From ea0ce769791640e883ec4b7f73dcbce4b0399783 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Wed, 14 Mar 2018 07:08:10 -0400 Subject: Assume CurveGFp inputs are at most p words long Lets us avoid calling sig_words much of the time. Improves ECDSA 5-7% --- src/lib/pubkey/ec_group/curve_gfp.cpp | 40 +++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/lib/pubkey/ec_group/curve_gfp.cpp b/src/lib/pubkey/ec_group/curve_gfp.cpp index d841437f3..b57b8d3ef 100644 --- a/src/lib/pubkey/ec_group/curve_gfp.cpp +++ b/src/lib/pubkey/ec_group/curve_gfp.cpp @@ -89,10 +89,18 @@ void CurveGFp_Montgomery::to_curve_rep(BigInt& x, secure_vector& ws) const curve_mul(x, tx, m_r2, ws); } -void CurveGFp_Montgomery::from_curve_rep(BigInt& x, secure_vector& ws) const +void CurveGFp_Montgomery::from_curve_rep(BigInt& z, secure_vector& ws) const { - const BigInt tx = x; - curve_mul(x, tx, 1, ws); + if(ws.size() < get_ws_size()) + ws.resize(get_ws_size()); + + const size_t output_size = 2*m_p_words + 2; + if(z.size() < output_size) + z.grow_to(output_size); + + bigint_monty_redc(z.mutable_data(), + m_p.data(), m_p_words, m_p_dash, + ws.data(), ws.size()); } void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y, @@ -111,9 +119,12 @@ void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y, if(z.size() < output_size) z.grow_to(output_size); + const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words(); + const size_t y_words = (y.size() >= m_p_words) ? m_p_words : y.sig_words(); + bigint_mul(z.mutable_data(), z.size(), - x.data(), x.size(), x.sig_words(), - y.data(), y.size(), y.sig_words(), + x.data(), x.size(), x_words, + y.data(), y.size(), y_words, ws.data(), ws.size()); bigint_monty_redc(z.mutable_data(), @@ -130,19 +141,17 @@ void CurveGFp_Montgomery::curve_sqr(BigInt& z, const BigInt& x, return; } - const size_t x_sw = x.sig_words(); - BOTAN_ASSERT(x_sw <= m_p_words, "Input in range"); - if(ws.size() < get_ws_size()) ws.resize(get_ws_size()); const size_t output_size = 2*m_p_words + 2; - if(z.size() < output_size) z.grow_to(output_size); + const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words(); + bigint_sqr(z.mutable_data(), z.size(), - x.data(), x.size(), x_sw, + x.data(), x.size(), x_words, ws.data(), ws.size()); bigint_monty_redc(z.mutable_data(), @@ -216,9 +225,12 @@ void CurveGFp_NIST::curve_mul(BigInt& z, const BigInt& x, const BigInt& y, if(z.size() < output_size) z.grow_to(output_size); + const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words(); + const size_t y_words = (y.size() >= m_p_words) ? m_p_words : y.sig_words(); + bigint_mul(z.mutable_data(), z.size(), - x.data(), x.size(), x.sig_words(), - y.data(), y.size(), y.sig_words(), + x.data(), x.size(), x_words, + y.data(), y.size(), y_words, ws.data(), ws.size()); this->redc(z, ws); @@ -240,8 +252,10 @@ void CurveGFp_NIST::curve_sqr(BigInt& z, const BigInt& x, if(z.size() < output_size) z.grow_to(output_size); + const size_t x_words = (x.size() >= m_p_words) ? m_p_words : x.sig_words(); + bigint_sqr(z.mutable_data(), output_size, - x.data(), x.size(), x.sig_words(), + x.data(), x.size(), x_words, ws.data(), ws.size()); this->redc(z, ws); -- cgit v1.2.3