commit c04c530a98bb99b9030650a27fd78ee2ce3dc00c
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Oct 23 16:11:52 2013 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Oct 23 16:11:52 2013 +0200
tree ffc2df25f81d90c6a4832f39abf8924f1e5c82a7
parent 0f9149cb0a579d8ee009e4fc23c81302a0347d24

Make NIST curves optimisation an option

include/polarssl/config.h

diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 4973ea4..d231b42 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -260,6 +260,17 @@
 #define POLARSSL_ECP_DP_BP512R1_ENABLED
 
 /**
+ * \def POLARSSL_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define POLARSSL_ECP_NIST_OPTIM
+
+/**
  * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
  *
  * Enable the PSK based ciphersuite modes in SSL / TLS.

library/ecp.c

diff --git a/library/ecp.c b/library/ecp.c
index f359f0b..b144d16 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -482,6 +482,8 @@
     return( ret );
 }
 
+#if defined(POLARSSL_ECP_NIST_OPTIM)
+
 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
 /*
  * Compared to the way things are presented in FIPS 186-3 D.2,
@@ -865,6 +867,8 @@
 #undef P521_MASK
 #endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
 
+#endif /* POLARSSL_ECP_NIST_OPTIM */
+
 /*
  * Domain parameters for secp192r1
  */
@@ -1021,7 +1025,9 @@
     {
 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
         case POLARSSL_ECP_DP_SECP192R1:
+#if defined(POLARSSL_ECP_NIST_OPTIM)
             grp->modp = ecp_mod_p192;
+#endif
             return( ecp_group_read_string( grp, 16,
                         SECP192R1_P, SECP192R1_B,
                         SECP192R1_GX, SECP192R1_GY, SECP192R1_N ) );
@@ -1029,7 +1035,9 @@
 
 #if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
         case POLARSSL_ECP_DP_SECP224R1:
+#if defined(POLARSSL_ECP_NIST_OPTIM)
             grp->modp = ecp_mod_p224;
+#endif
             return( ecp_group_read_string( grp, 16,
                         SECP224R1_P, SECP224R1_B,
                         SECP224R1_GX, SECP224R1_GY, SECP224R1_N ) );
@@ -1037,7 +1045,9 @@
 
 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
         case POLARSSL_ECP_DP_SECP256R1:
+#if defined(POLARSSL_ECP_NIST_OPTIM)
             grp->modp = ecp_mod_p256;
+#endif
             return( ecp_group_read_string( grp, 16,
                         SECP256R1_P, SECP256R1_B,
                         SECP256R1_GX, SECP256R1_GY, SECP256R1_N ) );
@@ -1045,7 +1055,9 @@
 
 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
         case POLARSSL_ECP_DP_SECP384R1:
+#if defined(POLARSSL_ECP_NIST_OPTIM)
             grp->modp = ecp_mod_p384;
+#endif
             return( ecp_group_read_string( grp, 16,
                         SECP384R1_P, SECP384R1_B,
                         SECP384R1_GX, SECP384R1_GY, SECP384R1_N ) );
@@ -1053,7 +1065,9 @@
 
 #if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
         case POLARSSL_ECP_DP_SECP521R1:
+#if defined(POLARSSL_ECP_NIST_OPTIM)
             grp->modp = ecp_mod_p521;
+#endif
             return( ecp_group_read_string( grp, 16,
                         SECP521R1_P, SECP521R1_B,
                         SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );