Skip to content

Commit d23cb79

Browse files
SparkiDevSparkiDev
committed
SP fixes: 32-bit ARM assembly fixes
mod_exp: subtract from 32 instread of 64 as n is 32 bits sp_521_ecc_mulmod_fast: look up the last point in constant time when required.
1 parent e5594a6 commit d23cb79

3 files changed

Lines changed: 111 additions & 81 deletions

File tree

wolfcrypt/src/sp_arm32.c

Lines changed: 37 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -12500,9 +12500,9 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
1250012500
c = -c;
1250112501
y = (byte)(n << c);
1250212502
n = e[i--];
12503-
y |= (byte)(n >> (64 - c));
12503+
y |= (byte)(n >> (32 - c));
1250412504
n <<= c;
12505-
c = 64 - c;
12505+
c = 32 - c;
1250612506
}
1250712507
else if (c == 0) {
1250812508
/* All bits in top word used. */
@@ -12653,9 +12653,9 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
1265312653
c = -c;
1265412654
y = (byte)(n << c);
1265512655
n = e[i--];
12656-
y |= (byte)(n >> (64 - c));
12656+
y |= (byte)(n >> (32 - c));
1265712657
n <<= c;
12658-
c = 64 - c;
12658+
c = 32 - c;
1265912659
}
1266012660
else if (c == 0) {
1266112661
/* All bits in top word used. */
@@ -17366,9 +17366,9 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
1736617366
c = -c;
1736717367
y = (byte)(n << c);
1736817368
n = e[i--];
17369-
y |= (byte)(n >> (64 - c));
17369+
y |= (byte)(n >> (32 - c));
1737017370
n <<= c;
17371-
c = 64 - c;
17371+
c = 32 - c;
1737217372
}
1737317373
else if (c == 0) {
1737417374
/* All bits in top word used. */
@@ -17502,9 +17502,9 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
1750217502
c = -c;
1750317503
y = (byte)(n << c);
1750417504
n = e[i--];
17505-
y |= (byte)(n >> (64 - c));
17505+
y |= (byte)(n >> (32 - c));
1750617506
n <<= c;
17507-
c = 64 - c;
17507+
c = 32 - c;
1750817508
}
1750917509
else if (c == 0) {
1751017510
/* All bits in top word used. */
@@ -18648,9 +18648,9 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
1864818648
c = -c;
1864918649
y = (byte)(n << c);
1865018650
n = e[i--];
18651-
y |= (byte)(n >> (64 - c));
18651+
y |= (byte)(n >> (32 - c));
1865218652
n <<= c;
18653-
c = 64 - c;
18653+
c = 32 - c;
1865418654
}
1865518655
else if (c == 0) {
1865618656
/* All bits in top word used. */
@@ -38355,9 +38355,9 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
3835538355
c = -c;
3835638356
y = (byte)(n << c);
3835738357
n = e[i--];
38358-
y |= (byte)(n >> (64 - c));
38358+
y |= (byte)(n >> (32 - c));
3835938359
n <<= c;
38360-
c = 64 - c;
38360+
c = 32 - c;
3836138361
}
3836238362
else if (c == 0) {
3836338363
/* All bits in top word used. */
@@ -38508,9 +38508,9 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
3850838508
c = -c;
3850938509
y = (byte)(n << c);
3851038510
n = e[i--];
38511-
y |= (byte)(n >> (64 - c));
38511+
y |= (byte)(n >> (32 - c));
3851238512
n <<= c;
38513-
c = 64 - c;
38513+
c = 32 - c;
3851438514
}
3851538515
else if (c == 0) {
3851638516
/* All bits in top word used. */
@@ -45090,9 +45090,9 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
4509045090
c = -c;
4509145091
y = (byte)(n << c);
4509245092
n = e[i--];
45093-
y |= (byte)(n >> (64 - c));
45093+
y |= (byte)(n >> (32 - c));
4509445094
n <<= c;
45095-
c = 64 - c;
45095+
c = 32 - c;
4509645096
}
4509745097
else if (c == 0) {
4509845098
/* All bits in top word used. */
@@ -45226,9 +45226,9 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
4522645226
c = -c;
4522745227
y = (byte)(n << c);
4522845228
n = e[i--];
45229-
y |= (byte)(n >> (64 - c));
45229+
y |= (byte)(n >> (32 - c));
4523045230
n <<= c;
45231-
c = 64 - c;
45231+
c = 32 - c;
4523245232
}
4523345233
else if (c == 0) {
4523445234
/* All bits in top word used. */
@@ -46620,9 +46620,9 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits,
4662046620
c = -c;
4662146621
y = (byte)(n << c);
4662246622
n = e[i--];
46623-
y |= (byte)(n >> (64 - c));
46623+
y |= (byte)(n >> (32 - c));
4662446624
n <<= c;
46625-
c = 64 - c;
46625+
c = 32 - c;
4662646626
}
4662746627
else if (c == 0) {
4662846628
/* All bits in top word used. */
@@ -60698,9 +60698,9 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e
6069860698
c = -c;
6069960699
y = (byte)(n << c);
6070060700
n = e[i--];
60701-
y |= (byte)(n >> (64 - c));
60701+
y |= (byte)(n >> (32 - c));
6070260702
n <<= c;
60703-
c = 64 - c;
60703+
c = 32 - c;
6070460704
}
6070560705
else if (c == 0) {
6070660706
/* All bits in top word used. */
@@ -60834,9 +60834,9 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e
6083460834
c = -c;
6083560835
y = (byte)(n << c);
6083660836
n = e[i--];
60837-
y |= (byte)(n >> (64 - c));
60837+
y |= (byte)(n >> (32 - c));
6083860838
n <<= c;
60839-
c = 64 - c;
60839+
c = 32 - c;
6084060840
}
6084160841
else if (c == 0) {
6084260842
/* All bits in top word used. */
@@ -62476,9 +62476,9 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits,
6247662476
c = -c;
6247762477
y = (byte)(n << c);
6247862478
n = e[i--];
62479-
y |= (byte)(n >> (64 - c));
62479+
y |= (byte)(n >> (32 - c));
6248062480
n <<= c;
62481-
c = 64 - c;
62481+
c = 32 - c;
6248262482
}
6248362483
else if (c == 0) {
6248462484
/* All bits in top word used. */
@@ -120421,7 +120421,17 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
120421120421
}
120422120422
y = k[0] & 0x1;
120423120423
sp_521_proj_point_dbl_17(rt, rt, tmp);
120424-
sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
120424+
#ifndef WC_NO_CACHE_RESISTANT
120425+
if (ct) {
120426+
sp_521_get_point_16_17(p, t, y);
120427+
p->infinity = !y;
120428+
sp_521_proj_point_add_17(rt, rt, p, tmp);
120429+
}
120430+
else
120431+
#endif
120432+
{
120433+
sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
120434+
}
120425120435

120426120436
if (map != 0) {
120427120437
sp_521_map_17(r, rt, tmp);

wolfcrypt/src/sp_armthumb.c

Lines changed: 37 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -24132,9 +24132,9 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
2413224132
c = -c;
2413324133
y = (byte)(n << c);
2413424134
n = e[i--];
24135-
y |= (byte)(n >> (64 - c));
24135+
y |= (byte)(n >> (32 - c));
2413624136
n <<= c;
24137-
c = 64 - c;
24137+
c = 32 - c;
2413824138
}
2413924139
else if (c == 0) {
2414024140
/* All bits in top word used. */
@@ -24285,9 +24285,9 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
2428524285
c = -c;
2428624286
y = (byte)(n << c);
2428724287
n = e[i--];
24288-
y |= (byte)(n >> (64 - c));
24288+
y |= (byte)(n >> (32 - c));
2428924289
n <<= c;
24290-
c = 64 - c;
24290+
c = 32 - c;
2429124291
}
2429224292
else if (c == 0) {
2429324293
/* All bits in top word used. */
@@ -27684,9 +27684,9 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
2768427684
c = -c;
2768527685
y = (byte)(n << c);
2768627686
n = e[i--];
27687-
y |= (byte)(n >> (64 - c));
27687+
y |= (byte)(n >> (32 - c));
2768827688
n <<= c;
27689-
c = 64 - c;
27689+
c = 32 - c;
2769027690
}
2769127691
else if (c == 0) {
2769227692
/* All bits in top word used. */
@@ -27820,9 +27820,9 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
2782027820
c = -c;
2782127821
y = (byte)(n << c);
2782227822
n = e[i--];
27823-
y |= (byte)(n >> (64 - c));
27823+
y |= (byte)(n >> (32 - c));
2782427824
n <<= c;
27825-
c = 64 - c;
27825+
c = 32 - c;
2782627826
}
2782727827
else if (c == 0) {
2782827828
/* All bits in top word used. */
@@ -30010,9 +30010,9 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
3001030010
c = -c;
3001130011
y = (byte)(n << c);
3001230012
n = e[i--];
30013-
y |= (byte)(n >> (64 - c));
30013+
y |= (byte)(n >> (32 - c));
3001430014
n <<= c;
30015-
c = 64 - c;
30015+
c = 32 - c;
3001630016
}
3001730017
else if (c == 0) {
3001830018
/* All bits in top word used. */
@@ -75473,9 +75473,9 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
7547375473
c = -c;
7547475474
y = (byte)(n << c);
7547575475
n = e[i--];
75476-
y |= (byte)(n >> (64 - c));
75476+
y |= (byte)(n >> (32 - c));
7547775477
n <<= c;
75478-
c = 64 - c;
75478+
c = 32 - c;
7547975479
}
7548075480
else if (c == 0) {
7548175481
/* All bits in top word used. */
@@ -75626,9 +75626,9 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
7562675626
c = -c;
7562775627
y = (byte)(n << c);
7562875628
n = e[i--];
75629-
y |= (byte)(n >> (64 - c));
75629+
y |= (byte)(n >> (32 - c));
7563075630
n <<= c;
75631-
c = 64 - c;
75631+
c = 32 - c;
7563275632
}
7563375633
else if (c == 0) {
7563475634
/* All bits in top word used. */
@@ -79856,9 +79856,9 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
7985679856
c = -c;
7985779857
y = (byte)(n << c);
7985879858
n = e[i--];
79859-
y |= (byte)(n >> (64 - c));
79859+
y |= (byte)(n >> (32 - c));
7986079860
n <<= c;
79861-
c = 64 - c;
79861+
c = 32 - c;
7986279862
}
7986379863
else if (c == 0) {
7986479864
/* All bits in top word used. */
@@ -79992,9 +79992,9 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
7999279992
c = -c;
7999379993
y = (byte)(n << c);
7999479994
n = e[i--];
79995-
y |= (byte)(n >> (64 - c));
79995+
y |= (byte)(n >> (32 - c));
7999679996
n <<= c;
79997-
c = 64 - c;
79997+
c = 32 - c;
7999879998
}
7999979999
else if (c == 0) {
8000080000
/* All bits in top word used. */
@@ -82980,9 +82980,9 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits,
8298082980
c = -c;
8298182981
y = (byte)(n << c);
8298282982
n = e[i--];
82983-
y |= (byte)(n >> (64 - c));
82983+
y |= (byte)(n >> (32 - c));
8298482984
n <<= c;
82985-
c = 64 - c;
82985+
c = 32 - c;
8298682986
}
8298782987
else if (c == 0) {
8298882988
/* All bits in top word used. */
@@ -92314,9 +92314,9 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e
9231492314
c = -c;
9231592315
y = (byte)(n << c);
9231692316
n = e[i--];
92317-
y |= (byte)(n >> (64 - c));
92317+
y |= (byte)(n >> (32 - c));
9231892318
n <<= c;
92319-
c = 64 - c;
92319+
c = 32 - c;
9232092320
}
9232192321
else if (c == 0) {
9232292322
/* All bits in top word used. */
@@ -92450,9 +92450,9 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e
9245092450
c = -c;
9245192451
y = (byte)(n << c);
9245292452
n = e[i--];
92453-
y |= (byte)(n >> (64 - c));
92453+
y |= (byte)(n >> (32 - c));
9245492454
n <<= c;
92455-
c = 64 - c;
92455+
c = 32 - c;
9245692456
}
9245792457
else if (c == 0) {
9245892458
/* All bits in top word used. */
@@ -96231,9 +96231,9 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits,
9623196231
c = -c;
9623296232
y = (byte)(n << c);
9623396233
n = e[i--];
96234-
y |= (byte)(n >> (64 - c));
96234+
y |= (byte)(n >> (32 - c));
9623596235
n <<= c;
96236-
c = 64 - c;
96236+
c = 32 - c;
9623796237
}
9623896238
else if (c == 0) {
9623996239
/* All bits in top word used. */
@@ -124360,7 +124360,17 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
124360124360
}
124361124361
y = k[0] & 0x1;
124362124362
sp_521_proj_point_dbl_17(rt, rt, tmp);
124363-
sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
124363+
#ifndef WC_NO_CACHE_RESISTANT
124364+
if (ct) {
124365+
sp_521_get_point_16_17(p, t, y);
124366+
p->infinity = !y;
124367+
sp_521_proj_point_add_17(rt, rt, p, tmp);
124368+
}
124369+
else
124370+
#endif
124371+
{
124372+
sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
124373+
}
124364124374

124365124375
if (map != 0) {
124366124376
sp_521_map_17(r, rt, tmp);

0 commit comments

Comments
 (0)