diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2022-09-28 19:21:50 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2022-09-28 19:21:50 +0200 |
| commit | 798df2f41daf7ddbe83049af0eaa66adcf05ab14 (patch) | |
| tree | c84eb418792aaac0fde429abe4d217f2322ae53a | |
| parent | 805e2e8448fdcd26ed1b248a77b59ef71e8f6845 (diff) | |
| download | nettle-798df2f41daf7ddbe83049af0eaa66adcf05ab14.tar.gz | |
Delete ecc->mul and ecc->mul_g indirection for ecdsa/gostdsa verify.
| -rw-r--r-- | ecc-ecdsa-verify.c | 14 | ||||
| -rw-r--r-- | ecc-gostdsa-verify.c | 14 |
2 files changed, 14 insertions, 14 deletions
diff --git a/ecc-ecdsa-verify.c b/ecc-ecdsa-verify.c index 4c6284af..9e324ea2 100644 --- a/ecc-ecdsa-verify.c +++ b/ecc-ecdsa-verify.c @@ -53,8 +53,8 @@ ecdsa_in_range (const struct ecc_curve *ecc, const mp_limb_t *xp) mp_size_t ecc_ecdsa_verify_itch (const struct ecc_curve *ecc) { - /* Largest storage need is for the ecc->mul call. */ - return 5*ecc->p.size + ecc->mul_itch; + /* Largest storage need is for the ecc_mul_a call. */ + return 5*ecc->p.size + ECC_MUL_A_ITCH (ecc->p.size); } /* FIXME: Use faster primitives, not requiring side-channel silence. */ @@ -107,17 +107,17 @@ ecc_ecdsa_verify (const struct ecc_curve *ecc, /* u2 = r / s, P2 = u2 * Y */ ecc_mod_mul_canonical (&ecc->q, u2, rp, sinv, u2); - /* Total storage: 5*ecc->p.size + ecc->mul_itch */ - ecc->mul (ecc, P2, u2, pp, u2 + ecc->p.size); + /* Total storage: 5*ecc->p.size + ECC_MUL_A_ITCH */ + ecc_mul_a (ecc, P2, u2, pp, u2 + ecc->p.size); /* u = 0 can happen only if h = 0 or h = q, which is extremely unlikely. */ if (!mpn_zero_p (u1, ecc->p.size)) { - /* Total storage: 7*ecc->p.size + ecc->mul_g_itch (ecc->p.size) */ - ecc->mul_g (ecc, P1, u1, P1 + 3*ecc->p.size); + /* Total storage: 7*ecc->p.size + ECC_MUL_G_ITCH */ + ecc_mul_g (ecc, P1, u1, P1 + 3*ecc->p.size); - /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH(size) */ + /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH */ if (!ecc_nonsec_add_jjj (ecc, P2, P2, P1, P1 + 3*ecc->p.size)) /* Infinity point, not a valid signature. */ return 0; diff --git a/ecc-gostdsa-verify.c b/ecc-gostdsa-verify.c index a835ba71..0570af7e 100644 --- a/ecc-gostdsa-verify.c +++ b/ecc-gostdsa-verify.c @@ -52,8 +52,8 @@ ecdsa_in_range (const struct ecc_curve *ecc, const mp_limb_t *xp) mp_size_t ecc_gostdsa_verify_itch (const struct ecc_curve *ecc) { - /* Largest storage need is for the ecc->mul call. */ - return 5*ecc->p.size + ecc->mul_itch; + /* Largest storage need is for the ecc_mul_a call. */ + return 5*ecc->p.size + ECC_MUL_A_ITCH (ecc->p.size); } /* FIXME: Use faster primitives, not requiring side-channel silence. */ @@ -108,13 +108,13 @@ ecc_gostdsa_verify (const struct ecc_curve *ecc, mpn_sub_n (hp, ecc->q.m, rp, ecc->p.size); ecc_mod_mul_canonical (&ecc->q, z2, hp, vp, z2); - /* Total storage: 5*ecc->p.size + ecc->mul_itch */ - ecc->mul (ecc, P2, z2, pp, z2 + ecc->p.size); + /* Total storage: 5*ecc->p.size + ECC_MUL_A_ITCH */ + ecc_mul_a (ecc, P2, z2, pp, z2 + ecc->p.size); - /* Total storage: 7*ecc->p.size + ecc->mul_g_itch (ecc->p.size) */ - ecc->mul_g (ecc, P1, z1, P1 + 3*ecc->p.size); + /* Total storage: 7*ecc->p.size + ECC_MUL_G_ITCH */ + ecc_mul_g (ecc, P1, z1, P1 + 3*ecc->p.size); - /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH(size) */ + /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH */ if (!ecc_nonsec_add_jjj (ecc, P1, P1, P2, P1 + 3*ecc->p.size)) return 0; |