jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
253 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: 36b54ca3db
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '36b54ca3db'
${ noResults }
ed448goldilocks/src/p25519/arch_x86_64/f_impl.h

164 lines
2.9 KiB
Raw Blame History 

  1. /* Copyright (c) 2014 Cryptography Research, Inc.

  2.  * Released under the MIT License.  See LICENSE.txt for license information.

  3.  */

  4. #ifndef __P25519_H__

  5. #define __P25519_H__ 1

  6. 

  7. #include <stdint.h>

  8. #include <assert.h>

  9. #include <string.h>

  10. 

  11. #include "decaf/decaf_255.h"

  12. #include "word.h"

  13. 

  14. #define LBITS 51

  15. #define FIELD_LITERAL(a,b,c,d,e) {{ a,b,c,d,e }}

  16. 

  17. /*

  18. #define FIELD_LITERAL(a,b,c,d) {{ \

  19.     (a##ull) & LMASK, \

  20.     ((a##ull)>>51 | (b##ull)<<13) & LMASK, \

  21.     ((b##ull)>>38 | (c##ull)<<26) & LMASK, \

  22.     ((c##ull)>>25 | (d##ull)<<39) & LMASK, \

  23.     (d##ull)>>12 \

  24. }}

  25. */

  26. 

  27. #ifdef __cplusplus

  28. extern "C" {

  29. #endif

  30. 

  31. static __inline__ void

  32. gf_25519_add_RAW (

  33.     gf_25519_t out,

  34.     const gf_25519_t a,

  35.     const gf_25519_t b

  36. ) __attribute__((unused));

  37.              

  38. static __inline__ void

  39. gf_25519_sub_RAW (

  40.     gf_25519_t out,

  41.     const gf_25519_t a,

  42.     const gf_25519_t b

  43. ) __attribute__((unused));

  44.              

  45. static __inline__ void

  46. gf_25519_copy (

  47.     gf_25519_t out,

  48.     const gf_25519_t a

  49. ) __attribute__((unused));

  50.              

  51. static __inline__ void

  52. gf_25519_weak_reduce (

  53.     gf_25519_t inout

  54. ) __attribute__((unused));

  55.              

  56. void

  57. gf_25519_strong_reduce (

  58.     gf_25519_t inout

  59. );

  60. 

  61. static __inline__ void

  62. gf_25519_bias (

  63.     gf_25519_t inout,

  64.     int amount

  65. ) __attribute__((unused));

  66.          

  67. void

  68. gf_25519_mul (

  69.     gf_25519_s *__restrict__ out,

  70.     const gf_25519_t a,

  71.     const gf_25519_t b

  72. );

  73. 

  74. void

  75. gf_25519_mulw (

  76.     gf_25519_s *__restrict__ out,

  77.     const gf_25519_t a,

  78.     uint64_t b

  79. );

  80. 

  81. void

  82. gf_25519_sqr (

  83.     gf_25519_s *__restrict__ out,

  84.     const gf_25519_t a

  85. );

  86. 

  87. void

  88. gf_25519_serialize (

  89.     uint8_t serial[32],

  90.     const gf_25519_t x

  91. );

  92. 

  93. mask_t

  94. gf_25519_deserialize (

  95.     gf_25519_t x,

  96.     const uint8_t serial[32]

  97. );

  98. 

  99. /* -------------- Inline functions begin here -------------- */

  100. 

  101. void

  102. gf_25519_add_RAW (

  103.     gf_25519_t out,

  104.     const gf_25519_t a,

  105.     const gf_25519_t b

  106. ) {

  107.     unsigned int i;

  108.     for (i=0; i<5; i++) {

  109.         out->limb[i] = a->limb[i] + b->limb[i];

  110.     }

  111. }

  112. 

  113. void

  114. gf_25519_sub_RAW (

  115.     gf_25519_t out,

  116.     const gf_25519_t a,

  117.     const gf_25519_t b

  118. ) {

  119.     unsigned int i;

  120.     uint64_t co1 = ((1ull<<51)-1)*2, co2 = co1-36;

  121.     for (i=0; i<5; i++) {

  122.         out->limb[i] = a->limb[i] - b->limb[i] + ((i==0) ? co2 : co1);

  123.     }

  124. }

  125. 

  126. void

  127. gf_25519_copy (

  128.     gf_25519_t out,

  129.     const gf_25519_t a

  130. ) {

  131.     memcpy(out,a,sizeof(*a));

  132. }

  133. 

  134. void

  135. gf_25519_bias (

  136.     gf_25519_t a,

  137.     int amt

  138. ) {

  139.     a->limb[0] += ((uint64_t)(amt)<<52) - 38*amt;

  140.     int i;

  141.     for (i=1; i<5; i++) {

  142.         a->limb[i] += ((uint64_t)(amt)<<52)-2*amt;

  143.     }

  144. }

  145. 

  146. void

  147. gf_25519_weak_reduce (

  148.     gf_25519_t a

  149. ) {

  150.     uint64_t mask = (1ull<<51) - 1;

  151.     uint64_t tmp = a->limb[4] >> 51;

  152.     int i;

  153.     for (i=4; i>0; i--) {

  154.         a->limb[i] = (a->limb[i] & mask) + (a->limb[i-1]>>51);

  155.     }

  156.     a->limb[0] = (a->limb[0] & mask) + tmp*19;

  157. }

  158. 

  159. #ifdef __cplusplus

  160. }; /* extern "C" */

  161. #endif

  162. 

  163. #endif /* __P25519_H__ */