jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
343 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: 8b906e1d44
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8b906e1d44'
${ noResults }
ed448goldilocks/src/decaf_gen_tables.c

190 lines
6.1 KiB
Raw Blame History 

  1. /* Copyright (c) 2015 Cryptography Research, Inc.

  2.  * Released under the MIT License.  See LICENSE.txt for license information.

  3.  */

  4. 

  5. /**

  6.  * @file decaf_precompute.c

  7.  * @author Mike Hamburg

  8.  * @brief Decaf global constant table precomputation.

  9.  */

  10. 

  11. #define _XOPEN_SOURCE 600 /* for posix_memalign */

  12. #include <stdio.h>

  13. #include <stdlib.h>

  14. 

  15. #include "field.h"

  16. #include "f_field.h"

  17. #include "decaf.h"

  18. #include "decaf_config.h"

  19. 

  20. #define GEN_TABLES

  21. #include "curve_data.inc.c"

  22. 

  23.  /* To satisfy linker. */

  24. const gf API_NS(precomputed_base_as_fe)[1];

  25. const API_NS(scalar_t) API_NS(precomputed_scalarmul_adjustment);

  26. const API_NS(scalar_t) API_NS(point_scalarmul_adjustment);

  27. const API_NS(scalar_t) API_NS(sc_r2) = {{{0}}};

  28. const decaf_word_t API_NS(MONTGOMERY_FACTOR) = 0;

  29. 

  30. const API_NS(point_t) API_NS(point_base);

  31. const uint8_t API_NS(x_base_point)[X_PUBLIC_BYTES] = {0};

  32. 

  33. struct niels_s;

  34. const gf_s *API_NS(precomputed_wnaf_as_fe);

  35. extern const size_t API_NS2(sizeof,precomputed_wnafs);

  36. 

  37. void API_NS(precompute_wnafs) (

  38.     struct niels_s *out,

  39.     const API_NS(point_t) base

  40. );

  41. 

  42. static void scalar_print(const char *name, const API_NS(scalar_t) sc) { /* UNIFY */

  43.     printf("const API_NS(scalar_t) %s = {{{\n", name);

  44.     const int SCALAR_BYTES = (SCALAR_BITS + 7) / 8;

  45.     unsigned char ser[SCALAR_BYTES];

  46.     API_NS(scalar_encode)(ser,sc);

  47.     int b=0, i, comma=0;

  48.     unsigned long long limb = 0;

  49.     for (i=0; i<SCALAR_BYTES; i++) {

  50.         limb |= ((uint64_t)ser[i])<<b;

  51.         b += 8;

  52.         if (b == 64 || i==SCALAR_BYTES-1) {

  53.             b = 0;

  54.             if (comma) printf(",");

  55.             comma = 1;

  56.             printf("SC_LIMB(0x%016llx)", limb);

  57.             limb = ((uint64_t)ser[i])>>(8-b);

  58.         }

  59.     }

  60.     printf("}}};\n\n");

  61. }

  62. 

  63. static void field_print(const gf f) { /* UNIFY */

  64.     unsigned char ser[SER_BYTES];

  65.     gf_serialize(ser,f);

  66.     int b=0, i, comma=0;

  67.     unsigned long long limb = 0;

  68.     printf("{FIELD_LITERAL(");

  69.     for (i=0; i<SER_BYTES; i++) {

  70.         limb |= ((uint64_t)ser[i])<<b;

  71.         b += 8;

  72.         if (b >= GF_LIT_LIMB_BITS || i == SER_BYTES-1) {

  73.             limb &= (1ull<<GF_LIT_LIMB_BITS) -1;

  74.             b -= GF_LIT_LIMB_BITS;

  75.             if (comma) printf(",");

  76.             comma = 1;

  77.             printf("0x%016llx", limb);

  78.             limb = ((uint64_t)ser[i])>>(8-b);

  79.         }

  80.     }

  81.     printf(")}");

  82.     assert(b<8);

  83. }

  84. 

  85. int main(int argc, char **argv) {

  86.     (void)argc; (void)argv;

  87.     

  88.     API_NS(point_t) real_point_base;

  89.     int ret = API_NS(point_decode)(real_point_base,base_point_ser_for_pregen,0);

  90.     if (ret != DECAF_SUCCESS) return 1;

  91.     

  92.     API_NS(precomputed_s) *pre;

  93.     ret = posix_memalign((void**)&pre, API_NS2(alignof,precomputed_s), API_NS2(sizeof,precomputed_s));

  94.     if (ret || !pre) return 1;

  95.     API_NS(precompute)(pre, real_point_base);

  96.     

  97.     struct niels_s *preWnaf;

  98.     ret = posix_memalign((void**)&preWnaf, API_NS2(alignof,precomputed_s), API_NS2(sizeof,precomputed_wnafs));

  99.     if (ret || !preWnaf) return 1;

  100.     API_NS(precompute_wnafs)(preWnaf, real_point_base);

  101. 

  102.     const gf_s *output;

  103.     unsigned i;

  104.     

  105.     printf("/** @warning: this file was automatically generated. */\n");

  106.     printf("#include \"field.h\"\n\n");

  107.     printf("#include <decaf.h>\n\n");

  108.     printf("#define API_NS(_id) %s_##_id\n", API_NAME);

  109.     printf("#define API_NS2(_pref,_id) _pref##_%s_##_id\n", API_NAME);

  110.     

  111.     output = (const gf_s *)real_point_base;

  112.     printf("const API_NS(point_t) API_NS(point_base) = {{\n");

  113.     for (i=0; i < sizeof(API_NS(point_t)); i+=sizeof(gf)) {

  114.         if (i) printf(",\n  ");

  115.         field_print(output++);

  116.     }

  117.     printf("\n}};\n");

  118.     

  119.     output = (const gf_s *)pre;

  120.     printf("const gf API_NS(precomputed_base_as_fe)[%d]\n", 

  121.         (int)(API_NS2(sizeof,precomputed_s) / sizeof(gf)));

  122.     printf("__attribute__((aligned(%d),visibility(\"hidden\"))) = {\n  ", (int)API_NS2(alignof,precomputed_s));

  123.     

  124.     for (i=0; i < API_NS2(sizeof,precomputed_s); i+=sizeof(gf)) {

  125.         if (i) printf(",\n  ");

  126.         field_print(output++);

  127.     }

  128.     printf("\n};\n");

  129.     

  130.     output = (const gf_s *)preWnaf;

  131.     printf("const gf API_NS(precomputed_wnaf_as_fe)[%d]\n", 

  132.         (int)(API_NS2(sizeof,precomputed_wnafs) / sizeof(gf)));

  133.     printf("__attribute__((aligned(%d),visibility(\"hidden\"))) = {\n  ", (int)API_NS2(alignof,precomputed_s));

  134.     for (i=0; i < API_NS2(sizeof,precomputed_wnafs); i+=sizeof(gf)) {

  135.         if (i) printf(",\n  ");

  136.         field_print(output++);

  137.     }

  138.     printf("\n};\n");

  139.     

  140.     API_NS(scalar_t) smadj;

  141.     API_NS(scalar_copy)(smadj,API_NS(scalar_one));

  142. 

  143.     for (i=0; i<DECAF_COMBS_N*DECAF_COMBS_T*DECAF_COMBS_S; i++) {

  144.         API_NS(scalar_add)(smadj,smadj,smadj);

  145.     }

  146.     API_NS(scalar_sub)(smadj, smadj, API_NS(scalar_one));

  147.     scalar_print("API_NS(precomputed_scalarmul_adjustment)", smadj);

  148.     

  149.     API_NS(scalar_copy)(smadj,API_NS(scalar_one));

  150.     for (i=0; i<SCALAR_BITS-1 + DECAF_WINDOW_BITS

  151.             - ((SCALAR_BITS-1) % DECAF_WINDOW_BITS); i++) {

  152.         API_NS(scalar_add)(smadj,smadj,smadj);

  153.     }

  154.     API_NS(scalar_sub)(smadj, smadj, API_NS(scalar_one));

  155.     scalar_print("API_NS(point_scalarmul_adjustment)", smadj);

  156.     

  157.     API_NS(scalar_copy)(smadj,API_NS(scalar_one));

  158.     for (i=0; i<sizeof(API_NS(scalar_t))*8*2; i++) {

  159.         API_NS(scalar_add)(smadj,smadj,smadj);

  160.     }

  161.     scalar_print("API_NS(sc_r2)", smadj);

  162.     

  163.     

  164.     API_NS(scalar_sub)(smadj,API_NS(scalar_zero),API_NS(scalar_one)); /* get p-1 */

  165.     

  166.     unsigned long long w = 1, plo = smadj->limb[0]+1;

  167. #if DECAF_WORD_BITS == 32

  168.     plo |= ((unsigned long long)smadj->limb[1]) << 32;

  169. #endif

  170.     for (i=0; i<6; i++) {

  171.         w *= w*plo + 2;

  172.     }

  173.     printf("const decaf_word_t API_NS(MONTGOMERY_FACTOR) = (decaf_word_t)0x%016llxull;\n\n", w);

  174. 

  175.     /* Generate the Montgomery ladder version of the base point */

  176.     gf base1,base2;

  177.     ret = gf_deserialize(base1,base_point_ser_for_pregen);

  178.     if (ret != DECAF_SUCCESS) return 1;

  179.     gf_sqr(base2,base1);

  180.     uint8_t x_ser[X_PUBLIC_BYTES] = {0};

  181.     gf_serialize(x_ser, base2);

  182.     printf("const uint8_t API_NS(x_base_point)[%d] = {", X_PUBLIC_BYTES);

  183.     for (i=0; i<X_PUBLIC_BYTES; i++) {

  184.         printf("%s%s%d",i?",":"",(i%32==0)?"\n  ":"",x_ser[i]);

  185.     }

  186.     printf("\n};\n");

  187.     

  188.     return 0;

  189. }