diff --git a/src/arithmetic.rs b/src/arithmetic.rs index 1381f6dbac..4b9dfde397 100644 --- a/src/arithmetic.rs +++ b/src/arithmetic.rs @@ -17,7 +17,9 @@ mod constant; #[cfg(feature = "alloc")] pub mod bigint; +mod error; pub mod montgomery; mod n0; pub use constant::limbs_from_hex; +pub(crate) use error::ImpossibleLengthError; diff --git a/src/arithmetic/bigint.rs b/src/arithmetic/bigint.rs index 9377a8d483..0a1c17178b 100644 --- a/src/arithmetic/bigint.rs +++ b/src/arithmetic/bigint.rs @@ -41,6 +41,7 @@ pub(crate) use self::{ modulus::{Modulus, OwnedModulus, MODULUS_MAX_LIMBS}, private_exponent::PrivateExponent, }; +use super::ImpossibleLengthError; use crate::{ arithmetic::montgomery::*, bits::BitLength, @@ -404,7 +405,7 @@ pub fn elem_exp_consttime( base: Elem, exponent: &PrivateExponent, m: &Modulus, -) -> Result, error::Unspecified> { +) -> Result, ImpossibleLengthError> { use crate::{bssl, limb::Window}; const WINDOW_BITS: usize = 5; @@ -490,7 +491,7 @@ pub fn elem_exp_consttime( base: Elem, exponent: &PrivateExponent, m: &Modulus, -) -> Result, error::Unspecified> { +) -> Result, ImpossibleLengthError> { use crate::{cpu, limb::LIMB_BYTES}; // Pretty much all the math here requires CPU feature detection to have @@ -629,7 +630,7 @@ pub fn elem_exp_consttime( mut i: Window, num_limbs: usize, cpu_features: cpu::Features, - ) -> Result<(), error::Unspecified> { + ) -> Result<(), ImpossibleLengthError> { loop { scatter(table, acc, i, num_limbs); i *= 2; diff --git a/src/arithmetic/error.rs b/src/arithmetic/error.rs new file mode 100644 index 0000000000..656ba4aa4d --- /dev/null +++ b/src/arithmetic/error.rs @@ -0,0 +1,32 @@ +// Copyright 2023 Brian Smith. +// +// Permission to use, copy, modify, and/or distribute this software for any +// purpose with or without fee is hereby granted, provided that the above +// copyright notice and this permission notice appear in all copies. +// +// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES +// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY +// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +use crate::error; + +/// `ImpossibleLengthError` should never occur. +#[derive(Debug)] +pub struct ImpossibleLengthError(()); + +impl ImpossibleLengthError { + pub(super) fn new() -> Self { + // unreachable!(); + Self(()) + } +} + +impl From for error::Unspecified { + fn from(_: ImpossibleLengthError) -> Self { + Self + } +} diff --git a/src/arithmetic/montgomery.rs b/src/arithmetic/montgomery.rs index 48dc60d625..71c527e334 100644 --- a/src/arithmetic/montgomery.rs +++ b/src/arithmetic/montgomery.rs @@ -13,7 +13,8 @@ // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. pub use super::n0::N0; -use crate::{cpu, error}; +use super::ImpossibleLengthError; +use crate::cpu; // Indicates that the element is not encoded; there is no *R* factor // that needs to be canceled out. @@ -133,9 +134,9 @@ unsafe fn mul_mont( m: &[Limb], n0: &N0, _: cpu::Features, -) -> Result<(), error::Unspecified> { +) -> Result<(), ImpossibleLengthError> { if m.len() < MIN_LIMBS || m.len() > MAX_LIMBS { - return Err(error::Unspecified); + return Err(ImpossibleLengthError::new()); } bn_mul_mont(r, a, b, m.as_ptr(), n0, m.len()); Ok(()) @@ -273,9 +274,9 @@ pub(super) fn limbs_mont_mul( m: &[Limb], n0: &N0, cpu_features: cpu::Features, -) -> Result<(), error::Unspecified> { +) -> Result<(), ImpossibleLengthError> { if r.len() != m.len() || a.len() != m.len() { - return Err(error::Unspecified); + return Err(ImpossibleLengthError::new()); } unsafe { mul_mont(r.as_mut_ptr(), r.as_ptr(), a.as_ptr(), m, n0, cpu_features) } } @@ -289,9 +290,9 @@ pub(super) fn limbs_mont_product( m: &[Limb], n0: &N0, cpu_features: cpu::Features, -) -> Result<(), error::Unspecified> { +) -> Result<(), ImpossibleLengthError> { if r.len() != m.len() || a.len() != m.len() || b.len() != m.len() { - return Err(error::Unspecified); + return Err(ImpossibleLengthError::new()); } unsafe { mul_mont(r.as_mut_ptr(), a.as_ptr(), b.as_ptr(), m, n0, cpu_features) } } @@ -302,9 +303,9 @@ pub(super) fn limbs_mont_square( m: &[Limb], n0: &N0, cpu_features: cpu::Features, -) -> Result<(), error::Unspecified> { +) -> Result<(), ImpossibleLengthError> { if r.len() != m.len() { - return Err(error::Unspecified); + return Err(ImpossibleLengthError::new()); } unsafe { mul_mont(r.as_mut_ptr(), r.as_ptr(), r.as_ptr(), m, n0, cpu_features) } } diff --git a/src/rsa/keypair.rs b/src/rsa/keypair.rs index f485182fc4..d74dc8ab4b 100644 --- a/src/rsa/keypair.rs +++ b/src/rsa/keypair.rs @@ -21,6 +21,7 @@ use crate::{ arithmetic::{ bigint, montgomery::{R, RR, RRR}, + ImpossibleLengthError, }, bits::BitLength, cpu, digest, @@ -482,7 +483,7 @@ fn elem_exp_consttime( c: &bigint::Elem, p: &PrivateCrtPrime, other_prime_len_bits: BitLength, -) -> Result, error::Unspecified> { +) -> Result, ImpossibleLengthError> { let m = &p.modulus.modulus(); let c_mod_m = bigint::elem_reduced(c, m, other_prime_len_bits); let c_mod_m = bigint::elem_mul(p.oneRRR.as_ref(), c_mod_m, m);