Commit b5ae97a8 authored by Niels Möller's avatar Niels Möller

Trim scratch usage of curve448 operations.

* ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n
to 6*n.
(ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly.
* curve448-mul.c (curve448_mul): Reduce allocation from 14*n to 12*n.
parent d13bb312
2019-12-09 Niels Möller <nisse@lysator.liu.se>
* ecc-448.c (ecc_mod_pow_446m224m1): Reduce scratch space from 9*n
to 6*n.
(ECC_448_INV_ITCH, ECC_448_SQRT_ITCH): Reduce accordingly.
* curve448-mul.c (curve448_mul): Reduce allocation from 14*n to 12*n.
2019-12-08 Niels Möller <nisse@lysator.liu.se> 2019-12-08 Niels Möller <nisse@lysator.liu.se>
* x86_64/ecc-curve448-modp.asm (nettle_ecc_curve448_modp): New * x86_64/ecc-curve448-modp.asm (nettle_ecc_curve448_modp): New
......
...@@ -34,6 +34,7 @@ ...@@ -34,6 +34,7 @@
# include "config.h" # include "config.h"
#endif #endif
#include <assert.h>
#include <string.h> #include <string.h>
#include "curve448.h" #include "curve448.h"
...@@ -72,7 +73,8 @@ curve448_mul (uint8_t *q, const uint8_t *n, const uint8_t *p) ...@@ -72,7 +73,8 @@ curve448_mul (uint8_t *q, const uint8_t *n, const uint8_t *p)
#define a24 39081 #define a24 39081
itch = ecc->p.size * 14; itch = ecc->p.size * 12;
assert (ecc->p.invert_itch + 5*ecc->p.size <= itch);
scratch = gmp_alloc_limbs (itch); scratch = gmp_alloc_limbs (itch);
/* Note that 255 % GMP_NUMB_BITS == 0 isn't supported, so x1 always /* Note that 255 % GMP_NUMB_BITS == 0 isn't supported, so x1 always
......
...@@ -124,7 +124,7 @@ ecc_mod_pow_2k (const struct ecc_modulo *m, ...@@ -124,7 +124,7 @@ ecc_mod_pow_2k (const struct ecc_modulo *m,
} }
} }
/* Computes a^{(p-3)/4} = a^{2^446-2^222-1} mod m. Needs 9 * n scratch /* Computes a^{(p-3)/4} = a^{2^446-2^222-1} mod m. Needs 6 * n scratch
space. */ space. */
static void static void
ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, ecc_mod_pow_446m224m1 (const struct ecc_modulo *p,
...@@ -132,8 +132,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, ...@@ -132,8 +132,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p,
mp_limb_t *scratch) mp_limb_t *scratch)
{ {
#define t0 scratch #define t0 scratch
#define t1 (scratch + 3*ECC_LIMB_SIZE) #define t1 (scratch + 2*ECC_LIMB_SIZE)
#define t2 (scratch + 6*ECC_LIMB_SIZE) #define t2 (scratch + 4*ECC_LIMB_SIZE)
ecc_mod_sqr (p, rp, ap); /* a^2 */ ecc_mod_sqr (p, rp, ap); /* a^2 */
ecc_mod_mul (p, t0, ap, rp); /* a^3 */ ecc_mod_mul (p, t0, ap, rp); /* a^3 */
...@@ -164,8 +164,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p, ...@@ -164,8 +164,8 @@ ecc_mod_pow_446m224m1 (const struct ecc_modulo *p,
#undef t2 #undef t2
} }
/* Needs 9*ECC_LIMB_SIZE scratch space. */ /* Needs 6*ECC_LIMB_SIZE scratch space. */
#define ECC_448_INV_ITCH (9*ECC_LIMB_SIZE) #define ECC_448_INV_ITCH (6*ECC_LIMB_SIZE)
static void ecc_448_inv (const struct ecc_modulo *p, static void ecc_448_inv (const struct ecc_modulo *p,
mp_limb_t *rp, const mp_limb_t *ap, mp_limb_t *rp, const mp_limb_t *ap,
...@@ -207,7 +207,7 @@ ecc_448_zero_p (const struct ecc_modulo *p, mp_limb_t *xp) ...@@ -207,7 +207,7 @@ ecc_448_zero_p (const struct ecc_modulo *p, mp_limb_t *xp)
*/ */
/* Needs 4*n space + scratch for ecc_mod_pow_446m224m1. */ /* Needs 4*n space + scratch for ecc_mod_pow_446m224m1. */
#define ECC_448_SQRT_ITCH (13*ECC_LIMB_SIZE) #define ECC_448_SQRT_ITCH (10*ECC_LIMB_SIZE)
static int static int
ecc_448_sqrt(const struct ecc_modulo *p, mp_limb_t *rp, ecc_448_sqrt(const struct ecc_modulo *p, mp_limb_t *rp,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment