Skip to content

Curve25519 improvements #9580

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
SparkiDev wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Curve25519 improvements #9580

SparkiDev wants to merge 1 commit into from
+3,145 −1,790

Conversation

@SparkiDev
Copy link
Contributor

@SparkiDev SparkiDev commented Dec 24, 2025

Description

Add non-constant time implemenations of mod_inv for x64 and Aarch64 assembly.

Generate base point table, with better formatting, for double smul with a script.
Increase Bi table size to 32 entries for 64-bit asm. Minor improvements to double smul.

WOLFSSL_CURVE25519_NOT_USE_ED25519 to not use ed25519 base smul in curve25519 base smul.

Testing

Tested multiple Curve25519 and Ed25519 configurations.

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@SparkiDev SparkiDev self-assigned this Dec 24, 2025
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Dec 24, 2025

🛟 Devin Lifeguard found 2 likely issues in this PR

  • no-void-functions snippet: Change ge_tobytes_nct (and other new/modified void functions such as slide and fe_invert_nct) to return an error/status code (e.g., int) and have all code paths return that value so errors can propagate.
  • prefer-constant-time snippet: Replace the newly added fe_invert_nct / ge_tobytes_nct with the constant-time versions already present (fe_invert / ge_tobytes), or gate the nct code behind a compile-time option that is disabled for production builds requiring side-channel resistance.

@SparkiDev
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

@SparkiDev
Curve25519 improvements
9ef16e8 
Add non-constant time implemenations of mod_inv for x64 and Aarch64
assembly.

Generate base point table, with better formatting, for double smul with
a script.
Increase Bi table size to 32 entries for 64-bit asm.
Minor improvements to double smul.

WOLFSSL_CURVE25519_NOT_USE_ED25519 to not use ed25519 base smul in
curve25519 base smul.
@SparkiDev SparkiDev force-pushed the curve25519_smul_improv branch from bb2a5a6 to 9ef16e8 Compare December 24, 2025 05:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@SparkiDev SparkiDev

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SparkiDev