From b5ae97a8892fd4ad2021d58d4af87d95314a8f44 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Mon, 9 Dec 2019 18:58:53 +0100
Subject: Trim scratch usage of curve448 operations.

* ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n
to 6*n.
(ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly.
* curve448-mul.c (curve448_mul): Reduce allocation from 14*n to 12*n.
---
 curve448-mul.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'curve448-mul.c')

diff --git a/curve448-mul.c b/curve448-mul.c
index afa814a4..59cf7664 100644
--- a/curve448-mul.c
+++ b/curve448-mul.c
@@ -34,6 +34,7 @@
 # include "config.h"
 #endif
 
+#include <assert.h>
 #include <string.h>
 
 #include "curve448.h"
@@ -72,7 +73,8 @@ curve448_mul (uint8_t *q, const uint8_t *n, const uint8_t *p)
 
 #define a24 39081
 
-  itch = ecc->p.size * 14;
+  itch = ecc->p.size * 12;
+  assert (ecc->p.invert_itch + 5*ecc->p.size <= itch);
   scratch = gmp_alloc_limbs (itch);
 
   /* Note that 255 % GMP_NUMB_BITS == 0 isn't supported, so x1 always
-- 
cgit v1.2.1