Remove unnecessary window size cases.
The optimization for wsize = 1 only kicks in for 19-bit primes. The
cases for b >= 800 and cannot happen due to EC_MAX_SCALAR_BYTES.
Change-Id: If5ca908563f027172cdf31c9a22342152fecd12f
Reviewed-on: https://boringssl-review.googlesource.com/25145
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/fipsmodule/ec/wnaf.c b/crypto/fipsmodule/ec/wnaf.c
index d0a79f7..a1cff94 100644
--- a/crypto/fipsmodule/ec/wnaf.c
+++ b/crypto/fipsmodule/ec/wnaf.c
@@ -208,14 +208,6 @@
// sometimes smaller windows will give better performance
// (thus the boundaries should be increased)
static size_t window_bits_for_scalar_size(size_t b) {
- if (b >= 2000) {
- return 6;
- }
-
- if (b >= 800) {
- return 5;
- }
-
if (b >= 300) {
return 4;
}
@@ -369,15 +361,13 @@
goto err;
}
- if (wsize > 1) {
- if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) {
+ if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) {
+ goto err;
+ }
+ for (j = 1; j < ((size_t)1 << (wsize - 1)); j++) {
+ if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) {
goto err;
}
- for (j = 1; j < ((size_t)1 << (wsize - 1)); j++) {
- if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) {
- goto err;
- }
- }
}
}