Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement cx_bn_gf2_n_mul #67

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

aido
Copy link

@aido aido commented Feb 29, 2024

Fixes #64

This PR is a workaround that implements cx_bn_gf2_n_mul() in the SDK until it is hopefully added as a syscall like in all other Ledger devices.

As the second Montgomery constant (bn_h) is an unused attribute here it begs the question how is the second Montgomery constant (bn_h) used in the implementation of cx_bn_gf2_n_mul() on Nano S Plus, Nano X and Stax devices? Is it also unused on these devices?

Note

The code in this PR is already included in the app-seed-tool which has passed Ledger's security review.

@aido aido force-pushed the cx_bn_gf2_n_mul branch from f468f15 to 1a15fad Compare May 19, 2024 14:09
@aido
Copy link
Author

aido commented May 21, 2024

Hi @srasoamiaramanana-ledger,

You seem to have expertise in this area so if I may ask a question.

This pull request is a straightforward implementation of Galois field multiplication for Nano S devices. It is probably not very efficient but seems to work nonetheless.

I notice that all devices except Nano S use a syscall to perform this function. That syscall makes use of the second Montgomery constant.

https://github.com/LedgerHQ/ledger-secure-sdk/blob/25f141f0b2d03ffad79b465ef29d29f07e3a33c0/include/ox_bn.h#L1111

I assume the use of the Second Montgomery constant in cx_bn_gf2_n_mul() somehow makes Galois field multiplication operations more efficient? If so, any idea on how I may implement similar in this pull request?

Note

I may move this PR to the ledger-secure-sdk repo as that seems to be replacing nanos-secure-sdk

@aido aido force-pushed the cx_bn_gf2_n_mul branch 2 times, most recently from 659250f to 852582d Compare June 6, 2024 20:16
Workaround that implements cx_bn_gf2_n_mul() in the SDK until it is hopefully added as a syscall like all other Ledger devices
Fixes LedgerHQ#64
@aido aido force-pushed the cx_bn_gf2_n_mul branch from 852582d to fd43d36 Compare June 6, 2024 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

cx_bn_gf2_n_mul() syscall
1 participant