diff options
author | Niels Möller <nisse@lysator.liu.se> | 2019-12-09 18:58:53 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2019-12-09 18:58:53 +0100 |
commit | b5ae97a8892fd4ad2021d58d4af87d95314a8f44 (patch) | |
tree | 35dc0023ba9f90170a617d68a305a097742557e2 | |
parent | d13bb31227f9fa58f3b1a41c79d7d39e4a0167b2 (diff) | |
download | nettle-b5ae97a8892fd4ad2021d58d4af87d95314a8f44.tar.gz |
Trim scratch usage of curve448 operations.
* ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n
to 6*n.
(ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly.
* curve448-mul.c (curve448_mul): Reduce allocation from 14*n to 12*n.
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | curve448-mul.c | 4 | ||||
-rw-r--r-- | ecc-448.c | 12 |
3 files changed, 16 insertions, 7 deletions
@@ -1,3 +1,10 @@ +2019-12-09 Niels Möller <nisse@lysator.liu.se> + + * ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n + to 6*n. + (ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly. + * curve448-mul.c (curve448_mul): Reduce allocation from 14*n to 12*n. + 2019-12-08 Niels Möller <nisse@lysator.liu.se> * x86_64/ecc-curve448-modp.asm (nettle_ecc_curve448_modp): New diff --git a/curve448-mul.c b/curve448-mul.c index afa814a4..59cf7664 100644 --- a/curve448-mul.c +++ b/curve448-mul.c @@ -34,6 +34,7 @@ # include "config.h" #endif +#include <assert.h> #include <string.h> #include "curve448.h" @@ -72,7 +73,8 @@ curve448_mul (uint8_t *q, const uint8_t *n, const uint8_t *p) #define a24 39081 - itch = ecc->p.size * 14; + itch = ecc->p.size * 12; + assert (ecc->p.invert_itch + 5*ecc->p.size <= itch); scratch = gmp_alloc_limbs (itch); /* Note that 255 % GMP_NUMB_BITS == 0 isn't supported, so x1 always @@ -124,7 +124,7 @@ ecc_mod_pow_2k (const struct ecc_modulo *m, } } -/* Computes a^{(p-3)/4} = a^{2^446-2^222-1} mod m. Needs 9 * n scratch +/* Computes a^{(p-3)/4} = a^{2^446-2^222-1} mod m. Needs 6 * n scratch space. */ static void ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, @@ -132,8 +132,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, mp_limb_t *scratch) { #define t0 scratch -#define t1 (scratch + 3*ECC_LIMB_SIZE) -#define t2 (scratch + 6*ECC_LIMB_SIZE) +#define t1 (scratch + 2*ECC_LIMB_SIZE) +#define t2 (scratch + 4*ECC_LIMB_SIZE) ecc_mod_sqr (p, rp, ap); /* a^2 */ ecc_mod_mul (p, t0, ap, rp); /* a^3 */ @@ -164,8 +164,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, #undef t2 } -/* Needs 9*ECC_LIMB_SIZE scratch space. */ -#define ECC_448_INV_ITCH (9*ECC_LIMB_SIZE) +/* Needs 6*ECC_LIMB_SIZE scratch space. */ +#define ECC_448_INV_ITCH (6*ECC_LIMB_SIZE) static void ecc_448_inv (const struct ecc_modulo *p, mp_limb_t *rp, const mp_limb_t *ap, @@ -207,7 +207,7 @@ ecc_448_zero_p (const struct ecc_modulo *p, mp_limb_t *xp) */ /* Needs 4*n space + scratch for ecc_mod_pow_446m224m1. */ -#define ECC_448_SQRT_ITCH (13*ECC_LIMB_SIZE) +#define ECC_448_SQRT_ITCH (10*ECC_LIMB_SIZE) static int ecc_448_sqrt(const struct ecc_modulo *p, mp_limb_t *rp, |