diff options
| author |   tedu <tedu@openbsd.org> | 2014-05-06 03:56:27 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-05-06 03:56:27 +0000 |
| commit | f67ac449e381bbe1cf66329c53bf11a08d401fab (patch) | |
| tree | 0a003989d2d30f8b68d37378d84059a5507a7959 /lib/libcrypto/ec/ecp_nistputil.c | |
| parent | move chacha context and buffer out of bss and allow mmap to place them (diff) | |
| download | wireguard-openbsd-f67ac449e381bbe1cf66329c53bf11a08d401fab.tar.xz wireguard-openbsd-f67ac449e381bbe1cf66329c53bf11a08d401fab.zip | |
knf approximation
Diffstat (limited to 'lib/libcrypto/ec/ecp_nistputil.c')
| -rw-r--r-- | lib/libcrypto/ec/ecp_nistputil.c | 100 |
1 files changed, 56 insertions, 44 deletions
diff --git a/lib/libcrypto/ec/ecp_nistputil.c b/lib/libcrypto/ec/ecp_nistputil.c index c8140c807fb..0312fb16add 100644 --- a/lib/libcrypto/ec/ecp_nistputil.c +++ b/lib/libcrypto/ec/ecp_nistputil.c @@ -41,16 +41,17 @@ * tmp_felems needs to point to a temporary array of 'num'+1 field elements * for storage of intermediate values. */ -void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array, - size_t felem_size, void *tmp_felems, - void (*felem_one)(void *out), - int (*felem_is_zero)(const void *in), - void (*felem_assign)(void *out, const void *in), - void (*felem_square)(void *out, const void *in), - void (*felem_mul)(void *out, const void *in1, const void *in2), - void (*felem_inv)(void *out, const void *in), - void (*felem_contract)(void *out, const void *in)) - { +void +ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array, + size_t felem_size, void *tmp_felems, + void (*felem_one) (void *out), + int (*felem_is_zero) (const void *in), + void (*felem_assign) (void *out, const void *in), + void (*felem_square) (void *out, const void *in), + void (*felem_mul) (void *out, const void *in1, const void *in2), + void (*felem_inv) (void *out, const void *in), + void (*felem_contract) (void *out, const void *in)) +{ int i = 0; #define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size]) @@ -62,50 +63,59 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array, felem_assign(tmp_felem(0), Z(0)); else felem_one(tmp_felem(0)); - for (i = 1; i < (int)num; i++) - { + for (i = 1; i < (int) num; i++) { if (!felem_is_zero(Z(i))) - felem_mul(tmp_felem(i), tmp_felem(i-1), Z(i)); + felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i)); else - felem_assign(tmp_felem(i), tmp_felem(i-1)); - } - /* Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any zero-valued factors: - * if Z(i) = 0, we essentially pretend that Z(i) = 1 */ + felem_assign(tmp_felem(i), tmp_felem(i - 1)); + } + /* + * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any + * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i) + * = 1 + */ - felem_inv(tmp_felem(num-1), tmp_felem(num-1)); - for (i = num - 1; i >= 0; i--) - { + felem_inv(tmp_felem(num - 1), tmp_felem(num - 1)); + for (i = num - 1; i >= 0; i--) { if (i > 0) - /* tmp_felem(i-1) is the product of Z(0) .. Z(i-1), - * tmp_felem(i) is the inverse of the product of Z(0) .. Z(i) + /* + * tmp_felem(i-1) is the product of Z(0) .. Z(i-1), + * tmp_felem(i) is the inverse of the product of Z(0) + * .. Z(i) */ - felem_mul(tmp_felem(num), tmp_felem(i-1), tmp_felem(i)); /* 1/Z(i) */ + felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i)); /* 1/Z(i) */ else - felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */ + felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */ - if (!felem_is_zero(Z(i))) - { + if (!felem_is_zero(Z(i))) { if (i > 0) - /* For next iteration, replace tmp_felem(i-1) by its inverse */ - felem_mul(tmp_felem(i-1), tmp_felem(i), Z(i)); + /* + * For next iteration, replace tmp_felem(i-1) + * by its inverse + */ + felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i)); - /* Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1) */ - felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */ - felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */ - felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */ - felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */ + /* + * Convert point (X, Y, Z) into affine form (X/(Z^2), + * Y/(Z^3), 1) + */ + felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */ + felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */ + felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */ + felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */ felem_contract(X(i), X(i)); felem_contract(Y(i), Y(i)); felem_one(Z(i)); - } - else - { + } else { if (i > 0) - /* For next iteration, replace tmp_felem(i-1) by its inverse */ - felem_assign(tmp_felem(i-1), tmp_felem(i)); - } + /* + * For next iteration, replace tmp_felem(i-1) + * by its inverse + */ + felem_assign(tmp_felem(i - 1), tmp_felem(i)); } } +} /* * This function looks at 5+1 scalar bits (5 current, 1 adjacent less @@ -180,18 +190,20 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array, * has to be b_4 b_3 b_2 b_1 b_0 0. * */ -void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in) - { +void +ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in) +{ unsigned char s, d; - s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as 6-bit value */ + s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as + * 6-bit value */ d = (1 << 6) - in - 1; d = (d & s) | (in & ~s); d = (d >> 1) + (d & 1); *sign = s & 1; *digit = d; - } +} #else -static void *dummy=&dummy; +static void *dummy = &dummy; #endif |