aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/math/bigint
Commit message (Collapse)AuthorAgeFilesLines
* Avoid needless alloc and copyJack Lloyd2018-06-211-0/+6
|
* Avoid unnecessary realloc in BigInt::mod_subJack Lloyd2018-06-171-2/+7
|
* Fix a bug in Barrett reductionJack Lloyd2018-06-051-4/+3
| | | | | | -x*n % n would reduce to n instead of zero. Also some small optimizations and cleanups.
* Inline BigInt::shrink_to_fitJack Lloyd2018-05-092-7/+5
| | | | Improves P-256 a bit
* Inline this operator+ [ci skip]Jack Lloyd2018-04-262-6/+1
|
* Add BigInt functions for adding, subtracting and comparing with wordsJack Lloyd2018-04-264-51/+142
| | | | Avoids needless allocations for expressions like x - 1 or y <= 4.
* Add BigInt::mod_subJack Lloyd2018-04-232-0/+65
|
* Add const time annotationsJack Lloyd2018-04-152-0/+20
|
* Square is always positiveJack Lloyd2018-04-081-0/+1
|
* Add BigInt::square plus a speed test for BigInt multiplyJack Lloyd2018-04-082-0/+22
|
* Fix some Doxygen errorsJack Lloyd2018-03-281-1/+2
|
* Shift ECDSA inputs to match OpenSSL behaviorJack Lloyd2018-03-212-0/+21
| | | | See also GH #986
* Simplify a common case BigInt constructorJack Lloyd2018-03-212-1/+13
|
* Store base point multiplies in a single std::vectorJack Lloyd2018-03-202-0/+17
| | | | | | | | | | | Since the point is public all the values are also, so this reduces pressure on the mlock allocator and may (slightly) help perf through cache read-ahead. Downside is cache based side channels are slightly easier (vs the data being stored in discontigious vectors). But we shouldn't rely on that in any case. And having it be in an array makes a masked table lookup easier to arrange.
* Improve memory handling for PointGFpJack Lloyd2018-03-141-5/+0
|
* Move declaration of word to types.hJack Lloyd2018-03-011-1/+1
|
* Remove MP_WORD_BITS constantJack Lloyd2018-03-014-17/+17
| | | | Use the BOTAN_MP_WORD_BITS consistently
* Remove BigInt using functions from mp layerJack Lloyd2018-03-011-1/+5
|
* Inline some simple BigInt sign handling functionsJack Lloyd2018-03-012-32/+17
|
* Avoid needless allocation in BigInt operator+=Jack Lloyd2018-02-281-4/+2
| | | | Kind of amazing what a difference that made for overall ECDSA perf
* Optimize P-256 and P-384 reductionJack Lloyd2018-02-262-4/+14
| | | | Precompute the multiples of the prime and then subtract directly.
* Avoid some needless allocationsJack Lloyd2018-02-261-11/+27
|
* Optimize Barrett reductionJack Lloyd2018-02-263-4/+79
| | | | | | | | | | OSS-Fuzz 6570 flagged an issue with slow modular exponentation. It turned out the problem was not in the library version but the simple square-and-multiply algorithm. Computing g^x % p with all three integers being dense (high Hamming weight) numbers took about 1.5 seconds on a fast machine with almost all of the time taken by the Barrett reductions. With these changes, same testcase now takes only a tiny fraction of a second.
* Add BigInt::operator*= taking a wordJack Lloyd2018-02-262-2/+23
| | | | Avoids memory allocation when multiplying by a small constant.
* Use reduce_below in PointGFpJack Lloyd2018-02-251-0/+2
| | | | Improves ECDSA times by 2-3%
* Add BigInt::reduce_belowJack Lloyd2018-02-252-0/+33
|
* Pass workspace size to various bigint_ functionsJack Lloyd2018-02-252-2/+2
| | | | | | These functions made assumptions about the workspace size available, which if incorrect would cause memory corruption. Since the length is always available at the caller, just provide it and avoid problems.
* Minor optimizations in BigInt memory handlingJack Lloyd2018-02-232-2/+4
| | | | Makes 4-6% difference for ECDSA
* Fix an error in BigInt operator-Jack Lloyd2018-02-231-0/+1
| | | | (x) - (-x) would result in -2x instead of the correct 2x
* In PointGFp add/double avoid creating temporariesJack Lloyd2018-02-231-1/+7
| | | | | | | We already had the temp workspace passed in but did not use it effectively... :/ Improves ECDSA sign and verify by 5-15%
* New API for blinded ECC point multiplicationJack Lloyd2018-02-211-1/+1
| | | | No shared state
* Minor optimizations for BigInt operator/Jack Lloyd2018-02-191-0/+6
| | | | Detect divisions by small powers of 2
* Tiny optimization in BigInt::const_time_lookupJack Lloyd2018-02-131-1/+3
|
* Remove needless variableJack Lloyd2017-10-061-2/+0
|
* Add wrappers for reinterpret_cast between char* and uint8_t*Jack Lloyd2017-10-033-5/+5
| | | | | | | Generally speaking reinterpret_cast is sketchy stuff. But the special case of char*/uint8_t* is both common and safe. By isolating those, the remaining (likely sketchy) cases are easier to grep for.
* Remove redundant parensJack Lloyd2017-10-031-1/+1
| | | | Sonar
* Use class for exception typesJack Lloyd2017-10-021-2/+5
|
* Use explicit on more single-argument constructorsJack Lloyd2017-09-301-1/+1
|
* Add valgrind annotations to check const_time_lookupJack Lloyd2017-09-261-0/+5
|
* Use a side channel silent table look up in the Montgomery exponentiationJack Lloyd2017-09-252-0/+35
|
* Apply final annotations to the library alsoJack Lloyd2017-09-221-2/+2
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* Header file cleanupsJack Lloyd2017-09-213-4/+4
| | | | Some help from include-what-you-use
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-202-4/+4
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Add API stability annotations.Jack Lloyd2017-09-192-13/+13
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Avoid using <iostream> header within the libraryJack Lloyd2017-09-021-1/+2
| | | | We only need <istream> + <ostream> here
* Content:Tomasz Frydrych2017-04-031-1/+1
| | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-021-2/+4
|
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-188-61/+61
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Remove <source> block from info.txt filesJack Lloyd2016-12-081-10/+0
| | | | | | Kind of a vestigial thing from an earlier iteration of the module design, and never useful to specify anymore since taking all the cpp files is what you want exactly 100% of the time.
* Merge GH #567/GH #457 TLS refactoring and Callbacks interfaceJack Lloyd2016-08-312-7/+4
|\