crypto/elliptic: implement P256 for arm64

This patch ports the existing optimized P256 implementation to arm64. name old time/op new time/op delta pkg:crypto/ecdsa goos:linux goarch:arm64 SignP256 539µs ±13% 43µs ± 2% -91.95% (p=0.000 n=20+20) SignP384 13.2ms ± 1% 13.2ms ± 1% ~ (p=0.739 n=10+10) VerifyP256 1.57ms ± 0% 0.12ms ± 0% -92.40% (p=0.000 n=18+20) KeyGeneration 391µs ± 0% 25µs ± 0% -93.62% (p=0.000 n=9+9) pkg:crypto/elliptic goos:linux goarch:arm64 BaseMult 1.66ms ± 0% 1.65ms ± 1% ~ (p=0.079 n=9+10) BaseMultP256 389µs ± 0% 22µs ± 1% -94.28% (p=0.000 n=19+20) ScalarMultP256 1.03ms ± 0% 0.09ms ± 0% -91.25% (p=0.000 n=19+20) name old alloc/op new alloc/op delta pkg:crypto/ecdsa goos:linux goarch:arm64 SignP256 5.47kB ± 0% 3.20kB ± 0% -41.50% (p=0.000 n=20+20) SignP384 2.32MB ± 0% 2.32MB ± 0% ~ (p=0.739 n=10+10) VerifyP256 7.65kB ± 4% 0.98kB ± 0% -87.24% (p=0.000 n=20+20) KeyGeneration 1.41kB ± 0% 0.69kB ± 0% -51.05% (p=0.000 n=9+10) pkg:crypto/elliptic goos:linux goarch:arm64 BaseMult 224B ± 0% 224B ± 0% ~ (all equal) BaseMultP256 1.12kB ± 0% 0.29kB ± 0% -74.29% (p=0.000 n=20+20) ScalarMultP256 1.59kB ± 7% 0.26kB ± 0% -83.91% (p=0.000 n=20+20) name old allocs/op new allocs/op delta pkg:crypto/ecdsa goos:linux goarch:arm64 SignP256 67.0 ± 0% 35.0 ± 0% -47.76% (p=0.000 n=20+20) SignP384 17.5k ± 0% 17.5k ± 0% ~ (p=0.725 n=10+10) VerifyP256 97.2 ± 3% 17.0 ± 0% -82.52% (p=0.000 n=20+20) KeyGeneration 21.0 ± 0% 13.0 ± 0% -38.10% (p=0.000 n=10+10) pkg:crypto/elliptic goos:linux goarch:arm64 BaseMult 5.00 ± 0% 5.00 ± 0% ~ (all equal) BaseMultP256 16.0 ± 0% 6.0 ± 0% -62.50% (p=0.000 n=20+20) ScalarMultP256 19.9 ± 6% 5.0 ± 0% -74.87% (p=0.000 n=20+20) Fixes #22806 Change-Id: I12b343a27e6544189334f99c84242bb59db70a76 Reviewed-on: https://go-review.googlesource.com/121360 Run-TryBot: Vlad Krasnov <vlad@cloudflare.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Vlad Krasnov <vlad@cloudflare.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2024-11-17 22:14:43 -07:00 · 2018-03-09 01:19:11 +00:00 · 2018-03-09 01:19:11 +00:00 · ff81a6444a
commit ff81a6444a
parent 9092511cf7
5 changed files with 1586 additions and 3 deletions
--- a/src/crypto/elliptic/fuzz_test.go
+++ b/src/crypto/elliptic/fuzz_test.go
@ -0,0 +1,54 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build amd64 arm64
+
+package elliptic
+
+import (
+	"crypto/rand"
+	"testing"
+	"time"
+)
+
+func TestFuzz(t *testing.T) {
+
+	p256 := P256()
+	p256Generic := p256.Params()
+
+	var scalar1 [32]byte
+	var scalar2 [32]byte
+	var timeout *time.Timer
+
+	if testing.Short() {
+		timeout = time.NewTimer(500 * time.Millisecond)
+	} else {
+		timeout = time.NewTimer(2 * time.Second)
+	}
+
+	for {
+		select {
+		case <-timeout.C:
+			return
+		default:
+		}
+
+		rand.Read(scalar1[:])
+		rand.Read(scalar2[:])
+
+		x, y := p256.ScalarBaseMult(scalar1[:])
+		x2, y2 := p256Generic.ScalarBaseMult(scalar1[:])
+
+		xx, yy := p256.ScalarMult(x, y, scalar2[:])
+		xx2, yy2 := p256Generic.ScalarMult(x2, y2, scalar2[:])
+
+		if x.Cmp(x2) != 0 || y.Cmp(y2) != 0 {
+			t.Fatalf("ScalarBaseMult does not match reference result with scalar: %x, please report this error to security@golang.org", scalar1)
+		}
+
+		if xx.Cmp(xx2) != 0 || yy.Cmp(yy2) != 0 {
+			t.Fatalf("ScalarMult does not match reference result with scalars: %x and %x, please report this error to security@golang.org", scalar1, scalar2)
+		}
+	}
+}
--- a/src/crypto/elliptic/p256.go
+++ b/src/crypto/elliptic/p256.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build !amd64
+// +build !amd64,!arm64

 package elliptic

--- a/src/crypto/elliptic/p256_amd64.go
+++ b/src/crypto/elliptic/p256_amd64.go
@ -10,7 +10,7 @@
 // https://link.springer.com/article/10.1007%2Fs13389-014-0090-x
 // https://eprint.iacr.org/2013/816.pdf

-// +build amd64
+// +build amd64 arm64

 package elliptic

--- a/src/crypto/elliptic/p256_asm_arm64.s
+++ b/src/crypto/elliptic/p256_asm_arm64.s
--- a/src/crypto/elliptic/p256_generic.go
+++ b/src/crypto/elliptic/p256_generic.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build !amd64,!s390x
+// +build !amd64,!s390x,!arm64

 package elliptic