Improve performance of SP Intel 64-bit asm

RSA: Only constant time copy out when doing private key op Improve performance of sp_count_bits
2020-01-30 12:23:38 +10:00 · 2020-01-30 12:23:38 +10:00 · 81bebd8e5c
parent 695b126a1c
commit 81bebd8e5c
4 changed files with 4248 additions and 2260 deletions
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@ -2951,19 +2951,23 @@ static int RsaPrivateDecryptEx(byte* in, word32 inLen, byte* out,
            /* only copy output if not inline */
            if (outPtr == NULL) {
 #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)
-                word32 i, j;
+                if (rsa_type == RSA_PRIVATE_DECRYPT) {
-                int start = (int)((size_t)pad - (size_t)key->data);
+                    word32 i, j;
                    int start = (int)((size_t)pad - (size_t)key->data);
-                for (i = 0, j = 0; j < key->dataLen; j++) {
+                    for (i = 0, j = 0; j < key->dataLen; j++) {
-                    out[i] = key->data[j];
+                        out[i] = key->data[j];
-                    c  = ctMaskGTE(j, start);
+                        c  = ctMaskGTE(j, start);
-                    c &= ctMaskLT(i, outLen);
+                        c &= ctMaskLT(i, outLen);
-                    /* 0 - no add, -1 add */
+                        /* 0 - no add, -1 add */
-                    i += (word32)((byte)(-c));
+                        i += (word32)((byte)(-c));
                    }
                }
-#else
+                else
                XMEMCPY(out, pad, ret);
 #endif
                {
                    XMEMCPY(out, pad, ret);
                }
            }
            else
                *outPtr = pad;
--- a/wolfcrypt/src/sp_int.c
+++ b/wolfcrypt/src/sp_int.c
@ -306,10 +306,19 @@ int sp_count_bits(sp_int* a)
        r = 0;
    else {
        d = a->dp[r];
-        r *= DIGIT_BIT;
+        r *= SP_WORD_SIZE;
-        while (d != 0) {
+        if (d >= (1L << (SP_WORD_SIZE / 2))) {
-            r++;
+            r += SP_WORD_SIZE;
-            d >>= 1;
+            while ((d & (1L << (SP_WORD_SIZE - 1))) == 0) {
                r--;
                d <<= 1;
            }
        }
        else {
            while (d != 0) {
                r++;
                d >>= 1;
            }
        }
    }
--- a/wolfcrypt/src/sp_x86_64.c
+++ b/wolfcrypt/src/sp_x86_64.c
--- a/wolfcrypt/src/sp_x86_64_asm.S
+++ b/wolfcrypt/src/sp_x86_64_asm.S