arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid temporary ECP::Point in ECP Addition and Double 

This regains a lot of performance lost to the const-timeness (GH #869)
pull/877/head
Jeffrey Walton 2019-08-07 02:43:13 -04:00
parent b5fe6ab383
commit f3dd3d2559
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
1 changed files with 36 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
ecp.cpp
View File

@ -527,6 +527,7 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P) const
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement& b = m_ecp.m_b; const FieldElement& b = m_ecp.m_b;
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -575,14 +576,17 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P) const
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else if (m_alpha == A_0) else if (m_alpha == A_0)
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement b3 = field.Multiply(m_ecp.m_b, 3); const FieldElement b3 = field.Multiply(m_ecp.m_b, 3);
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -615,14 +619,17 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P) const
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else if (m_alpha == A_Star) else if (m_alpha == A_Star)
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement b3 = field.Multiply(m_ecp.m_b, 3); const FieldElement b3 = field.Multiply(m_ecp.m_b, 3);
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -655,9 +662,11 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P) const
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else // A_Montgomery else // A_Montgomery
{ {
@ -690,6 +699,7 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P, const Point& Q) con
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement& b = m_ecp.m_b; const FieldElement& b = m_ecp.m_b;
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -751,14 +761,17 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P, const Point& Q) con
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else if (m_alpha == A_0) else if (m_alpha == A_0)
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement b3 = field.Multiply(m_ecp.m_b, 3); const FieldElement b3 = field.Multiply(m_ecp.m_b, 3);
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -795,15 +808,18 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P, const Point& Q) con
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else if (m_alpha == A_Star) else if (m_alpha == A_Star)
{ {
const ECP::Field& field = m_ecp.GetField(); const ECP::Field& field = m_ecp.GetField();
const FieldElement &a = m_ecp.m_a; const FieldElement &a = m_ecp.m_a;
const FieldElement b3 = field.Multiply(m_ecp.m_b, 3); const FieldElement b3 = field.Multiply(m_ecp.m_b, 3);
ECP::Point& R = m_ecp.m_R;
// Gyrations attempt to maintain constant-timeness // Gyrations attempt to maintain constant-timeness
// We need either (P.x, P.y, 1) or (0, 1, 0). // We need either (P.x, P.y, 1) or (0, 1, 0).
@ -862,9 +878,11 @@ ECP::Point ECP::AdditionFunction::operator()(const Point& P, const Point& Q) con
X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv); X3 = field.Multiply(X3, inv); Y3 = field.Multiply(Y3, inv);
// More gyrations // More gyrations
ECP::Point result(X3*Z3.NotZero(), Y3*Z3.NotZero()); R.x = X3*Z3.NotZero();
result.identity = Z3.IsZero(); R.y = Y3*Z3.NotZero();
return result; R.identity = Z3.IsZero();
return R;
} }
else // A_Montgomery else // A_Montgomery
{ {