[openssl/openssl] 85cabd: Fix Minerva timing side-channel signal for P-384 c...
0 views
Skip to first unread message
Danny Tsen
Mar 14, 2025, 12:22:35 PM3/14/25
to openssl...@openssl.org
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 85cabd94958303859b1551364a609d4ff40b67a5
https://github.com/openssl/openssl/commit/85cabd94958303859b1551364a609d4ff40b67a5
Author: Danny Tsen <dt...@us.ibm.com>
Date: 2025-03-14 (Fri, 14 Mar 2025)
Changed paths:
M crypto/bn/bn_ppc.c
M crypto/ec/asm/ecp_nistp384-ppc64.pl
M crypto/ec/ecp_nistp384.c
Log Message:
-----------
Fix Minerva timing side-channel signal for P-384 curve on PPC
1. bn_ppc.c: Used bn_mul_mont_int() instead of bn_mul_mont_300_fixed_n6()
for Montgomery multiplication.
2. ecp_nistp384-ppc64.pl:
- Re-wrote p384_felem_mul and p384_felem_square for easier maintenance with
minumum perl wrapper.
- Implemented p384_felem_reduce, p384_felem_mul_reduce and p384_felem_square_reduce.
- Implemented p384_felem_diff64, felem_diff_128_64 and felem_diff128 in assembly.
3. ecp_nistp384.c:
- Added wrapper function for p384_felem_mul_reduce and p384_felem_square_reduce.
Signed-off-by: Danny Tsen <dt...@us.ibm.com>
Reviewed-by: Dmitry Belyavskiy <bel...@gmail.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26709)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 85cabd94958303859b1551364a609d4ff40b67a5
https://github.com/openssl/openssl/commit/85cabd94958303859b1551364a609d4ff40b67a5
Author: Danny Tsen <dt...@us.ibm.com>
Date: 2025-03-14 (Fri, 14 Mar 2025)
Changed paths:
M crypto/bn/bn_ppc.c
M crypto/ec/asm/ecp_nistp384-ppc64.pl
M crypto/ec/ecp_nistp384.c
Log Message:
-----------
Fix Minerva timing side-channel signal for P-384 curve on PPC
1. bn_ppc.c: Used bn_mul_mont_int() instead of bn_mul_mont_300_fixed_n6()
for Montgomery multiplication.
2. ecp_nistp384-ppc64.pl:
- Re-wrote p384_felem_mul and p384_felem_square for easier maintenance with
minumum perl wrapper.
- Implemented p384_felem_reduce, p384_felem_mul_reduce and p384_felem_square_reduce.
- Implemented p384_felem_diff64, felem_diff_128_64 and felem_diff128 in assembly.
3. ecp_nistp384.c:
- Added wrapper function for p384_felem_mul_reduce and p384_felem_square_reduce.
Signed-off-by: Danny Tsen <dt...@us.ibm.com>
Reviewed-by: Dmitry Belyavskiy <bel...@gmail.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26709)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages