yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-24 22:56:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Separate auxiliary array in precompute_comb()

Browse source 
Separating main computation from filling of the auxiliary array makes things
clearer and easier to restart as we don't have to remember the in-progress
auxiliary array.
This commit is contained in:
Manuel Pégourié-Gonnard 2017-03-20 09:29:31 +01:00
parent 07bf6f52c1
commit fc3e0beabf
1 changed files with 19 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
library/ecp.c
View file

@ -1332,7 +1332,7 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
unsigned char w, size_t d ) unsigned char w, size_t d )
{ {
int ret; int ret;
unsigned char i, k; unsigned char i;
size_t j; size_t j;
mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1]; mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
@ -1351,35 +1351,44 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
*/ */
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) );
k = 0;
for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 ) for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
{ {
cur = T + i; cur = T + i;
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) );
for( j = 0; j < d; j++ ) for( j = 0; j < d; j++ )
MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) );
TT[k++] = cur;
} }
MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); /*
* Normalize current elements in T. As T has holes,
* use an auxiliary array of pointers to elements in T.
*/
j = 0;
for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
TT[j++] = T + i;
MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
/* /*
* Compute the remaining ones using the minimal number of additions * Compute the remaining ones using the minimal number of additions
* Be careful to update T[2^l] only after using it! * Be careful to update T[2^l] only after using it!
*/ */
k = 0;
for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 ) for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
{ {
j = i; j = i;
while( j-- ) while( j-- )
{
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) );
TT[k++] = &T[i + j];
}
} }
MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); /*
* Normalize final elements in T. Even though there are no holes now,
* we still need the auxiliary array for homogeneity with last time.
* Also skip T[0] which is already normalised, being a copy of P.
*/
for( j = 0; j + 1 < ( 1U << ( w - 1 ) ); j++ )
TT[j] = T + j + 1;
MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
#if defined(MBEDTLS_ECP_EARLY_RETURN) #if defined(MBEDTLS_ECP_EARLY_RETURN)
if( grp->rs != NULL ) if( grp->rs != NULL )