emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: in P256 replace constant-time compares with usual ones

Browse Source 
function                                             old     new   delta
sp_256_cmp_10                                          -      24     +24
sp_256_ecc_mulmod_10                                1332    1329      -3
sp_256_cmp_equal_10                                   30       -     -30
static.sp_256_cmp_10                                  43       -     -43
------------------------------------------------------------------------------
(add/remove: 1/2 grow/shrink: 0/1 up/down: 24/-76)            Total: -52 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2021-04-26 16:53:53 +02:00
parent 4d3a5c135c
commit b3b1713a58
1 changed files with 9 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
networking/tls_sp_c32.c
View File

@ -159,17 +159,20 @@ static void sp_256_point_from_bin2x32(sp_point* p, const uint8_t *bin2x32)
p->z[0] = 1; p->z[0] = 1;
} }
/* Compare a with b in constant time. /* Compare a with b.
* *
* return -ve, 0 or +ve if a is less than, equal to or greater than b * return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively. * respectively.
*/ */
static sp_digit sp_256_cmp_10(const sp_digit* a, const sp_digit* b) static sp_digit sp_256_cmp_10(const sp_digit* a, const sp_digit* b)
{ {
sp_digit r = 0; sp_digit r;
int i; int i;
for (i = 9; i >= 0; i--) for (i = 9; i >= 0; i--) {
r |= (a[i] - b[i]) & (0 - !r); r = a[i] - b[i];
if (r != 0)
break;
}
return r; return r;
} }
@ -179,15 +182,7 @@ static sp_digit sp_256_cmp_10(const sp_digit* a, const sp_digit* b)
*/ */
static int sp_256_cmp_equal_10(const sp_digit* a, const sp_digit* b) static int sp_256_cmp_equal_10(const sp_digit* a, const sp_digit* b)
{ {
#if 1
sp_digit r = 0;
int i;
for (i = 0; i < 10; i++)
r |= (a[i] ^ b[i]);
return r == 0;
#else
return sp_256_cmp_10(a, b) == 0; return sp_256_cmp_10(a, b) == 0;
#endif
} }
/* Normalize the values in each word to 26 bits. */ /* Normalize the values in each word to 26 bits. */
@ -710,8 +705,8 @@ static void sp_256_proj_point_add_10(sp_point* r, sp_point* p, sp_point* q,
sp_256_sub_10(t1, p256_mod, q->y); sp_256_sub_10(t1, p256_mod, q->y);
sp_256_norm_10(t1); sp_256_norm_10(t1);
if (sp_256_cmp_equal_10(p->x, q->x) if (sp_256_cmp_equal_10(p->x, q->x)
& sp_256_cmp_equal_10(p->z, q->z) && sp_256_cmp_equal_10(p->z, q->z)
& (sp_256_cmp_equal_10(p->y, q->y) | sp_256_cmp_equal_10(p->y, t1)) && (sp_256_cmp_equal_10(p->y, q->y) || sp_256_cmp_equal_10(p->y, t1))
) { ) {
sp_256_proj_point_dbl_10(r, p, t); sp_256_proj_point_dbl_10(r, p, t);
} }