diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-03-03 10:12:07 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2018-06-01 06:22:06 +0000 |
commit | 6cd014b2658f2a709f22b16d06982ff5444cd6db (patch) | |
tree | a45f5e1cc9ef917f426b82a4ba6fcbb881fec879 /common/rsa.c | |
parent | 29db6c1226288ea3eca333503a0d4a70c2729388 (diff) | |
download | chrome-ec-6cd014b2658f2a709f22b16d06982ff5444cd6db.tar.gz |
rsa: Optimization of multiplications for Cortex-M0
We multiply 2 32-bit numbers (and not 64-bit numbers), and then add
another 32-bit number, which makes it possible to optimize the
assembly and save a few instructions.
With -O3, 3072-bit exponent, lower verification time from 122 ms to
104 ms on STM32F072 @48Mhz.
Optimized mac function from Dmitry Grinberg <dmitrygr@google.com>.
BRANCH=poppy
BUG=b:35647963
BUG=b:77608104
TEST=On staff, flash, verification successful
TEST=make test-rsa, make test-rsa3
TEST=Flash test-utils and test-rsa to hammer => pass
Change-Id: I584c54c631a3f59f691849a279b308e8d4b4b22d
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/449024
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1080583
Diffstat (limited to 'common/rsa.c')
-rw-r--r-- | common/rsa.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/common/rsa.c b/common/rsa.c index e4e85c3374..3d8518e9ef 100644 --- a/common/rsa.c +++ b/common/rsa.c @@ -50,14 +50,14 @@ static void mont_mul_add(const struct rsa_public_key *key, const uint32_t a, const uint32_t *b) { - uint64_t A = (uint64_t)a * b[0] + c[0]; + uint64_t A = mula32(a, b[0], c[0]); uint32_t d0 = (uint32_t)A * key->n0inv; - uint64_t B = (uint64_t)d0 * key->n[0] + (uint32_t)A; + uint64_t B = mula32(d0, key->n[0], A); uint32_t i; for (i = 1; i < RSANUMWORDS; ++i) { - A = (A >> 32) + (uint64_t)a * b[i] + c[i]; - B = (B >> 32) + (uint64_t)d0 * key->n[i] + (uint32_t)A; + A = (A >> 32) + mula32(a, b[i], c[i]); + B = (B >> 32) + mula32(d0, key->n[i], A); c[i - 1] = (uint32_t)B; } @@ -78,11 +78,11 @@ static void mont_mul_add_0(const struct rsa_public_key *key, const uint32_t *b) { uint32_t d0 = c[0] * key->n0inv; - uint64_t B = (uint64_t)d0 * key->n[0] + c[0]; + uint64_t B = mula32(d0, key->n[0], c[0]); uint32_t i; for (i = 1; i < RSANUMWORDS; ++i) { - B = (B >> 32) + (uint64_t)d0 * key->n[i] + c[i]; + B = (B >> 32) + mula32(d0, key->n[i], c[i]); c[i - 1] = (uint32_t)B; } |