Commit 719fcacc authored by Michael Hamburg's avatar Michael Hamburg

working on multicurve build system

parent de735c77
......@@ -44,7 +44,7 @@ FIELD ?= p25519
WARNFLAGS = -pedantic -Wall -Wextra -Werror -Wunreachable-code \
-Wmissing-declarations -Wunused-function -Wno-overlength-strings $(EXWARN)
INCFLAGS = -Isrc/include -Isrc/public_include -Isrc/$(FIELD) -Isrc/$(FIELD)/$(ARCH)
INCFLAGS = -Isrc/include -Isrc/public_include
LANGFLAGS = -std=c99 -fno-strict-aliasing
LANGXXFLAGS = -fno-strict-aliasing
GENFLAGS = -ffunction-sections -fdata-sections -fvisibility=hidden -fomit-frame-pointer -fPIC
......@@ -83,10 +83,16 @@ BUILDPYS= $(SAGES:test/%.sage=$(BUILD_PY)/%.py)
HEADERS= Makefile $(shell find src test -name "*.h") $(shell find . -name "*.hxx") $(BUILD_OBJ)/timestamp
DECAFCOMPONENTS= $(BUILD_OBJ)/$(DECAF).o $(BUILD_OBJ)/shake.o $(BUILD_OBJ)/decaf_crypto.o \
$(BUILD_OBJ)/$(FIELD).o $(BUILD_OBJ)/f_arithmetic.o $(BUILD_OBJ)/utils.o
# components needed by the table generators
GENCOMPONENTS= \
$(BUILD_OBJ)/$(DECAF)_ed25519.o $(BUILD_OBJ)/p25519_impl.o $(BUILD_OBJ)/p25519_arithmetic.o \
$(BUILD_OBJ)/utils.o \
#$(BUILD_OBJ)/p448_impl.o $(BUILD_OBJ)/p448_arithmetic.o
# components needed by the lib
DECAFCOMPONENTS= $(BUILD_OBJ)/shake.o $(BUILD_OBJ)/decaf_crypto.o $(GENCOMPONENTS)
ifeq ($(DECAF),decaf_fast)
DECAFCOMPONENTS += $(BUILD_OBJ)/decaf_tables.o
DECAFCOMPONENTS += $(BUILD_OBJ)/decaf_tables_ed25519.o
endif
BENCHCOMPONENTS = $(BUILD_OBJ)/bench.o $(BUILD_OBJ)/shake.o
......@@ -143,15 +149,39 @@ $(BUILD_OBJ)/timestamp:
$(BUILD_OBJ)/%.o: $(BUILD_ASM)/%.s
$(ASM) $(ASFLAGS) -c -o $@ $<
$(BUILD_IBIN)/decaf_gen_tables: $(BUILD_OBJ)/decaf_gen_tables.o \
$(BUILD_OBJ)/$(DECAF).o $(BUILD_OBJ)/$(FIELD).o $(BUILD_OBJ)/f_arithmetic.o $(BUILD_OBJ)/utils.o
# I don't know why this rule is necessary... bug in make, or obscure pattern matching rule?
$(BUILD_OBJ)/decaf_gen_tables_%.o: $(BUILD_ASM)/decaf_gen_tables_%.s
$(ASM) $(ASFLAGS) -c -o $@ $<
$(BUILD_IBIN)/decaf_gen_tables_%: $(BUILD_OBJ)/decaf_gen_tables_%.o $(GENCOMPONENTS)
$(LD) $(LDFLAGS) -o $@ $^
$(BUILD_C)/decaf_tables.c: $(BUILD_IBIN)/decaf_gen_tables
$(BUILD_C)/decaf_tables_%.c: $(BUILD_IBIN)/decaf_gen_tables_%
./$< > $@
$(BUILD_ASM)/decaf_tables.s: $(BUILD_C)/decaf_tables.c $(HEADERS)
$(CC) $(CFLAGS) -S -c -o $@ $<
$(BUILD_ASM)/decaf_tables_%.s: $(BUILD_C)/decaf_tables_%.c $(HEADERS)
$(CC) $(CFLAGS) -S -c -o $@ $< \
-I src/curve_$*/ -I src/curve_$*/field -I src/curve_$*/field/$(ARCH) \
$(BUILD_ASM)/decaf_gen_tables_%.s: src/decaf_gen_tables.c $(HEADERS)
$(CC) $(CFLAGS) \
-I src/curve_$*/ -I src/curve_$*/field -I src/curve_$*/field/$(ARCH) \
-S -c -o $@ $<
$(BUILD_ASM)/decaf_fast_%.s: src/decaf_fast.c $(HEADERS)
$(CC) $(CFLAGS) \
-I src/curve_$*/ -I src/curve_$*/field -I src/curve_$*/field/$(ARCH) \
-S -c -o $@ $<
$(BUILD_ASM)/%_arithmetic.s: src/%/f_arithmetic.c $(HEADERS)
$(CC) $(CFLAGS) \
-I src/$* -I src/$*/$(ARCH) \
-S -c -o $@ $<
$(BUILD_ASM)/%_impl.s: src/%/$(ARCH)/f_impl.c $(HEADERS)
$(CC) $(CFLAGS) \
-I src/$* -I src/$*/$(ARCH) \
-S -c -o $@ $<
$(BUILD_ASM)/%.s: src/%.c $(HEADERS)
$(CC) $(CFLAGS) -S -c -o $@ $<
......@@ -165,12 +195,6 @@ $(BUILD_ASM)/%.s: test/%.c $(HEADERS)
$(BUILD_ASM)/%.s: test/%.cxx $(HEADERS)
$(CXX) $(CXXFLAGS) -S -c -o $@ $<
$(BUILD_ASM)/%.s: src/$(FIELD)/$(ARCH)/%.c $(HEADERS)
$(CC) $(CFLAGS) -S -c -o $@ $<
$(BUILD_ASM)/%.s: src/$(FIELD)/%.c $(HEADERS)
$(CC) $(CFLAGS) -S -c -o $@ $<
# The sage test scripts
sage: $(BUILDPYS)
......@@ -191,29 +215,29 @@ $(BUILDPYS): $(SAGES) $(BUILD_OBJ)/timestamp
$(BUILD_DOC)/timestamp:
mkdir -p `dirname $@`
touch $@
doc: Doxyfile $(BUILD_OBJ)/timestamp $(HEADERS) src/*.c src/$(FIELD)/$(ARCH)/*.c src/$(FIELD)/$(ARCH)/*.h
doxygen > /dev/null
# The eBATS benchmarking script
bat: $(BATNAME)
$(BATNAME): include/* src/* src/*/* test/batarch.map $(BUILD_C)/decaf_tables.c # TODO tables some other way
rm -fr $@
for prim in dh sign; do \
targ="$@/crypto_$$prim/ed448goldilocks_decaf"; \
(while read arch where; do \
mkdir -p $$targ/`basename $$arch`; \
cp include/*.h $(BUILD_C)/decaf_tables.c src/decaf_fast.c src/decaf_crypto.c src/shake.c src/include/*.h src/bat/$$prim.c src/p448/$$where/*.c src/p448/$$where/*.h src/p448/*.c src/p448/*.h $$targ/`basename $$arch`; \
cp src/bat/api_$$prim.h $$targ/`basename $$arch`/api.h; \
perl -p -i -e 's/SYSNAME/'`basename $(BATNAME)`_`basename $$arch`'/g' $$targ/`basename $$arch`/api.h; \
perl -p -i -e 's/__TODAY__/'$(TODAY)'/g' $$targ/`basename $$arch`/api.h; \
done \
) < test/batarch.map; \
echo 'Mike Hamburg' > $$targ/designers; \
echo 'Ed448-Goldilocks Decaf sign and dh' > $$targ/description; \
done
(cd $(BATNAME)/.. && tar czf $(BATBASE).tgz $(BATBASE) )
#
# doc: Doxyfile $(BUILD_OBJ)/timestamp $(HEADERS) src/*.c src/$(FIELD)/$(ARCH)/*.c src/$(FIELD)/$(ARCH)/*.h
# doxygen > /dev/null
# # The eBATS benchmarking script
# bat: $(BATNAME)
#
# $(BATNAME): include/* src/* src/*/* test/batarch.map $(BUILD_C)/decaf_tables.c # TODO tables some other way
# rm -fr $@
# for prim in dh sign; do \
# targ="$@/crypto_$$prim/ed448goldilocks_decaf"; \
# (while read arch where; do \
# mkdir -p $$targ/`basename $$arch`; \
# cp include/*.h $(BUILD_C)/decaf_tables.c src/decaf_fast.c src/decaf_crypto.c src/shake.c src/include/*.h src/bat/$$prim.c src/p448/$$where/*.c src/p448/$$where/*.h src/p448/*.c src/p448/*.h $$targ/`basename $$arch`; \
# cp src/bat/api_$$prim.h $$targ/`basename $$arch`/api.h; \
# perl -p -i -e 's/SYSNAME/'`basename $(BATNAME)`_`basename $$arch`'/g' $$targ/`basename $$arch`/api.h; \
# perl -p -i -e 's/__TODAY__/'$(TODAY)'/g' $$targ/`basename $$arch`/api.h; \
# done \
# ) < test/batarch.map; \
# echo 'Mike Hamburg' > $$targ/designers; \
# echo 'Ed448-Goldilocks Decaf sign and dh' > $$targ/description; \
# done
# (cd $(BATNAME)/.. && tar czf $(BATBASE).tgz $(BATBASE) )
# Finds todo items in .h and .c files
TODO_TYPES ?= HACK TODO FIXME BUG XXX PERF FUTURE REMOVE MAGIC
......
/* Rename table for eventual factoring into .c.inc, MSR ECC style */
#define SCALAR_LIMBS DECAF_255_SCALAR_LIMBS
#define SCALAR_BITS DECAF_255_SCALAR_BITS
#define NLIMBS DECAF_255_LIMBS
#define API_NS(_id) decaf_255_##_id
#define API_NS2(_pref,_id) _pref##_decaf_255_##_id
#define scalar_t decaf_255_scalar_t
#define point_t decaf_255_point_t
#define precomputed_s decaf_255_precomputed_s
#define SER_BYTES DECAF_255_SER_BYTES
#define IMAGINE_TWIST 1
#define P_MOD_8 5
#define COFACTOR 8
static const int EDWARDS_D = -121665;
static const scalar_t sc_p = {{{
SC_LIMB(0x5812631a5cf5d3ed),
SC_LIMB(0x14def9dea2f79cd6),
SC_LIMB(0),
SC_LIMB(0x1000000000000000)
}}};
/* sqrt(9) = 3 from the curve spec. Not exported, but used by pregen tool. */
const unsigned char base_point_ser_for_pregen[SER_BYTES] = {
3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
};
const gf SQRT_ONE_MINUS_D = {FIELD_LITERAL(
0x6db8831bbddec,
0x38d7b56c9c165,
0x016b221394bdc,
0x7540f7816214a,
0x0a0d85b4032b1
)};
../p25519/
\ No newline at end of file
#define SCALAR_LIMBS DECAF_448_SCALAR_LIMBS
#define SCALAR_BITS DECAF_448_SCALAR_BITS
#define NLIMBS DECAF_448_LIMBS
#define API_NS(_id) decaf_448_##_id
#define API_NS2(_pref,_id) _pref##_decaf_448_##_id
#define scalar_t decaf_448_scalar_t
#define point_t decaf_448_point_t
#define precomputed_s decaf_448_precomputed_s
#define SER_BYTES DECAF_448_SER_BYTES
#define IMAGINE_TWIST 0
#define P_MOD_8 7
#define COFACTOR 4
static const int EDWARDS_D = -39081;
static const scalar_t sc_p = {{{
SC_LIMB(0x2378c292ab5844f3),
SC_LIMB(0x216cc2728dc58f55),
SC_LIMB(0xc44edb49aed63690),
SC_LIMB(0xffffffff7cca23e9),
SC_LIMB(0xffffffffffffffff),
SC_LIMB(0xffffffffffffffff),
SC_LIMB(0x3fffffffffffffff)
}}};
/* sqrt(5) = 2phi-1 from the curve spec. Not exported, but used by pregen tool. */
const unsigned char base_point_ser_for_pregen[SER_BYTES] = {
-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,1
};
../p448/
\ No newline at end of file
This diff is collapsed.
......@@ -22,8 +22,8 @@
const gf API_NS(precomputed_base_as_fe)[1];
const API_NS(scalar_t) API_NS(precomputed_scalarmul_adjustment);
const API_NS(scalar_t) API_NS(point_scalarmul_adjustment);
const API_NS(scalar_t) sc_r2 = {{{0}}};
const decaf_word_t MONTGOMERY_FACTOR = 0;
const API_NS(scalar_t) API_NS(sc_r2) = {{{0}}};
const decaf_word_t API_NS(MONTGOMERY_FACTOR) = 0;
const unsigned char base_point_ser_for_pregen[DECAF_255_SER_BYTES];
const API_NS(point_t) API_NS(point_base);
......@@ -147,7 +147,7 @@ int main(int argc, char **argv) {
for (i=0; i<sizeof(API_NS(scalar_t))*8*2; i++) {
API_NS(scalar_add)(smadj,smadj,smadj);
}
scalar_print("sc_r2", smadj);
scalar_print("API_NS(sc_r2)", smadj);
API_NS(scalar_sub)(smadj,API_NS(scalar_zero),API_NS(scalar_one)); /* get p-1 */
......@@ -159,7 +159,7 @@ int main(int argc, char **argv) {
for (i=0; i<6; i++) {
w *= w*plo + 2;
}
printf("const decaf_word_t MONTGOMERY_FACTOR = (decaf_word_t)0x%016llxull;\n\n", w);
printf("const decaf_word_t API_NS(MONTGOMERY_FACTOR) = (decaf_word_t)0x%016llxull;\n\n", w);
return 0;
}
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p25519.h"
#include "f_impl.h"
static __inline__ __uint128_t widemul(
const uint64_t a,
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p25519.h"
#include "f_impl.h"
#include "x86-64-arith.h"
static inline uint64_t shr(__uint128_t x, int n) {
......
......@@ -18,14 +18,6 @@ const gf_25519_t P25519_SQRT_MINUS_ONE = {FIELD_LITERAL(
0x2b8324804fc1d
)};
const gf_25519_t SQRT_ONE_MINUS_D = {FIELD_LITERAL( // FIXME MAGIC goes elsewhere?
0x6db8831bbddec,
0x38d7b56c9c165,
0x016b221394bdc,
0x7540f7816214a,
0x0a0d85b4032b1
)};
static const gf_25519_t ONE = {FIELD_LITERAL( // FIXME copy-pasted
1,0,0,0,0
)};
......
......@@ -12,7 +12,7 @@
#include "constant_time.h"
#include <string.h>
#include "p25519.h"
#include "f_impl.h"
#define GF_LIT_LIMB_BITS 51
#define GF_BITS 255
#define gf gf_25519_t
......
......@@ -3,7 +3,7 @@
*/
#include "word.h"
#include "p448.h"
#include "f_impl.h"
static inline mask_t __attribute__((always_inline))
is_zero (
......
......@@ -3,7 +3,7 @@
*/
#include "word.h"
#include "p448.h"
#include "f_impl.h"
static inline mask_t __attribute__((always_inline))
is_zero (
......
......@@ -3,7 +3,7 @@
*/
#include "word.h"
#include "p448.h"
#include "f_impl.h"
static inline mask_t __attribute__((always_inline))
is_zero (
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p448.h"
#include "f_impl.h"
static __inline__ __uint128_t widemul(
const uint64_t a,
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p448.h"
#include "f_impl.h"
#include "x86-64-arith.h"
void
......
......@@ -12,10 +12,10 @@
void
gf_isr (
gf_a_t a,
const gf_a_t x
gf a,
const gf x
) {
gf_a_t L0, L1, L2;
gf L0, L1, L2;
gf_sqr ( L1, x );
gf_mul ( L2, x, L1 );
gf_sqr ( L1, L2 );
......
......@@ -12,7 +12,7 @@
#include "constant_time.h"
#include <string.h>
#include "p448.h"
#include "f_impl.h"
#define GF_LIT_LIMB_BITS 56
#define GF_BITS 448
#define gf p448_t
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p480.h"
#include "f_impl.h"
#include "x86-64-arith.h"
void
......
......@@ -12,7 +12,7 @@
#include "constant_time.h"
#include <string.h>
#include "p480.h"
#include "f_impl.h"
#define GF_LIT_LIMB_BITS 60
#define GF_BITS 480
#define gf p480_t
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p521.h"
#include "f_impl.h"
static __inline__ __uint128_t widemul(
const uint64_t a,
......
......@@ -2,7 +2,7 @@
* Released under the MIT License. See LICENSE.txt for license information.
*/
#include "p521.h"
#include "f_impl.h"
typedef struct {
uint64x3_t lo, hi, hier;
......
......@@ -12,7 +12,7 @@
#include <string.h>
#include "constant_time.h"
#include "p521.h"
#include "f_impl.h"
#define GF_LIT_LIMB_BITS 58
#define GF_BITS 521
#define gf p521_t
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment