mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:04:24 +01:00
Full restart support in ecp_mul_comb_core()
Still recomputing table every time, though.
This commit is contained in:
parent
2fad7ae02a
commit
c5d844b999
@ -108,6 +108,7 @@ struct mbedtls_ecp_restart {
|
|||||||
mbedtls_mpi m; /* saved argument: scalar */
|
mbedtls_mpi m; /* saved argument: scalar */
|
||||||
mbedtls_ecp_point P; /* saved argument: point */
|
mbedtls_ecp_point P; /* saved argument: point */
|
||||||
mbedtls_ecp_point R; /* current intermediate result */
|
mbedtls_ecp_point R; /* current intermediate result */
|
||||||
|
size_t i; /* current index in various loops, 0 outside */
|
||||||
enum {
|
enum {
|
||||||
ecp_rs_init = 0,
|
ecp_rs_init = 0,
|
||||||
ecp_rs_final_norm,
|
ecp_rs_final_norm,
|
||||||
@ -1409,15 +1410,26 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R
|
|||||||
|
|
||||||
mbedtls_ecp_point_init( &Txi );
|
mbedtls_ecp_point_init( &Txi );
|
||||||
|
|
||||||
/* Start with a non-zero point and randomize its coordinates */
|
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||||
i = d;
|
if( grp->rs != NULL && grp->rs->i != 0 )
|
||||||
MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) );
|
{
|
||||||
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
|
/* restore current index (R already pointing to grp->rs->R) */
|
||||||
if( f_rng != 0 )
|
i = grp->rs->i;
|
||||||
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
/* Start with a non-zero point and randomize its coordinates */
|
||||||
|
i = d;
|
||||||
|
MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) );
|
||||||
|
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
|
||||||
|
if( f_rng != 0 )
|
||||||
|
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
|
||||||
|
}
|
||||||
|
|
||||||
while( i-- != 0 )
|
while( i-- != 0 )
|
||||||
{
|
{
|
||||||
|
ECP_BUDGET( ECP_OPS_DBL + ECP_OPS_ADD );
|
||||||
MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) );
|
MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) );
|
||||||
MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) );
|
MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) );
|
||||||
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) );
|
MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) );
|
||||||
@ -1427,6 +1439,23 @@ cleanup:
|
|||||||
|
|
||||||
mbedtls_ecp_point_free( &Txi );
|
mbedtls_ecp_point_free( &Txi );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_EARLY_RETURN)
|
||||||
|
if( grp->rs != NULL )
|
||||||
|
{
|
||||||
|
if( ret == 0 )
|
||||||
|
{
|
||||||
|
grp->rs->state++;
|
||||||
|
grp->rs->i = 0;
|
||||||
|
}
|
||||||
|
else if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
|
||||||
|
{
|
||||||
|
/* was decreased before actually doing it */
|
||||||
|
grp->rs->i = i + 1;
|
||||||
|
/* no need to save R, already pointing to grp->rs->R */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1513,9 +1542,6 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp,
|
|||||||
if( grp->rs != NULL )
|
if( grp->rs != NULL )
|
||||||
grp->rs->state++;
|
grp->rs->state++;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* XXX: temporary: should have counted some ops */
|
|
||||||
ECP_BUDGET( 42 );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ECP_BUDGET( ECP_OPS_INV );
|
ECP_BUDGET( ECP_OPS_INV );
|
||||||
|
Loading…
Reference in New Issue
Block a user