ref10

Taylor R Campbell Thu, 20 Aug 2020 14:21:25 -0700

Module Name:    src
Committed By:   riastradh
Date:           Thu Aug 20 21:20:47 UTC 2020


Modified Files:
        
src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10:
            ed25519_ref10.c

Log Message:
Split ge25519_scalarmult up in order to reduce stack usage.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
    
src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c
diff -u src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c:1.2 src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c:1.3
--- src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c:1.2	Thu Aug 20 21:20:37 2020
+++ src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c	Thu Aug 20 21:20:47 2020
@@ -748,18 +748,11 @@ ge25519_double_scalarmult_vartime(ge2551
  p is public
  */
 
-void
-ge25519_scalarmult(ge25519_p3 *h, const unsigned char *a, const ge25519_p3 *p)
+static void __noinline
+ge25519_scalarmult_cache(ge25519_cached pi[static 8], const ge25519_p3 *p)
 {
-    signed char     e[64];
-    signed char     carry;
-    ge25519_p1p1    r;
-    ge25519_p2      s;
     ge25519_p1p1    t1;
     ge25519_p3      p2, p3, p4, pt;
-    ge25519_cached  pi[8];
-    ge25519_cached  t;
-    int             i;
 
     ge25519_p3_to_cached(&pi[1 - 1], p);   /* p */
 
@@ -790,6 +783,18 @@ ge25519_scalarmult(ge25519_p3 *h, const 
     ge25519_p3_dbl(&t1, &p4);
     ge25519_p1p1_to_p3(&pt, &t1);
     ge25519_p3_to_cached(&pi[8 - 1], &pt); /* 8p = 2*4p */
+}
+
+static void __noinline
+ge25519_scalarmult_cached(ge25519_p3 *h, const unsigned char *a,
+    const ge25519_p3 *p, const ge25519_cached pi[static 8])
+{
+    signed char     e[64];
+    signed char     carry;
+    ge25519_p1p1    r;
+    ge25519_p2      s;
+    ge25519_cached  t;
+    int             i;
 
     for (i = 0; i < 32; ++i) {
         e[2 * i + 0] = (a[i] >> 0) & 15;
@@ -831,6 +836,15 @@ ge25519_scalarmult(ge25519_p3 *h, const 
     ge25519_p1p1_to_p3(h, &r);
 }
 
+void
+ge25519_scalarmult(ge25519_p3 *h, const unsigned char *a, const ge25519_p3 *p)
+{
+    ge25519_cached  pi[8];
+
+    ge25519_scalarmult_cache(pi, p);
+    ge25519_scalarmult_cached(h, a, p, pi);
+}
+
 /*
  h = a * B (with precomputation)
  where a = a[0]+256*a[1]+...+256^31 a[31]

CVS commit: src/sys/external/isc/libsodium/dist/src/libsodium/crypto_core/ed25519/ref10

Reply via email to