Daiki Ueno ueno@gnu.org writes:
This makes it possible to share the same code for curve25519 and curve448 primitives, which use different underlying formulas for addition and doubling.
Makes sense. I've tried to verify using examples/ecc-benchmark that there's no performance degradation for curve25519, due to the extra indirection.
--- a/testsuite/ecc-add-test.c +++ b/testsuite/ecc-add-test.c @@ -1,4 +1,5 @@ #include "testutils.h" +#include <assert.h>
void test_main (void) @@ -20,64 +21,70 @@ test_main (void) /* Zero point has x = 0, y = 1, z = 1 */ mpn_zero (z, 3*ecc->p.size); z[ecc->p.size] = z[2*ecc->p.size] = 1;
assert (ecc->add_hh == ecc_add_eh);assert (ecc->add_hhh == ecc_add_ehh);- ecc_a_to_j (ecc, g, ecc->g);
ecc_add_ehh (ecc, p, z, z, scratch);
ecc->add_hhh (ecc, p, z, z, scratch);
I think it would be nice if the new function pointers could be used to reduce duplication in this test as well as ecc-dup-test.c. Edwards curves (curve25519, and then later curve448) should have a few additional tests (since they use "complete" formulas), involving the zero point, and add of one point to itself. But the rest of the tests could be the same for the other curves.
Would you like to give it a try, or should I?
Regards, /Niels