Browse Source
precompute/precomputed sm works. needs demagication. slight perf regression in this build for some reason?
master
Mike Hamburg
10 years ago
5 changed files with 73 additions and 17 deletions
Unified View
Diff Options
-
+11 -1Makefile
-
+2 -2include/decaf.h
-
+7 -2src/decaf.c
-
+9 -12src/decaf_fast.c
-
+44 -0src/decaf_gen_tables.c
+ 11
- 1
Makefile
View File
| @@ -70,7 +70,7 @@ LIBCOMPONENTS= build/goldilocks.o build/barrett_field.o build/crandom.o \ | |||||
| build/$(FIELD).o build/ec_point.o build/scalarmul.o build/sha512.o build/magic.o \ | build/$(FIELD).o build/ec_point.o build/scalarmul.o build/sha512.o build/magic.o \ | ||||
| build/f_arithmetic.o build/arithmetic.o | build/f_arithmetic.o build/arithmetic.o | ||||
| DECAFCOMPONENTS= build/$(DECAF).o build/shake.o build/decaf_crypto.o | |||||
| DECAFCOMPONENTS= build/$(DECAF).o build/shake.o build/decaf_crypto.o build/decaf_tables.o | |||||
| TESTCOMPONENTS=build/test.o build/test_scalarmul.o build/test_sha512.o \ | TESTCOMPONENTS=build/test.o build/test_scalarmul.o build/test_sha512.o \ | ||||
| build/test_pointops.o build/test_arithmetic.o build/test_goldilocks.o build/magic.o \ | build/test_pointops.o build/test_arithmetic.o build/test_goldilocks.o build/magic.o \ | ||||
| @@ -113,6 +113,7 @@ else | |||||
| ln -sf `basename $@` build/goldilocks.so.1 | ln -sf `basename $@` build/goldilocks.so.1 | ||||
| endif | endif | ||||
| build/decaf.so: $(DECAFCOMPONENTS) | build/decaf.so: $(DECAFCOMPONENTS) | ||||
| rm -f $@ | rm -f $@ | ||||
| ifeq ($(UNAME),Darwin) | ifeq ($(UNAME),Darwin) | ||||
| @@ -131,6 +132,15 @@ build/timestamp: | |||||
| build/%.o: build/%.s | build/%.o: build/%.s | ||||
| $(ASM) $(ASFLAGS) -c -o $@ $< | $(ASM) $(ASFLAGS) -c -o $@ $< | ||||
| build/decaf_gen_tables: build/decaf_gen_tables.o build/$(DECAF).o build/$(FIELD).o build/f_arithmetic.o | |||||
| $(LD) $(LDFLAGS) -o $@ $^ | |||||
| build/decaf_tables.c: build/decaf_gen_tables | |||||
| ./$< > $@ | |||||
| build/decaf_tables.s: build/decaf_tables.c $(HEADERS) | |||||
| $(CC) $(CFLAGS) -S -c -o $@ $< | |||||
| build/%.s: src/%.c $(HEADERS) | build/%.s: src/%.c $(HEADERS) | ||||
| $(CC) $(CFLAGS) -S -c -o $@ $< | $(CC) $(CFLAGS) -S -c -o $@ $< | ||||
+ 2
- 2
include/decaf.h
View File
| @@ -359,7 +359,7 @@ decaf_bool_t decaf_448_direct_scalarmul ( | |||||
| * @param [in] b Any point. | * @param [in] b Any point. | ||||
| */ | */ | ||||
| void decaf_448_precompute ( | void decaf_448_precompute ( | ||||
| struct decaf_448_precomputed_s *a, | |||||
| decaf_448_precomputed_s *a, | |||||
| const decaf_448_point_t b | const decaf_448_point_t b | ||||
| ) API_VIS NONNULL2; | ) API_VIS NONNULL2; | ||||
| @@ -376,7 +376,7 @@ void decaf_448_precompute ( | |||||
| */ | */ | ||||
| void decaf_448_precomputed_scalarmul ( | void decaf_448_precomputed_scalarmul ( | ||||
| decaf_448_point_t scaled, | decaf_448_point_t scaled, | ||||
| const struct decaf_448_precomputed_s *base, | |||||
| const decaf_448_precomputed_s *base, | |||||
| const decaf_448_scalar_t scalar | const decaf_448_scalar_t scalar | ||||
| ) API_VIS NONNULL3; | ) API_VIS NONNULL3; | ||||
+ 7
- 2
src/decaf.c
View File
| @@ -89,8 +89,13 @@ struct decaf_448_precomputed_s { | |||||
| decaf_448_point_t p[1]; | decaf_448_point_t p[1]; | ||||
| }; | }; | ||||
| const struct decaf_448_precomputed_s *decaf_448_precomputed_base = | |||||
| (const struct decaf_448_precomputed_s *)decaf_448_point_base; | |||||
| /* FIXME: restore */ | |||||
| // const struct decaf_448_precomputed_s *decaf_448_precomputed_base = | |||||
| // (const struct decaf_448_precomputed_s *)decaf_448_point_base; | |||||
| extern const decaf_word_t decaf_448_precomputed_base_as_words[]; | |||||
| const decaf_448_precomputed_s *decaf_448_precomputed_base = | |||||
| (const decaf_448_precomputed_s *) &decaf_448_precomputed_base_as_words; | |||||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(struct decaf_448_precomputed_s); | const size_t sizeof_decaf_448_precomputed_s = sizeof(struct decaf_448_precomputed_s); | ||||
| const size_t alignof_decaf_448_precomputed_s = 32; | const size_t alignof_decaf_448_precomputed_s = 32; | ||||
+ 9
- 12
src/decaf_fast.c
View File
| @@ -15,6 +15,7 @@ | |||||
| /* TODO REMOVE */ | /* TODO REMOVE */ | ||||
| #include "constant_time.h" | #include "constant_time.h" | ||||
| #include <stdio.h> | |||||
| #define WBITS DECAF_WORD_BITS | #define WBITS DECAF_WORD_BITS | ||||
| @@ -94,10 +95,11 @@ typedef struct { gf a, b, c; } niels_s, niels_t[1]; | |||||
| typedef struct { niels_t n; gf z; } pniels_s, pniels_t[1]; | typedef struct { niels_t n; gf z; } pniels_s, pniels_t[1]; | ||||
| struct decaf_448_precomputed_s { niels_t table [5<<4]; /* MAGIC */ }; | struct decaf_448_precomputed_s { niels_t table [5<<4]; /* MAGIC */ }; | ||||
| const struct decaf_448_precomputed_s decaf_448_precomputed_base_s, | |||||
| *decaf_448_precomputed_base = &decaf_448_precomputed_base_s; | |||||
| extern const decaf_word_t decaf_448_precomputed_base_as_words[]; | |||||
| const decaf_448_precomputed_s *decaf_448_precomputed_base = | |||||
| (const decaf_448_precomputed_s *) &decaf_448_precomputed_base_as_words; | |||||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(struct decaf_448_precomputed_s); | |||||
| const size_t sizeof_decaf_448_precomputed_s = sizeof(decaf_448_precomputed_s); | |||||
| const size_t alignof_decaf_448_precomputed_s = 32; | const size_t alignof_decaf_448_precomputed_s = 32; | ||||
| #if (defined(__OPTIMIZE__) && !defined(__OPTIMIZE_SIZE__)) || defined(DECAF_FORCE_UNROLL) | #if (defined(__OPTIMIZE__) && !defined(__OPTIMIZE_SIZE__)) || defined(DECAF_FORCE_UNROLL) | ||||
| @@ -1021,7 +1023,7 @@ void gf_batch_invert ( | |||||
| void | void | ||||
| decaf_448_precompute ( | decaf_448_precompute ( | ||||
| struct decaf_448_precomputed_s *table, | |||||
| decaf_448_precomputed_s *table, | |||||
| const decaf_448_point_t base | const decaf_448_point_t base | ||||
| ) { | ) { | ||||
| const int n = 5, t = 5, s = 18; // TODO MAGIC | const int n = 5, t = 5, s = 18; // TODO MAGIC | ||||
| @@ -1095,14 +1097,11 @@ decaf_448_precompute ( | |||||
| void decaf_448_precomputed_scalarmul ( | void decaf_448_precomputed_scalarmul ( | ||||
| decaf_448_point_t out, | decaf_448_point_t out, | ||||
| const struct decaf_448_precomputed_s *table, | |||||
| const decaf_448_precomputed_s *table, | |||||
| const decaf_448_scalar_t scalar | const decaf_448_scalar_t scalar | ||||
| ) { | ) { | ||||
| unsigned int i,j,k; | unsigned int i,j,k; | ||||
| const int n = 5, t = 5, s = 18, nbits = 450; // TODO MAGIC | |||||
| unsigned int scalar2_words = (nbits + WBITS - 1)/WBITS; | |||||
| if (scalar2_words < SCALAR_WORDS) scalar2_words = SCALAR_WORDS; | |||||
| const int n = 5, t = 5, s = 18; // TODO MAGIC | |||||
| decaf_448_scalar_t scalar2, onehalf = {{{0}}}, two = {{{2}}}, arrr; | decaf_448_scalar_t scalar2, onehalf = {{{0}}}, two = {{{2}}}, arrr; | ||||
| onehalf->limb[SCALAR_WORDS-1] = 1ull<<(WBITS-1); | onehalf->limb[SCALAR_WORDS-1] = 1ull<<(WBITS-1); | ||||
| @@ -1125,7 +1124,7 @@ void decaf_448_precomputed_scalarmul ( | |||||
| for (k=0; k<t; k++) { | for (k=0; k<t; k++) { | ||||
| unsigned int bit = (s-1-i) + k*s + j*(s*t); | unsigned int bit = (s-1-i) + k*s + j*(s*t); | ||||
| if (bit < scalar2_words * WBITS) { | |||||
| if (bit < SCALAR_WORDS * WBITS) { | |||||
| tab |= (scalar2->limb[bit/WBITS] >> (bit%WBITS) & 1) << k; | tab |= (scalar2->limb[bit/WBITS] >> (bit%WBITS) & 1) << k; | ||||
| } | } | ||||
| } | } | ||||
| @@ -1138,10 +1137,8 @@ void decaf_448_precomputed_scalarmul ( | |||||
| cond_neg_niels(ni, invert); | cond_neg_niels(ni, invert); | ||||
| if (i||j) { | if (i||j) { | ||||
| add_niels_to_pt(out, ni, j==n-1 && i<s-1); | add_niels_to_pt(out, ni, j==n-1 && i<s-1); | ||||
| assert(decaf_point_valid(out)); | |||||
| } else { | } else { | ||||
| niels_to_pt(out, ni); | niels_to_pt(out, ni); | ||||
| assert(decaf_point_valid(out)); | |||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
+ 44
- 0
src/decaf_gen_tables.c
View File
| @@ -0,0 +1,44 @@ | |||||
| /* Copyright (c) 2015 Cryptography Research, Inc. | |||||
| * Released under the MIT License. See LICENSE.txt for license information. | |||||
| */ | |||||
| /** | |||||
| * @file decaf_precompute.c | |||||
| * @author Mike Hamburg | |||||
| * @brief Decaf global constant table precomputation. | |||||
| */ | |||||
| #define _XOPEN_SOURCE 600 /* for posix_memalign */ | |||||
| #include <stdio.h> | |||||
| #include <stdlib.h> | |||||
| #include "decaf.h" | |||||
| const decaf_word_t decaf_448_precomputed_base_as_words[1]; /* To satisfy linker. */ | |||||
| int main(int argc, char **argv) { | |||||
| (void)argc; (void)argv; | |||||
| decaf_448_precomputed_s *pre; | |||||
| posix_memalign((void**)&pre, alignof_decaf_448_precomputed_s, sizeof_decaf_448_precomputed_s); | |||||
| if (!pre) return 1; | |||||
| decaf_448_precompute(pre, decaf_448_point_base); | |||||
| const decaf_word_t *output = (const decaf_word_t *)pre; | |||||
| unsigned i; | |||||
| printf("/** @warning: this file was automatically generated. */\n"); | |||||
| printf("#include \"decaf.h\"\n\n"); | |||||
| printf("const decaf_word_t decaf_448_precomputed_base_as_words[%d]\n", | |||||
| (int)(sizeof_decaf_448_precomputed_s / sizeof(decaf_word_t))); | |||||
| printf("__attribute__((aligned(%d))) = {\n ", (int)alignof_decaf_448_precomputed_s); | |||||
| for (i=0; i < sizeof_decaf_448_precomputed_s; i+=sizeof(decaf_word_t)) { | |||||
| if (i && (i%8==0)) printf(",\n "); | |||||
| else if (i) printf(", "); | |||||
| printf("0x%0*llxull", (int)sizeof(decaf_word_t)*2, (unsigned long long)*output ); | |||||
| output++; | |||||
| } | |||||
| printf("\n};\n"); | |||||
| return 0; | |||||
| } | |||||