p256: name some magic numbers

ctz · Nov 22, 2024 · 7cf31df · 7cf31df
1 parent 1528f11
commit 7cf31df
Showing 1 changed file with 41 additions and 25 deletions.
diff --git a/graviola/src/mid/p256.rs b/graviola/src/mid/p256.rs
@@ -7,6 +7,7 @@ use crate::mid::rng::{RandomSource, SystemRandom};
 use crate::Error;
 
 use core::fmt;
+use core::ops::Range;
 
 mod precomp;
 
@@ -102,7 +103,7 @@ impl PrivateKey {
     }
 
     /// Return a fixed-length encoding of this private key's value.
-    pub fn as_bytes(&self) -> [u8; 32] {
+    pub fn as_bytes(&self) -> [u8; Scalar::BYTES] {
         let _ = low::Entry::new_secret();
         self.scalar.as_bytes()
     }
@@ -148,7 +149,7 @@ impl PrivateKey {
     pub(crate) fn generate(rng: &mut dyn RandomSource) -> Result<Self, Error> {
         let _ = low::Entry::new_secret();
         for _ in 0..64 {
-            let mut r = [0u8; 32];
+            let mut r = [0u8; Scalar::BYTES];
             rng.fill(&mut r)?;
             if let Ok(p) = Self::from_bytes(&r) {
                 return Ok(p);
@@ -178,7 +179,7 @@ impl fmt::Debug for PrivateKey {
 }
 
 /// A shared secret output from a P-256 Diffie-Hellman operation.
-pub struct SharedSecret(pub [u8; 32]);
+pub struct SharedSecret(pub [u8; FieldElement::BYTES]);
 
 impl Drop for SharedSecret {
     fn drop(&mut self) {
@@ -192,19 +193,22 @@ struct AffineMontPoint {
 }
 
 impl AffineMontPoint {
+    const X: Range<usize> = 0..4;
+    const Y: Range<usize> = 4..8;
+
     fn from_x962_uncompressed(bytes: &[u8]) -> Result<Self, Error> {
         match bytes.first() {
             Some(&0x04) => (),
             Some(_) => return Err(Error::NotUncompressed),
             None => return Err(Error::WrongLength),
         }
 
-        if bytes.len() != 1 + 64 {
+        if bytes.len() != 1 + FieldElement::BYTES + FieldElement::BYTES {
             return Err(Error::WrongLength);
         }
 
-        let x = &bytes[1..33];
-        let y = &bytes[33..65];
+        let (_, xy) = bytes.split_at(1);
+        let (x, y) = xy.split_at(FieldElement::BYTES);
 
         let point = Self::from_xy(
             FieldElement(util::big_endian_slice_to_u64x4(x).unwrap()).as_mont(),
@@ -220,22 +224,22 @@ impl AffineMontPoint {
 
     fn x_scalar(&self) -> Scalar {
         let bytes = self.as_bytes_uncompressed();
-        Scalar::from_bytes_reduced(&bytes[1..33]).unwrap()
+        Scalar::from_bytes_reduced(&bytes[1..1 + Scalar::BYTES]).unwrap()
     }
 
     fn from_xy(x: FieldElement, y: FieldElement) -> Self {
         let mut r = Self::default();
-        r.xy[0..4].copy_from_slice(&x.0[..]);
-        r.xy[4..8].copy_from_slice(&y.0[..]);
+        r.xy[Self::X].copy_from_slice(&x.0[..]);
+        r.xy[Self::Y].copy_from_slice(&y.0[..]);
         r
     }
 
     fn x(&self) -> FieldElement {
-        FieldElement(self.xy[0..4].try_into().unwrap())
+        FieldElement(self.xy[Self::X].try_into().unwrap())
     }
 
     fn y(&self) -> FieldElement {
-        FieldElement(self.xy[4..8].try_into().unwrap())
+        FieldElement(self.xy[Self::Y].try_into().unwrap())
     }
 
     fn on_curve(&self) -> bool {
@@ -259,9 +263,12 @@ impl AffineMontPoint {
 
     fn as_bytes_uncompressed(&self) -> [u8; 65] {
         let mut r = [0u8; 65];
-        r[0] = 0x04;
-        r[1..33].copy_from_slice(&util::u64x4_to_big_endian(&self.x().demont().0));
-        r[33..65].copy_from_slice(&util::u64x4_to_big_endian(&self.y().demont().0));
+        let (indicator, xy) = r.split_at_mut(1);
+        let (x, y) = xy.split_at_mut(FieldElement::BYTES);
+
+        indicator[0] = 0x04;
+        x.copy_from_slice(&util::u64x4_to_big_endian(&self.x().demont().0));
+        y.copy_from_slice(&util::u64x4_to_big_endian(&self.y().demont().0));
         r
     }
 
@@ -282,14 +289,14 @@ impl AffineMontPoint {
 
     fn negate_y(&mut self) {
         let neg_y = self.y().negate_mod_p();
-        self.xy[4..8].copy_from_slice(&neg_y.0);
+        self.xy[Self::Y].copy_from_slice(&neg_y.0);
     }
 
     fn maybe_negate_y(&mut self, sign: u8) {
         let y = self.y();
         let neg_y = y.negate_mod_p();
         let result = FieldElement::select(&y, &neg_y, sign);
-        self.xy[4..8].copy_from_slice(&result.0);
+        self.xy[Self::Y].copy_from_slice(&result.0);
     }
 
     /// Precomputes wNAF form (with 𝑤=6) for the point `self`
@@ -396,6 +403,11 @@ struct JacobianMontPoint {
 }
 
 impl JacobianMontPoint {
+    const X: Range<usize> = 0..4;
+    const Y: Range<usize> = 4..8;
+    const XY: Range<usize> = 0..8;
+    const Z: Range<usize> = 8..12;
+
     fn infinity() -> Self {
         Self {
             xyz: [1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0],
@@ -411,19 +423,19 @@ impl JacobianMontPoint {
     }
 
     fn x(&self) -> FieldElement {
-        FieldElement(self.xyz[0..4].try_into().unwrap())
+        FieldElement(self.xyz[Self::X].try_into().unwrap())
     }
 
     fn y(&self) -> FieldElement {
-        FieldElement(self.xyz[4..8].try_into().unwrap())
+        FieldElement(self.xyz[Self::Y].try_into().unwrap())
     }
 
     fn z(&self) -> FieldElement {
-        FieldElement(self.xyz[8..12].try_into().unwrap())
+        FieldElement(self.xyz[Self::Z].try_into().unwrap())
     }
 
     fn set_z(&mut self, fe: &FieldElement) {
-        self.xyz[8..12].copy_from_slice(&fe.0);
+        self.xyz[Self::Z].copy_from_slice(&fe.0);
     }
 
     fn base_multiply(scalar: &Scalar) -> Self {
@@ -527,8 +539,8 @@ impl JacobianMontPoint {
 
     fn from_affine(p: &AffineMontPoint) -> Self {
         let mut xyz: [u64; 12] = Default::default();
-        xyz[..8].copy_from_slice(&p.xy);
-        xyz[8..12].copy_from_slice(&CURVE_ONE_MONT.0);
+        xyz[Self::XY].copy_from_slice(&p.xy);
+        xyz[Self::Z].copy_from_slice(&CURVE_ONE_MONT.0);
         Self { xyz }
     }
 
@@ -635,21 +647,23 @@ impl JacobianMontPoint {
 
     fn negate_y(&mut self) {
         let neg_y = self.y().negate_mod_p();
-        self.xyz[4..8].copy_from_slice(&neg_y.0);
+        self.xyz[Self::Y].copy_from_slice(&neg_y.0);
     }
 
     fn maybe_negate_y(&mut self, sign: u8) {
         let y = self.y();
         let neg_y = y.negate_mod_p();
         let result = FieldElement::select(&y, &neg_y, sign);
-        self.xyz[4..8].copy_from_slice(&result.0);
+        self.xyz[Self::Y].copy_from_slice(&result.0);
     }
 }
 
 #[derive(Clone, Copy, Debug, Default)]
 struct FieldElement([u64; 4]);
 
 impl FieldElement {
+    const BYTES: usize = 32;
+
     fn inv(&self) -> Self {
         let mut r = Self::default();
         low::bignum_inv_p256(&mut r.0, &self.0);
@@ -715,6 +729,8 @@ impl FieldElement {
 pub struct Scalar([u64; 4]);
 
 impl Scalar {
+    const BYTES: usize = 32;
+
     /// Create a scalar from the given slice, which can be any size.
     ///
     /// If it is larger than 32 bytes, the leading bytes must be
@@ -745,7 +761,7 @@ impl Scalar {
         }
     }
 
-    pub(crate) fn as_bytes(&self) -> [u8; 32] {
+    pub(crate) fn as_bytes(&self) -> [u8; Self::BYTES] {
         util::u64x4_to_big_endian(&self.0)
     }