mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-26 03:35:35 +00:00
Make muladd_restartable() actually restartable
This commit is contained in:
parent
54dd6527f0
commit
1631d63d0c
@ -153,7 +153,14 @@ static void ecp_restart_mul_free( mbedtls_ecp_restart_mul_ctx *ctx )
|
||||
*/
|
||||
struct mbedtls_ecp_restart_muladd
|
||||
{
|
||||
int state; /* dummy for now */
|
||||
mbedtls_ecp_point mP; /* mP value */
|
||||
mbedtls_ecp_point R; /* R intermediate result */
|
||||
enum { /* what should we do next? */
|
||||
ecp_rsma_mul1 = 0, /* first multiplication */
|
||||
ecp_rsma_mul2, /* second multiplication */
|
||||
ecp_rsma_add, /* addition */
|
||||
ecp_rsma_norm, /* normalization */
|
||||
} state;
|
||||
};
|
||||
|
||||
/*
|
||||
@ -172,6 +179,9 @@ static void ecp_restart_muladd_free( mbedtls_ecp_restart_muladd_ctx *ctx )
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
mbedtls_ecp_point_free( &ctx->mP );
|
||||
mbedtls_ecp_point_free( &ctx->R );
|
||||
|
||||
memset( ctx, 0, sizeof( *ctx ) );
|
||||
}
|
||||
|
||||
@ -197,6 +207,10 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx )
|
||||
ecp_restart_mul_free( ctx->rsm );
|
||||
mbedtls_free( ctx->rsm );
|
||||
ctx->rsm = NULL;
|
||||
|
||||
ecp_restart_muladd_free( ctx->ma );
|
||||
mbedtls_free( ctx->ma );
|
||||
ctx->ma = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -2252,7 +2266,8 @@ cleanup:
|
||||
static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
|
||||
mbedtls_ecp_point *R,
|
||||
const mbedtls_mpi *m,
|
||||
const mbedtls_ecp_point *P )
|
||||
const mbedtls_ecp_point *P,
|
||||
mbedtls_ecp_restart_ctx *rs_ctx )
|
||||
{
|
||||
int ret;
|
||||
|
||||
@ -2268,7 +2283,8 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P,
|
||||
NULL, NULL, rs_ctx ) );
|
||||
}
|
||||
|
||||
cleanup:
|
||||
@ -2290,6 +2306,8 @@ int mbedtls_ecp_muladd_restartable(
|
||||
{
|
||||
int ret;
|
||||
mbedtls_ecp_point mP;
|
||||
mbedtls_ecp_point *pmP = &mP;
|
||||
mbedtls_ecp_point *pR = R;
|
||||
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
|
||||
char is_grp_capable = 0;
|
||||
#endif
|
||||
@ -2301,6 +2319,16 @@ int mbedtls_ecp_muladd_restartable(
|
||||
if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS )
|
||||
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
|
||||
|
||||
mbedtls_ecp_point_init( &mP );
|
||||
|
||||
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
|
||||
if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
|
||||
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
/* reset ops count for this call if top-level */
|
||||
if( rs_ctx != NULL && rs_ctx->depth++ == 0 )
|
||||
@ -2315,25 +2343,54 @@ int mbedtls_ecp_muladd_restartable(
|
||||
|
||||
ecp_restart_muladd_init( rs_ctx->ma );
|
||||
}
|
||||
|
||||
if( rs_ctx != NULL && rs_ctx->ma != NULL )
|
||||
{
|
||||
/* redirect intermediate results to restart context */
|
||||
pmP = &rs_ctx->ma->mP;
|
||||
pR = &rs_ctx->ma->R;
|
||||
|
||||
/* jump to next operation */
|
||||
if( rs_ctx->ma->state == ecp_rsma_mul2 )
|
||||
goto mul2;
|
||||
if( rs_ctx->ma->state == ecp_rsma_add )
|
||||
goto add;
|
||||
if( rs_ctx->ma->state == ecp_rsma_norm )
|
||||
goto norm;
|
||||
}
|
||||
#endif /* MBEDTLS_ECP_EARLY_RETURN */
|
||||
|
||||
mbedtls_ecp_point_init( &mP );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) );
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
if( rs_ctx != NULL && rs_ctx->ma != NULL )
|
||||
rs_ctx->ma->state++;
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R, n, Q ) );
|
||||
mul2:
|
||||
#endif
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR, n, Q, rs_ctx ) );
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
if( rs_ctx != NULL && rs_ctx->ma != NULL )
|
||||
rs_ctx->ma->state++;
|
||||
|
||||
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
|
||||
if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
|
||||
}
|
||||
add:
|
||||
#endif
|
||||
ECP_BUDGET( ECP_OPS_ADD );
|
||||
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) );
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
if( rs_ctx != NULL && rs_ctx->ma != NULL )
|
||||
rs_ctx->ma->state++;
|
||||
|
||||
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
|
||||
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) );
|
||||
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) );
|
||||
norm:
|
||||
#endif
|
||||
ECP_BUDGET( ECP_OPS_INV );
|
||||
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) );
|
||||
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
if( rs_ctx != NULL && rs_ctx->ma != NULL )
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) );
|
||||
#endif
|
||||
|
||||
cleanup:
|
||||
|
||||
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
|
||||
if ( is_grp_capable )
|
||||
{
|
||||
@ -2341,6 +2398,7 @@ cleanup:
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
|
||||
|
||||
mbedtls_ecp_point_free( &mP );
|
||||
|
||||
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||
@ -2351,7 +2409,6 @@ cleanup:
|
||||
rs_ctx->ma = NULL;
|
||||
}
|
||||
|
||||
|
||||
if( rs_ctx != NULL )
|
||||
rs_ctx->depth--;
|
||||
#endif /* MBEDTLS_ECP_EARLY_RETURN */
|
||||
|
@ -364,3 +364,15 @@ ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A128499
|
||||
ECP early return muladd secp256r1 restart disabled
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":0:0:0
|
||||
|
||||
ECP early return muladd secp256r1 restart max_ops=1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":1:1:10000
|
||||
|
||||
ECP early return muladd secp256r1 restart max_ops=10000
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":10000:0:0
|
||||
|
||||
ECP early return muladd secp256r1 restart max_ops=250
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
|
||||
|
Loading…
x
Reference in New Issue
Block a user