From c669159880c4b9564b8176c113e3c0778ca55851 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 24 Jul 2017 08:10:41 -0400 Subject: Use ModExp fast mode for Miller-Rabin tests. Trying to make RSA key generation run in constant time is probably both futile and unnecessary, so we can speed it up a bit by switching the ModExpA7 core to use "fast" mode rather than "constant time" mode. Sadly, while this change produces a measureable improvement, it doesn't bring FGPA ModExp anywhere near the speed of the software equivalent in this case. Don't really know why. --- rsa.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'rsa.c') diff --git a/rsa.c b/rsa.c index d2a7798..6fde683 100644 --- a/rsa.c +++ b/rsa.c @@ -207,10 +207,11 @@ static hal_error_t modexp(hal_core_t *core, msg = reduced_msg; } + const size_t msg_len = (fp_unsigned_bin_size(unconst_fp_int(msg)) + 3) & ~3; const size_t exp_len = (fp_unsigned_bin_size(unconst_fp_int(exp)) + 3) & ~3; const size_t mod_len = (fp_unsigned_bin_size(unconst_fp_int(mod)) + 3) & ~3; - uint8_t msgbuf[mod_len]; + uint8_t msgbuf[msg_len]; uint8_t expbuf[exp_len]; uint8_t modbuf[mod_len]; uint8_t resbuf[mod_len]; @@ -231,6 +232,7 @@ static hal_error_t modexp(hal_core_t *core, memset(msgbuf, 0, sizeof(msgbuf)); memset(expbuf, 0, sizeof(expbuf)); memset(modbuf, 0, sizeof(modbuf)); + memset(resbuf, 0, sizeof(resbuf)); return err; } -- cgit v1.2.3