mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/ecdsa: use bigmod and nistec instead of math/big and crypto/elliptic

Browse source 
Ignoring custom curves, this makes the whole package constant-time.
There is a slight loss in performance for P-384 and P-521 because bigmod
is slower than math/big (but P-256 has an assembly scalar field
inversion, so doesn't use bigmod for anything big).

name                old time/op    new time/op    delta
Sign/P256-8           19.2µs ± 2%    19.1µs ± 2%     ~     (p=0.268 n=9+10)
Sign/P384-8            166µs ± 3%     188µs ± 2%  +13.52%  (p=0.000 n=10+10)
Sign/P521-8            337µs ± 2%     359µs ± 2%   +6.46%  (p=0.000 n=10+10)
Verify/P256-8         58.1µs ± 2%    58.1µs ± 2%     ~     (p=0.971 n=10+10)
Verify/P384-8          484µs ± 2%     569µs ±12%  +17.65%  (p=0.000 n=10+10)
Verify/P521-8         1.03ms ± 4%    1.14ms ± 2%  +11.02%  (p=0.000 n=10+10)
GenerateKey/P256-8    12.4µs ±12%    12.0µs ± 2%     ~     (p=0.063 n=10+10)
GenerateKey/P384-8     129µs ±18%     119µs ± 2%     ~     (p=0.190 n=10+10)
GenerateKey/P521-8     241µs ± 2%     240µs ± 2%     ~     (p=0.436 n=10+10)

name                old alloc/op   new alloc/op   delta
Sign/P256-8           3.08kB ± 0%    2.47kB ± 0%  -19.77%  (p=0.000 n=10+10)
Sign/P384-8           6.16kB ± 0%    2.64kB ± 0%  -57.16%  (p=0.000 n=10+10)
Sign/P521-8           7.87kB ± 0%    3.01kB ± 0%  -61.80%  (p=0.000 n=10+10)
Verify/P256-8         1.29kB ± 1%    0.48kB ± 0%  -62.69%  (p=0.000 n=10+10)
Verify/P384-8         2.49kB ± 1%    0.64kB ± 0%  -74.25%  (p=0.000 n=10+10)
Verify/P521-8         3.31kB ± 0%    0.96kB ± 0%  -71.02%  (p=0.000 n=7+10)
GenerateKey/P256-8      720B ± 0%      920B ± 0%  +27.78%  (p=0.000 n=10+10)
GenerateKey/P384-8      921B ± 0%     1120B ± 0%  +21.61%  (p=0.000 n=9+10)
GenerateKey/P521-8    1.30kB ± 0%    1.44kB ± 0%  +10.45%  (p=0.000 n=10+10)

name                old allocs/op  new allocs/op  delta
Sign/P256-8             45.0 ± 0%      33.0 ± 0%  -26.67%  (p=0.000 n=10+10)
Sign/P384-8             69.0 ± 0%      34.0 ± 0%  -50.72%  (p=0.000 n=10+10)
Sign/P521-8             71.0 ± 0%      35.0 ± 0%  -50.70%  (p=0.000 n=10+10)
Verify/P256-8           23.0 ± 0%      10.0 ± 0%  -56.52%  (p=0.000 n=10+10)
Verify/P384-8           43.0 ± 0%      14.0 ± 0%  -67.44%  (p=0.000 n=10+10)
Verify/P521-8           45.0 ± 0%      14.0 ± 0%  -68.89%  (p=0.000 n=7+10)
GenerateKey/P256-8      13.0 ± 0%      14.0 ± 0%   +7.69%  (p=0.000 n=10+10)
GenerateKey/P384-8      16.0 ± 0%      17.0 ± 0%   +6.25%  (p=0.000 n=10+10)
GenerateKey/P521-8      16.5 ± 3%      17.0 ± 0%   +3.03%  (p=0.033 n=10+10)

Change-Id: I4e074ef039b0f7ffbc436a4cdbe4ef90c647018d
Reviewed-on: https://go-review.googlesource.com/c/go/+/353849
Auto-Submit: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
This commit is contained in:
Filippo Valsorda 2022-11-14 18:43:43 +01:00 committed by Gopher Robot
parent 6c18b7b0fd
commit 5661b3ddeb
8 changed files with 442 additions and 446 deletions
Download patch file Download diff file Expand all files Collapse all files

75
testdata/Server-TLSv10-ECDHE-ECDSA-AES vendored
View file

@ -1,11 +1,10 @@
>>> Flow 1 (client to server)
00000000 16 03 01 00 63 01 00 00 5f 03 01 38 de f5 d6 ae |....c..._..8....|
00000010 46 71 e8 02 f2 45 88 b8 64 fb 6e 68 67 d1 7f e8 |Fq...E..d.nhg...|
00000020 49 71 1e a9 ec 8e 54 06 bb 2b 16 00 00 04 c0 0a |Iq....T..+......|
00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1|
00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........|
00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................|
00000060 00 16 00 00 00 17 00 00 |........|
00000000 16 03 01 00 51 01 00 00 4d 03 01 8a c0 af 21 2c |....Q...M.....!,|
00000010 ff 48 d6 fd 10 92 4a 8c 84 c7 9e c3 90 3a f5 bf |.H....J......:..|
00000020 cd 36 1b 2f 96 8b 13 86 f1 ff 5e 00 00 04 c0 0a |.6./......^.....|
00000030 00 ff 01 00 00 20 00 0b 00 04 03 00 01 02 00 0a |..... ..........|
00000040 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 |................|
00000050 00 00 00 17 00 00 |......|
>>> Flow 2 (server to client)
00000000 16 03 01 00 37 02 00 00 33 03 01 00 00 00 00 00 |....7...3.......|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
@ -44,37 +43,37 @@
00000220 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd d7 11 |.....7z..z......|
00000230 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d ae cb |i..|V..1x+..x...|
00000240 be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f 2a 16 |..N6$1{j.9....*.|
00000250 03 01 00 b5 0c 00 00 b1 03 00 1d 20 2f e5 7d a3 |........... /.}.|
00000250 03 01 00 b4 0c 00 00 b0 03 00 1d 20 2f e5 7d a3 |........... /.}.|
00000260 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...|
00000270 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 8b 30 81 |......._X.;t..0.|
00000280 88 02 42 01 ad 26 fd 16 9a 93 5f 87 ce 29 8c d2 |..B..&...._..)..|
00000290 56 a7 d2 59 56 bd d3 1f 90 54 bd af 91 81 25 ff |V..YV....T....%.|
000002a0 66 74 57 16 2f 31 f2 5a 48 97 03 b9 41 4c 8e bb |ftW./1.ZH...AL..|
000002b0 87 31 ed 71 84 37 63 78 9f 0a c7 9d 5e f3 5a 53 |.1.q.7cx....^.ZS|
000002c0 88 89 46 ba a7 02 42 00 92 74 15 1c 0e 1f 2f 95 |..F...B..t..../.|
000002d0 e5 79 d5 e9 90 ce d8 96 0d fd b8 42 55 00 94 08 |.y.........BU...|
000002e0 4e 47 a9 ea bd 67 0b 02 a6 9e 8b d3 09 e5 53 ea |NG...g........S.|
000002f0 03 22 2e 2d 78 2c 69 1d 28 ab 13 3d 0a 46 15 09 |.".-x,i.(..=.F..|
00000300 b6 0b 74 69 2d 5a 96 bf b6 16 03 01 00 04 0e 00 |..ti-Z..........|
00000310 00 00 |..|
00000270 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 8a 30 81 |......._X.;t..0.|
00000280 87 02 42 01 ea 1b 6f 67 3e cd 57 50 12 78 5a db |..B...og>.WP.xZ.|
00000290 06 12 77 04 9d df 0c b0 98 4b a7 e8 23 fb ad 46 |..w......K..#..F|
000002a0 ef 9b 99 d3 02 4b 46 51 c4 49 2a ae 29 b4 a7 e5 |.....KFQ.I*.)...|
000002b0 08 d0 db ce 28 af 21 43 37 d4 29 03 00 e3 5f 50 |....(.!C7.)..._P|
000002c0 35 cd 0a 3f 9d 02 41 35 05 7c a0 ed 81 23 98 38 |5..?..A5.|...#.8|
000002d0 af 2c 12 8f 59 94 77 c7 56 ef 0b db 60 d0 5b 72 |.,..Y.w.V...`.[r|
000002e0 9e fd 2a 6c ea 1d af cb ce 5b df 34 52 2a 4b 38 |..*l.....[.4R*K8|
000002f0 48 81 2c 39 76 61 58 19 80 1b e0 eb fb 53 35 94 |H.,9vaX......S5.|
00000300 55 ba a6 2b a2 b3 50 b4 16 03 01 00 04 0e 00 00 |U..+..P.........|
00000310 00 |.|
>>> Flow 3 (client to server)
00000000 16 03 01 00 25 10 00 00 21 20 82 c0 dd 83 c2 45 |....%...! .....E|
00000010 a2 bc 3a 2a ec ab 60 8e 02 e0 db 7c 59 83 c1 62 |..:*..`....|Y..b|
00000020 c7 cc 61 1e de dc 40 e4 65 6c 14 03 01 00 01 01 |..a...@.el......|
00000030 16 03 01 00 30 3e 26 56 0b a2 10 47 00 55 27 21 |....0>&V...G.U'!|
00000040 63 33 f2 7d 4b ba 77 5f e7 a7 09 7a 1f 51 85 f2 |c3.}K.w_...z.Q..|
00000050 46 a5 af 80 79 1a c7 72 bb 3d f9 dd 1d 83 05 22 |F...y..r.=....."|
00000060 c9 6c dd 91 d9 |.l...|
00000000 16 03 01 00 25 10 00 00 21 20 29 f2 f2 54 f4 ff |....%...! )..T..|
00000010 59 de df ab 55 18 04 cd 8c 27 28 7e 11 11 09 84 |Y...U....'(~....|
00000020 18 e1 0f 09 70 f8 d7 13 a1 38 14 03 01 00 01 01 |....p....8......|
00000030 16 03 01 00 30 d8 40 dc 30 cb d6 25 de 23 01 84 |....0.@.0..%.#..|
00000040 30 75 1c 17 bd f3 fe 7e b4 cd 61 f3 55 c4 30 55 |0u.....~..a.U.0U|
00000050 ee 43 6f f0 6b a7 0a ed 88 d9 d4 72 7c c7 c6 c7 |.Co.k......r|...|
00000060 4d 2f 7b 9f 9b |M/{..|
>>> Flow 4 (server to client)
00000000 14 03 01 00 01 01 16 03 01 00 30 38 fa fd 42 8f |..........08..B.|
00000010 80 5a 7c 33 d4 6c 72 f7 4e 2f 00 ab c2 86 58 9d |.Z|3.lr.N/....X.|
00000020 fc a5 43 fa ea 5b a1 ee a9 df df 9d 90 4c c0 e3 |..C..[.......L..|
00000030 10 09 c4 23 21 f9 e9 69 f5 f8 fa 17 03 01 00 20 |...#!..i....... |
00000040 1e 57 17 e4 96 06 32 d4 00 a3 98 ed bd 1c 61 78 |.W....2.......ax|
00000050 e7 0d 89 ec 84 c3 56 fa 75 73 87 6f 47 35 80 3f |......V.us.oG5.?|
00000060 17 03 01 00 30 4d 51 0a dd 70 6d b0 c2 d1 46 5c |....0MQ..pm...F\|
00000070 b5 03 87 de e6 65 d3 e2 83 e0 33 f8 a2 0a 29 7f |.....e....3...).|
00000080 6c 24 2b 1f 7b 2b 53 19 21 e9 62 6c 31 75 9c be |l$+.{+S.!.bl1u..|
00000090 5b b0 3d 5b 1a 15 03 01 00 20 19 51 64 4b 5a 9b |[.=[..... .QdKZ.|
000000a0 c8 2a 1c e7 9e 29 d9 df ad 1d 08 09 82 a3 b1 1d |.*...)..........|
000000b0 60 99 00 25 30 51 a1 72 b6 27 |`..%0Q.r.'|
00000000 14 03 01 00 01 01 16 03 01 00 30 60 b7 c0 a3 ba |..........0`....|
00000010 ad dd 52 99 15 7a f2 9e 10 21 02 7c 91 6d cf c9 |..R..z...!.|.m..|
00000020 09 ab fe 9c b3 46 46 60 1c 24 66 3f b6 14 b1 51 |.....FF`.$f?...Q|
00000030 ac 05 75 48 03 c1 e0 3a c2 6d 5e 17 03 01 00 20 |..uH...:.m^.... |
00000040 82 87 18 81 c3 24 55 8f 9c a3 49 fc 8a 8a 7a fe |.....$U...I...z.|
00000050 93 05 c9 7e 90 73 a4 b1 0a d7 3b 7d 72 1f fc 6c |...~.s....;}r..l|
00000060 17 03 01 00 30 1f 51 a5 44 2e 7a 40 12 43 28 c6 |....0.Q.D.z@.C(.|
00000070 99 05 6d 92 d9 ed 0d f2 fb a7 48 a3 03 e9 34 b1 |..m.......H...4.|
00000080 52 32 e1 be a9 7e bf b1 0e 1f b4 1c 3e 0a 9d d9 |R2...~......>...|
00000090 90 10 4f 79 dd 15 03 01 00 20 57 98 fd dd 09 f9 |..Oy..... W.....|
000000a0 c5 d9 33 24 1a b2 ed 56 ad 91 c9 25 2f ff ff 09 |..3$...V...%/...|
000000b0 dc b0 2c 38 cc 70 1f cc 6f f4 |..,8.p..o.|