jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: edc6afe496
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'edc6afe496'
${ noResults }
ed448goldilocks/src/arch_neon/p448.h

242 lines
4.1 KiB
Raw Blame History 

  1. /* Copyright (c) 2014 Cryptography Research, Inc.

  2.  * Released under the MIT License.  See LICENSE.txt for license information.

  3.  */

  4. #ifndef __P448_H__

  5. #define __P448_H__ 1

  6. 

  7. #include "word.h"

  8. 

  9. #include <stdint.h>

  10. #include <assert.h>

  11. 

  12. typedef struct p448_t {

  13.   uint32_t limb[16];

  14. } __attribute__((aligned(32))) p448_t;

  15. 

  16. #ifdef __cplusplus

  17. extern "C" {

  18. #endif

  19. 

  20. static __inline__ void

  21. p448_set_ui (

  22.     p448_t *out,

  23.     uint64_t x

  24. ) __attribute__((unused,always_inline));

  25. 

  26. static __inline__ void

  27. p448_add (

  28.     p448_t *out,

  29.     const p448_t *a,

  30.     const p448_t *b

  31. ) __attribute__((unused,always_inline));

  32.              

  33. static __inline__ void

  34. p448_sub (

  35.     p448_t *out,

  36.     const p448_t *a,

  37.     const p448_t *b

  38. ) __attribute__((unused,always_inline));

  39.              

  40. static __inline__ void

  41. p448_neg (

  42.     p448_t *out,

  43.     const p448_t *a

  44. ) __attribute__((unused,always_inline));

  45. 

  46. static __inline__ void

  47. p448_addw (

  48.     p448_t *a,

  49.     uint32_t x

  50. ) __attribute__((unused,always_inline));

  51.              

  52. static __inline__ void

  53. p448_subw (

  54.     p448_t *a,

  55.     uint32_t x

  56. ) __attribute__((unused,always_inline));

  57.              

  58. static __inline__ void

  59. p448_copy (

  60.     p448_t *out,

  61.     const p448_t *a

  62. ) __attribute__((unused,always_inline));

  63.              

  64. static __inline__ void

  65. p448_weak_reduce (

  66.     p448_t *inout

  67. ) __attribute__((unused,always_inline));

  68.              

  69. void

  70. p448_strong_reduce (

  71.     p448_t *inout

  72. );

  73. 

  74. mask_t

  75. p448_is_zero (

  76.     const p448_t *in

  77. );

  78.              

  79. static __inline__ void

  80. p448_bias (

  81.     p448_t *inout,

  82.     int amount

  83. ) __attribute__((unused,always_inline));

  84. 

  85. void

  86. p448_mul (

  87.     p448_t *__restrict__ out,

  88.     const p448_t *a,

  89.     const p448_t *b

  90. );

  91. 

  92. void

  93. p448_mulw (

  94.     p448_t *__restrict__ out,

  95.     const p448_t *a,

  96.     uint64_t b

  97. );

  98. 

  99. void

  100. p448_sqr (

  101.     p448_t *__restrict__ out,

  102.     const p448_t *a

  103. );

  104. 

  105. void

  106. p448_serialize (

  107.     uint8_t *serial,

  108.     const struct p448_t *x

  109. );

  110. 

  111. mask_t

  112. p448_deserialize (

  113.     p448_t *x,

  114.     const uint8_t serial[56]

  115. );

  116. 

  117. /* -------------- Inline functions begin here -------------- */

  118. 

  119. void

  120. p448_set_ui (

  121.     p448_t *out,

  122.     uint64_t x

  123. ) {

  124.     int i;

  125.     out->limb[0] = x & ((1<<28)-1);

  126.     out->limb[1] = x>>28;

  127.     for (i=2; i<16; i++) {

  128.       out->limb[i] = 0;

  129.     }

  130. }

  131. 

  132. void

  133. p448_add (

  134.     p448_t *out,

  135.     const p448_t *a,

  136.     const p448_t *b

  137. ) {

  138.     unsigned int i;

  139.     for (i=0; i<sizeof(*out)/sizeof(uint32xn_t); i++) {

  140.         ((uint32xn_t*)out)[i] = ((const uint32xn_t*)a)[i] + ((const uint32xn_t*)b)[i];

  141.     }

  142.     /*

  143.     unsigned int i;

  144.     for (i=0; i<sizeof(*out)/sizeof(out->limb[0]); i++) {

  145.         out->limb[i] = a->limb[i] + b->limb[i];

  146.     }

  147.     */

  148. }

  149. 

  150. void

  151. p448_sub (

  152.     p448_t *out,

  153.     const p448_t *a,

  154.     const p448_t *b

  155. ) {

  156.     unsigned int i;

  157.     for (i=0; i<sizeof(*out)/sizeof(uint32xn_t); i++) {

  158.         ((uint32xn_t*)out)[i] = ((const uint32xn_t*)a)[i] - ((const uint32xn_t*)b)[i];

  159.     }

  160.     /*

  161.     unsigned int i;

  162.     for (i=0; i<sizeof(*out)/sizeof(out->limb[0]); i++) {

  163.         out->limb[i] = a->limb[i] - b->limb[i];

  164.     }

  165.     */

  166. }

  167. 

  168. void

  169. p448_neg (

  170.     p448_t *out,

  171.     const p448_t *a

  172. ) {

  173.     unsigned int i;

  174.     for (i=0; i<sizeof(*out)/sizeof(uint32xn_t); i++) {

  175.         ((uint32xn_t*)out)[i] = -((const uint32xn_t*)a)[i];

  176.     }

  177.     /*

  178.     unsigned int i;

  179.     for (i=0; i<sizeof(*out)/sizeof(out->limb[0]); i++) {

  180.         out->limb[i] = -a->limb[i];

  181.     }

  182.     */

  183. }

  184. 

  185. void

  186. p448_addw (

  187.     p448_t *a,

  188.     uint32_t x

  189. ) {

  190.   a->limb[0] += x;

  191. }

  192.              

  193. void

  194. p448_subw (

  195.     p448_t *a,

  196.     uint32_t x

  197. ) {

  198.   a->limb[0] -= x;

  199. }

  200. 

  201. void

  202. p448_copy (

  203.     p448_t *out,

  204.     const p448_t *a

  205. ) {

  206.   *out = *a;

  207. }

  208. 

  209. void

  210. p448_bias (

  211.     p448_t *a,

  212.     int amt

  213. ) {

  214.     uint32_t co1 = ((1ull<<28)-1)*amt, co2 = co1-amt;

  215.     uint32x4_t lo = {co1,co1,co1,co1}, hi = {co2,co1,co1,co1};

  216.     uint32x4_t *aa = (uint32x4_t*) a;

  217.     aa[0] += lo;

  218.     aa[1] += lo;

  219.     aa[2] += hi;

  220.     aa[3] += lo;

  221. }

  222. 

  223. void

  224. p448_weak_reduce (

  225.     p448_t *a

  226. ) {

  227.     uint64_t mask = (1ull<<28) - 1;

  228.     uint64_t tmp = a->limb[15] >> 28;

  229.     int i;

  230.     a->limb[8] += tmp;

  231.     for (i=15; i>0; i--) {

  232.         a->limb[i] = (a->limb[i] & mask) + (a->limb[i-1]>>28);

  233.     }

  234.     a->limb[0] = (a->limb[0] & mask) + tmp;

  235. }

  236. 

  237. #ifdef __cplusplus

  238. }; /* extern "C" */

  239. #endif

  240. 

  241. #endif /* __P448_H__ */