Michael Hamburg
10 years ago
3 changed files with 36 additions and 17 deletions
Unified View
Diff Options
-
+12 -0src/ec_point.c
-
+24 -0src/include/ec_point.h
-
+0 -17src/scalarmul.c
+ 12
- 0
src/ec_point.c
View File
| @@ -827,6 +827,18 @@ elligator_2s_inject ( | |||||
| IF32( field_weak_reduce( &L7 ) ); | IF32( field_weak_reduce( &L7 ) ); | ||||
| field_mulw_scc ( &L6, &a->y, -2-2*EDWARDS_D ); | field_mulw_scc ( &L6, &a->y, -2-2*EDWARDS_D ); | ||||
| field_mul ( &L5, &L7, &L6 ); | field_mul ( &L5, &L7, &L6 ); | ||||
| /* FIXME Stability problem (API stability, not crash) / possible bug. | |||||
| * change to: p448_mul ( &L5, &L7, &L4 ); ? | |||||
| * This isn't a deep change: it's for sign adjustment. | |||||
| * Need to check which one leads to the correct sign, probably by writig | |||||
| * the invert routine. | |||||
| * | |||||
| * Also, the tool doesn't produce the optimal route to this. | |||||
| * Let incoming L6 = a, L7 = e, L4 = b. | |||||
| * | |||||
| * Could compute be, (be)^2, (be)^3, a b^3 e^3, a b^3 e^4. = 4M+S | |||||
| * instead of 6M. | |||||
| */ | |||||
| field_mul ( &L8, &L5, &L4 ); | field_mul ( &L8, &L5, &L4 ); | ||||
| field_mul ( &L4, &L5, &L6 ); | field_mul ( &L4, &L5, &L6 ); | ||||
| field_mul ( &L5, &L7, &L8 ); | field_mul ( &L5, &L7, &L8 ); | ||||
+ 24
- 0
src/include/ec_point.h
View File
| @@ -481,6 +481,30 @@ validate_extensible ( | |||||
| const struct extensible_t* ext | const struct extensible_t* ext | ||||
| ); | ); | ||||
| /** | |||||
| * If doNegate, then negate a twisted niels point. | |||||
| */ | |||||
| static __inline__ void | |||||
| __attribute__((unused)) | |||||
| cond_negate_tw_niels ( | |||||
| struct tw_niels_t *n, | |||||
| mask_t doNegate | |||||
| ) { | |||||
| field_cond_swap(&n->a, &n->b, doNegate); | |||||
| field_cond_neg(&n->c, doNegate); | |||||
| } | |||||
| /** | |||||
| * If doNegate, then negate a twisted projective niels point. | |||||
| */ | |||||
| static __inline__ void | |||||
| __attribute__((unused)) | |||||
| cond_negate_tw_pniels ( | |||||
| struct tw_pniels_t *n, | |||||
| mask_t doNegate | |||||
| ) { | |||||
| cond_negate_tw_niels(&n->n, doNegate); | |||||
| } | |||||
| void | void | ||||
| copy_affine ( | copy_affine ( | ||||
+ 0
- 17
src/scalarmul.c
View File
| @@ -47,23 +47,6 @@ montgomery_ladder ( | |||||
| return serialize_montgomery(out, &mont, in); | return serialize_montgomery(out, &mont, in); | ||||
| } | } | ||||
| static __inline__ void | |||||
| cond_negate_tw_niels ( | |||||
| struct tw_niels_t *n, | |||||
| mask_t doNegate | |||||
| ) { | |||||
| field_cond_swap(&n->a, &n->b, doNegate); | |||||
| field_cond_neg(&n->c, doNegate); | |||||
| } | |||||
| static __inline__ void | |||||
| cond_negate_tw_pniels ( | |||||
| struct tw_pniels_t *n, | |||||
| mask_t doNegate | |||||
| ) { | |||||
| cond_negate_tw_niels(&n->n, doNegate); | |||||
| } | |||||
| static __inline__ void | static __inline__ void | ||||
| constant_time_lookup_tw_pniels ( | constant_time_lookup_tw_pniels ( | ||||
| struct tw_pniels_t *out, | struct tw_pniels_t *out, | ||||