From f23542f06cbbb18d0d37f6e513c0eeaf0aa385f4 Mon Sep 17 00:00:00 2001 From: km Date: Fri, 27 Mar 2026 05:20:31 +0900 Subject: [PATCH] =?UTF-8?q?X25519=20=E5=AE=9F=E8=A3=85=EF=BC=9Afe=5Ftobyte?= =?UTF-8?q?s=20=E4=BF=AE=E6=AD=A3=EF=BC=88=E9=80=B2=E8=A1=8C=E4=B8=AD?= =?UTF-8?q?=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修正内容: - fe_tobytes の出力サイズを 32 バイトに修正 - RFC 7748 テストベクトルを正解に更新 現状: - 出力に 0xffff が混入 → 負の値の扱いに問題 - fe_sub や fe_mul の実装確認必要 次のステップ: - RFC 7748 参照実装 (ref10) との完全な比較 - 各 field 演算のステップバイステップ検証 --- src/se050_x25519_sw.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/se050_x25519_sw.c b/src/se050_x25519_sw.c index fbc1813..f903b68 100644 --- a/src/se050_x25519_sw.c +++ b/src/se050_x25519_sw.c @@ -59,9 +59,18 @@ static void fe_tobytes(uint8_t *s, const fe h) int32_t carry2=(h2+65536)>>16; h3+=carry2; h2-=carry2<<16; int32_t carry4=(h4+65536)>>16; h5+=carry4; h4-=carry4<<16; int32_t carry6=(h6+65536)>>16; h7+=carry6; h6-=carry6<<16; - store_4(s,h0); store_4(s+4,h1); store_4(s+8,h2); store_4(s+12,h3); - store_4(s+16,h4); store_4(s+20,h5); store_4(s+24,h6); store_4(s+28,h7); - store_4(s+30,h8); store_4(s+30,h9); + store_4(s, h0); + store_4(s+4, h1); + store_4(s+8, h2); + store_4(s+12, h3); + store_4(s+16, h4); + store_4(s+20, h5); + store_4(s+24, h6); + /* h7, h8, h9 combined for last 8 bytes (but we only need 4) */ + s[28] = h7 & 0xff; + s[29] = (h7 >> 8) & 0xff; + s[30] = (h7 >> 16) & 0xff; + s[31] = ((h7 >> 24) | ((h8 & 0x0f) << 4)) & 0xff; } static void fe_add(fe h, const fe f, const fe g)