mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 10:47:28 +02:00
wolfcrypt/src/ge_448.c: refactor ge448_double_scalarmult_vartime() to use heap for workspace unless WOLFSSL_NO_MALLOC.
This commit is contained in:
Daniel Pouzzner
@ -10666,34 +10666,73 @@ static void slide(int8_t *r, const uint8_t *a)
|
|||||||
int ge448_double_scalarmult_vartime(ge448_p2 *r, const uint8_t *a,
|
int ge448_double_scalarmult_vartime(ge448_p2 *r, const uint8_t *a,
|
||||||
const ge448_p2 *p, const uint8_t *b)
|
const ge448_p2 *p, const uint8_t *b)
|
||||||
{
|
{
|
||||||
int8_t aslide[448];
|
#define GE448_WINDOW_BUF_SIZE 448
|
||||||
int8_t bslide[448];
|
int8_t *aslide = NULL;
|
||||||
ge448_p2 pi[16]; /* p,3p,..,31p */
|
int8_t *bslide = NULL;
|
||||||
ge448_p2 p2;
|
ge448_p2 *pi[16]; /* p,3p,..,31p */
|
||||||
|
ge448_p2 *p2 = NULL;
|
||||||
int i;
|
int i;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
#if defined(WOLFSSL_NO_MALLOC) && !defined(XMALLOC_USER)
|
||||||
|
int8_t aslide_buf[GE448_WINDOW_BUF_SIZE];
|
||||||
|
int8_t bslide_buf[GE448_WINDOW_BUF_SIZE];
|
||||||
|
ge448_p2 pi_buf[16];
|
||||||
|
ge448_p2 p2_buf;
|
||||||
|
|
||||||
|
aslide = &aslide_buf[0];
|
||||||
|
bslide = &bslide_buf[0];
|
||||||
|
for (i = 0; i < (int)(sizeof pi / sizeof pi[0]); ++i)
|
||||||
|
pi[i] = &pi_buf[i];
|
||||||
|
p2 = &p2_buf;
|
||||||
|
#else
|
||||||
|
XMEMSET(pi, 0, sizeof pi);
|
||||||
|
aslide = (int8_t *)XMALLOC(GE448_WINDOW_BUF_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (! aslide) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
bslide = (int8_t *)XMALLOC(GE448_WINDOW_BUF_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (! bslide) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
for (i = 0; i < (int)(sizeof pi / sizeof pi[0]); ++i) {
|
||||||
|
pi[i] = (ge448_p2 *)XMALLOC(sizeof *pi[i], NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (! pi[i]) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
p2 = (ge448_p2 *)XMALLOC(sizeof *p2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (! p2) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
slide(aslide, a);
|
slide(aslide, a);
|
||||||
slide(bslide, b);
|
slide(bslide, b);
|
||||||
|
|
||||||
fe448_copy(pi[0].X, p->X);
|
fe448_copy(pi[0]->X, p->X);
|
||||||
fe448_copy(pi[0].Y, p->Y);
|
fe448_copy(pi[0]->Y, p->Y);
|
||||||
fe448_copy(pi[0].Z, p->Z);
|
fe448_copy(pi[0]->Z, p->Z);
|
||||||
ge448_dbl(&p2, p);
|
ge448_dbl(p2, p);
|
||||||
ge448_add(&pi[1], &p2, &pi[0]);
|
ge448_add(pi[1], p2, pi[0]);
|
||||||
ge448_add(&pi[2], &p2, &pi[1]);
|
ge448_add(pi[2], p2, pi[1]);
|
||||||
ge448_add(&pi[3], &p2, &pi[2]);
|
ge448_add(pi[3], p2, pi[2]);
|
||||||
ge448_add(&pi[4], &p2, &pi[3]);
|
ge448_add(pi[4], p2, pi[3]);
|
||||||
ge448_add(&pi[5], &p2, &pi[4]);
|
ge448_add(pi[5], p2, pi[4]);
|
||||||
ge448_add(&pi[6], &p2, &pi[5]);
|
ge448_add(pi[6], p2, pi[5]);
|
||||||
ge448_add(&pi[7], &p2, &pi[6]);
|
ge448_add(pi[7], p2, pi[6]);
|
||||||
ge448_add(&pi[8], &p2, &pi[7]);
|
ge448_add(pi[8], p2, pi[7]);
|
||||||
ge448_add(&pi[9], &p2, &pi[8]);
|
ge448_add(pi[9], p2, pi[8]);
|
||||||
ge448_add(&pi[10], &p2, &pi[9]);
|
ge448_add(pi[10], p2, pi[9]);
|
||||||
ge448_add(&pi[11], &p2, &pi[10]);
|
ge448_add(pi[11], p2, pi[10]);
|
||||||
ge448_add(&pi[12], &p2, &pi[11]);
|
ge448_add(pi[12], p2, pi[11]);
|
||||||
ge448_add(&pi[13], &p2, &pi[12]);
|
ge448_add(pi[13], p2, pi[12]);
|
||||||
ge448_add(&pi[14], &p2, &pi[13]);
|
ge448_add(pi[14], p2, pi[13]);
|
||||||
ge448_add(&pi[15], &p2, &pi[14]);
|
ge448_add(pi[15], p2, pi[14]);
|
||||||
|
|
||||||
ge448_0(r);
|
ge448_0(r);
|
||||||
|
|
||||||
@ -10708,9 +10747,9 @@ int ge448_double_scalarmult_vartime(ge448_p2 *r, const uint8_t *a,
|
|||||||
ge448_dbl(r, r);
|
ge448_dbl(r, r);
|
||||||
|
|
||||||
if (aslide[i] > 0)
|
if (aslide[i] > 0)
|
||||||
ge448_add(r, r, &pi[aslide[i]/2]);
|
ge448_add(r, r, pi[aslide[i]/2]);
|
||||||
else if (aslide[i] < 0)
|
else if (aslide[i] < 0)
|
||||||
ge448_sub(r, r ,&pi[(-aslide[i])/2]);
|
ge448_sub(r, r ,pi[(-aslide[i])/2]);
|
||||||
|
|
||||||
if (bslide[i] > 0)
|
if (bslide[i] > 0)
|
||||||
ge448_madd(r, r, &base_i[bslide[i]/2]);
|
ge448_madd(r, r, &base_i[bslide[i]/2]);
|
||||||
@ -10718,7 +10757,25 @@ int ge448_double_scalarmult_vartime(ge448_p2 *r, const uint8_t *a,
|
|||||||
ge448_msub(r, r, &base_i[(-bslide[i])/2]);
|
ge448_msub(r, r, &base_i[(-bslide[i])/2]);
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
ret = 0;
|
||||||
|
|
||||||
|
#if !defined(WOLFSSL_NO_MALLOC) || defined(XMALLOC_USER)
|
||||||
|
out:
|
||||||
|
|
||||||
|
if (aslide)
|
||||||
|
XFREE(aslide, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (bslide)
|
||||||
|
XFREE(bslide, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
for (i = 0; i < (int)(sizeof pi / sizeof pi[0]); ++i) {
|
||||||
|
if (pi[i])
|
||||||
|
XFREE(pi[i], NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
}
|
||||||
|
if (p2)
|
||||||
|
XFREE(p2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
#undef GE448_WINDOW_BUF_SIZE
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Convert compressed point to negative of affine point.
|
/* Convert compressed point to negative of affine point.
|
||||||
|
|||||||
Reference in New Issue
Block a user