Commit 93e866bb authored by Michael Hamburg's avatar Michael Hamburg

gmp-style foo_t[1] for points too

Conflicts:
	src/include/ec_point.h
parent 4e926b0f
......@@ -301,7 +301,7 @@ crandom_chacha_expand(u_int64_t iv,
int
crandom_init_from_file(
struct crandom_state_t *state,
crandom_state_a_t state,
const char *filename,
int reseed_interval,
int reseeds_mandatory
......@@ -338,7 +338,7 @@ crandom_init_from_file(
void
crandom_init_from_buffer(
struct crandom_state_t *state,
crandom_state_a_t state,
const char initial_seed[32]
) {
memcpy(state->seed, initial_seed, 32);
......@@ -350,7 +350,7 @@ crandom_init_from_buffer(
int
crandom_generate(
struct crandom_state_t *state,
crandom_state_a_t state,
unsigned char *output,
unsigned long long length
) {
......@@ -475,7 +475,7 @@ crandom_generate(
void
crandom_destroy(
struct crandom_state_t *state
crandom_state_a_t state
) {
if (state->magic == CRANDOM_MAGIC && state->randomfd) {
(void) close(state->randomfd);
......
......@@ -14,8 +14,8 @@
void
add_tw_niels_to_tw_extensible (
struct tw_extensible_t* d,
const struct tw_niels_t* e
tw_extensible_a_t d,
const tw_niels_a_t e
) {
ANALYZE_THIS_ROUTINE_CAREFULLY;
field_a_t L0, L1;
......@@ -36,8 +36,8 @@ add_tw_niels_to_tw_extensible (
void
sub_tw_niels_from_tw_extensible (
struct tw_extensible_t* d,
const struct tw_niels_t* e
tw_extensible_a_t d,
const tw_niels_a_t e
) {
ANALYZE_THIS_ROUTINE_CAREFULLY;
field_a_t L0, L1;
......@@ -58,29 +58,29 @@ sub_tw_niels_from_tw_extensible (
void
add_tw_pniels_to_tw_extensible (
struct tw_extensible_t* e,
const struct tw_pniels_t* a
tw_extensible_a_t e,
const tw_pniels_a_t a
) {
field_a_t L0;
field_mul ( L0, e->z, a->z );
field_copy ( e->z, L0 );
add_tw_niels_to_tw_extensible( e, &a->n );
add_tw_niels_to_tw_extensible( e, a->n );
}
void
sub_tw_pniels_from_tw_extensible (
struct tw_extensible_t* e,
const struct tw_pniels_t* a
tw_extensible_a_t e,
const tw_pniels_a_t a
) {
field_a_t L0;
field_mul ( L0, e->z, a->z );
field_copy ( e->z, L0 );
sub_tw_niels_from_tw_extensible( e, &a->n );
sub_tw_niels_from_tw_extensible( e, a->n );
}
void
double_tw_extensible (
struct tw_extensible_t* a
tw_extensible_a_t a
) {
ANALYZE_THIS_ROUTINE_CAREFULLY;
field_a_t L0, L1, L2;
......@@ -105,7 +105,7 @@ double_tw_extensible (
void
double_extensible (
struct extensible_t* a
extensible_a_t a
) {
ANALYZE_THIS_ROUTINE_CAREFULLY;
field_a_t L0, L1, L2;
......@@ -130,8 +130,8 @@ double_extensible (
void
twist_and_double (
struct tw_extensible_t* b,
const struct extensible_t* a
tw_extensible_a_t b,
const extensible_a_t a
) {
field_a_t L0;
field_sqr ( b->x, a->x );
......@@ -151,8 +151,8 @@ twist_and_double (
void
untwist_and_double (
struct extensible_t* b,
const struct tw_extensible_t* a
extensible_a_t b,
const tw_extensible_a_t a
) {
field_a_t L0;
field_sqr ( b->x, a->x );
......@@ -172,20 +172,20 @@ untwist_and_double (
void
convert_tw_affine_to_tw_pniels (
struct tw_pniels_t* b,
const struct tw_affine_t* a
tw_pniels_a_t b,
const tw_affine_a_t a
) {
field_sub ( b->n.a, a->y, a->x );
field_add ( b->n.b, a->x, a->y );
field_sub ( b->n->a, a->y, a->x );
field_add ( b->n->b, a->x, a->y );
field_mul ( b->z, a->y, a->x );
field_mulw_scc_wr ( b->n.c, b->z, 2*EDWARDS_D-2 );
field_mulw_scc_wr ( b->n->c, b->z, 2*EDWARDS_D-2 );
field_set_ui( b->z, 2 );
}
void
convert_tw_affine_to_tw_extensible (
struct tw_extensible_t* b,
const struct tw_affine_t* a
tw_extensible_a_t b,
const tw_affine_a_t a
) {
field_copy ( b->x, a->x );
field_copy ( b->y, a->y );
......@@ -196,8 +196,8 @@ convert_tw_affine_to_tw_extensible (
void
convert_affine_to_extensible (
struct extensible_t* b,
const struct affine_t* a
extensible_a_t b,
const affine_a_t a
) {
field_copy ( b->x, a->x );
field_copy ( b->y, a->y );
......@@ -208,23 +208,23 @@ convert_affine_to_extensible (
void
convert_tw_extensible_to_tw_pniels (
struct tw_pniels_t* b,
const struct tw_extensible_t* a
tw_pniels_a_t b,
const tw_extensible_a_t a
) {
field_sub ( b->n.a, a->y, a->x );
field_add ( b->n.b, a->x, a->y );
field_sub ( b->n->a, a->y, a->x );
field_add ( b->n->b, a->x, a->y );
field_mul ( b->z, a->u, a->t );
field_mulw_scc_wr ( b->n.c, b->z, 2*EDWARDS_D-2 );
field_mulw_scc_wr ( b->n->c, b->z, 2*EDWARDS_D-2 );
field_add ( b->z, a->z, a->z );
}
void
convert_tw_pniels_to_tw_extensible (
struct tw_extensible_t* e,
const struct tw_pniels_t* d
tw_extensible_a_t e,
const tw_pniels_a_t d
) {
field_add ( e->u, d->n.b, d->n.a );
field_sub ( e->t, d->n.b, d->n.a );
field_add ( e->u, d->n->b, d->n->a );
field_sub ( e->t, d->n->b, d->n->a );
field_mul ( e->x, d->z, e->t );
field_mul ( e->y, d->z, e->u );
field_sqr ( e->z, d->z );
......@@ -232,8 +232,8 @@ convert_tw_pniels_to_tw_extensible (
void
convert_tw_niels_to_tw_extensible (
struct tw_extensible_t* e,
const struct tw_niels_t* d
tw_extensible_a_t e,
const tw_niels_a_t d
) {
field_add ( e->y, d->b, d->a );
field_sub ( e->x, d->b, d->a );
......@@ -244,7 +244,7 @@ convert_tw_niels_to_tw_extensible (
void
deserialize_montgomery_decaf (
struct montgomery_aux_t* a,
montgomery_aux_a_t a,
const field_a_t s
) {
field_copy ( a->s0, s );
......@@ -280,7 +280,7 @@ montgomery_aux_step (
void
montgomery_step (
struct montgomery_t* a
montgomery_a_t a
) {
ANALYZE_THIS_ROUTINE_CAREFULLY;
field_a_t L0, L1;
......@@ -308,7 +308,7 @@ montgomery_step (
void
deserialize_montgomery (
struct montgomery_t* a,
montgomery_a_t a,
const field_a_t sbz
) {
field_sqr ( a->z0, sbz );
......@@ -321,7 +321,7 @@ deserialize_montgomery (
mask_t
serialize_montgomery (
field_a_t b,
const struct montgomery_t* a,
const montgomery_a_t a,
const field_a_t sbz
) {
mask_t L4, L5, L6;
......@@ -368,7 +368,7 @@ serialize_montgomery (
void
serialize_extensible (
field_a_t b,
const struct extensible_t* a
const extensible_a_t a
) {
field_a_t L0, L1, L2;
field_sub ( L0, a->y, a->z );
......@@ -395,7 +395,7 @@ decaf_make_even (
void
decaf_serialize_extensible (
field_a_t b,
const struct extensible_t* a
const extensible_a_t a
) {
field_a_t L0, L1, L2, L3;
field_mulw_scc ( L2, a->y, EDWARDS_D );
......@@ -422,7 +422,7 @@ decaf_serialize_extensible (
void
decaf_serialize_tw_extensible (
field_a_t b,
const struct tw_extensible_t* a
const tw_extensible_a_t a
) {
field_a_t L0, L1, L2, L3;
field_mulw_scc ( L2, a->y, 1-EDWARDS_D );
......@@ -448,7 +448,7 @@ decaf_serialize_tw_extensible (
mask_t
decaf_deserialize_affine (
struct affine_t *a,
affine_a_t a,
const field_a_t s,
mask_t allow_identity
) {
......@@ -489,7 +489,7 @@ decaf_deserialize_affine (
mask_t
decaf_deserialize_tw_affine (
struct tw_affine_t *a,
tw_affine_a_t a,
const field_a_t s,
mask_t allow_identity
) {
......@@ -531,7 +531,7 @@ decaf_deserialize_tw_affine (
void
untwist_and_double_and_serialize (
field_a_t b,
const struct tw_extensible_t* a
const tw_extensible_a_t a
) {
field_a_t L0, L1, L2, L3;
field_mul ( L3, a->y, a->x );
......@@ -555,8 +555,8 @@ untwist_and_double_and_serialize (
void
twist_even (
struct tw_extensible_t* b,
const struct extensible_t* a
tw_extensible_a_t b,
const extensible_a_t a
) {
field_sqr ( b->y, a->z );
field_sqr ( b->z, a->x );
......@@ -581,8 +581,8 @@ twist_even (
void
test_only_twist (
struct tw_extensible_t* b,
const struct extensible_t* a
tw_extensible_a_t b,
const extensible_a_t a
) {
field_a_t L0, L1;
field_sqr ( b->u, a->z );
......@@ -616,7 +616,7 @@ test_only_twist (
mask_t
is_even_pt (
const struct extensible_t* a
const extensible_a_t a
) {
field_a_t L0, L1, L2;
field_sqr ( L2, a->z );
......@@ -627,7 +627,7 @@ is_even_pt (
mask_t
is_even_tw (
const struct tw_extensible_t* a
const tw_extensible_a_t a
) {
field_a_t L0, L1, L2;
field_sqr ( L2, a->z );
......@@ -638,7 +638,7 @@ is_even_tw (
mask_t
deserialize_affine (
struct affine_t* a,
affine_a_t a,
const field_a_t sz
) {
field_a_t L0, L1, L2, L3;
......@@ -672,7 +672,7 @@ deserialize_affine (
mask_t
deserialize_and_twist_approx (
struct tw_extensible_t* a,
tw_extensible_a_t a,
const field_a_t sz
) {
field_a_t L0, L1;
......@@ -717,7 +717,7 @@ deserialize_and_twist_approx (
void
set_identity_extensible (
struct extensible_t* a
extensible_a_t a
) {
field_set_ui( a->x, 0 );
field_set_ui( a->y, 1 );
......@@ -728,7 +728,7 @@ set_identity_extensible (
void
set_identity_tw_extensible (
struct tw_extensible_t* a
tw_extensible_a_t a
) {
field_set_ui( a->x, 0 );
field_set_ui( a->y, 1 );
......@@ -739,7 +739,7 @@ set_identity_tw_extensible (
void
set_identity_affine (
struct affine_t* a
affine_a_t a
) {
field_set_ui( a->x, 0 );
field_set_ui( a->y, 1 );
......@@ -773,8 +773,8 @@ decaf_eq_tw_extensible (
mask_t
eq_affine (
const struct affine_t* a,
const struct affine_t* b
const affine_a_t a,
const affine_a_t b
) {
mask_t L1, L2;
field_a_t L0;
......@@ -787,8 +787,8 @@ eq_affine (
mask_t
eq_extensible (
const struct extensible_t* a,
const struct extensible_t* b
const extensible_a_t a,
const extensible_a_t b
) {
mask_t L3, L4;
field_a_t L0, L1, L2;
......@@ -805,8 +805,8 @@ eq_extensible (
mask_t
eq_tw_extensible (
const struct tw_extensible_t* a,
const struct tw_extensible_t* b
const tw_extensible_a_t a,
const tw_extensible_a_t b
) {
mask_t L3, L4;
field_a_t L0, L1, L2;
......@@ -823,7 +823,7 @@ eq_tw_extensible (
void
elligator_2s_inject (
struct affine_t* a,
affine_a_t a,
const field_a_t r
) {
field_a_t L2, L3, L4, L5, L6, L7, L8;
......@@ -882,7 +882,7 @@ elligator_2s_inject (
mask_t
validate_affine (
const struct affine_t* a
const affine_a_t a
) {
field_a_t L0, L1, L2, L3;
field_sqr ( L0, a->y );
......@@ -897,7 +897,7 @@ validate_affine (
mask_t
validate_tw_extensible (
const struct tw_extensible_t* ext
const tw_extensible_a_t ext
) {
mask_t L4, L5;
field_a_t L0, L1, L2, L3;
......@@ -934,7 +934,7 @@ validate_tw_extensible (
mask_t
validate_extensible (
const struct extensible_t* ext
const extensible_a_t ext
) {
mask_t L4, L5;
field_a_t L0, L1, L2, L3;
......
This diff is collapsed.
......@@ -39,6 +39,7 @@ struct crandom_state_t {
int reseeds_mandatory;
int randomfd;
} __attribute__((aligned(16))) ;
typedef struct crandom_state_t crandom_state_a_t[1];
#ifdef __cplusplus
extern "C" {
......@@ -64,7 +65,7 @@ extern "C" {
*/
int
crandom_init_from_file (
struct crandom_state_t *state,
crandom_state_a_t state,
const char *filename,
int reseed_interval,
int reseeds_mandatory
......@@ -87,7 +88,7 @@ crandom_init_from_file (
*/
void
crandom_init_from_buffer (
struct crandom_state_t *state,
crandom_state_a_t state,
const char initial_seed[32]
);
......@@ -118,7 +119,7 @@ crandom_init_from_buffer (
*/
int
crandom_generate (
struct crandom_state_t *state,
crandom_state_a_t state,
unsigned char *output,
unsigned long long length
);
......@@ -131,7 +132,7 @@ crandom_generate (
*/
void
crandom_destroy (
struct crandom_state_t *state
crandom_state_a_t state
);
#ifdef __cplusplus
......
This diff is collapsed.
......@@ -141,7 +141,7 @@ field_low_bit (const field_a_t f) {
field_a_t red;
field_copy(red,f);
field_strong_reduce(red);
return -(1&red.limb[0]);
return -(1&red->limb[0]);
}
static __inline__ mask_t
......
......@@ -55,7 +55,7 @@ extern const field_a_t sqrt_minus_d;
/**
* @brief The base point for Goldilocks.
*/
extern const struct affine_t goldilocks_base_point;
extern const affine_a_t goldilocks_base_point;
/**
* @brief The Goldilocks prime subgroup order.
......
......@@ -30,7 +30,7 @@ typedef word_t scalar_t[SCALAR_WORDS];
*/
struct fixed_base_table_t {
/** Comb tables containing multiples of the base point. */
struct tw_niels_t *table;
tw_niels_a_t *table;
/** Adjustments to the scalar in even and odd cases, respectively. */
word_t scalar_adjustments[2*SCALAR_WORDS];
......@@ -109,7 +109,7 @@ montgomery_ladder (
*/
void
scalarmul (
struct tw_extensible_t *working,
tw_extensible_a_t working,
const word_t scalar[SCALAR_WORDS]
/* TODO? int nbits */
);
......@@ -130,7 +130,7 @@ scalarmul (
*/
void
scalarmul_vlook (
struct tw_extensible_t *working,
tw_extensible_a_t working,
const word_t scalar[SCALAR_WORDS]
);
......@@ -161,11 +161,11 @@ scalarmul_vlook (
mask_t
precompute_fixed_base (
struct fixed_base_table_t *out,
const struct tw_extensible_t *base,
const tw_extensible_a_t base,
unsigned int n,
unsigned int t,
unsigned int s,
struct tw_niels_t *prealloc
tw_niels_a_t *prealloc
) __attribute__((warn_unused_result));
/**
......@@ -197,7 +197,7 @@ destroy_fixed_base (
*/
mask_t
scalarmul_fixed_base (
struct tw_extensible_t *out,
tw_extensible_a_t out,
const word_t *scalar,
unsigned int nbits,
const struct fixed_base_table_t *table
......@@ -215,7 +215,7 @@ scalarmul_fixed_base (
*/
void
scalarmul_vt (
struct tw_extensible_t *working,
tw_extensible_a_t working,
const word_t *scalar,
unsigned int nbits
);
......@@ -236,8 +236,8 @@ scalarmul_vt (
*/
mask_t
precompute_fixed_base_wnaf (
struct tw_niels_t *out,
const struct tw_extensible_t *base,
tw_niels_a_t *out,
const tw_extensible_a_t base,
unsigned int tbits
) __attribute__((warn_unused_result));
......@@ -256,10 +256,10 @@ precompute_fixed_base_wnaf (
*/
void
scalarmul_fixed_base_wnaf_vt (
struct tw_extensible_t *out,
tw_extensible_a_t out,
const word_t *scalar,
unsigned int nbits,
const struct tw_niels_t *precmp,
const tw_niels_a_t *precmp,
unsigned int table_bits
);
......@@ -281,12 +281,12 @@ scalarmul_fixed_base_wnaf_vt (
*/
void
linear_combo_var_fixed_vt (
struct tw_extensible_t *working,
tw_extensible_a_t working,
const word_t scalar_var[SCALAR_WORDS],
unsigned int nbits_var,
const word_t scalar_pre[SCALAR_WORDS],
unsigned int nbits_pre,
const struct tw_niels_t *precmp,
const tw_niels_a_t *precmp,
unsigned int table_bits_pre
);
......@@ -309,7 +309,7 @@ linear_combo_var_fixed_vt (
*/
mask_t
linear_combo_combs_vt (
struct tw_extensible_t *out,
tw_extensible_a_t out,
const word_t scalar1[SCALAR_WORDS],
unsigned int nbits1,
const struct fixed_base_table_t *table1,
......
......@@ -17,28 +17,28 @@ extern "C" {
*
* This structure is opaque.
*/
struct sha512_ctx_t {
typedef struct {
/** @privatesection */
uint64_t chain[8];
uint8_t block[128];
uint64_t nbytes;
};
} sha512_ctx_a_t[1];
void
sha512_init (
struct sha512_ctx_t *ctx
sha512_ctx_a_t ctx
);
void
sha512_update (
struct sha512_ctx_t *ctx,
sha512_ctx_a_t ctx,
const unsigned char *data,
uint64_t bytes
);
void
sha512_final (
struct sha512_ctx_t *ctx,
sha512_ctx_a_t ctx,
uint8_t result[SHA512_OUTPUT_BYTES]
);
......
......@@ -33,7 +33,7 @@ const word_t SCALARMUL_FIXED_WINDOW_ADJUSTMENT[2*SCALAR_WORDS] = {
U64LE(0x0000000000000000)
};
const struct affine_t goldilocks_base_point = {
const affine_a_t goldilocks_base_point = {{
#ifdef USE_NEON_PERM
{{{ 0xaed939f,0xc59d070,0xf0de840,0x5f065c3, 0xf4ba0c7,0xdf73324,0xc170033,0x3a6a26a,
0x4c63d96,0x4609845,0xf3932d9,0x1b4faff, 0x6147eaa,0xa2692ff,0x9cecfa9,0x297ea0e
......@@ -46,7 +46,7 @@ const struct affine_t goldilocks_base_point = {
}}},
#endif
{{{ 19 }}}
};
}};
static const word_t curve_prime_order_lo[(224+WORD_BITS-1)/WORD_BITS] = {
U64LE(0xdc873d6d54a7bb0d),
......
......@@ -35,7 +35,7 @@ const word_t SCALARMUL_FIXED_WINDOW_ADJUSTMENT[2*SCALAR_WORDS] = {
0x00000000
};
const struct affine_t goldilocks_base_point = {
const affine_a_t goldilocks_base_point = {{
{{{
U60LE(0x849ff7f845c30d3),
U60LE(0x7dda488553a4c5b),
......@@ -47,7 +47,7 @@ const struct affine_t goldilocks_base_point = {
U60LE(0x7ca42af3d564280)
}}},
{{{ 5 }}}
};
}};
static const word_t curve_prime_order_lo[(240+WORD_BITS-1)/WORD_BITS] = {
U64LE(0x72e70941cf8da597),
......
......@@ -38,7 +38,7 @@ const word_t SCALARMUL_FIXED_WINDOW_ADJUSTMENT[2*SCALAR_WORDS] = {
0x0
};
const struct affine_t goldilocks_base_point = {
const affine_a_t goldilocks_base_point = {{
{{{
#ifdef USE_P521_3x3_TRANSPOSE
U58LE(0x02a940a2f19ba6c),
......@@ -66,7 +66,7 @@ const struct affine_t goldilocks_base_point = {
#endif
}}},
{{{ 12 }}}
};
}};
static const word_t curve_prime_order_lo[(261+WORD_BITS-1)/WORD_BITS] = {
U64LE(0xbf15dbca0ae7f295),
......
This diff is collapsed.
......@@ -72,7 +72,7 @@ static inline uint64_t maj(uint64_t h1, uint64_t h2, uint64_t h3) {
static void
sha512_process_block (
struct sha512_ctx_t *ctx
sha512_ctx_a_t ctx
) {
uint64_t i, tmp, a, b,
*w = (uint64_t *) ctx->block,
......@@ -119,7 +119,7 @@ sha512_process_block (
void
sha512_init (
struct sha512_ctx_t *ctx
sha512_ctx_a_t ctx
) {
ctx->nbytes = 0;
memcpy(ctx->chain, sha512_init_state, sizeof(sha512_init_state));
......@@ -128,7 +128,7 @@ sha512_init (
void
sha512_update (
struct sha512_ctx_t *ctx,
sha512_ctx_a_t ctx,
const unsigned char *data,
uint64_t bytes
) {
......@@ -153,7 +153,7 @@ sha512_update (
void
sha512_final (
struct sha512_ctx_t *ctx,
sha512_ctx_a_t ctx,
uint8_t result[64]
) {
uint64_t fill = ctx->nbytes % 128, i;
......
......@@ -146,19 +146,19 @@ int main(int argc, char **argv) {
when = now() - when;
printf("rand448: %5.1fns\n", when * 1e9 / i);
struct sha512_ctx_t sha;
sha512_ctx_a_t sha;
uint8_t hashout[128];
when = now();
for (i=0; i<nbase; i++) {
sha512_init(&sha);
sha512_final(&sha, hashout);
sha512_init(sha);
sha512_final(sha, hashout);
}
when = now() - when;
printf("sha512 1blk: %5.1fns\n", when * 1e9 / i);
when = now();
for (i=0; i<nbase; i++) {
sha512_update(&sha, hashout, 128);
sha512_update(sha, hashout, 128);
}
when = now() - when;
printf("sha512 blk: %5.1fns (%0.2f MB/s)\n", when * 1e9 / i, 128*i/when/1e6);
......@@ -356,7 +356,7 @@ int main(int argc, char **argv) {
when = now() - when;
printf("edwards vtm: %5.1fµs\n", when * 1e6 / i);
struct tw_niels_t wnaft[1<<6];
tw_niels_a_t wnaft[1<<6];