Extracting prime field modulus

[J08nY]

Hi there,
as part of our efforts to implement ECTester we are working with the Intel Crypto Primitives library. The recent deprecation and removal of some ECC functions hit hard, and I am now struggling to find a way to implement some functionality we rely on.

Concretely, assuming that I have an IppsGFpECState *curve I want to be able to extract all of its parameters (think of it like I want to serialize them/export them). I found APIs to get the a, b, Gx, Gy, n, h parameters via the ippsGFpECGet and ippsGFpECGetSubgroup calls. However, I am not able to extract the prime modulus in any way that does not go around API restrictions in a really hacky way. The ippsGFpECGet call only gets me the IppsGFpState and I cannot seem to be able to extract the modulus from that.

[rcao8]

You are right, as the deprecation notes, ippsGFpECGetSubgroup is recommended replacement.

[rcao8]

We are closing this ticket, please let us if need further supporting from community.

[J08nY]

Well so getting the modulus is not supported then? The replacement function does not allow one to extract the modulus, as I said.

[ElenaTyuleneva]

@J08nY , thank you for reaching out with your question. After a brief review of the mapping between the deprecated and recommended APIs, I can confirm that you are correct.

The suggested replacement for

IppStatus ippsECCPGet(IppsBigNumState* pPrime, IppsBigNumState* pA, IppsBigNumState* pB, IppsBigNumState* pGX,IppsBigNumState* pGY,IppsBigNumState* pOrder, int* cofactor, IppsECCPState* pEC)

is

IppStatus ippsGFpECGet(IppsGFpState** const ppGFp, IppsGFpElement* pA, IppsGFpElement* pB, const IppsGFpECState* pEC)

With the new API, IppsGFpState is responsible for holding all field-related information, including details about the prime. This is the right thing, since with the new API family, we are clearly separating field and curve functionality.

The issue you've identified seems to be an API extension request for GFp functionality - e.g. to introduce an ippsGFpGet* API that can provide all necessary information for field recovery during serialization and deserialization processes (currently available ippsGFpGetInfo does not support such capability).

Could you please let us know the urgency of this request?

[J08nY]

I have no input on the priorities. We maintain a tool that interfaces to a bunch of different ECC libraries and we try to keep it up to date. When updating the Intel Crypto interface we noticed we can no longer export curve parameters, hence this issue. I think the fixed API could be rather simple as it would just extract a BN that defines the prime out of the GFp state.