Added a nbits member to ecp_group
diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index 55aa282..cf79022 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -52,18 +52,17 @@
/**
* \brief ECP group structure
*
- * The curves we consider are defined by y^2 = x^3 - 3x + b mod p,
- * and a generator for a large subgroup is fixed.
+ * The curves we consider are defined by y^2 = x^3 - 3x + B mod P,
+ * and a generator for a large subgroup of order N is fixed.
*
- * If modp is NULL, pbits will not be used, and reduction modulo P is
- * done using a generic algorithm.
+ * pbits and nbits must be the size of P and N in bits.
*
- * If modp is not NULL, pbits must be the size of P in bits and modp
- * must be a function that takes an mpi in the range 0..2^(2*pbits) and
- * transforms it in-place in an integer of little more than pbits, so
- * that the integer may be efficiently brought in the 0..P range by a
- * few additions or substractions. It must return 0 on success and a
- * POLARSSL_ERR_ECP_XXX error on failure.
+ * If modp is NULL, reduction modulo P is done using a generic
+ * algorithm. Otherwise, it must point to a function that takes an mpi
+ * in the range 0..2^(2*pbits) and transforms it in-place in an integer
+ * of little more than pbits, so that the integer may be efficiently
+ * brought in the 0..P range by a few additions or substractions. It
+ * must return 0 on success and a POLARSSL_ERR_ECP_XXX error on failure.
*/
typedef struct
{
@@ -71,8 +70,9 @@
mpi B; /*!< constant term in the equation */
ecp_point G; /*!< generator of the subgroup used */
mpi N; /*!< the order of G */
+ size_t pbits; /*!< number of bits in P */
+ size_t nbits; /*!< number of bits in N */
int (*modp)(mpi *); /*!< function for fast reduction mod P */
- unsigned pbits; /*!< number of bits in P */
}
ecp_group;
@@ -158,6 +158,8 @@
* \param n The generator's order
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
+ *
+ * \note Sets all fields except modp.
*/
int ecp_group_read_string( ecp_group *grp, int radix,
const char *p, const char *b,
diff --git a/library/ecp.c b/library/ecp.c
index a773416..68d2f4e 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -64,8 +64,10 @@
ecp_point_init( &grp->G );
mpi_init( &grp->N );
- grp->modp = NULL;
grp->pbits = 0;
+ grp->nbits = 0;
+
+ grp->modp = NULL;
}
/*
@@ -155,12 +157,16 @@
MPI_CHK( ecp_point_read_string( &grp->G, radix, gx, gy ) );
MPI_CHK( mpi_read_string( &grp->N, radix, n ) );
+ grp->pbits = mpi_msb( &grp->P );
+ grp->nbits = mpi_msb( &grp->N );
+
cleanup:
return( ret );
}
/*
- * Wrapper around fast quasi-modp functions, with fall-back to mpi_mod_mpi
+ * Wrapper around fast quasi-modp functions, with fall-back to mpi_mod_mpi.
+ * See the documentation of struct ecp_group.
*/
static int ecp_modp( mpi *N, const ecp_group *grp )
{
@@ -394,7 +400,6 @@
{
case POLARSSL_ECP_DP_SECP192R1:
grp->modp = ecp_mod_p192;
- grp->pbits = 192;
return( ecp_group_read_string( grp, 16,
SECP192R1_P, SECP192R1_B,
SECP192R1_GX, SECP192R1_GY, SECP192R1_N ) );
@@ -416,7 +421,6 @@
case POLARSSL_ECP_DP_SECP521R1:
grp->modp = ecp_mod_p521;
- grp->pbits = 521;
return( ecp_group_read_string( grp, 16,
SECP521R1_P, SECP521R1_B,
SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );