversion loses integer precision: 'unsigned long long' to 'unsigned long'' in ed25519_verify.c HOT 1
- 2 Warnings 'Implicit conversion loses integer precision: 'unsigned long' to 'int'' in xts_init.c HOT 1
- Struct corruption in der_decode_sequence_flexi.c HOT 2
- How to encode [0] IMPLICIT SET OF? HOT 3
- Custom LIBPATH is not reflected in libtomcrypt.pc HOT 3
- Probably a mistake in function der_decode_choice HOT 1
- Wrong sign in documentation of 12.3.2 Extended Key Generation HOT 1
- Buffer overflow in ecc_get_key HOT 1
- Tiger Hash - Question HOT 4
- Signature verification of X509 certificate HOT 2
- Cannot compile with msvc2012 x86 HOT 1
- pkcs_1_pss_decode.c HOT 3
- Is there any plan to support FFDHE (RFC7919)? HOT 2
- ltc_math_descriptor redefinition error when attempting to compile using LTM as math provider. HOT 4
- ECC_Encrypt_Key does not work properly. HOT 1
- Wishlist: Shamir Shared Secret and ECIES HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libtomcrypt.