Make COMB_BLOCKS, COMB_TEETH, COMB_NEGATION configurable, and test in Travis

sipa · sipa · commit 026cbfbb568a · 2020-07-30T17:56:32.000-07:00
diff --git a/.travis.yml b/.travis.yml
@@ -17,7 +17,7 @@ compiler:
   - gcc
 env:
   global:
-    - FIELD=auto  BIGNUM=auto  SCALAR=auto  ENDOMORPHISM=no  STATICPRECOMPUTATION=yes  ECMULTGENPRECISION=auto  ASM=no  BUILD=check  EXTRAFLAGS=  HOST=  ECDH=no  RECOVERY=no  EXPERIMENTAL=no CTIMETEST=yes BENCH=yes ITERS=2
+    - FIELD=auto  BIGNUM=auto  SCALAR=auto  ENDOMORPHISM=no  STATICPRECOMPUTATION=yes  ECMULTGENBLOCKS=auto  ECMULTGENTEETH=auto  ECMULTGENNEG=1  ASM=no  BUILD=check  EXTRAFLAGS=  HOST=  ECDH=no  RECOVERY=no  EXPERIMENTAL=no CTIMETEST=yes BENCH=yes ITERS=2
   matrix:
     - SCALAR=32bit    RECOVERY=yes
     - SCALAR=32bit    FIELD=32bit       ECDH=yes  EXPERIMENTAL=yes
@@ -34,8 +34,10 @@ env:
     - BUILD=distcheck CTIMETEST= BENCH=
     - CPPFLAGS=-DDETERMINISTIC
     - CFLAGS=-O0 CTIMETEST=
-    - ECMULTGENPRECISION=2
-    - ECMULTGENPRECISION=8
+    - ECMULTGENBLOCKS=256 ECMULTGENTEETH=1 ENDOMORPHISM=yes
+    - ECMULTGENBLOCKS=43 ECMULTGENTEETH=6 ENDOMORPHISM=yes STATICPRECOMPUTATION=no
+    - ECMULTGENBLOCKS=1 ECMULTGENTEETH=1 STATICPRECOMPUTATION=no
+    - ECMULTGENBLOCKS=4 ECMULTGENTEETH=5 ECMULTGENNEG=0
     - VALGRIND=yes ENDOMORPHISM=yes BIGNUM=no ASM=x86_64 EXPERIMENTAL=yes ECDH=yes  RECOVERY=yes EXTRAFLAGS="--disable-openssl-tests" CPPFLAGS=-DVALGRIND BUILD=
     - VALGRIND=yes                  BIGNUM=no ASM=x86_64 EXPERIMENTAL=yes ECDH=yes  RECOVERY=yes EXTRAFLAGS="--disable-openssl-tests" CPPFLAGS=-DVALGRIND BUILD=
 matrix:
diff --git a/configure.ac b/configure.ac
@@ -162,13 +162,26 @@ AC_ARG_WITH([ecmult-window], [AS_HELP_STRING([--with-ecmult-window=SIZE|auto],
 )],
 [req_ecmult_window=$withval], [req_ecmult_window=auto])
 
-AC_ARG_WITH([ecmult-gen-precision], [AS_HELP_STRING([--with-ecmult-gen-precision=2|4|8|auto],
-[Precision bits to tune the precomputed table size for signing.]
-[The size of the table is 32kB for 2 bits, 64kB for 4 bits, 512kB for 8 bits of precision.]
-[A larger table size usually results in possible faster signing.]
+AC_ARG_WITH([ecmult-gen-blocks], [AS_HELP_STRING([--with-ecmult-gen-blocks=BLOCKS|auto],
+[The number of blocks to use in the multi-comb multiplication algorithm, in the range [1..256].]
+[Larger values result in possibly better performance at the cost of a linearly larger precomputed table.]
+[There must exist a multiple of BLOCKS*TEETH that is between 256 and 288, inclusive.]
 ["auto" is a reasonable setting for desktop machines (currently 4). [default=auto]]
 )],
-[req_ecmult_gen_precision=$withval], [req_ecmult_gen_precision=auto])
+[req_ecmult_gen_blocks=$withval], [req_ecmult_gen_blocks=auto])
+
+AC_ARG_WITH([ecmult-gen-teeth], [AS_HELP_STRING([--with-ecmult-gen-teeth=TEETH|auto],
+[The number of teeth to use in the multi-comb multiplication algorithm, in the range [1..8].]
+[Larger values result in possibly better performance at the cost of an exponentially larger precomputed table.]
+[There must exist a multiple of BLOCKS*TEETH that is between 256 and 288, inclusive.]
+["auto" is a reasonable setting for desktop machines (currently 5). [default=auto]]
+)],
+[req_ecmult_gen_teeth=$withval], [req_ecmult_gen_teeth=auto])
+
+AC_ARG_WITH([ecmult-gen-neg], [AS_HELP_STRING([--with-ecmult-gen-neg=0|1],
+[Whether to use negation to halve the size of the multi-comb table. [default=1]]
+)],
+[set_ecmult_gen_neg=$withval], [set_ecmult_gen_neg=1])
 
 AC_CHECK_TYPES([__int128])
 
@@ -431,22 +444,50 @@ case $set_ecmult_window in
   ;;
 esac
 
-#set ecmult gen precision
-if test x"$req_ecmult_gen_precision" = x"auto"; then
-  set_ecmult_gen_precision=4
+#set ecmult gen blocks
+if test x"$req_ecmult_gen_blocks" = x"auto"; then
+  set_ecmult_gen_blocks=4
 else
-  set_ecmult_gen_precision=$req_ecmult_gen_precision
+  set_ecmult_gen_blocks=$req_ecmult_gen_blocks
 fi
+error_gen_blocks=['option to --with-ecmult-gen-blocks not an integer in range [1..256] or "auto"']
+case $set_ecmult_gen_blocks in
+''|*[[!0-9]]*)
+  # no valid integer
+  AC_MSG_ERROR($error_gen_blocks)
+  ;;
+*)
+  if test "$set_ecmult_gen_blocks" -lt 1 -o "$set_ecmult_gen_blocks" -gt 256 ; then
+    # not in range
+    AC_MSG_ERROR($error_gen_blocks)
+  fi
+  AC_DEFINE_UNQUOTED(COMB_BLOCKS, $set_ecmult_gen_blocks, [Set number of blocks in ecmult_gen precomputation])
+  ;;
+esac
 
-case $set_ecmult_gen_precision in
-2|4|8)
-  AC_DEFINE_UNQUOTED(ECMULT_GEN_PREC_BITS, $set_ecmult_gen_precision, [Set ecmult gen precision bits])
+#set ecmult gen teeth
+if test x"$req_ecmult_gen_teeth" = x"auto"; then
+  set_ecmult_gen_teeth=5
+else
+  set_ecmult_gen_teeth=$req_ecmult_gen_teeth
+fi
+error_gen_teeth=['option to --with-ecmult-gen-teeth not an integer in range [1..8] or "auto"']
+case $set_ecmult_gen_teeth in
+''|*[[!0-9]]*)
+  # no valid integer
+  AC_MSG_ERROR($error_gen_teeth)
   ;;
 *)
-  AC_MSG_ERROR(['ecmult gen precision not 2, 4, 8 or "auto"'])
+  if test "$set_ecmult_gen_teeth" -lt 1 -o "$set_ecmult_gen_teeth" -gt 8 ; then
+    # not in range
+    AC_MSG_ERROR($error_gen_teeth)
+  fi
+  AC_DEFINE_UNQUOTED(COMB_TEETH, $set_ecmult_gen_teeth, [Set number of teeth in ecmult_gen precomputation])
   ;;
 esac
 
+AC_DEFINE_UNQUOTED(COMB_NEGATION, $set_ecmult_gen_neg, [Set whether to use negation in ecmult_gen])
+
 if test x"$use_tests" = x"yes"; then
   SECP_OPENSSL_CHECK
   if test x"$has_openssl_ec" = x"yes"; then
@@ -556,7 +597,9 @@ echo "  bignum                  = $set_bignum"
 echo "  field                   = $set_field"
 echo "  scalar                  = $set_scalar"
 echo "  ecmult window size      = $set_ecmult_window"
-echo "  ecmult gen prec. bits   = $set_ecmult_gen_precision"
+echo "  ecmult gen blocks       = $set_ecmult_gen_blocks"
+echo "  ecmult gen teeth        = $set_ecmult_gen_teeth"
+echo "  ecmult gen negation     = $set_ecmult_gen_neg"
 echo
 echo "  valgrind                = $enable_valgrind"
 echo "  CC                      = $CC"
diff --git a/contrib/travis.sh b/contrib/travis.sh
@@ -15,7 +15,7 @@ fi
 ./configure \
     --enable-experimental="$EXPERIMENTAL" --enable-endomorphism="$ENDOMORPHISM" \
     --with-field="$FIELD" --with-bignum="$BIGNUM" --with-asm="$ASM" --with-scalar="$SCALAR" \
-    --enable-ecmult-static-precomputation="$STATICPRECOMPUTATION" --with-ecmult-gen-precision="$ECMULTGENPRECISION" \
+    --enable-ecmult-static-precomputation="$STATICPRECOMPUTATION" --with-ecmult-gen-blocks="$ECMULTGENBLOCKS" --with-ecmult-gen-teeth="$ECMULTGENTEETH" --with-ecmult-gen-gen="$ECMULTGENNEG" \
     --enable-module-ecdh="$ECDH" --enable-module-recovery="$RECOVERY" \
     --host="$HOST" $EXTRAFLAGS
 
diff --git a/src/ecmult_gen.h b/src/ecmult_gen.h
@@ -10,11 +10,20 @@
 #include "scalar.h"
 #include "group.h"
 
+#if defined HAVE_CONFIG_H
+#include "libsecp256k1-config.h"
+#endif
+
 #if defined(EXHAUSTIVE_TEST_ORDER)
 
   /* We need to control these values for exhaustive tests because
    * the tables cannot have infinities in them (secp256k1_ge_storage
    * doesn't support infinities) */
+#undef COMB_BLOCKS
+#undef COMB_TEETH
+#undef COMB_SPACING
+#undef COMB_NEGATION
+
 #  if EXHAUSTIVE_TEST_ORDER > 32
 #    define COMB_BLOCKS 52
 #    define COMB_TEETH 5
@@ -42,10 +51,18 @@
    * comb will use negations so that only negative multiples need be precomputed. The resulting memory
    * usage for precomputation will be COMB_POINTS_TOTAL * sizeof(secp256k1_ge_storage).
    */
-  #define COMB_BLOCKS 4
-  #define COMB_TEETH 5
-  #define COMB_SPACING 13
-  #define COMB_NEGATION 1
+#ifndef COMB_BLOCKS
+#define COMB_BLOCKS 4
+#endif
+#ifndef COMB_TEETH
+#define COMB_TEETH 5
+#endif
+#ifndef COMB_SPACING
+#define COMB_SPACING ((COMB_BLOCKS * COMB_TEETH + 255) / (COMB_BLOCKS * COMB_TEETH))
+#endif
+#ifndef COMB_NEGATION
+#define COMB_NEGATION 1
+#endif
 
 #endif
 
