diff options
author | 2017-10-21 23:43:59 -0400 | |
---|---|---|
committer | 2017-10-22 00:20:52 -0400 | |
commit | 102904674d12d1791f55a55cb66a334e5c21715a (patch) | |
tree | fec67713e46239561cd6386b15508c393ef5aa33 /src/Specific/X25519/C64/scalarmult.c | |
parent | 6c779ae1c2a2f4c798606ce3f7718768387f47a6 (diff) |
Add tight and loose bounds, no carry in add, sub
Following Andres' suggestions to allow making ladderstep from other
synthesis things.
It went though mostly without a hitch, though there were a number of
boilerplate changes needed.
Diffstat (limited to 'src/Specific/X25519/C64/scalarmult.c')
-rw-r--r-- | src/Specific/X25519/C64/scalarmult.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/src/Specific/X25519/C64/scalarmult.c b/src/Specific/X25519/C64/scalarmult.c index bde9a9b22..01f81d393 100644 --- a/src/Specific/X25519/C64/scalarmult.c +++ b/src/Specific/X25519/C64/scalarmult.c @@ -1,3 +1,5 @@ +/* WARNING: This file was copied from Specific/CurveParameters/X25519_C64/scalarmult.c. + If you edit it here, changes will be erased the next time remake_curves.sh is run. */ // The synthesized parts are from fiat-crypto, copyright MIT 2017. // The synthesis framework is released under the MIT license. // The non-synthesized parts are from curve25519-donna by Adam Langley (Google): @@ -41,7 +43,6 @@ typedef unsigned int uint128_t __attribute__((mode(TI))); typedef uint8_t u8; typedef uint64_t limb; typedef limb felem[5]; -//static void crecip(felem out, const felem z); static void force_inline fmul(felem output, const felem in2, const felem in) { @@ -201,7 +202,6 @@ swap_conditional(limb a[5], limb b[5], limb iswap) { } } - /* Calculates nQ where Q is the x-coordinate of a point on the curve * * resultx/resultz: the x coordinate of the resulting curve point (short form) @@ -223,7 +223,6 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) { u8 byte = n[31 - i]; for (j = 0; j < 8; ++j) { const limb bit = byte >> 7; - // printf("%01d ", bit); swap_conditional(nqx, nqpqx, bit); swap_conditional(nqz, nqpqz, bit); @@ -249,9 +248,6 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) { nqpqz2 = t; byte <<= 1; - - // { felem pr; crecip(pr, nqz); fmul(pr, pr, nqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf(" "); } - // { felem pr; crecip(pr, nqpqz); fmul(pr, pr, nqpqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf("\n"); } } } |