AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remember precomputed table

Browse Source 
Free it as soon as it's no longer needed, but as a backup free it in
ecp_group_free(), in case ecp_mul() is not called again after returning
ECP_IN_PROGRESS.

So far we only remember it when it's fully computed, next step is to be able
to compute it in multiple steps.
This commit is contained in:
Manuel Pégourié-Gonnard 2017-03-16 14:53:26 +01:00
parent c5d844b999
commit c9c0aa6306
1 changed files with 35 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
library/ecp.c
View File

@ -109,9 +109,11 @@ struct mbedtls_ecp_restart {
mbedtls_ecp_point P; /* saved argument: point */ mbedtls_ecp_point P; /* saved argument: point */
mbedtls_ecp_point R; /* current intermediate result */ mbedtls_ecp_point R; /* current intermediate result */
size_t i; /* current index in various loops, 0 outside */ size_t i; /* current index in various loops, 0 outside */
enum { mbedtls_ecp_point *T; /* table for precomputed points */
ecp_rs_init = 0, unsigned char T_size; /* number of points in table T */
ecp_rs_final_norm, enum { /* what's the next step ? */
ecp_rs_init = 0, /* just getting started */
ecp_rs_final_norm, /* do the final normalization */
} state; } state;
}; };
@ -128,6 +130,8 @@ static void ecp_restart_init( mbedtls_ecp_restart_ctx *ctx )
*/ */
static void ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ) static void ecp_restart_free( mbedtls_ecp_restart_ctx *ctx )
{ {
unsigned char i;
if( ctx == NULL ) if( ctx == NULL )
return; return;
@ -135,6 +139,12 @@ static void ecp_restart_free( mbedtls_ecp_restart_ctx *ctx )
mbedtls_ecp_point_free( &ctx->P ); mbedtls_ecp_point_free( &ctx->P );
mbedtls_ecp_point_free( &ctx->R ); mbedtls_ecp_point_free( &ctx->R );
if( ctx->T != NULL ) {
for( i = 0; i < ctx->T_size; i++ )
mbedtls_ecp_point_free( ctx->T + i );
mbedtls_free( ctx->T );
}
memset( ctx, 0, sizeof( mbedtls_ecp_restart_ctx ) ); memset( ctx, 0, sizeof( mbedtls_ecp_restart_ctx ) );
} }
@ -1601,8 +1611,9 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
unsigned char w, p_eq_g, pre_len, i; unsigned char w, p_eq_g = 0, i;
size_t d; size_t d;
unsigned char pre_len = 0;
mbedtls_ecp_point *T = NULL; mbedtls_ecp_point *T = NULL;
#if defined(MBEDTLS_ECP_EARLY_RETURN) #if defined(MBEDTLS_ECP_EARLY_RETURN)
@ -1639,8 +1650,6 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
#else
p_eq_g = 0;
#endif #endif
/* Pick window size and deduce related sizes */ /* Pick window size and deduce related sizes */
@ -1654,6 +1663,16 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
*/ */
T = p_eq_g ? grp->T : NULL; T = p_eq_g ? grp->T : NULL;
#if defined(MBEDTLS_ECP_EARLY_RETURN)
if( grp->rs != NULL && grp->rs->T != NULL && T == NULL )
{
/* transfer "ownership" of T from rs to local function */
T = grp->rs->T;
grp->rs->T = NULL;
grp->rs->T_size = 0;
}
#endif
if( T == NULL ) if( T == NULL )
{ {
T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) ); T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) );
@ -1679,6 +1698,16 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
cleanup: cleanup:
#if defined(MBEDTLS_ECP_EARLY_RETURN)
if( grp->rs != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != grp->T )
{
/* transfer "ownership" of T from local function to rs */
grp->rs->T_size = pre_len;
grp->rs->T = T;
T = NULL;
}
#endif
if( T != NULL && ! p_eq_g ) if( T != NULL && ! p_eq_g )
{ {
for( i = 0; i < pre_len; i++ ) for( i = 0; i < pre_len; i++ )