feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Curve25519/Ed25519: align buffers

Browse Source 
Make data structures align buffers.
Align buffers in functions.
Add versions that don't use umaal
This commit is contained in:
Sean Parkinson
2023-09-04 20:47:24 +10:00
parent 298b488bf1
commit 90467aa578
15 changed files with 5343 additions and 1305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
tests/api.c
View File

@ -12494,6 +12494,7 @@ static int test_wc_Sha256Update(void)
#ifndef NO_SHA256
wc_Sha256 sha256;
byte hash[WC_SHA256_DIGEST_SIZE];
byte hash_unaligned[WC_SHA256_DIGEST_SIZE+1];
testVector a, b, c;
ExpectIntEQ(wc_InitSha256(&sha256), 0);
@ -12517,6 +12518,11 @@ static int test_wc_Sha256Update(void)
ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
/* Unaligned check. */
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input+1, (word32)a.inLen-1),
0);
ExpectIntEQ(wc_Sha256Final(&sha256, hash_unaligned + 1), 0);
/* Try passing in bad values */
b.input = NULL;
b.inLen = 0;
@ -12721,6 +12727,7 @@ static int test_wc_Sha512Update(void)
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
byte hash_unaligned[WC_SHA512_DIGEST_SIZE + 1];
testVector a, b, c;
ExpectIntEQ(wc_InitSha512(&sha512), 0);
@ -12747,6 +12754,11 @@ static int test_wc_Sha512Update(void)
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE), 0);
/* Unaligned check. */
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input+1, (word32)a.inLen-1),
0);
ExpectIntEQ(wc_Sha512Final(&sha512, hash_unaligned+1), 0);
/* Try passing in bad values */
b.input = NULL;
b.inLen = 0;
@ -20091,7 +20103,8 @@ static int test_wc_ed25519_make_key(void)
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
ed25519_key key;
WC_RNG rng;
unsigned char pubkey[ED25519_PUB_KEY_SIZE];
unsigned char pubkey[ED25519_PUB_KEY_SIZE+1];
int pubkey_sz = ED25519_PUB_KEY_SIZE;
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
@ -20099,7 +20112,9 @@ static int test_wc_ed25519_make_key(void)
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, sizeof(pubkey)),
ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, pubkey_sz),
ECC_PRIV_KEY_E);
ExpectIntEQ(wc_ed25519_make_public(&key, pubkey+1, pubkey_sz),
ECC_PRIV_KEY_E);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
@ -20149,10 +20164,10 @@ static int test_wc_ed25519_sign_msg(void)
WC_RNG rng;
ed25519_key key;
byte msg[] = "Everybody gets Friday off.\n";
byte sig[ED25519_SIG_SIZE];
byte sig[ED25519_SIG_SIZE+1];
word32 msglen = sizeof(msg);
word32 siglen = sizeof(sig);
word32 badSigLen = sizeof(sig) - 1;
word32 siglen = ED25519_SIG_SIZE;
word32 badSigLen = ED25519_SIG_SIZE - 1;
#ifdef HAVE_ED25519_VERIFY
int verify_ok = 0; /*1 = Verify success.*/
#endif
@ -20160,7 +20175,7 @@ static int test_wc_ed25519_sign_msg(void)
/* Initialize stack variables. */
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
XMEMSET(sig, 0, sizeof(sig));
/* Initialize key. */
ExpectIntEQ(wc_ed25519_init(&key), 0);
@ -20169,6 +20184,8 @@ static int test_wc_ed25519_sign_msg(void)
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key), 0);
ExpectIntEQ(siglen, ED25519_SIG_SIZE);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig+1, &siglen, &key), 0);
ExpectIntEQ(siglen, ED25519_SIG_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key),
@ -20185,24 +20202,24 @@ static int test_wc_ed25519_sign_msg(void)
badSigLen -= 1;
#ifdef HAVE_ED25519_VERIFY
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen, msg, msglen, &verify_ok,
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
&key), 0);
ExpectIntEQ(verify_ok, 1);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen - 1, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen + 1, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen - 1, msg, msglen,
&verify_ok, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen + 1, msg, msglen,
&verify_ok, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen, NULL, msglen, &verify_ok,
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, NULL, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen, msg, msglen, NULL, &key),
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, NULL, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig, siglen, msg, msglen, &verify_ok,
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig, badSigLen, msg, msglen, &verify_ok,
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, badSigLen, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
#endif /* Verify. */

6
wolfcrypt/src/asn.c
View File

@ -33810,7 +33810,7 @@ int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz)
{
int ret;
byte privKey[ED25519_KEY_SIZE], pubKey[ED25519_PUB_KEY_SIZE];
byte privKey[ED25519_KEY_SIZE], pubKey[2*ED25519_PUB_KEY_SIZE+1];
word32 privKeyLen = (word32)sizeof(privKey);
word32 pubKeyLen = (word32)sizeof(pubKey);
@ -33836,7 +33836,7 @@ int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz)
{
int ret;
byte pubKey[ED25519_PUB_KEY_SIZE];
byte pubKey[2*ED25519_PUB_KEY_SIZE+1];
word32 pubKeyLen = (word32)sizeof(pubKey);
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
@ -34127,7 +34127,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
ed448_key* key, word32 inSz)
{
int ret;
byte pubKey[ED448_PUB_KEY_SIZE];
byte pubKey[2 * ED448_PUB_KEY_SIZE + 1];
word32 pubKeyLen = (word32)sizeof(pubKey);
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {

16
wolfcrypt/src/ed25519.c
View File

@ -187,7 +187,7 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
word32 pubKeySz)
{
int ret = 0;
byte az[ED25519_PRV_KEY_SIZE];
ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
#if !defined(FREESCALE_LTC_ECC)
ge_p3 A;
#endif
@ -296,14 +296,14 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
ret = se050_ed25519_sign_msg(in, inLen, out, outLen, key);
#else
#ifdef FREESCALE_LTC_ECC
byte tempBuf[ED25519_PRV_KEY_SIZE];
ALIGN16 byte tempBuf[ED25519_PRV_KEY_SIZE];
ltc_pkha_ecc_point_t ltcPoint = {0};
#else
ge_p3 R;
#endif
byte nonce[WC_SHA512_DIGEST_SIZE];
byte hram[WC_SHA512_DIGEST_SIZE];
byte az[ED25519_PRV_KEY_SIZE];
ALIGN16 byte nonce[WC_SHA512_DIGEST_SIZE];
ALIGN16 byte hram[WC_SHA512_DIGEST_SIZE];
ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
/* sanity check on arguments */
if (in == NULL || out == NULL || outLen == NULL || key == NULL ||
@ -617,8 +617,8 @@ static int ed25519_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
int* res, ed25519_key* key,
wc_Sha512 *sha)
{
byte rcheck[ED25519_KEY_SIZE];
byte h[WC_SHA512_DIGEST_SIZE];
ALIGN16 byte rcheck[ED25519_KEY_SIZE];
ALIGN16 byte h[WC_SHA512_DIGEST_SIZE];
#ifndef FREESCALE_LTC_ECC
ge_p3 A;
ge_p2 R;
@ -1239,7 +1239,7 @@ int wc_ed25519_check_key(ed25519_key* key)
{
int ret = 0;
#ifdef HAVE_ED25519_MAKE_KEY
unsigned char pubKey[ED25519_PUB_KEY_SIZE];
ALIGN16 unsigned char pubKey[ED25519_PUB_KEY_SIZE];
if (!key->pubKeySet)
ret = PUBLIC_KEY_E;

10
wolfcrypt/src/ge_operations.c
View File

@ -920,13 +920,13 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz)
{
ge_p2 g;
byte bArray[ED25519_KEY_SIZE];
byte x[ED25519_KEY_SIZE];
byte y[ED25519_KEY_SIZE];
ALIGN16 byte bArray[ED25519_KEY_SIZE];
ALIGN16 byte x[ED25519_PUB_KEY_SIZE];
ALIGN16 byte y[ED25519_PUB_KEY_SIZE];
word32 i;
XMEMCPY(x, xIn, ED25519_KEY_SIZE);
XMEMCPY(y, yIn, ED25519_KEY_SIZE);
XMEMCPY(x, xIn, ED25519_PUB_KEY_SIZE);
XMEMCPY(y, yIn, ED25519_PUB_KEY_SIZE);
fe_frombytes(g.X, x);
fe_frombytes(g.Y, y);
fe_1(g.Z);

48
wolfcrypt/src/port/arm/armv8-32-aes-asm.S
View File

@ -1447,10 +1447,10 @@ L_AES_CTR_encrypt_loop_block_256:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
@ -1489,10 +1489,10 @@ L_AES_CTR_encrypt_loop_block_192:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
@ -1531,10 +1531,10 @@ L_AES_CTR_encrypt_loop_block_128:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
@ -3172,10 +3172,10 @@ L_AES_GCM_encrypt_loop_block_256:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
@ -3211,10 +3211,10 @@ L_AES_GCM_encrypt_loop_block_192:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
@ -3250,10 +3250,10 @@ L_AES_GCM_encrypt_loop_block_128:
ldr r9, [lr, #4]
ldr r10, [lr, #8]
ldr r11, [lr, #12]
eor r4, r8
eor r5, r9
eor r6, r10
eor r7, r11
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]

48
wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
View File

@ -1110,10 +1110,10 @@ void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"
@ -1154,10 +1154,10 @@ void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"
@ -1198,10 +1198,10 @@ void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"
@ -2651,10 +2651,10 @@ void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"
@ -2692,10 +2692,10 @@ void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"
@ -2733,10 +2733,10 @@ void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned l
"ldr r9, [lr, #4]\n\t"
"ldr r10, [lr, #8]\n\t"
"ldr r11, [lr, #12]\n\t"
"eor r4, r8\n\t"
"eor r5, r9\n\t"
"eor r6, r10\n\t"
"eor r7, r11\n\t"
"eor r4, r4, r8\n\t"
"eor r5, r5, r9\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
"ldr r8, [sp, #4]\n\t"
"str r4, [%[out]]\n\t"
"str r5, [%[out], #4]\n\t"

536
wolfcrypt/src/port/arm/armv8-32-curve25519.S
View File

@ -32,10 +32,6 @@
#ifdef WOLFSSL_ARMASM
#if !defined(__aarch64__) && defined(__arm__)
#ifndef WOLFSSL_ARMASM_INLINE
/* Based on work by: Emil Lenngren
* https://github.com/pornin/X25519-Cortex-M4
*/
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
@ -348,9 +344,23 @@ fe_add:
.type fe_frombytes, %function
fe_frombytes:
push {r4, r5, r6, r7, r8, r9, lr}
ldm r1, {r2, r3, r4, r5, r6, r7, r8, r9}
ldr r2, [r1]
ldr r3, [r1, #4]
ldr r4, [r1, #8]
ldr r5, [r1, #12]
ldr r6, [r1, #16]
ldr r7, [r1, #20]
ldr r8, [r1, #24]
ldr r9, [r1, #28]
bfc r9, #31, #1
stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
str r2, [r0]
str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
str r6, [r0, #16]
str r7, [r0, #20]
str r8, [r0, #24]
str r9, [r0, #28]
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_frombytes,.-fe_frombytes
.text
@ -379,7 +389,14 @@ fe_tobytes:
adcs r8, r8, #0
adc r9, r9, #0
bfc r9, #31, #1
stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
str r2, [r0]
str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
str r6, [r0, #16]
str r7, [r0, #20]
str r8, [r0, #24]
str r9, [r0, #28]
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_tobytes,.-fe_tobytes
.text
@ -387,69 +404,36 @@ fe_tobytes:
.globl fe_1
.type fe_1, %function
fe_1:
push {r4, r5, r6, r7, r8, r9, lr}
# Set one
mov r2, #1
mov r3, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0]
str r3, [r0, #4]
#else
strd r2, r3, [r0]
#endif
mov r2, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #8]
str r3, [r0, #12]
#else
strd r2, r3, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #16]
str r3, [r0, #20]
#else
strd r2, r3, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #24]
str r3, [r0, #28]
#else
strd r2, r3, [r0, #24]
#endif
bx lr
mov r4, #0
mov r5, #0
mov r6, #0
mov r7, #0
mov r8, #0
mov r9, #0
stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_1,.-fe_1
.text
.align 4
.globl fe_0
.type fe_0, %function
fe_0:
push {r4, r5, r6, r7, r8, r9, lr}
# Set zero
mov r2, #0
mov r3, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0]
str r3, [r0, #4]
#else
strd r2, r3, [r0]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #8]
str r3, [r0, #12]
#else
strd r2, r3, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #16]
str r3, [r0, #20]
#else
strd r2, r3, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r2, [r0, #24]
str r3, [r0, #28]
#else
strd r2, r3, [r0, #24]
#endif
bx lr
mov r4, #0
mov r5, #0
mov r6, #0
mov r7, #0
mov r8, #0
mov r9, #0
stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_0,.-fe_0
.text
.align 4
@ -588,6 +572,7 @@ fe_isnegative:
eor r0, r0, r1
pop {r4, r5, pc}
.size fe_isnegative,.-fe_isnegative
#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
#ifndef WC_NO_CACHE_RESISTANT
.text
.align 4
@ -2394,6 +2379,7 @@ fe_cmov_table:
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size fe_cmov_table,.-fe_cmov_table
#endif /* WC_NO_CACHE_RESISTANT */
#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
#endif /* HAVE_ED25519 */
.text
.align 4
@ -2671,6 +2657,7 @@ fe_sq:
bl fe_sq_op
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size fe_sq,.-fe_sq
#ifdef HAVE_CURVE25519
.text
.align 4
.globl fe_mul121666
@ -2725,89 +2712,20 @@ curve25519:
str r2, [sp, #168]
mov r1, #0
str r1, [sp, #172]
# Set one
mov r10, #1
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0]
str r11, [r0, #4]
#else
strd r10, r11, [r0]
#endif
mov r10, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #8]
str r11, [r0, #12]
#else
strd r10, r11, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #16]
str r11, [r0, #20]
#else
strd r10, r11, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #24]
str r11, [r0, #28]
#else
strd r10, r11, [r0, #24]
#endif
# Set zero
mov r4, #1
mov r5, #0
mov r6, #0
mov r7, #0
mov r8, #0
mov r9, #0
mov r10, #0
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp]
str r11, [sp, #4]
#else
strd r10, r11, [sp]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #8]
str r11, [sp, #12]
#else
strd r10, r11, [sp, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #16]
str r11, [sp, #20]
#else
strd r10, r11, [sp, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #24]
str r11, [sp, #28]
#else
strd r10, r11, [sp, #24]
#endif
# Set one
mov r10, #1
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #32]
str r11, [sp, #36]
#else
strd r10, r11, [sp, #32]
#endif
mov r10, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #40]
str r11, [sp, #44]
#else
strd r10, r11, [sp, #40]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #48]
str r11, [sp, #52]
#else
strd r10, r11, [sp, #48]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #56]
str r11, [sp, #60]
#else
strd r10, r11, [sp, #56]
#endif
stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
add r3, sp, #32
stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
mov r4, #0
mov r3, sp
stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
add r3, sp, #0x40
# Copy
ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}
@ -2830,18 +2748,10 @@ L_curve25519_bits:
ldr r0, [sp, #160]
# Conditional Swap
rsb r1, r1, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #64]
ldr r7, [sp, #68]
#else
ldrd r6, r7, [sp, #64]
#endif
mov r3, r0
add r12, sp, #0x40
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -2850,30 +2760,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #64]
str r7, [sp, #68]
#else
strd r6, r7, [sp, #64]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #72]
ldr r7, [sp, #76]
#else
ldrd r6, r7, [sp, #72]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -2882,30 +2772,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #72]
str r7, [sp, #76]
#else
strd r6, r7, [sp, #72]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #80]
ldr r7, [sp, #84]
#else
ldrd r6, r7, [sp, #80]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -2914,30 +2784,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #80]
str r7, [sp, #84]
#else
strd r6, r7, [sp, #80]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #88]
ldr r7, [sp, #92]
#else
ldrd r6, r7, [sp, #88]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -2946,33 +2796,15 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #88]
str r7, [sp, #92]
#else
strd r6, r7, [sp, #88]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldr r1, [sp, #172]
# Conditional Swap
rsb r1, r1, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [sp]
ldr r5, [sp, #4]
#else
ldrd r4, r5, [sp]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #32]
ldr r7, [sp, #36]
#else
ldrd r6, r7, [sp, #32]
#endif
mov r3, sp
add r12, sp, #32
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -2981,30 +2813,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [sp]
str r5, [sp, #4]
#else
strd r4, r5, [sp]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #32]
str r7, [sp, #36]
#else
strd r6, r7, [sp, #32]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [sp, #8]
ldr r5, [sp, #12]
#else
ldrd r4, r5, [sp, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #40]
ldr r7, [sp, #44]
#else
ldrd r6, r7, [sp, #40]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -3013,30 +2825,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [sp, #8]
str r5, [sp, #12]
#else
strd r4, r5, [sp, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #40]
str r7, [sp, #44]
#else
strd r6, r7, [sp, #40]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [sp, #16]
ldr r5, [sp, #20]
#else
ldrd r4, r5, [sp, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #48]
ldr r7, [sp, #52]
#else
ldrd r6, r7, [sp, #48]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -3045,30 +2837,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [sp, #16]
str r5, [sp, #20]
#else
strd r4, r5, [sp, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #48]
str r7, [sp, #52]
#else
strd r6, r7, [sp, #48]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [sp, #24]
ldr r5, [sp, #28]
#else
ldrd r4, r5, [sp, #24]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [sp, #56]
ldr r7, [sp, #60]
#else
ldrd r6, r7, [sp, #56]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldm r3, {r4, r5}
ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@ -3077,18 +2849,8 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r4, [sp, #24]
str r5, [sp, #28]
#else
strd r4, r5, [sp, #24]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [sp, #56]
str r7, [sp, #60]
#else
strd r6, r7, [sp, #56]
#endif
stm r3!, {r4, r5}
stm r12!, {r6, r7}
ldr r1, [sp, #184]
str r1, [sp, #172]
mov r3, sp
@ -3329,89 +3091,20 @@ curve25519:
str r4, [sp, #188]
mov r1, #0
str r1, [sp, #164]
# Set one
mov r10, #1
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0]
str r11, [r0, #4]
#else
strd r10, r11, [r0]
#endif
mov r10, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #8]
str r11, [r0, #12]
#else
strd r10, r11, [r0, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #16]
str r11, [r0, #20]
#else
strd r10, r11, [r0, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [r0, #24]
str r11, [r0, #28]
#else
strd r10, r11, [r0, #24]
#endif
# Set zero
mov r4, #1
mov r5, #0
mov r6, #0
mov r7, #0
mov r8, #0
mov r9, #0
mov r10, #0
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp]
str r11, [sp, #4]
#else
strd r10, r11, [sp]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #8]
str r11, [sp, #12]
#else
strd r10, r11, [sp, #8]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #16]
str r11, [sp, #20]
#else
strd r10, r11, [sp, #16]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #24]
str r11, [sp, #28]
#else
strd r10, r11, [sp, #24]
#endif
# Set one
mov r10, #1
mov r11, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #32]
str r11, [sp, #36]
#else
strd r10, r11, [sp, #32]
#endif
mov r10, #0
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #40]
str r11, [sp, #44]
#else
strd r10, r11, [sp, #40]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #48]
str r11, [sp, #52]
#else
strd r10, r11, [sp, #48]
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r10, [sp, #56]
str r11, [sp, #60]
#else
strd r10, r11, [sp, #56]
#endif
stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
add r3, sp, #32
stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
mov r4, #0
mov r3, sp
stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
add r3, sp, #0x40
# Copy
ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}
@ -3675,6 +3368,7 @@ L_curve25519_inv_8:
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size curve25519,.-curve25519
#endif /* WC_NO_CACHE_RESISTANT */
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_ED25519
.text
.align 4
@ -4974,13 +4668,14 @@ sc_reduce:
add sp, sp, #52
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size sc_reduce,.-sc_reduce
#ifdef HAVE_ED25519_SIGN
.text
.align 4
.globl sc_muladd
.type sc_muladd, %function
sc_muladd:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
sub sp, sp, #0x50
sub sp, sp, #0x70
add lr, sp, #0x44
stm lr, {r0, r1, r3}
mov lr, r2
@ -5082,7 +4777,7 @@ sc_muladd:
mov r3, r12
add lr, sp, #32
stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
ldr r0, [sp, #68]
add r0, sp, #0x50
# Add c to a * b
ldr lr, [sp, #76]
ldm sp!, {r2, r3, r4, r5, r6, r7, r8, r9}
@ -5502,11 +5197,20 @@ sc_muladd:
adcs r8, r8, #0
adc r9, r9, r1
bfc r9, #28, #4
ldr r0, [sp, #68]
# Store result
stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
add sp, sp, #0x50
str r2, [r0]
str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
str r6, [r0, #16]
str r7, [r0, #20]
str r8, [r0, #24]
str r9, [r0, #28]
add sp, sp, #0x70
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size sc_muladd,.-sc_muladd
#endif /* HAVE_ED25519_SIGN */
#endif /* HAVE_ED25519 */
#endif /* !CURVE25519_SMALL || !ED25519_SMALL */

530
wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
View File

@ -378,9 +378,23 @@ void fe_frombytes(fe out_p, const unsigned char* in_p)
register const unsigned char* in asm ("r1") = (const unsigned char*)in_p;
__asm__ __volatile__ (
"ldm %[in], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
"ldr r2, [%[in]]\n\t"
"ldr r3, [%[in], #4]\n\t"
"ldr r4, [%[in], #8]\n\t"
"ldr r5, [%[in], #12]\n\t"
"ldr r6, [%[in], #16]\n\t"
"ldr r7, [%[in], #20]\n\t"
"ldr r8, [%[in], #24]\n\t"
"ldr r9, [%[in], #28]\n\t"
"bfc r9, #31, #1\n\t"
"stm %[out], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
"str r2, [%[out]]\n\t"
"str r3, [%[out], #4]\n\t"
"str r4, [%[out], #8]\n\t"
"str r5, [%[out], #12]\n\t"
"str r6, [%[out], #16]\n\t"
"str r7, [%[out], #20]\n\t"
"str r8, [%[out], #24]\n\t"
"str r9, [%[out], #28]\n\t"
: [out] "+r" (out), [in] "+r" (in)
:
: "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
@ -413,7 +427,14 @@ void fe_tobytes(unsigned char* out_p, const fe n_p)
"adcs r8, r8, #0\n\t"
"adc r9, r9, #0\n\t"
"bfc r9, #31, #1\n\t"
"stm %[out], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
"str r2, [%[out]]\n\t"
"str r3, [%[out], #4]\n\t"
"str r4, [%[out], #8]\n\t"
"str r5, [%[out], #12]\n\t"
"str r6, [%[out], #16]\n\t"
"str r7, [%[out], #20]\n\t"
"str r8, [%[out], #24]\n\t"
"str r9, [%[out], #28]\n\t"
: [out] "+r" (out), [n] "+r" (n)
:
: "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12"
@ -428,34 +449,16 @@ void fe_1(fe n_p)
/* Set one */
"mov r2, #1\n\t"
"mov r3, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n]]\n\t"
"str r3, [%[n], #4]\n\t"
#else
"strd r2, r3, [%[n]]\n\t"
#endif
"mov r2, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #8]\n\t"
"str r3, [%[n], #12]\n\t"
#else
"strd r2, r3, [%[n], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #16]\n\t"
"str r3, [%[n], #20]\n\t"
#else
"strd r2, r3, [%[n], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #24]\n\t"
"str r3, [%[n], #28]\n\t"
#else
"strd r2, r3, [%[n], #24]\n\t"
#endif
"mov r4, #0\n\t"
"mov r5, #0\n\t"
"mov r6, #0\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
"stm %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [n] "+r" (n)
:
: "memory", "r2", "r3"
: "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
);
}
@ -467,33 +470,16 @@ void fe_0(fe n_p)
/* Set zero */
"mov r2, #0\n\t"
"mov r3, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n]]\n\t"
"str r3, [%[n], #4]\n\t"
#else
"strd r2, r3, [%[n]]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #8]\n\t"
"str r3, [%[n], #12]\n\t"
#else
"strd r2, r3, [%[n], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #16]\n\t"
"str r3, [%[n], #20]\n\t"
#else
"strd r2, r3, [%[n], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r2, [%[n], #24]\n\t"
"str r3, [%[n], #28]\n\t"
#else
"strd r2, r3, [%[n], #24]\n\t"
#endif
"mov r4, #0\n\t"
"mov r5, #0\n\t"
"mov r6, #0\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
"stm %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [n] "+r" (n)
:
: "memory", "r2", "r3"
: "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
);
}
@ -650,6 +636,7 @@ int fe_isnegative(const fe a_p)
return (uint32_t)(size_t)a;
}
#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
#ifndef WC_NO_CACHE_RESISTANT
void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
{
@ -2466,6 +2453,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
}
#endif /* WC_NO_CACHE_RESISTANT */
#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
#endif /* HAVE_ED25519 */
void fe_mul_op(void);
void fe_mul_op()
@ -2756,6 +2744,7 @@ void fe_sq(fe r_p, const fe a_p)
);
}
#ifdef HAVE_CURVE25519
void fe_mul121666(fe r_p, fe a_p)
{
register sword32* r asm ("r0") = (sword32*)r_p;
@ -2815,89 +2804,20 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"str %[a], [sp, #168]\n\t"
"mov %[n], #0\n\t"
"str %[n], [sp, #172]\n\t"
/* Set one */
"mov r10, #1\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r]]\n\t"
"str r11, [%[r], #4]\n\t"
#else
"strd r10, r11, [%[r]]\n\t"
#endif
"mov r10, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #8]\n\t"
"str r11, [%[r], #12]\n\t"
#else
"strd r10, r11, [%[r], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #16]\n\t"
"str r11, [%[r], #20]\n\t"
#else
"strd r10, r11, [%[r], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #24]\n\t"
"str r11, [%[r], #28]\n\t"
#else
"strd r10, r11, [%[r], #24]\n\t"
#endif
/* Set zero */
"mov r4, #1\n\t"
"mov r5, #0\n\t"
"mov r6, #0\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
"mov r10, #0\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp]\n\t"
"str r11, [sp, #4]\n\t"
#else
"strd r10, r11, [sp]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #8]\n\t"
"str r11, [sp, #12]\n\t"
#else
"strd r10, r11, [sp, #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #16]\n\t"
"str r11, [sp, #20]\n\t"
#else
"strd r10, r11, [sp, #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #24]\n\t"
"str r11, [sp, #28]\n\t"
#else
"strd r10, r11, [sp, #24]\n\t"
#endif
/* Set one */
"mov r10, #1\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #32]\n\t"
"str r11, [sp, #36]\n\t"
#else
"strd r10, r11, [sp, #32]\n\t"
#endif
"mov r10, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #40]\n\t"
"str r11, [sp, #44]\n\t"
#else
"strd r10, r11, [sp, #40]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #48]\n\t"
"str r11, [sp, #52]\n\t"
#else
"strd r10, r11, [sp, #48]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #56]\n\t"
"str r11, [sp, #60]\n\t"
#else
"strd r10, r11, [sp, #56]\n\t"
#endif
"stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"add r3, sp, #32\n\t"
"stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"mov r4, #0\n\t"
"mov r3, sp\n\t"
"stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"add r3, sp, #0x40\n\t"
/* Copy */
"ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
@ -2922,18 +2842,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"ldr %[r], [sp, #160]\n\t"
/* Conditional Swap */
"rsb %[n], %[n], #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[r]]\n\t"
"ldr r5, [%[r], #4]\n\t"
#else
"ldrd r4, r5, [%[r]]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #64]\n\t"
"ldr r7, [sp, #68]\n\t"
#else
"ldrd r6, r7, [sp, #64]\n\t"
#endif
"mov r3, r0\n\t"
"add r12, sp, #0x40\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -2942,30 +2854,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [%[r]]\n\t"
"str r5, [%[r], #4]\n\t"
#else
"strd r4, r5, [%[r]]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #64]\n\t"
"str r7, [sp, #68]\n\t"
#else
"strd r6, r7, [sp, #64]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[r], #8]\n\t"
"ldr r5, [%[r], #12]\n\t"
#else
"ldrd r4, r5, [%[r], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #72]\n\t"
"ldr r7, [sp, #76]\n\t"
#else
"ldrd r6, r7, [sp, #72]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -2974,30 +2866,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [%[r], #8]\n\t"
"str r5, [%[r], #12]\n\t"
#else
"strd r4, r5, [%[r], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #72]\n\t"
"str r7, [sp, #76]\n\t"
#else
"strd r6, r7, [sp, #72]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[r], #16]\n\t"
"ldr r5, [%[r], #20]\n\t"
#else
"ldrd r4, r5, [%[r], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #80]\n\t"
"ldr r7, [sp, #84]\n\t"
#else
"ldrd r6, r7, [sp, #80]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3006,30 +2878,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [%[r], #16]\n\t"
"str r5, [%[r], #20]\n\t"
#else
"strd r4, r5, [%[r], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #80]\n\t"
"str r7, [sp, #84]\n\t"
#else
"strd r6, r7, [sp, #80]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[r], #24]\n\t"
"ldr r5, [%[r], #28]\n\t"
#else
"ldrd r4, r5, [%[r], #24]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #88]\n\t"
"ldr r7, [sp, #92]\n\t"
#else
"ldrd r6, r7, [sp, #88]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3038,33 +2890,15 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [%[r], #24]\n\t"
"str r5, [%[r], #28]\n\t"
#else
"strd r4, r5, [%[r], #24]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #88]\n\t"
"str r7, [sp, #92]\n\t"
#else
"strd r6, r7, [sp, #88]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldr %[n], [sp, #172]\n\t"
/* Conditional Swap */
"rsb %[n], %[n], #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [sp]\n\t"
"ldr r5, [sp, #4]\n\t"
#else
"ldrd r4, r5, [sp]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #32]\n\t"
"ldr r7, [sp, #36]\n\t"
#else
"ldrd r6, r7, [sp, #32]\n\t"
#endif
"mov r3, sp\n\t"
"add r12, sp, #32\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3073,30 +2907,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [sp]\n\t"
"str r5, [sp, #4]\n\t"
#else
"strd r4, r5, [sp]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #32]\n\t"
"str r7, [sp, #36]\n\t"
#else
"strd r6, r7, [sp, #32]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [sp, #8]\n\t"
"ldr r5, [sp, #12]\n\t"
#else
"ldrd r4, r5, [sp, #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #40]\n\t"
"ldr r7, [sp, #44]\n\t"
#else
"ldrd r6, r7, [sp, #40]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3105,30 +2919,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [sp, #8]\n\t"
"str r5, [sp, #12]\n\t"
#else
"strd r4, r5, [sp, #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #40]\n\t"
"str r7, [sp, #44]\n\t"
#else
"strd r6, r7, [sp, #40]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [sp, #16]\n\t"
"ldr r5, [sp, #20]\n\t"
#else
"ldrd r4, r5, [sp, #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #48]\n\t"
"ldr r7, [sp, #52]\n\t"
#else
"ldrd r6, r7, [sp, #48]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3137,30 +2931,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [sp, #16]\n\t"
"str r5, [sp, #20]\n\t"
#else
"strd r4, r5, [sp, #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #48]\n\t"
"str r7, [sp, #52]\n\t"
#else
"strd r6, r7, [sp, #48]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [sp, #24]\n\t"
"ldr r5, [sp, #28]\n\t"
#else
"ldrd r4, r5, [sp, #24]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [sp, #56]\n\t"
"ldr r7, [sp, #60]\n\t"
#else
"ldrd r6, r7, [sp, #56]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldm r3, {r4, r5}\n\t"
"ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@ -3169,18 +2943,8 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r4, [sp, #24]\n\t"
"str r5, [sp, #28]\n\t"
#else
"strd r4, r5, [sp, #24]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [sp, #56]\n\t"
"str r7, [sp, #60]\n\t"
#else
"strd r6, r7, [sp, #56]\n\t"
#endif
"stm r3!, {r4, r5}\n\t"
"stm r12!, {r6, r7}\n\t"
"ldr %[n], [sp, #184]\n\t"
"str %[n], [sp, #172]\n\t"
"mov r3, sp\n\t"
@ -3435,89 +3199,20 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"str r4, [sp, #188]\n\t"
"mov %[n], #0\n\t"
"str %[n], [sp, #164]\n\t"
/* Set one */
"mov r10, #1\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r]]\n\t"
"str r11, [%[r], #4]\n\t"
#else
"strd r10, r11, [%[r]]\n\t"
#endif
"mov r10, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #8]\n\t"
"str r11, [%[r], #12]\n\t"
#else
"strd r10, r11, [%[r], #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #16]\n\t"
"str r11, [%[r], #20]\n\t"
#else
"strd r10, r11, [%[r], #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [%[r], #24]\n\t"
"str r11, [%[r], #28]\n\t"
#else
"strd r10, r11, [%[r], #24]\n\t"
#endif
/* Set zero */
"mov r4, #1\n\t"
"mov r5, #0\n\t"
"mov r6, #0\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
"mov r10, #0\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp]\n\t"
"str r11, [sp, #4]\n\t"
#else
"strd r10, r11, [sp]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #8]\n\t"
"str r11, [sp, #12]\n\t"
#else
"strd r10, r11, [sp, #8]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #16]\n\t"
"str r11, [sp, #20]\n\t"
#else
"strd r10, r11, [sp, #16]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #24]\n\t"
"str r11, [sp, #28]\n\t"
#else
"strd r10, r11, [sp, #24]\n\t"
#endif
/* Set one */
"mov r10, #1\n\t"
"mov r11, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #32]\n\t"
"str r11, [sp, #36]\n\t"
#else
"strd r10, r11, [sp, #32]\n\t"
#endif
"mov r10, #0\n\t"
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #40]\n\t"
"str r11, [sp, #44]\n\t"
#else
"strd r10, r11, [sp, #40]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #48]\n\t"
"str r11, [sp, #52]\n\t"
#else
"strd r10, r11, [sp, #48]\n\t"
#endif
#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r10, [sp, #56]\n\t"
"str r11, [sp, #60]\n\t"
#else
"strd r10, r11, [sp, #56]\n\t"
#endif
"stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"add r3, sp, #32\n\t"
"stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"mov r4, #0\n\t"
"mov r3, sp\n\t"
"stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"add r3, sp, #0x40\n\t"
/* Copy */
"ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
@ -3795,6 +3490,7 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
}
#endif /* WC_NO_CACHE_RESISTANT */
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_ED25519
void fe_invert(fe r_p, const fe a_p)
{
@ -5157,6 +4853,7 @@ void sc_reduce(byte* s_p)
);
}
#ifdef HAVE_ED25519_SIGN
void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
{
register byte* s asm ("r0") = (byte*)s_p;
@ -5165,7 +4862,7 @@ void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
register const byte* c asm ("r3") = (const byte*)c_p;
__asm__ __volatile__ (
"sub sp, sp, #0x50\n\t"
"sub sp, sp, #0x70\n\t"
"add lr, sp, #0x44\n\t"
"stm lr, {%[s], %[a], %[c]}\n\t"
"mov lr, %[b]\n\t"
@ -5267,7 +4964,7 @@ void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
"mov %[c], r12\n\t"
"add lr, sp, #32\n\t"
"stm lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
"ldr %[s], [sp, #68]\n\t"
"add %[s], sp, #0x50\n\t"
/* Add c to a * b */
"ldr lr, [sp, #76]\n\t"
"ldm sp!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
@ -5687,15 +5384,24 @@ void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
"adcs r8, r8, #0\n\t"
"adc r9, r9, %[a]\n\t"
"bfc r9, #28, #4\n\t"
"ldr %[s], [sp, #68]\n\t"
/* Store result */
"stm %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
"add sp, sp, #0x50\n\t"
"str %[b], [%[s]]\n\t"
"str %[c], [%[s], #4]\n\t"
"str r4, [%[s], #8]\n\t"
"str r5, [%[s], #12]\n\t"
"str r6, [%[s], #16]\n\t"
"str r7, [%[s], #20]\n\t"
"str r8, [%[s], #24]\n\t"
"str r9, [%[s], #28]\n\t"
"add sp, sp, #0x70\n\t"
: [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
:
: "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
);
}
#endif /* HAVE_ED25519_SIGN */
#endif /* HAVE_ED25519 */
#endif /* !CURVE25519_SMALL || !ED25519_SMALL */

2662
wolfcrypt/src/port/arm/thumb2-curve25519.S
View File

File diff suppressed because it is too large Load Diff

2669
wolfcrypt/src/port/arm/thumb2-curve25519_c.c
View File

File diff suppressed because it is too large Load Diff

26
wolfcrypt/src/port/arm/thumb2-sha256-asm.S
View File

@ -125,10 +125,14 @@ Transform_Sha256_Len:
# Start of loop processing a block
L_SHA256_transform_len_begin:
# Load, Reverse and Store W - 64 bytes
LDRD r4, r5, [r1]
LDRD r6, r7, [r1, #8]
LDRD r8, r9, [r1, #16]
LDRD r10, r11, [r1, #24]
LDR r4, [r1]
LDR r5, [r1, #4]
LDR r6, [r1, #8]
LDR r7, [r1, #12]
LDR r8, [r1, #16]
LDR r9, [r1, #20]
LDR r10, [r1, #24]
LDR r11, [r1, #28]
REV r4, r4
REV r5, r5
REV r6, r6
@ -141,10 +145,14 @@ L_SHA256_transform_len_begin:
STRD r6, r7, [sp, #8]
STRD r8, r9, [sp, #16]
STRD r10, r11, [sp, #24]
LDRD r4, r5, [r1, #32]
LDRD r6, r7, [r1, #40]
LDRD r8, r9, [r1, #48]
LDRD r10, r11, [r1, #56]
LDR r4, [r1, #32]
LDR r5, [r1, #36]
LDR r6, [r1, #40]
LDR r7, [r1, #44]
LDR r8, [r1, #48]
LDR r9, [r1, #52]
LDR r10, [r1, #56]
LDR r11, [r1, #60]
REV r4, r4
REV r5, r5
REV r6, r6
@ -1461,7 +1469,7 @@ L_SHA256_transform_len_start:
BNE L_SHA256_transform_len_begin
ADD sp, sp, #0xc0
POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
# Cycle Count = 1866
# Cycle Count = 1874
.size Transform_Sha256_Len,.-Transform_Sha256_Len
#endif /* WOLFSSL_ARMASM_NO_NEON */
#endif /* !NO_SHA256 */

24
wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
View File

@ -84,10 +84,14 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"\n"
"L_SHA256_transform_len_begin_%=:\n\t"
/* Load, Reverse and Store W - 64 bytes */
"LDRD r4, r5, [%[data]]\n\t"
"LDRD r6, r7, [%[data], #8]\n\t"
"LDRD r8, r9, [%[data], #16]\n\t"
"LDRD r10, r11, [%[data], #24]\n\t"
"LDR r4, [%[data]]\n\t"
"LDR r5, [%[data], #4]\n\t"
"LDR r6, [%[data], #8]\n\t"
"LDR r7, [%[data], #12]\n\t"
"LDR r8, [%[data], #16]\n\t"
"LDR r9, [%[data], #20]\n\t"
"LDR r10, [%[data], #24]\n\t"
"LDR r11, [%[data], #28]\n\t"
"REV r4, r4\n\t"
"REV r5, r5\n\t"
"REV r6, r6\n\t"
@ -100,10 +104,14 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"STRD r6, r7, [sp, #8]\n\t"
"STRD r8, r9, [sp, #16]\n\t"
"STRD r10, r11, [sp, #24]\n\t"
"LDRD r4, r5, [%[data], #32]\n\t"
"LDRD r6, r7, [%[data], #40]\n\t"
"LDRD r8, r9, [%[data], #48]\n\t"
"LDRD r10, r11, [%[data], #56]\n\t"
"LDR r4, [%[data], #32]\n\t"
"LDR r5, [%[data], #36]\n\t"
"LDR r6, [%[data], #40]\n\t"
"LDR r7, [%[data], #44]\n\t"
"LDR r8, [%[data], #48]\n\t"
"LDR r9, [%[data], #52]\n\t"
"LDR r10, [%[data], #56]\n\t"
"LDR r11, [%[data], #60]\n\t"
"REV r4, r4\n\t"
"REV r5, r5\n\t"
"REV r6, r6\n\t"

8
wolfssl/wolfcrypt/curve25519.h
View File

@ -61,9 +61,9 @@ typedef struct {
/* ECC point, the internal structure is Little endian
* the mathematical functions used the endianness */
typedef struct ECPoint {
byte point[CURVE25519_KEYSIZE];
ALIGN16 byte point[CURVE25519_KEYSIZE];
#ifdef FREESCALE_LTC_ECC
byte pointY[CURVE25519_KEYSIZE];
ALIGN16 byte pointY[CURVE25519_KEYSIZE];
#endif
byte pointSz;
} ECPoint;
@ -80,8 +80,8 @@ struct curve25519_key {
curve in dp */
const curve25519_set_type* dp; /* domain parameters, either points to
curves (idx >= 0) or user supplied */
ECPoint p; /* public point for key */
byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
ECPoint p; /* public point for key */
ALIGN16 byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;

8
wolfssl/wolfcrypt/ed25519.h
View File

@ -85,12 +85,12 @@ enum {
/* An ED25519 Key */
struct ed25519_key {
byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
byte k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */
ALIGN16 byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
ALIGN16 byte k[ED25519_PRV_KEY_SIZE]; /* private key: 32 secret, 32 pub */
#ifdef FREESCALE_LTC_ECC
/* uncompressed point coordinates */
byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
ALIGN16 byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
ALIGN16 byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif
#ifdef WOLFSSL_SE050
word32 keyId;

10
wolfssl/wolfcrypt/ge_operations.h
View File

@ -46,15 +46,15 @@ Representations:
*/
#ifdef ED25519_SMALL
typedef byte ge[F25519_SIZE];
ALIGN16 typedef byte ge[F25519_SIZE];
#elif defined(CURVED25519_ASM_64BIT)
typedef sword64 ge[4];
ALIGN16 typedef sword64 ge[4];
#elif defined(CURVED25519_ASM_32BIT)
typedef sword32 ge[8];
ALIGN16 typedef sword32 ge[8];
#elif defined(CURVED25519_128BIT)
typedef sword64 ge[5];
ALIGN16 typedef sword64 ge[5];
#else
typedef sword32 ge[10];
ALIGN16 typedef sword32 ge[10];
#endif
typedef struct {