boringssl/crypto/fipsmodule/ec
David Benjamin 86c2b854b0 Don't use BN_nnmod to convert from field element to scalar.
Hasse's theorem implies at most one subtraction is necessary. This is
still using BIGNUM for now because field elements
(EC_POINT_get_affine_coordinates_GFp) are BIGNUMs.

This gives an additional 2% speedup for signing.

Before:
Did 16000 ECDSA P-224 signing operations in 1064799us (15026.3 ops/sec)
Did 19000 ECDSA P-256 signing operations in 1007839us (18852.2 ops/sec)
Did 1078 ECDSA P-384 signing operations in 1079413us (998.7 ops/sec)
Did 484 ECDSA P-521 signing operations in 1083616us (446.7 ops/sec)

After:
Did 16000 ECDSA P-224 signing operations in 1054918us (15167.1 ops/sec)
Did 20000 ECDSA P-256 signing operations in 1037338us (19280.1 ops/sec)
Did 1045 ECDSA P-384 signing operations in 1049073us (996.1 ops/sec)
Did 484 ECDSA P-521 signing operations in 1085492us (445.9 ops/sec)

Change-Id: I2bfe214f968eca7a8e317928c0f3daf1a14bca90
Reviewed-on: https://boringssl-review.googlesource.com/23076
Reviewed-by: Adam Langley <agl@google.com>
2017-11-22 22:51:53 +00:00
..
asm Revert ADX due to build issues. 2017-08-15 18:56:09 +00:00
ec_key.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
ec_montgomery.c Refcount EC_GROUP. 2017-10-27 17:48:27 +00:00
ec_test.cc Test that EC_POINT_mul works with the order. 2017-11-20 18:32:30 +00:00
ec.c Don't use BN_nnmod to convert from field element to scalar. 2017-11-22 22:51:53 +00:00
internal.h Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
oct.c Check EC_POINT/EC_GROUP compatibility more accurately. 2017-10-28 08:02:50 +00:00
p224-64.c Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
p256-64.c Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
p256-x86_64_test.cc Align the tables in P-256 select w[57] tests. 2017-08-09 01:04:57 +00:00
p256-x86_64_tests.txt
p256-x86_64-table.h Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
p256-x86_64.c Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
p256-x86_64.h Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
simple.c Remove unused function. 2017-11-20 18:32:44 +00:00
util-64.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
wnaf.c Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00