Cypherpunks repositories - gostls13.git/commit

author	bill_ofarrell <billo@ca.ibm.com>
	Wed, 31 Oct 2018 02:45:51 +0000 (22:45 -0400)
committer	Michael Munday <mike.munday@ibm.com>
	Wed, 5 Dec 2018 10:58:44 +0000 (10:58 +0000)
commit	897e0807c30a7b1860c15d4c05d68907fbba9262
tree	a5165dd7071f1db0f28ebb4585fe39f968f41efe	tree
parent	9be01c2eab928f9899c67eb7bcdb164728f85a2c	commit \| diff

crypto/elliptic: utilize faster z14 multiply/square instructions (when available)

In the s390x assembly implementation of NIST P-256 curve, utilize faster multiply/square
instructions introduced in the z14. These new instructions are designed for crypto
and are constant time. The algorithm is unchanged except for faster
multiplication when run on a z14 or later. On z13, the original mutiplication
(also constant time) is used.

P-256 performance is critical in many applications, such as Blockchain.

name            old time      new time     delta
BaseMultP256    24396 ns/op   21564 ns/op  1.13x
ScalarMultP256  87546 ns/op   72813 ns/op. 1.20x

Change-Id: I7e6d8b420fac56d5f9cc13c9423e2080df854bac
Reviewed-on: https://go-review.googlesource.com/c/146022
Reviewed-by: Michael Munday <mike.munday@ibm.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Michael Munday <mike.munday@ibm.com>

src/crypto/elliptic/p256_asm_s390x.s		diff \| blob \| history
src/crypto/elliptic/p256_s390x.go		diff \| blob \| history
src/internal/cpu/cpu.go		diff \| blob \| history
src/internal/cpu/cpu_s390x.go		diff \| blob \| history