aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/ec_group
Commit message (Collapse)AuthorAgeFilesLines
* Add EC_Group::clear_registered_curve_dataJack Lloyd2018-03-192-0/+16
| | | | | | Needed for OSS-Fuzz (OOMing a lot) and maybe very occasionally useful in some weird application that has to deal with 100s of different curves.
* Cache additional values for PointGFp multi-exponentiationJack Lloyd2018-03-194-61/+99
| | | | Improves ECDSA verification by ~10%
* Avoid needless computation in base point multiplyJack Lloyd2018-03-193-33/+6
| | | | We computed twice as many values as were used.
* Use a better algorithm for base point multipliesJack Lloyd2018-03-192-10/+24
| | | | | | | Nothing very clever, just store P^i,2*P^i,3*P^i in a table so we can do two bits of the scalar at a time. Improves ECDSA sign by 20-30%
* Catch exceptions by reference not valueJack Lloyd2018-03-161-1/+1
| | | | Fixes a new warning in GCC 8
* Add a facility for debug-mode assertionsJack Lloyd2018-03-143-2/+9
| | | | | When we want to check something but it is to expensive to do so in normal builds.
* Assume CurveGFp inputs are at most p words longJack Lloyd2018-03-141-13/+27
| | | | Lets us avoid calling sig_words much of the time. Improves ECDSA 5-7%
* Avoid creating a temp hereJack Lloyd2018-03-141-4/+4
|
* Improve memory handling for PointGFpJack Lloyd2018-03-145-63/+83
|
* Tweaks to force_all_affineJack Lloyd2018-03-121-7/+5
|
* Merge GH #1483 Use uncompressed points for ECC by defaultJack Lloyd2018-03-103-37/+42
|\
| * Add PointGFp::encode as replacement for EC2OSPJack Lloyd2018-03-103-37/+42
| | | | | | | | | | | | Literally every single call to EC2OSP is converting the returned secure_vector to a std::vector. Which makes sense since private points are not really a thing in any protocol I know of.
* | Revert "Use move to avoid needless some needless copies"Jack Lloyd2018-03-101-16/+16
|/ | | | | | | | This reverts commit 5185c2aaa8bf9556556e4507869042a71eaba6c0. Clang says warning: moving a temporary object prevents copy elision [-Wpessimizing-move]
* Use move to avoid needless some needless copiesJack Lloyd2018-03-091-16/+16
|
* Cleanup commentsJack Lloyd2018-03-091-10/+7
|
* Add blinded_base_point_multiply_xJack Lloyd2018-03-082-0/+20
| | | | Often useful when the point is not needed
* Mul into temps to avoid allocationsJack Lloyd2018-03-081-7/+8
|
* Add PointGFp::force_all_affine using Montgomery's trickJack Lloyd2018-03-083-9/+68
| | | | Also be somewhat smarter in force_affine avoids several muls
* Require explicit calls to add_affineJack Lloyd2018-03-082-5/+2
| | | | Skipping the checks saves 3-7% for ECDSA
* Add destructor for unique_ptrJack Lloyd2018-03-082-0/+7
|
* Add mixed (J+A) point addition, new scalar mul for base pointsJack Lloyd2018-03-089-123/+392
| | | | | | | | | Adds PointGFp::force_affine(), ::add_affine(), and ::is_affine() Use a (very simple) technique for base point precomputations. Stick with fixed window for variable point inputs. Scalar blinding is now always enabled
* Support decoding of ECC groups with seed parameterJack Lloyd2018-03-041-0/+2
| | | | Closes GH #874
* Use Barrett instead of repeated divisions by p hereJack Lloyd2018-03-041-3/+6
| | | | Doesn't matter much since its a one time setup cost but can't hurt.
* Reduce temp usage in PointGFp addition and doublingJack Lloyd2018-03-044-104/+95
| | | | No noticable change in performance
* Avoid confusing error if invalid EC_Group is usedJack Lloyd2018-03-021-3/+9
| | | | | If an unknown group name was passed it would give a PEM error, instead of saying unknown group.
* Remove BigInt using functions from mp layerJack Lloyd2018-03-011-6/+19
|
* Fix overflow in monty_redcJack Lloyd2018-02-271-4/+4
| | | | | | | | | OSS-Fuzz caught a bug introduced in 5fcc1c70d7a. bigint_monty_redc assumes z is 2*p_words+2 words long. Previously the implicit rounding up in grow_to ensured a resize would result in a sufficiently large value. OSS-Fuzz 6581 6588 6593
* Avoid unnecessary calls to BigInt::grow_toJack Lloyd2018-02-261-4/+9
|
* Avoid using monty workspace for reduce_belowJack Lloyd2018-02-261-6/+6
| | | | | | | | | If the workspace is swapped, then it is too small for the Montgomery operation and will be reallocate on the next sqr/multiply operation. Also use ws[9] consistently for the Montgomery workspace, otherwise if add needs to pass off the mult2, the workspaces are not the expected size and again a reallocation occurs.
* Avoid some needless allocationsJack Lloyd2018-02-261-2/+4
|
* Add functions to EC_Group for getting base point coordinatesJack Lloyd2018-02-252-9/+43
|
* Merge ec_gfp and ec_group modulesJack Lloyd2018-02-256-2/+1525
| | | | | They were already somewhat entangled and future work will increase that (eg by having PointGFp hold a pointer to EC_Group)
* Add EC_Group::verify_public_elementJack Lloyd2018-02-232-0/+31
|
* Small cleanupJack Lloyd2018-02-211-3/+8
|
* Minimize header dependenciesJack Lloyd2018-02-211-1/+2
|
* Expose EC_Group::a_is_minus_3Jack Lloyd2018-02-212-1/+15
|
* New API for blinded ECC point multiplicationJack Lloyd2018-02-212-1/+33
| | | | No shared state
* Merge GH #1454 Used shared_ptr repr for DL_GroupJack Lloyd2018-02-191-5/+0
|\
| * Move allocator initializer RAII class to mem_ops.hJack Lloyd2018-02-191-5/+0
| | | | | | | | May be needed elsewhere
* | Merge GH #1448 Support custom curves in TLS handshakeJack Lloyd2018-02-191-3/+0
|\ \ | |/ |/|
| * Remove house curve supportJack Lloyd2018-02-131-3/+0
| |
* | Add point_multiply operation to EC_GroupJack Lloyd2018-02-182-0/+14
| | | | | | | | Allows precomputations in the future.
* | Add functions to reduce integers mod the order to EC_GroupJack Lloyd2018-02-182-9/+65
|/ | | | | | This allows calculating the Barett reduction params just once, when the group is initialized, then sharing them across all operations which use that group.
* Alternate method of forcing allocator initializationJack Lloyd2018-02-041-1/+6
| | | | That doesn't require a malloc/free every time we call ec_group_data()
* Add hack to deal with initialization fiascoJack Lloyd2018-02-041-0/+6
|
* Create a persistent registry for ECC group dataJack Lloyd2018-02-043-380/+480
| | | | Now a single copy is maintained of each EC group info
* Fix deprecation warningsJack Lloyd2018-02-012-11/+20
|
* Avoid CurveGFp in EC_Group interfaceJack Lloyd2018-01-312-20/+105
|
* Use shared representation of EC_GroupJack Lloyd2018-01-312-79/+262
| | | | Hide CurveGFp with an eye for eventual removal
* Prepare for making BER_Object members privateJack Lloyd2018-01-181-3/+3
| | | | | Now there are usable accessors that allow the library to avoid using BER_Object members directly.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 00:07:24 +0000