1 /*******************************************************************************
2 * Copyright 2010-2018 Intel Corporation
3 * All Rights Reserved.
4 *
5 * If this software was obtained under the Intel Simplified Software License,
6 * the following terms apply:
7 *
8 * The source code, information and material ("Material") contained herein is
9 * owned by Intel Corporation or its suppliers or licensors, and title to such
10 * Material remains with Intel Corporation or its suppliers or licensors. The
11 * Material contains proprietary information of Intel or its suppliers and
12 * licensors. The Material is protected by worldwide copyright laws and treaty
13 * provisions. No part of the Material may be used, copied, reproduced,
14 * modified, published, uploaded, posted, transmitted, distributed or disclosed
15 * in any way without Intel's prior express written permission. No license under
16 * any patent, copyright or other intellectual property rights in the Material
17 * is granted to or conferred upon you, either expressly, by implication,
18 * inducement, estoppel or otherwise. Any license under such intellectual
19 * property rights must be express and approved by Intel in writing.
20 *
21 * Unless otherwise agreed by Intel in writing, you may not remove or alter this
22 * notice or any other notice embedded in Materials by Intel or Intel's
23 * suppliers or licensors in any way.
24 *
25 *
26 * If this software was obtained under the Apache License, Version 2.0 (the
27 * "License"), the following terms apply:
28 *
29 * You may not use this file except in compliance with the License. You may
30 * obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
31 *
32 *
33 * Unless required by applicable law or agreed to in writing, software
34 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
35 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
36 *
37 * See the License for the specific language governing permissions and
38 * limitations under the License.
39 *******************************************************************************/
40
41 /*
42 // Intel(R) Integrated Performance Primitives. Cryptography Primitives.
43 // Internal operations over GF(p) extension.
44 //
45 // Context:
46 // cpGFpxExp()
47 //
48 */
49
50 #include "owncp.h"
51 #include "pcpbnumisc.h"
52 #include "pcpgfpxstuff.h"
53 #include "gsscramble.h"
54
55 //tbcd: temporary excluded: #include <assert.h>
56
div_upper(int a,int d)57 static int div_upper(int a, int d)
58 { return (a+d-1)/d; }
59
60
61 #if defined(_IPP_OWN_DBG_)
62
63 #include <stdio.h>
64 //#define _IPP_OWN_DBG_
printBNU(const char * note,Ipp64u * pData,int len,int nt)65 static void printBNU(const char* note, Ipp64u* pData, int len, int nt)
66 {
67 int n, k;
68
69 if(note)
70 printf("%s", note);
71
72 for(n=0, k=0; n<len; n++) {
73 Ipp64u x = pData[n];
74 printf("%016I64x ", x);
75 k++;
76 if(k==nt) {
77 printf("\n");
78 k = 0;
79 }
80 }
81 printf("\n");
82 }
83
84 #endif /* #if defined(_IPP_OWN_DBG_) */
85
86
87 /* sscm version */
cpGFpxExp(BNU_CHUNK_T * pR,const BNU_CHUNK_T * pA,const BNU_CHUNK_T * pE,int nsE,gsModEngine * pGFEx,Ipp8u * pScratchBuffer)88 BNU_CHUNK_T* cpGFpxExp(BNU_CHUNK_T* pR, const BNU_CHUNK_T* pA, const BNU_CHUNK_T* pE, int nsE,
89 gsModEngine* pGFEx, Ipp8u* pScratchBuffer)
90 {
91 gsModEngine* pBasicGFE = cpGFpBasic(pGFEx);
92
93 /* remove leding zeros */
94 FIX_BNU(pE, nsE);
95
96 {
97 mod_mul mulF = GFP_METHOD(pGFEx)->mul; /* mul and sqr methods */
98 mod_sqr sqrF = GFP_METHOD(pGFEx)->sqr;
99
100 BNU_CHUNK_T* pScratchAligned; /* aligned scratch buffer */
101 int nAllocation = 0; /* points from the pool */
102
103 /* size of element */
104 int elmLen = GFP_FELEN(pGFEx);
105
106 /* exponent bitsize */
107 int expBitSize = BITSIZE_BNU(pE, nsE);
108 /* optimal size of window */
109 int w = (NULL==pScratchBuffer)? 1 : cpGFpGetOptimalWinSize(expBitSize);
110 /* number of table entries */
111 int nPrecomputed = 1<<w;
112
113 int poolElmLen = GFP_PELEN(pGFEx);
114 BNU_CHUNK_T* pExpandedE = cpGFpGetPool(1, pGFEx);
115 BNU_CHUNK_T* pTmp = cpGFpGetPool(1, pGFEx);
116 //tbcd: temporary excluded: assert(NULL!=pExpandedE && NULL!=pTmp);
117
118 if(NULL==pScratchBuffer) {
119 nAllocation = 2 + div_upper(CACHE_LINE_SIZE, poolElmLen*sizeof(BNU_CHUNK_T));
120 pScratchBuffer = (Ipp8u*)cpGFpGetPool(nAllocation, pGFEx);
121 //tbcd: temporary excluded: assert(NULL!=pScratchBuffer);
122 }
123 pScratchAligned = (BNU_CHUNK_T*)( IPP_ALIGNED_PTR(pScratchBuffer, CACHE_LINE_SIZE) );
124
125 #if defined(_IPP_OWN_DBG_)
126 printf("precom tbl:\n");
127 #endif
128 /* pre-compute auxiliary table t[] = {A^0, A^1, A^2, ..., A^(2^w-1)} */
129 cpGFpElementCopyPadd(pTmp, elmLen, GFP_MNT_R(pBasicGFE), GFP_FELEN(pBasicGFE));
130 //cpScramblePut(pScratchAligned+0, nPrecomputed, (Ipp8u*)pTmp, elmDataSize);
131 gsScramblePut(pScratchAligned, 0, pTmp, elmLen, w);
132 #if defined(_IPP_OWN_DBG_)
133 printBNU("precom tbl:\n", pTmp, 48, 6);
134 #endif
135
136 { /* pre compute multiplication table */
137 int n;
138 for(n=1; n<nPrecomputed; n++) {
139 mulF(pTmp, pTmp, pA, pGFEx);
140 //cpScramblePut(pScratchAligned+n, nPrecomputed, (Ipp8u*)pTmp, elmDataSize);
141 gsScramblePut(pScratchAligned, n, pTmp, elmLen, w);
142 #if defined(_IPP_OWN_DBG_)
143 printBNU("precom tbl:\n", pTmp, 48, 6);
144 #endif
145 }
146 }
147
148 {
149 /* copy exponent value */
150 cpGFpElementCopy(pExpandedE, pE, nsE);
151
152 /* expand exponent value */
153 ((Ipp32u*)pExpandedE)[BITS2WORD32_SIZE(expBitSize)] = 0;
154 expBitSize = ((expBitSize+w-1)/w)*w;
155
156 #if defined(_IPP_OWN_DBG_)
157 printf("\nexponentiation:\n");
158 #endif
159 /*
160 // exponentiation
161 */
162 {
163 /* digit mask */
164 BNU_CHUNK_T dmask = nPrecomputed-1;
165
166 /* position (bit number) of the leftmost window */
167 int wPosition = expBitSize-w;
168
169 /* extract leftmost window value */
170 Ipp32u eChunk = *((Ipp32u*)((Ipp16u*)pExpandedE+ wPosition/BITSIZE(Ipp16u)));
171 int shift = wPosition & 0xF;
172 Ipp32u windowVal = (eChunk>>shift) & dmask;
173
174 /* initialize result */
175 //cpScrambleGet((Ipp8u*)pR, elmDataSize, pScratchAligned+windowVal, nPrecomputed);
176 gsScrambleGet_sscm(pR, elmLen, pScratchAligned, windowVal, w);
177 #if defined(_IPP_OWN_DBG_)
178 printBNU("init result:\n", pR, 48, 6);
179 #endif
180
181 for(wPosition-=w; wPosition>=0; wPosition-=w) {
182 int k;
183 #if defined(_IPP_OWN_DBG_)
184 printf("\nwPosition=%d\n", wPosition);
185 #endif
186 /* w times squaring */
187 for(k=0; k<w; k++) {
188 sqrF(pR, pR, pGFEx);
189 #if defined(_IPP_OWN_DBG_)
190 printBNU("sqr:\n", pR, 48, 6);
191 #endif
192 }
193
194 /* extract next window value */
195 eChunk = *((Ipp32u*)((Ipp16u*)pExpandedE+ wPosition/BITSIZE(Ipp16u)));
196 shift = wPosition & 0xF;
197 windowVal = (eChunk>>shift) & dmask;
198
199 /* extract value from the pre-computed table */
200 //cpScrambleGet((Ipp8u*)pTmp, elmDataSize, pScratchAligned+windowVal, nPrecomputed);
201 gsScrambleGet_sscm(pTmp, elmLen, pScratchAligned, windowVal, w);
202
203 /* and multiply */
204 mulF(pR, pR, pTmp, pGFEx);
205 #if defined(_IPP_OWN_DBG_)
206 printBNU("mul:\n", pR, 48, 6);
207 #endif
208 }
209 }
210
211 }
212
213 cpGFpReleasePool(nAllocation+2, pGFEx);
214
215 return pR;
216 }
217 }
218