From 5d9408714ce21db2afb9b8d135398c6cff96e135 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Sat, 20 Jan 2018 09:15:11 -0500 Subject: [PATCH] Remove unnecessary window size cases. The optimization for wsize = 1 only kicks in for 19-bit primes. The cases for b >= 800 and cannot happen due to EC_MAX_SCALAR_BYTES. Change-Id: If5ca908563f027172cdf31c9a22342152fecd12f Reviewed-on: https://boringssl-review.googlesource.com/25145 Reviewed-by: Adam Langley --- crypto/fipsmodule/ec/wnaf.c | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/crypto/fipsmodule/ec/wnaf.c b/crypto/fipsmodule/ec/wnaf.c index d0a79f72..a1cff943 100644 --- a/crypto/fipsmodule/ec/wnaf.c +++ b/crypto/fipsmodule/ec/wnaf.c @@ -208,14 +208,6 @@ err: // sometimes smaller windows will give better performance // (thus the boundaries should be increased) static size_t window_bits_for_scalar_size(size_t b) { - if (b >= 2000) { - return 6; - } - - if (b >= 800) { - return 5; - } - if (b >= 300) { return 4; } @@ -369,15 +361,13 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, goto err; } - if (wsize > 1) { - if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) { + if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) { + goto err; + } + for (j = 1; j < ((size_t)1 << (wsize - 1)); j++) { + if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) { goto err; } - for (j = 1; j < ((size_t)1 << (wsize - 1)); j++) { - if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) { - goto err; - } - } } }