diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2021-04-26 17:41:43 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2021-04-26 17:41:43 +0200 |
commit | 6381f3d4f6d9ac111c2be7cfba041e8b7a28f9f9 (patch) | |
tree | 811e52506550874fe82f2fa9e85c87ec9497c76b /networking | |
parent | 772e18775e0e1db2392dcbea970d5729018437e8 (diff) |
tls: stop passing temporary buffer address in P256 code
function old new delta
sp_256_proj_point_dbl_10 435 453 +18
sp_256_ecc_mulmod_10 1300 1237 -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 18/-63) Total: -45 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
-rw-r--r-- | networking/tls_sp_c32.c | 61 |
1 files changed, 26 insertions, 35 deletions
diff --git a/networking/tls_sp_c32.c b/networking/tls_sp_c32.c index 70e20aa86..c71f716d6 100644 --- a/networking/tls_sp_c32.c +++ b/networking/tls_sp_c32.c @@ -170,8 +170,8 @@ static sp_digit sp_256_cmp_10(const sp_digit* a, const sp_digit* b) int i; for (i = 9; i >= 0; i--) { r = a[i] - b[i]; - if (r != 0) - break; + if (r != 0) + break; } return r; } @@ -553,16 +553,15 @@ static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m * * r Inverse result. * a Number to invert. - * td Temporary data. */ /* Mod-2 for the P256 curve. */ static const uint32_t p256_mod_2[8] = { - 0xfffffffd,0xffffffff,0xffffffff,0x00000000, - 0x00000000,0x00000000,0x00000001,0xffffffff, + 0xfffffffd,0xffffffff,0xffffffff,0x00000000, + 0x00000000,0x00000000,0x00000001,0xffffffff, }; -static void sp_256_mont_inv_10(sp_digit* r, sp_digit* a, sp_digit* td) +static void sp_256_mont_inv_10(sp_digit* r, sp_digit* a) { - sp_digit* t = td; + sp_digit t[2*10]; //can be just [10]? int i; memcpy(t, a, sizeof(sp_digit) * 10); @@ -578,15 +577,14 @@ static void sp_256_mont_inv_10(sp_digit* r, sp_digit* a, sp_digit* td) * * r Resulting affine co-ordinate point. * p Montgomery form projective co-ordinate point. - * t Temporary ordinate data. */ -static void sp_256_map_10(sp_point* r, sp_point* p, sp_digit* t) +static void sp_256_map_10(sp_point* r, sp_point* p) { - sp_digit* t1 = t; - sp_digit* t2 = t + 2*10; + sp_digit t1[2*10]; + sp_digit t2[2*10]; int32_t n; - sp_256_mont_inv_10(t1, p->z, t + 2*10); + sp_256_mont_inv_10(t1, p->z); sp_256_mont_sqr_10(t2, t1, p256_mod, p256_mp_mod); sp_256_mont_mul_10(t1, t2, t1, p256_mod, p256_mp_mod); @@ -617,21 +615,20 @@ static void sp_256_map_10(sp_point* r, sp_point* p, sp_digit* t) * * r Result of doubling point. * p Point to double. - * t Temporary ordinate data. */ -static void sp_256_proj_point_dbl_10(sp_point* r, sp_point* p, sp_digit* t) +static void sp_256_proj_point_dbl_10(sp_point* r, sp_point* p) { sp_point tp; - sp_digit* t1 = t; - sp_digit* t2 = t + 2*10; + sp_digit t1[2*10]; + sp_digit t2[2*10]; /* Put point to double into result */ if (r != p) *r = *p; /* struct copy */ if (r->infinity) { - /* If infinity, don't double (work on dummy value) */ - r = &tp; + /* If infinity, don't double (work on dummy value) */ + r = &tp; } /* T1 = Z * Z */ sp_256_mont_sqr_10(t1, r->z, p256_mod, p256_mp_mod); @@ -676,16 +673,14 @@ static void sp_256_proj_point_dbl_10(sp_point* r, sp_point* p, sp_digit* t) * r Result of addition. * p Frist point to add. * q Second point to add. - * t Temporary ordinate data. */ -static void sp_256_proj_point_add_10(sp_point* r, sp_point* p, sp_point* q, - sp_digit* t) +static void sp_256_proj_point_add_10(sp_point* r, sp_point* p, sp_point* q) { - sp_digit* t1 = t; - sp_digit* t2 = t + 2*10; - sp_digit* t3 = t + 4*10; - sp_digit* t4 = t + 6*10; - sp_digit* t5 = t + 8*10; + sp_digit t1[2*10]; + sp_digit t2[2*10]; + sp_digit t3[2*10]; + sp_digit t4[2*10]; + sp_digit t5[2*10]; /* Ensure only the first point is the same as the result. */ if (q == r) { @@ -701,7 +696,7 @@ static void sp_256_proj_point_add_10(sp_point* r, sp_point* p, sp_point* q, && sp_256_cmp_equal_10(p->z, q->z) && (sp_256_cmp_equal_10(p->y, q->y) || sp_256_cmp_equal_10(p->y, t1)) ) { - sp_256_proj_point_dbl_10(r, p, t); + sp_256_proj_point_dbl_10(r, p); } else { sp_point tp; @@ -762,7 +757,6 @@ static void sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* { enum { map = 1 }; /* we always convert result to affine coordinates */ sp_point t[3]; - sp_digit tmp[2 * 10 * 5]; sp_digit n; int i; int c, y; @@ -791,20 +785,17 @@ static void sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* y = (n >> 25) & 1; n <<= 1; -//FIXME: what's "tmp" and why do we pass it down? -//is it scratch space for "sensitive" data, to be memset(0) after we are done? - sp_256_proj_point_add_10(&t[y^1], &t[0], &t[1], tmp); + sp_256_proj_point_add_10(&t[y^1], &t[0], &t[1]); memcpy(&t[2], &t[y], sizeof(sp_point)); - sp_256_proj_point_dbl_10(&t[2], &t[2], tmp); + sp_256_proj_point_dbl_10(&t[2], &t[2]); memcpy(&t[y], &t[2], sizeof(sp_point)); } if (map) - sp_256_map_10(r, &t[0], tmp); + sp_256_map_10(r, &t[0]); else memcpy(r, &t[0], sizeof(sp_point)); - memset(tmp, 0, sizeof(tmp)); //paranoia memset(t, 0, sizeof(t)); //paranoia } @@ -817,7 +808,7 @@ static void sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* */ static void sp_256_ecc_mulmod_base_10(sp_point* r, sp_digit* k /*, int map*/) { - sp_256_ecc_mulmod_10(r, &p256_base, k /*, map*/); + sp_256_ecc_mulmod_10(r, &p256_base, k /*, map*/); } /* Multiply the point by the scalar and serialize the X ordinate. |