Delete ecc->mul and ecc->mul_g indirection for ecdsa/gostdsa verify.

diff --git a/ecc-ecdsa-verify.c b/ecc-ecdsa-verify.c
index 4c6284af1ad3ba474056f4f1450087adf4467206..9e324ea2cdcce59e514cbadf5522f93f9e9a84cf 100644 (file)
--- a/ecc-ecdsa-verify.c
+++ b/ecc-ecdsa-verify.c
@@ -53,8 +53,8 @@ ecdsa_in_range (const struct ecc_curve *ecc, const mp_limb_t *xp)
 mp_size_t
 ecc_ecdsa_verify_itch (const struct ecc_curve *ecc)
 {
-  /* Largest storage need is for the ecc->mul call. */
-  return 5*ecc->p.size + ecc->mul_itch;
+  /* Largest storage need is for the ecc_mul_a call. */
+  return 5*ecc->p.size + ECC_MUL_A_ITCH (ecc->p.size);
 }
 
 /* FIXME: Use faster primitives, not requiring side-channel silence. */
@@ -107,17 +107,17 @@ ecc_ecdsa_verify (const struct ecc_curve *ecc,
   /* u2 = r / s, P2 = u2 * Y */
   ecc_mod_mul_canonical (&ecc->q, u2, rp, sinv, u2);
 
-   /* Total storage: 5*ecc->p.size + ecc->mul_itch */
-  ecc->mul (ecc, P2, u2, pp, u2 + ecc->p.size);
+   /* Total storage: 5*ecc->p.size + ECC_MUL_A_ITCH */
+  ecc_mul_a (ecc, P2, u2, pp, u2 + ecc->p.size);
 
   /* u = 0 can happen only if h = 0 or h = q, which is extremely
      unlikely. */
   if (!mpn_zero_p (u1, ecc->p.size))
     {
-      /* Total storage: 7*ecc->p.size + ecc->mul_g_itch (ecc->p.size) */
-      ecc->mul_g (ecc, P1, u1, P1 + 3*ecc->p.size);
+      /* Total storage: 7*ecc->p.size + ECC_MUL_G_ITCH */
+      ecc_mul_g (ecc, P1, u1, P1 + 3*ecc->p.size);
 
-      /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH(size) */
+      /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH */
       if (!ecc_nonsec_add_jjj (ecc, P2, P2, P1, P1 + 3*ecc->p.size))
        /* Infinity point, not a valid signature. */
        return 0;

diff --git a/ecc-gostdsa-verify.c b/ecc-gostdsa-verify.c
index a835ba7188f5d38e0ee61b3cc1836e6d43534db5..0570af7e1982eec57d59ce85dfd43ea87ceab40d 100644 (file)
--- a/ecc-gostdsa-verify.c
+++ b/ecc-gostdsa-verify.c
@@ -52,8 +52,8 @@ ecdsa_in_range (const struct ecc_curve *ecc, const mp_limb_t *xp)
 mp_size_t
 ecc_gostdsa_verify_itch (const struct ecc_curve *ecc)
 {
-  /* Largest storage need is for the ecc->mul call. */
-  return 5*ecc->p.size + ecc->mul_itch;
+  /* Largest storage need is for the ecc_mul_a call. */
+  return 5*ecc->p.size + ECC_MUL_A_ITCH (ecc->p.size);
 }
 
 /* FIXME: Use faster primitives, not requiring side-channel silence. */
@@ -108,13 +108,13 @@ ecc_gostdsa_verify (const struct ecc_curve *ecc,
   mpn_sub_n (hp, ecc->q.m, rp, ecc->p.size);
   ecc_mod_mul_canonical (&ecc->q, z2, hp, vp, z2);
 
-   /* Total storage: 5*ecc->p.size + ecc->mul_itch */
-  ecc->mul (ecc, P2, z2, pp, z2 + ecc->p.size);
+   /* Total storage: 5*ecc->p.size + ECC_MUL_A_ITCH */
+  ecc_mul_a (ecc, P2, z2, pp, z2 + ecc->p.size);
 
-  /* Total storage: 7*ecc->p.size + ecc->mul_g_itch (ecc->p.size) */
-  ecc->mul_g (ecc, P1, z1, P1 + 3*ecc->p.size);
+  /* Total storage: 7*ecc->p.size + ECC_MUL_G_ITCH */
+  ecc_mul_g (ecc, P1, z1, P1 + 3*ecc->p.size);
 
-  /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH(size) */
+  /* Total storage: 6*ecc->p.size + ECC_ADD_JJJ_ITCH */
   if (!ecc_nonsec_add_jjj (ecc, P1, P1, P2, P1 + 3*ecc->p.size))
     return 0;