8294997: Improve ECC math operations

Reviewed-by: xuelei
openjdk · Oct 13, 2022 · 2f60675 · 2f60675
1 parent 94caecb
commit 2f60675
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 47 deletions.
diff --git a/make/jdk/src/classes/build/tools/intpoly/FieldGen.java b/make/jdk/src/classes/build/tools/intpoly/FieldGen.java
@@ -246,8 +246,7 @@ public int getCoefficient() {
         }
 
         public BigInteger getValue() {
-            return BigInteger.valueOf(2).pow(power)
-                    .multiply(BigInteger.valueOf(coefficient));
+            return BigInteger.valueOf(coefficient).shiftLeft(power);
         }
 
         public String toString() {
@@ -663,14 +662,12 @@ private String generate(FieldParams params) throws IOException {
                 subtract = true;
             }
             String coefExpr = "BigInteger.valueOf(" + coefValue + ")";
-            String powExpr = "BigInteger.valueOf(2).pow(" + t.getPower() + ")";
+            String powExpr = ".shiftLeft(" + t.getPower() + ")";
             String termExpr = "ERROR";
             if (t.getPower() == 0) {
                 termExpr = coefExpr;
-            } else if (coefValue == 1) {
-                termExpr = powExpr;
             } else {
-                termExpr = powExpr + ".multiply(" + coefExpr + ")";
+                termExpr = coefExpr + powExpr;
             }
             if (subtract) {
                 result.appendLine("result = result.subtract(" + termExpr + ");");

diff --git a/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java b/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java
@@ -329,9 +329,10 @@ private void setLimbsValue(BigInteger v, long[] limbs) {
     }
 
     protected void setLimbsValuePositive(BigInteger v, long[] limbs) {
-        BigInteger mod = BigInteger.valueOf(1 << bitsPerLimb);
+        assert bitsPerLimb < 32;
+        long limbMask = (1L << bitsPerLimb) - 1;
         for (int i = 0; i < limbs.length; i++) {
-            limbs[i] = v.mod(mod).longValue();
+            limbs[i] = v.intValue() & limbMask;
             v = v.shiftRight(bitsPerLimb);
         }
     }

diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECOperations.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECOperations.java
@@ -304,25 +304,19 @@ private void setDouble(ProjectivePoint.Mutable p, MutableIntegerModuloP t0,
         p.getY().setValue(t2).setProduct(b);
         p.getY().setDifference(p.getZ());
 
-        p.getX().setValue(p.getY()).setProduct(two);
-        p.getY().setSum(p.getX());
-        p.getY().setReduced();
+        p.getY().setProduct(three);
         p.getX().setValue(t1).setDifference(p.getY());
 
         p.getY().setSum(t1);
         p.getY().setProduct(p.getX());
         p.getX().setProduct(t3);
 
-        t3.setValue(t2).setProduct(two);
-        t2.setSum(t3);
+        t2.setProduct(three);
         p.getZ().setProduct(b);
 
-        t2.setReduced();
         p.getZ().setDifference(t2);
         p.getZ().setDifference(t0);
-        t3.setValue(p.getZ()).setProduct(two);
-        p.getZ().setReduced();
-        p.getZ().setSum(t3);
+        p.getZ().setProduct(three);
         t0.setProduct(three);
 
         t0.setDifference(t2);
@@ -382,26 +376,19 @@ private void setSum(ProjectivePoint.Mutable p, AffinePoint p2,
         p.getZ().setProduct(b);
 
         p.getX().setValue(p.getY()).setDifference(p.getZ());
-        p.getX().setReduced();
-        p.getZ().setValue(p.getX()).setProduct(two);
-        p.getX().setSum(p.getZ());
+        p.getX().setProduct(three);
 
         p.getZ().setValue(t1).setDifference(p.getX());
         p.getX().setSum(t1);
         p.getY().setProduct(b);
 
-        t1.setValue(t2).setProduct(two);
-        t2.setSum(t1);
-        t2.setReduced();
+        t2.setProduct(three);
         p.getY().setDifference(t2);
 
         p.getY().setDifference(t0);
-        p.getY().setReduced();
-        t1.setValue(p.getY()).setProduct(two);
-        p.getY().setSum(t1);
+        p.getY().setProduct(three);
 
-        t1.setValue(t0).setProduct(two);
-        t0.setSum(t1);
+        t0.setProduct(three);
         t0.setDifference(t2);
 
         t1.setValue(t4).setProduct(p.getY());
@@ -413,8 +400,8 @@ private void setSum(ProjectivePoint.Mutable p, AffinePoint p2,
         p.getX().setDifference(t1);
 
         p.getZ().setProduct(t4);
-        t1.setValue(t3).setProduct(t0);
-        p.getZ().setSum(t1);
+        t3.setProduct(t0);
+        p.getZ().setSum(t3);
 
     }
 
@@ -453,26 +440,20 @@ private void setSum(ProjectivePoint.Mutable p, ProjectivePoint.Mutable p2,
 
         p.getZ().setValue(t2).setProduct(b);
         p.getX().setValue(p.getY()).setDifference(p.getZ());
-        p.getZ().setValue(p.getX()).setProduct(two);
 
-        p.getX().setSum(p.getZ());
-        p.getX().setReduced();
+        p.getX().setProduct(three);
+
         p.getZ().setValue(t1).setDifference(p.getX());
         p.getX().setSum(t1);
 
         p.getY().setProduct(b);
-        t1.setValue(t2).setSum(t2);
-        t2.setSum(t1);
-        t2.setReduced();
+        t2.setProduct(three);
 
         p.getY().setDifference(t2);
         p.getY().setDifference(t0);
-        p.getY().setReduced();
-        t1.setValue(p.getY()).setSum(p.getY());
+        p.getY().setProduct(three);
 
-        p.getY().setSum(t1);
-        t1.setValue(t0).setProduct(two);
-        t0.setSum(t1);
+        t0.setProduct(three);
 
         t0.setDifference(t2);
         t1.setValue(t4).setProduct(p.getY());
@@ -484,9 +465,9 @@ private void setSum(ProjectivePoint.Mutable p, ProjectivePoint.Mutable p2,
 
         p.getX().setDifference(t1);
         p.getZ().setProduct(t4);
-        t1.setValue(t3).setProduct(t0);
 
-        p.getZ().setSum(t1);
+        t3.setProduct(t0);
+        p.getZ().setSum(t3);
 
     }
 }

diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/Ed25519Operations.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/Ed25519Operations.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -137,7 +137,7 @@ AffinePoint decodeAffinePoint(Function<String, T> exception,
             throw exception.apply("Invalid point");
         }
 
-        if (xLSB != x.asBigInteger().mod(BigInteger.valueOf(2)).intValue()) {
+        if (xLSB != (x.asBigInteger().intValue() & 1)) {
             x.setAdditiveInverse();
         }
 

diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/Ed448Operations.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/Ed448Operations.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -127,7 +127,7 @@ AffinePoint decodeAffinePoint(Function<String, T> exception, int xLSB,
             throw exception.apply("Invalid point");
         }
 
-        if (xLSB != x.asBigInteger().mod(TWO).intValue()) {
+        if (xLSB != (x.asBigInteger().intValue() & 1)) {
             x.setAdditiveInverse();
         }