Johan Pascal
5 years ago
4 changed files with 7 additions and 8 deletions
Unified View
Diff Options
-
+1 -2src/per_curve/decaf.tmpl.c
-
+4 -4src/per_curve/elligator.tmpl.c
-
+1 -1src/per_curve/scalar.tmpl.c
-
+1 -1src/per_field/f_generic.tmpl.c
+ 1
- 2
src/per_curve/decaf.tmpl.c
View File
| @@ -1272,8 +1272,7 @@ decaf_error_t decaf_x$(gf_shortname) ( | |||||
| if (t/8==0) sb &= -(uint8_t)COFACTOR; | if (t/8==0) sb &= -(uint8_t)COFACTOR; | ||||
| else if (t == X_PRIVATE_BITS-1) sb = -1; | else if (t == X_PRIVATE_BITS-1) sb = -1; | ||||
| mask_t k_t = (sb>>(t%8)) & 1; | |||||
| k_t = k_t?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET; /* set to all 0s or all 1s */ | |||||
| mask_t k_t = ~((1 - ((sb>>(t%8)) & 1))*DECAF_MASK_ALL_SET); /* expand mask bit 0 to the whole mask without branching */ | |||||
| swap ^= k_t; | swap ^= k_t; | ||||
| gf_cond_swap(x2,x3,swap); | gf_cond_swap(x2,x3,swap); | ||||
+ 4
- 4
src/per_curve/elligator.tmpl.c
View File
| @@ -109,13 +109,13 @@ API_NS(invert_elligator_nonuniform) ( | |||||
| uint32_t hint_ | uint32_t hint_ | ||||
| ) { | ) { | ||||
| mask_t hint = hint_; | mask_t hint = hint_; | ||||
| mask_t sgn_s = ((hint & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET), | |||||
| sgn_altx = ((hint>>1 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET), | |||||
| sgn_r0 = ((hint>>2 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET), | |||||
| mask_t sgn_s = ~((1 - (hint & 1))*DECAF_MASK_ALL_SET), /* expand hint bit 0 to the whole mask without branching */ | |||||
| sgn_altx = ~((1 - (hint>>1 & 1))*DECAF_MASK_ALL_SET), | |||||
| sgn_r0 = ~((1 - (hint>>2 & 1))*DECAF_MASK_ALL_SET), | |||||
| /* FUTURE MAGIC: eventually if there's a curve which needs sgn_ed_T but not sgn_r0, | /* FUTURE MAGIC: eventually if there's a curve which needs sgn_ed_T but not sgn_r0, | ||||
| * change this mask extraction. | * change this mask extraction. | ||||
| */ | */ | ||||
| sgn_ed_T = ((hint>>3 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET); | |||||
| sgn_ed_T = ~((1 - (hint>>3 & 1))*DECAF_MASK_ALL_SET); | |||||
| gf a,b,c; | gf a,b,c; | ||||
| API_NS(deisogenize)(a,b,c,p,sgn_s,sgn_altx,sgn_ed_T); | API_NS(deisogenize)(a,b,c,p,sgn_s,sgn_altx,sgn_ed_T); | ||||
+ 1
- 1
src/per_curve/scalar.tmpl.c
View File
| @@ -314,7 +314,7 @@ void API_NS(scalar_halve) ( | |||||
| scalar_t out, | scalar_t out, | ||||
| const scalar_t a | const scalar_t a | ||||
| ) { | ) { | ||||
| decaf_word_t mask = (a->limb[0] & 1)?DECAF_WORD_ALL_SET:DECAF_WORD_ALL_UNSET; | |||||
| decaf_word_t mask = ~((1-(a->limb[0] & 1))*DECAF_WORD_ALL_SET); /* expand a->limb[0] bit 0 to the whole mask without branching */ | |||||
| decaf_dword_t chain = 0; | decaf_dword_t chain = 0; | ||||
| unsigned int i; | unsigned int i; | ||||
| for (i=0; i<SCALAR_LIMBS; i++) { | for (i=0; i<SCALAR_LIMBS; i++) { | ||||
+ 1
- 1
src/per_field/f_generic.tmpl.c
View File
| @@ -37,7 +37,7 @@ mask_t gf_lobit(const gf x) { | |||||
| gf y; | gf y; | ||||
| gf_copy(y,x); | gf_copy(y,x); | ||||
| gf_strong_reduce(y); | gf_strong_reduce(y); | ||||
| return (y->limb[0]&1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET; | |||||
| return ~((1-(y->limb[0]&1))*DECAF_MASK_ALL_SET); /* expand y->limb[0] bit 0 to the whole mask without branching */ | |||||
| } | } | ||||
| /** Deserialize from wire format; return -1 on success and 0 on failure. */ | /** Deserialize from wire format; return -1 on success and 0 on failure. */ | ||||