diff options
| author | Jack Lloyd <[email protected]> | 2018-03-15 12:44:00 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-03-15 12:44:00 -0400 |
| commit | 8824c2d9f1b15406ae0a800dc5af5f6ce6b60b68 (patch) | |
| tree | 5b0f7cf952558a3fbc4cfe29ff47a5406764b0da /src/lib/pubkey | |
| parent | e11d00a6cb0abb3e29fd1eff4654208a4c423a50 (diff) | |
Avoid using threads in DSA operations
For DSA signing using a thread turned out to be purely a pessimization.
The single threaded code is faster even on a 4-core machine running Linux
(which has very fast thread creation). It would likely be much worse
on a single core machine or an OS with slower thread primitives.
For DSA verification, use Montgomery multi-exponentiation instead.
Diffstat (limited to 'src/lib/pubkey')
| -rw-r--r-- | src/lib/pubkey/dsa/dsa.cpp | 28 |
1 files changed, 3 insertions, 25 deletions
diff --git a/src/lib/pubkey/dsa/dsa.cpp b/src/lib/pubkey/dsa/dsa.cpp index f1d412013..9249cd0d5 100644 --- a/src/lib/pubkey/dsa/dsa.cpp +++ b/src/lib/pubkey/dsa/dsa.cpp @@ -18,10 +18,6 @@ #include <botan/rfc6979.h> #endif -#if defined(BOTAN_TARGET_OS_HAS_THREADS) - #include <future> -#endif - namespace Botan { /* @@ -121,16 +117,8 @@ DSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len, const BigInt k = BigInt::random_integer(rng, 1, q); #endif -#if defined(BOTAN_TARGET_OS_HAS_THREADS) - auto future_r = std::async(std::launch::async, - [&]() { return m_mod_q.reduce(m_group.power_g_p(k)); }); - - BigInt s = inverse_mod(k, q); - const BigInt r = future_r.get(); -#else BigInt s = inverse_mod(k, q); const BigInt r = m_mod_q.reduce(m_group.power_g_p(k)); -#endif s = m_mod_q.multiply(s, mul_add(m_x, r, i)); @@ -152,7 +140,6 @@ class DSA_Verification_Operation final : public PK_Ops::Verification_with_EMSA PK_Ops::Verification_with_EMSA(emsa), m_group(dsa.get_group()), m_y(dsa.get_y()), - m_powermod_y_p(m_y, dsa.group_p()), m_mod_q(dsa.group_q()) {} @@ -166,7 +153,6 @@ class DSA_Verification_Operation final : public PK_Ops::Verification_with_EMSA const DL_Group m_group; const BigInt& m_y; - Fixed_Base_Power_Mod m_powermod_y_p; Modular_Reducer m_mod_q; }; @@ -188,18 +174,10 @@ bool DSA_Verification_Operation::verify(const uint8_t msg[], size_t msg_len, s = inverse_mod(s, q); -#if defined(BOTAN_TARGET_OS_HAS_THREADS) - auto future_s_i = std::async(std::launch::async, - [&]() { return m_group.power_g_p(m_mod_q.multiply(s, i)); }); - - BigInt s_r = m_powermod_y_p(m_mod_q.multiply(s, r)); - BigInt s_i = future_s_i.get(); -#else - BigInt s_r = m_powermod_y_p(m_mod_q.multiply(s, r)); - BigInt s_i = m_group.power_g_p(m_mod_q.multiply(s, i)); -#endif + const BigInt sr = m_mod_q.multiply(s, r); + const BigInt si = m_mod_q.multiply(s, i); - s = m_group.multiply_mod_p(s_i, s_r); + s = m_group.multi_exponentiate(si, m_y, sr); return (m_mod_q.reduce(s) == r); } |