diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2021-12-11 23:27:40 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2021-12-11 23:27:40 +0100 |
| commit | 27df6aeef2d0d4b726a8b3b1ce1b1cafbbce3431 (patch) | |
| tree | 441d462b77e035affaa327f2d5a2ab8da595c920 /networking/tls_sp_c32.c | |
| parent | b240733ae7423cb8f542a624eef0cfa3037d05bc (diff) | |
| download | busybox-w32-27df6aeef2d0d4b726a8b3b1ce1b1cafbbce3431.tar.gz busybox-w32-27df6aeef2d0d4b726a8b3b1ce1b1cafbbce3431.tar.bz2 busybox-w32-27df6aeef2d0d4b726a8b3b1ce1b1cafbbce3431.zip | |
tls: P256: factor out "multiply then reduce" operation
function old new delta
sp_256_mont_mul_and_reduce_8 - 44 +44
sp_256_ecc_mulmod_8 517 442 -75
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 44/-75) Total: -31 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/tls_sp_c32.c')
| -rw-r--r-- | networking/tls_sp_c32.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/networking/tls_sp_c32.c b/networking/tls_sp_c32.c index cb166e413..292dda24e 100644 --- a/networking/tls_sp_c32.c +++ b/networking/tls_sp_c32.c | |||
| @@ -1091,6 +1091,17 @@ static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a | |||
| 1091 | sp_256_mont_mul_8(r, a, a /*, m, mp*/); | 1091 | sp_256_mont_mul_8(r, a, a /*, m, mp*/); |
| 1092 | } | 1092 | } |
| 1093 | 1093 | ||
| 1094 | static NOINLINE void sp_256_mont_mul_and_reduce_8(sp_digit* r, | ||
| 1095 | const sp_digit* a, const sp_digit* b | ||
| 1096 | /*, const sp_digit* m, sp_digit mp*/) | ||
| 1097 | { | ||
| 1098 | sp_digit rr[2 * 8]; | ||
| 1099 | |||
| 1100 | sp_256_mont_mul_8(rr, a, b /*, p256_mod, p256_mp_mod*/); | ||
| 1101 | memset(rr + 8, 0, sizeof(rr) / 2); | ||
| 1102 | sp_512to256_mont_reduce_8(r, rr /*, p256_mod, p256_mp_mod*/); | ||
| 1103 | } | ||
| 1104 | |||
| 1094 | /* Invert the number, in Montgomery form, modulo the modulus (prime) of the | 1105 | /* Invert the number, in Montgomery form, modulo the modulus (prime) of the |
| 1095 | * P256 curve. (r = 1 / a mod m) | 1106 | * P256 curve. (r = 1 / a mod m) |
| 1096 | * | 1107 | * |
| @@ -1186,7 +1197,6 @@ static void sp_256_map_8(sp_point* r, sp_point* p) | |||
| 1186 | { | 1197 | { |
| 1187 | sp_digit t1[8]; | 1198 | sp_digit t1[8]; |
| 1188 | sp_digit t2[8]; | 1199 | sp_digit t2[8]; |
| 1189 | sp_digit rr[2 * 8]; | ||
| 1190 | 1200 | ||
| 1191 | sp_256_mont_inv_8(t1, p->z); | 1201 | sp_256_mont_inv_8(t1, p->z); |
| 1192 | 1202 | ||
| @@ -1194,18 +1204,14 @@ static void sp_256_map_8(sp_point* r, sp_point* p) | |||
| 1194 | sp_256_mont_mul_8(t1, t2, t1 /*, p256_mod, p256_mp_mod*/); | 1204 | sp_256_mont_mul_8(t1, t2, t1 /*, p256_mod, p256_mp_mod*/); |
| 1195 | 1205 | ||
| 1196 | /* x /= z^2 */ | 1206 | /* x /= z^2 */ |
| 1197 | sp_256_mont_mul_8(rr, p->x, t2 /*, p256_mod, p256_mp_mod*/); | 1207 | sp_256_mont_mul_and_reduce_8(r->x, p->x, t2 /*, p256_mod, p256_mp_mod*/); |
| 1198 | memset(rr + 8, 0, sizeof(rr) / 2); | ||
| 1199 | sp_512to256_mont_reduce_8(r->x, rr /*, p256_mod, p256_mp_mod*/); | ||
| 1200 | /* Reduce x to less than modulus */ | 1208 | /* Reduce x to less than modulus */ |
| 1201 | if (sp_256_cmp_8(r->x, p256_mod) >= 0) | 1209 | if (sp_256_cmp_8(r->x, p256_mod) >= 0) |
| 1202 | sp_256_sub_8_p256_mod(r->x); | 1210 | sp_256_sub_8_p256_mod(r->x); |
| 1203 | sp_256_norm_8(r->x); | 1211 | sp_256_norm_8(r->x); |
| 1204 | 1212 | ||
| 1205 | /* y /= z^3 */ | 1213 | /* y /= z^3 */ |
| 1206 | sp_256_mont_mul_8(rr, p->y, t1 /*, p256_mod, p256_mp_mod*/); | 1214 | sp_256_mont_mul_and_reduce_8(r->y, p->y, t1 /*, p256_mod, p256_mp_mod*/); |
| 1207 | memset(rr + 8, 0, sizeof(rr) / 2); | ||
| 1208 | sp_512to256_mont_reduce_8(r->y, rr /*, p256_mod, p256_mp_mod*/); | ||
| 1209 | /* Reduce y to less than modulus */ | 1215 | /* Reduce y to less than modulus */ |
| 1210 | if (sp_256_cmp_8(r->y, p256_mod) >= 0) | 1216 | if (sp_256_cmp_8(r->y, p256_mod) >= 0) |
| 1211 | sp_256_sub_8_p256_mod(r->y); | 1217 | sp_256_sub_8_p256_mod(r->y); |