1 files changed, 95 insertions, 8 deletions

diff --git a/modexp.c b/modexp.c
index a5172ee..d8e2904 100644
--- a/modexp.c
+++ b/modexp.c
@@ -1,7 +1,7 @@
 /*
  * modexp.c
  * ----------
- * Wrapper around Cryptech ModExp core.
+ * Wrapper around Cryptech ModExp cores.
  *
  * This doesn't do full RSA, that's another module.  This module's job
  * is just the I/O to get bits in and out of the ModExp core, including
@@ -11,8 +11,9 @@
  * enough that this module is no longer needed, it will go away.
  *
  * Authors: Rob Austein
- * Copyright (c) 2015-2017, NORDUnet A/S
- * All rights reserved.
+ * Copyright (c) 2015-2017, NORDUnet A/S All rights reserved.
+ * Copyright: 2020, The Commons Conservancy Cryptech Project
+ * SPDX-License-Identifier: BSD-3-Clause
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
@@ -24,9 +25,9 @@
  *   notice, this list of conditions and the following disclaimer in the
  *   documentation and/or other materials provided with the distribution.
  *
- * - Neither the name of the NORDUnet nor the names of its contributors may
- *   be used to endorse or promote products derived from this software
- *   without specific prior written permission.
+ * - Neither the name of the copyright holder nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
  * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -48,6 +49,26 @@
 #include "hal_internal.h"
 
 /*
+ * Whether we want to use the new ModExpNG core.
+ */
+
+static int use_modexpng = 0;
+
+hal_error_t hal_modexp_use_modexpng(const int onoff)
+{
+  if (onoff && (hal_core_find(MODEXPNG_NAME, NULL) == NULL))
+    return HAL_ERROR_CORE_NOT_FOUND;
+
+  use_modexpng = onoff;
+  return HAL_OK;
+}
+
+int hal_modexp_using_modexpng(void)
+{
+  return use_modexpng;
+}
+
+/*
  * Whether we want debug output.
  */
 
@@ -182,7 +203,7 @@ static inline hal_error_t check_args(hal_modexp_arg_t *a)
       a->exp    == NULL || a->exp_len    > MODEXPA7_OPERAND_BYTES || a->exp_len    >  a->mod_len     ||
       a->mod    == NULL || a->mod_len    > MODEXPA7_OPERAND_BYTES ||
       a->result == NULL || a->result_len > MODEXPA7_OPERAND_BYTES || a->result_len <  a->mod_len     ||
-      a->coeff  == NULL || a->coeff_len  > MODEXPA7_OPERAND_BYTES ||
+      a->coeff  == NULL || a->coeff_len  > MODEXPA7_OPERAND_BYTES + 4 ||
       a->mont   == NULL || a->mont_len   > MODEXPA7_OPERAND_BYTES ||
       ((a->msg_len | a->exp_len | a->mod_len) & 3) != 0)
     return HAL_ERROR_BAD_ARGUMENTS;
@@ -247,7 +268,7 @@ static inline hal_error_t setup_calc(const int precalc, hal_modexp_arg_t *a)
   if ((precalc &&
        (err = get_buffer(a->core, MODEXPA7_ADDR_MODULUS_COEFF_OUT,     a->coeff, a->coeff_len)) != HAL_OK) ||
       (precalc &&
-        (err = get_buffer(a->core, MODEXPA7_ADDR_MONTGOMERY_FACTOR_OUT, a->mont,  a->mont_len)) != HAL_OK) ||
+       (err = get_buffer(a->core, MODEXPA7_ADDR_MONTGOMERY_FACTOR_OUT, a->mont,  a->mont_len))  != HAL_OK) ||
       (err = set_buffer(a->core, MODEXPA7_ADDR_MODULUS_COEFF_IN,     a->coeff, a->coeff_len))   != HAL_OK  ||
       (err = set_buffer(a->core, MODEXPA7_ADDR_MONTGOMERY_FACTOR_IN, a->mont,  a->mont_len))    != HAL_OK  ||
       (err = set_register(a->core, MODEXPA7_ADDR_MODE, mode))                                   != HAL_OK  ||
@@ -342,6 +363,72 @@ hal_error_t hal_modexp2(const int precalc, hal_modexp_arg_t *a1, hal_modexp_arg_
   return err;
 }
 
+hal_error_t hal_modexpng(hal_modexpng_arg_t *a)
+{
+  hal_error_t err;
+
+  if ((err = check_args((hal_modexp_arg_t *)a)) != HAL_OK)
+    return err;
+
+  const int free_core = a->core == NULL;
+  const uint32_t mode = (a->p == NULL) ? MODEXPNG_MODE_PLAIN : MODEXPNG_MODE_CRT;
+
+  if ((free_core &&
+       (err = hal_core_alloc(MODEXPNG_NAME, &a->core, NULL)) != HAL_OK) ||
+      (err = hal_io_zero(a->core)) != HAL_OK ||  // <<<<
+      (err = set_register(a->core, MODEXPNG_ADDR_MODE, mode)) != HAL_OK ||
+      (err = set_register(a->core, MODEXPNG_ADDR_MODULUS_BITS, a->mod_len * 8)) != HAL_OK ||
+      (err = set_register(a->core, MODEXPNG_ADDR_EXPONENT_BITS, a->exp_len * 8)) != HAL_OK ||
+      (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_M, a->msg, a->msg_len)) != HAL_OK ||
+      (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_N, a->mod, a->mod_len)) != HAL_OK ||
+      (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_N_FACTOR, a->mont, a->mont_len)) != HAL_OK ||
+      (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_N_COEFF, a->coeff, a->coeff_len)) != HAL_OK)
+    goto fail;
+
+  if (a->bf != NULL && a->ubf != NULL) {
+    if ((err = set_buffer(a->core, MODEXPNG_ADDR_BANK_X, a->ubf, a->ubf_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_Y, a->bf, a->bf_len)) != HAL_OK)
+      goto fail;
+  }
+  else {
+    uint8_t one[a->mod_len]; memset(one, 0, sizeof(one)); one[sizeof(one) - 1] = 1;
+    if ((err = set_buffer(a->core, MODEXPNG_ADDR_BANK_X, one, sizeof(one))) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_Y, one, sizeof(one))) != HAL_OK)
+      goto fail;
+  }    
+
+  if (mode == MODEXPNG_MODE_PLAIN) {
+    if ((err = set_buffer(a->core, MODEXPNG_ADDR_BANK_D, a->exp, a->exp_len)) != HAL_OK)
+      goto fail;
+  }
+  else {
+    if ((err = set_buffer(a->core, MODEXPNG_ADDR_BANK_P, a->p, a->p_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_DP, a->dP, a->dP_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_P_FACTOR, a->pF, a->pF_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_P_COEFF, a->pC, a->pC_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_Q, a->q, a->q_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_DQ, a->dQ, a->dQ_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_Q_FACTOR, a->qF, a->qF_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_Q_COEFF, a->qC, a->qC_len)) != HAL_OK ||
+        (err = set_buffer(a->core, MODEXPNG_ADDR_BANK_QINV, a->qInv, a->qInv_len)) != HAL_OK)
+      goto fail;
+  }
+
+  if ((err = hal_io_zero(a->core)) != HAL_OK ||
+      (err = hal_io_next(a->core)) != HAL_OK ||
+      (err = hal_io_wait_valid(a->core)) != HAL_OK ||
+      (err = get_buffer(a->core, MODEXPNG_ADDR_BANK_S, a->result, a->result_len)) != HAL_OK)
+    goto fail;
+
+fail:
+  if (free_core) {
+    hal_core_free(a->core);
+    a->core = NULL;
+  }
+
+  return err;
+}
+
 /*
  * Local variables:
  * indent-tabs-mode: nil