jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
238 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: cdab495338
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'cdab495338'
${ noResults }
ed448goldilocks/src/p448/arch_neon_experimental/f_impl.h

173 lines
3.3 KiB
Raw Blame History 

  1. /* Copyright (c) 2014 Cryptography Research, Inc.

  2.  * Released under the MIT License.  See LICENSE.txt for license information.

  3.  */

  4. #ifndef __P448_H__

  5. #define __P448_H__ 1

  6. 

  7. #include "word.h"

  8. 

  9. #include <stdint.h>

  10. #include <assert.h>

  11. 

  12. typedef struct gf_448_s {

  13.   uint32_t limb[16];

  14. } __attribute__((aligned(32))) gf_448_s, gf_448_t[1];

  15. 

  16. #define LIMBPERM(x) (((x)<<1 | (x)>>3) & 15)

  17. #define USE_NEON_PERM 1

  18. #define LBITS 28

  19. #define LIMBHI(x) ((x##ull)>>LBITS)

  20. #define LIMBLO(x) ((x##ull)&((1ull<<LBITS)-1))

  21. #  define FIELD_LITERAL(a,b,c,d,e,f,g,h) \

  22.     {{LIMBLO(a),LIMBLO(e), LIMBHI(a),LIMBHI(e), \

  23.       LIMBLO(b),LIMBLO(f), LIMBHI(b),LIMBHI(f), \

  24.       LIMBLO(c),LIMBLO(g), LIMBHI(c),LIMBHI(g), \

  25.       LIMBLO(d),LIMBLO(h), LIMBHI(d),LIMBHI(h)}}

  26. 

  27. #ifdef __cplusplus

  28. extern "C" {

  29. #endif

  30. 

  31. static __inline__ void

  32. p448_add_RAW (

  33.     gf_448_t out,

  34.     const gf_448_t a,

  35.     const gf_448_t b

  36. ) __attribute__((unused,always_inline));

  37.              

  38. static __inline__ void

  39. p448_sub_RAW (

  40.     gf_448_t out,

  41.     const gf_448_t a,

  42.     const gf_448_t b

  43. ) __attribute__((unused,always_inline));

  44.              

  45. static __inline__ void

  46. p448_copy (

  47.     gf_448_t out,

  48.     const gf_448_t a

  49. ) __attribute__((unused,always_inline));

  50.              

  51. static __inline__ void

  52. p448_weak_reduce (

  53.     gf_448_t inout

  54. ) __attribute__((unused,always_inline));

  55.              

  56. void

  57. p448_strong_reduce (

  58.     gf_448_t inout

  59. );

  60.              

  61. static __inline__ void

  62. p448_bias (

  63.     gf_448_t inout,

  64.     int amount

  65. ) __attribute__((unused,always_inline));

  66. 

  67. void

  68. p448_mul (

  69.     gf_448_s *__restrict__ out,

  70.     const gf_448_t a,

  71.     const gf_448_t b

  72. );

  73. 

  74. void

  75. p448_mulw (

  76.     gf_448_s *__restrict__ out,

  77.     const gf_448_t a,

  78.     uint64_t b

  79. );

  80. 

  81. void

  82. p448_sqr (

  83.     gf_448_s *__restrict__ out,

  84.     const gf_448_t a

  85. );

  86. 

  87. void

  88. p448_serialize (

  89.     uint8_t *serial,

  90.     const gf_448_t x

  91. );

  92. 

  93. mask_t

  94. p448_deserialize (

  95.     gf_448_t x,

  96.     const uint8_t serial[56]

  97. );

  98. 

  99. /* -------------- Inline functions begin here -------------- */

  100. 

  101. void

  102. p448_add_RAW (

  103.     gf_448_t out,

  104.     const gf_448_t a,

  105.     const gf_448_t b

  106. ) {

  107.     unsigned int i;

  108.     for (i=0; i<sizeof(*out)/sizeof(uint32xn_t); i++) {

  109.         ((uint32xn_t*)out)[i] = ((const uint32xn_t*)a)[i] + ((const uint32xn_t*)b)[i];

  110.     }

  111. }

  112. 

  113. void

  114. p448_sub_RAW (

  115.     gf_448_t out,

  116.     const gf_448_t a,

  117.     const gf_448_t b

  118. ) {

  119.     unsigned int i;

  120.     for (i=0; i<sizeof(*out)/sizeof(uint32xn_t); i++) {

  121.         ((uint32xn_t*)out)[i] = ((const uint32xn_t*)a)[i] - ((const uint32xn_t*)b)[i];

  122.     }

  123.     /*

  124.     unsigned int i;

  125.     for (i=0; i<sizeof(*out)/sizeof(out->limb[0]); i++) {

  126.         out->limb[i] = a->limb[i] - b->limb[i];

  127.     }

  128.     */

  129. }

  130. 

  131. void

  132. p448_copy (

  133.     gf_448_t out,

  134.     const gf_448_t a

  135. ) {

  136.   *out = *a;

  137. }

  138. 

  139. void

  140. p448_bias (

  141.     gf_448_t a,

  142.     int amt

  143. ) {

  144.     uint32_t co1 = ((1ull<<28)-1)*amt, co2 = co1-amt;

  145.     uint32x4_t lo = {co1,co2,co1,co1}, hi = {co1,co1,co1,co1};

  146.     uint32x4_t *aa = (uint32x4_t*) a;

  147.     aa[0] += lo;

  148.     aa[1] += hi;

  149.     aa[2] += hi;

  150.     aa[3] += hi;

  151. }

  152. 

  153. void

  154. p448_weak_reduce (

  155.     gf_448_t a

  156. ) {

  157. 

  158.     uint32x2_t *aa = (uint32x2_t*) a, vmask = {(1ull<<28)-1, (1ull<<28)-1}, vm2 = {0,-1},

  159.        tmp = vshr_n_u32(aa[7],28);

  160.        

  161.     int i;

  162.     for (i=7; i>=1; i--) {

  163.         aa[i] = vsra_n_u32(aa[i] & vmask, aa[i-1], 28);

  164.     }

  165.     aa[0] = (aa[0] & vmask) + vrev64_u32(tmp) + (tmp&vm2);

  166. }

  167. 

  168. #ifdef __cplusplus

  169. }; /* extern "C" */

  170. #endif

  171. 

  172. #endif /* __P448_H__ */