884086e0e2
Now that we have 64-bit C code, courtesy of fiat-crypto, the tradeoff for carrying the assembly changes: Assembly: Did 16000 Curve25519 base-point multiplication operations in 1059932us (15095.3 ops/sec) Did 16000 Curve25519 arbitrary point multiplication operations in 1060023us (15094.0 ops/sec) fiat64: Did 39000 Curve25519 base-point multiplication operations in 1004712us (38817.1 ops/sec) Did 14000 Curve25519 arbitrary point multiplication operations in 1006827us (13905.1 ops/sec) The assembly is still about 9% faster than fiat64, but fiat64 gets to use the Ed25519 tables for the base point multiplication, so overall it is actually faster to disable the assembly: >>> 1/(1/15094.0 + 1/15095.3) 7547.324986004976 >>> 1/(1/38817.1 + 1/13905.1) 10237.73016319501 (At the cost of touching a 30kB table.) The assembly implementation is no longer pulling its weight. Remove it and use the fiat code in all build configurations. Change-Id: Id736873177d5568bb16ea06994b9fcb1af104e33 Reviewed-on: https://boringssl-review.googlesource.com/25524 Reviewed-by: Adam Langley <agl@google.com>
20 lines
222 B
CMake
20 lines
222 B
CMake
include_directories(../../include)
|
|
|
|
if (${ARCH} STREQUAL "arm")
|
|
set(
|
|
CURVE25519_ARCH_SOURCES
|
|
|
|
asm/x25519-asm-arm.S
|
|
)
|
|
endif()
|
|
|
|
add_library(
|
|
curve25519
|
|
|
|
OBJECT
|
|
|
|
spake25519.c
|
|
|
|
${CURVE25519_ARCH_SOURCES}
|
|
)
|