Browse Source
precompute/precomputed sm works. needs demagication. slight perf regression in this build for some reason?
master
Mike Hamburg
10 years ago
5 changed files with 73 additions and 17 deletions
Split View
Diff Options
-
+11 -1Makefile
-
+2 -2include/decaf.h
-
+7 -2src/decaf.c
-
+9 -12src/decaf_fast.c
-
+44 -0src/decaf_gen_tables.c
+ 11
- 1
Makefile
View File
| @@ -70,7 +70,7 @@ LIBCOMPONENTS= build/goldilocks.o build/barrett_field.o build/crandom.o \ | |||
| build/$(FIELD).o build/ec_point.o build/scalarmul.o build/sha512.o build/magic.o \ | |||
| build/f_arithmetic.o build/arithmetic.o | |||
| DECAFCOMPONENTS= build/$(DECAF).o build/shake.o build/decaf_crypto.o | |||
| DECAFCOMPONENTS= build/$(DECAF).o build/shake.o build/decaf_crypto.o build/decaf_tables.o | |||
| TESTCOMPONENTS=build/test.o build/test_scalarmul.o build/test_sha512.o \ | |||
| build/test_pointops.o build/test_arithmetic.o build/test_goldilocks.o build/magic.o \ | |||
| @@ -113,6 +113,7 @@ else | |||
| ln -sf `basename $@` build/goldilocks.so.1 | |||
| endif | |||
| build/decaf.so: $(DECAFCOMPONENTS) | |||
| rm -f $@ | |||
| ifeq ($(UNAME),Darwin) | |||
| @@ -131,6 +132,15 @@ build/timestamp: | |||
| build/%.o: build/%.s | |||
| $(ASM) $(ASFLAGS) -c -o $@ $< | |||
| build/decaf_gen_tables: build/decaf_gen_tables.o build/$(DECAF).o build/$(FIELD).o build/f_arithmetic.o | |||
| $(LD) $(LDFLAGS) -o $@ $^ | |||
| build/decaf_tables.c: build/decaf_gen_tables | |||
| ./$< > $@ | |||
| build/decaf_tables.s: build/decaf_tables.c $(HEADERS) | |||
| $(CC) $(CFLAGS) -S -c -o $@ $< | |||
| build/%.s: src/%.c $(HEADERS) | |||
| $(CC) $(CFLAGS) -S -c -o $@ $< | |||
+ 2
- 2
include/decaf.h
View File
| @@ -359,7 +359,7 @@ decaf_bool_t decaf_448_direct_scalarmul ( | |||
| * @param [in] b Any point. | |||
| */ | |||
| void decaf_448_precompute ( | |||
| struct decaf_448_precomputed_s *a, | |||
| decaf_448_precomputed_s *a, | |||
| const decaf_448_point_t b | |||
| ) API_VIS NONNULL2; | |||
| @@ -376,7 +376,7 @@ void decaf_448_precompute ( | |||
| */ | |||
| void decaf_448_precomputed_scalarmul ( | |||
| decaf_448_point_t scaled, | |||
| const struct decaf_448_precomputed_s *base, | |||
| const decaf_448_precomputed_s *base, | |||
| const decaf_448_scalar_t scalar | |||
| ) API_VIS NONNULL3; | |||
+ 7
- 2
src/decaf.c
View File
| @@ -89,8 +89,13 @@ struct decaf_448_precomputed_s { | |||
| decaf_448_point_t p[1]; | |||
| }; | |||
| const struct decaf_448_precomputed_s *decaf_448_precomputed_base = | |||
| (const struct decaf_448_precomputed_s *)decaf_448_point_base; | |||
| /* FIXME: restore */ | |||
| // const struct decaf_448_precomputed_s *decaf_448_precomputed_base = | |||
| // (const struct decaf_448_precomputed_s *)decaf_448_point_base; | |||
| extern const decaf_word_t decaf_448_precomputed_base_as_words[]; | |||
| const decaf_448_precomputed_s *decaf_448_precomputed_base = | |||
| (const decaf_448_precomputed_s *) &decaf_448_precomputed_base_as_words; | |||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(struct decaf_448_precomputed_s); | |||
| const size_t alignof_decaf_448_precomputed_s = 32; | |||
+ 9
- 12
src/decaf_fast.c
View File
| @@ -15,6 +15,7 @@ | |||
| /* TODO REMOVE */ | |||
| #include "constant_time.h" | |||
| #include <stdio.h> | |||
| #define WBITS DECAF_WORD_BITS | |||
| @@ -94,10 +95,11 @@ typedef struct { gf a, b, c; } niels_s, niels_t[1]; | |||
| typedef struct { niels_t n; gf z; } pniels_s, pniels_t[1]; | |||
| struct decaf_448_precomputed_s { niels_t table [5<<4]; /* MAGIC */ }; | |||
| const struct decaf_448_precomputed_s decaf_448_precomputed_base_s, | |||
| *decaf_448_precomputed_base = &decaf_448_precomputed_base_s; | |||
| extern const decaf_word_t decaf_448_precomputed_base_as_words[]; | |||
| const decaf_448_precomputed_s *decaf_448_precomputed_base = | |||
| (const decaf_448_precomputed_s *) &decaf_448_precomputed_base_as_words; | |||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(struct decaf_448_precomputed_s); | |||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(decaf_448_precomputed_s); | |||
| const size_t alignof_decaf_448_precomputed_s = 32; | |||
| #if (defined(__OPTIMIZE__) && !defined(__OPTIMIZE_SIZE__)) || defined(DECAF_FORCE_UNROLL) | |||
| @@ -1021,7 +1023,7 @@ void gf_batch_invert ( | |||
| void | |||
| decaf_448_precompute ( | |||
| struct decaf_448_precomputed_s *table, | |||
| decaf_448_precomputed_s *table, | |||
| const decaf_448_point_t base | |||
| ) { | |||
| const int n = 5, t = 5, s = 18; // TODO MAGIC | |||
| @@ -1095,14 +1097,11 @@ decaf_448_precompute ( | |||
| void decaf_448_precomputed_scalarmul ( | |||
| decaf_448_point_t out, | |||
| const struct decaf_448_precomputed_s *table, | |||
| const decaf_448_precomputed_s *table, | |||
| const decaf_448_scalar_t scalar | |||
| ) { | |||
| unsigned int i,j,k; | |||
| const int n = 5, t = 5, s = 18, nbits = 450; // TODO MAGIC | |||
| unsigned int scalar2_words = (nbits + WBITS - 1)/WBITS; | |||
| if (scalar2_words < SCALAR_WORDS) scalar2_words = SCALAR_WORDS; | |||
| const int n = 5, t = 5, s = 18; // TODO MAGIC | |||
| decaf_448_scalar_t scalar2, onehalf = {{{0}}}, two = {{{2}}}, arrr; | |||
| onehalf->limb[SCALAR_WORDS-1] = 1ull<<(WBITS-1); | |||
| @@ -1125,7 +1124,7 @@ void decaf_448_precomputed_scalarmul ( | |||
| for (k=0; k<t; k++) { | |||
| unsigned int bit = (s-1-i) + k*s + j*(s*t); | |||
| if (bit < scalar2_words * WBITS) { | |||
| if (bit < SCALAR_WORDS * WBITS) { | |||
| tab |= (scalar2->limb[bit/WBITS] >> (bit%WBITS) & 1) << k; | |||
| } | |||
| } | |||
| @@ -1138,10 +1137,8 @@ void decaf_448_precomputed_scalarmul ( | |||
| cond_neg_niels(ni, invert); | |||
| if (i||j) { | |||
| add_niels_to_pt(out, ni, j==n-1 && i<s-1); | |||
| assert(decaf_point_valid(out)); | |||
| } else { | |||
| niels_to_pt(out, ni); | |||
| assert(decaf_point_valid(out)); | |||
| } | |||
| } | |||
| } | |||
+ 44
- 0
src/decaf_gen_tables.c
View File
| @@ -0,0 +1,44 @@ | |||
| /* Copyright (c) 2015 Cryptography Research, Inc. | |||
| * Released under the MIT License. See LICENSE.txt for license information. | |||
| */ | |||
| /** | |||
| * @file decaf_precompute.c | |||
| * @author Mike Hamburg | |||
| * @brief Decaf global constant table precomputation. | |||
| */ | |||
| #define _XOPEN_SOURCE 600 /* for posix_memalign */ | |||
| #include <stdio.h> | |||
| #include <stdlib.h> | |||
| #include "decaf.h" | |||
| const decaf_word_t decaf_448_precomputed_base_as_words[1]; /* To satisfy linker. */ | |||
| int main(int argc, char **argv) { | |||
| (void)argc; (void)argv; | |||
| decaf_448_precomputed_s *pre; | |||
| posix_memalign((void**)&pre, alignof_decaf_448_precomputed_s, sizeof_decaf_448_precomputed_s); | |||
| if (!pre) return 1; | |||
| decaf_448_precompute(pre, decaf_448_point_base); | |||
| const decaf_word_t *output = (const decaf_word_t *)pre; | |||
| unsigned i; | |||
| printf("/** @warning: this file was automatically generated. */\n"); | |||
| printf("#include \"decaf.h\"\n\n"); | |||
| printf("const decaf_word_t decaf_448_precomputed_base_as_words[%d]\n", | |||
| (int)(sizeof_decaf_448_precomputed_s / sizeof(decaf_word_t))); | |||
| printf("__attribute__((aligned(%d))) = {\n ", (int)alignof_decaf_448_precomputed_s); | |||
| for (i=0; i < sizeof_decaf_448_precomputed_s; i+=sizeof(decaf_word_t)) { | |||
| if (i && (i%8==0)) printf(",\n "); | |||
| else if (i) printf(", "); | |||
| printf("0x%0*llxull", (int)sizeof(decaf_word_t)*2, (unsigned long long)*output ); | |||
| output++; | |||
| } | |||
| printf("\n};\n"); | |||
| return 0; | |||
| } | |||