[openssl-dev] Partially- vs. full- reduced inputs to ecp_nistz256_neg
Andy Polyakov
appro at openssl.org
Sat Aug 20 10:06:29 UTC 2016
>> * Fix ecp_nistz256_mul_by_2 and ecp_nistz256_mul_by_3 to fully reduce
>> their outputs.
>>
>> * Fix ecp_nistz256_add to fully reduce its output.
>
> As for specifically addition see below. As for fixing mul_by_[23] and
> the fact that they use addition. There are two ways. a) Modify addition
> so that it *preserves* property of being fully reduced and leave
> mul_by_[23] as is. b) Let addition as is and add additional step to
> mul_by_[23]. The choice of approach can be platform-specific. For
> example on x86_64 a) is simpler and appears more efficient.
Consider attached diff.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecp_nistz256-x86_64.diff
Type: text/x-patch
Size: 5717 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160820/403d684c/attachment-0001.bin>
More information about the openssl-dev
mailing list