From 1036749883ccf38ed11afe424d69708cfdca99f3 Mon Sep 17 00:00:00 2001
From: Martin Schwenke <martin@meltin.net>
Date: Wed, 12 May 2021 14:21:58 +1000
Subject: [PATCH] ec: Add run time code selection for p521 field operations

This is only used if ECP_NISTP521_ASM is defined and this currently
only occurs on PPC64.

This simply chooses the C reference implementation, which will be the
default when custom code is available for certain CPUs.

Only the multiplication and squaring operations are handled, since the
upcoming assembly code only contains those.  This scheme can be easily
extended to handle reduction too.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Amitay Isaacs <amitay@ozlabs.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15401)
---
 crypto/ec/build.info     |  2 +-
 crypto/ec/ecp_nistp521.c | 36 ++++++++++++++++++++++++++++++++++--
 2 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/crypto/ec/build.info b/crypto/ec/build.info
index dbe3a525721..bfd16b326f3 100644
--- a/crypto/ec/build.info
+++ b/crypto/ec/build.info
@@ -31,7 +31,7 @@ IF[{- !$disabled{asm} -}]
 
   $ECASM_ppc32=
   $ECASM_ppc64=ecp_nistz256.c ecp_nistz256-ppc64.s x25519-ppc64.s
-  $ECDEF_ppc64=ECP_NISTZ256_ASM X25519_ASM
+  $ECDEF_ppc64=ECP_NISTZ256_ASM ECP_NISTP521_ASM X25519_ASM
 
   $ECASM_c64xplus=
 
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index e507c1e55cb..02bded2b6f7 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -675,8 +675,40 @@ static void felem_reduce(felem out, const largefelem in)
      */
 }
 
-#define felem_square felem_square_ref
-#define felem_mul felem_mul_ref
+#if defined(ECP_NISTP521_ASM)
+void felem_square_wrapper(largefelem out, const felem in);
+void felem_mul_wrapper(largefelem out, const felem in1, const felem in2);
+
+static void (*felem_square_p)(largefelem out, const felem in) =
+    felem_square_wrapper;
+static void (*felem_mul_p)(largefelem out, const felem in1, const felem in2) =
+    felem_mul_wrapper;
+
+void felem_select(void)
+{
+    /* Default */
+    felem_square_p = felem_square_ref;
+    felem_mul_p = felem_mul_ref;
+}
+
+void felem_square_wrapper(largefelem out, const felem in)
+{
+    felem_select();
+    felem_square_p(out, in);
+}
+
+void felem_mul_wrapper(largefelem out, const felem in1, const felem in2)
+{
+    felem_select();
+    felem_mul_p(out, in1, in2);
+}
+
+# define felem_square felem_square_p
+# define felem_mul felem_mul_p
+#else
+# define felem_square felem_square_ref
+# define felem_mul felem_mul_ref
+#endif
 
 static void felem_square_reduce(felem out, const felem in)
 {
-- 
2.47.2