diff options
author | jadep <jade.philipoom@gmail.com> | 2017-02-13 13:07:18 -0500 |
---|---|---|
committer | Andres Erbsen <andreser@mit.edu> | 2017-02-22 21:45:56 -0500 |
commit | 305253c724b263476e0aaf0359e5f9ec83211be6 (patch) | |
tree | 32548890a9a03f8acad62f23b62bea5d1a1dccbb /src/Util/IterAssocOp.v | |
parent | 5263553bcab671860ac207e9d101332a4397268f (diff) |
Moved N lemmas from Ed25519 and IterAssocOp into new NUtil file
Diffstat (limited to 'src/Util/IterAssocOp.v')
-rw-r--r-- | src/Util/IterAssocOp.v | 81 |
1 files changed, 4 insertions, 77 deletions
diff --git a/src/Util/IterAssocOp.v b/src/Util/IterAssocOp.v index d630698e7..85868f33f 100644 --- a/src/Util/IterAssocOp.v +++ b/src/Util/IterAssocOp.v @@ -1,8 +1,8 @@ Require Import Coq.Setoids.Setoid Coq.Classes.Morphisms Coq.Classes.Equivalence. Require Import Coq.NArith.NArith Coq.PArith.BinPosDef. Require Import Coq.Numbers.Natural.Peano.NPeano. -Require Import Crypto.Algebra. -Import Monoid. +Require Import Crypto.Algebra. Import Monoid. +Require Import Crypto.Util.NUtil. Local Open Scope equiv_scope. @@ -64,56 +64,6 @@ Section IterAssocOp. Definition test_and_op_inv a (s : nat * T) := snd s === nat_iter_op (N.to_nat (N.shiftr_nat x (fst s))) a. - Hint Rewrite - N.succ_double_spec - N.add_1_r - Nat2N.inj_succ - Nat2N.inj_mul - N2Nat.id: N_nat_conv - . - - Lemma Nsucc_double_to_nat : forall n, - N.succ_double n = N.of_nat (S (2 * N.to_nat n)). - Proof. - intros. - replace 2 with (N.to_nat 2) by auto. - autorewrite with N_nat_conv. - reflexivity. - Qed. - - Lemma Ndouble_to_nat : forall n, - N.double n = N.of_nat (2 * N.to_nat n). - Proof. - intros. - replace 2 with (N.to_nat 2) by auto. - autorewrite with N_nat_conv. - reflexivity. - Qed. - - Lemma Nshiftr_succ : forall n i, - N.to_nat (N.shiftr_nat n i) = - if N.testbit_nat n i - then S (2 * N.to_nat (N.shiftr_nat n (S i))) - else (2 * N.to_nat (N.shiftr_nat n (S i))). - Proof. - intros. - rewrite Nshiftr_nat_S. - case_eq (N.testbit_nat n i); intro testbit_i; - pose proof (Nshiftr_nat_spec n i 0) as shiftr_n_odd; - rewrite Nbit0_correct in shiftr_n_odd; simpl in shiftr_n_odd; - rewrite testbit_i in shiftr_n_odd. - + pose proof (Ndiv2_double_plus_one (N.shiftr_nat n i) shiftr_n_odd) as Nsucc_double_shift. - rewrite Nsucc_double_to_nat in Nsucc_double_shift. - apply Nat2N.inj. - rewrite Nsucc_double_shift. - apply N2Nat.id. - + pose proof (Ndiv2_double (N.shiftr_nat n i) shiftr_n_odd) as Nsucc_double_shift. - rewrite Ndouble_to_nat in Nsucc_double_shift. - apply Nat2N.inj. - rewrite Nsucc_double_shift. - apply N2Nat.id. - Qed. - Lemma test_and_op_inv_step : forall a s, test_and_op_inv a s -> test_and_op_inv a (test_and_op a s). @@ -122,7 +72,7 @@ Section IterAssocOp. unfold test_and_op_inv, test_and_op; simpl; intro Hpre. destruct i; [ apply Hpre | ]. simpl. - rewrite Nshiftr_succ. + rewrite N.shiftr_succ. rewrite sel_correct. case_eq (testbit i); intro testbit_eq; simpl; rewrite testbit_correct in testbit_eq; rewrite testbit_eq; @@ -157,29 +107,6 @@ Section IterAssocOp. reflexivity. Qed. - Lemma Nsize_nat_equiv : forall n, N.size_nat n = N.to_nat (N.size n). - Proof. - destruct n; auto; simpl; induction p; simpl; auto; rewrite IHp, Pnat.Pos2Nat.inj_succ; reflexivity. - Qed. - - Lemma Nshiftr_size : forall n bound, N.size_nat n <= bound -> - N.shiftr_nat n bound = 0%N. - Proof. - intros. - rewrite <- (Nat2N.id bound). - rewrite Nshiftr_nat_equiv. - destruct (N.eq_dec n 0); subst; [apply N.shiftr_0_l|]. - apply N.shiftr_eq_0. - rewrite Nsize_nat_equiv in *. - rewrite N.size_log2 in * by auto. - apply N.le_succ_l. - rewrite <- N.compare_le_iff. - rewrite N2Nat.inj_compare. - rewrite <- Compare_dec.nat_compare_le. - rewrite Nat2N.id. - auto. - Qed. - Lemma iter_op_correct : forall a bound, N.size_nat x <= bound -> iter_op bound a === nat_iter_op (N.to_nat x) a. Proof. @@ -188,7 +115,7 @@ Section IterAssocOp. apply test_and_op_inv_holds. unfold test_and_op_inv. simpl. - rewrite Nshiftr_size by auto. + rewrite N.shiftr_size by auto. reflexivity. Qed. End IterAssocOp. |