Reduce scratch need for ecc_curve25519_sqrt

author: Niels Möller <nisse@lysator.liu.se> 2020-11-06 21:13:13 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2020-11-06 21:13:13 +0100
commit: 0e08b1c78b2f3c9fd166ee4ca03e66a52dda3ebf (patch)
tree: 8f2a17d1402278122f18b15423f5847650052785
parent: d6f3118575ad48fbae0e29d8e88280e4d6b7210e (diff)
download: nettle-0e08b1c78b2f3c9fd166ee4ca03e66a52dda3ebf.tar.gz
2 files changed, 8 insertions, 7 deletions
diff --git a/ChangeLog b/ChangeLog
index 34089357..5f172e35 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2020-11-06  Niels Möller  <nisse@lysator.liu.se>
 
+	* ecc-curve25519.c (ecc_curve25519_sqrt): Reduce scratch need to
+	6*size.
+
 	* ecc-add-jja.c (ecc_add_jja): Delete an unneeded copy.
 
 2020-11-05  Niels Möller  <nisse@lysator.liu.se>
diff --git a/ecc-curve25519.c b/ecc-curve25519.c
index b53915c1..5d221ae3 100644
--- a/ecc-curve25519.c
+++ b/ecc-curve25519.c
@@ -205,8 +205,8 @@ ecc_curve25519_zero_p (const struct ecc_modulo *p, mp_limb_t *xp)
 #error Broken curve25519 parameters
 #endif
 
-/* Needs 3*n space + scratch for ecc_mod_pow_252m3. */
-#define ECC_25519_SQRT_ITCH (7*ECC_LIMB_SIZE)
+/* Needs 2*n space + scratch for ecc_mod_pow_252m3. */
+#define ECC_25519_SQRT_ITCH (6*ECC_LIMB_SIZE)
 
 static int
 ecc_curve25519_sqrt(const struct ecc_modulo *p, mp_limb_t *rp,
@@ -217,13 +217,12 @@ ecc_curve25519_sqrt(const struct ecc_modulo *p, mp_limb_t *rp,
 
 #define uv3 scratch
 #define uv7 (scratch + ECC_LIMB_SIZE)
-#define uv7p (scratch + 2*ECC_LIMB_SIZE)
 
 #define v2 uv7
 #define uv uv3
 #define v4 uv7
 
-#define scratch_out (scratch + 3 * ECC_LIMB_SIZE)
+#define scratch_out (scratch + 2 * ECC_LIMB_SIZE)
 
 #define x2 scratch
 #define vx2 (scratch + ECC_LIMB_SIZE)
@@ -235,8 +234,8 @@ ecc_curve25519_sqrt(const struct ecc_modulo *p, mp_limb_t *rp,
   ecc_mod_mul (p, uv3, uv, v2, scratch_out);	/* uv3, v2 */
   ecc_mod_sqr (p, v4, v2, scratch_out);		/* uv3, v4 */
   ecc_mod_mul (p, uv7, uv3, v4, scratch_out);	/* uv7 */
-  ecc_mod_pow_252m3 (p, uv7p, uv7, scratch_out);/* uv3, uv7p */
-  ecc_mod_mul (p, rp, uv7p, uv3, scratch_out);	/* none */
+  ecc_mod_pow_252m3 (p, rp, uv7, scratch_out);	/* uv3, uv7p */
+  ecc_mod_mul (p, rp, rp, uv3, scratch_out);	/* none */
 
   /* Check sign. If square root exists, have v x^2 = ±u */
   ecc_mod_sqr (p, x2, rp, t0);
@@ -252,7 +251,6 @@ ecc_curve25519_sqrt(const struct ecc_modulo *p, mp_limb_t *rp,
 
 #undef uv3
 #undef uv7
-#undef uv7p
 #undef v2
 #undef uv
 #undef v4
author	Niels Möller <nisse@lysator.liu.se>	2020-11-06 21:13:13 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2020-11-06 21:13:13 +0100
commit	0e08b1c78b2f3c9fd166ee4ca03e66a52dda3ebf (patch)
tree	8f2a17d1402278122f18b15423f5847650052785
parent	d6f3118575ad48fbae0e29d8e88280e4d6b7210e (diff)
download	nettle-0e08b1c78b2f3c9fd166ee4ca03e66a52dda3ebf.tar.gz