jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
236 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: 719fcacc58
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '719fcacc58'
${ noResults }
ed448goldilocks/src/p25519/arch_x86_64/f_impl.h

170 lines
3.0 KiB
Raw Blame History 

  1. /* Copyright (c) 2014 Cryptography Research, Inc.

  2.  * Released under the MIT License.  See LICENSE.txt for license information.

  3.  */

  4. #ifndef __P25519_H__

  5. #define __P25519_H__ 1

  6. 

  7. #include <stdint.h>

  8. #include <assert.h>

  9. #include <string.h>

  10. 

  11. #include "word.h"

  12. 

  13. #ifndef __DECAF_255_H__ // HACK FIXME

  14. #define DECAF_WORD_BITS 64

  15. typedef struct gf_25519_s {

  16.   uint64_t limb[5];

  17. } gf_25519_s, gf_25519_t[1];

  18. #endif

  19. 

  20. #define LBITS 51

  21. #define FIELD_LITERAL(a,b,c,d,e) {{ a,b,c,d,e }}

  22. 

  23. /*

  24. #define FIELD_LITERAL(a,b,c,d) {{ \

  25.     (a##ull) & LMASK, \

  26.     ((a##ull)>>51 | (b##ull)<<13) & LMASK, \

  27.     ((b##ull)>>38 | (c##ull)<<26) & LMASK, \

  28.     ((c##ull)>>25 | (d##ull)<<39) & LMASK, \

  29.     (d##ull)>>12 \

  30. }}

  31. */

  32. 

  33. #ifdef __cplusplus

  34. extern "C" {

  35. #endif

  36. 

  37. static __inline__ void

  38. gf_25519_add_RAW (

  39.     gf_25519_t out,

  40.     const gf_25519_t a,

  41.     const gf_25519_t b

  42. ) __attribute__((unused));

  43.              

  44. static __inline__ void

  45. gf_25519_sub_RAW (

  46.     gf_25519_t out,

  47.     const gf_25519_t a,

  48.     const gf_25519_t b

  49. ) __attribute__((unused));

  50.              

  51. static __inline__ void

  52. gf_25519_copy (

  53.     gf_25519_t out,

  54.     const gf_25519_t a

  55. ) __attribute__((unused));

  56.              

  57. static __inline__ void

  58. gf_25519_weak_reduce (

  59.     gf_25519_t inout

  60. ) __attribute__((unused));

  61.              

  62. void

  63. gf_25519_strong_reduce (

  64.     gf_25519_t inout

  65. );

  66. 

  67. static __inline__ void

  68. gf_25519_bias (

  69.     gf_25519_t inout,

  70.     int amount

  71. ) __attribute__((unused));

  72.          

  73. void

  74. gf_25519_mul (

  75.     gf_25519_s *__restrict__ out,

  76.     const gf_25519_t a,

  77.     const gf_25519_t b

  78. );

  79. 

  80. void

  81. gf_25519_mulw (

  82.     gf_25519_s *__restrict__ out,

  83.     const gf_25519_t a,

  84.     uint64_t b

  85. );

  86. 

  87. void

  88. gf_25519_sqr (

  89.     gf_25519_s *__restrict__ out,

  90.     const gf_25519_t a

  91. );

  92. 

  93. void

  94. gf_25519_serialize (

  95.     uint8_t serial[32],

  96.     const gf_25519_t x

  97. );

  98. 

  99. mask_t

  100. gf_25519_deserialize (

  101.     gf_25519_t x,

  102.     const uint8_t serial[32]

  103. );

  104. 

  105. /* -------------- Inline functions begin here -------------- */

  106. 

  107. void

  108. gf_25519_add_RAW (

  109.     gf_25519_t out,

  110.     const gf_25519_t a,

  111.     const gf_25519_t b

  112. ) {

  113.     unsigned int i;

  114.     for (i=0; i<5; i++) {

  115.         out->limb[i] = a->limb[i] + b->limb[i];

  116.     }

  117. }

  118. 

  119. void

  120. gf_25519_sub_RAW (

  121.     gf_25519_t out,

  122.     const gf_25519_t a,

  123.     const gf_25519_t b

  124. ) {

  125.     unsigned int i;

  126.     uint64_t co1 = ((1ull<<51)-1)*2, co2 = co1-36;

  127.     for (i=0; i<5; i++) {

  128.         out->limb[i] = a->limb[i] - b->limb[i] + ((i==0) ? co2 : co1);

  129.     }

  130. }

  131. 

  132. void

  133. gf_25519_copy (

  134.     gf_25519_t out,

  135.     const gf_25519_t a

  136. ) {

  137.     memcpy(out,a,sizeof(*a));

  138. }

  139. 

  140. void

  141. gf_25519_bias (

  142.     gf_25519_t a,

  143.     int amt

  144. ) {

  145.     a->limb[0] += ((uint64_t)(amt)<<52) - 38*amt;

  146.     int i;

  147.     for (i=1; i<5; i++) {

  148.         a->limb[i] += ((uint64_t)(amt)<<52)-2*amt;

  149.     }

  150. }

  151. 

  152. void

  153. gf_25519_weak_reduce (

  154.     gf_25519_t a

  155. ) {

  156.     uint64_t mask = (1ull<<51) - 1;

  157.     uint64_t tmp = a->limb[4] >> 51;

  158.     int i;

  159.     for (i=4; i>0; i--) {

  160.         a->limb[i] = (a->limb[i] & mask) + (a->limb[i-1]>>51);

  161.     }

  162.     a->limb[0] = (a->limb[0] & mask) + tmp*19;

  163. }

  164. 

  165. #ifdef __cplusplus

  166. }; /* extern "C" */

  167. #endif

  168. 

  169. #endif /* __P25519_H__ */