[PATCH 1/2] Change ecc_mod_*mul_1 to be per-module callbacks

From: Dmitry Baryshkov dbaryshkov@gmail.com

GOST curves will require different "fixups" for fast (mul X mod p) operations. Move these operations to ecc_modulo structure and call them via function pointer.

Signed-off-by: Dmitry Baryshkov dbaryshkov@gmail.com --- ecc-curve25519.c | 8 ++++++++ ecc-curve448.c | 8 ++++++++ ecc-gost-gc256b.c | 8 ++++++++ ecc-gost-gc512a.c | 8 ++++++++ ecc-internal.h | 32 ++++++++++++++++++++------------ ecc-mod-arith.c | 12 ++++++------ ecc-mul-m.c | 6 +++--- ecc-secp192r1.c | 8 ++++++++ ecc-secp224r1.c | 8 ++++++++ ecc-secp256r1.c | 8 ++++++++ ecc-secp384r1.c | 8 ++++++++ ecc-secp521r1.c | 8 ++++++++ 12 files changed, 101 insertions(+), 21 deletions(-)

diff --git a/ecc-curve25519.c b/ecc-curve25519.c index 0ad3017c9ebc..4ee80c8d4463 100644 --- a/ecc-curve25519.c +++ b/ecc-curve25519.c @@ -310,6 +310,10 @@ const struct ecc_curve _nettle_curve25519 = ecc_curve25519_modp, ecc_curve25519_inv, ecc_curve25519_sqrt, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 253, @@ -329,6 +333,10 @@ const struct ecc_curve _nettle_curve25519 = ecc_curve25519_modq, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

0, /* No redc */ diff --git a/ecc-curve448.c b/ecc-curve448.c index c31a0eb26ba4..71634b855af8 100644 --- a/ecc-curve448.c +++ b/ecc-curve448.c @@ -288,6 +288,10 @@ const struct ecc_curve _nettle_curve448 = ecc_curve448_modp, ecc_curve448_inv, ecc_curve448_sqrt, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 446, @@ -307,6 +311,10 @@ const struct ecc_curve _nettle_curve448 = ecc_mod, /* FIXME: Implement optimized reduce function */ ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

0, /* No redc */ diff --git a/ecc-gost-gc256b.c b/ecc-gost-gc256b.c index 8adc8e1763b9..acf3b56c8955 100644 --- a/ecc-gost-gc256b.c +++ b/ecc-gost-gc256b.c @@ -77,6 +77,10 @@ const struct ecc_curve _nettle_gost_gc256b = ecc_gost_gc256b_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 256, @@ -96,6 +100,10 @@ const struct ecc_curve _nettle_gost_gc256b = ecc_gost_gc256b_modq, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-gost-gc512a.c b/ecc-gost-gc512a.c index 6d210925b609..79d084f38d33 100644 --- a/ecc-gost-gc512a.c +++ b/ecc-gost-gc512a.c @@ -77,6 +77,10 @@ const struct ecc_curve _nettle_gost_gc512a = ecc_gost_gc512a_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 512, @@ -96,6 +100,10 @@ const struct ecc_curve _nettle_gost_gc512a = ecc_gost_gc512a_modq, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-internal.h b/ecc-internal.h index 0022e0ab6cc2..ddeb6d3cb1f3 100644 --- a/ecc-internal.h +++ b/ecc-internal.h @@ -44,9 +44,9 @@ #define ecc_pm1_redc _nettle_ecc_pm1_redc #define ecc_mod_add _nettle_ecc_mod_add #define ecc_mod_sub _nettle_ecc_mod_sub -#define ecc_mod_mul_1 _nettle_ecc_mod_mul_1 -#define ecc_mod_addmul_1 _nettle_ecc_mod_addmul_1 -#define ecc_mod_submul_1 _nettle_ecc_mod_submul_1 +#define ecc_mod_mul_1_std _nettle_ecc_mod_mul_1_std +#define ecc_mod_addmul_1_std _nettle_ecc_mod_addmul_1_std +#define ecc_mod_submul_1_std _nettle_ecc_mod_submul_1_std #define ecc_mod_mul _nettle_ecc_mod_mul #define ecc_mod_sqr _nettle_ecc_mod_sqr #define ecc_mod_random _nettle_ecc_mod_random @@ -146,6 +146,10 @@ typedef void ecc_h_to_a_func (const struct ecc_curve *ecc, mp_limb_t *r, const mp_limb_t *p, mp_limb_t *scratch);

+typedef void ecc_mod_mul_1_func (const struct ecc_modulo *m, + mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b); + struct ecc_modulo { unsigned short bit_size; @@ -170,6 +174,10 @@ struct ecc_modulo ecc_mod_func *reduce; ecc_mod_inv_func *invert; ecc_mod_sqrt_func *sqrt; + + ecc_mod_mul_1_func *mul_1; + ecc_mod_mul_1_func *addmul_1; + ecc_mod_mul_1_func *submul_1; };

/* Represents an elliptic curve of the form @@ -240,15 +248,15 @@ ecc_mod_sub (const struct ecc_modulo *m, mp_limb_t *rp, const mp_limb_t *ap, const mp_limb_t *bp);

void -ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, const mp_limb_t b); +ecc_mod_mul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, const mp_limb_t b);

void -ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b); +ecc_mod_addmul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b); void -ecc_mod_submul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b); +ecc_mod_submul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b);

/* The mul and sqr functions need 2*m->size limbs at rp */ void @@ -264,11 +272,11 @@ ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp, #define ecc_modp_sub(ecc, r, a, b) \ ecc_mod_sub (&(ecc)->p, (r), (a), (b)) #define ecc_modp_mul_1(ecc, r, a, b) \ - ecc_mod_mul_1 (&(ecc)->p, (r), (a), (b)) + (ecc)->p.mul_1 (&(ecc)->p, (r), (a), (b)) #define ecc_modp_addmul_1(ecc, r, a, b) \ - ecc_mod_addmul_1 (&(ecc)->p, (r), (a), (b)) + (ecc)->p.addmul_1 (&(ecc)->p, (r), (a), (b)) #define ecc_modp_submul_1(ecc, r, a, b) \ - ecc_mod_submul_1 (&(ecc)->p, (r), (a), (b)) + (ecc)->p.submul_1 (&(ecc)->p, (r), (a), (b)) #define ecc_modp_mul(ecc, r, a, b) \ ecc_mod_mul (&(ecc)->p, (r), (a), (b)) #define ecc_modp_sqr(ecc, r, a) \ diff --git a/ecc-mod-arith.c b/ecc-mod-arith.c index f2e47f6747c1..0399a2cdd7c5 100644 --- a/ecc-mod-arith.c +++ b/ecc-mod-arith.c @@ -65,8 +65,8 @@ ecc_mod_sub (const struct ecc_modulo *m, mp_limb_t *rp, }

void -ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_mul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi;

@@ -80,8 +80,8 @@ ecc_mod_mul_1 (const struct ecc_modulo *m, mp_limb_t *rp, }

void -ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_addmul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi;

@@ -95,8 +95,8 @@ ecc_mod_addmul_1 (const struct ecc_modulo *m, mp_limb_t *rp, }

void -ecc_mod_submul_1 (const struct ecc_modulo *m, mp_limb_t *rp, - const mp_limb_t *ap, mp_limb_t b) +ecc_mod_submul_1_std (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap, mp_limb_t b) { mp_limb_t hi;

diff --git a/ecc-mul-m.c b/ecc-mul-m.c index 68bdd16e8e94..770350162da1 100644 --- a/ecc-mul-m.c +++ b/ecc-mul-m.c @@ -80,7 +80,7 @@ ecc_mul_m (const struct ecc_modulo *m, ecc_mod_sqr (m, BB, B); ecc_mod_mul (m, x3, AA, BB); ecc_mod_sub (m, E, AA, BB); - ecc_mod_addmul_1 (m, AA, E, a24); + m->addmul_1 (m, AA, E, a24); ecc_mod_mul (m, z3, E, AA);

for (i = bit_high; i >= bit_low; i--) @@ -98,7 +98,7 @@ ecc_mul_m (const struct ecc_modulo *m, ecc_mod_sqr (m, BB, B); ecc_mod_mul (m, x2, AA, BB); /* Last use of BB */ ecc_mod_sub (m, E, AA, BB); - ecc_mod_addmul_1 (m, AA, E, a24); + m->addmul_1 (m, AA, E, a24); ecc_mod_add (m, C, x3, z3); ecc_mod_sub (m, D, x3, z3); ecc_mod_mul (m, z2, E, AA); /* Last use of E and AA */ @@ -124,7 +124,7 @@ ecc_mul_m (const struct ecc_modulo *m, ecc_mod_sqr (m, BB, B); ecc_mod_mul (m, x2, AA, BB); ecc_mod_sub (m, E, AA, BB); - ecc_mod_addmul_1 (m, AA, E, a24); + m->addmul_1 (m, AA, E, a24); ecc_mod_mul (m, z2, E, AA); } assert (m->invert_itch <= 7 * m->size); diff --git a/ecc-secp192r1.c b/ecc-secp192r1.c index 094074d73ed7..d36be63d7b3a 100644 --- a/ecc-secp192r1.c +++ b/ecc-secp192r1.c @@ -130,6 +130,10 @@ const struct ecc_curve _nettle_secp_192r1 = ecc_secp192r1_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 192, @@ -149,6 +153,10 @@ const struct ecc_curve _nettle_secp_192r1 = ecc_mod, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-secp224r1.c b/ecc-secp224r1.c index e6b43fa61f42..cde02a01fd6d 100644 --- a/ecc-secp224r1.c +++ b/ecc-secp224r1.c @@ -82,6 +82,10 @@ const struct ecc_curve _nettle_secp_224r1 = USE_REDC ? ecc_secp224r1_redc : ecc_secp224r1_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 224, @@ -101,6 +105,10 @@ const struct ecc_curve _nettle_secp_224r1 = ecc_mod, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-secp256r1.c b/ecc-secp256r1.c index 6c776a729aea..e17061ab761c 100644 --- a/ecc-secp256r1.c +++ b/ecc-secp256r1.c @@ -259,6 +259,10 @@ const struct ecc_curve _nettle_secp_256r1 = USE_REDC ? ecc_secp256r1_redc : ecc_secp256r1_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 256, @@ -278,6 +282,10 @@ const struct ecc_curve _nettle_secp_256r1 = ecc_secp256r1_modq, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-secp384r1.c b/ecc-secp384r1.c index c4a75564bf58..cf0cd25e32fb 100644 --- a/ecc-secp384r1.c +++ b/ecc-secp384r1.c @@ -167,6 +167,10 @@ const struct ecc_curve _nettle_secp_384r1 = ecc_secp384r1_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 384, @@ -186,6 +190,10 @@ const struct ecc_curve _nettle_secp_384r1 = ecc_mod, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC, diff --git a/ecc-secp521r1.c b/ecc-secp521r1.c index 74688008959b..2241e542f927 100644 --- a/ecc-secp521r1.c +++ b/ecc-secp521r1.c @@ -95,6 +95,10 @@ const struct ecc_curve _nettle_secp_521r1 = ecc_secp521r1_modp, ecc_mod_inv, NULL, + + ecc_mod_mul_1_std, + ecc_mod_addmul_1_std, + ecc_mod_submul_1_std, }, { 521, @@ -114,6 +118,10 @@ const struct ecc_curve _nettle_secp_521r1 = ecc_mod, ecc_mod_inv, NULL, + + NULL, + NULL, + NULL, },

USE_REDC,