X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Finner.h;h=2bb8192d64dc2a1e37834cf63fdd8df0241469af;hp=fd764bcbe2b4254099b7676d95d9fcd5497b4ce8;hb=556e525d62cd5559e74fe4d2777a59d33590a033;hpb=7fc1ef315f807170f63b0ad8255cf77314b50ca5 diff --git a/src/inner.h b/src/inner.h index fd764bc..2bb8192 100644 --- a/src/inner.h +++ b/src/inner.h @@ -31,6 +31,15 @@ #include "config.h" #include "bearssl.h" +/* + * On MSVC, disable the warning about applying unary minus on an + * unsigned type: it is standard, we do it all the time, and for + * good reasons. + */ +#if _MSC_VER +#pragma warning( disable : 4146 ) +#endif + /* * Maximum size for a RSA modulus (in bits). Allocated stack buffers * depend on that size, so this value should be kept small. Currently, @@ -300,7 +309,7 @@ static inline void br_multihash_copyimpl(br_multihash_context *dst, const br_multihash_context *src) { - memcpy(dst->impl, src->impl, sizeof src->impl); + memcpy((void *)dst->impl, src->impl, sizeof src->impl); } /* ==================================================================== */ @@ -1093,6 +1102,9 @@ void br_i15_to_monty(uint16_t *x, const uint16_t *m); void br_i15_modpow(uint16_t *x, const unsigned char *e, size_t elen, const uint16_t *m, uint16_t m0i, uint16_t *t1, uint16_t *t2); +uint32_t br_i15_modpow_opt(uint16_t *x, const unsigned char *e, size_t elen, + const uint16_t *m, uint16_t m0i, uint16_t *tmp, size_t twlen); + void br_i15_encode(void *dst, size_t len, const uint16_t *x); uint32_t br_i15_decode_mod(uint16_t *x, @@ -1456,28 +1468,14 @@ extern const br_ec_curve_def br_secp256r1; extern const br_ec_curve_def br_secp384r1; extern const br_ec_curve_def br_secp521r1; -#if 0 -/* obsolete */ /* - * Type for the parameters for a "prime curve": - * coordinates are in GF(p), with p prime - * curve equation is Y^2 = X^3 - 3*X + b - * b is in Montgomery representation - * curve order is n and is prime - * base point is G (encoded) and has order n + * For Curve25519, the advertised "order" really is 2^255-1, since the + * point multipliction function really works over arbitrary 255-bit + * scalars. This value is only meant as a hint for ECDH key generation; + * only ECDSA uses the exact curve order, and ECDSA is not used with + * that specific curve. */ -typedef struct { - const uint32_t *p; - const uint32_t *b; - const uint32_t p0i; -} br_ec_prime_i31_curve; - -extern const br_ec_prime_i31_curve br_ec_prime_i31_secp256r1; -extern const br_ec_prime_i31_curve br_ec_prime_i31_secp384r1; -extern const br_ec_prime_i31_curve br_ec_prime_i31_secp521r1; - -#define BR_EC_I31_LEN ((BR_MAX_EC_SIZE + 61) / 31) -#endif +extern const br_ec_curve_def br_curve25519; /* * Decode some bytes as an i31 integer, with truncation (corresponding