From: Niels Möller <nisse@lysator.liu.se>
Date: Sat, 10 Mar 2018 15:44:43 +0000 (+0100)
Subject: Make eccdata warn about poor parameters.
X-Git-Tag: nettle_3.5rc1~78^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=162d599a1bfc70baa5c05beb4ef001bb95a25d2f;p=thirdparty%2Fnettle.git

Make eccdata warn about poor parameters.
---

diff --git a/ChangeLog b/ChangeLog
index e682a2a5..180633e1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2018-03-10  Niels Möller  <nisse@lysator.liu.se>
 
+	* eccdata.c (ecc_table_size): New helper function.
+	(ecc_pippenger_precompute): Display warning for poor parameters.
+
 	* eccparams.c (main): New program, to list parameter alternatives
 	for Pippenger's algorithm.
 
diff --git a/eccdata.c b/eccdata.c
index 97a61941..a4723f1e 100644
--- a/eccdata.c
+++ b/eccdata.c
@@ -611,18 +611,30 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
   ecc->bit_size = bit_size;
 }
 
+static unsigned
+ecc_table_size(unsigned bits, unsigned k, unsigned c)
+{
+  unsigned p = (bits + k-1) / k;
+  unsigned M = (p + c-1)/c;
+  return M;
+}
+
 static void
 ecc_pippenger_precompute (struct ecc_curve *ecc, unsigned k, unsigned c)
 {
-  unsigned p = (ecc->bit_size + k-1) / k;
-  unsigned M = (p + c-1)/c;
+  unsigned M = ecc_table_size (ecc->bit_size, k, c);
   unsigned i, j;
 
+  if (M == ecc_table_size (ecc->bit_size, k-1, c))
+    fprintf(stderr,
+	    "warn: Parameters k = %u, c = %d are suboptimal, could use smaller k\n",
+	    k, c);
+
   ecc->pippenger_k = k;
   ecc->pippenger_c = c;
   ecc->table_size = M << c;
   ecc->table = ecc_alloc (ecc->table_size);
-  
+
   /* Compute the first 2^c entries */
   ecc_set_zero (&ecc->table[0]);
   ecc_set (&ecc->table[1], &ecc->g);