Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
58d47cf0
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
58d47cf0
编写于
1月 21, 2015
作者:
A
Andy Polyakov
提交者:
Matt Caswell
1月 22, 2015
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ec/ecp_nistz256.c: harmonize with latest indent script.
Reviewed-by:
N
Tim Hudson
<
tjh@openssl.org
>
上级
7a2cb6f0
变更
1
显示空白变更内容
内联
并排
Showing
1 changed file
with
82 addition
and
78 deletion
+82
-78
crypto/ec/ecp_nistz256.c
crypto/ec/ecp_nistz256.c
+82
-78
未找到文件。
crypto/ec/ecp_nistz256.c
浏览文件 @
58d47cf0
...
...
@@ -113,14 +113,14 @@ void ecp_nistz256_from_mont(BN_ULONG res[P256_LIMBS],
void
ecp_nistz256_to_mont
(
BN_ULONG
res
[
P256_LIMBS
],
const
BN_ULONG
in
[
P256_LIMBS
]);
/* Functions that perform constant time access to the precomputed tables */
void
ecp_nistz256_scatter_w5
(
P256_POINT
*
val
,
const
P256_POINT
*
in_t
,
int
index
);
void
ecp_nistz256_scatter_w5
(
P256_POINT
*
val
,
const
P256_POINT
*
in_t
,
int
index
);
void
ecp_nistz256_gather_w5
(
P256_POINT
*
val
,
const
P256_POINT
*
in_t
,
int
index
);
void
ecp_nistz256_scatter_w7
(
P256_POINT_AFFINE
*
val
,
const
P256_POINT_AFFINE
*
in_t
,
int
index
);
void
ecp_nistz256_gather_w7
(
P256_POINT_AFFINE
*
val
,
const
P256_POINT_AFFINE
*
in_t
,
int
index
);
const
P256_POINT
*
in_t
,
int
index
);
void
ecp_nistz256_scatter_w7
(
P256_POINT_AFFINE
*
val
,
const
P256_POINT_AFFINE
*
in_t
,
int
index
);
void
ecp_nistz256_gather_w7
(
P256_POINT_AFFINE
*
val
,
const
P256_POINT_AFFINE
*
in_t
,
int
index
);
/* One converted into the Montgomery domain */
static
const
BN_ULONG
ONE
[
P256_LIMBS
]
=
{
...
...
@@ -131,7 +131,7 @@ static const BN_ULONG ONE[P256_LIMBS] = {
static
void
*
ecp_nistz256_pre_comp_dup
(
void
*
);
static
void
ecp_nistz256_pre_comp_free
(
void
*
);
static
void
ecp_nistz256_pre_comp_clear_free
(
void
*
);
static
EC_PRE_COMP
*
ecp_nistz256_pre_comp_new
(
const
EC_GROUP
*
group
);
static
EC_PRE_COMP
*
ecp_nistz256_pre_comp_new
(
const
EC_GROUP
*
group
);
/* Precomputed tables for the default generator */
extern
const
PRECOMP256_ROW
ecp_nistz256_precomputed
[
37
];
...
...
@@ -225,15 +225,15 @@ static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
}
#ifndef ECP_NISTZ256_REFERENCE_IMPLEMENTATION
void
ecp_nistz256_point_double
(
P256_POINT
*
r
,
const
P256_POINT
*
a
);
void
ecp_nistz256_point_add
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT
*
b
);
void
ecp_nistz256_point_add_affine
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT_AFFINE
*
b
);
void
ecp_nistz256_point_double
(
P256_POINT
*
r
,
const
P256_POINT
*
a
);
void
ecp_nistz256_point_add
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT
*
b
);
void
ecp_nistz256_point_add_affine
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT_AFFINE
*
b
);
#else
/* Point double: r = 2*a */
static
void
ecp_nistz256_point_double
(
P256_POINT
*
r
,
const
P256_POINT
*
a
)
static
void
ecp_nistz256_point_double
(
P256_POINT
*
r
,
const
P256_POINT
*
a
)
{
BN_ULONG
S
[
P256_LIMBS
];
BN_ULONG
M
[
P256_LIMBS
];
...
...
@@ -307,17 +307,17 @@ static void ecp_nistz256_point_add(P256_POINT * r,
/* We encode infinity as (0,0), which is not on the curve,
* so it is OK. */
in1infty
=
in1_x
[
0
]
|
in1_x
[
1
]
|
in1_x
[
2
]
|
in1_x
[
3
]
|
in1_y
[
0
]
|
in1_y
[
1
]
|
in1_y
[
2
]
|
in1_y
[
3
]
;
in1infty
=
(
in1_x
[
0
]
|
in1_x
[
1
]
|
in1_x
[
2
]
|
in1_x
[
3
]
|
in1_y
[
0
]
|
in1_y
[
1
]
|
in1_y
[
2
]
|
in1_y
[
3
])
;
if
(
P256_LIMBS
==
8
)
in1infty
|=
in1_x
[
4
]
|
in1_x
[
5
]
|
in1_x
[
6
]
|
in1_x
[
7
]
|
in1_y
[
4
]
|
in1_y
[
5
]
|
in1_y
[
6
]
|
in1_y
[
7
]
;
in1infty
|=
(
in1_x
[
4
]
|
in1_x
[
5
]
|
in1_x
[
6
]
|
in1_x
[
7
]
|
in1_y
[
4
]
|
in1_y
[
5
]
|
in1_y
[
6
]
|
in1_y
[
7
])
;
in2infty
=
in2_x
[
0
]
|
in2_x
[
1
]
|
in2_x
[
2
]
|
in2_x
[
3
]
|
in2_y
[
0
]
|
in2_y
[
1
]
|
in2_y
[
2
]
|
in2_y
[
3
]
;
in2infty
=
(
in2_x
[
0
]
|
in2_x
[
1
]
|
in2_x
[
2
]
|
in2_x
[
3
]
|
in2_y
[
0
]
|
in2_y
[
1
]
|
in2_y
[
2
]
|
in2_y
[
3
])
;
if
(
P256_LIMBS
==
8
)
in2infty
|=
in2_x
[
4
]
|
in2_x
[
5
]
|
in2_x
[
6
]
|
in2_x
[
7
]
|
in2_y
[
4
]
|
in2_y
[
5
]
|
in2_y
[
6
]
|
in2_y
[
7
]
;
in2infty
|=
(
in2_x
[
4
]
|
in2_x
[
5
]
|
in2_x
[
6
]
|
in2_x
[
7
]
|
in2_y
[
4
]
|
in2_y
[
5
]
|
in2_y
[
6
]
|
in2_y
[
7
])
;
in1infty
=
is_zero
(
in1infty
);
in2infty
=
is_zero
(
in2infty
);
...
...
@@ -380,9 +380,9 @@ static void ecp_nistz256_point_add(P256_POINT * r,
}
/* Point addition when b is known to be affine: r = a+b */
static
void
ecp_nistz256_point_add_affine
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT_AFFINE
*
b
)
static
void
ecp_nistz256_point_add_affine
(
P256_POINT
*
r
,
const
P256_POINT
*
a
,
const
P256_POINT_AFFINE
*
b
)
{
BN_ULONG
U2
[
P256_LIMBS
],
S2
[
P256_LIMBS
];
BN_ULONG
Z1sqr
[
P256_LIMBS
];
...
...
@@ -406,17 +406,17 @@ static void ecp_nistz256_point_add_affine(P256_POINT * r,
/* In affine representation we encode infty as (0,0),
* which is not on the curve, so it is OK */
in1infty
=
in1_x
[
0
]
|
in1_x
[
1
]
|
in1_x
[
2
]
|
in1_x
[
3
]
|
in1_y
[
0
]
|
in1_y
[
1
]
|
in1_y
[
2
]
|
in1_y
[
3
]
;
in1infty
=
(
in1_x
[
0
]
|
in1_x
[
1
]
|
in1_x
[
2
]
|
in1_x
[
3
]
|
in1_y
[
0
]
|
in1_y
[
1
]
|
in1_y
[
2
]
|
in1_y
[
3
])
;
if
(
P256_LIMBS
==
8
)
in1infty
|=
in1_x
[
4
]
|
in1_x
[
5
]
|
in1_x
[
6
]
|
in1_x
[
7
]
|
in1_y
[
4
]
|
in1_y
[
5
]
|
in1_y
[
6
]
|
in1_y
[
7
]
;
in1infty
|=
(
in1_x
[
4
]
|
in1_x
[
5
]
|
in1_x
[
6
]
|
in1_x
[
7
]
|
in1_y
[
4
]
|
in1_y
[
5
]
|
in1_y
[
6
]
|
in1_y
[
7
])
;
in2infty
=
in2_x
[
0
]
|
in2_x
[
1
]
|
in2_x
[
2
]
|
in2_x
[
3
]
|
in2_y
[
0
]
|
in2_y
[
1
]
|
in2_y
[
2
]
|
in2_y
[
3
]
;
in2infty
=
(
in2_x
[
0
]
|
in2_x
[
1
]
|
in2_x
[
2
]
|
in2_x
[
3
]
|
in2_y
[
0
]
|
in2_y
[
1
]
|
in2_y
[
2
]
|
in2_y
[
3
])
;
if
(
P256_LIMBS
==
8
)
in2infty
|=
in2_x
[
4
]
|
in2_x
[
5
]
|
in2_x
[
6
]
|
in2_x
[
7
]
|
in2_y
[
4
]
|
in2_y
[
5
]
|
in2_y
[
6
]
|
in2_y
[
7
]
;
in2infty
|=
(
in2_x
[
4
]
|
in2_x
[
5
]
|
in2_x
[
6
]
|
in2_x
[
7
]
|
in2_y
[
4
]
|
in2_y
[
5
]
|
in2_y
[
6
]
|
in2_y
[
7
])
;
in1infty
=
is_zero
(
in1infty
);
in2infty
=
is_zero
(
in2infty
);
...
...
@@ -547,11 +547,11 @@ static int ecp_nistz256_bignum_to_field_elem(BN_ULONG out[P256_LIMBS],
}
/* r = sum(scalar[i]*point[i]) */
static
void
ecp_nistz256_windowed_mul
(
const
EC_GROUP
*
group
,
P256_POINT
*
r
,
const
BIGNUM
**
scalar
,
const
EC_POINT
**
point
,
int
num
,
BN_CTX
*
ctx
)
static
void
ecp_nistz256_windowed_mul
(
const
EC_GROUP
*
group
,
P256_POINT
*
r
,
const
BIGNUM
**
scalar
,
const
EC_POINT
**
point
,
int
num
,
BN_CTX
*
ctx
)
{
int
i
,
j
;
unsigned
int
index
;
...
...
@@ -613,7 +613,8 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP * group,
if
(
!
ecp_nistz256_bignum_to_field_elem
(
temp
[
0
].
X
,
point
[
i
]
->
X
)
||
!
ecp_nistz256_bignum_to_field_elem
(
temp
[
0
].
Y
,
point
[
i
]
->
Y
)
||
!
ecp_nistz256_bignum_to_field_elem
(
temp
[
0
].
Z
,
point
[
i
]
->
Z
))
{
ECerr
(
EC_F_ECP_NISTZ256_WINDOWED_MUL
,
EC_R_COORDINATES_OUT_OF_RANGE
);
ECerr
(
EC_F_ECP_NISTZ256_WINDOWED_MUL
,
EC_R_COORDINATES_OUT_OF_RANGE
);
goto
err
;
}
...
...
@@ -708,7 +709,7 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP * group,
ecp_nistz256_point_add
(
r
,
r
,
&
temp
[
0
]);
}
err:
err:
if
(
table_storage
)
OPENSSL_free
(
table_storage
);
if
(
p_str
)
...
...
@@ -730,7 +731,7 @@ const static BN_ULONG def_yG[P256_LIMBS] = {
/* ecp_nistz256_is_affine_G returns one if |generator| is the standard,
* P-256 generator. */
static
int
ecp_nistz256_is_affine_G
(
const
EC_POINT
*
generator
)
static
int
ecp_nistz256_is_affine_G
(
const
EC_POINT
*
generator
)
{
return
(
bn_get_top
(
generator
->
X
)
==
P256_LIMBS
)
&&
(
bn_get_top
(
generator
->
Y
)
==
P256_LIMBS
)
&&
...
...
@@ -740,7 +741,7 @@ static int ecp_nistz256_is_affine_G(const EC_POINT * generator)
is_one
(
bn_get_words
(
generator
->
Z
));
}
static
int
ecp_nistz256_mult_precompute
(
EC_GROUP
*
group
,
BN_CTX
*
ctx
)
static
int
ecp_nistz256_mult_precompute
(
EC_GROUP
*
group
,
BN_CTX
*
ctx
)
{
/* We precompute a table for a Booth encoded exponent (wNAF) based
* computation. Each table holds 64 values for safe access, with an
...
...
@@ -848,7 +849,7 @@ static int ecp_nistz256_mult_precompute(EC_GROUP * group, BN_CTX * ctx)
ret
=
1
;
err:
err:
if
(
ctx
!=
NULL
)
BN_CTX_end
(
ctx
);
if
(
pre_comp
)
...
...
@@ -878,8 +879,9 @@ err:
# undef ECP_NISTZ256_AVX2
# else
/* Constant time access, loading four values, from four consecutive tables */
void
ecp_nistz256_avx2_multi_gather_w7
(
void
*
result
,
const
void
*
in
,
int
index0
,
int
index1
,
int
index2
,
int
index3
);
void
ecp_nistz256_avx2_multi_gather_w7
(
void
*
result
,
const
void
*
in
,
int
index0
,
int
index1
,
int
index2
,
int
index3
);
void
ecp_nistz256_avx2_transpose_convert
(
void
*
RESULTx4
,
const
void
*
in
);
void
ecp_nistz256_avx2_convert_transpose_back
(
void
*
result
,
const
void
*
Ax4
);
void
ecp_nistz256_avx2_point_add_affine_x4
(
void
*
RESULTx4
,
const
void
*
Ax4
,
...
...
@@ -908,10 +910,9 @@ static void booth_recode_w7(unsigned char *sign,
/* ecp_nistz256_avx2_mul_g performs multiplication by G, using only the
* precomputed table. It does 4 affine point additions in parallel,
* significantly speeding up point multiplication for a fixed value. */
static
void
ecp_nistz256_avx2_mul_g
(
P256_POINT
*
r
,
static
void
ecp_nistz256_avx2_mul_g
(
P256_POINT
*
r
,
unsigned
char
p_str
[
33
],
const
P256_POINT_AFFINE
(
*
preComputedTable
)[
64
])
const
P256_POINT_AFFINE
(
*
preComputedTable
)[
64
])
{
const
unsigned
int
window_size
=
7
;
const
unsigned
int
mask
=
(
1
<<
(
window_size
+
1
))
-
1
;
...
...
@@ -1047,7 +1048,7 @@ static void ecp_nistz256_avx2_mul_g(P256_POINT * r,
wvalue
=
*
((
u16
*
)
&
p_str
[(
index
-
1
)
/
8
]);
wvalue
=
(
wvalue
>>
((
index
-
1
)
%
8
))
&
mask
;
booth_recode_w7
(
&
sign0
,
&
digit0
,
wvalue
);
ecp_nistz256_gather_w7
((
P256_POINT_AFFINE
*
)
r
,
ecp_nistz256_gather_w7
((
P256_POINT_AFFINE
*
)
r
,
preComputedTable
[
36
],
digit0
);
ecp_nistz256_neg
(
tmp
,
r
->
Y
);
copy_conditional
(
r
->
Y
,
tmp
,
sign0
);
...
...
@@ -1061,19 +1062,19 @@ static void ecp_nistz256_avx2_mul_g(P256_POINT * r,
# endif
#endif
static
int
ecp_nistz256_set_from_affine
(
EC_POINT
*
out
,
const
EC_GROUP
*
group
,
const
P256_POINT_AFFINE
*
in
,
BN_CTX
*
ctx
)
static
int
ecp_nistz256_set_from_affine
(
EC_POINT
*
out
,
const
EC_GROUP
*
group
,
const
P256_POINT_AFFINE
*
in
,
BN_CTX
*
ctx
)
{
BIGNUM
*
x
,
*
y
;
BN_ULONG
d_x
[
P256_LIMBS
],
d_y
[
P256_LIMBS
];
int
ret
=
0
;
x
=
BN_new
();
if
(
!
x
)
if
(
!
x
)
return
0
;
y
=
BN_new
();
if
(
!
y
)
{
if
(
!
y
)
{
BN_free
(
x
);
return
0
;
}
...
...
@@ -1085,19 +1086,21 @@ static int ecp_nistz256_set_from_affine(EC_POINT * out, const EC_GROUP * group,
ret
=
EC_POINT_set_affine_coordinates_GFp
(
group
,
out
,
x
,
y
,
ctx
);
if
(
x
)
BN_free
(
x
);
if
(
y
)
BN_free
(
y
);
if
(
x
)
BN_free
(
x
);
if
(
y
)
BN_free
(
y
);
return
ret
;
}
/* r = scalar*G + sum(scalars[i]*points[i]) */
static
int
ecp_nistz256_points_mul
(
const
EC_GROUP
*
group
,
EC_POINT
*
r
,
const
BIGNUM
*
scalar
,
static
int
ecp_nistz256_points_mul
(
const
EC_GROUP
*
group
,
EC_POINT
*
r
,
const
BIGNUM
*
scalar
,
size_t
num
,
const
EC_POINT
*
points
[],
const
BIGNUM
*
scalars
[],
BN_CTX
*
ctx
)
const
EC_POINT
*
points
[],
const
BIGNUM
*
scalars
[],
BN_CTX
*
ctx
)
{
int
i
=
0
,
ret
=
0
,
no_precomp_for_generator
=
0
,
p_is_infinity
=
0
;
size_t
j
;
...
...
@@ -1115,7 +1118,7 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
}
t
,
p
;
BIGNUM
*
tmp_scalar
;
if
((
num
+
1
)
==
0
||
(
num
+
1
)
>
OPENSSL_MALLOC_MAX_NELEMS
(
void
*
))
{
if
((
num
+
1
)
==
0
||
(
num
+
1
)
>
OPENSSL_MALLOC_MAX_NELEMS
(
void
*
))
{
ECerr
(
EC_F_ECP_NISTZ256_POINTS_MUL
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
...
...
@@ -1226,7 +1229,8 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
wvalue
=
_booth_recode_w7
(
wvalue
);
ecp_nistz256_gather_w7
(
&
p
.
a
,
preComputedTable
[
0
],
wvalue
>>
1
);
ecp_nistz256_gather_w7
(
&
p
.
a
,
preComputedTable
[
0
],
wvalue
>>
1
);
ecp_nistz256_neg
(
p
.
p
.
Z
,
p
.
p
.
Y
);
copy_conditional
(
p
.
p
.
Y
,
p
.
p
.
Z
,
wvalue
&
1
);
...
...
@@ -1311,13 +1315,13 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
ret
=
1
;
err:
err:
return
ret
;
}
static
int
ecp_nistz256_get_affine
(
const
EC_GROUP
*
group
,
const
EC_POINT
*
point
,
BIGNUM
*
x
,
BIGNUM
*
y
,
BN_CTX
*
ctx
)
static
int
ecp_nistz256_get_affine
(
const
EC_GROUP
*
group
,
const
EC_POINT
*
point
,
BIGNUM
*
x
,
BIGNUM
*
y
,
BN_CTX
*
ctx
)
{
BN_ULONG
z_inv2
[
P256_LIMBS
];
BN_ULONG
z_inv3
[
P256_LIMBS
];
...
...
@@ -1360,14 +1364,14 @@ static int ecp_nistz256_get_affine(const EC_GROUP * group,
return
1
;
}
static
EC_PRE_COMP
*
ecp_nistz256_pre_comp_new
(
const
EC_GROUP
*
group
)
static
EC_PRE_COMP
*
ecp_nistz256_pre_comp_new
(
const
EC_GROUP
*
group
)
{
EC_PRE_COMP
*
ret
=
NULL
;
if
(
!
group
)
return
NULL
;
ret
=
(
EC_PRE_COMP
*
)
OPENSSL_malloc
(
sizeof
(
EC_PRE_COMP
));
ret
=
(
EC_PRE_COMP
*
)
OPENSSL_malloc
(
sizeof
(
EC_PRE_COMP
));
if
(
!
ret
)
{
ECerr
(
EC_F_ECP_NISTZ256_PRE_COMP_NEW
,
ERR_R_MALLOC_FAILURE
);
...
...
@@ -1431,7 +1435,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
OPENSSL_free
(
pre
);
}
static
int
ecp_nistz256_window_have_precompute_mult
(
const
EC_GROUP
*
group
)
static
int
ecp_nistz256_window_have_precompute_mult
(
const
EC_GROUP
*
group
)
{
/* There is a hard-coded table for the default generator. */
const
EC_POINT
*
generator
=
EC_GROUP_get0_generator
(
group
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录