Denys Vlasenko
9c671fe3dd
tls: P256: do not open-code copying of struct variables
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 18:42:27 +01:00
Denys Vlasenko
dcfd8d3d10
tls: P256: fix sp_256_div2_8 - it wouldn't use a[] if low bit is 0
...
It worked by chance because the only caller passed both parameters
as two pointers to the same array.
My fault (I made this error when converting from 26-bit code).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 16:24:49 +01:00
Denys Vlasenko
8cbb70365f
tls: P256: remove redundant zeroing in sp_256_map_8
...
Previous change made it obvious that we zero out already-zeroed high bits
function old new delta
sp_256_ecc_mulmod_8 534 494 -40
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 15:50:40 +01:00
Denys Vlasenko
4415f7bc06
tls: P256: explain which functions use double-wide arrays, no code changes
...
function old new delta
sp_512to256_mont_reduce_8 - 243 +243
sp_256to512z_mont_mul_8 - 150 +150
sp_256to512z_mont_sqr_8 - 7 +7
sp_256_mont_sqr_8 7 - -7
sp_256_mont_mul_8 150 - -150
sp_256_mont_reduce_8 243 - -243
------------------------------------------------------------------------------
(add/remove: 3/3 grow/shrink: 0/0 up/down: 400/-400) Total: 0 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 15:47:26 +01:00
Denys Vlasenko
bbda85c74b
tls: P256: remove constant-time trick in sp_256_proj_point_add_8
...
function old new delta
sp_256_proj_point_add_8 576 544 -32
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 15:06:57 +01:00
Denys Vlasenko
26c8522522
tls: P256: do not open-code copying of struct variables
...
function old new delta
sp_256_ecc_mulmod_8 536 534 -2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 15:00:14 +01:00
Denys Vlasenko
4bc9da1071
tls: P256: 64-bit optimizations
...
function old new delta
sp_256_proj_point_dbl_8 421 428 +7
sp_256_point_from_bin2x32 78 84 +6
sp_256_cmp_8 38 42 +4
sp_256_to_bin_8 28 31 +3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 20/0) Total: 20 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 11:28:11 +01:00
Denys Vlasenko
53b2fdcdba
*: add NOINLINEs where code noticeably shrinks
...
function old new delta
display 85 1463 +1378 -73 bytes
select_and_cluster - 1088 +1088 -139 bytes
parse_reply - 979 +979 -109 bytes
zbc_num_sqrt - 632 +632 -191 bytes
show_bridge_port - 585 +585 -56 bytes
sp_256_proj_point_add_8 - 576 +576 -45 bytes
encode_then_append_var_plusminus - 554 +554 -118 bytes
read_mode_db - 537 +537 -47 bytes
fbset_main 1331 747 -584
sp_256_ecc_mulmod_8 1157 536 -621
brctl_main 2189 1548 -641
expand_one_var 2544 1872 -672
zxc_vm_process 6412 5589 -823
send_queries 1813 725 -1088
recv_and_process_peer_pkt 2245 1018 -1227
bb_dump_dump 1531 80 -1451
------------------------------------------------------------------------------
(add/remove: 7/0 grow/shrink: 1/8 up/down: 6329/-7107) Total: -778 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-10 13:50:53 +02:00
Denys Vlasenko
17e6fb06b3
tls: whitespace fix
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 21:22:36 +02:00
Denys Vlasenko
5e9c617021
tls: P256: sp_256_sub_8_p256_mod always subtracts in-place, use that
...
i386:
function old new delta
sp_256_mont_reduce_8 245 243 -2
sp_256_mont_dbl_8 26 24 -2
sp_256_ecc_mulmod_8 1161 1157 -4
sp_256_proj_point_dbl_8 359 353 -6
sp_256_sub_8_p256_mod 71 32 -39
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/5 up/down: 0/-53) Total: -53 bytes
non-asm code:
function old new delta
sp_256_sub_8_p256_mod - 12 +12
sp_256_mont_reduce_8 250 243 -7
sp_256_mont_dbl_8 31 24 -7
sp_256_ecc_mulmod_8 1171 1157 -14
sp_256_proj_point_dbl_8 374 353 -21
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/4 up/down: 12/-49) Total: -37 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 20:19:30 +02:00
Denys Vlasenko
87e3f2e9f8
tls: P256: x86-64 optimized sp_256_sub_8_p256_mod
...
function old new delta
sp_256_sub_8_p256_mod - 53 +53
sp_256_mont_reduce_8 223 217 -6
sp_256_mont_dbl_8 38 32 -6
sp_256_ecc_mulmod_8 1535 1529 -6
sp_256_proj_point_dbl_8 469 454 -15
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/4 up/down: 53/-33) Total: 20 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 19:59:39 +02:00
Denys Vlasenko
911344a998
tls: P256: x86-64 assembly
...
function old new delta
sp_256_mont_mul_8 127 155 +28
sp_256_proj_point_dbl_8 448 469 +21
sp_256_mont_sub_8 23 35 +12
sp_256_mont_dbl_8 26 38 +12
sp_256_sub_8 44 49 +5
sp_256_ecc_mulmod_8 1530 1535 +5
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 6/0 up/down: 83/0) Total: 83 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 17:17:34 +02:00
Denys Vlasenko
22fd8fd3f4
tls: P256: tweak arm assembly (currently disabled)
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 16:10:49 +02:00
Denys Vlasenko
d74993d31d
tls: P@256: remove "header comment is kept intact" comment
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 14:28:47 +02:00
Denys Vlasenko
567eefcaf8
tls: P256: do not dumplicate sp_256_sub_8()
...
function old new delta
sp_256_proj_point_dbl_8 359 374 +15
sp_256_ecc_mulmod_8 1159 1171 +12
sp_256_mont_reduce_8 245 250 +5
sp_256_mont_dbl_8 26 31 +5
sp_256_sub_8_p256_mod 43 - -43
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 4/0 up/down: 37/-43) Total: -6 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 14:25:54 +02:00
Denys Vlasenko
00f2cceb6a
tls: P256: shrink sp_256_mul_add_8 a bit more
...
function old new delta
sp_256_mont_reduce_8 257 245 -12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 10:15:29 +02:00
Denys Vlasenko
c784284615
tls: P256: propagate constants, create dedicated "subtract p256_mod" function
...
8 instances of this subtraction probably warrant a few bytes more of code.
function old new delta
sp_256_sub_8_p256_mod - 71 +71
sp_256_mont_sub_8 - 29 +29
sp_256_mont_dbl_8 - 26 +26
sp_256_mont_reduce_8 262 257 -5
sp_256_ecc_mulmod_8 1171 1161 -10
sp_256_proj_point_dbl_8 374 359 -15
static.sp_256_mont_sub_8 29 - -29
static.sp_256_mont_dbl_8 31 - -31
------------------------------------------------------------------------------
(add/remove: 3/2 grow/shrink: 0/3 up/down: 126/-90) Total: 36 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 01:11:48 +02:00
Denys Vlasenko
2430fcfd8d
tls: optimize sp_256_mont_reduce_8 in P256
...
The code size decrease is small, but we eliminate ALL multiplies!
function old new delta
sp_256_mont_reduce_8 268 262 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-06 00:24:03 +02:00
Denys Vlasenko
bbd723ebec
tls: optimize sp_256_mul_8 in P256
...
function old new delta
sp_256_mont_mul_8 151 150 -1
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 23:19:18 +02:00
Denys Vlasenko
3b411ebbfc
tls: replace "26-bit" P256 code with 32-bit one.
...
function old new delta
sp_256_ecc_mulmod_8 - 1171 +1171
sp_256_mod_mul_norm_8 - 834 +834
sp_256_proj_point_dbl_8 - 374 +374
sp_256_mont_reduce_8 - 268 +268
sp_256_mont_mul_8 - 151 +151
sp_256_sub_8 - 76 +76
sp_256_add_8 - 76 +76
sp_256_cmp_8 - 38 +38
static.sp_256_mont_dbl_8 - 31 +31
static.sp_256_mont_sub_8 - 29 +29
sp_256_to_bin_8 - 28 +28
sp_256_point_from_bin2x32 50 73 +23
sp_256_mont_sqr_8 - 7 +7
sp_256_mont_sqr_10 7 - -7
p256_mod 40 32 -8
curve_P256_compute_pubkey_and_premaster 186 167 -19
sp_256_sub_10 22 - -22
sp_256_add_10 22 - -22
sp_256_cmp_10 24 - -24
sp_256_norm_10 31 - -31
static.sp_256_mont_sub_10 49 - -49
static.sp_256_mont_dbl_10 52 - -52
static.sp_256_mul_add_10 82 - -82
sp_256_from_bin_10 119 - -119
sp_256_to_bin_10 120 - -120
sp_256_mont_reduce_10 178 - -178
sp_256_mont_mul_10 214 - -214
sp_256_proj_point_dbl_10 451 - -451
sp_256_ecc_mulmod_10 1216 - -1216
sp_256_mod_mul_norm_10 1305 - -1305
------------------------------------------------------------------------------
(add/remove: 12/15 grow/shrink: 1/2 up/down: 3106/-3919) Total: -813 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 20:01:38 +02:00
Denys Vlasenko
55578f2fb7
tls: fix the case of sp_256_mont_tpl_10() leaving striay high bits
...
It has no effect on correctness, but interferes with compating internal state
of different implementations.
function old new delta
sp_256_proj_point_dbl_10 443 451 +8
static.sp_256_mont_sub_10 46 49 +3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 11/0) Total: 11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 19:46:39 +02:00
Denys Vlasenko
81d8af1970
tls: fix (what looks like) a rare corner case bug in P256
...
function old new delta
static.sp_256_mont_sub_10 30 46 +16
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 17:31:33 +02:00
Denys Vlasenko
92402d5e0a
tls: remove one overzealous debugging statement
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 14:01:52 +02:00
Denys Vlasenko
137864f559
tls: add debugging scaffolding to P256 code
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 13:50:11 +02:00
Denys Vlasenko
389329efbe
tls: another P256 code shrink
...
Propagate constant arrays and scalars deeper down call chain.
Use sp_256_mont_mul_10 to implement sp_256_mont_sqr_10.
function old new delta
sp_256_mont_mul_10 - 214 +214
sp_256_mont_reduce_10 - 178 +178
sp_256_mont_sqr_10 - 7 +7
static.sp_256_mont_reduce_10 178 - -178
static.sp_256_mont_mul_10 214 - -214
static.sp_256_mont_sqr_10 234 - -234
------------------------------------------------------------------------------
(add/remove: 3/3 grow/shrink: 0/0 up/down: 399/-626) Total: -227 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 13:39:33 +02:00
Denys Vlasenko
e730505034
tls: P256 code shrink
...
function old new delta
sp_256_to_bin_10 - 120 +120
sp_256_from_bin_10 - 119 +119
sp_256_proj_point_dbl_10 446 443 -3
curve_P256_compute_pubkey_and_premaster 191 186 -5
sp_256_point_from_bin2x32 62 50 -12
sp_256_to_bin 120 - -120
static.sp_256_from_bin 149 - -149
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 0/3 up/down: 239/-289) Total: -50 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-05 13:32:04 +02:00
Denys Vlasenko
7714518f1a
tls: code shrink P256 code
...
function old new delta
sp_256_to_bin 148 120 -28
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-10-01 13:51:39 +02:00
Denys Vlasenko
ac36e70074
tls: remove unused define
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-09-30 00:03:23 +02:00
Denys Vlasenko
81f9a0035b
tls: tweak sp_256_ecc_gen_k_10 for smaller code
...
function old new delta
curve_P256_compute_pubkey_and_premaster 194 191 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 18:48:43 +02:00
Denys Vlasenko
840ae69615
tls: shrink sp_256_mod_mul_norm_10 more
...
function old new delta
sp_256_mod_mul_norm_10 1439 1305 -134
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 13:32:19 +02:00
Denys Vlasenko
646e856294
tls: shrink sp_256_mod_mul_norm_10
...
function old new delta
sp_256_mod_mul_norm_10 1439 1405 -34
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 13:09:44 +02:00
Denys Vlasenko
48a18d15df
tls: shrink p256_base more
...
function old new delta
static.p256_base_bin - 64 +64
sp_256_point_from_bin2x32 - 62 +62
static.base_y 40 - -40
static.base_x 40 - -40
curve_P256_compute_pubkey_and_premaster 291 194 -97
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 0/1 up/down: 126/-177) Total: -51 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 12:24:21 +02:00
Denys Vlasenko
39a3ef51b5
tls: shrink p256_base
...
function old new delta
curve_P256_compute_pubkey_and_premaster 196 291 +95
static.base_y - 40 +40
static.base_x - 40 +40
p256_base 244 - -244
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 1/0 up/down: 175/-244) Total: -69 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 01:32:05 +02:00
Denys Vlasenko
a2bc52dd44
tls: reorder P256 functions to make more sense
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 01:21:26 +02:00
Denys Vlasenko
e52e43c72f
tls: whitespace fixes
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-27 00:40:40 +02:00
Denys Vlasenko
9a40be433d
tls: get rid of constant-time add/sub operations
...
function old new delta
sp_256_sub_10 - 22 +22
static.sp_256_mont_reduce_10 176 178 +2
sp_256_mod_mul_norm_10 1440 1439 -1
sp_256_proj_point_dbl_10 453 446 -7
sp_256_ecc_mulmod_10 1229 1216 -13
static.sp_256_mont_sub_10 52 30 -22
static.sp_256_cond_sub_10 32 - -32
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/4 up/down: 24/-75) Total: -51 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 21:58:04 +02:00
Denys Vlasenko
120401249a
tls: fix whitespace in P256 code
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 20:24:34 +02:00
Denys Vlasenko
93b886f54b
tls: shrink sp_256_mont_inv_10
...
function old new delta
sp_256_ecc_mulmod_10 1237 1251 +14
p256_mod_2 32 - -32
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/0 up/down: 14/-32) Total: -18 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 18:05:53 +02:00
Denys Vlasenko
6381f3d4f6
tls: stop passing temporary buffer address in P256 code
...
function old new delta
sp_256_proj_point_dbl_10 435 453 +18
sp_256_ecc_mulmod_10 1300 1237 -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 18/-63) Total: -45 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 17:41:43 +02:00
Denys Vlasenko
772e18775e
tls: shrink sp_256_proj_point_dbl_10
...
function old new delta
sp_256_ecc_mulmod_10 1329 1300 -29
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 17:25:27 +02:00
Denys Vlasenko
b3b1713a58
tls: in P256 replace constant-time compares with usual ones
...
function old new delta
sp_256_cmp_10 - 24 +24
sp_256_ecc_mulmod_10 1332 1329 -3
sp_256_cmp_equal_10 30 - -30
static.sp_256_cmp_10 43 - -43
------------------------------------------------------------------------------
(add/remove: 1/2 grow/shrink: 0/1 up/down: 24/-76) Total: -52 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 16:53:53 +02:00
Denys Vlasenko
4d3a5c135c
tls: simplify sp_256_proj_point_dbl_10
...
function old new delta
sp_256_proj_point_dbl_10 490 435 -55
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 15:21:38 +02:00
Denys Vlasenko
03ab2a90bb
tls: simplify array manipulations in sp_256_ecc_mulmod_10
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 14:55:46 +02:00
Denys Vlasenko
166363f47d
tls: get rid of address obfuscation trick in P256
...
function old new delta
addr_mask 8 - -8
sp_256_ecc_mulmod_10 1363 1330 -33
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/1 up/down: 0/-41) Total: -41 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 14:40:21 +02:00
Denys Vlasenko
074b33bf16
tls: simplify sp_256_ecc_gen_k_10, cosmetic changes
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 14:33:38 +02:00
Denys Vlasenko
f18a1fd6f3
tls: implement secp256r1 elliptic curve (aka P256)
...
function old new delta
sp_256_mod_mul_norm_10 - 1439 +1439
sp_256_ecc_mulmod_10 - 1363 +1363
sp_256_proj_point_dbl_10 - 490 +490
p256_base - 244 +244
static.sp_256_mont_sqr_10 - 234 +234
static.sp_256_mont_mul_10 - 214 +214
curve_P256_compute_pubkey_and_premaster - 197 +197
static.sp_256_mont_reduce_10 - 176 +176
static.sp_256_from_bin - 149 +149
sp_256_to_bin - 148 +148
tls_handshake 2046 2146 +100
static.sp_256_mul_add_10 - 82 +82
.rodata 103275 103336 +61
static.sp_256_mont_sub_10 - 52 +52
static.sp_256_mont_dbl_10 - 52 +52
static.sp_256_cmp_10 - 43 +43
p256_mod - 40 +40
static.sp_256_cond_sub_10 - 32 +32
p256_mod_2 - 32 +32
sp_256_norm_10 - 31 +31
sp_256_cmp_equal_10 - 30 +30
sp_256_add_10 - 22 +22
addr_mask - 8 +8
------------------------------------------------------------------------------
(add/remove: 22/0 grow/shrink: 2/0 up/down: 5239/0) Total: 5239 bytes
text data bss dec hex filename
1018192 559 5020 1023771 f9f1b busybox_old
1023431 559 5020 1029010 fb392 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-04-26 13:30:09 +02:00