From 303f94493518425a6f49a07ebc809da95ea36237 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 29 Jun 2021 12:34:34 +1000 Subject: [PATCH 1/2] SP: allow fast mod_exp to be compiled for small C code --- wolfcrypt/src/sp_c32.c | 14 +++++++------- wolfcrypt/src/sp_c64.c | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index bbdf1bcb7..cc2d33de1 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -54,7 +54,7 @@ #if SP_WORD_SIZE == 32 #if ((!defined(WC_NO_CACHE_RESISTANT) && \ (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \ - defined(WOLFSSL_SP_SMALL)) && \ + (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \ (defined(WOLFSSL_HAVE_SP_ECC) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Mask for address to obfuscate which of the two address will be used. */ static const size_t addr_mask[2] = { 0, (size_t)-1 }; @@ -1900,7 +1900,7 @@ static int sp_2048_mod_45(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_2048_mod_exp_45(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -2791,7 +2791,7 @@ static int sp_2048_mod_90(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_2048_mod_exp_90(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -5769,7 +5769,7 @@ static int sp_3072_mod_67(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_3072_mod_exp_67(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -6692,7 +6692,7 @@ static int sp_3072_mod_134(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_3072_mod_exp_134(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -9833,7 +9833,7 @@ static int sp_4096_mod_98(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_4096_mod_exp_98(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -10741,7 +10741,7 @@ static int sp_4096_mod_196(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_4096_mod_exp_196(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index df4eb4671..3ab52b2aa 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -54,7 +54,7 @@ #if SP_WORD_SIZE == 64 #if ((!defined(WC_NO_CACHE_RESISTANT) && \ (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \ - defined(WOLFSSL_SP_SMALL)) && \ + (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \ (defined(WOLFSSL_HAVE_SP_ECC) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Mask for address to obfuscate which of the two address will be used. */ static const size_t addr_mask[2] = { 0, (size_t)-1 }; @@ -1530,7 +1530,7 @@ static int sp_2048_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -2414,7 +2414,7 @@ static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -5759,7 +5759,7 @@ static int sp_3072_mod_27(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -6648,7 +6648,7 @@ static int sp_3072_mod_54(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -10104,7 +10104,7 @@ static int sp_4096_mod_39(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else @@ -11052,7 +11052,7 @@ static int sp_4096_mod_78(sp_digit* r, const sp_digit* a, const sp_digit* m) static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) { -#ifdef WOLFSSL_SP_SMALL +#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC) sp_digit* td = NULL; #else From e59cc79a1f3d3ac9a8925fe77e1fcf2f2d6a6a02 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 29 Jun 2021 09:16:27 -0700 Subject: [PATCH 2/2] Document new `WOLFSSL_SP_FAST_MODEXP` option. --- wolfcrypt/src/sp_int.c | 1 + 1 file changed, 1 insertion(+) diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 2b4ec7542..bd03f4d19 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -82,6 +82,7 @@ This library provides single precision (SP) integer math functions. * pointer is not allowed. * WOLFSSL_SP_NO_DYN_STACK Disable use of dynamic stack items. * Used with small code size and not small stack. + * WOLFSSL_SP_FAST_MODEXP Allow fast mod_exp with small C code */ #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)