diff options
author | Andy Polyakov <appro@openssl.org> | 2016-02-03 11:26:11 +0100 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2016-02-23 21:26:53 +0100 |
commit | 64333004a41a9f4aa587b8e5401420fb70d00687 (patch) | |
tree | 234f0958d13cc2be1af78c2a11b89ab53cd0feca /crypto/ec | |
parent | 04f2a0b50d219aafcef2fa718d91462b587aa23d (diff) |
ec/asm/ecp_nistz256-x86_64.pl: get corner case logic right.
RT#4284
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d93753412b455907b4dc09427ccd2382209d9af2)
Diffstat (limited to 'crypto/ec')
-rwxr-xr-x | crypto/ec/asm/ecp_nistz256-x86_64.pl | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl index e6acfd59f0..7140860e24 100755 --- a/crypto/ec/asm/ecp_nistz256-x86_64.pl +++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl @@ -2001,6 +2001,7 @@ $code.=<<___; push %r15 sub \$32*5+8, %rsp +.Lpoint_double_shortcut$x: movdqu 0x00($a_ptr), %xmm0 # copy *(P256_POINT *)$a_ptr.x mov $a_ptr, $b_ptr # backup copy movdqu 0x10($a_ptr), %xmm1 @@ -2291,6 +2292,7 @@ $code.=<<___; mov 0x40+8*1($b_ptr), $acc6 mov 0x40+8*2($b_ptr), $acc7 mov 0x40+8*3($b_ptr), $acc0 + movq $b_ptr, %xmm1 lea 0x40-$bias($b_ptr), $a_ptr lea $Z1sqr(%rsp), $r_ptr # Z1^2 @@ -2346,7 +2348,7 @@ $code.=<<___; test $acc0, $acc0 jnz .Ladd_proceed$x # (in1infty || in2infty)? test $acc1, $acc1 - jz .Ladd_proceed$x # is_equal(S1,S2)? + jz .Ladd_double$x # is_equal(S1,S2)? movq %xmm0, $r_ptr # restore $r_ptr pxor %xmm0, %xmm0 @@ -2359,6 +2361,13 @@ $code.=<<___; jmp .Ladd_done$x .align 32 +.Ladd_double$x: + movq %xmm1, $a_ptr # restore $a_ptr + movq %xmm0, $r_ptr # restore $r_ptr + add \$`32*(18-5)`, %rsp # difference in frame sizes + jmp .Lpoint_double_shortcut$x + +.align 32 .Ladd_proceed$x: `&load_for_sqr("$R(%rsp)", "$src0")` lea $Rsqr(%rsp), $r_ptr # R^2 |