diff options
| author | Filippo Valsorda <filippo@golang.org> | 2024-11-21 13:51:21 +0100 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2024-11-22 01:50:41 +0000 |
| commit | 8cecfad2a99987a35edfbcd875bef5e894abbce7 (patch) | |
| tree | 44ed5305f5ee6752e44461513a4b1367bac9a916 /src/crypto/internal | |
| parent | 3b42687c56af9a7e52a8194e75c0dc14962b37b8 (diff) | |
| download | go-8cecfad2a99987a35edfbcd875bef5e894abbce7.tar.xz | |
crypto/rsa: port Validate to bigmod
This is quite a bit slower (almost entirely in the e * d reductions,
which could be optimized), but the slowdown is only 12% of a signature
operation.
Also, call Validate at the end of GenerateKey as a backstop. Key
generation is so incredibly slow that the extra time is negligible.
goos: darwin
goarch: arm64
pkg: crypto/rsa
cpu: Apple M2
│ ec9643bbed │ ec9643bbed-dirty │
│ sec/op │ sec/op vs base │
SignPSS/2048-8 869.8µ ± 1% 870.2µ ± 0% ~ (p=0.937 n=6)
GenerateKey/2048-8 104.2m ± 17% 106.9m ± 10% ~ (p=0.589 n=6)
ParsePKCS8PrivateKey/2048-8 28.54µ ± 2% 136.78µ ± 8% +379.23% (p=0.002 n=6)
Fixes #57751
Co-authored-by: Derek Parker <parkerderek86@gmail.com>
Change-Id: Ifb476859207925a018b433c16dd62fb767afd2d5
Reviewed-on: https://go-review.googlesource.com/c/go/+/630517
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Diffstat (limited to 'src/crypto/internal')
| -rw-r--r-- | src/crypto/internal/fips140/bigmod/nat.go | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/crypto/internal/fips140/bigmod/nat.go b/src/crypto/internal/fips140/bigmod/nat.go index 0a95928536..13a4ba6e96 100644 --- a/src/crypto/internal/fips140/bigmod/nat.go +++ b/src/crypto/internal/fips140/bigmod/nat.go @@ -202,6 +202,19 @@ func (x *Nat) setBytes(b []byte) error { return nil } +// SetUint assigns x = y, and returns an error if y >= m. +// +// The output will be resized to the size of m and overwritten. +func (x *Nat) SetUint(y uint, m *Modulus) (*Nat, error) { + x.resetFor(m) + // Modulus is never zero, so always at least one limb. + x.limbs[0] = y + if x.cmpGeq(m.nat) == yes { + return nil, errors.New("input overflows the modulus") + } + return x, nil +} + // Equal returns 1 if x == y, and 0 otherwise. // // Both operands must have the same announced length. |