optimize

README.en.md

@@ -63,19 +63,19 @@ The benchmark test code can be found in [benchmark.py](https://github.com/ww-rm/
 
 ```plain
 ==================== SM2 Benchmark Test (1000 times, 32 bytes data) ====================
-SM2.encrypt             : 2.391558s
-SM2.decrypt             : 1.092445s
-SM2.sign_digest         : 1.062552s
-SM2.verify_digest       : 2.096187s
-SM2.sign                : 1.067850s
-SM2.verify              : 2.055190s
-SM2.begin_key_exchange  : 1.159822s
-SM2.end_key_exchange    : 1.633471s
+SM2.encrypt             : 0.454363s (2200.88 times/s)
+SM2.decrypt             : 0.356014s (2808.88 times/s)
+SM2.sign_digest         : 0.088565s (11291.12 times/s)
+SM2.verify_digest       : 0.409243s (2443.54 times/s)
+SM2.sign                : 0.087475s (11431.80 times/s)
+SM2.verify              : 0.404026s (2475.09 times/s)
+SM2.begin_key_exchange  : 0.086665s (11538.62 times/s)
+SM2.end_key_exchange    : 0.536552s (1863.75 times/s)
 ==================== SM3 Benchmark Test (1,000,000,000 bytes data) ====================
-SM3.update & SM3.digest : 5.118763s
+SM3.update & SM3.digest : 3.083487s (324,308,109 B/s)
 ==================== SM4 Benchmark Test (1000000 times) ====================
-SM4.encrypt             : 0.369991s
-SM4.decrypt             : 0.297077s
+SM4.encrypt             : 0.197393s (5066040.91 times/s)
+SM4.decrypt             : 0.185619s (5387391.13 times/s)
 ==================== ZUC Benchmark Test (1000000 times) ====================
-zuc.generate            : 0.050301s
+zuc.generate            : 0.028821s (34696561.22 times/s)
 ```

README.md

@@ -66,19 +66,19 @@ def rnd_fn(n: int) -> bytes: ...
 
 ```plain
 ==================== SM2 Benchmark Test (1000 times, 32 bytes data) ====================
-SM2.encrypt             : 0.453286s (2206.12 times/s)
-SM2.decrypt             : 0.353108s (2831.99 times/s)
-SM2.sign_digest         : 0.086778s (11523.62 times/s)
-SM2.verify_digest       : 0.407510s (2453.92 times/s)
-SM2.sign                : 0.088102s (11350.42 times/s)
-SM2.verify              : 0.415350s (2407.61 times/s)
-SM2.begin_key_exchange  : 0.119090s (8396.99 times/s)
-SM2.end_key_exchange    : 0.535585s (1867.12 times/s)
+SM2.encrypt             : 0.454363s (2200.88 times/s)
+SM2.decrypt             : 0.356014s (2808.88 times/s)
+SM2.sign_digest         : 0.088565s (11291.12 times/s)
+SM2.verify_digest       : 0.409243s (2443.54 times/s)
+SM2.sign                : 0.087475s (11431.80 times/s)
+SM2.verify              : 0.404026s (2475.09 times/s)
+SM2.begin_key_exchange  : 0.086665s (11538.62 times/s)
+SM2.end_key_exchange    : 0.536552s (1863.75 times/s)
 ==================== SM3 Benchmark Test (1,000,000,000 bytes data) ====================
-SM3.update & SM3.digest : 3.061764s (326,609,116 B/s)
+SM3.update & SM3.digest : 3.083487s (324,308,109 B/s)
 ==================== SM4 Benchmark Test (1000000 times) ====================
-SM4.encrypt             : 0.188778s (5297230.24 times/s)
-SM4.decrypt             : 0.186436s (5363756.56 times/s)
+SM4.encrypt             : 0.197393s (5066040.91 times/s)
+SM4.decrypt             : 0.185619s (5387391.13 times/s)
 ==================== ZUC Benchmark Test (1000000 times) ====================
-zuc.generate            : 0.037984s (26326735.85 times/s)
+zuc.generate            : 0.028821s (34696561.22 times/s)
 ```

docs/index.md

@@ -26,21 +26,21 @@ pip install gmalglib
 
 ```plain
 ==================== SM2 Benchmark Test (1000 times, 32 bytes data) ====================
-SM2.encrypt             : 0.453286s (2206.12 times/s)
-SM2.decrypt             : 0.353108s (2831.99 times/s)
-SM2.sign_digest         : 0.086778s (11523.62 times/s)
-SM2.verify_digest       : 0.407510s (2453.92 times/s)
-SM2.sign                : 0.088102s (11350.42 times/s)
-SM2.verify              : 0.415350s (2407.61 times/s)
-SM2.begin_key_exchange  : 0.119090s (8396.99 times/s)
-SM2.end_key_exchange    : 0.535585s (1867.12 times/s)
+SM2.encrypt             : 0.454363s (2200.88 times/s)
+SM2.decrypt             : 0.356014s (2808.88 times/s)
+SM2.sign_digest         : 0.088565s (11291.12 times/s)
+SM2.verify_digest       : 0.409243s (2443.54 times/s)
+SM2.sign                : 0.087475s (11431.80 times/s)
+SM2.verify              : 0.404026s (2475.09 times/s)
+SM2.begin_key_exchange  : 0.086665s (11538.62 times/s)
+SM2.end_key_exchange    : 0.536552s (1863.75 times/s)
 ==================== SM3 Benchmark Test (1,000,000,000 bytes data) ====================
-SM3.update & SM3.digest : 3.061764s (326,609,116 B/s)
+SM3.update & SM3.digest : 3.083487s (324,308,109 B/s)
 ==================== SM4 Benchmark Test (1000000 times) ====================
-SM4.encrypt             : 0.188778s (5297230.24 times/s)
-SM4.decrypt             : 0.186436s (5363756.56 times/s)
+SM4.encrypt             : 0.197393s (5066040.91 times/s)
+SM4.decrypt             : 0.185619s (5387391.13 times/s)
 ==================== ZUC Benchmark Test (1000000 times) ====================
-zuc.generate            : 0.037984s (26326735.85 times/s)
+zuc.generate            : 0.028821s (34696561.22 times/s)
 ```
 
 ## 下一步

include/gmalglib/sm2curve.h

@@ -46,6 +46,8 @@ extern const UInt256* const SM2_PARAMS_N;
 void SM2JacobPointMont_ToPoint(const SM2JacobPointMont* X, SM2Point* Y);
 void SM2JacobPointMont_FromPoint(const SM2Point* X, SM2JacobPointMont* Y);
 
+int SM2Point_FromBytes(const uint8_t* bytes, uint64_t bytes_len, SM2Point* X);
+uint64_t SM2Point_ToBytes(const SM2Point* X, int pc_mode, uint8_t* bytes);
 uint64_t SM2JacobPointMont_ToBytes(const SM2JacobPointMont* X, int pc_mode, uint8_t* bytes);
 int SM2JacobPointMont_FromBytes(const uint8_t* bytes, uint64_t bytes_len, SM2JacobPointMont* X);
 

src/gmalglib/core/sm2.c

@@ -704,29 +704,31 @@ int SM2_Decrypt(SM2* self, const uint8_t* cipher, uint64_t cipher_len, uint8_t*
 }
 
 static
-int _SM2_BeginKeyExchange(SM2* self, SM2JacobPointMont* random_pt, SM2ModN* t)
+int _SM2_BeginKeyExchange(SM2* self, SM2Point* random_pt, SM2ModN* t)
 {
     SM2ModNMont r = { 0 };
-    SM2Point R = { 0 };
+    SM2JacobPointMont R = { 0 };
+    SM2ModN x_bar = { 0 };
 
     if (!RandomUInt256(&self->rand_alg, CONSTS_N_MINUS_ONE, &r))
         return SM2_ERR_RANDOM_FAILED;
 
-    SM2JacobPointMont_MulG(&r, random_pt);
+    SM2JacobPointMont_MulG(&r, &R);
+    SM2JacobPointMont_ToPoint(&R, random_pt);
 
     // w        =   ceil(ceil(log2(N)) / 2) - 1         = 127
     // 2^w      =   0x80000000000000000000000000000000
     // 2^w - 1  =   0x7fffffffffffffffffffffffffffffff
     // x_bar    =   2^w + (x & (2^w - 1))
-    SM2JacobPointMont_ToPoint(random_pt, &R);
-    R.x.u64[3] = 0;
-    R.x.u64[2] = 0;
-    R.x.u64[1] |= 0x8000000000000000;
+    x_bar = random_pt->x;
+    x_bar.u64[3] = 0;
+    x_bar.u64[2] = 0;
+    x_bar.u64[1] |= 0x8000000000000000;
 
-    SM2ModN_ToMont(&R.x, &R.x);
+    SM2ModN_ToMont(&x_bar, &x_bar);
     SM2ModN_ToMont(&r, &r);
 
-    SM2ModN_MontMul(&R.x, &r, t);
+    SM2ModN_MontMul(&x_bar, &r, t);
     SM2ModN_FromMont(t, t);
     SM2ModN_Add(&self->sk, t, t);
 
@@ -736,7 +738,7 @@ int _SM2_BeginKeyExchange(SM2* self, SM2JacobPointMont* random_pt, SM2ModN* t)
 int SM2_BeginKeyExchange(SM2* self, SM2ModN* t, uint8_t* random_pt)
 {
     int ret = 0;
-    SM2JacobPointMont R = { 0 };
+    SM2Point R = { 0 };
 
     if (!self->has_sk)
         return SM2_ERR_NEED_SK;
@@ -745,38 +747,39 @@ int SM2_BeginKeyExchange(SM2* self, SM2ModN* t, uint8_t* random_pt)
     if (ret != 0)
         return ret;
 
-    SM2JacobPointMont_ToBytes(&R, self->pc_mode, random_pt);
+    SM2Point_ToBytes(&R, self->pc_mode, random_pt);
     return 0;
 }
 
 static
-int _SM2_EndKeyExchange(SM2* self, const SM2ModN* t, const SM2JacobPointMont* random_pt, const SM2JacobPointMont* pk, const uint8_t* uid, uint64_t uid_len, int is_responder, uint64_t klen, uint8_t* key)
+int _SM2_EndKeyExchange(SM2* self, const SM2ModN* t, const SM2Point* random_pt, const SM2JacobPointMont* pk, const uint8_t* uid, uint64_t uid_len, int is_responder, uint64_t klen, uint8_t* key)
 {
     SM2JacobPointMont S = { 0 };
-    SM2Point R = { 0 };
+    SM2Point tmp = { 0 };
     SM3 sm3 = { 0 };
     uint8_t buffer[32] = { 0 };
+    SM2ModN x_bar = random_pt->x;
 
     // x_bar
-    SM2JacobPointMont_ToPoint(random_pt, &R);
-    R.x.u64[3] = 0;
-    R.x.u64[2] = 0;
-    R.x.u64[1] |= 0x8000000000000000;
+    x_bar.u64[3] = 0;
+    x_bar.u64[2] = 0;
+    x_bar.u64[1] |= 0x8000000000000000;
 
-    SM2JacobPointMont_Mul(&R.x, random_pt, &S);
+    SM2JacobPointMont_FromPoint(random_pt, &S);
+    SM2JacobPointMont_Mul(&x_bar, &S, &S);
     SM2JacobPointMont_Add(pk, &S, &S);
     SM2JacobPointMont_Mul(t, &S, &S);
 
     if (SM2JacobPointMont_IsInf(&S))
         return SM2_ERR_INVALID_SPOINT;
 
-    SM2JacobPointMont_ToPoint(&S, &R);
+    SM2JacobPointMont_ToPoint(&S, &tmp);
 
     SM3_Init(&sm3);
 
-    UInt256_ToBytes(&R.x, buffer);
+    UInt256_ToBytes(&tmp.x, buffer);
     SM3_Update(&sm3, buffer, 32);
-    UInt256_ToBytes(&R.y, buffer);
+    UInt256_ToBytes(&tmp.y, buffer);
     SM3_Update(&sm3, buffer, 32);
 
     _SM2_GetEntityInfo(pk, uid, uid_len, buffer);
@@ -800,7 +803,7 @@ int _SM2_EndKeyExchange(SM2* self, const SM2ModN* t, const SM2JacobPointMont* ra
 
 int SM2_EndKeyExchange(SM2* self, const SM2ModN* t, const uint8_t* random_pt, uint64_t random_pt_len, const uint8_t* pk, uint64_t pk_len, const uint8_t* uid, uint64_t uid_len, int is_responder, uint64_t klen, uint8_t* key)
 {
-    SM2JacobPointMont R = { 0 };
+    SM2Point R = { 0 };
     SM2JacobPointMont P = { 0 };
     int ret = 0;
 
@@ -810,7 +813,7 @@ int SM2_EndKeyExchange(SM2* self, const SM2ModN* t, const uint8_t* random_pt, ui
     if (UInt256_IsZero(t) || UInt256_Cmp(t, CONSTS_N_MINUS_ONE) > 0)
         return SM2_ERR_INVALID_T;
 
-    if (SM2JacobPointMont_FromBytes(random_pt, random_pt_len, &R) != 0)
+    if (SM2Point_FromBytes(random_pt, random_pt_len, &R) != 0)
         return SM2_ERR_INVALID_R;
 
     if (SM2JacobPointMont_FromBytes(pk, pk_len, &P) != 0)