Loading CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.7 and 0.9.8 [xx XXX xxxx] *) In crypto/ec/ec_mult.c, implement fast point multiplication with precomputation, based one wNAF splitting: EC_GROUP_precompute_mult() will now compute a table of multiples of the generator that makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul faster (notably in the case of a single point multiplication, scalar * generator). [Nils Larsch, Bodo Moeller] *) IPv6 support for certificate extensions. The various extensions which use the IP:a.b.c.d can now take IPv6 addresses using the formats of RFC1884 2.2 . IPv6 addresses are now also displayed Loading apps/speed.c +3 −0 Original line number Diff line number Diff line Loading @@ -1933,6 +1933,9 @@ int MAIN(int argc, char **argv) } else { #if 1 EC_GROUP_precompute_mult(ecdsa[j]->group, NULL); #endif /* Perform ECDSA signature test */ EC_KEY_generate_key(ecdsa[j]); ret = ECDSA_sign(0, buf, 20, ecdsasig, Loading crypto/ec/ec.h +9 −7 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller for the OpenSSL project. */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -101,7 +101,7 @@ typedef struct ec_group_st -- field definition -- curve coefficients -- optional generator with associated information (order, cofactor) -- optional extra data (TODO: precomputed table for fast computation of multiples of generator) -- optional extra data (precomputed table for fast computation of multiples of generator) -- ASN1 stuff */ EC_GROUP; Loading Loading @@ -241,7 +241,11 @@ int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); /* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */ int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); /* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */ int EC_GROUP_have_precompute_mult(const EC_GROUP *); Loading Loading @@ -403,7 +407,6 @@ void ERR_load_EC_strings(void); #define EC_F_EC_GROUP_GET_CURVE_GF2M 172 #define EC_F_EC_GROUP_GET_CURVE_GFP 130 #define EC_F_EC_GROUP_GET_DEGREE 173 #define EC_F_EC_GROUP_GET_EXTRA_DATA 107 #define EC_F_EC_GROUP_GET_ORDER 141 #define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 #define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 Loading Loading @@ -444,6 +447,7 @@ void ERR_load_EC_strings(void); #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 #define EC_F_EC_POINT_SET_TO_INFINITY 127 #define EC_F_EC_PRE_COMP_DUP 207 #define EC_F_EC_WNAF_MUL 187 #define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 #define EC_F_GFP_MONT_GROUP_SET_CURVE 189 Loading @@ -462,7 +466,6 @@ void ERR_load_EC_strings(void); #define EC_R_GROUP2PKPARAMETERS_FAILURE 120 #define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 #define EC_R_INCOMPATIBLE_OBJECTS 101 #define EC_R_INTERNAL_ERROR 132 #define EC_R_INVALID_ARGUMENT 112 #define EC_R_INVALID_COMPRESSED_POINT 110 #define EC_R_INVALID_COMPRESSION_BIT 109 Loading @@ -478,7 +481,6 @@ void ERR_load_EC_strings(void); #define EC_R_NOT_IMPLEMENTED 126 #define EC_R_NOT_INITIALIZED 111 #define EC_R_NO_FIELD_MOD 133 #define EC_R_NO_SUCH_EXTRA_DATA 105 #define EC_R_PASSED_NULL_PARAMETER 134 #define EC_R_PKPARAMETERS2GROUP_FAILURE 127 #define EC_R_POINT_AT_INFINITY 106 Loading crypto/ec/ec2_mult.c +13 −9 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -326,9 +326,10 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } /* This implementation is more efficient than the wNAF implementation for 2 * or fewer points. Use the ec_wNAF_mul implementation for 3 or more points. * or fewer points. Use the ec_wNAF_mul implementation for 3 or more points, * or if we can perform a fast multiplication based on precomputation. */ if ((scalar && (num > 1)) || (num > 2)) if ((scalar && (num > 1)) || (num > 2) || (num == 0 && EC_GROUP_have_precompute_mult(group))) { ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); goto err; Loading Loading @@ -364,12 +365,15 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } /* Precomputation for point multiplication. */ /* Precomputation for point multiplication: fall back to wNAF methods * because ec_GF2m_simple_mul() uses ec_wNAF_mul() if appropriate */ int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { /* There is no precomputation to do for Montgomery scalar multiplication but * since this implementation falls back to the wNAF multiplication for more than * two points, call the wNAF implementation's precompute. */ return ec_wNAF_precompute_mult(group, ctx); } int ec_GF2m_have_precompute_mult(const EC_GROUP *group) { return ec_wNAF_have_precompute_mult(group); } crypto/ec/ec2_smpl.c +7 −3 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -99,13 +99,17 @@ const EC_METHOD *EC_GF2m_simple_method(void) ec_GF2m_simple_add, ec_GF2m_simple_dbl, ec_GF2m_simple_invert, ec_GF2m_simple_mul, ec_GF2m_precompute_mult, ec_GF2m_simple_is_at_infinity, ec_GF2m_simple_is_on_curve, ec_GF2m_simple_cmp, ec_GF2m_simple_make_affine, ec_GF2m_simple_points_make_affine, /* the following three method functions are defined in ec2_mult.c */ ec_GF2m_simple_mul, ec_GF2m_precompute_mult, ec_GF2m_have_precompute_mult, ec_GF2m_simple_field_mul, ec_GF2m_simple_field_sqr, ec_GF2m_simple_field_div, Loading Loading
CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.7 and 0.9.8 [xx XXX xxxx] *) In crypto/ec/ec_mult.c, implement fast point multiplication with precomputation, based one wNAF splitting: EC_GROUP_precompute_mult() will now compute a table of multiples of the generator that makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul faster (notably in the case of a single point multiplication, scalar * generator). [Nils Larsch, Bodo Moeller] *) IPv6 support for certificate extensions. The various extensions which use the IP:a.b.c.d can now take IPv6 addresses using the formats of RFC1884 2.2 . IPv6 addresses are now also displayed Loading
apps/speed.c +3 −0 Original line number Diff line number Diff line Loading @@ -1933,6 +1933,9 @@ int MAIN(int argc, char **argv) } else { #if 1 EC_GROUP_precompute_mult(ecdsa[j]->group, NULL); #endif /* Perform ECDSA signature test */ EC_KEY_generate_key(ecdsa[j]); ret = ECDSA_sign(0, buf, 20, ecdsasig, Loading
crypto/ec/ec.h +9 −7 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller for the OpenSSL project. */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -101,7 +101,7 @@ typedef struct ec_group_st -- field definition -- curve coefficients -- optional generator with associated information (order, cofactor) -- optional extra data (TODO: precomputed table for fast computation of multiples of generator) -- optional extra data (precomputed table for fast computation of multiples of generator) -- ASN1 stuff */ EC_GROUP; Loading Loading @@ -241,7 +241,11 @@ int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *); int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *); /* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */ int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); /* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */ int EC_GROUP_have_precompute_mult(const EC_GROUP *); Loading Loading @@ -403,7 +407,6 @@ void ERR_load_EC_strings(void); #define EC_F_EC_GROUP_GET_CURVE_GF2M 172 #define EC_F_EC_GROUP_GET_CURVE_GFP 130 #define EC_F_EC_GROUP_GET_DEGREE 173 #define EC_F_EC_GROUP_GET_EXTRA_DATA 107 #define EC_F_EC_GROUP_GET_ORDER 141 #define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 #define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 Loading Loading @@ -444,6 +447,7 @@ void ERR_load_EC_strings(void); #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 #define EC_F_EC_POINT_SET_TO_INFINITY 127 #define EC_F_EC_PRE_COMP_DUP 207 #define EC_F_EC_WNAF_MUL 187 #define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 #define EC_F_GFP_MONT_GROUP_SET_CURVE 189 Loading @@ -462,7 +466,6 @@ void ERR_load_EC_strings(void); #define EC_R_GROUP2PKPARAMETERS_FAILURE 120 #define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 #define EC_R_INCOMPATIBLE_OBJECTS 101 #define EC_R_INTERNAL_ERROR 132 #define EC_R_INVALID_ARGUMENT 112 #define EC_R_INVALID_COMPRESSED_POINT 110 #define EC_R_INVALID_COMPRESSION_BIT 109 Loading @@ -478,7 +481,6 @@ void ERR_load_EC_strings(void); #define EC_R_NOT_IMPLEMENTED 126 #define EC_R_NOT_INITIALIZED 111 #define EC_R_NO_FIELD_MOD 133 #define EC_R_NO_SUCH_EXTRA_DATA 105 #define EC_R_PASSED_NULL_PARAMETER 134 #define EC_R_PKPARAMETERS2GROUP_FAILURE 127 #define EC_R_POINT_AT_INFINITY 106 Loading
crypto/ec/ec2_mult.c +13 −9 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -326,9 +326,10 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } /* This implementation is more efficient than the wNAF implementation for 2 * or fewer points. Use the ec_wNAF_mul implementation for 3 or more points. * or fewer points. Use the ec_wNAF_mul implementation for 3 or more points, * or if we can perform a fast multiplication based on precomputation. */ if ((scalar && (num > 1)) || (num > 2)) if ((scalar && (num > 1)) || (num > 2) || (num == 0 && EC_GROUP_have_precompute_mult(group))) { ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); goto err; Loading Loading @@ -364,12 +365,15 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } /* Precomputation for point multiplication. */ /* Precomputation for point multiplication: fall back to wNAF methods * because ec_GF2m_simple_mul() uses ec_wNAF_mul() if appropriate */ int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { /* There is no precomputation to do for Montgomery scalar multiplication but * since this implementation falls back to the wNAF multiplication for more than * two points, call the wNAF implementation's precompute. */ return ec_wNAF_precompute_mult(group, ctx); } int ec_GF2m_have_precompute_mult(const EC_GROUP *group) { return ec_wNAF_have_precompute_mult(group); }
crypto/ec/ec2_smpl.c +7 −3 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * */ /* ==================================================================== * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -99,13 +99,17 @@ const EC_METHOD *EC_GF2m_simple_method(void) ec_GF2m_simple_add, ec_GF2m_simple_dbl, ec_GF2m_simple_invert, ec_GF2m_simple_mul, ec_GF2m_precompute_mult, ec_GF2m_simple_is_at_infinity, ec_GF2m_simple_is_on_curve, ec_GF2m_simple_cmp, ec_GF2m_simple_make_affine, ec_GF2m_simple_points_make_affine, /* the following three method functions are defined in ec2_mult.c */ ec_GF2m_simple_mul, ec_GF2m_precompute_mult, ec_GF2m_have_precompute_mult, ec_GF2m_simple_field_mul, ec_GF2m_simple_field_sqr, ec_GF2m_simple_field_div, Loading
