diff options
author | Nicolas Boichat <drinkcat@chromium.org> | 2018-05-24 14:33:06 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2018-05-29 06:02:19 -0700 |
commit | ecd0d1b5767c829f4c73a79a9eb6abae343284fb (patch) | |
tree | 72be322444b05435927078bf9ac16f810c35d06e /common | |
parent | cc7889bfaec9243ff35b6a366f6f2c7c65c33a13 (diff) | |
download | chrome-ec-ecd0d1b5767c829f4c73a79a9eb6abae343284fb.tar.gz |
rsa: Further optimization of multiplications for Cortex-M0
In RSA, we often need to actually compute (a*b)+c+d: provide some
assembly optimized functions for that.
With -O3, 3072-bit exponent, lower verification time from 104 ms to
88 ms on STM32F072 @48Mhz.
BRANCH=poppy
BUG=b:35647963
BUG=b:77608104
TEST=On staff, flash, verification successful
TEST=make test-rsa, make test-rsa3
TEST=make BOARD=hammer test-utils test-rsa3, test on board
Change-Id: I80e8a7258d091e4f6adea11797729ac657dfd85d
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1071411
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'common')
-rw-r--r-- | common/rsa.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/common/rsa.c b/common/rsa.c index 3d8518e9ef..8b166e9dfb 100644 --- a/common/rsa.c +++ b/common/rsa.c @@ -56,8 +56,8 @@ static void mont_mul_add(const struct rsa_public_key *key, uint32_t i; for (i = 1; i < RSANUMWORDS; ++i) { - A = (A >> 32) + mula32(a, b[i], c[i]); - B = (B >> 32) + mula32(d0, key->n[i], A); + A = mulaa32(a, b[i], c[i], A >> 32); + B = mulaa32(d0, key->n[i], A, B >> 32); c[i - 1] = (uint32_t)B; } @@ -82,7 +82,7 @@ static void mont_mul_add_0(const struct rsa_public_key *key, uint32_t i; for (i = 1; i < RSANUMWORDS; ++i) { - B = (B >> 32) + mula32(d0, key->n[i], c[i]); + B = mulaa32(d0, key->n[i], c[i], B >> 32); c[i - 1] = (uint32_t)B; } |