1. 13 Mar, 2021 2 commits
    • Niels Möller's avatar
      Fix bug in ecc_ecdsa_verify. · 2397757b
      Niels Möller authored
      * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_mod_mul_canonical
      to compute the scalars used for ecc multiplication.
      * testsuite/ecdsa-verify-test.c (test_main): Add test case that
      triggers an assert on 64-bit platforms, without above fix.
      * testsuite/ecdsa-sign-test.c (test_main): Test case generating
      the same signature.
      2397757b
    • Niels Möller's avatar
      Use ecc_mod_mul_canonical for point comparison. · 5b7608fd
      Niels Möller authored
      * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical.
      5b7608fd
  2. 11 Mar, 2021 1 commit
    • Niels Möller's avatar
      New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical. · 2bf497ba
      Niels Möller authored
      * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical):
      New functions.
      * ecc-internal.h: Declare and document new functions.
      * curve448-eh-to-x.c (curve448_eh_to_x): Use ecc_mod_sqr_canonical.
      * curve25519-eh-to-x.c (curve25519_eh_to_x): Use ecc_mod_mul_canonical.
      * ecc-eh-to-a.c (ecc_eh_to_a): Likewise.
      * ecc-j-to-a.c (ecc_j_to_a): Likewise.
      * ecc-mul-m.c (ecc_mul_m): Likewise.
      2bf497ba
  3. 04 Mar, 2021 1 commit
  4. 17 Feb, 2021 1 commit
  5. 15 Feb, 2021 1 commit
  6. 13 Feb, 2021 2 commits
  7. 10 Feb, 2021 2 commits
  8. 08 Feb, 2021 2 commits
  9. 03 Feb, 2021 1 commit
  10. 02 Feb, 2021 2 commits
  11. 01 Feb, 2021 3 commits
  12. 31 Jan, 2021 5 commits
  13. 30 Jan, 2021 2 commits
  14. 25 Jan, 2021 2 commits
  15. 20 Jan, 2021 3 commits
  16. 13 Jan, 2021 1 commit
    • Michael Weiser's avatar
      arm: Unify neon asm for big- and little-endian modes · 62dc4ce4
      Michael Weiser authored and Niels Möller's avatar Niels Möller committed
      Switch arm neon assembler routines to endianness-agnostic loads and
      stores where possible to avoid modifications to the rest of the code.
      This involves switching to vld1.32 for loading consecutive 32-bit words
      in host endianness as well as vst1.8 for storing back to memory in
      little-endian order as required by the caller. Where necessary, r3 is
      used to store the precalculated offset into the source vector for the
      secondary load operations. vstm is kept for little-endian platforms
      because it is faster than vst1 on most ARM implementations.
      
      vst1.x (at least on the Allwinner A20 Cortex-A7 implementation) seems to
      interfer with itself on subsequent calls, slowing it down further. So we
      reschedule some instructions to do stores as soon as results become
      available to have some other calculations or loads before the next
      vst1.x. This reliably saves two additional cycles per block on salsa20
      and chacha which would otherwise be incurred.
      
      vld1.x does not seem t...
      62dc4ce4
  17. 10 Jan, 2021 1 commit
    • Niels Möller's avatar
      ppc: Fix use of __GLIBC_PREREQ in fat-ppc.c. · 49cb4039
      Niels Möller authored
      * fat-ppc.c: Don't use __GLIBC_PREREQ in the same preprocessor
      conditional as defined(__GLIBC_PREREQ), but move to a nested #if
      conditional. Fixes compile error on OpenBSD/powerpc64, reported by
      Jasper Lievisse Adriaanse.
      49cb4039
  18. 05 Jan, 2021 1 commit
  19. 04 Jan, 2021 1 commit
  20. 01 Jan, 2021 1 commit
  21. 28 Dec, 2020 2 commits
  22. 27 Dec, 2020 1 commit
  23. 26 Dec, 2020 2 commits