Move p from curve structure to its own constant
This removes an indirection, which both makes the code smaller and decreases
the number of glitching opportunities for an attacker.
diff --git a/tinycrypt/ecc_dsa.c b/tinycrypt/ecc_dsa.c
index 591c880..fc2a3fe 100644
--- a/tinycrypt/ecc_dsa.c
+++ b/tinycrypt/ecc_dsa.c
@@ -258,9 +258,9 @@
uECC_vli_set(sum + num_words, _public + num_words);
uECC_vli_set(tx, curve->G);
uECC_vli_set(ty, curve->G + num_words);
- uECC_vli_modSub(z, sum, tx, curve->p); /* z = x2 - x1 */
+ uECC_vli_modSub(z, sum, tx, curve_p); /* z = x2 - x1 */
XYcZ_add(tx, ty, sum, sum + num_words, curve);
- uECC_vli_modInv(z, z, curve->p); /* z = 1/z */
+ uECC_vli_modInv(z, z, curve_p); /* z = 1/z */
apply_z(sum, sum + num_words, z);
/* Use Shamir's trick to calculate u1*G + u2*Q */
@@ -288,13 +288,13 @@
uECC_vli_set(tx, point);
uECC_vli_set(ty, point + num_words);
apply_z(tx, ty, z);
- uECC_vli_modSub(tz, rx, tx, curve->p); /* Z = x2 - x1 */
+ uECC_vli_modSub(tz, rx, tx, curve_p); /* Z = x2 - x1 */
XYcZ_add(tx, ty, rx, ry, curve);
uECC_vli_modMult_fast(z, z, tz);
}
}
- uECC_vli_modInv(z, z, curve->p); /* Z = 1/Z */
+ uECC_vli_modInv(z, z, curve_p); /* Z = 1/Z */
apply_z(rx, ry, z);
/* v = x1 (mod n) */