s2n-bignum update 2024-12-10 (#2050)

aws · Dec 10, 2024 · df18ce2 · df18ce2
1 parent 302e539
commit df18ce2
Show file tree

Hide file tree

Showing 16 changed files with 17,223 additions and 2,990 deletions.
diff --git a/third_party/s2n-bignum/arm/fastmul/bignum_emontredc_8n_neon.S b/third_party/s2n-bignum/arm/fastmul/bignum_emontredc_8n_neon.S
@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT-0
 
 // ----------------------------------------------------------------------------
-// Extend Montgomery reduce in 8-digit blocks, results in input-output buffer
+// Extended Montgomery reduce in 8-digit blocks, results in input-output buffer
 // Inputs z[2*k], m[k], w; outputs function return (extra result bit) and z[2*k]
 //
 //    extern uint64_t bignum_emontredc_8n_neon

diff --git a/third_party/s2n-bignum/arm/generic/bignum_copy_row_from_table_16_neon.S b/third_party/s2n-bignum/arm/generic/bignum_copy_row_from_table_16_neon.S
@@ -12,7 +12,7 @@
 //     (uint64_t *z, uint64_t *table, uint64_t height, uint64_t idx);
 //
 // Initial version written by Hanno Becker
-// Standard ARM ABI: X0 = z, X1 = table, X2 = height, X4 = idx
+// Standard ARM ABI: X0 = z, X1 = table, X2 = height, X3 = idx
 // ----------------------------------------------------------------------------
 #include "_internal_s2n_bignum.h"
 

diff --git a/third_party/s2n-bignum/arm/generic/bignum_copy_row_from_table_32_neon.S b/third_party/s2n-bignum/arm/generic/bignum_copy_row_from_table_32_neon.S
@@ -12,7 +12,7 @@
 //     (uint64_t *z, uint64_t *table, uint64_t height, uint64_t idx);
 //
 // Initial version written by Hanno Becker
-// Standard ARM ABI: X0 = z, X1 = table, X2 = height, X4 = idx
+// Standard ARM ABI: X0 = z, X1 = table, X2 = height, X3 = idx
 // ----------------------------------------------------------------------------
 #include "_internal_s2n_bignum.h"
 

diff --git a/third_party/s2n-bignum/arm/p384/p384_montjadd.S b/third_party/s2n-bignum/arm/p384/p384_montjadd.S
@@ -32,7 +32,9 @@
 
 #define NUMSIZE 48
 
-#define NSPACE (NUMSIZE*7)
+// 7 NUMSIZEs for the point operation, one extra NUMSIZE for field operations
+
+#define NSPACE (NUMSIZE*8)
 
 S2N_BN_SYMBOL(p384_montjadd):
 
@@ -661,7 +663,7 @@ S2N_BN_SYMBOL(p384_montjadd):
         stp x7, x11, [sp, #256]
         adc x17, x14, xzr
         stp x2, x17, [sp, #272]
-        stp x23, x24, [sp, #-48]
+        stp x23, x24, [sp, #0x150] // It is #-48 after inlining, but access to sp+negative in the middle of fn is bad
         ldr q3, [x26, #96]
         ldr q25, [x25, #48]
         ldp x13, x23, [x25, #48]
@@ -5902,7 +5904,7 @@ S2N_BN_SYMBOL(p384_montjadd):
         stp x14, x5, [sp, #256]
         adc x12, x15, x23
         stp x21, x12, [sp, #272]
-        ldp x2, x27, [sp, #-48]
+        ldp x2, x27, [sp, #0x150] // It is #-48 after inlining, but access to sp+negative in the middle of fn is bad
         ldr q3, [sp, #48]
         ldr q25, [sp, #192]
         ldp x13, x23, [sp, #192]

diff --git a/third_party/s2n-bignum/arm/p384/p384_montjscalarmul.S b/third_party/s2n-bignum/arm/p384/p384_montjscalarmul.S
@@ -503,7 +503,7 @@ p384_montjscalarmul_p384_montjadd:
         stp	x23, x24, [sp, #-16]!
         stp	x25, x26, [sp, #-16]!
         stp	x27, xzr, [sp, #-16]!
-        sub	sp, sp, #0x150
+        sub	sp, sp, #0x180
         mov	x24, x0
         mov	x25, x1
         mov	x26, x2
@@ -1120,7 +1120,7 @@ p384_montjscalarmul_p384_montjadd:
         stp	x7, x11, [sp, #256]
         adc	x17, x14, xzr
         stp	x2, x17, [sp, #272]
-        stp	x23, x24, [sp, #-48]
+        stp	x23, x24, [sp, #0x150]
         ldr	q3, [x26, #96]
         ldr	q25, [x25, #48]
         ldp	x13, x23, [x25, #48]
@@ -6361,7 +6361,7 @@ p384_montjscalarmul_p384_montjadd:
         stp	x14, x5, [sp, #256]
         adc	x12, x15, x23
         stp	x21, x12, [sp, #272]
-        ldp	x2, x27, [sp, #-48]
+        ldp	x2, x27, [sp, #0x150]
         ldr	q3, [sp, #48]
         ldr	q25, [sp, #192]
         ldp	x13, x23, [sp, #192]
@@ -6874,7 +6874,7 @@ p384_montjscalarmul_p384_montjadd:
         stp	x12, x13, [x27, #96]
         stp	x14, x15, [x27, #112]
         stp	x16, x17, [x27, #128]
-        add	sp, sp, #0x150
+        add	sp, sp, #0x180
         ldp	x27, xzr, [sp], #16
         ldp	x25, x26, [sp], #16
         ldp	x23, x24, [sp], #16

diff --git a/third_party/s2n-bignum/arm/p521/Makefile b/third_party/s2n-bignum/arm/p521/Makefile
@@ -28,6 +28,7 @@ OBJ = bignum_add_p521.o \
       bignum_double_p521.o \
       bignum_fromlebytes_p521.o \
       bignum_half_p521.o \
+      bignum_inv_p521.o \
       bignum_mod_n521_9.o \
       bignum_mod_p521_9.o \
       bignum_montmul_p521.o \
@@ -53,7 +54,9 @@ OBJ = bignum_add_p521.o \
       p521_jdouble.o \
       p521_jdouble_alt.o \
       p521_jmixadd.o \
-      p521_jmixadd_alt.o
+      p521_jmixadd_alt.o \
+      p521_jscalarmul.o \
+      p521_jscalarmul_alt.o
 
 %.o : %.S ; $(CC) -E -I../../include $< | $(GAS) -o $@ -
 

diff --git a/third_party/s2n-bignum/arm/p521/bignum_inv_p521.S b/third_party/s2n-bignum/arm/p521/bignum_inv_p521.S