Skip to content

Commit

Permalink
8295010: Reduce if required in EC limbs operations
Browse files Browse the repository at this point in the history
Reviewed-by: djelinski, jjiang
  • Loading branch information
XueleiFan committed Nov 29, 2022
1 parent 54e6d6a commit b778cd5
Show file tree
Hide file tree
Showing 8 changed files with 107 additions and 57 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -150,13 +150,5 @@ MutableIntegerModuloP setValue(byte[] v, int offset, int length,
* @return this
*/
MutableIntegerModuloP setAdditiveInverse();

/**
* Some implementations required reduction operations to be requested
* by the client at certain times. This method reduces the representation.
*
* @return this
*/
MutableIntegerModuloP setReduced();
}

Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,7 @@
/**
* A large number polynomial representation using sparse limbs of signed
* long (64-bit) values. Limb values will always fit within a long, so inputs
* to multiplication must be less than 32 bits. All IntegerPolynomial
* implementations allow at most one addition before multiplication. Additions
* after that will result in an ArithmeticException.
* to multiplication must be less than 32 bits.
*
* The following element operations are branch-free for all subclasses:
*
Expand Down Expand Up @@ -553,16 +551,22 @@ public MutableElement mutable() {
return new MutableElement(limbs.clone(), numAdds);
}

protected boolean isSummand() {
return numAdds < maxAdds;
}

@Override
public ImmutableElement add(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand");
Element b = (Element)genB;

// Reduce if required.
// if (numAdds >= maxAdds) {
if (numAdds > 32 - bitsPerLimb) {
reduce(limbs);
numAdds = 0;
}

// if (b.numAdds >= maxAdds) {
if (b.numAdds > 32 - bitsPerLimb) {
reduce(b.limbs);
b.numAdds = 0;
}

long[] newLimbs = new long[limbs.length];
Expand Down Expand Up @@ -597,7 +601,18 @@ protected void copyLow(long[] limbs, long[] out) {
@Override
public ImmutableElement multiply(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB;
Element b = (Element)genB;

// Reduce if required.
if (numAdds > maxAdds) {
reduce(limbs);
numAdds = 0;
}

if (b.numAdds > maxAdds) {
reduce(b.limbs);
b.numAdds = 0;
}

long[] newLimbs = new long[limbs.length];
mult(limbs, b.limbs, newLimbs);
Expand All @@ -606,24 +621,42 @@ public ImmutableElement multiply(IntegerModuloP genB) {

@Override
public ImmutableElement square() {
// Reduce if required.
if (numAdds > maxAdds) {
reduce(limbs);
numAdds = 0;
}

long[] newLimbs = new long[limbs.length];
IntegerPolynomial.this.square(limbs, newLimbs);
return new ImmutableElement(newLimbs, 0);
}

public void addModPowerTwo(IntegerModuloP arg, byte[] result) {
assert IntegerPolynomial.this == arg.getField();
Element other = (Element) arg;
if (!(isSummand() && other.isSummand())) {
throw new ArithmeticException("Not a valid summand");
Element other = (Element)arg;

// Reduce if required.
if (numAdds > 32 - bitsPerLimb) {
reduce(limbs);
numAdds = 0;
}

if (other.numAdds > 32 - bitsPerLimb) {
reduce(other.limbs);
other.numAdds = 0;
}

addLimbsModPowerTwo(limbs, other.limbs, result);
}

public void asByteArray(byte[] result) {
if (!isSummand()) {
throw new ArithmeticException("Not a valid summand");
// Reduce if required.
if (numAdds != 0) {
reduce(limbs);
numAdds = 0;
}

limbsToByteArray(limbs, result);
}

Expand Down Expand Up @@ -698,15 +731,33 @@ public MutableElement setValue(ByteBuffer buf, int length,
@Override
public MutableElement setProduct(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB;
Element b = (Element)genB;

// Reduce if required.
if (numAdds > maxAdds) {
reduce(limbs);
numAdds = 0;
}

if (b.numAdds > maxAdds) {
reduce(b.limbs);
b.numAdds = 0;
}

mult(limbs, b.limbs, limbs);
numAdds = 0;
return this;
}

@Override
public MutableElement setProduct(SmallValue v) {
int value = ((Limb) v).value;
// Reduce if required.
if (numAdds > maxAdds) {
reduce(limbs);
numAdds = 0;
}

int value = ((Limb)v).value;
multByInt(limbs, value);
numAdds = 0;
return this;
Expand All @@ -715,9 +766,19 @@ public MutableElement setProduct(SmallValue v) {
@Override
public MutableElement setSum(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand");
Element b = (Element)genB;

// Reduce if required.
// if (numAdds >= maxAdds) {
if (numAdds > 32 - bitsPerLimb) {
reduce(limbs);
numAdds = 0;
}

// if (b.numAdds >= maxAdds) {
if (b.numAdds > 32 - bitsPerLimb) {
reduce(b.limbs);
b.numAdds = 0;
}

for (int i = 0; i < limbs.length; i++) {
Expand All @@ -731,9 +792,19 @@ public MutableElement setSum(IntegerModuloP genB) {
@Override
public MutableElement setDifference(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand");
Element b = (Element)genB;

// Reduce if required.
// if (numAdds >= maxAdds) {
if (numAdds > 32 - bitsPerLimb) {
reduce(limbs);
numAdds = 0;
}

// if (b.numAdds >= maxAdds) {
if (b.numAdds > 32 - bitsPerLimb) {
reduce(b.limbs);
b.numAdds = 0;
}

for (int i = 0; i < limbs.length; i++) {
Expand All @@ -746,6 +817,12 @@ public MutableElement setDifference(IntegerModuloP genB) {

@Override
public MutableElement setSquare() {
// Reduce if required.
if (numAdds > maxAdds) {
reduce(limbs);
numAdds = 0;
}

IntegerPolynomial.this.square(limbs, limbs);
numAdds = 0;
return this;
Expand All @@ -758,13 +835,6 @@ public MutableElement setAdditiveInverse() {
}
return this;
}

@Override
public MutableElement setReduced() {
reduce(limbs);
numAdds = 0;
return this;
}
}

class ImmutableElement extends Element implements ImmutableIntegerModuloP {
Expand Down Expand Up @@ -795,6 +865,5 @@ static class Limb implements SmallValue {
this.value = value;
}
}


}

Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,6 @@ private void setSum(ProjectivePoint.Mutable p, AffinePoint p2,
t1.setValue(p.getY()).setProduct(p2.getY());
t3.setValue(p2.getX()).setSum(p2.getY());
t4.setValue(p.getX()).setSum(p.getY());
p.getX().setReduced();
t3.setProduct(t4);
t4.setValue(t0).setSum(t1);

Expand Down Expand Up @@ -366,7 +365,6 @@ private void setSum(ProjectivePoint.Mutable p, ProjectivePoint.Mutable p2,
p.getX().setProduct(p.getY());
p.getY().setValue(t0).setSum(t2);
p.getY().setAdditiveInverse().setSum(p.getX());
p.getY().setReduced();

p.getZ().setValue(t2).setProduct(b);
p.getX().setValue(p.getY()).setDifference(p.getZ());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -191,14 +191,14 @@ protected ExtendedHomogeneousPoint.Mutable setDouble(
// x = A = x^2
p.getY().setSquare();
// y = B = y^2
t2.setValue(p.getX()).setSum(p.getY()).setReduced();
t2.setValue(p.getX()).setSum(p.getY());
// t2 holds H
p.getZ().setSquare().setProduct(two);
// z holds C

p.getT().setValue(t2).setDifference(t1);
// t holds E
t1.setValue(p.getX()).setDifference(p.getY()).setReduced();
t1.setValue(p.getX()).setDifference(p.getY());
// t1 holds G

p.getZ().setSum(t1);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ ProjectivePoint.Mutable setSum(
t3.setValue(d).setProduct(t1).setProduct(p1.getY());
// t3 holds E
// do part of the final calculation of x and y to free up t1
p1.getX().setDifference(t1).setReduced().setDifference(p1.getY());
p1.getX().setDifference(t1).setDifference(p1.getY());
p1.getY().setDifference(t1);
t1.setValue(p1.getZ()).setSquare();
// t2 holds B
Expand Down Expand Up @@ -185,7 +185,7 @@ protected ProjectivePoint.Mutable setDouble(ProjectivePoint.Mutable p,
p.getZ().setSquare();
// z holds H

t1.setValue(t2).setSum(p.getY()).setReduced();
t1.setValue(t2).setSum(p.getY());
// t1 holds E
t2.setDifference(p.getY());
p.getY().setValue(t1).setProduct(t2);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,6 @@ public byte[] sign(EdDSAParameterSpec sigParams, byte[] privateKey,
IntegerModuloP rElem = subField.getElement(r);
MutableIntegerModuloP S = kElem.mutable().setProduct(sElem);
S.setSum(rElem);
// need to be reduced before output conversion
S.setReduced();
byte[] sArr = S.asByteArray(byteLength);
byte[] rArr = encode(byteLength, R);

Expand Down
7 changes: 0 additions & 7 deletions test/jdk/sun/security/util/math/BigIntegerModuloP.java
Original file line number Diff line number Diff line change
Expand Up @@ -263,13 +263,6 @@ public MutableElement setAdditiveInverse() {
v = BigInteger.ZERO.subtract(v);
return this;
}

@Override
public MutableElement setReduced() {
// do nothing
return this;
}

}

private class SmallElement extends ImmutableElement implements SmallValue {
Expand Down
2 changes: 1 addition & 1 deletion test/jdk/sun/security/util/math/TestIntegerModuloP.java
Original file line number Diff line number Diff line change
Expand Up @@ -302,7 +302,7 @@ static void runOperationsTest(Random random, int length,
if (elem.test.getField() instanceof IntegerPolynomial) {
IntegerPolynomial field =
(IntegerPolynomial) elem.test.getField();
int numAdds = field.getMaxAdds();
int numAdds = 10; // check for addition overflow
for (int j = 1; j < numAdds; j++) {
ElemFunction addFunc3 = ADD_FUNCTIONS.
get(random.nextInt(ADD_FUNCTIONS.size()));
Expand Down

1 comment on commit b778cd5

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.