Use loop for two passes in the reduction
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
parent
4bf08f86bb
commit
f921f4d228
1 changed files with 22 additions and 47 deletions
|
@ -5528,7 +5528,6 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p
|
||||||
size_t adjust, size_t shift, mbedtls_mpi_uint mask)
|
size_t adjust, size_t shift, mbedtls_mpi_uint mask)
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
size_t i;
|
|
||||||
mbedtls_mpi M, R;
|
mbedtls_mpi M, R;
|
||||||
mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
|
mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
|
||||||
|
|
||||||
|
@ -5545,6 +5544,7 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p
|
||||||
M.s = 1;
|
M.s = 1;
|
||||||
M.p = Mp;
|
M.p = Mp;
|
||||||
|
|
||||||
|
for (size_t pass = 0; pass < 2; pass++) {
|
||||||
/* M = A1 */
|
/* M = A1 */
|
||||||
M.n = N->n - (p_limbs - adjust);
|
M.n = N->n - (p_limbs - adjust);
|
||||||
if (M.n > p_limbs + adjust) {
|
if (M.n > p_limbs + adjust) {
|
||||||
|
@ -5561,39 +5561,14 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p
|
||||||
if (mask != 0) {
|
if (mask != 0) {
|
||||||
N->p[p_limbs - 1] &= mask;
|
N->p[p_limbs - 1] &= mask;
|
||||||
}
|
}
|
||||||
for (i = p_limbs; i < N->n; i++) {
|
for (size_t i = p_limbs; i < N->n; i++) {
|
||||||
N->p[i] = 0;
|
N->p[i] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* N = A0 + R * A1 */
|
/* N = A0 + R * A1 */
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R));
|
MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R));
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
|
MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
|
||||||
|
|
||||||
/* Second pass */
|
|
||||||
|
|
||||||
/* M = A1 */
|
|
||||||
M.n = N->n - (p_limbs - adjust);
|
|
||||||
if (M.n > p_limbs + adjust) {
|
|
||||||
M.n = p_limbs + adjust;
|
|
||||||
}
|
}
|
||||||
memset(Mp, 0, sizeof(Mp));
|
|
||||||
memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint));
|
|
||||||
if (shift != 0) {
|
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift));
|
|
||||||
}
|
|
||||||
M.n += R.n; /* Make room for multiplication by R */
|
|
||||||
|
|
||||||
/* N = A0 */
|
|
||||||
if (mask != 0) {
|
|
||||||
N->p[p_limbs - 1] &= mask;
|
|
||||||
}
|
|
||||||
for (i = p_limbs; i < N->n; i++) {
|
|
||||||
N->p[i] = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* N = A0 + R * A1 */
|
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R));
|
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
|
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
return ret;
|
return ret;
|
||||||
|
|
Loading…
Reference in a new issue