diff options
827 files changed, 2681 insertions, 1847 deletions
diff --git a/_CoqProject b/_CoqProject index 047380cd5..20e7f7ba2 100644 --- a/_CoqProject +++ b/_CoqProject @@ -302,18 +302,30 @@ src/Specific/X2448/Karatsuba/C64/femul.v src/Specific/X2448/Karatsuba/C64/femulDisplay.v src/Specific/X25519/C32/CurveParameters.v src/Specific/X25519/C32/Synthesis.v +src/Specific/X25519/C32/feadd.v +src/Specific/X25519/C32/feaddDisplay.v +src/Specific/X25519/C32/fecarry.v +src/Specific/X25519/C32/fecarryDisplay.v src/Specific/X25519/C32/femul.v src/Specific/X25519/C32/femulDisplay.v src/Specific/X25519/C32/fesquare.v src/Specific/X25519/C32/fesquareDisplay.v +src/Specific/X25519/C32/fesub.v +src/Specific/X25519/C32/fesubDisplay.v src/Specific/X25519/C32/freeze.v src/Specific/X25519/C32/freezeDisplay.v src/Specific/X25519/C64/CurveParameters.v src/Specific/X25519/C64/Synthesis.v +src/Specific/X25519/C64/feadd.v +src/Specific/X25519/C64/feaddDisplay.v +src/Specific/X25519/C64/fecarry.v +src/Specific/X25519/C64/fecarryDisplay.v src/Specific/X25519/C64/femul.v src/Specific/X25519/C64/femulDisplay.v src/Specific/X25519/C64/fesquare.v src/Specific/X25519/C64/fesquareDisplay.v +src/Specific/X25519/C64/fesub.v +src/Specific/X25519/C64/fesubDisplay.v src/Specific/X25519/C64/freeze.v src/Specific/X25519/C64/freezeDisplay.v src/Specific/X25519/C64/ladderstep.v diff --git a/src/Specific/CurveParameters/x25519_c32.json b/src/Specific/CurveParameters/x25519_c32.json index 8d89cff1a..5eda11a59 100644 --- a/src/Specific/CurveParameters/x25519_c32.json +++ b/src/Specific/CurveParameters/x25519_c32.json @@ -6,7 +6,7 @@ "bitwidth" : "32", "carry_chains" : "default", "coef_div_modulus" : "2", - "operations" : ["femul", "fesquare", "freeze"], + "operations" : ["femul", "feadd", "fesub", "fecarry", "fesquare", "freeze"], "compiler" : "gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes", "mul_header" : "(* Micro-optimized form from curve25519-donna by Adam Langley (Google) and Daniel Bernstein. See <https://github.com/agl/curve25519-donna/blob/master/LICENSE.md>. *)", "mul_code" diff --git a/src/Specific/CurveParameters/x25519_c64.json b/src/Specific/CurveParameters/x25519_c64.json index 64bbb872e..3bb2ef423 100644 --- a/src/Specific/CurveParameters/x25519_c64.json +++ b/src/Specific/CurveParameters/x25519_c64.json @@ -6,7 +6,7 @@ "bitwidth" : "64", "carry_chains" : "default", "coef_div_modulus" : "2", - "operations" : ["femul", "fesquare", "freeze", "ladderstep"], + "operations" : ["femul", "feadd", "fesub", "fecarry", "fesquare", "freeze", "ladderstep"], "extra_files" : ["X25519_C64/scalarmult.c"], "compiler" : "gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes", "mul_header" : "(* Micro-optimized form from curve25519-donna-c64 by Adam Langley (Google) and Daniel Bernstein. See <https://github.com/agl/curve25519-donna/blob/master/LICENSE.md>. *)", diff --git a/src/Specific/Framework/ArithmeticSynthesis/Montgomery.v b/src/Specific/Framework/ArithmeticSynthesis/Montgomery.v index a671c1dfd..789c73bd3 100644 --- a/src/Specific/Framework/ArithmeticSynthesis/Montgomery.v +++ b/src/Specific/Framework/ArithmeticSynthesis/Montgomery.v @@ -183,6 +183,25 @@ Section with_args. ). Defined. + (* This is kind-of stupid, but we add it for consistency *) + Local Definition carry_ext_gen + : { f:Z^sz -> Z^sz + | let eval := MontgomeryAPI.eval (Z.pos r) in + ((forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> montgomery_to_F_gen (eval (f A)) + = montgomery_to_F_gen (eval A)))) + /\ (forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> 0 <= eval (f A) < eval m_enc))%Z }. + Proof. + exists (fun A => A). + abstract ( + split; eauto; split; auto; + apply MontgomeryAPI.eval_small; auto; lia + ). + Defined. + Local Definition nonzero_ext_gen : { f:Z^sz -> Z | let eval := MontgomeryAPI.eval (Z.pos r) in @@ -347,6 +366,21 @@ Ltac pose_opp_ext r sz m m_enc r' m_enc_correct_montgomery r_big m_enc_small map ltac:(fun _ => reduce_eq (); reflexivity) opp_ext. +Ltac pose_carry_ext r sz m m_enc r' r_big montgomery_to_F carry_ext := + internal_pose_sig_by_eq + { f:Z^sz -> Z^sz + | let eval := MontgomeryAPI.eval (Z.pos r) in + ((forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> montgomery_to_F (eval (f A)) + = (montgomery_to_F (eval A)))) + /\ (forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> 0 <= eval (f A) < eval m_enc)))%Z } + (@carry_ext_gen r sz m m_enc r' r_big) + ltac:(fun _ => reduce_eq (); reflexivity) + carry_ext. + Ltac pose_nonzero_ext r sz m m_enc r' m_enc_correct_montgomery r'_pow_correct r_big m_big montgomery_to_F nonzero_ext := internal_pose_sig_by_eq { f:Z^sz -> Z @@ -462,6 +496,29 @@ Ltac pose_opp_bounded r sz m_enc montgomery_to_F opp_ext opp_sig opp_bounded := ltac:(apply (proj2_sig opp_ext)) opp_bounded. +Ltac pose_carry_sig r sz m_enc montgomery_to_F carry_ext carry_sig := + cache_term_with_type_by + { f:Z^sz -> Z^sz + | let eval := MontgomeryAPI.eval (Z.pos r) in + forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> montgomery_to_F (eval (f A)) + = (montgomery_to_F (eval A)))%Z } + ltac:(idtac; + let v := (eval cbv [proj1_sig carry_ext_gen carry_ext sig_by_eq] in (proj1_sig carry_ext)) in + (exists v); + abstract apply (proj2_sig carry_ext)) + carry_sig. + +Ltac pose_carry_bounded r sz m_enc montgomery_to_F carry_ext carry_sig carry_bounded := + cache_proof_with_type_by + (let eval := MontgomeryAPI.eval (Z.pos r) in + (forall (A : Z^sz) (_ : small (Z.pos r) A), + (eval A < eval m_enc + -> 0 <= eval (proj1_sig carry_sig A) < eval m_enc))%Z) + ltac:(apply (proj2_sig carry_ext)) + carry_bounded. + Ltac pose_nonzero_sig r sz m m_enc montgomery_to_F nonzero_ext nonzero_sig := cache_term_with_type_by @@ -483,8 +540,8 @@ Ltac pose_ring ring := ring. (* disable default unused things *) -Ltac pose_carry_sig carry_sig := - cache_term tt carry_sig. +(*Ltac pose_carry_sig carry_sig := + cache_term tt carry_sig.*) Ltac pose_freeze_sig freeze_sig := cache_term tt freeze_sig. Ltac pose_Mxzladderstep_sig Mxzladderstep_sig := diff --git a/src/Specific/Framework/ArithmeticSynthesis/MontgomeryPackage.v b/src/Specific/Framework/ArithmeticSynthesis/MontgomeryPackage.v index 5ade26d76..cefc0733f 100644 --- a/src/Specific/Framework/ArithmeticSynthesis/MontgomeryPackage.v +++ b/src/Specific/Framework/ArithmeticSynthesis/MontgomeryPackage.v @@ -9,7 +9,7 @@ Require Import Crypto.Specific.Framework.Packages. Require Import Crypto.Util.TagList. Module TAG. - Inductive tags := m' | r' | m'_correct | r'_correct | m_enc_correct_montgomery | r'_pow_correct | montgomery_to_F | r_big | m_big | m_enc_small | map_m_enc | mul_ext | add_ext | sub_ext | opp_ext | nonzero_ext | mul_bounded | add_bounded | sub_bounded | opp_bounded | nonzero_sig. + Inductive tags := m' | r' | m'_correct | r'_correct | m_enc_correct_montgomery | r'_pow_correct | montgomery_to_F | r_big | m_big | m_enc_small | map_m_enc | mul_ext | add_ext | sub_ext | opp_ext | carry_ext | nonzero_ext | mul_bounded | add_bounded | sub_bounded | opp_bounded | carry_bounded | nonzero_sig. End TAG. Ltac add_m' pkg := @@ -206,6 +206,21 @@ Ltac add_opp_ext pkg := Tag.update pkg TAG.opp_ext opp_ext) ltac:(fun _ => pkg) (). +Ltac add_carry_ext pkg := + if_montgomery + pkg + ltac:(fun _ => let r := Tag.get pkg TAG.r in + let sz := Tag.get pkg TAG.sz in + let m := Tag.get pkg TAG.m in + let m_enc := Tag.get pkg TAG.m_enc in + let r' := Tag.get pkg TAG.r' in + let r_big := Tag.get pkg TAG.r_big in + let montgomery_to_F := Tag.get pkg TAG.montgomery_to_F in + let carry_ext := fresh "carry_ext" in + let carry_ext := pose_carry_ext r sz m m_enc r' r_big montgomery_to_F carry_ext in + Tag.update pkg TAG.carry_ext carry_ext) + ltac:(fun _ => pkg) + (). Ltac add_nonzero_ext pkg := if_montgomery pkg @@ -331,6 +346,33 @@ Ltac add_opp_bounded pkg := Tag.update pkg TAG.opp_bounded opp_bounded) ltac:(fun _ => pkg) (). +Ltac add_carry_sig pkg := + if_montgomery + pkg + ltac:(fun _ => let r := Tag.get pkg TAG.r in + let sz := Tag.get pkg TAG.sz in + let m_enc := Tag.get pkg TAG.m_enc in + let montgomery_to_F := Tag.get pkg TAG.montgomery_to_F in + let carry_ext := Tag.get pkg TAG.carry_ext in + let carry_sig := fresh "carry_sig" in + let carry_sig := pose_carry_sig r sz m_enc montgomery_to_F carry_ext carry_sig in + Tag.update pkg TAG.carry_sig carry_sig) + ltac:(fun _ => pkg) + (). +Ltac add_carry_bounded pkg := + if_montgomery + pkg + ltac:(fun _ => let r := Tag.get pkg TAG.r in + let sz := Tag.get pkg TAG.sz in + let m_enc := Tag.get pkg TAG.m_enc in + let montgomery_to_F := Tag.get pkg TAG.montgomery_to_F in + let carry_ext := Tag.get pkg TAG.carry_ext in + let carry_sig := Tag.get pkg TAG.carry_sig in + let carry_bounded := fresh "carry_bounded" in + let carry_bounded := pose_carry_bounded r sz m_enc montgomery_to_F carry_ext carry_sig carry_bounded in + Tag.update pkg TAG.carry_bounded carry_bounded) + ltac:(fun _ => pkg) + (). Ltac add_nonzero_sig pkg := if_montgomery pkg @@ -353,14 +395,6 @@ Ltac add_ring pkg := Tag.update pkg TAG.ring ring) ltac:(fun _ => pkg) (). -Ltac add_carry_sig pkg := - if_montgomery - pkg - ltac:(fun _ => let carry_sig := fresh "carry_sig" in - let carry_sig := pose_carry_sig carry_sig in - Tag.update pkg TAG.carry_sig carry_sig) - ltac:(fun _ => pkg) - (). Ltac add_freeze_sig pkg := if_montgomery pkg @@ -393,6 +427,7 @@ Ltac add_Montgomery_package pkg := let pkg := add_add_ext pkg in let pkg := add_sub_ext pkg in let pkg := add_opp_ext pkg in + let pkg := add_carry_ext pkg in let pkg := add_nonzero_ext pkg in let pkg := add_mul_sig pkg in let pkg := add_mul_bounded pkg in @@ -402,9 +437,10 @@ Ltac add_Montgomery_package pkg := let pkg := add_sub_bounded pkg in let pkg := add_opp_sig pkg in let pkg := add_opp_bounded pkg in + let pkg := add_carry_sig pkg in + let pkg := add_carry_bounded pkg in let pkg := add_nonzero_sig pkg in let pkg := add_ring pkg in - let pkg := add_carry_sig pkg in let pkg := add_freeze_sig pkg in let pkg := add_Mxzladderstep_sig pkg in Tag.strip_subst_local pkg. @@ -443,6 +479,8 @@ Module MakeMontgomeryPackage (PKG : PrePackage). Notation sub_ext := (ltac:(let v := get_sub_ext () in exact v)) (only parsing). Ltac get_opp_ext _ := get TAG.opp_ext. Notation opp_ext := (ltac:(let v := get_opp_ext () in exact v)) (only parsing). + Ltac get_carry_ext _ := get TAG.carry_ext. + Notation carry_ext := (ltac:(let v := get_carry_ext () in exact v)) (only parsing). Ltac get_nonzero_ext _ := get TAG.nonzero_ext. Notation nonzero_ext := (ltac:(let v := get_nonzero_ext () in exact v)) (only parsing). Ltac get_mul_bounded _ := get TAG.mul_bounded. @@ -453,6 +491,8 @@ Module MakeMontgomeryPackage (PKG : PrePackage). Notation sub_bounded := (ltac:(let v := get_sub_bounded () in exact v)) (only parsing). Ltac get_opp_bounded _ := get TAG.opp_bounded. Notation opp_bounded := (ltac:(let v := get_opp_bounded () in exact v)) (only parsing). + Ltac get_carry_bounded _ := get TAG.carry_bounded. + Notation carry_bounded := (ltac:(let v := get_carry_bounded () in exact v)) (only parsing). Ltac get_nonzero_sig _ := get TAG.nonzero_sig. Notation nonzero_sig := (ltac:(let v := get_nonzero_sig () in exact v)) (only parsing). End MakeMontgomeryPackage. diff --git a/src/Specific/Framework/CurveParameters.v b/src/Specific/Framework/CurveParameters.v index 50ff2278b..ec080491d 100644 --- a/src/Specific/Framework/CurveParameters.v +++ b/src/Specific/Framework/CurveParameters.v @@ -12,7 +12,7 @@ Local Set Primitive Projections. Module Export Notations := RawCurveParameters.Notations. Module TAG. (* namespacing *) - Inductive tags := CP | sz | base | bitwidth | s | c | carry_chains | a24 | coef_div_modulus | goldilocks | montgomery | freeze | ladderstep | upper_bound_of_exponent | allowable_bit_widths | freeze_allowable_bit_widths | modinv_fuel | mul_code | square_code. + Inductive tags := CP | sz | base | bitwidth | s | c | carry_chains | a24 | coef_div_modulus | goldilocks | montgomery | freeze | ladderstep | upper_bound_of_exponent_tight | upper_bound_of_exponent_loose | allowable_bit_widths | freeze_allowable_bit_widths | modinv_fuel | mul_code | square_code. End TAG. Module Export CurveParameters. @@ -48,7 +48,8 @@ Module Export CurveParameters. mul_code : option (Z^sz -> Z^sz -> Z^sz); square_code : option (Z^sz -> Z^sz); - upper_bound_of_exponent : Z -> Z; + upper_bound_of_exponent_tight : Z -> Z; + upper_bound_of_exponent_loose : Z -> Z; allowable_bit_widths : list nat; freeze_allowable_bit_widths : list nat; modinv_fuel : nat @@ -69,7 +70,8 @@ Module Export CurveParameters. ladderstep mul_code square_code - upper_bound_of_exponent + upper_bound_of_exponent_tight + upper_bound_of_exponent_loose allowable_bit_widths freeze_allowable_bit_widths modinv_fuel]. @@ -118,7 +120,17 @@ Module Export CurveParameters. then [8] else nil) ++ (Z.to_nat bitwidth :: 2*Z.to_nat bitwidth :: nil))%nat in - + let upper_bound_of_exponent_tight + := defaulted (RawCurveParameters.upper_bound_of_exponent_tight CP) + (if montgomery + then (fun exp => (2^exp - 1)%Z) + else (fun exp => (2^exp + 2^(exp-3))%Z)) + (* max is [(0, 2^(exp+2) + 2^exp + 2^(exp-1) + 2^(exp-3) + 2^(exp-4) + 2^(exp-5) + 2^(exp-6) + 2^(exp-10) + 2^(exp-12) + 2^(exp-13) + 2^(exp-14) + 2^(exp-15) + 2^(exp-17) + 2^(exp-23) + 2^(exp-24))%Z] *) in + let upper_bound_of_exponent_loose + := defaulted (RawCurveParameters.upper_bound_of_exponent_loose CP) + (if montgomery + then (fun exp => (2^exp - 1)%Z) + else (fun exp => (3 * upper_bound_of_exponent_tight exp)%Z)) in {| sz := sz; base := base; @@ -136,12 +148,8 @@ Module Export CurveParameters. mul_code := RawCurveParameters.mul_code CP; square_code := RawCurveParameters.square_code CP; - upper_bound_of_exponent - := defaulted (RawCurveParameters.upper_bound_of_exponent CP) - (if montgomery - then (fun exp => (2^exp - 1)%Z) - else (fun exp => (2^exp + 2^(exp-3))%Z)); - (* max is [(0, 2^(exp+2) + 2^exp + 2^(exp-1) + 2^(exp-3) + 2^(exp-4) + 2^(exp-5) + 2^(exp-6) + 2^(exp-10) + 2^(exp-12) + 2^(exp-13) + 2^(exp-14) + 2^(exp-15) + 2^(exp-17) + 2^(exp-23) + 2^(exp-24))%Z] *) + upper_bound_of_exponent_tight := upper_bound_of_exponent_tight; + upper_bound_of_exponent_loose := upper_bound_of_exponent_loose; allowable_bit_widths := allowable_bit_widths; freeze_allowable_bit_widths @@ -174,7 +182,8 @@ Module Export CurveParameters. ladderstep := ?ladderstep'; mul_code := ?mul_code'; square_code := ?square_code'; - upper_bound_of_exponent := ?upper_bound_of_exponent'; + upper_bound_of_exponent_tight := ?upper_bound_of_exponent_tight'; + upper_bound_of_exponent_loose := ?upper_bound_of_exponent_loose'; allowable_bit_widths := ?allowable_bit_widths'; freeze_allowable_bit_widths := ?freeze_allowable_bit_widths'; modinv_fuel := ?modinv_fuel' @@ -205,7 +214,8 @@ Module Export CurveParameters. ladderstep := ladderstep'; mul_code := mul_code'; square_code := square_code'; - upper_bound_of_exponent := upper_bound_of_exponent'; + upper_bound_of_exponent_tight := upper_bound_of_exponent_tight'; + upper_bound_of_exponent_loose := upper_bound_of_exponent_loose'; allowable_bit_widths := allowable_bit_widths'; freeze_allowable_bit_widths := freeze_allowable_bit_widths'; modinv_fuel := modinv_fuel' @@ -246,8 +256,10 @@ Module Export CurveParameters. internal_pose_of_CP CP CurveParameters.allowable_bit_widths allowable_bit_widths. Ltac pose_freeze_allowable_bit_widths CP freeze_allowable_bit_widths := internal_pose_of_CP CP CurveParameters.freeze_allowable_bit_widths freeze_allowable_bit_widths. - Ltac pose_upper_bound_of_exponent CP upper_bound_of_exponent := - internal_pose_of_CP CP CurveParameters.upper_bound_of_exponent upper_bound_of_exponent. + Ltac pose_upper_bound_of_exponent_tight CP upper_bound_of_exponent_tight := + internal_pose_of_CP CP CurveParameters.upper_bound_of_exponent_tight upper_bound_of_exponent_tight. + Ltac pose_upper_bound_of_exponent_loose CP upper_bound_of_exponent_loose := + internal_pose_of_CP CP CurveParameters.upper_bound_of_exponent_loose upper_bound_of_exponent_loose. Ltac pose_modinv_fuel CP modinv_fuel := internal_pose_of_CP CP CurveParameters.modinv_fuel modinv_fuel. Ltac pose_mul_code CP mul_code := @@ -340,11 +352,17 @@ Module Export CurveParameters. let freeze_allowable_bit_widths := pose_freeze_allowable_bit_widths CP freeze_allowable_bit_widths in Tag.update pkg TAG.freeze_allowable_bit_widths freeze_allowable_bit_widths. - Ltac add_upper_bound_of_exponent pkg := + Ltac add_upper_bound_of_exponent_tight pkg := + let CP := Tag.get pkg TAG.CP in + let upper_bound_of_exponent_tight := fresh "upper_bound_of_exponent_tight" in + let upper_bound_of_exponent_tight := pose_upper_bound_of_exponent_tight CP upper_bound_of_exponent_tight in + Tag.update pkg TAG.upper_bound_of_exponent_tight upper_bound_of_exponent_tight. + + Ltac add_upper_bound_of_exponent_loose pkg := let CP := Tag.get pkg TAG.CP in - let upper_bound_of_exponent := fresh "upper_bound_of_exponent" in - let upper_bound_of_exponent := pose_upper_bound_of_exponent CP upper_bound_of_exponent in - Tag.update pkg TAG.upper_bound_of_exponent upper_bound_of_exponent. + let upper_bound_of_exponent_loose := fresh "upper_bound_of_exponent_loose" in + let upper_bound_of_exponent_loose := pose_upper_bound_of_exponent_loose CP upper_bound_of_exponent_loose in + Tag.update pkg TAG.upper_bound_of_exponent_loose upper_bound_of_exponent_loose. Ltac add_modinv_fuel pkg := let CP := Tag.get pkg TAG.CP in @@ -379,7 +397,8 @@ Module Export CurveParameters. let pkg := add_ladderstep pkg in let pkg := add_allowable_bit_widths pkg in let pkg := add_freeze_allowable_bit_widths pkg in - let pkg := add_upper_bound_of_exponent pkg in + let pkg := add_upper_bound_of_exponent_tight pkg in + let pkg := add_upper_bound_of_exponent_loose pkg in let pkg := add_modinv_fuel pkg in let pkg := add_mul_code pkg in let pkg := add_square_code pkg in diff --git a/src/Specific/Framework/CurveParametersPackage.v b/src/Specific/Framework/CurveParametersPackage.v index 7b960a09d..836e75489 100644 --- a/src/Specific/Framework/CurveParametersPackage.v +++ b/src/Specific/Framework/CurveParametersPackage.v @@ -67,8 +67,10 @@ Module MakeCurveParametersPackage (PKG : PrePackage). Notation allowable_bit_widths := (ltac:(let v := get_allowable_bit_widths () in exact v)) (only parsing). Ltac get_freeze_allowable_bit_widths _ := get TAG.freeze_allowable_bit_widths. Notation freeze_allowable_bit_widths := (ltac:(let v := get_freeze_allowable_bit_widths () in exact v)) (only parsing). - Ltac get_upper_bound_of_exponent _ := get TAG.upper_bound_of_exponent. - Notation upper_bound_of_exponent := (ltac:(let v := get_upper_bound_of_exponent () in exact v)) (only parsing). + Ltac get_upper_bound_of_exponent_tight _ := get TAG.upper_bound_of_exponent_tight. + Notation upper_bound_of_exponent_tight := (ltac:(let v := get_upper_bound_of_exponent_tight () in exact v)) (only parsing). + Ltac get_upper_bound_of_exponent_loose _ := get TAG.upper_bound_of_exponent_loose. + Notation upper_bound_of_exponent_loose := (ltac:(let v := get_upper_bound_of_exponent_loose () in exact v)) (only parsing). Ltac get_modinv_fuel _ := get TAG.modinv_fuel. Notation modinv_fuel := (ltac:(let v := get_modinv_fuel () in exact v)) (only parsing). Ltac get_mul_code _ := get TAG.mul_code. diff --git a/src/Specific/Framework/IntegrationTestTemporaryMiscCommon.v b/src/Specific/Framework/IntegrationTestTemporaryMiscCommon.v index dbfc38a7d..1ccbb72a7 100644 --- a/src/Specific/Framework/IntegrationTestTemporaryMiscCommon.v +++ b/src/Specific/Framework/IntegrationTestTemporaryMiscCommon.v @@ -137,7 +137,7 @@ Ltac get_proj2_sig_map_arg _ := => let P := get_proj2_sig_map_arg_helper E in uconstr:(fun e : T => P) end. -Ltac get_phi_for_preglue _ := +Ltac get_phi1_for_preglue _ := lazymatch goal with | [ |- { e | @?E e } ] => lazymatch E with @@ -147,9 +147,22 @@ Ltac get_phi_for_preglue _ := => phi end end. +Ltac get_phi2_for_preglue _ := + lazymatch goal with + | [ |- { e | @?E e } ] + => lazymatch E with + | context[_ = ?f (Tuple.map ?phi _)] + => phi + | context[_ = ?f (?phi _)] + => phi + | context[_ = ?phi _] + => phi + end + end. Ltac start_preglue := apply_lift_sig; intros; cbv beta iota zeta; - let phi := get_phi_for_preglue () in + let phi := get_phi1_for_preglue () in + let phi2 := get_phi2_for_preglue () in let P' := get_proj2_sig_map_arg () in refine (proj2_sig_map (P:=P') _ _); [ let FINAL := fresh "FINAL" in @@ -158,11 +171,11 @@ Ltac start_preglue := repeat (let H := fresh in intro H; specialize (FINAL H)); lazymatch goal with | [ |- ?phi _ = ?RHS ] - => refine (@eq_trans _ _ _ RHS FINAL _); cbv [phi]; clear a FINAL + => refine (@eq_trans _ _ _ RHS FINAL _); cbv [phi phi2]; clear a FINAL | [ |- _ /\ Tuple.map (Tuple.map ?phi) _ = _ ] - => split; cbv [phi]; [ refine (proj1 FINAL); shelve | ] + => split; cbv [phi phi2]; [ refine (proj1 FINAL); shelve | ] end - | cbv [phi] ]. + | cbv [phi phi2] ]. Ltac do_set_sig f_sig := let fZ := fresh f_sig in set (fZ := proj1_sig f_sig); diff --git a/src/Specific/Framework/MontgomeryReificationTypes.v b/src/Specific/Framework/MontgomeryReificationTypes.v index 1b476dbe4..e25211e71 100644 --- a/src/Specific/Framework/MontgomeryReificationTypes.v +++ b/src/Specific/Framework/MontgomeryReificationTypes.v @@ -17,31 +17,31 @@ Require Crypto.Arithmetic.Saturated.MontgomeryAPI. Require Import Crypto.Util.Tactics.PoseTermWithName. Require Import Crypto.Util.Tactics.CacheTerm. -Ltac pose_meval feBW r meval := +Ltac pose_meval feBW_tight r meval := cache_term_with_type_by - (feBW -> Z) - ltac:(exact (fun x : feBW => MontgomeryAPI.eval (Z.pos r) (BoundedWordToZ _ _ _ x))) + (feBW_tight -> Z) + ltac:(exact (fun x : feBW_tight => MontgomeryAPI.eval (Z.pos r) (BoundedWordToZ _ _ _ x))) meval. -Ltac pose_feBW_small sz feBW meval r m_enc feBW_small := +Ltac pose_feBW_small sz feBW_tight meval r m_enc feBW_small := cache_term - { v : feBW | meval v < MontgomeryAPI.eval (n:=sz) (Z.pos r) m_enc } + { v : feBW_tight | meval v < MontgomeryAPI.eval (n:=sz) (Z.pos r) m_enc } feBW_small. -Ltac pose_feBW_of_feBW_small feBW feBW_small feBW_of_feBW_small := +Ltac pose_feBW_tight_of_feBW_small feBW_tight feBW_small feBW_tight_of_feBW_small := cache_term_with_type_by - (feBW_small -> feBW) + (feBW_small -> feBW_tight) ltac:(refine (@proj1_sig _ _)) - feBW_of_feBW_small. + feBW_tight_of_feBW_small. -Ltac pose_phiM feBW m meval montgomery_to_F phiM := +Ltac pose_phiM feBW_tight m meval montgomery_to_F phiM := cache_term_with_type_by - (feBW -> F m) - ltac:(exact (fun x : feBW => montgomery_to_F (meval x))) + (feBW_tight -> F m) + ltac:(exact (fun x : feBW_tight => montgomery_to_F (meval x))) phiM. -Ltac pose_phiM_small feBW_small feBW_of_feBW_small m meval montgomery_to_F phiM_small := +Ltac pose_phiM_small feBW_small feBW_tight_of_feBW_small m meval montgomery_to_F phiM_small := cache_term_with_type_by (feBW_small -> F m) - ltac:(exact (fun x : feBW_small => montgomery_to_F (meval (feBW_of_feBW_small x)))) + ltac:(exact (fun x : feBW_small => montgomery_to_F (meval (feBW_tight_of_feBW_small x)))) phiM_small. diff --git a/src/Specific/Framework/MontgomeryReificationTypesPackage.v b/src/Specific/Framework/MontgomeryReificationTypesPackage.v index 6f9364d6e..1be4afda5 100644 --- a/src/Specific/Framework/MontgomeryReificationTypesPackage.v +++ b/src/Specific/Framework/MontgomeryReificationTypesPackage.v @@ -8,16 +8,16 @@ Require Import Crypto.Specific.Framework.Packages. Require Import Crypto.Util.TagList. Module TAG. - Inductive tags := meval | feBW_small | feBW_of_feBW_small | phiM | phiM_small. + Inductive tags := meval | feBW_small | feBW_tight_of_feBW_small | phiM | phiM_small. End TAG. Ltac add_meval pkg := if_montgomery pkg - ltac:(fun _ => let feBW := Tag.get pkg TAG.feBW in + ltac:(fun _ => let feBW_tight := Tag.get pkg TAG.feBW_tight in let r := Tag.get pkg TAG.r in let meval := fresh "meval" in - let meval := pose_meval feBW r meval in + let meval := pose_meval feBW_tight r meval in Tag.update pkg TAG.meval meval) ltac:(fun _ => pkg) (). @@ -25,34 +25,34 @@ Ltac add_feBW_small pkg := if_montgomery pkg ltac:(fun _ => let sz := Tag.get pkg TAG.sz in - let feBW := Tag.get pkg TAG.feBW in + let feBW_tight := Tag.get pkg TAG.feBW_tight in let meval := Tag.get pkg TAG.meval in let r := Tag.get pkg TAG.r in let m_enc := Tag.get pkg TAG.m_enc in let feBW_small := fresh "feBW_small" in - let feBW_small := pose_feBW_small sz feBW meval r m_enc feBW_small in + let feBW_small := pose_feBW_small sz feBW_tight meval r m_enc feBW_small in Tag.update pkg TAG.feBW_small feBW_small) ltac:(fun _ => pkg) (). -Ltac add_feBW_of_feBW_small pkg := +Ltac add_feBW_tight_of_feBW_small pkg := if_montgomery pkg - ltac:(fun _ => let feBW := Tag.get pkg TAG.feBW in + ltac:(fun _ => let feBW_tight := Tag.get pkg TAG.feBW_tight in let feBW_small := Tag.get pkg TAG.feBW_small in - let feBW_of_feBW_small := fresh "feBW_of_feBW_small" in - let feBW_of_feBW_small := pose_feBW_of_feBW_small feBW feBW_small feBW_of_feBW_small in - Tag.update pkg TAG.feBW_of_feBW_small feBW_of_feBW_small) + let feBW_tight_of_feBW_small := fresh "feBW_tight_of_feBW_small" in + let feBW_tight_of_feBW_small := pose_feBW_tight_of_feBW_small feBW_tight feBW_small feBW_tight_of_feBW_small in + Tag.update pkg TAG.feBW_tight_of_feBW_small feBW_tight_of_feBW_small) ltac:(fun _ => pkg) (). Ltac add_phiM pkg := if_montgomery pkg - ltac:(fun _ => let feBW := Tag.get pkg TAG.feBW in + ltac:(fun _ => let feBW_tight := Tag.get pkg TAG.feBW_tight in let m := Tag.get pkg TAG.m in let meval := Tag.get pkg TAG.meval in let montgomery_to_F := Tag.get pkg TAG.montgomery_to_F in let phiM := fresh "phiM" in - let phiM := pose_phiM feBW m meval montgomery_to_F phiM in + let phiM := pose_phiM feBW_tight m meval montgomery_to_F phiM in Tag.update pkg TAG.phiM phiM) ltac:(fun _ => pkg) (). @@ -60,19 +60,19 @@ Ltac add_phiM_small pkg := if_montgomery pkg ltac:(fun _ => let feBW_small := Tag.get pkg TAG.feBW_small in - let feBW_of_feBW_small := Tag.get pkg TAG.feBW_of_feBW_small in + let feBW_tight_of_feBW_small := Tag.get pkg TAG.feBW_tight_of_feBW_small in let m := Tag.get pkg TAG.m in let meval := Tag.get pkg TAG.meval in let montgomery_to_F := Tag.get pkg TAG.montgomery_to_F in let phiM_small := fresh "phiM_small" in - let phiM_small := pose_phiM_small feBW_small feBW_of_feBW_small m meval montgomery_to_F phiM_small in + let phiM_small := pose_phiM_small feBW_small feBW_tight_of_feBW_small m meval montgomery_to_F phiM_small in Tag.update pkg TAG.phiM_small phiM_small) ltac:(fun _ => pkg) (). Ltac add_MontgomeryReificationTypes_package pkg := let pkg := add_meval pkg in let pkg := add_feBW_small pkg in - let pkg := add_feBW_of_feBW_small pkg in + let pkg := add_feBW_tight_of_feBW_small pkg in let pkg := add_phiM pkg in let pkg := add_phiM_small pkg in Tag.strip_subst_local pkg. @@ -85,8 +85,8 @@ Module MakeMontgomeryReificationTypesPackage (PKG : PrePackage). Notation meval := (ltac:(let v := get_meval () in exact v)) (only parsing). Ltac get_feBW_small _ := get TAG.feBW_small. Notation feBW_small := (ltac:(let v := get_feBW_small () in exact v)) (only parsing). - Ltac get_feBW_of_feBW_small _ := get TAG.feBW_of_feBW_small. - Notation feBW_of_feBW_small := (ltac:(let v := get_feBW_of_feBW_small () in exact v)) (only parsing). + Ltac get_feBW_tight_of_feBW_small _ := get TAG.feBW_tight_of_feBW_small. + Notation feBW_tight_of_feBW_small := (ltac:(let v := get_feBW_tight_of_feBW_small () in exact v)) (only parsing). Ltac get_phiM _ := get TAG.phiM. Notation phiM := (ltac:(let v := get_phiM () in exact v)) (only parsing). Ltac get_phiM_small _ := get TAG.phiM_small. diff --git a/src/Specific/Framework/RawCurveParameters.v b/src/Specific/Framework/RawCurveParameters.v index a3f3dd5b8..ae3040b10 100644 --- a/src/Specific/Framework/RawCurveParameters.v +++ b/src/Specific/Framework/RawCurveParameters.v @@ -37,8 +37,10 @@ Record CurveParameters := mul_code : option (Z^sz -> Z^sz -> Z^sz); square_code : option (Z^sz -> Z^sz); - upper_bound_of_exponent + upper_bound_of_exponent_tight : option (Z -> Z) (* defaults to [fun exp => 2^exp + 2^(exp-3)] for non-montgomery, [fun exp => 2^exp - 1] for montgomery *); + upper_bound_of_exponent_loose + : option (Z -> Z) (* defaults to [3 * upper_bound_of_exponent_tight] for non-montgomery, [fun exp => 2^exp - 1] for montgomery *); allowable_bit_widths : option (list nat) (* defaults to [bitwidth :: 2*bitwidth :: nil] *); freeze_extra_allowable_bit_widths @@ -61,7 +63,8 @@ Declare Reduction cbv_RawCurveParameters ladderstep mul_code square_code - upper_bound_of_exponent + upper_bound_of_exponent_tight + upper_bound_of_exponent_loose allowable_bit_widths freeze_extra_allowable_bit_widths modinv_fuel]. diff --git a/src/Specific/Framework/ReificationTypes.v b/src/Specific/Framework/ReificationTypes.v index 879c20aa9..3b2d68b0b 100644 --- a/src/Specific/Framework/ReificationTypes.v +++ b/src/Specific/Framework/ReificationTypes.v @@ -10,6 +10,8 @@ Require Import Crypto.Util.FixedWordSizes. Require Import Crypto.Util.Tuple. Require Import Crypto.Util.ZRange Crypto.Util.BoundedWord. Require Import Crypto.Util.Tactics.DestructHead. +Require Import Crypto.Util.ZUtil.Tactics.LtbToLt. +Require Import Crypto.Util.Bool. Require Import Crypto.Util.Decidable. Require Import Crypto.Util.Tactics.PoseTermWithName. @@ -33,13 +35,19 @@ Ltac pose_local_bounds_exp sz limb_widths bounds_exp := (Tuple.from_list sz limb_widths eq_refl)) bounds_exp. -Ltac pose_local_bounds sz upper_bound_of_exponent bounds_exp bounds := +Ltac internal_pose_local_bounds sz upper_bound_of_exponent bounds_exp bounds := let b_of := get_b_of upper_bound_of_exponent in pose_term_with_type (Tuple.tuple zrange sz) ltac:(fun _ => eval compute in (Tuple.map (fun e => b_of e) bounds_exp)) bounds. +Ltac pose_local_bounds_tight sz upper_bound_of_exponent_tight bounds_exp bounds_tight := + internal_pose_local_bounds sz upper_bound_of_exponent_tight bounds_exp bounds_tight. +Ltac pose_local_bounds_loose sz upper_bound_of_exponent_loose bounds_exp bounds_loose := + internal_pose_local_bounds sz upper_bound_of_exponent_loose bounds_exp bounds_loose. +Ltac pose_local_bounds_limbwidths sz bounds_exp bounds_limbwidths := + internal_pose_local_bounds sz (fun exp => (2^exp - 1)%Z) bounds_exp bounds_limbwidths. Ltac pose_bound1 r bound1 := cache_term_with_type_by @@ -69,16 +77,73 @@ Ltac pose_feW sz lgbitwidth feW := Type ltac:(let v := eval cbv [lgbitwidth] in (tuple (wordT lgbitwidth) sz) in exact v) feW. -Ltac pose_feW_bounded feW bounds feW_bounded := +Ltac internal_pose_feW_bounded feW bounds feW_bounded := cache_term_with_type_by (feW -> Prop) ltac:(let v := eval cbv [bounds] in (fun w : feW => is_bounded_by None bounds (map wordToZ w)) in exact_no_check v) feW_bounded. -Ltac pose_feBW sz adjusted_bitwidth' bounds feBW := +Ltac pose_feW_tight_bounded feW bounds_tight feW_tight_bounded := + internal_pose_feW_bounded feW bounds_tight feW_tight_bounded. +Ltac pose_feW_loose_bounded feW bounds_loose feW_loose_bounded := + internal_pose_feW_bounded feW bounds_loose feW_loose_bounded. +Ltac pose_feW_limbwidths_bounded feW bounds_limbwidths feW_limbwidths_bounded := + internal_pose_feW_bounded feW bounds_limbwidths feW_limbwidths_bounded. + +Ltac internal_pose_feBW sz adjusted_bitwidth' bounds feBW := cache_term_with_type_by Type ltac:(let v := eval cbv [adjusted_bitwidth' bounds] in (BoundedWord sz adjusted_bitwidth' bounds) in exact v) feBW. +Ltac pose_feBW_tight sz adjusted_bitwidth' bounds_tight feBW_tight := + internal_pose_feBW sz adjusted_bitwidth' bounds_tight feBW_tight. +Ltac pose_feBW_loose sz adjusted_bitwidth' bounds_loose feBW_loose := + internal_pose_feBW sz adjusted_bitwidth' bounds_loose feBW_loose. +Ltac pose_feBW_limbwidths sz adjusted_bitwidth' bounds_limbwidths feBW_limbwidths := + internal_pose_feBW sz adjusted_bitwidth' bounds_limbwidths feBW_limbwidths. + +Lemma relax'_pf {sz in_bounds out_bounds} {v : tuple Z sz} + (Htight : fieldwiseb is_tighter_than_bool in_bounds out_bounds = true) + : is_bounded_by None in_bounds v -> is_bounded_by None out_bounds v. +Proof. + destruct sz as [|sz]; simpl in *; trivial. + induction sz as [|sz IHsz]; simpl in *; + repeat first [ exact I + | progress destruct_head'_prod + | progress destruct_head' zrange + | progress cbv [is_tighter_than_bool] in * + | progress split_andb + | progress Z.ltb_to_lt + | progress cbn [fst snd ZRange.lower ZRange.upper] in * + | progress destruct_head_hnf' and + | progress intros + | apply conj + | omega + | solve [ eauto ] ]. +Qed. + +Definition relax' {sz adjusted_bitwidth'} {in_bounds out_bounds} + (Htight : Tuple.fieldwiseb ZRange.is_tighter_than_bool in_bounds out_bounds = true) + : BoundedWord sz adjusted_bitwidth' in_bounds + -> BoundedWord sz adjusted_bitwidth' out_bounds + := fun w => exist _ (proj1_sig w) (relax'_pf Htight (proj2_sig w)). + +Ltac internal_pose_feBW_relax sz feBW_in feBW_out feBW_relax := + cache_term_with_type_by + (feBW_in -> feBW_out) + ltac:(refine (@relax' sz _ _ _ _); + lazymatch goal with + | [ |- fieldwiseb is_tighter_than_bool ?in_bounds ?out_bounds = true ] + => try cbv [in_bounds]; + try cbv [out_bounds] + end; + abstract vm_cast_no_check (eq_refl true)) + feBW_relax. +Ltac pose_feBW_relax sz feBW_tight feBW_loose feBW_relax := + internal_pose_feBW_relax sz feBW_tight feBW_loose feBW_relax. +Ltac pose_feBW_relax_limbwidths_to_tight sz feBW_limbwidths feBW_tight feBW_relax_limbwidths_to_tight := + internal_pose_feBW_relax sz feBW_limbwidths feBW_tight feBW_relax_limbwidths_to_tight. +Ltac pose_feBW_relax_limbwidths_to_loose sz feBW_limbwidths feBW_loose feBW_relax_limbwidths_to_loose := + internal_pose_feBW_relax sz feBW_limbwidths feBW_loose feBW_relax_limbwidths_to_loose. Lemma feBW_bounded_helper' sz adjusted_bitwidth' bounds @@ -130,25 +195,36 @@ Proof. assumption. Qed. -Ltac pose_feBW_bounded freeze wt sz feBW adjusted_bitwidth' bounds m wt_nonneg feBW_bounded := - match (eval vm_compute in freeze) with +Ltac internal_pose_feBW_bounded freeze wt sz feBW adjusted_bitwidth' bounds m wt_nonneg feBW_bounded := + lazymatch (eval vm_compute in freeze) with | true => cache_proof_with_type_by (forall a : feBW, 0 <= B.Positional.eval wt (BoundedWordToZ sz adjusted_bitwidth' bounds a) < 2 * Z.pos m) ltac:(apply (@feBW_bounded_helper sz adjusted_bitwidth' bounds wt wt_nonneg); - vm_compute; clear; split; congruence) + cbv -[Z.lt Z.le]; + clear; vm_decide) feBW_bounded | false => cache_term tt feBW_bounded end. +Ltac pose_feBW_tight_bounded freeze wt sz feBW_tight adjusted_bitwidth' bounds_tight m wt_nonneg feBW_tight_bounded := + internal_pose_feBW_bounded freeze wt sz feBW_tight adjusted_bitwidth' bounds_tight m wt_nonneg feBW_tight_bounded. +Ltac pose_feBW_limbwidths_bounded freeze wt sz feBW_limbwidths adjusted_bitwidth' bounds_limbwidths m wt_nonneg feBW_limbwidths_bounded := + internal_pose_feBW_bounded freeze wt sz feBW_limbwidths adjusted_bitwidth' bounds_limbwidths m wt_nonneg feBW_limbwidths_bounded. Ltac pose_phiW feW m wt phiW := cache_term_with_type_by (feW -> F m) ltac:(exact (fun x : feW => B.Positional.Fdecode wt (Tuple.map wordToZ x))) phiW. -Ltac pose_phiBW feBW m wt phiBW := +Ltac internal_pose_phiBW feBW m wt phiBW := cache_term_with_type_by (feBW -> F m) ltac:(exact (fun x : feBW => B.Positional.Fdecode wt (BoundedWordToZ _ _ _ x))) phiBW. +Ltac pose_phiBW_tight feBW_tight m wt phiBW_tight := + internal_pose_phiBW feBW_tight m wt phiBW_tight. +Ltac pose_phiBW_loose feBW_loose m wt phiBW_loose := + internal_pose_phiBW feBW_loose m wt phiBW_loose. +Ltac pose_phiBW_limbwidths feBW_limbwidths m wt phiBW_limbwidths := + internal_pose_phiBW feBW_limbwidths m wt phiBW_limbwidths. diff --git a/src/Specific/Framework/ReificationTypesPackage.v b/src/Specific/Framework/ReificationTypesPackage.v index 55e3a2cb3..d10d72202 100644 --- a/src/Specific/Framework/ReificationTypesPackage.v +++ b/src/Specific/Framework/ReificationTypesPackage.v @@ -6,7 +6,7 @@ Require Import Crypto.Specific.Framework.Packages. Require Import Crypto.Util.TagList. Module TAG. - Inductive tags := limb_widths | bounds_exp | bounds | bound1 | lgbitwidth | adjusted_bitwidth' | adjusted_bitwidth | feZ | feW | feW_bounded | feBW | feBW_bounded | phiW | phiBW. + Inductive tags := limb_widths | bounds_exp | bounds_tight | bounds_loose | bounds_limbwidths | bound1 | lgbitwidth | adjusted_bitwidth' | adjusted_bitwidth | feZ | feW | feW_tight_bounded | feW_loose_bounded | feW_limbwidths_bounded | feBW_tight | feBW_loose | feBW_limbwidths | feBW_relax | feBW_relax_limbwidths_to_tight | feBW_relax_limbwidths_to_loose | feBW_tight_bounded | feBW_limbwidths_bounded | phiW | phiBW_tight | phiBW_loose | phiBW_limbwidths. End TAG. Ltac add_limb_widths pkg := @@ -23,13 +23,28 @@ Ltac add_bounds_exp pkg := let bounds_exp := pose_local_bounds_exp sz limb_widths bounds_exp in Tag.local_update pkg TAG.bounds_exp bounds_exp. -Ltac add_bounds pkg := +Ltac add_bounds_tight pkg := let sz := Tag.get pkg TAG.sz in - let upper_bound_of_exponent := Tag.get pkg TAG.upper_bound_of_exponent in + let upper_bound_of_exponent_tight := Tag.get pkg TAG.upper_bound_of_exponent_tight in let bounds_exp := Tag.get pkg TAG.bounds_exp in - let bounds := fresh "bounds" in - let bounds := pose_local_bounds sz upper_bound_of_exponent bounds_exp bounds in - Tag.local_update pkg TAG.bounds bounds. + let bounds_tight := fresh "bounds_tight" in + let bounds_tight := pose_local_bounds_tight sz upper_bound_of_exponent_tight bounds_exp bounds_tight in + Tag.local_update pkg TAG.bounds_tight bounds_tight. + +Ltac add_bounds_loose pkg := + let sz := Tag.get pkg TAG.sz in + let upper_bound_of_exponent_loose := Tag.get pkg TAG.upper_bound_of_exponent_loose in + let bounds_exp := Tag.get pkg TAG.bounds_exp in + let bounds_loose := fresh "bounds_loose" in + let bounds_loose := pose_local_bounds_loose sz upper_bound_of_exponent_loose bounds_exp bounds_loose in + Tag.local_update pkg TAG.bounds_loose bounds_loose. + +Ltac add_bounds_limbwidths pkg := + let sz := Tag.get pkg TAG.sz in + let bounds_exp := Tag.get pkg TAG.bounds_exp in + let bounds_limbwidths := fresh "bounds_limbwidths" in + let bounds_limbwidths := pose_local_bounds_limbwidths sz bounds_exp bounds_limbwidths in + Tag.local_update pkg TAG.bounds_limbwidths bounds_limbwidths. Ltac add_bound1 pkg := let r := Tag.get pkg TAG.r in @@ -68,33 +83,100 @@ Ltac add_feW pkg := let feW := pose_feW sz lgbitwidth feW in Tag.update pkg TAG.feW feW. -Ltac add_feW_bounded pkg := +Ltac add_feW_tight_bounded pkg := + let feW := Tag.get pkg TAG.feW in + let bounds_tight := Tag.get pkg TAG.bounds_tight in + let feW_tight_bounded := fresh "feW_tight_bounded" in + let feW_tight_bounded := pose_feW_tight_bounded feW bounds_tight feW_tight_bounded in + Tag.update pkg TAG.feW_tight_bounded feW_tight_bounded. + +Ltac add_feW_loose_bounded pkg := + let feW := Tag.get pkg TAG.feW in + let bounds_loose := Tag.get pkg TAG.bounds_loose in + let feW_loose_bounded := fresh "feW_loose_bounded" in + let feW_loose_bounded := pose_feW_loose_bounded feW bounds_loose feW_loose_bounded in + Tag.update pkg TAG.feW_loose_bounded feW_loose_bounded. + +Ltac add_feW_limbwidths_bounded pkg := let feW := Tag.get pkg TAG.feW in - let bounds := Tag.get pkg TAG.bounds in - let feW_bounded := fresh "feW_bounded" in - let feW_bounded := pose_feW_bounded feW bounds feW_bounded in - Tag.update pkg TAG.feW_bounded feW_bounded. + let bounds_limbwidths := Tag.get pkg TAG.bounds_limbwidths in + let feW_limbwidths_bounded := fresh "feW_limbwidths_bounded" in + let feW_limbwidths_bounded := pose_feW_limbwidths_bounded feW bounds_limbwidths feW_limbwidths_bounded in + Tag.update pkg TAG.feW_limbwidths_bounded feW_limbwidths_bounded. -Ltac add_feBW pkg := +Ltac add_feBW_tight pkg := let sz := Tag.get pkg TAG.sz in let adjusted_bitwidth' := Tag.get pkg TAG.adjusted_bitwidth' in - let bounds := Tag.get pkg TAG.bounds in - let feBW := fresh "feBW" in - let feBW := pose_feBW sz adjusted_bitwidth' bounds feBW in - Tag.update pkg TAG.feBW feBW. + let bounds_tight := Tag.get pkg TAG.bounds_tight in + let feBW_tight := fresh "feBW_tight" in + let feBW_tight := pose_feBW_tight sz adjusted_bitwidth' bounds_tight feBW_tight in + Tag.update pkg TAG.feBW_tight feBW_tight. + +Ltac add_feBW_loose pkg := + let sz := Tag.get pkg TAG.sz in + let adjusted_bitwidth' := Tag.get pkg TAG.adjusted_bitwidth' in + let bounds_loose := Tag.get pkg TAG.bounds_loose in + let feBW_loose := fresh "feBW_loose" in + let feBW_loose := pose_feBW_loose sz adjusted_bitwidth' bounds_loose feBW_loose in + Tag.update pkg TAG.feBW_loose feBW_loose. + +Ltac add_feBW_limbwidths pkg := + let sz := Tag.get pkg TAG.sz in + let adjusted_bitwidth' := Tag.get pkg TAG.adjusted_bitwidth' in + let bounds_limbwidths := Tag.get pkg TAG.bounds_limbwidths in + let feBW_limbwidths := fresh "feBW_limbwidths" in + let feBW_limbwidths := pose_feBW_limbwidths sz adjusted_bitwidth' bounds_limbwidths feBW_limbwidths in + Tag.update pkg TAG.feBW_limbwidths feBW_limbwidths. + +Ltac add_feBW_relax pkg := + let sz := Tag.get pkg TAG.sz in + let feBW_tight := Tag.get pkg TAG.feBW_tight in + let feBW_loose := Tag.get pkg TAG.feBW_loose in + let feBW_relax := fresh "feBW_relax" in + let feBW_relax := pose_feBW_relax sz feBW_tight feBW_loose feBW_relax in + Tag.update pkg TAG.feBW_relax feBW_relax. -Ltac add_feBW_bounded pkg := +Ltac add_feBW_relax_limbwidths_to_tight pkg := + let sz := Tag.get pkg TAG.sz in + let feBW_limbwidths := Tag.get pkg TAG.feBW_limbwidths in + let feBW_tight := Tag.get pkg TAG.feBW_tight in + let feBW_relax_limbwidths_to_tight := fresh "feBW_relax_limbwidths_to_tight" in + let feBW_relax_limbwidths_to_tight := pose_feBW_relax_limbwidths_to_tight sz feBW_limbwidths feBW_tight feBW_relax_limbwidths_to_tight in + Tag.update pkg TAG.feBW_relax_limbwidths_to_tight feBW_relax_limbwidths_to_tight. + +Ltac add_feBW_relax_limbwidths_to_loose pkg := + let sz := Tag.get pkg TAG.sz in + let feBW_limbwidths := Tag.get pkg TAG.feBW_limbwidths in + let feBW_loose := Tag.get pkg TAG.feBW_loose in + let feBW_relax_limbwidths_to_loose := fresh "feBW_relax_limbwidths_to_loose" in + let feBW_relax_limbwidths_to_loose := pose_feBW_relax_limbwidths_to_loose sz feBW_limbwidths feBW_loose feBW_relax_limbwidths_to_loose in + Tag.update pkg TAG.feBW_relax_limbwidths_to_loose feBW_relax_limbwidths_to_loose. + +Ltac add_feBW_tight_bounded pkg := let freeze := Tag.get pkg TAG.freeze in let wt := Tag.get pkg TAG.wt in let sz := Tag.get pkg TAG.sz in - let feBW := Tag.get pkg TAG.feBW in + let feBW_tight := Tag.get pkg TAG.feBW_tight in let adjusted_bitwidth' := Tag.get pkg TAG.adjusted_bitwidth' in - let bounds := Tag.get pkg TAG.bounds in + let bounds_tight := Tag.get pkg TAG.bounds_tight in let m := Tag.get pkg TAG.m in let wt_nonneg := Tag.get pkg TAG.wt_nonneg in - let feBW_bounded := fresh "feBW_bounded" in - let feBW_bounded := pose_feBW_bounded freeze wt sz feBW adjusted_bitwidth' bounds m wt_nonneg feBW_bounded in - Tag.update pkg TAG.feBW_bounded feBW_bounded. + let feBW_tight_bounded := fresh "feBW_tight_bounded" in + let feBW_tight_bounded := pose_feBW_tight_bounded freeze wt sz feBW_tight adjusted_bitwidth' bounds_tight m wt_nonneg feBW_tight_bounded in + Tag.update pkg TAG.feBW_tight_bounded feBW_tight_bounded. + +Ltac add_feBW_limbwidths_bounded pkg := + let freeze := Tag.get pkg TAG.freeze in + let wt := Tag.get pkg TAG.wt in + let sz := Tag.get pkg TAG.sz in + let feBW_limbwidths := Tag.get pkg TAG.feBW_limbwidths in + let adjusted_bitwidth' := Tag.get pkg TAG.adjusted_bitwidth' in + let bounds_limbwidths := Tag.get pkg TAG.bounds_limbwidths in + let m := Tag.get pkg TAG.m in + let wt_nonneg := Tag.get pkg TAG.wt_nonneg in + let feBW_limbwidths_bounded := fresh "feBW_limbwidths_bounded" in + let feBW_limbwidths_bounded := pose_feBW_limbwidths_bounded freeze wt sz feBW_limbwidths adjusted_bitwidth' bounds_limbwidths m wt_nonneg feBW_limbwidths_bounded in + Tag.update pkg TAG.feBW_limbwidths_bounded feBW_limbwidths_bounded. Ltac add_phiW pkg := let feW := Tag.get pkg TAG.feW in @@ -104,29 +186,57 @@ Ltac add_phiW pkg := let phiW := pose_phiW feW m wt phiW in Tag.update pkg TAG.phiW phiW. -Ltac add_phiBW pkg := - let feBW := Tag.get pkg TAG.feBW in +Ltac add_phiBW_tight pkg := + let feBW_tight := Tag.get pkg TAG.feBW_tight in + let m := Tag.get pkg TAG.m in + let wt := Tag.get pkg TAG.wt in + let phiBW_tight := fresh "phiBW_tight" in + let phiBW_tight := pose_phiBW_tight feBW_tight m wt phiBW_tight in + Tag.update pkg TAG.phiBW_tight phiBW_tight. + +Ltac add_phiBW_loose pkg := + let feBW_loose := Tag.get pkg TAG.feBW_loose in + let m := Tag.get pkg TAG.m in + let wt := Tag.get pkg TAG.wt in + let phiBW_loose := fresh "phiBW_loose" in + let phiBW_loose := pose_phiBW_loose feBW_loose m wt phiBW_loose in + Tag.update pkg TAG.phiBW_loose phiBW_loose. + +Ltac add_phiBW_limbwidths pkg := + let feBW_limbwidths := Tag.get pkg TAG.feBW_limbwidths in let m := Tag.get pkg TAG.m in let wt := Tag.get pkg TAG.wt in - let phiBW := fresh "phiBW" in - let phiBW := pose_phiBW feBW m wt phiBW in - Tag.update pkg TAG.phiBW phiBW. + let phiBW_limbwidths := fresh "phiBW_limbwidths" in + let phiBW_limbwidths := pose_phiBW_limbwidths feBW_limbwidths m wt phiBW_limbwidths in + Tag.update pkg TAG.phiBW_limbwidths phiBW_limbwidths. Ltac add_ReificationTypes_package pkg := let pkg := add_limb_widths pkg in let pkg := add_bounds_exp pkg in - let pkg := add_bounds pkg in + let pkg := add_bounds_tight pkg in + let pkg := add_bounds_loose pkg in + let pkg := add_bounds_limbwidths pkg in let pkg := add_bound1 pkg in let pkg := add_lgbitwidth pkg in let pkg := add_adjusted_bitwidth' pkg in let pkg := add_adjusted_bitwidth pkg in let pkg := add_feZ pkg in let pkg := add_feW pkg in - let pkg := add_feW_bounded pkg in - let pkg := add_feBW pkg in - let pkg := add_feBW_bounded pkg in + let pkg := add_feW_tight_bounded pkg in + let pkg := add_feW_loose_bounded pkg in + let pkg := add_feW_limbwidths_bounded pkg in + let pkg := add_feBW_tight pkg in + let pkg := add_feBW_loose pkg in + let pkg := add_feBW_limbwidths pkg in + let pkg := add_feBW_relax pkg in + let pkg := add_feBW_relax_limbwidths_to_tight pkg in + let pkg := add_feBW_relax_limbwidths_to_loose pkg in + let pkg := add_feBW_tight_bounded pkg in + let pkg := add_feBW_limbwidths_bounded pkg in let pkg := add_phiW pkg in - let pkg := add_phiBW pkg in + let pkg := add_phiBW_tight pkg in + let pkg := add_phiBW_loose pkg in + let pkg := add_phiBW_limbwidths pkg in Tag.strip_subst_local pkg. @@ -139,14 +249,34 @@ Module MakeReificationTypesPackage (PKG : PrePackage). Notation adjusted_bitwidth := (ltac:(let v := get_adjusted_bitwidth () in exact v)) (only parsing). Ltac get_feW _ := get TAG.feW. Notation feW := (ltac:(let v := get_feW () in exact v)) (only parsing). - Ltac get_feW_bounded _ := get TAG.feW_bounded. - Notation feW_bounded := (ltac:(let v := get_feW_bounded () in exact v)) (only parsing). - Ltac get_feBW _ := get TAG.feBW. - Notation feBW := (ltac:(let v := get_feBW () in exact v)) (only parsing). - Ltac get_feBW_bounded _ := get TAG.feBW_bounded. - Notation feBW_bounded := (ltac:(let v := get_feBW_bounded () in exact v)) (only parsing). + Ltac get_feW_tight_bounded _ := get TAG.feW_tight_bounded. + Notation feW_tight_bounded := (ltac:(let v := get_feW_tight_bounded () in exact v)) (only parsing). + Ltac get_feW_loose_bounded _ := get TAG.feW_loose_bounded. + Notation feW_loose_bounded := (ltac:(let v := get_feW_loose_bounded () in exact v)) (only parsing). + Ltac get_feW_limbwidths_bounded _ := get TAG.feW_limbwidths_bounded. + Notation feW_limbwidths_bounded := (ltac:(let v := get_feW_limbwidths_bounded () in exact v)) (only parsing). + Ltac get_feBW_tight _ := get TAG.feBW_tight. + Notation feBW_tight := (ltac:(let v := get_feBW_tight () in exact v)) (only parsing). + Ltac get_feBW_loose _ := get TAG.feBW_loose. + Notation feBW_loose := (ltac:(let v := get_feBW_loose () in exact v)) (only parsing). + Ltac get_feBW_limbwidths _ := get TAG.feBW_limbwidths. + Notation feBW_limbwidths := (ltac:(let v := get_feBW_limbwidths () in exact v)) (only parsing). + Ltac get_feBW_relax _ := get TAG.feBW_relax. + Notation feBW_relax := (ltac:(let v := get_feBW_relax () in exact v)) (only parsing). + Ltac get_feBW_relax_limbwidths_to_tight _ := get TAG.feBW_relax_limbwidths_to_tight. + Notation feBW_relax_limbwidths_to_tight := (ltac:(let v := get_feBW_relax_limbwidths_to_tight () in exact v)) (only parsing). + Ltac get_feBW_relax_limbwidths_to_loose _ := get TAG.feBW_relax_limbwidths_to_loose. + Notation feBW_relax_limbwidths_to_loose := (ltac:(let v := get_feBW_relax_limbwidths_to_loose () in exact v)) (only parsing). + Ltac get_feBW_tight_bounded _ := get TAG.feBW_tight_bounded. + Notation feBW_tight_bounded := (ltac:(let v := get_feBW_tight_bounded () in exact v)) (only parsing). + Ltac get_feBW_limbwidths_bounded _ := get TAG.feBW_limbwidths_bounded. + Notation feBW_limbwidths_bounded := (ltac:(let v := get_feBW_limbwidths_bounded () in exact v)) (only parsing). Ltac get_phiW _ := get TAG.phiW. Notation phiW := (ltac:(let v := get_phiW () in exact v)) (only parsing). - Ltac get_phiBW _ := get TAG.phiBW. - Notation phiBW := (ltac:(let v := get_phiBW () in exact v)) (only parsing). + Ltac get_phiBW_tight _ := get TAG.phiBW_tight. + Notation phiBW_tight := (ltac:(let v := get_phiBW_tight () in exact v)) (only parsing). + Ltac get_phiBW_loose _ := get TAG.phiBW_loose. + Notation phiBW_loose := (ltac:(let v := get_phiBW_loose () in exact v)) (only parsing). + Ltac get_phiBW_limbwidths _ := get TAG.phiBW_limbwidths. + Notation phiBW_limbwidths := (ltac:(let v := get_phiBW_limbwidths () in exact v)) (only parsing). End MakeReificationTypesPackage. diff --git a/src/Specific/Framework/SynthesisFramework.v b/src/Specific/Framework/SynthesisFramework.v index b45931430..a7f8e5ee5 100644 --- a/src/Specific/Framework/SynthesisFramework.v +++ b/src/Specific/Framework/SynthesisFramework.v @@ -77,22 +77,26 @@ Module PackageSynthesis (PKG : PrePackage). Include MP. Include MRP. - Ltac synthesize_with_carry do_rewrite get_op_sig := - let carry_sig := get_carry_sig () in + Ltac synthesize do_rewrite get_op_sig := let op_sig := get_op_sig () in let allowable_bit_widths := get_allowable_bit_widths () in start_preglue; - [ do_rewrite op_sig carry_sig; cbv_runtime + [ do_rewrite op_sig; cbv_runtime | .. ]; fin_preglue; refine_reflectively_gen allowable_bit_widths default. + Ltac synthesize_with_carry do_rewrite get_op_sig := + let carry_sig := get_carry_sig () in + synthesize ltac:(fun op_sig => do_rewrite op_sig carry_sig) get_op_sig. + Ltac synthesize_narg get_op_sig := + synthesize do_rewrite_with_sig get_op_sig. Ltac synthesize_2arg_with_carry get_op_sig := synthesize_with_carry do_rewrite_with_2sig_add_carry get_op_sig. Ltac synthesize_1arg_with_carry get_op_sig := synthesize_with_carry do_rewrite_with_1sig_add_carry get_op_sig. Ltac synthesize_montgomery get_op_sig get_op_bounded := - let phi := get_phi_for_preglue () in + let phi := get_phi1_for_preglue () in let op_sig := get_op_sig () in let op_bounded := get_op_bounded () in let allowable_bit_widths := get_allowable_bit_widths () in @@ -110,30 +114,38 @@ Module PackageSynthesis (PKG : PrePackage). factor_out_bounds_and_strip_eval op_bounded op_sig_side_conditions_t; refine_reflectively_gen allowable_bit_widths anf. - Ltac synthesize_2arg_choice get_op_sig get_op_bounded := - let montgomery := get_montgomery () in - lazymatch (eval vm_compute in montgomery) with - | true => synthesize_montgomery get_op_sig get_op_bounded - | false => synthesize_2arg_with_carry get_op_sig - end. - Ltac synthesize_1arg_choice get_op_sig get_op_bounded := + Ltac synthesize_narg_choice_gen synthesize get_op_sig get_op_bounded := let montgomery := get_montgomery () in lazymatch (eval vm_compute in montgomery) with | true => synthesize_montgomery get_op_sig get_op_bounded - | false => synthesize_1arg_with_carry get_op_sig + | false => synthesize get_op_sig end. + Ltac synthesize_narg_choice get_op_sig get_op_bounded := + synthesize_narg_choice_gen synthesize_narg get_op_sig get_op_bounded. + Ltac synthesize_2arg_choice_with_carry get_op_sig get_op_bounded := + synthesize_narg_choice_gen synthesize_2arg_with_carry get_op_sig get_op_bounded. + Ltac synthesize_1arg_choice_with_carry get_op_sig get_op_bounded := + synthesize_narg_choice_gen synthesize_1arg_with_carry get_op_sig get_op_bounded. - Ltac synthesize_mul _ := synthesize_2arg_choice get_mul_sig get_mul_bounded. - Ltac synthesize_add _ := synthesize_2arg_choice get_add_sig get_add_bounded. - Ltac synthesize_sub _ := synthesize_2arg_choice get_sub_sig get_sub_bounded. - Ltac synthesize_opp _ := synthesize_1arg_choice get_opp_sig get_opp_bounded. - Ltac synthesize_square _ := synthesize_1arg_with_carry get_square_sig. + Ltac synthesize_carry_mul _ := synthesize_2arg_choice_with_carry get_mul_sig get_mul_bounded. + Ltac synthesize_carry_add _ := synthesize_2arg_choice_with_carry get_add_sig get_add_bounded. + Ltac synthesize_carry_sub _ := synthesize_2arg_choice_with_carry get_sub_sig get_sub_bounded. + Ltac synthesize_carry_opp _ := synthesize_1arg_choice_with_carry get_opp_sig get_opp_bounded. + Ltac synthesize_carry_square _ := synthesize_1arg_with_carry get_square_sig. + Ltac synthesize_nocarry_mul _ := synthesize_narg_choice get_mul_sig get_mul_bounded. + Ltac synthesize_add _ := synthesize_narg_choice get_add_sig get_add_bounded. + Ltac synthesize_sub _ := synthesize_narg_choice get_sub_sig get_sub_bounded. + Ltac synthesize_opp _ := synthesize_narg_choice get_opp_sig get_opp_bounded. + Ltac synthesize_carry _ := synthesize_narg_choice get_carry_sig get_carry_bounded. + Ltac synthesize_nocarry_square _ := synthesize_narg get_square_sig. + Ltac synthesize_mul _ := synthesize_carry_mul (). + Ltac synthesize_square _ := synthesize_carry_square (). Ltac synthesize_freeze _ := let freeze_sig := get_freeze_sig () in - let feBW_bounded := get_feBW_bounded () in + let feBW_tight_bounded := get_feBW_tight_bounded () in let freeze_allowable_bit_widths := get_freeze_allowable_bit_widths () in start_preglue; - [ do_rewrite_with_sig_by freeze_sig ltac:(fun _ => apply feBW_bounded); cbv_runtime + [ do_rewrite_with_sig_by freeze_sig ltac:(fun _ => apply feBW_tight_bounded); cbv_runtime | .. ]; fin_preglue; refine_reflectively_gen freeze_allowable_bit_widths anf. diff --git a/src/Specific/Framework/make_curve.py b/src/Specific/Framework/make_curve.py index 1642ae7d9..88860f343 100755 --- a/src/Specific/Framework/make_curve.py +++ b/src/Specific/Framework/make_curve.py @@ -44,21 +44,6 @@ def compute_c(modulus_str): return list(reversed(ret)) # XXX FIXME: Is this the right way to extract c? return [('1', rest)] -def compute_goldilocks(s, c): - # true if the prime is of the form 2^2k - 2^k - 1 - ms = re.match(r'^2\^([0-9]+)$', s) - if ms is None: return False - two_k = int(ms.groups()[0]) - assert(isinstance(c, list)) - if len(c) != 2: return False - one_vs = [str(v) for k, v in c if str(k) == '1'] - others = [(str(k), str(v)) for k, v in c if str(k) != '1'] - if len(one_vs) != 1 or len(others) != 1 or one_vs[0] != '1' or others[0][1] != '1': return False - mk = re.match(r'^2\^([0-9]+)$', others[0][0]) - if mk is None: return False - k = int(mk.groups()[0]) - if two_k != 2 * k: return False - return True def parse_base(base): ret = 0 @@ -235,7 +220,6 @@ def make_curve_parameters(parameters): replacements['carry_chains'] = 'Some %s%%nat' % nested_list_to_string(default_carry_chains(replacements['sz'])) replacements['s'] = parameters.get('s', compute_s(parameters['modulus'])) replacements['c'] = parameters.get('c', compute_c(parameters['modulus'])) - replacements['goldilocks'] = parameters.get('goldilocks', compute_goldilocks(replacements['s'], replacements['c'])) for op, nargs in (('mul', 2), ('square', 1)): replacements[op] = format_c_code(parameters.get(op + '_header', None), parameters.get(op + '_code', None), @@ -244,7 +228,8 @@ def make_curve_parameters(parameters): replacements['coef_div_modulus_raw'] = replacements.get('coef_div_modulus', '0') replacements['freeze'] = fix_option(nested_list_to_string(replacements.get('freeze', 'freeze' in parameters.get('operations', [])))) replacements['ladderstep'] = nested_list_to_string(replacements.get('ladderstep', any(f in parameters.get('operations', []) for f in ('ladderstep', 'xzladderstep')))) - for k, scope_string in (('upper_bound_of_exponent', ''), + for k, scope_string in (('upper_bound_of_exponent_loose', ''), + ('upper_bound_of_exponent_tight', ''), ('allowable_bit_widths', '%nat'), ('freeze_extra_allowable_bit_widths', '%nat'), ('coef_div_modulus', '%nat'), @@ -288,7 +273,8 @@ Definition curve : CurveParameters := square_code := %(square)s; - upper_bound_of_exponent := %(upper_bound_of_exponent)s; + upper_bound_of_exponent_loose := %(upper_bound_of_exponent_loose)s; + upper_bound_of_exponent_tight := %(upper_bound_of_exponent_tight)s; allowable_bit_widths := %(allowable_bit_widths)s; freeze_extra_allowable_bit_widths := %(freeze_extra_allowable_bit_widths)s; modinv_fuel := %(modinv_fuel)s @@ -312,31 +298,34 @@ Module Export S := PackageSynthesis P. """ % prefix def make_synthesized_arg(fearg, prefix, montgomery=False): - if fearg in ('femul', 'fesub', 'feadd'): + def make_from_arg(arg, nargs, phi_arg_postfix='', phi_output_postfix='', prefix=prefix): + LETTERS = 'abcdefghijklmnopqrstuvwxyz' + assert(nargs <= len(LETTERS)) + arg_names = ' '.join(LETTERS[:nargs]) if not montgomery: - return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import %(prefix)s.Synthesis. - -(* TODO : change this to field once field isomorphism happens *) -Definition %(arg)s : - { %(arg)s : feBW -> feBW -> feBW - | forall a b, phiBW (%(arg)s a b) = F.%(arg)s (phiBW a) (phiBW b) }. -Proof. - Set Ltac Profiling. - Time synthesize_%(arg)s (). - Show Ltac Profile. -Time Defined. - -Print Assumptions %(arg)s. -""" % {'prefix':prefix, 'arg':fearg[2:]} + arg_types = ' -> '.join(['feBW%s' % phi_arg_postfix] * nargs) + mapped_args = ' '.join('(phiBW%s %s)' % (phi_arg_postfix, l) + for l in LETTERS[:nargs]) + feBW_output = 'feBW' + phi_output_postfix + phi_output = 'phiBW' + phi_output_postfix else: - return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. + arg_types = ' -> '.join(['feBW_small'] * nargs) + mapped_args = ' '.join('(phiM_small %s)' % l + for l in LETTERS[:nargs]) + feBW_output = 'feBW_small' + phi_output = 'phiM_small' + return locals() + GEN_PREARG = r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. Require Import %(prefix)s.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition %(arg)s : - { %(arg)s : feBW_small -> feBW_small -> feBW_small - | forall a b, phiM_small (%(arg)s a b) = F.%(arg)s (phiM_small a) (phiM_small b) }. + { %(arg)s : %(arg_types)s -> %(feBW_output)s + | forall %(arg_names)s, %(phi_output)s (%(arg)s %(arg_names)s) = """ + GEN_MIDARG = "F.%(arg)s %(mapped_args)s" + SQUARE_MIDARG = "F.mul %(mapped_args)s %(mapped_args)s" + CARRY_MIDARG = "%(mapped_args)s" + GEN_POSTARG = r""" }. Proof. Set Ltac Profiling. Time synthesize_%(arg)s (). @@ -344,31 +333,31 @@ Proof. Time Defined. Print Assumptions %(arg)s. -""" % {'prefix':prefix, 'arg':fearg[2:]} - elif fearg in ('fesquare',): - return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import %(prefix)s.Synthesis. - -(* TODO : change this to field once field isomorphism happens *) -Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. -Proof. - Set Ltac Profiling. - Time synthesize_square (). - Show Ltac Profile. -Time Defined. - -Print Assumptions square. -""" % {'prefix':prefix} +""" + GEN_ARG = GEN_PREARG + GEN_MIDARG + GEN_POSTARG + SQUARE_ARG = GEN_PREARG + SQUARE_MIDARG + GEN_POSTARG + CARRY_ARG = GEN_PREARG + CARRY_MIDARG + GEN_POSTARG + nargs_map = {'mul':2, 'sub':2, 'add':2, 'square':1, 'opp':1, 'carry':1} + special_args = {'fecarry':CARRY_ARG, 'fecarry_square':SQUARE_ARG, 'fesquare':SQUARE_ARG} + if fearg in ('fecarry_mul', 'fecarry_sub', 'fecarry_add', 'fecarry_square', 'fecarry_opp'): + nargs = nargs_map[fearg.split('_')[-1]] + ARG = special_args.get(fearg, GEN_ARG) + return ARG % make_from_arg(fearg[2:], nargs=nargs, phi_arg_postfix='_tight', phi_output_postfix='_tight') + elif fearg in ('femul', 'fesquare', 'fecarry'): + ARG = special_args.get(fearg, GEN_ARG) + nargs = nargs_map[fearg[2:]] + return ARG % make_from_arg(fearg[2:], nargs=nargs, phi_arg_postfix='_loose', phi_output_postfix='_tight') + if fearg in ('fesub', 'feadd', 'feopp'): + nargs = nargs_map[fearg[2:]] + return GEN_ARG % make_from_arg(fearg[2:], nargs=nargs, phi_arg_postfix='_tight', phi_output_postfix='_loose') elif fearg in ('freeze',): return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. Require Import %(prefix)s.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). @@ -377,39 +366,6 @@ Time Defined. Print Assumptions freeze. """ % {'prefix':prefix} - elif fearg in ('feopp',): - if not montgomery: - return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import %(prefix)s.Synthesis. - -(* TODO : change this to field once field isomorphism happens *) -Definition %(arg)s : - { %(arg)s : feBW -> feBW - | forall a, phiBW (%(arg)s a) = F.%(arg)s (phiBW a) }. -Proof. - Set Ltac Profiling. - Time synthesize_%(arg)s (). - Show Ltac Profile. -Time Defined. - -Print Assumptions %(arg)s. -""" % {'prefix':prefix, 'arg':fearg[2:]} - else: - return r"""Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import %(prefix)s.Synthesis. - -(* TODO : change this to field once field isomorphism happens *) -Definition %(arg)s : - { %(arg)s : feBW_small -> feBW_small - | forall a, phiM_small (%(arg)s a) = F.%(arg)s (phiM_small a) }. -Proof. - Set Ltac Profiling. - Time synthesize_%(arg)s (). - Show Ltac Profile. -Time Defined. - -Print Assumptions %(arg)s. -""" % {'prefix':prefix, 'arg':fearg[2:]} elif fearg in ('fenz',): assert(fearg == 'fenz') assert(montgomery) @@ -443,11 +399,11 @@ Definition xzladderstep : | forall x1 Q Q', let xz := xzladderstep x1 Q Q' in let eval := B.Positional.Fdecode wt in - feW_bounded x1 - -> feW_bounded (fst Q) /\ feW_bounded (snd Q) - -> feW_bounded (fst Q') /\ feW_bounded (snd Q') - -> ((feW_bounded (fst (fst xz)) /\ feW_bounded (snd (fst xz))) - /\ (feW_bounded (fst (snd xz)) /\ feW_bounded (snd (snd xz)))) + feW_tight_bounded x1 + -> feW_tight_bounded (fst Q) /\ feW_tight_bounded (snd Q) + -> feW_tight_bounded (fst Q') /\ feW_tight_bounded (snd Q') + -> ((feW_tight_bounded (fst (fst xz)) /\ feW_tight_bounded (snd (fst xz))) + /\ (feW_tight_bounded (fst (snd xz)) /\ feW_tight_bounded (snd (snd xz)))) /\ Tuple.map (n:=2) (Tuple.map (n:=2) phiW) xz = FMxzladderstep (m:=m) (eval (proj1_sig a24_sig)) (phiW x1) (Tuple.map (n:=2) phiW Q) (Tuple.map (n:=2) phiW Q') }. Proof. Set Ltac Profiling. @@ -465,7 +421,8 @@ Print Assumptions xzladderstep. def make_display_arg(fearg, prefix): file_name = fearg function_name = fearg - if fearg in ('femul', 'fesub', 'feadd', 'fesquare', 'feopp'): + if fearg in ('femul', 'fesub', 'feadd', 'fesquare', 'feopp', 'fecarry', + 'fecarry_mul', 'fecarry_sub', 'fecarry_add', 'fecarry_square', 'fecarry_opp'): function_name = fearg[2:] elif fearg in ('freeze', 'xzladderstep'): pass @@ -489,6 +446,17 @@ set -eu %s "$@" """ % compiler +DONT_EDIT_STR = 'WARNING: This file was copied from %s.\n If you edit it here, changes will be erased the next time remake_curves.sh is run.' +DONT_EDIT_HEADERS = { + '.c' : '/* ' + DONT_EDIT_STR + ' */', + '.h' : '/* ' + DONT_EDIT_STR + ' */', + '.v' : '(* ' + DONT_EDIT_STR + ' *)', + '.ml' : '(* ' + DONT_EDIT_STR + ' *)', + '.ml4' : '(* ' + DONT_EDIT_STR + ' *)', + '.py' : '# ' + DONT_EDIT_STR.replace('\n', '\n# '), +} + + def main(*args): if '--help' in args[1:] or '-h' in args[1:]: usage(0) @@ -509,7 +477,11 @@ def main(*args): outputs[arg + '.v'] = make_synthesized_arg(arg, output_prefix, montgomery=as_bool(parameters.get('montgomery', 'false'))) outputs[arg + 'Display.v'] = make_display_arg(arg, output_prefix) for fname in parameters.get('extra_files', []): - outputs[os.path.basename(fname)] = open(os.path.join(parameters_folder, fname), 'r').read() + _, ext = os.path.splitext(fname) + header = '' + if ext in DONT_EDIT_HEADERS.keys(): + header = DONT_EDIT_HEADERS[ext] % os.path.relpath(fname, os.path.join(root, 'src')) + outputs[os.path.basename(fname)] = header + '\n' + open(os.path.join(parameters_folder, fname), 'r').read() if 'compiler' in parameters.keys(): outputs['compiler.sh'] = make_compiler(parameters['compiler']) file_list = tuple((k, os.path.join(output_folder, k)) for k in sorted(outputs.keys())) diff --git a/src/Specific/NISTP256/AMD128/CurveParameters.v b/src/Specific/NISTP256/AMD128/CurveParameters.v index ba86c9d18..f3c1cc5b1 100644 --- a/src/Specific/NISTP256/AMD128/CurveParameters.v +++ b/src/Specific/NISTP256/AMD128/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/NISTP256/AMD128/fenzDisplay.log b/src/Specific/NISTP256/AMD128/fenzDisplay.log index db2b799ea..53c690df8 100644 --- a/src/Specific/NISTP256/AMD128/fenzDisplay.log +++ b/src/Specific/NISTP256/AMD128/fenzDisplay.log @@ -5,16 +5,4 @@ Interp-η uint128_t x3 = (x2 | x1); return x3) x - : word128 * word128 → ReturnType (Tbase match (if match match (let (lower, _) := Synthesis.P.bound1 in - lower) with - | 0%Z => Eq - | Z.pos _ => Lt - | Z.neg _ => Gt - end with - | Eq => true - | Lt => true - | Gt => false - end then Some 7 else None) with - | Some lgsz => Syntax.TWord lgsz - | None => Syntax.TZ - end) + : word128 * word128 → ReturnType uint128_t diff --git a/src/Specific/NISTP256/AMD64/CurveParameters.v b/src/Specific/NISTP256/AMD64/CurveParameters.v index f6ff3b583..90846add3 100644 --- a/src/Specific/NISTP256/AMD64/CurveParameters.v +++ b/src/Specific/NISTP256/AMD64/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/NISTP256/AMD64/fenzDisplay.log b/src/Specific/NISTP256/AMD64/fenzDisplay.log index 241c31016..65afbc2d6 100644 --- a/src/Specific/NISTP256/AMD64/fenzDisplay.log +++ b/src/Specific/NISTP256/AMD64/fenzDisplay.log @@ -7,16 +7,4 @@ Interp-η uint64_t x9 = (x2 | x8); return x9) x - : word64 * word64 * word64 * word64 → ReturnType (Tbase match (if match match (let (lower, _) := Synthesis.P.bound1 in - lower) with - | 0%Z => Eq - | Z.pos _ => Lt - | Z.neg _ => Gt - end with - | Eq => true - | Lt => true - | Gt => false - end then Some 6 else None) with - | Some lgsz => Syntax.TWord lgsz - | None => Syntax.TZ - end) + : word64 * word64 * word64 * word64 → ReturnType uint64_t diff --git a/src/Specific/X2448/Karatsuba/C64/CurveParameters.v b/src/Specific/X2448/Karatsuba/C64/CurveParameters.v index d908ae846..e9da717e8 100644 --- a/src/Specific/X2448/Karatsuba/C64/CurveParameters.v +++ b/src/Specific/X2448/Karatsuba/C64/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/X2448/Karatsuba/C64/femul.v b/src/Specific/X2448/Karatsuba/C64/femul.v index 07dd9b26d..756c23e30 100644 --- a/src/Specific/X2448/Karatsuba/C64/femul.v +++ b/src/Specific/X2448/Karatsuba/C64/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X2448.Karatsuba.C64.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/X25519/C32/CurveParameters.v b/src/Specific/X25519/C32/CurveParameters.v index 5a1163f91..0ab20d299 100644 --- a/src/Specific/X25519/C32/CurveParameters.v +++ b/src/Specific/X25519/C32/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := Some 121665; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -245,7 +245,8 @@ Definition curve : CurveParameters := (output9, output8, output7, output6, output5, output4, output3, output2, output1, output0) ); - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/X25519/C32/feadd.v b/src/Specific/X25519/C32/feadd.v new file mode 100644 index 000000000..f74cf9cef --- /dev/null +++ b/src/Specific/X25519/C32/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C32.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_tight -> feBW_tight -> feBW_loose + | forall a b, phiBW_loose (add a b) = F.add (phiBW_tight a) (phiBW_tight b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/X25519/C32/feaddDisplay.log b/src/Specific/X25519/C32/feaddDisplay.log new file mode 100644 index 000000000..8a4c51148 --- /dev/null +++ b/src/Specific/X25519/C32/feaddDisplay.log @@ -0,0 +1,7 @@ +λ x x0 : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x20, x21, x19, x17, x15, x13, x11, x9, x7, x5, (x38, x39, x37, x35, x33, x31, x29, x27, x25, x23))%core, + ((x20 + x38), (x21 + x39), (x19 + x37), (x17 + x35), (x15 + x33), (x13 + x31), (x11 + x29), (x9 + x27), (x7 + x25), (x5 + x23))) +(x, x0)%core + : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 → word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 → ReturnType (uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t) diff --git a/src/Specific/X25519/C32/feaddDisplay.v b/src/Specific/X25519/C32/feaddDisplay.v new file mode 100644 index 000000000..2df58b8f5 --- /dev/null +++ b/src/Specific/X25519/C32/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C32.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/X25519/C32/fecarry.v b/src/Specific/X25519/C32/fecarry.v new file mode 100644 index 000000000..e2f207757 --- /dev/null +++ b/src/Specific/X25519/C32/fecarry.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C32.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition carry : + { carry : feBW_loose -> feBW_tight + | forall a, phiBW_tight (carry a) = (phiBW_loose a) }. +Proof. + Set Ltac Profiling. + Time synthesize_carry (). + Show Ltac Profile. +Time Defined. + +Print Assumptions carry. diff --git a/src/Specific/X25519/C32/fecarryDisplay.log b/src/Specific/X25519/C32/fecarryDisplay.log new file mode 100644 index 000000000..186e797bb --- /dev/null +++ b/src/Specific/X25519/C32/fecarryDisplay.log @@ -0,0 +1,42 @@ +λ x : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x17, x18, x16, x14, x12, x10, x8, x6, x4, x2)%core, + uint32_t x19 = (x2 >> 0x1a); + uint32_t x20 = (x2 & 0x3ffffff); + uint32_t x21 = (x19 + x4); + uint32_t x22 = (x21 >> 0x19); + uint32_t x23 = (x21 & 0x1ffffff); + uint32_t x24 = (x22 + x6); + uint32_t x25 = (x24 >> 0x1a); + uint32_t x26 = (x24 & 0x3ffffff); + uint32_t x27 = (x25 + x8); + uint32_t x28 = (x27 >> 0x19); + uint32_t x29 = (x27 & 0x1ffffff); + uint32_t x30 = (x28 + x10); + uint32_t x31 = (x30 >> 0x1a); + uint32_t x32 = (x30 & 0x3ffffff); + uint32_t x33 = (x31 + x12); + uint32_t x34 = (x33 >> 0x19); + uint32_t x35 = (x33 & 0x1ffffff); + uint32_t x36 = (x34 + x14); + uint32_t x37 = (x36 >> 0x1a); + uint32_t x38 = (x36 & 0x3ffffff); + uint32_t x39 = (x37 + x16); + uint32_t x40 = (x39 >> 0x19); + uint32_t x41 = (x39 & 0x1ffffff); + uint32_t x42 = (x40 + x18); + uint32_t x43 = (x42 >> 0x1a); + uint32_t x44 = (x42 & 0x3ffffff); + uint32_t x45 = (x43 + x17); + uint32_t x46 = (x45 >> 0x19); + uint32_t x47 = (x45 & 0x1ffffff); + uint32_t x48 = (x20 + (0x13 * x46)); + uint32_t x49 = (x48 >> 0x1a); + uint32_t x50 = (x48 & 0x3ffffff); + uint32_t x51 = (x49 + x23); + uint32_t x52 = (x51 >> 0x19); + uint32_t x53 = (x51 & 0x1ffffff); + return (Return x47, Return x44, Return x41, Return x38, Return x35, Return x32, Return x29, (x52 + x26), Return x53, Return x50)) +x + : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 → ReturnType (uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t) diff --git a/src/Specific/X25519/C32/fecarryDisplay.v b/src/Specific/X25519/C32/fecarryDisplay.v new file mode 100644 index 000000000..0b40b86e4 --- /dev/null +++ b/src/Specific/X25519/C32/fecarryDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C32.fecarry. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display carry. diff --git a/src/Specific/X25519/C32/femul.v b/src/Specific/X25519/C32/femul.v index bc62814e9..3f902f965 100644 --- a/src/Specific/X25519/C32/femul.v +++ b/src/Specific/X25519/C32/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C32.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/X25519/C32/femulDisplay.log b/src/Specific/X25519/C32/femulDisplay.log index 7564ec007..1650f4c9d 100644 --- a/src/Specific/X25519/C32/femulDisplay.log +++ b/src/Specific/X25519/C32/femulDisplay.log @@ -66,18 +66,18 @@ Interp-η uint64_t x101 = (x100 >> 0x19); uint32_t x102 = ((uint32_t)x100 & 0x1ffffff); uint64_t x103 = (x101 + x67); - uint32_t x104 = (uint32_t) (x103 >> 0x1a); + uint64_t x104 = (x103 >> 0x1a); uint32_t x105 = ((uint32_t)x103 & 0x3ffffff); uint64_t x106 = (x104 + x64); - uint32_t x107 = (uint32_t) (x106 >> 0x19); + uint64_t x107 = (x106 >> 0x19); uint32_t x108 = ((uint32_t)x106 & 0x1ffffff); uint64_t x109 = (x107 + x61); - uint32_t x110 = (uint32_t) (x109 >> 0x1a); + uint64_t x110 = (x109 >> 0x1a); uint32_t x111 = ((uint32_t)x109 & 0x3ffffff); uint64_t x112 = (x110 + x49); - uint32_t x113 = (uint32_t) (x112 >> 0x19); + uint64_t x113 = (x112 >> 0x19); uint32_t x114 = ((uint32_t)x112 & 0x1ffffff); - uint64_t x115 = (x87 + ((uint64_t)0x13 * x113)); + uint64_t x115 = (x87 + (0x13 * x113)); uint32_t x116 = (uint32_t) (x115 >> 0x1a); uint32_t x117 = ((uint32_t)x115 & 0x3ffffff); uint32_t x118 = (x116 + x90); diff --git a/src/Specific/X25519/C32/fesquare.v b/src/Specific/X25519/C32/fesquare.v index 2bea3bf8b..169e20cbd 100644 --- a/src/Specific/X25519/C32/fesquare.v +++ b/src/Specific/X25519/C32/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C32.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/X25519/C32/fesquareDisplay.log b/src/Specific/X25519/C32/fesquareDisplay.log index dc270a356..06c5bc75f 100644 --- a/src/Specific/X25519/C32/fesquareDisplay.log +++ b/src/Specific/X25519/C32/fesquareDisplay.log @@ -66,18 +66,18 @@ Interp-η uint64_t x80 = (x79 >> 0x19); uint32_t x81 = ((uint32_t)x79 & 0x1ffffff); uint64_t x82 = (x80 + x46); - uint32_t x83 = (uint32_t) (x82 >> 0x1a); + uint64_t x83 = (x82 >> 0x1a); uint32_t x84 = ((uint32_t)x82 & 0x3ffffff); uint64_t x85 = (x83 + x43); - uint32_t x86 = (uint32_t) (x85 >> 0x19); + uint64_t x86 = (x85 >> 0x19); uint32_t x87 = ((uint32_t)x85 & 0x1ffffff); uint64_t x88 = (x86 + x40); - uint32_t x89 = (uint32_t) (x88 >> 0x1a); + uint64_t x89 = (x88 >> 0x1a); uint32_t x90 = ((uint32_t)x88 & 0x3ffffff); uint64_t x91 = (x89 + x28); - uint32_t x92 = (uint32_t) (x91 >> 0x19); + uint64_t x92 = (x91 >> 0x19); uint32_t x93 = ((uint32_t)x91 & 0x1ffffff); - uint64_t x94 = (x66 + ((uint64_t)0x13 * x92)); + uint64_t x94 = (x66 + (0x13 * x92)); uint32_t x95 = (uint32_t) (x94 >> 0x1a); uint32_t x96 = ((uint32_t)x94 & 0x3ffffff); uint32_t x97 = (x95 + x69); diff --git a/src/Specific/X25519/C32/fesub.v b/src/Specific/X25519/C32/fesub.v new file mode 100644 index 000000000..30e06cd5d --- /dev/null +++ b/src/Specific/X25519/C32/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C32.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_tight -> feBW_tight -> feBW_loose + | forall a b, phiBW_loose (sub a b) = F.sub (phiBW_tight a) (phiBW_tight b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/X25519/C32/fesubDisplay.log b/src/Specific/X25519/C32/fesubDisplay.log new file mode 100644 index 000000000..bb18a6a51 --- /dev/null +++ b/src/Specific/X25519/C32/fesubDisplay.log @@ -0,0 +1,7 @@ +λ x x0 : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x20, x21, x19, x17, x15, x13, x11, x9, x7, x5, (x38, x39, x37, x35, x33, x31, x29, x27, x25, x23))%core, + (((0x3fffffe + x20) - x38), ((0x7fffffe + x21) - x39), ((0x3fffffe + x19) - x37), ((0x7fffffe + x17) - x35), ((0x3fffffe + x15) - x33), ((0x7fffffe + x13) - x31), ((0x3fffffe + x11) - x29), ((0x7fffffe + x9) - x27), ((0x3fffffe + x7) - x25), ((0x7ffffda + x5) - x23))) +(x, x0)%core + : word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 → word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 * word32 → ReturnType (uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t * uint32_t) diff --git a/src/Specific/X25519/C32/fesubDisplay.v b/src/Specific/X25519/C32/fesubDisplay.v new file mode 100644 index 000000000..9a35e2289 --- /dev/null +++ b/src/Specific/X25519/C32/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C32.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/X25519/C32/freeze.v b/src/Specific/X25519/C32/freeze.v index bac5a019f..31098197f 100644 --- a/src/Specific/X25519/C32/freeze.v +++ b/src/Specific/X25519/C32/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C32.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/X25519/C64/CurveParameters.v b/src/Specific/X25519/C64/CurveParameters.v index 816b333fd..6a209e169 100644 --- a/src/Specific/X25519/C64/CurveParameters.v +++ b/src/Specific/X25519/C64/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := Some 121665; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := true; @@ -62,7 +62,8 @@ Definition curve : CurveParameters := (t4, t3, t2, t1, t0) ); - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/X25519/C64/feadd.v b/src/Specific/X25519/C64/feadd.v new file mode 100644 index 000000000..43d887638 --- /dev/null +++ b/src/Specific/X25519/C64/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C64.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_tight -> feBW_tight -> feBW_loose + | forall a b, phiBW_loose (add a b) = F.add (phiBW_tight a) (phiBW_tight b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/X25519/C64/feaddDisplay.log b/src/Specific/X25519/C64/feaddDisplay.log new file mode 100644 index 000000000..bce3421b2 --- /dev/null +++ b/src/Specific/X25519/C64/feaddDisplay.log @@ -0,0 +1,7 @@ +λ x x0 : word64 * word64 * word64 * word64 * word64, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x10, x11, x9, x7, x5, (x18, x19, x17, x15, x13))%core, + ((x10 + x18), (x11 + x19), (x9 + x17), (x7 + x15), (x5 + x13))) +(x, x0)%core + : word64 * word64 * word64 * word64 * word64 → word64 * word64 * word64 * word64 * word64 → ReturnType (uint64_t * uint64_t * uint64_t * uint64_t * uint64_t) diff --git a/src/Specific/X25519/C64/feaddDisplay.v b/src/Specific/X25519/C64/feaddDisplay.v new file mode 100644 index 000000000..e1a666c66 --- /dev/null +++ b/src/Specific/X25519/C64/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C64.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/X25519/C64/fecarry.v b/src/Specific/X25519/C64/fecarry.v new file mode 100644 index 000000000..324aa5ffe --- /dev/null +++ b/src/Specific/X25519/C64/fecarry.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C64.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition carry : + { carry : feBW_loose -> feBW_tight + | forall a, phiBW_tight (carry a) = (phiBW_loose a) }. +Proof. + Set Ltac Profiling. + Time synthesize_carry (). + Show Ltac Profile. +Time Defined. + +Print Assumptions carry. diff --git a/src/Specific/X25519/C64/fecarryDisplay.log b/src/Specific/X25519/C64/fecarryDisplay.log new file mode 100644 index 000000000..648dc77cf --- /dev/null +++ b/src/Specific/X25519/C64/fecarryDisplay.log @@ -0,0 +1,27 @@ +λ x : word64 * word64 * word64 * word64 * word64, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x7, x8, x6, x4, x2)%core, + uint64_t x9 = (x2 >> 0x33); + uint64_t x10 = (x2 & 0x7ffffffffffff); + uint64_t x11 = (x9 + x4); + uint64_t x12 = (x11 >> 0x33); + uint64_t x13 = (x11 & 0x7ffffffffffff); + uint64_t x14 = (x12 + x6); + uint64_t x15 = (x14 >> 0x33); + uint64_t x16 = (x14 & 0x7ffffffffffff); + uint64_t x17 = (x15 + x8); + uint64_t x18 = (x17 >> 0x33); + uint64_t x19 = (x17 & 0x7ffffffffffff); + uint64_t x20 = (x18 + x7); + uint64_t x21 = (x20 >> 0x33); + uint64_t x22 = (x20 & 0x7ffffffffffff); + uint64_t x23 = (x10 + (0x13 * x21)); + uint64_t x24 = (x23 >> 0x33); + uint64_t x25 = (x23 & 0x7ffffffffffff); + uint64_t x26 = (x24 + x13); + uint64_t x27 = (x26 >> 0x33); + uint64_t x28 = (x26 & 0x7ffffffffffff); + return (Return x22, Return x19, (x27 + x16), Return x28, Return x25)) +x + : word64 * word64 * word64 * word64 * word64 → ReturnType (uint64_t * uint64_t * uint64_t * uint64_t * uint64_t) diff --git a/src/Specific/X25519/C64/fecarryDisplay.v b/src/Specific/X25519/C64/fecarryDisplay.v new file mode 100644 index 000000000..48d97919e --- /dev/null +++ b/src/Specific/X25519/C64/fecarryDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C64.fecarry. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display carry. diff --git a/src/Specific/X25519/C64/femul.v b/src/Specific/X25519/C64/femul.v index 7292df912..eeaa4fad0 100644 --- a/src/Specific/X25519/C64/femul.v +++ b/src/Specific/X25519/C64/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C64.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/X25519/C64/fesquare.v b/src/Specific/X25519/C64/fesquare.v index fa692f559..6939bca51 100644 --- a/src/Specific/X25519/C64/fesquare.v +++ b/src/Specific/X25519/C64/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C64.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/X25519/C64/fesub.v b/src/Specific/X25519/C64/fesub.v new file mode 100644 index 000000000..b17e79366 --- /dev/null +++ b/src/Specific/X25519/C64/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.X25519.C64.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_tight -> feBW_tight -> feBW_loose + | forall a b, phiBW_loose (sub a b) = F.sub (phiBW_tight a) (phiBW_tight b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/X25519/C64/fesubDisplay.log b/src/Specific/X25519/C64/fesubDisplay.log new file mode 100644 index 000000000..e85a042f8 --- /dev/null +++ b/src/Specific/X25519/C64/fesubDisplay.log @@ -0,0 +1,7 @@ +λ x x0 : word64 * word64 * word64 * word64 * word64, +Interp-η +(λ var : Syntax.base_type → Type, + λ '(x10, x11, x9, x7, x5, (x18, x19, x17, x15, x13))%core, + (((0xffffffffffffe + x10) - x18), ((0xffffffffffffe + x11) - x19), ((0xffffffffffffe + x9) - x17), ((0xffffffffffffe + x7) - x15), ((0xfffffffffffda + x5) - x13))) +(x, x0)%core + : word64 * word64 * word64 * word64 * word64 → word64 * word64 * word64 * word64 * word64 → ReturnType (uint64_t * uint64_t * uint64_t * uint64_t * uint64_t) diff --git a/src/Specific/X25519/C64/fesubDisplay.v b/src/Specific/X25519/C64/fesubDisplay.v new file mode 100644 index 000000000..2bbf2f589 --- /dev/null +++ b/src/Specific/X25519/C64/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.X25519.C64.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/X25519/C64/freeze.v b/src/Specific/X25519/C64/freeze.v index 2c7fe8b85..0e66bdb73 100644 --- a/src/Specific/X25519/C64/freeze.v +++ b/src/Specific/X25519/C64/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.X25519.C64.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/X25519/C64/ladderstep.v b/src/Specific/X25519/C64/ladderstep.v index fc62c9317..868f10a48 100644 --- a/src/Specific/X25519/C64/ladderstep.v +++ b/src/Specific/X25519/C64/ladderstep.v @@ -9,11 +9,11 @@ Definition xzladderstep : | forall x1 Q Q', let xz := xzladderstep x1 Q Q' in let eval := B.Positional.Fdecode wt in - feW_bounded x1 - -> feW_bounded (fst Q) /\ feW_bounded (snd Q) - -> feW_bounded (fst Q') /\ feW_bounded (snd Q') - -> ((feW_bounded (fst (fst xz)) /\ feW_bounded (snd (fst xz))) - /\ (feW_bounded (fst (snd xz)) /\ feW_bounded (snd (snd xz)))) + feW_tight_bounded x1 + -> feW_tight_bounded (fst Q) /\ feW_tight_bounded (snd Q) + -> feW_tight_bounded (fst Q') /\ feW_tight_bounded (snd Q') + -> ((feW_tight_bounded (fst (fst xz)) /\ feW_tight_bounded (snd (fst xz))) + /\ (feW_tight_bounded (fst (snd xz)) /\ feW_tight_bounded (snd (snd xz)))) /\ Tuple.map (n:=2) (Tuple.map (n:=2) phiW) xz = FMxzladderstep (m:=m) (eval (proj1_sig a24_sig)) (phiW x1) (Tuple.map (n:=2) phiW Q) (Tuple.map (n:=2) phiW Q') }. Proof. Set Ltac Profiling. diff --git a/src/Specific/X25519/C64/scalarmult.c b/src/Specific/X25519/C64/scalarmult.c index bde9a9b22..01f81d393 100644 --- a/src/Specific/X25519/C64/scalarmult.c +++ b/src/Specific/X25519/C64/scalarmult.c @@ -1,3 +1,5 @@ +/* WARNING: This file was copied from Specific/CurveParameters/X25519_C64/scalarmult.c. + If you edit it here, changes will be erased the next time remake_curves.sh is run. */ // The synthesized parts are from fiat-crypto, copyright MIT 2017. // The synthesis framework is released under the MIT license. // The non-synthesized parts are from curve25519-donna by Adam Langley (Google): @@ -41,7 +43,6 @@ typedef unsigned int uint128_t __attribute__((mode(TI))); typedef uint8_t u8; typedef uint64_t limb; typedef limb felem[5]; -//static void crecip(felem out, const felem z); static void force_inline fmul(felem output, const felem in2, const felem in) { @@ -201,7 +202,6 @@ swap_conditional(limb a[5], limb b[5], limb iswap) { } } - /* Calculates nQ where Q is the x-coordinate of a point on the curve * * resultx/resultz: the x coordinate of the resulting curve point (short form) @@ -223,7 +223,6 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) { u8 byte = n[31 - i]; for (j = 0; j < 8; ++j) { const limb bit = byte >> 7; - // printf("%01d ", bit); swap_conditional(nqx, nqpqx, bit); swap_conditional(nqz, nqpqz, bit); @@ -249,9 +248,6 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) { nqpqz2 = t; byte <<= 1; - - // { felem pr; crecip(pr, nqz); fmul(pr, pr, nqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf(" "); } - // { felem pr; crecip(pr, nqpqz); fmul(pr, pr, nqpqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf("\n"); } } } diff --git a/src/Specific/X2555/C128/CurveParameters.v b/src/Specific/X2555/C128/CurveParameters.v index 64f417301..52fc70a7f 100644 --- a/src/Specific/X2555/C128/CurveParameters.v +++ b/src/Specific/X2555/C128/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := Some (121665 (* XXX TODO(andreser) FIXME? Is this right for this curve? *)); coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some false; ladderstep := true; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/X2555/C128/ladderstep.v b/src/Specific/X2555/C128/ladderstep.v index 902b6c1b0..16984403b 100644 --- a/src/Specific/X2555/C128/ladderstep.v +++ b/src/Specific/X2555/C128/ladderstep.v @@ -9,11 +9,11 @@ Definition xzladderstep : | forall x1 Q Q', let xz := xzladderstep x1 Q Q' in let eval := B.Positional.Fdecode wt in - feW_bounded x1 - -> feW_bounded (fst Q) /\ feW_bounded (snd Q) - -> feW_bounded (fst Q') /\ feW_bounded (snd Q') - -> ((feW_bounded (fst (fst xz)) /\ feW_bounded (snd (fst xz))) - /\ (feW_bounded (fst (snd xz)) /\ feW_bounded (snd (snd xz)))) + feW_tight_bounded x1 + -> feW_tight_bounded (fst Q) /\ feW_tight_bounded (snd Q) + -> feW_tight_bounded (fst Q') /\ feW_tight_bounded (snd Q') + -> ((feW_tight_bounded (fst (fst xz)) /\ feW_tight_bounded (snd (fst xz))) + /\ (feW_tight_bounded (fst (snd xz)) /\ feW_tight_bounded (snd (snd xz)))) /\ Tuple.map (n:=2) (Tuple.map (n:=2) phiW) xz = FMxzladderstep (m:=m) (eval (proj1_sig a24_sig)) (phiW x1) (Tuple.map (n:=2) phiW Q) (Tuple.map (n:=2) phiW Q') }. Proof. Set Ltac Profiling. diff --git a/src/Specific/montgomery32_2e127m1/CurveParameters.v b/src/Specific/montgomery32_2e127m1/CurveParameters.v index a18f7b44c..44508f3a2 100644 --- a/src/Specific/montgomery32_2e127m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e127m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e129m25/CurveParameters.v b/src/Specific/montgomery32_2e129m25/CurveParameters.v index 132f2db7a..901f55520 100644 --- a/src/Specific/montgomery32_2e129m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e129m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e130m5/CurveParameters.v b/src/Specific/montgomery32_2e130m5/CurveParameters.v index bb1b5b6fc..5533804e8 100644 --- a/src/Specific/montgomery32_2e130m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e130m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e137m13/CurveParameters.v b/src/Specific/montgomery32_2e137m13/CurveParameters.v index 02964bfd8..d617a49ed 100644 --- a/src/Specific/montgomery32_2e137m13/CurveParameters.v +++ b/src/Specific/montgomery32_2e137m13/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e140m27/CurveParameters.v b/src/Specific/montgomery32_2e140m27/CurveParameters.v index 0de13430a..987d6de82 100644 --- a/src/Specific/montgomery32_2e140m27/CurveParameters.v +++ b/src/Specific/montgomery32_2e140m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e141m9/CurveParameters.v b/src/Specific/montgomery32_2e141m9/CurveParameters.v index d4457612b..7dc18363b 100644 --- a/src/Specific/montgomery32_2e141m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e141m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e150m3/CurveParameters.v b/src/Specific/montgomery32_2e150m3/CurveParameters.v index 45b15093a..cd35d2b26 100644 --- a/src/Specific/montgomery32_2e150m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e150m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e150m5/CurveParameters.v b/src/Specific/montgomery32_2e150m5/CurveParameters.v index f27db4088..eef36a4c5 100644 --- a/src/Specific/montgomery32_2e150m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e150m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e152m17/CurveParameters.v b/src/Specific/montgomery32_2e152m17/CurveParameters.v index e42be2747..5101eb3b7 100644 --- a/src/Specific/montgomery32_2e152m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e152m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e158m15/CurveParameters.v b/src/Specific/montgomery32_2e158m15/CurveParameters.v index e372b0899..1df08ae58 100644 --- a/src/Specific/montgomery32_2e158m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e158m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e165m25/CurveParameters.v b/src/Specific/montgomery32_2e165m25/CurveParameters.v index 71b1f6175..5ae8ac893 100644 --- a/src/Specific/montgomery32_2e165m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e165m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e166m5/CurveParameters.v b/src/Specific/montgomery32_2e166m5/CurveParameters.v index 4832a8ad0..a3ec5f4db 100644 --- a/src/Specific/montgomery32_2e166m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e166m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e171m19/CurveParameters.v b/src/Specific/montgomery32_2e171m19/CurveParameters.v index 730841e33..9d477e915 100644 --- a/src/Specific/montgomery32_2e171m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e171m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e174m17/CurveParameters.v b/src/Specific/montgomery32_2e174m17/CurveParameters.v index a3cd5c225..107db915b 100644 --- a/src/Specific/montgomery32_2e174m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e174m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e174m3/CurveParameters.v b/src/Specific/montgomery32_2e174m3/CurveParameters.v index 0b7ef2bfc..125c648ad 100644 --- a/src/Specific/montgomery32_2e174m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e174m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e189m25/CurveParameters.v b/src/Specific/montgomery32_2e189m25/CurveParameters.v index 209691779..4ea8fbb44 100644 --- a/src/Specific/montgomery32_2e189m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e189m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e190m11/CurveParameters.v b/src/Specific/montgomery32_2e190m11/CurveParameters.v index 75e8fbc6f..7ea0a144f 100644 --- a/src/Specific/montgomery32_2e190m11/CurveParameters.v +++ b/src/Specific/montgomery32_2e190m11/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e191m19/CurveParameters.v b/src/Specific/montgomery32_2e191m19/CurveParameters.v index b39cea4b8..5e64355a0 100644 --- a/src/Specific/montgomery32_2e191m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e191m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e192m2e64m1/CurveParameters.v b/src/Specific/montgomery32_2e192m2e64m1/CurveParameters.v index f48609a7e..22f865980 100644 --- a/src/Specific/montgomery32_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e192m2e64m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e194m33/CurveParameters.v b/src/Specific/montgomery32_2e194m33/CurveParameters.v index e670dcafb..e3186171e 100644 --- a/src/Specific/montgomery32_2e194m33/CurveParameters.v +++ b/src/Specific/montgomery32_2e194m33/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e196m15/CurveParameters.v b/src/Specific/montgomery32_2e196m15/CurveParameters.v index 1caf47a7f..43429db37 100644 --- a/src/Specific/montgomery32_2e196m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e196m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e198m17/CurveParameters.v b/src/Specific/montgomery32_2e198m17/CurveParameters.v index d9e74a86b..dda6ddbbd 100644 --- a/src/Specific/montgomery32_2e198m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e198m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v b/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v index cec93c2b5..13457af69 100644 --- a/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e206m5/CurveParameters.v b/src/Specific/montgomery32_2e206m5/CurveParameters.v index d26dc00d2..40cbcef4a 100644 --- a/src/Specific/montgomery32_2e206m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e206m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e212m29/CurveParameters.v b/src/Specific/montgomery32_2e212m29/CurveParameters.v index 43924ce39..756a7e8a0 100644 --- a/src/Specific/montgomery32_2e212m29/CurveParameters.v +++ b/src/Specific/montgomery32_2e212m29/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e213m3/CurveParameters.v b/src/Specific/montgomery32_2e213m3/CurveParameters.v index 6773c233a..5d0407398 100644 --- a/src/Specific/montgomery32_2e213m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e213m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v b/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v index 9a3134ff1..51f408fc9 100644 --- a/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e221m3/CurveParameters.v b/src/Specific/montgomery32_2e221m3/CurveParameters.v index 8daf061c4..3e72c5d78 100644 --- a/src/Specific/montgomery32_2e221m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e221m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e222m117/CurveParameters.v b/src/Specific/montgomery32_2e222m117/CurveParameters.v index ad05ba9b4..005371b70 100644 --- a/src/Specific/montgomery32_2e222m117/CurveParameters.v +++ b/src/Specific/montgomery32_2e222m117/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e224m2e96p1/CurveParameters.v b/src/Specific/montgomery32_2e224m2e96p1/CurveParameters.v index 6238375dc..b2cab7606 100644 --- a/src/Specific/montgomery32_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/montgomery32_2e224m2e96p1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e226m5/CurveParameters.v b/src/Specific/montgomery32_2e226m5/CurveParameters.v index 005ee3ce8..43ae803f3 100644 --- a/src/Specific/montgomery32_2e226m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e226m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e230m27/CurveParameters.v b/src/Specific/montgomery32_2e230m27/CurveParameters.v index 25f6d4ea4..d89b2ff97 100644 --- a/src/Specific/montgomery32_2e230m27/CurveParameters.v +++ b/src/Specific/montgomery32_2e230m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e235m15/CurveParameters.v b/src/Specific/montgomery32_2e235m15/CurveParameters.v index 24a1fb142..3bf3a9e8c 100644 --- a/src/Specific/montgomery32_2e235m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e235m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e243m9/CurveParameters.v b/src/Specific/montgomery32_2e243m9/CurveParameters.v index 83fcdc0a0..4ebad3775 100644 --- a/src/Specific/montgomery32_2e243m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e243m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e251m9/CurveParameters.v b/src/Specific/montgomery32_2e251m9/CurveParameters.v index fdbd817d9..37968f690 100644 --- a/src/Specific/montgomery32_2e251m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e251m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v b/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v index 63f89f1ef..996c182d8 100644 --- a/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e255m19/CurveParameters.v b/src/Specific/montgomery32_2e255m19/CurveParameters.v index 3a37221c6..81e71dc88 100644 --- a/src/Specific/montgomery32_2e255m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v index 2f1fb7747..5d67b538e 100644 --- a/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e255m765/CurveParameters.v b/src/Specific/montgomery32_2e255m765/CurveParameters.v index 12a2771d0..4949a8177 100644 --- a/src/Specific/montgomery32_2e255m765/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m765/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e256m189/CurveParameters.v b/src/Specific/montgomery32_2e256m189/CurveParameters.v index 79c3e21b7..0c083a960 100644 --- a/src/Specific/montgomery32_2e256m189/CurveParameters.v +++ b/src/Specific/montgomery32_2e256m189/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/montgomery32_2e256m2e224p2e192p2e96m1/CurveParameters.v index 7cf06376a..ebc8e100e 100644 --- a/src/Specific/montgomery32_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e256m2e32m977/CurveParameters.v b/src/Specific/montgomery32_2e256m2e32m977/CurveParameters.v index d826609e0..44af92a64 100644 --- a/src/Specific/montgomery32_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/montgomery32_2e256m2e32m977/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v b/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v index 3ff621bed..cdd462cc8 100644 --- a/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e266m3/CurveParameters.v b/src/Specific/montgomery32_2e266m3/CurveParameters.v index 5566ec919..5ebc3275c 100644 --- a/src/Specific/montgomery32_2e266m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e266m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e285m9/CurveParameters.v b/src/Specific/montgomery32_2e285m9/CurveParameters.v index af68663ab..9f4a1e1f2 100644 --- a/src/Specific/montgomery32_2e285m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e285m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e291m19/CurveParameters.v b/src/Specific/montgomery32_2e291m19/CurveParameters.v index 9653dab06..51e62d28b 100644 --- a/src/Specific/montgomery32_2e291m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e291m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e321m9/CurveParameters.v b/src/Specific/montgomery32_2e321m9/CurveParameters.v index 1a2b97615..770bdfef8 100644 --- a/src/Specific/montgomery32_2e321m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e321m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v b/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v index 1b9048b6b..6b6b8cb29 100644 --- a/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e336m17/CurveParameters.v b/src/Specific/montgomery32_2e336m17/CurveParameters.v index f44f08bad..7861a8c37 100644 --- a/src/Specific/montgomery32_2e336m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e336m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e336m3/CurveParameters.v b/src/Specific/montgomery32_2e336m3/CurveParameters.v index d88bc6498..bdb087598 100644 --- a/src/Specific/montgomery32_2e336m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e336m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e338m15/CurveParameters.v b/src/Specific/montgomery32_2e338m15/CurveParameters.v index 636cb9d87..dd1fc6389 100644 --- a/src/Specific/montgomery32_2e338m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e338m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e369m25/CurveParameters.v b/src/Specific/montgomery32_2e369m25/CurveParameters.v index e5ac17201..70aa368fe 100644 --- a/src/Specific/montgomery32_2e369m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e369m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e379m19/CurveParameters.v b/src/Specific/montgomery32_2e379m19/CurveParameters.v index 702db37ec..3d8ebe7ab 100644 --- a/src/Specific/montgomery32_2e379m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e379m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e382m105/CurveParameters.v b/src/Specific/montgomery32_2e382m105/CurveParameters.v index b9beb47ff..6c59d1e8f 100644 --- a/src/Specific/montgomery32_2e382m105/CurveParameters.v +++ b/src/Specific/montgomery32_2e382m105/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e383m187/CurveParameters.v b/src/Specific/montgomery32_2e383m187/CurveParameters.v index 768316434..3f800a4dc 100644 --- a/src/Specific/montgomery32_2e383m187/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e383m31/CurveParameters.v b/src/Specific/montgomery32_2e383m31/CurveParameters.v index 47f3a67d1..80d62d2ef 100644 --- a/src/Specific/montgomery32_2e383m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e383m421/CurveParameters.v b/src/Specific/montgomery32_2e383m421/CurveParameters.v index 0b9a894f2..6416e0b7d 100644 --- a/src/Specific/montgomery32_2e383m421/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m421/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/montgomery32_2e384m2e128m2e96p2e32m1/CurveParameters.v index 89d38a98f..8d6ba3d5b 100644 --- a/src/Specific/montgomery32_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e384m317/CurveParameters.v b/src/Specific/montgomery32_2e384m317/CurveParameters.v index 4beeb8753..d85590b0a 100644 --- a/src/Specific/montgomery32_2e384m317/CurveParameters.v +++ b/src/Specific/montgomery32_2e384m317/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v b/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v index 8981c3bbd..360b956c8 100644 --- a/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v b/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v index 9a2b8ffad..c8c22c351 100644 --- a/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e389m21/CurveParameters.v b/src/Specific/montgomery32_2e389m21/CurveParameters.v index 37f39bb19..48e1266e1 100644 --- a/src/Specific/montgomery32_2e389m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e389m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e401m31/CurveParameters.v b/src/Specific/montgomery32_2e401m31/CurveParameters.v index 60171fee4..4912cb0ca 100644 --- a/src/Specific/montgomery32_2e401m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e401m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e413m21/CurveParameters.v b/src/Specific/montgomery32_2e413m21/CurveParameters.v index 6b70a0c87..e730df107 100644 --- a/src/Specific/montgomery32_2e413m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e413m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e414m17/CurveParameters.v b/src/Specific/montgomery32_2e414m17/CurveParameters.v index e8418cdcb..46f7ec5fb 100644 --- a/src/Specific/montgomery32_2e414m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e414m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e416m2e208m1/CurveParameters.v b/src/Specific/montgomery32_2e416m2e208m1/CurveParameters.v index e1da3d0af..0a5932aab 100644 --- a/src/Specific/montgomery32_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e416m2e208m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e444m17/CurveParameters.v b/src/Specific/montgomery32_2e444m17/CurveParameters.v index 598523746..b52d70bf8 100644 --- a/src/Specific/montgomery32_2e444m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e444m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e448m2e224m1/CurveParameters.v b/src/Specific/montgomery32_2e448m2e224m1/CurveParameters.v index 59b7e0823..eec717b4b 100644 --- a/src/Specific/montgomery32_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e448m2e224m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v b/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v index bed776a41..cf698ea7c 100644 --- a/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e452m3/CurveParameters.v b/src/Specific/montgomery32_2e452m3/CurveParameters.v index 0fed4d815..7a3659893 100644 --- a/src/Specific/montgomery32_2e452m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e452m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e468m17/CurveParameters.v b/src/Specific/montgomery32_2e468m17/CurveParameters.v index b31ff6195..6fee6b869 100644 --- a/src/Specific/montgomery32_2e468m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e468m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e480m2e240m1/CurveParameters.v b/src/Specific/montgomery32_2e480m2e240m1/CurveParameters.v index 57a970ca5..5fed3be10 100644 --- a/src/Specific/montgomery32_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e480m2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e488m17/CurveParameters.v b/src/Specific/montgomery32_2e488m17/CurveParameters.v index 2cc114281..37d6e3161 100644 --- a/src/Specific/montgomery32_2e488m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e488m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e489m21/CurveParameters.v b/src/Specific/montgomery32_2e489m21/CurveParameters.v index 4c35b9391..4537a31e4 100644 --- a/src/Specific/montgomery32_2e489m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e489m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e495m31/CurveParameters.v b/src/Specific/montgomery32_2e495m31/CurveParameters.v index 3bb196915..535bec5ff 100644 --- a/src/Specific/montgomery32_2e495m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e495m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v b/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v index 4783129b8..76315ccf3 100644 --- a/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e511m187/CurveParameters.v b/src/Specific/montgomery32_2e511m187/CurveParameters.v index 6b6002f44..8b8319dce 100644 --- a/src/Specific/montgomery32_2e511m187/CurveParameters.v +++ b/src/Specific/montgomery32_2e511m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e511m481/CurveParameters.v b/src/Specific/montgomery32_2e511m481/CurveParameters.v index 04b7ebb35..b042acef5 100644 --- a/src/Specific/montgomery32_2e511m481/CurveParameters.v +++ b/src/Specific/montgomery32_2e511m481/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v b/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v index 44537ead5..3a70a2371 100644 --- a/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e512m569/CurveParameters.v b/src/Specific/montgomery32_2e512m569/CurveParameters.v index c902ca91e..7dd0ecf4f 100644 --- a/src/Specific/montgomery32_2e512m569/CurveParameters.v +++ b/src/Specific/montgomery32_2e512m569/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery32_2e521m1/CurveParameters.v b/src/Specific/montgomery32_2e521m1/CurveParameters.v index a1b448bb2..2e96dd546 100644 --- a/src/Specific/montgomery32_2e521m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e521m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e127m1/CurveParameters.v b/src/Specific/montgomery64_2e127m1/CurveParameters.v index e12032ca8..21800268b 100644 --- a/src/Specific/montgomery64_2e127m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e127m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e129m25/CurveParameters.v b/src/Specific/montgomery64_2e129m25/CurveParameters.v index 906d437e1..f29d3a47f 100644 --- a/src/Specific/montgomery64_2e129m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e129m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e130m5/CurveParameters.v b/src/Specific/montgomery64_2e130m5/CurveParameters.v index d7cbd7299..9cd4907c8 100644 --- a/src/Specific/montgomery64_2e130m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e130m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e137m13/CurveParameters.v b/src/Specific/montgomery64_2e137m13/CurveParameters.v index 9398517f3..587b5b617 100644 --- a/src/Specific/montgomery64_2e137m13/CurveParameters.v +++ b/src/Specific/montgomery64_2e137m13/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e140m27/CurveParameters.v b/src/Specific/montgomery64_2e140m27/CurveParameters.v index e16dde9e7..8059e3cea 100644 --- a/src/Specific/montgomery64_2e140m27/CurveParameters.v +++ b/src/Specific/montgomery64_2e140m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e141m9/CurveParameters.v b/src/Specific/montgomery64_2e141m9/CurveParameters.v index 4a79c21b6..432d9c85c 100644 --- a/src/Specific/montgomery64_2e141m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e141m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e150m3/CurveParameters.v b/src/Specific/montgomery64_2e150m3/CurveParameters.v index 36d1ea013..23dd867c2 100644 --- a/src/Specific/montgomery64_2e150m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e150m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e150m5/CurveParameters.v b/src/Specific/montgomery64_2e150m5/CurveParameters.v index e1df1e498..77e360ad5 100644 --- a/src/Specific/montgomery64_2e150m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e150m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e152m17/CurveParameters.v b/src/Specific/montgomery64_2e152m17/CurveParameters.v index 87333d0b1..8279ff761 100644 --- a/src/Specific/montgomery64_2e152m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e152m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e158m15/CurveParameters.v b/src/Specific/montgomery64_2e158m15/CurveParameters.v index 3663c1307..a26b25caa 100644 --- a/src/Specific/montgomery64_2e158m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e158m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e165m25/CurveParameters.v b/src/Specific/montgomery64_2e165m25/CurveParameters.v index 01e4e1bfc..fc3cd2eb7 100644 --- a/src/Specific/montgomery64_2e165m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e165m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e166m5/CurveParameters.v b/src/Specific/montgomery64_2e166m5/CurveParameters.v index ef76351e9..14b88460a 100644 --- a/src/Specific/montgomery64_2e166m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e166m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e171m19/CurveParameters.v b/src/Specific/montgomery64_2e171m19/CurveParameters.v index 098050f19..ba69d191a 100644 --- a/src/Specific/montgomery64_2e171m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e171m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e174m17/CurveParameters.v b/src/Specific/montgomery64_2e174m17/CurveParameters.v index 704dd3404..37a0fef2a 100644 --- a/src/Specific/montgomery64_2e174m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e174m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e174m3/CurveParameters.v b/src/Specific/montgomery64_2e174m3/CurveParameters.v index 2047781e7..5ca7e71d0 100644 --- a/src/Specific/montgomery64_2e174m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e174m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e189m25/CurveParameters.v b/src/Specific/montgomery64_2e189m25/CurveParameters.v index 4baeba7d6..4d140e788 100644 --- a/src/Specific/montgomery64_2e189m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e189m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e190m11/CurveParameters.v b/src/Specific/montgomery64_2e190m11/CurveParameters.v index 099cf83b5..72be2d66e 100644 --- a/src/Specific/montgomery64_2e190m11/CurveParameters.v +++ b/src/Specific/montgomery64_2e190m11/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e191m19/CurveParameters.v b/src/Specific/montgomery64_2e191m19/CurveParameters.v index a392d3666..d0acf117b 100644 --- a/src/Specific/montgomery64_2e191m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e191m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e192m2e64m1/CurveParameters.v b/src/Specific/montgomery64_2e192m2e64m1/CurveParameters.v index de423f874..c0e328181 100644 --- a/src/Specific/montgomery64_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e192m2e64m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e194m33/CurveParameters.v b/src/Specific/montgomery64_2e194m33/CurveParameters.v index 0df810dd4..7269d8689 100644 --- a/src/Specific/montgomery64_2e194m33/CurveParameters.v +++ b/src/Specific/montgomery64_2e194m33/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e196m15/CurveParameters.v b/src/Specific/montgomery64_2e196m15/CurveParameters.v index bc75acd35..edd16e09e 100644 --- a/src/Specific/montgomery64_2e196m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e196m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e198m17/CurveParameters.v b/src/Specific/montgomery64_2e198m17/CurveParameters.v index 22bedeae7..ec3e96771 100644 --- a/src/Specific/montgomery64_2e198m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e198m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v b/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v index eaf9bacef..459a50f6d 100644 --- a/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e206m5/CurveParameters.v b/src/Specific/montgomery64_2e206m5/CurveParameters.v index c01b5159c..cfbc549d6 100644 --- a/src/Specific/montgomery64_2e206m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e206m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e212m29/CurveParameters.v b/src/Specific/montgomery64_2e212m29/CurveParameters.v index 82ecb2cac..65d3893f3 100644 --- a/src/Specific/montgomery64_2e212m29/CurveParameters.v +++ b/src/Specific/montgomery64_2e212m29/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e213m3/CurveParameters.v b/src/Specific/montgomery64_2e213m3/CurveParameters.v index eea6a98e9..b94c40f3c 100644 --- a/src/Specific/montgomery64_2e213m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e213m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v b/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v index ad65bf641..6c28b53ab 100644 --- a/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e221m3/CurveParameters.v b/src/Specific/montgomery64_2e221m3/CurveParameters.v index dd3641894..d56417476 100644 --- a/src/Specific/montgomery64_2e221m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e221m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e222m117/CurveParameters.v b/src/Specific/montgomery64_2e222m117/CurveParameters.v index 0908c0538..32a0d0ae4 100644 --- a/src/Specific/montgomery64_2e222m117/CurveParameters.v +++ b/src/Specific/montgomery64_2e222m117/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v b/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v index f50803b6c..61388e398 100644 --- a/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e226m5/CurveParameters.v b/src/Specific/montgomery64_2e226m5/CurveParameters.v index 8e6f2f14a..dc9f2e818 100644 --- a/src/Specific/montgomery64_2e226m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e226m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e230m27/CurveParameters.v b/src/Specific/montgomery64_2e230m27/CurveParameters.v index 3c8cc625d..4451ac5f5 100644 --- a/src/Specific/montgomery64_2e230m27/CurveParameters.v +++ b/src/Specific/montgomery64_2e230m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e235m15/CurveParameters.v b/src/Specific/montgomery64_2e235m15/CurveParameters.v index eaaa8b035..4d8baaad6 100644 --- a/src/Specific/montgomery64_2e235m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e235m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e243m9/CurveParameters.v b/src/Specific/montgomery64_2e243m9/CurveParameters.v index 5263e92f0..b4980469f 100644 --- a/src/Specific/montgomery64_2e243m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e243m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e251m9/CurveParameters.v b/src/Specific/montgomery64_2e251m9/CurveParameters.v index ec93b30df..30e0510f6 100644 --- a/src/Specific/montgomery64_2e251m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e251m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v index ed6402185..0b8b1b3d8 100644 --- a/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e255m19/CurveParameters.v b/src/Specific/montgomery64_2e255m19/CurveParameters.v index 044281f0d..29361fdc8 100644 --- a/src/Specific/montgomery64_2e255m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v index 3ba5f7580..7d97f2d40 100644 --- a/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e255m765/CurveParameters.v b/src/Specific/montgomery64_2e255m765/CurveParameters.v index 6552abdb7..93fa1e31c 100644 --- a/src/Specific/montgomery64_2e255m765/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m765/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e256m189/CurveParameters.v b/src/Specific/montgomery64_2e256m189/CurveParameters.v index 980954c62..f9c59d753 100644 --- a/src/Specific/montgomery64_2e256m189/CurveParameters.v +++ b/src/Specific/montgomery64_2e256m189/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/montgomery64_2e256m2e224p2e192p2e96m1/CurveParameters.v index 4e4fdc214..e7914227f 100644 --- a/src/Specific/montgomery64_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e256m2e32m977/CurveParameters.v b/src/Specific/montgomery64_2e256m2e32m977/CurveParameters.v index 8396af6ce..16767e7e0 100644 --- a/src/Specific/montgomery64_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/montgomery64_2e256m2e32m977/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v index 7a09e69f8..7a8872bfb 100644 --- a/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e266m3/CurveParameters.v b/src/Specific/montgomery64_2e266m3/CurveParameters.v index 06ffcf615..64000bd7a 100644 --- a/src/Specific/montgomery64_2e266m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e266m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e285m9/CurveParameters.v b/src/Specific/montgomery64_2e285m9/CurveParameters.v index 492c137a9..c4063ee2f 100644 --- a/src/Specific/montgomery64_2e285m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e285m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e291m19/CurveParameters.v b/src/Specific/montgomery64_2e291m19/CurveParameters.v index 9ce986f59..5cab89ec4 100644 --- a/src/Specific/montgomery64_2e291m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e291m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e321m9/CurveParameters.v b/src/Specific/montgomery64_2e321m9/CurveParameters.v index 2f15da1cb..e28b0caf9 100644 --- a/src/Specific/montgomery64_2e321m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e321m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v b/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v index 1ab83fac8..3a639c9e4 100644 --- a/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e336m17/CurveParameters.v b/src/Specific/montgomery64_2e336m17/CurveParameters.v index a29b017fb..1210bd46d 100644 --- a/src/Specific/montgomery64_2e336m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e336m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e336m3/CurveParameters.v b/src/Specific/montgomery64_2e336m3/CurveParameters.v index 63e9f7d39..ef476746f 100644 --- a/src/Specific/montgomery64_2e336m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e336m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e338m15/CurveParameters.v b/src/Specific/montgomery64_2e338m15/CurveParameters.v index 275f5e621..0912f474d 100644 --- a/src/Specific/montgomery64_2e338m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e338m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e369m25/CurveParameters.v b/src/Specific/montgomery64_2e369m25/CurveParameters.v index bc4481660..6478b3708 100644 --- a/src/Specific/montgomery64_2e369m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e369m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e379m19/CurveParameters.v b/src/Specific/montgomery64_2e379m19/CurveParameters.v index 8c3a49218..5c8f456da 100644 --- a/src/Specific/montgomery64_2e379m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e379m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e382m105/CurveParameters.v b/src/Specific/montgomery64_2e382m105/CurveParameters.v index aec721598..436d88ff7 100644 --- a/src/Specific/montgomery64_2e382m105/CurveParameters.v +++ b/src/Specific/montgomery64_2e382m105/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e383m187/CurveParameters.v b/src/Specific/montgomery64_2e383m187/CurveParameters.v index b7b6e4c51..36c4d99c1 100644 --- a/src/Specific/montgomery64_2e383m187/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e383m31/CurveParameters.v b/src/Specific/montgomery64_2e383m31/CurveParameters.v index 31915404c..1ee40b3d6 100644 --- a/src/Specific/montgomery64_2e383m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e383m421/CurveParameters.v b/src/Specific/montgomery64_2e383m421/CurveParameters.v index 713efbca1..fae00b805 100644 --- a/src/Specific/montgomery64_2e383m421/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m421/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/montgomery64_2e384m2e128m2e96p2e32m1/CurveParameters.v index 6b241a7b1..96df20413 100644 --- a/src/Specific/montgomery64_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e384m317/CurveParameters.v b/src/Specific/montgomery64_2e384m317/CurveParameters.v index 54929858a..5eb7c760f 100644 --- a/src/Specific/montgomery64_2e384m317/CurveParameters.v +++ b/src/Specific/montgomery64_2e384m317/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v b/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v index 63b62b920..7d246de33 100644 --- a/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v b/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v index 42e085b57..52bfaf504 100644 --- a/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e389m21/CurveParameters.v b/src/Specific/montgomery64_2e389m21/CurveParameters.v index 7a85e4fee..acac04ddd 100644 --- a/src/Specific/montgomery64_2e389m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e389m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e401m31/CurveParameters.v b/src/Specific/montgomery64_2e401m31/CurveParameters.v index 2142a2c13..00acfe820 100644 --- a/src/Specific/montgomery64_2e401m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e401m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e413m21/CurveParameters.v b/src/Specific/montgomery64_2e413m21/CurveParameters.v index 87f267d45..33b627edd 100644 --- a/src/Specific/montgomery64_2e413m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e413m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e414m17/CurveParameters.v b/src/Specific/montgomery64_2e414m17/CurveParameters.v index 0cf482537..60512c1f1 100644 --- a/src/Specific/montgomery64_2e414m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e414m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v b/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v index 56ec11668..aac9ae3c3 100644 --- a/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e444m17/CurveParameters.v b/src/Specific/montgomery64_2e444m17/CurveParameters.v index 8b312a057..369f6d89b 100644 --- a/src/Specific/montgomery64_2e444m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e444m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e448m2e224m1/CurveParameters.v b/src/Specific/montgomery64_2e448m2e224m1/CurveParameters.v index f77006835..a3ae92a04 100644 --- a/src/Specific/montgomery64_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e448m2e224m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v b/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v index 15b5be828..2011f85a2 100644 --- a/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e452m3/CurveParameters.v b/src/Specific/montgomery64_2e452m3/CurveParameters.v index 8f061fba1..6d66fd5a0 100644 --- a/src/Specific/montgomery64_2e452m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e452m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e468m17/CurveParameters.v b/src/Specific/montgomery64_2e468m17/CurveParameters.v index fbbb01f73..df2734355 100644 --- a/src/Specific/montgomery64_2e468m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e468m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v index 7de92fd3f..21d2b2c8f 100644 --- a/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some true; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e488m17/CurveParameters.v b/src/Specific/montgomery64_2e488m17/CurveParameters.v index e2301ecf2..88fe34402 100644 --- a/src/Specific/montgomery64_2e488m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e488m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e489m21/CurveParameters.v b/src/Specific/montgomery64_2e489m21/CurveParameters.v index d2dd51fd3..8a183cfe6 100644 --- a/src/Specific/montgomery64_2e489m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e489m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e495m31/CurveParameters.v b/src/Specific/montgomery64_2e495m31/CurveParameters.v index f4febfce8..23089a738 100644 --- a/src/Specific/montgomery64_2e495m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e495m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v b/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v index 2e8242b6f..70ce77a74 100644 --- a/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e511m187/CurveParameters.v b/src/Specific/montgomery64_2e511m187/CurveParameters.v index c9417f912..69af68680 100644 --- a/src/Specific/montgomery64_2e511m187/CurveParameters.v +++ b/src/Specific/montgomery64_2e511m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e511m481/CurveParameters.v b/src/Specific/montgomery64_2e511m481/CurveParameters.v index 7f08f2ed4..355738361 100644 --- a/src/Specific/montgomery64_2e511m481/CurveParameters.v +++ b/src/Specific/montgomery64_2e511m481/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v b/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v index a3cd637f5..26ea5eb0f 100644 --- a/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e512m569/CurveParameters.v b/src/Specific/montgomery64_2e512m569/CurveParameters.v index 7b68eb3fd..55400d77c 100644 --- a/src/Specific/montgomery64_2e512m569/CurveParameters.v +++ b/src/Specific/montgomery64_2e512m569/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/montgomery64_2e521m1/CurveParameters.v b/src/Specific/montgomery64_2e521m1/CurveParameters.v index 55d92788b..c6cff1a65 100644 --- a/src/Specific/montgomery64_2e521m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e521m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := None; - goldilocks := Some false; + goldilocks := None; montgomery := true; freeze := Some false; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e127m1/CurveParameters.v b/src/Specific/solinas32_2e127m1/CurveParameters.v index 151f8a988..c5371f1e4 100644 --- a/src/Specific/solinas32_2e127m1/CurveParameters.v +++ b/src/Specific/solinas32_2e127m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e127m1/femul.v b/src/Specific/solinas32_2e127m1/femul.v index 1c3a2c353..5cf7f193c 100644 --- a/src/Specific/solinas32_2e127m1/femul.v +++ b/src/Specific/solinas32_2e127m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e127m1/fesquare.v b/src/Specific/solinas32_2e127m1/fesquare.v index 7e43a2b03..9a5055463 100644 --- a/src/Specific/solinas32_2e127m1/fesquare.v +++ b/src/Specific/solinas32_2e127m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e127m1/freeze.v b/src/Specific/solinas32_2e127m1/freeze.v index 8bdb676ee..d3fc239e4 100644 --- a/src/Specific/solinas32_2e127m1/freeze.v +++ b/src/Specific/solinas32_2e127m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e129m25/CurveParameters.v b/src/Specific/solinas32_2e129m25/CurveParameters.v index b0ddf76e5..3830b60ac 100644 --- a/src/Specific/solinas32_2e129m25/CurveParameters.v +++ b/src/Specific/solinas32_2e129m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e129m25/femul.v b/src/Specific/solinas32_2e129m25/femul.v index 6816ecea0..07d1e45bb 100644 --- a/src/Specific/solinas32_2e129m25/femul.v +++ b/src/Specific/solinas32_2e129m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e129m25/fesquare.v b/src/Specific/solinas32_2e129m25/fesquare.v index 57dfc3787..3355af630 100644 --- a/src/Specific/solinas32_2e129m25/fesquare.v +++ b/src/Specific/solinas32_2e129m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e129m25/freeze.v b/src/Specific/solinas32_2e129m25/freeze.v index 50a151139..e981a13ef 100644 --- a/src/Specific/solinas32_2e129m25/freeze.v +++ b/src/Specific/solinas32_2e129m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e130m5/CurveParameters.v b/src/Specific/solinas32_2e130m5/CurveParameters.v index e9ca17da2..07c48c645 100644 --- a/src/Specific/solinas32_2e130m5/CurveParameters.v +++ b/src/Specific/solinas32_2e130m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e130m5/femul.v b/src/Specific/solinas32_2e130m5/femul.v index 9f234b301..eea1cd6c5 100644 --- a/src/Specific/solinas32_2e130m5/femul.v +++ b/src/Specific/solinas32_2e130m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e130m5/fesquare.v b/src/Specific/solinas32_2e130m5/fesquare.v index 90a4b378d..014f7cfdd 100644 --- a/src/Specific/solinas32_2e130m5/fesquare.v +++ b/src/Specific/solinas32_2e130m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e130m5/freeze.v b/src/Specific/solinas32_2e130m5/freeze.v index b5b6fdb96..793f28eb6 100644 --- a/src/Specific/solinas32_2e130m5/freeze.v +++ b/src/Specific/solinas32_2e130m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e137m13/CurveParameters.v b/src/Specific/solinas32_2e137m13/CurveParameters.v index b9a52de8a..e04bf7c43 100644 --- a/src/Specific/solinas32_2e137m13/CurveParameters.v +++ b/src/Specific/solinas32_2e137m13/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e137m13/femul.v b/src/Specific/solinas32_2e137m13/femul.v index 9f1d4486a..328dfd690 100644 --- a/src/Specific/solinas32_2e137m13/femul.v +++ b/src/Specific/solinas32_2e137m13/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e137m13/fesquare.v b/src/Specific/solinas32_2e137m13/fesquare.v index b04989155..dc0b06e9d 100644 --- a/src/Specific/solinas32_2e137m13/fesquare.v +++ b/src/Specific/solinas32_2e137m13/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e137m13/freeze.v b/src/Specific/solinas32_2e137m13/freeze.v index ff4372c81..c1dc0722c 100644 --- a/src/Specific/solinas32_2e137m13/freeze.v +++ b/src/Specific/solinas32_2e137m13/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e140m27/CurveParameters.v b/src/Specific/solinas32_2e140m27/CurveParameters.v index 233e21cfc..4b0a53147 100644 --- a/src/Specific/solinas32_2e140m27/CurveParameters.v +++ b/src/Specific/solinas32_2e140m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e140m27/femul.v b/src/Specific/solinas32_2e140m27/femul.v index 8aedd4b4c..5e74f3c0f 100644 --- a/src/Specific/solinas32_2e140m27/femul.v +++ b/src/Specific/solinas32_2e140m27/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e140m27/fesquare.v b/src/Specific/solinas32_2e140m27/fesquare.v index 4ad1bfc42..abe7415af 100644 --- a/src/Specific/solinas32_2e140m27/fesquare.v +++ b/src/Specific/solinas32_2e140m27/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e140m27/freeze.v b/src/Specific/solinas32_2e140m27/freeze.v index 448722b71..985ce6dec 100644 --- a/src/Specific/solinas32_2e140m27/freeze.v +++ b/src/Specific/solinas32_2e140m27/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e141m9/CurveParameters.v b/src/Specific/solinas32_2e141m9/CurveParameters.v index 670297aae..228ad1c88 100644 --- a/src/Specific/solinas32_2e141m9/CurveParameters.v +++ b/src/Specific/solinas32_2e141m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e141m9/femul.v b/src/Specific/solinas32_2e141m9/femul.v index b2f540aee..281ef19b6 100644 --- a/src/Specific/solinas32_2e141m9/femul.v +++ b/src/Specific/solinas32_2e141m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e141m9/fesquare.v b/src/Specific/solinas32_2e141m9/fesquare.v index dca3e27df..356556c06 100644 --- a/src/Specific/solinas32_2e141m9/fesquare.v +++ b/src/Specific/solinas32_2e141m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e141m9/freeze.v b/src/Specific/solinas32_2e141m9/freeze.v index 99baddf4d..74dd57ef7 100644 --- a/src/Specific/solinas32_2e141m9/freeze.v +++ b/src/Specific/solinas32_2e141m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e150m3/CurveParameters.v b/src/Specific/solinas32_2e150m3/CurveParameters.v index 930792557..315907b0d 100644 --- a/src/Specific/solinas32_2e150m3/CurveParameters.v +++ b/src/Specific/solinas32_2e150m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e150m3/femul.v b/src/Specific/solinas32_2e150m3/femul.v index de367af09..a708f52c5 100644 --- a/src/Specific/solinas32_2e150m3/femul.v +++ b/src/Specific/solinas32_2e150m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e150m3/fesquare.v b/src/Specific/solinas32_2e150m3/fesquare.v index 56f6137cf..80a368398 100644 --- a/src/Specific/solinas32_2e150m3/fesquare.v +++ b/src/Specific/solinas32_2e150m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e150m3/freeze.v b/src/Specific/solinas32_2e150m3/freeze.v index af714037e..42204f88f 100644 --- a/src/Specific/solinas32_2e150m3/freeze.v +++ b/src/Specific/solinas32_2e150m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e150m5/CurveParameters.v b/src/Specific/solinas32_2e150m5/CurveParameters.v index 25fbed04a..f1e2d4e21 100644 --- a/src/Specific/solinas32_2e150m5/CurveParameters.v +++ b/src/Specific/solinas32_2e150m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e150m5/femul.v b/src/Specific/solinas32_2e150m5/femul.v index 75b6a5e62..a154f9838 100644 --- a/src/Specific/solinas32_2e150m5/femul.v +++ b/src/Specific/solinas32_2e150m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e150m5/fesquare.v b/src/Specific/solinas32_2e150m5/fesquare.v index 537a22e85..39c657818 100644 --- a/src/Specific/solinas32_2e150m5/fesquare.v +++ b/src/Specific/solinas32_2e150m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e150m5/freeze.v b/src/Specific/solinas32_2e150m5/freeze.v index 2094f6a3f..029fa035d 100644 --- a/src/Specific/solinas32_2e150m5/freeze.v +++ b/src/Specific/solinas32_2e150m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e152m17/CurveParameters.v b/src/Specific/solinas32_2e152m17/CurveParameters.v index 5261155ff..f81199d0f 100644 --- a/src/Specific/solinas32_2e152m17/CurveParameters.v +++ b/src/Specific/solinas32_2e152m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e152m17/femul.v b/src/Specific/solinas32_2e152m17/femul.v index 0f700e6b4..93a749461 100644 --- a/src/Specific/solinas32_2e152m17/femul.v +++ b/src/Specific/solinas32_2e152m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e152m17/fesquare.v b/src/Specific/solinas32_2e152m17/fesquare.v index cd5640ef2..f613305a7 100644 --- a/src/Specific/solinas32_2e152m17/fesquare.v +++ b/src/Specific/solinas32_2e152m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e152m17/freeze.v b/src/Specific/solinas32_2e152m17/freeze.v index 319afc260..128b40dc1 100644 --- a/src/Specific/solinas32_2e152m17/freeze.v +++ b/src/Specific/solinas32_2e152m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e158m15/CurveParameters.v b/src/Specific/solinas32_2e158m15/CurveParameters.v index 1b1dbe086..fb34a0130 100644 --- a/src/Specific/solinas32_2e158m15/CurveParameters.v +++ b/src/Specific/solinas32_2e158m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e158m15/femul.v b/src/Specific/solinas32_2e158m15/femul.v index 5209984b7..9e8568fc1 100644 --- a/src/Specific/solinas32_2e158m15/femul.v +++ b/src/Specific/solinas32_2e158m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e158m15/fesquare.v b/src/Specific/solinas32_2e158m15/fesquare.v index 166ecb466..748affa4b 100644 --- a/src/Specific/solinas32_2e158m15/fesquare.v +++ b/src/Specific/solinas32_2e158m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e158m15/freeze.v b/src/Specific/solinas32_2e158m15/freeze.v index b2ad46606..afb6f33fb 100644 --- a/src/Specific/solinas32_2e158m15/freeze.v +++ b/src/Specific/solinas32_2e158m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e165m25/CurveParameters.v b/src/Specific/solinas32_2e165m25/CurveParameters.v index f72e2d812..493acbfc6 100644 --- a/src/Specific/solinas32_2e165m25/CurveParameters.v +++ b/src/Specific/solinas32_2e165m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e165m25/femul.v b/src/Specific/solinas32_2e165m25/femul.v index 1fdb1383f..ccc71a97a 100644 --- a/src/Specific/solinas32_2e165m25/femul.v +++ b/src/Specific/solinas32_2e165m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e165m25/fesquare.v b/src/Specific/solinas32_2e165m25/fesquare.v index 791671999..a28485221 100644 --- a/src/Specific/solinas32_2e165m25/fesquare.v +++ b/src/Specific/solinas32_2e165m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e165m25/freeze.v b/src/Specific/solinas32_2e165m25/freeze.v index 5cc04e858..eec008ff1 100644 --- a/src/Specific/solinas32_2e165m25/freeze.v +++ b/src/Specific/solinas32_2e165m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e166m5/CurveParameters.v b/src/Specific/solinas32_2e166m5/CurveParameters.v index 03310df53..584877a0d 100644 --- a/src/Specific/solinas32_2e166m5/CurveParameters.v +++ b/src/Specific/solinas32_2e166m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e166m5/femul.v b/src/Specific/solinas32_2e166m5/femul.v index 847c6182c..7eefdf9fc 100644 --- a/src/Specific/solinas32_2e166m5/femul.v +++ b/src/Specific/solinas32_2e166m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e166m5/fesquare.v b/src/Specific/solinas32_2e166m5/fesquare.v index 29dd982ca..3dac5973f 100644 --- a/src/Specific/solinas32_2e166m5/fesquare.v +++ b/src/Specific/solinas32_2e166m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e166m5/freeze.v b/src/Specific/solinas32_2e166m5/freeze.v index 2ac052e96..15ee0c69e 100644 --- a/src/Specific/solinas32_2e166m5/freeze.v +++ b/src/Specific/solinas32_2e166m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e171m19/CurveParameters.v b/src/Specific/solinas32_2e171m19/CurveParameters.v index dd9ca3cb3..b2027b474 100644 --- a/src/Specific/solinas32_2e171m19/CurveParameters.v +++ b/src/Specific/solinas32_2e171m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e171m19/femul.v b/src/Specific/solinas32_2e171m19/femul.v index 96915d4b3..df456ba56 100644 --- a/src/Specific/solinas32_2e171m19/femul.v +++ b/src/Specific/solinas32_2e171m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e171m19/fesquare.v b/src/Specific/solinas32_2e171m19/fesquare.v index 47f8a9c43..9a340792e 100644 --- a/src/Specific/solinas32_2e171m19/fesquare.v +++ b/src/Specific/solinas32_2e171m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e171m19/freeze.v b/src/Specific/solinas32_2e171m19/freeze.v index d25a40367..3916fc294 100644 --- a/src/Specific/solinas32_2e171m19/freeze.v +++ b/src/Specific/solinas32_2e171m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e174m17/CurveParameters.v b/src/Specific/solinas32_2e174m17/CurveParameters.v index fecf682e6..47f9092a1 100644 --- a/src/Specific/solinas32_2e174m17/CurveParameters.v +++ b/src/Specific/solinas32_2e174m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e174m17/femul.v b/src/Specific/solinas32_2e174m17/femul.v index 44f9e69e6..477c33fbd 100644 --- a/src/Specific/solinas32_2e174m17/femul.v +++ b/src/Specific/solinas32_2e174m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e174m17/fesquare.v b/src/Specific/solinas32_2e174m17/fesquare.v index 48edfcfa3..b5b782af8 100644 --- a/src/Specific/solinas32_2e174m17/fesquare.v +++ b/src/Specific/solinas32_2e174m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e174m17/freeze.v b/src/Specific/solinas32_2e174m17/freeze.v index 240dc4539..7299d3e78 100644 --- a/src/Specific/solinas32_2e174m17/freeze.v +++ b/src/Specific/solinas32_2e174m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e174m3/CurveParameters.v b/src/Specific/solinas32_2e174m3/CurveParameters.v index 7d8bd8874..901a78cfb 100644 --- a/src/Specific/solinas32_2e174m3/CurveParameters.v +++ b/src/Specific/solinas32_2e174m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e174m3/femul.v b/src/Specific/solinas32_2e174m3/femul.v index 99d288325..3db80edf4 100644 --- a/src/Specific/solinas32_2e174m3/femul.v +++ b/src/Specific/solinas32_2e174m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e174m3/fesquare.v b/src/Specific/solinas32_2e174m3/fesquare.v index ac1710922..dc58a2432 100644 --- a/src/Specific/solinas32_2e174m3/fesquare.v +++ b/src/Specific/solinas32_2e174m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e174m3/freeze.v b/src/Specific/solinas32_2e174m3/freeze.v index a9fe90195..92975e8b1 100644 --- a/src/Specific/solinas32_2e174m3/freeze.v +++ b/src/Specific/solinas32_2e174m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e189m25/CurveParameters.v b/src/Specific/solinas32_2e189m25/CurveParameters.v index aa13a9a2b..b1b1fe437 100644 --- a/src/Specific/solinas32_2e189m25/CurveParameters.v +++ b/src/Specific/solinas32_2e189m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e189m25/femul.v b/src/Specific/solinas32_2e189m25/femul.v index 25a2208fb..2aa850874 100644 --- a/src/Specific/solinas32_2e189m25/femul.v +++ b/src/Specific/solinas32_2e189m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e189m25/fesquare.v b/src/Specific/solinas32_2e189m25/fesquare.v index abb823776..6dc0219b5 100644 --- a/src/Specific/solinas32_2e189m25/fesquare.v +++ b/src/Specific/solinas32_2e189m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e189m25/freeze.v b/src/Specific/solinas32_2e189m25/freeze.v index 8a5eb3f18..cfef00a04 100644 --- a/src/Specific/solinas32_2e189m25/freeze.v +++ b/src/Specific/solinas32_2e189m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e190m11/CurveParameters.v b/src/Specific/solinas32_2e190m11/CurveParameters.v index 6172c7583..5b8cad554 100644 --- a/src/Specific/solinas32_2e190m11/CurveParameters.v +++ b/src/Specific/solinas32_2e190m11/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e190m11/femul.v b/src/Specific/solinas32_2e190m11/femul.v index 1aa0a42af..71c98ac4d 100644 --- a/src/Specific/solinas32_2e190m11/femul.v +++ b/src/Specific/solinas32_2e190m11/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e190m11/fesquare.v b/src/Specific/solinas32_2e190m11/fesquare.v index d382419ed..578c334c3 100644 --- a/src/Specific/solinas32_2e190m11/fesquare.v +++ b/src/Specific/solinas32_2e190m11/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e190m11/freeze.v b/src/Specific/solinas32_2e190m11/freeze.v index 89367c277..9e3e70fc8 100644 --- a/src/Specific/solinas32_2e190m11/freeze.v +++ b/src/Specific/solinas32_2e190m11/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e191m19/CurveParameters.v b/src/Specific/solinas32_2e191m19/CurveParameters.v index 02ca49807..fae39382e 100644 --- a/src/Specific/solinas32_2e191m19/CurveParameters.v +++ b/src/Specific/solinas32_2e191m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e191m19/femul.v b/src/Specific/solinas32_2e191m19/femul.v index be1e03c9f..338ec5ce2 100644 --- a/src/Specific/solinas32_2e191m19/femul.v +++ b/src/Specific/solinas32_2e191m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e191m19/fesquare.v b/src/Specific/solinas32_2e191m19/fesquare.v index 754574d47..86dd9f161 100644 --- a/src/Specific/solinas32_2e191m19/fesquare.v +++ b/src/Specific/solinas32_2e191m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e191m19/freeze.v b/src/Specific/solinas32_2e191m19/freeze.v index 2de3d71d4..67d4809b5 100644 --- a/src/Specific/solinas32_2e191m19/freeze.v +++ b/src/Specific/solinas32_2e191m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v b/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v index 401c1c82c..81f5d6eb9 100644 --- a/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e192m2e64m1/femul.v b/src/Specific/solinas32_2e192m2e64m1/femul.v index 539c86de9..e65e58094 100644 --- a/src/Specific/solinas32_2e192m2e64m1/femul.v +++ b/src/Specific/solinas32_2e192m2e64m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e192m2e64m1/fesquare.v b/src/Specific/solinas32_2e192m2e64m1/fesquare.v index a7dc0d2e3..645bfcb81 100644 --- a/src/Specific/solinas32_2e192m2e64m1/fesquare.v +++ b/src/Specific/solinas32_2e192m2e64m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e192m2e64m1/freeze.v b/src/Specific/solinas32_2e192m2e64m1/freeze.v index b17791f79..7132474ff 100644 --- a/src/Specific/solinas32_2e192m2e64m1/freeze.v +++ b/src/Specific/solinas32_2e192m2e64m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e194m33/CurveParameters.v b/src/Specific/solinas32_2e194m33/CurveParameters.v index 8ef536de8..648dae549 100644 --- a/src/Specific/solinas32_2e194m33/CurveParameters.v +++ b/src/Specific/solinas32_2e194m33/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e194m33/femul.v b/src/Specific/solinas32_2e194m33/femul.v index 1ac07a7d2..10cecae52 100644 --- a/src/Specific/solinas32_2e194m33/femul.v +++ b/src/Specific/solinas32_2e194m33/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e194m33/fesquare.v b/src/Specific/solinas32_2e194m33/fesquare.v index 7cacbccfd..689c82aee 100644 --- a/src/Specific/solinas32_2e194m33/fesquare.v +++ b/src/Specific/solinas32_2e194m33/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e194m33/freeze.v b/src/Specific/solinas32_2e194m33/freeze.v index ef8f164df..9aefcd8bd 100644 --- a/src/Specific/solinas32_2e194m33/freeze.v +++ b/src/Specific/solinas32_2e194m33/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e196m15/CurveParameters.v b/src/Specific/solinas32_2e196m15/CurveParameters.v index b8b5423e1..c571253e5 100644 --- a/src/Specific/solinas32_2e196m15/CurveParameters.v +++ b/src/Specific/solinas32_2e196m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e196m15/femul.v b/src/Specific/solinas32_2e196m15/femul.v index c1af9cac4..968d22081 100644 --- a/src/Specific/solinas32_2e196m15/femul.v +++ b/src/Specific/solinas32_2e196m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e196m15/fesquare.v b/src/Specific/solinas32_2e196m15/fesquare.v index 3ad6c829c..351ce5094 100644 --- a/src/Specific/solinas32_2e196m15/fesquare.v +++ b/src/Specific/solinas32_2e196m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e196m15/freeze.v b/src/Specific/solinas32_2e196m15/freeze.v index e7a4c73d3..676146078 100644 --- a/src/Specific/solinas32_2e196m15/freeze.v +++ b/src/Specific/solinas32_2e196m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e198m17/CurveParameters.v b/src/Specific/solinas32_2e198m17/CurveParameters.v index 5979812c7..d99687342 100644 --- a/src/Specific/solinas32_2e198m17/CurveParameters.v +++ b/src/Specific/solinas32_2e198m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e198m17/femul.v b/src/Specific/solinas32_2e198m17/femul.v index 455f568c9..39dfa377e 100644 --- a/src/Specific/solinas32_2e198m17/femul.v +++ b/src/Specific/solinas32_2e198m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e198m17/fesquare.v b/src/Specific/solinas32_2e198m17/fesquare.v index b2c171ee9..2ff426ae0 100644 --- a/src/Specific/solinas32_2e198m17/fesquare.v +++ b/src/Specific/solinas32_2e198m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e198m17/freeze.v b/src/Specific/solinas32_2e198m17/freeze.v index 60dc6ed42..9197499f0 100644 --- a/src/Specific/solinas32_2e198m17/freeze.v +++ b/src/Specific/solinas32_2e198m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v b/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v index 91ab8ca62..6efcefadb 100644 --- a/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v +++ b/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e205m45x2e198m1/femul.v b/src/Specific/solinas32_2e205m45x2e198m1/femul.v index ed2253070..88de6779a 100644 --- a/src/Specific/solinas32_2e205m45x2e198m1/femul.v +++ b/src/Specific/solinas32_2e205m45x2e198m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v b/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v index 026dc49ff..15a72f059 100644 --- a/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v +++ b/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e205m45x2e198m1/freeze.v b/src/Specific/solinas32_2e205m45x2e198m1/freeze.v index 0daf9a326..91afcc946 100644 --- a/src/Specific/solinas32_2e205m45x2e198m1/freeze.v +++ b/src/Specific/solinas32_2e205m45x2e198m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e206m5/CurveParameters.v b/src/Specific/solinas32_2e206m5/CurveParameters.v index bb46f26a0..9661f9597 100644 --- a/src/Specific/solinas32_2e206m5/CurveParameters.v +++ b/src/Specific/solinas32_2e206m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e206m5/femul.v b/src/Specific/solinas32_2e206m5/femul.v index 6a5b88e0e..e6e01d571 100644 --- a/src/Specific/solinas32_2e206m5/femul.v +++ b/src/Specific/solinas32_2e206m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e206m5/fesquare.v b/src/Specific/solinas32_2e206m5/fesquare.v index d727a9a41..d6a440352 100644 --- a/src/Specific/solinas32_2e206m5/fesquare.v +++ b/src/Specific/solinas32_2e206m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e206m5/freeze.v b/src/Specific/solinas32_2e206m5/freeze.v index 19183b243..d093193db 100644 --- a/src/Specific/solinas32_2e206m5/freeze.v +++ b/src/Specific/solinas32_2e206m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e212m29/CurveParameters.v b/src/Specific/solinas32_2e212m29/CurveParameters.v index 33d7ebb4a..89447d3aa 100644 --- a/src/Specific/solinas32_2e212m29/CurveParameters.v +++ b/src/Specific/solinas32_2e212m29/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e212m29/femul.v b/src/Specific/solinas32_2e212m29/femul.v index 87d30c46a..71b98540f 100644 --- a/src/Specific/solinas32_2e212m29/femul.v +++ b/src/Specific/solinas32_2e212m29/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e212m29/fesquare.v b/src/Specific/solinas32_2e212m29/fesquare.v index d02288c52..77d8a1267 100644 --- a/src/Specific/solinas32_2e212m29/fesquare.v +++ b/src/Specific/solinas32_2e212m29/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e212m29/freeze.v b/src/Specific/solinas32_2e212m29/freeze.v index a7b9b2878..4b39409ef 100644 --- a/src/Specific/solinas32_2e212m29/freeze.v +++ b/src/Specific/solinas32_2e212m29/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e213m3/CurveParameters.v b/src/Specific/solinas32_2e213m3/CurveParameters.v index 419a52e0f..3b12b73f8 100644 --- a/src/Specific/solinas32_2e213m3/CurveParameters.v +++ b/src/Specific/solinas32_2e213m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e213m3/femul.v b/src/Specific/solinas32_2e213m3/femul.v index 5b4b305ee..5c1ec5789 100644 --- a/src/Specific/solinas32_2e213m3/femul.v +++ b/src/Specific/solinas32_2e213m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e213m3/fesquare.v b/src/Specific/solinas32_2e213m3/fesquare.v index 572847ace..c10c2b7d2 100644 --- a/src/Specific/solinas32_2e213m3/fesquare.v +++ b/src/Specific/solinas32_2e213m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e213m3/freeze.v b/src/Specific/solinas32_2e213m3/freeze.v index b8c3bd54b..a20850e49 100644 --- a/src/Specific/solinas32_2e213m3/freeze.v +++ b/src/Specific/solinas32_2e213m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v b/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v index e730e1b66..5710a3c64 100644 --- a/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e216m2e108m1/femul.v b/src/Specific/solinas32_2e216m2e108m1/femul.v index 308301d15..12d38bb21 100644 --- a/src/Specific/solinas32_2e216m2e108m1/femul.v +++ b/src/Specific/solinas32_2e216m2e108m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e216m2e108m1/fesquare.v b/src/Specific/solinas32_2e216m2e108m1/fesquare.v index a24c1acbd..a7839aa17 100644 --- a/src/Specific/solinas32_2e216m2e108m1/fesquare.v +++ b/src/Specific/solinas32_2e216m2e108m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e216m2e108m1/freeze.v b/src/Specific/solinas32_2e216m2e108m1/freeze.v index 86c0f11ba..7fd34e08d 100644 --- a/src/Specific/solinas32_2e216m2e108m1/freeze.v +++ b/src/Specific/solinas32_2e216m2e108m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e221m3/CurveParameters.v b/src/Specific/solinas32_2e221m3/CurveParameters.v index 235111e0e..2b591da9c 100644 --- a/src/Specific/solinas32_2e221m3/CurveParameters.v +++ b/src/Specific/solinas32_2e221m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e221m3/femul.v b/src/Specific/solinas32_2e221m3/femul.v index 0bdb421fc..252dff46c 100644 --- a/src/Specific/solinas32_2e221m3/femul.v +++ b/src/Specific/solinas32_2e221m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e221m3/fesquare.v b/src/Specific/solinas32_2e221m3/fesquare.v index fcfb02b0b..f6756cf56 100644 --- a/src/Specific/solinas32_2e221m3/fesquare.v +++ b/src/Specific/solinas32_2e221m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e221m3/freeze.v b/src/Specific/solinas32_2e221m3/freeze.v index e22eacd5c..37638f083 100644 --- a/src/Specific/solinas32_2e221m3/freeze.v +++ b/src/Specific/solinas32_2e221m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e222m117/CurveParameters.v b/src/Specific/solinas32_2e222m117/CurveParameters.v index cd51f991c..0f31d178e 100644 --- a/src/Specific/solinas32_2e222m117/CurveParameters.v +++ b/src/Specific/solinas32_2e222m117/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e222m117/femul.v b/src/Specific/solinas32_2e222m117/femul.v index aa99d6f06..2fb80aed8 100644 --- a/src/Specific/solinas32_2e222m117/femul.v +++ b/src/Specific/solinas32_2e222m117/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e222m117/fesquare.v b/src/Specific/solinas32_2e222m117/fesquare.v index 75b63e9f0..93f73e996 100644 --- a/src/Specific/solinas32_2e222m117/fesquare.v +++ b/src/Specific/solinas32_2e222m117/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e222m117/freeze.v b/src/Specific/solinas32_2e222m117/freeze.v index e0bcedbde..690832a82 100644 --- a/src/Specific/solinas32_2e222m117/freeze.v +++ b/src/Specific/solinas32_2e222m117/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v b/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v index 54ecaa634..3b80e3f22 100644 --- a/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e224m2e96p1/femul.v b/src/Specific/solinas32_2e224m2e96p1/femul.v index 03ba4b9cf..bc1b1eeb2 100644 --- a/src/Specific/solinas32_2e224m2e96p1/femul.v +++ b/src/Specific/solinas32_2e224m2e96p1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e224m2e96p1/fesquare.v b/src/Specific/solinas32_2e224m2e96p1/fesquare.v index 4eba129c3..7f9bcbe64 100644 --- a/src/Specific/solinas32_2e224m2e96p1/fesquare.v +++ b/src/Specific/solinas32_2e224m2e96p1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e224m2e96p1/freeze.v b/src/Specific/solinas32_2e224m2e96p1/freeze.v index d402c4fe4..36466e522 100644 --- a/src/Specific/solinas32_2e224m2e96p1/freeze.v +++ b/src/Specific/solinas32_2e224m2e96p1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e226m5/CurveParameters.v b/src/Specific/solinas32_2e226m5/CurveParameters.v index 672b1d2b8..f1dc1994d 100644 --- a/src/Specific/solinas32_2e226m5/CurveParameters.v +++ b/src/Specific/solinas32_2e226m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e226m5/femul.v b/src/Specific/solinas32_2e226m5/femul.v index 886c2d068..3369e1636 100644 --- a/src/Specific/solinas32_2e226m5/femul.v +++ b/src/Specific/solinas32_2e226m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e226m5/fesquare.v b/src/Specific/solinas32_2e226m5/fesquare.v index 537614430..587be906c 100644 --- a/src/Specific/solinas32_2e226m5/fesquare.v +++ b/src/Specific/solinas32_2e226m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e226m5/freeze.v b/src/Specific/solinas32_2e226m5/freeze.v index 26463180b..9d43ef967 100644 --- a/src/Specific/solinas32_2e226m5/freeze.v +++ b/src/Specific/solinas32_2e226m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e230m27/CurveParameters.v b/src/Specific/solinas32_2e230m27/CurveParameters.v index 7b666a296..3ff7db66b 100644 --- a/src/Specific/solinas32_2e230m27/CurveParameters.v +++ b/src/Specific/solinas32_2e230m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e230m27/femul.v b/src/Specific/solinas32_2e230m27/femul.v index 84f459fe9..5977543a8 100644 --- a/src/Specific/solinas32_2e230m27/femul.v +++ b/src/Specific/solinas32_2e230m27/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e230m27/fesquare.v b/src/Specific/solinas32_2e230m27/fesquare.v index 242086f5a..f36913fb8 100644 --- a/src/Specific/solinas32_2e230m27/fesquare.v +++ b/src/Specific/solinas32_2e230m27/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e230m27/freeze.v b/src/Specific/solinas32_2e230m27/freeze.v index b020fe8b8..9a64adb99 100644 --- a/src/Specific/solinas32_2e230m27/freeze.v +++ b/src/Specific/solinas32_2e230m27/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e235m15/CurveParameters.v b/src/Specific/solinas32_2e235m15/CurveParameters.v index 2c61499e0..477375958 100644 --- a/src/Specific/solinas32_2e235m15/CurveParameters.v +++ b/src/Specific/solinas32_2e235m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e235m15/femul.v b/src/Specific/solinas32_2e235m15/femul.v index 42f4aba4f..ac5d7a3dd 100644 --- a/src/Specific/solinas32_2e235m15/femul.v +++ b/src/Specific/solinas32_2e235m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e235m15/fesquare.v b/src/Specific/solinas32_2e235m15/fesquare.v index 9646b630b..20351c587 100644 --- a/src/Specific/solinas32_2e235m15/fesquare.v +++ b/src/Specific/solinas32_2e235m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e235m15/freeze.v b/src/Specific/solinas32_2e235m15/freeze.v index 5227e4d75..64e6fb10a 100644 --- a/src/Specific/solinas32_2e235m15/freeze.v +++ b/src/Specific/solinas32_2e235m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e243m9/CurveParameters.v b/src/Specific/solinas32_2e243m9/CurveParameters.v index ffa18ddd7..885a220ea 100644 --- a/src/Specific/solinas32_2e243m9/CurveParameters.v +++ b/src/Specific/solinas32_2e243m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e243m9/femul.v b/src/Specific/solinas32_2e243m9/femul.v index afaa66757..3e34126c9 100644 --- a/src/Specific/solinas32_2e243m9/femul.v +++ b/src/Specific/solinas32_2e243m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e243m9/fesquare.v b/src/Specific/solinas32_2e243m9/fesquare.v index 10b9ed6e9..6edb3fa29 100644 --- a/src/Specific/solinas32_2e243m9/fesquare.v +++ b/src/Specific/solinas32_2e243m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e243m9/freeze.v b/src/Specific/solinas32_2e243m9/freeze.v index de7799345..70fdbd86c 100644 --- a/src/Specific/solinas32_2e243m9/freeze.v +++ b/src/Specific/solinas32_2e243m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e251m9/CurveParameters.v b/src/Specific/solinas32_2e251m9/CurveParameters.v index d10d90f29..f0d999a16 100644 --- a/src/Specific/solinas32_2e251m9/CurveParameters.v +++ b/src/Specific/solinas32_2e251m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e251m9/femul.v b/src/Specific/solinas32_2e251m9/femul.v index 8abf9f965..41dfb8ece 100644 --- a/src/Specific/solinas32_2e251m9/femul.v +++ b/src/Specific/solinas32_2e251m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e251m9/fesquare.v b/src/Specific/solinas32_2e251m9/fesquare.v index ff934f4f8..781d10fe3 100644 --- a/src/Specific/solinas32_2e251m9/fesquare.v +++ b/src/Specific/solinas32_2e251m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e251m9/freeze.v b/src/Specific/solinas32_2e251m9/freeze.v index 1f57709e5..d4c50d9cd 100644 --- a/src/Specific/solinas32_2e251m9/freeze.v +++ b/src/Specific/solinas32_2e251m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v b/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v index b7722a44d..3621b91c5 100644 --- a/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v +++ b/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e254m127x2e240m1/femul.v b/src/Specific/solinas32_2e254m127x2e240m1/femul.v index dfa390a2e..b9fef8d2c 100644 --- a/src/Specific/solinas32_2e254m127x2e240m1/femul.v +++ b/src/Specific/solinas32_2e254m127x2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v b/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v index a98cf6949..212913909 100644 --- a/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v +++ b/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e254m127x2e240m1/freeze.v b/src/Specific/solinas32_2e254m127x2e240m1/freeze.v index 776903712..f0168e8aa 100644 --- a/src/Specific/solinas32_2e254m127x2e240m1/freeze.v +++ b/src/Specific/solinas32_2e254m127x2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e255m19/CurveParameters.v b/src/Specific/solinas32_2e255m19/CurveParameters.v index e0f85d14b..343809d78 100644 --- a/src/Specific/solinas32_2e255m19/CurveParameters.v +++ b/src/Specific/solinas32_2e255m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e255m19/femul.v b/src/Specific/solinas32_2e255m19/femul.v index 48907c195..473def500 100644 --- a/src/Specific/solinas32_2e255m19/femul.v +++ b/src/Specific/solinas32_2e255m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e255m19/fesquare.v b/src/Specific/solinas32_2e255m19/fesquare.v index b31b7c2cd..1764d1436 100644 --- a/src/Specific/solinas32_2e255m19/fesquare.v +++ b/src/Specific/solinas32_2e255m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e255m19/freeze.v b/src/Specific/solinas32_2e255m19/freeze.v index 1ce58d5f9..050d449ce 100644 --- a/src/Specific/solinas32_2e255m19/freeze.v +++ b/src/Specific/solinas32_2e255m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v index 615761dd2..8d1a99a21 100644 --- a/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e255m2e4m2e1m1/femul.v b/src/Specific/solinas32_2e255m2e4m2e1m1/femul.v index 2346560be..9a3283821 100644 --- a/src/Specific/solinas32_2e255m2e4m2e1m1/femul.v +++ b/src/Specific/solinas32_2e255m2e4m2e1m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e255m2e4m2e1m1/fesquare.v b/src/Specific/solinas32_2e255m2e4m2e1m1/fesquare.v index 97b038ef7..73bbd92c2 100644 --- a/src/Specific/solinas32_2e255m2e4m2e1m1/fesquare.v +++ b/src/Specific/solinas32_2e255m2e4m2e1m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e255m2e4m2e1m1/freeze.v b/src/Specific/solinas32_2e255m2e4m2e1m1/freeze.v index ee06e20dd..1a5aa3cac 100644 --- a/src/Specific/solinas32_2e255m2e4m2e1m1/freeze.v +++ b/src/Specific/solinas32_2e255m2e4m2e1m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e255m765/CurveParameters.v b/src/Specific/solinas32_2e255m765/CurveParameters.v index cd6970ff6..1d71fdff4 100644 --- a/src/Specific/solinas32_2e255m765/CurveParameters.v +++ b/src/Specific/solinas32_2e255m765/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e255m765/femul.v b/src/Specific/solinas32_2e255m765/femul.v index 1e1cbc882..3fc76a2f3 100644 --- a/src/Specific/solinas32_2e255m765/femul.v +++ b/src/Specific/solinas32_2e255m765/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e255m765/fesquare.v b/src/Specific/solinas32_2e255m765/fesquare.v index 0b6a748f6..1c7d8bfac 100644 --- a/src/Specific/solinas32_2e255m765/fesquare.v +++ b/src/Specific/solinas32_2e255m765/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e255m765/freeze.v b/src/Specific/solinas32_2e255m765/freeze.v index 3a5b007e8..1ab20a667 100644 --- a/src/Specific/solinas32_2e255m765/freeze.v +++ b/src/Specific/solinas32_2e255m765/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e256m189/CurveParameters.v b/src/Specific/solinas32_2e256m189/CurveParameters.v index 381b8f120..d3fbb51d9 100644 --- a/src/Specific/solinas32_2e256m189/CurveParameters.v +++ b/src/Specific/solinas32_2e256m189/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e256m189/femul.v b/src/Specific/solinas32_2e256m189/femul.v index 406c64f9c..01a5dabfe 100644 --- a/src/Specific/solinas32_2e256m189/femul.v +++ b/src/Specific/solinas32_2e256m189/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e256m189/fesquare.v b/src/Specific/solinas32_2e256m189/fesquare.v index 645eb7767..f1ce11281 100644 --- a/src/Specific/solinas32_2e256m189/fesquare.v +++ b/src/Specific/solinas32_2e256m189/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e256m189/freeze.v b/src/Specific/solinas32_2e256m189/freeze.v index 05064c4f8..ae07863d0 100644 --- a/src/Specific/solinas32_2e256m189/freeze.v +++ b/src/Specific/solinas32_2e256m189/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v index e1bb1900d..670822354 100644 --- a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/femul.v b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/femul.v index 5cd6393ff..64a7c305b 100644 --- a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/femul.v +++ b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/fesquare.v b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/fesquare.v index 4c4cb5b98..2e11bb270 100644 --- a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/fesquare.v +++ b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/freeze.v b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/freeze.v index 796ef2361..9da474e53 100644 --- a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/freeze.v +++ b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v b/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v index 87c3db7bc..8401a24fa 100644 --- a/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e256m2e32m977/femul.v b/src/Specific/solinas32_2e256m2e32m977/femul.v index 441307767..16f2f70c0 100644 --- a/src/Specific/solinas32_2e256m2e32m977/femul.v +++ b/src/Specific/solinas32_2e256m2e32m977/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e256m2e32m977/fesquare.v b/src/Specific/solinas32_2e256m2e32m977/fesquare.v index f52ca519d..aa4ab2c55 100644 --- a/src/Specific/solinas32_2e256m2e32m977/fesquare.v +++ b/src/Specific/solinas32_2e256m2e32m977/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e256m2e32m977/freeze.v b/src/Specific/solinas32_2e256m2e32m977/freeze.v index 5ecb33677..e224de51d 100644 --- a/src/Specific/solinas32_2e256m2e32m977/freeze.v +++ b/src/Specific/solinas32_2e256m2e32m977/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v b/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v index b0dcf85e1..dbb23c9f5 100644 --- a/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v +++ b/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e256m88x2e240m1/femul.v b/src/Specific/solinas32_2e256m88x2e240m1/femul.v index 5ea7db0f4..8dfaa7d47 100644 --- a/src/Specific/solinas32_2e256m88x2e240m1/femul.v +++ b/src/Specific/solinas32_2e256m88x2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v b/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v index 6a4cdee35..4db3dac82 100644 --- a/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v +++ b/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e256m88x2e240m1/freeze.v b/src/Specific/solinas32_2e256m88x2e240m1/freeze.v index 35d11de1c..8789d22bc 100644 --- a/src/Specific/solinas32_2e256m88x2e240m1/freeze.v +++ b/src/Specific/solinas32_2e256m88x2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e266m3/CurveParameters.v b/src/Specific/solinas32_2e266m3/CurveParameters.v index 34ea56b57..99e44e720 100644 --- a/src/Specific/solinas32_2e266m3/CurveParameters.v +++ b/src/Specific/solinas32_2e266m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e266m3/femul.v b/src/Specific/solinas32_2e266m3/femul.v index 1201b0c0b..3d3ad0278 100644 --- a/src/Specific/solinas32_2e266m3/femul.v +++ b/src/Specific/solinas32_2e266m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e266m3/fesquare.v b/src/Specific/solinas32_2e266m3/fesquare.v index 7a8ca6579..5857ba16f 100644 --- a/src/Specific/solinas32_2e266m3/fesquare.v +++ b/src/Specific/solinas32_2e266m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e266m3/freeze.v b/src/Specific/solinas32_2e266m3/freeze.v index 685af0180..a5de70919 100644 --- a/src/Specific/solinas32_2e266m3/freeze.v +++ b/src/Specific/solinas32_2e266m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e285m9/CurveParameters.v b/src/Specific/solinas32_2e285m9/CurveParameters.v index e0eef7f7d..571611a8c 100644 --- a/src/Specific/solinas32_2e285m9/CurveParameters.v +++ b/src/Specific/solinas32_2e285m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e285m9/femul.v b/src/Specific/solinas32_2e285m9/femul.v index c7c512f3f..430988559 100644 --- a/src/Specific/solinas32_2e285m9/femul.v +++ b/src/Specific/solinas32_2e285m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e285m9/fesquare.v b/src/Specific/solinas32_2e285m9/fesquare.v index 85007cc14..f651263fb 100644 --- a/src/Specific/solinas32_2e285m9/fesquare.v +++ b/src/Specific/solinas32_2e285m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e285m9/freeze.v b/src/Specific/solinas32_2e285m9/freeze.v index 58321cf72..311896718 100644 --- a/src/Specific/solinas32_2e285m9/freeze.v +++ b/src/Specific/solinas32_2e285m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e291m19/CurveParameters.v b/src/Specific/solinas32_2e291m19/CurveParameters.v index 930f2099b..7f8506441 100644 --- a/src/Specific/solinas32_2e291m19/CurveParameters.v +++ b/src/Specific/solinas32_2e291m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e291m19/femul.v b/src/Specific/solinas32_2e291m19/femul.v index 99fb1a59e..64135aa2a 100644 --- a/src/Specific/solinas32_2e291m19/femul.v +++ b/src/Specific/solinas32_2e291m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e291m19/fesquare.v b/src/Specific/solinas32_2e291m19/fesquare.v index b809ea376..85bc19e90 100644 --- a/src/Specific/solinas32_2e291m19/fesquare.v +++ b/src/Specific/solinas32_2e291m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e291m19/freeze.v b/src/Specific/solinas32_2e291m19/freeze.v index c5c7f0bb1..ddf321b67 100644 --- a/src/Specific/solinas32_2e291m19/freeze.v +++ b/src/Specific/solinas32_2e291m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e321m9/CurveParameters.v b/src/Specific/solinas32_2e321m9/CurveParameters.v index c5dff7431..969bc78b4 100644 --- a/src/Specific/solinas32_2e321m9/CurveParameters.v +++ b/src/Specific/solinas32_2e321m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e321m9/femul.v b/src/Specific/solinas32_2e321m9/femul.v index abec21932..434c4125e 100644 --- a/src/Specific/solinas32_2e321m9/femul.v +++ b/src/Specific/solinas32_2e321m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e321m9/fesquare.v b/src/Specific/solinas32_2e321m9/fesquare.v index ec95e4c35..d534145af 100644 --- a/src/Specific/solinas32_2e321m9/fesquare.v +++ b/src/Specific/solinas32_2e321m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e321m9/freeze.v b/src/Specific/solinas32_2e321m9/freeze.v index 87c4534ae..8ab93ae0b 100644 --- a/src/Specific/solinas32_2e321m9/freeze.v +++ b/src/Specific/solinas32_2e321m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v b/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v index 991674605..a95e50088 100644 --- a/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e322m2e161m1/femul.v b/src/Specific/solinas32_2e322m2e161m1/femul.v index 473d8b1cf..2786e9f19 100644 --- a/src/Specific/solinas32_2e322m2e161m1/femul.v +++ b/src/Specific/solinas32_2e322m2e161m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e322m2e161m1/fesquare.v b/src/Specific/solinas32_2e322m2e161m1/fesquare.v index 544721bfa..b6ae22a88 100644 --- a/src/Specific/solinas32_2e322m2e161m1/fesquare.v +++ b/src/Specific/solinas32_2e322m2e161m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e322m2e161m1/freeze.v b/src/Specific/solinas32_2e322m2e161m1/freeze.v index c34884350..3c9a0fe82 100644 --- a/src/Specific/solinas32_2e322m2e161m1/freeze.v +++ b/src/Specific/solinas32_2e322m2e161m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e336m17/CurveParameters.v b/src/Specific/solinas32_2e336m17/CurveParameters.v index 72221f16e..41635b9ec 100644 --- a/src/Specific/solinas32_2e336m17/CurveParameters.v +++ b/src/Specific/solinas32_2e336m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e336m17/femul.v b/src/Specific/solinas32_2e336m17/femul.v index 13280ca4e..fe9aac600 100644 --- a/src/Specific/solinas32_2e336m17/femul.v +++ b/src/Specific/solinas32_2e336m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e336m17/fesquare.v b/src/Specific/solinas32_2e336m17/fesquare.v index 428cfb7ca..9d9b5ac3f 100644 --- a/src/Specific/solinas32_2e336m17/fesquare.v +++ b/src/Specific/solinas32_2e336m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e336m17/freeze.v b/src/Specific/solinas32_2e336m17/freeze.v index 508354148..bc39af381 100644 --- a/src/Specific/solinas32_2e336m17/freeze.v +++ b/src/Specific/solinas32_2e336m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e336m3/CurveParameters.v b/src/Specific/solinas32_2e336m3/CurveParameters.v index 3dd24af63..3da01232a 100644 --- a/src/Specific/solinas32_2e336m3/CurveParameters.v +++ b/src/Specific/solinas32_2e336m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e336m3/femul.v b/src/Specific/solinas32_2e336m3/femul.v index a656f5122..d779203f0 100644 --- a/src/Specific/solinas32_2e336m3/femul.v +++ b/src/Specific/solinas32_2e336m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e336m3/fesquare.v b/src/Specific/solinas32_2e336m3/fesquare.v index 13de04f3b..c0b5ef465 100644 --- a/src/Specific/solinas32_2e336m3/fesquare.v +++ b/src/Specific/solinas32_2e336m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e336m3/freeze.v b/src/Specific/solinas32_2e336m3/freeze.v index 12661b455..a1c667598 100644 --- a/src/Specific/solinas32_2e336m3/freeze.v +++ b/src/Specific/solinas32_2e336m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e338m15/CurveParameters.v b/src/Specific/solinas32_2e338m15/CurveParameters.v index 4c41c35fd..21876e595 100644 --- a/src/Specific/solinas32_2e338m15/CurveParameters.v +++ b/src/Specific/solinas32_2e338m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e338m15/femul.v b/src/Specific/solinas32_2e338m15/femul.v index 6c2d0ab0f..3d335dfd8 100644 --- a/src/Specific/solinas32_2e338m15/femul.v +++ b/src/Specific/solinas32_2e338m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e338m15/fesquare.v b/src/Specific/solinas32_2e338m15/fesquare.v index c6d01a999..f0f584db6 100644 --- a/src/Specific/solinas32_2e338m15/fesquare.v +++ b/src/Specific/solinas32_2e338m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e338m15/freeze.v b/src/Specific/solinas32_2e338m15/freeze.v index 6abdf0b70..2d8c40ab3 100644 --- a/src/Specific/solinas32_2e338m15/freeze.v +++ b/src/Specific/solinas32_2e338m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e369m25/CurveParameters.v b/src/Specific/solinas32_2e369m25/CurveParameters.v index 93d759e78..eaf6e034a 100644 --- a/src/Specific/solinas32_2e369m25/CurveParameters.v +++ b/src/Specific/solinas32_2e369m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e369m25/femul.v b/src/Specific/solinas32_2e369m25/femul.v index b2f296532..17bfca7bf 100644 --- a/src/Specific/solinas32_2e369m25/femul.v +++ b/src/Specific/solinas32_2e369m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e369m25/fesquare.v b/src/Specific/solinas32_2e369m25/fesquare.v index 5f582e8d2..f031c852a 100644 --- a/src/Specific/solinas32_2e369m25/fesquare.v +++ b/src/Specific/solinas32_2e369m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e369m25/freeze.v b/src/Specific/solinas32_2e369m25/freeze.v index 21e2bc9d9..d8dee1ea9 100644 --- a/src/Specific/solinas32_2e369m25/freeze.v +++ b/src/Specific/solinas32_2e369m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e379m19/CurveParameters.v b/src/Specific/solinas32_2e379m19/CurveParameters.v index 439427896..f0c77132e 100644 --- a/src/Specific/solinas32_2e379m19/CurveParameters.v +++ b/src/Specific/solinas32_2e379m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e379m19/femul.v b/src/Specific/solinas32_2e379m19/femul.v index 26646a7f3..7d3037190 100644 --- a/src/Specific/solinas32_2e379m19/femul.v +++ b/src/Specific/solinas32_2e379m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e379m19/fesquare.v b/src/Specific/solinas32_2e379m19/fesquare.v index 21f421136..fd56ba84a 100644 --- a/src/Specific/solinas32_2e379m19/fesquare.v +++ b/src/Specific/solinas32_2e379m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e379m19/freeze.v b/src/Specific/solinas32_2e379m19/freeze.v index 399637056..09307726f 100644 --- a/src/Specific/solinas32_2e379m19/freeze.v +++ b/src/Specific/solinas32_2e379m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e382m105/CurveParameters.v b/src/Specific/solinas32_2e382m105/CurveParameters.v index f85e6572e..54e3b65bc 100644 --- a/src/Specific/solinas32_2e382m105/CurveParameters.v +++ b/src/Specific/solinas32_2e382m105/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e382m105/femul.v b/src/Specific/solinas32_2e382m105/femul.v index fb3bf71e8..0dccac9f6 100644 --- a/src/Specific/solinas32_2e382m105/femul.v +++ b/src/Specific/solinas32_2e382m105/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e382m105/fesquare.v b/src/Specific/solinas32_2e382m105/fesquare.v index e4afc1c54..b73db71e2 100644 --- a/src/Specific/solinas32_2e382m105/fesquare.v +++ b/src/Specific/solinas32_2e382m105/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e382m105/freeze.v b/src/Specific/solinas32_2e382m105/freeze.v index 8cf1e4d4c..295cc068f 100644 --- a/src/Specific/solinas32_2e382m105/freeze.v +++ b/src/Specific/solinas32_2e382m105/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v index 261fd26f2..099edd55a 100644 --- a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/femul.v b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/femul.v index 0044bfa58..7e1b9ac9e 100644 --- a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/femul.v +++ b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/fesquare.v b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/fesquare.v index 736c016ad..b8837cb69 100644 --- a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/fesquare.v +++ b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/freeze.v b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/freeze.v index fd893f871..36c3302ca 100644 --- a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/freeze.v +++ b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e384m317/CurveParameters.v b/src/Specific/solinas32_2e384m317/CurveParameters.v index 936eb13bc..3dda959a2 100644 --- a/src/Specific/solinas32_2e384m317/CurveParameters.v +++ b/src/Specific/solinas32_2e384m317/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e384m317/femul.v b/src/Specific/solinas32_2e384m317/femul.v index 60d843392..9ae71f9fe 100644 --- a/src/Specific/solinas32_2e384m317/femul.v +++ b/src/Specific/solinas32_2e384m317/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e384m317/fesquare.v b/src/Specific/solinas32_2e384m317/fesquare.v index f83fe5817..e00cfeed6 100644 --- a/src/Specific/solinas32_2e384m317/fesquare.v +++ b/src/Specific/solinas32_2e384m317/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e384m317/freeze.v b/src/Specific/solinas32_2e384m317/freeze.v index d260a6a75..ce6ffa4b9 100644 --- a/src/Specific/solinas32_2e384m317/freeze.v +++ b/src/Specific/solinas32_2e384m317/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v b/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v index 4a108e61b..bf1dfae0e 100644 --- a/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e384m5x2e368m1/femul.v b/src/Specific/solinas32_2e384m5x2e368m1/femul.v index ed129081b..bf4f83f1b 100644 --- a/src/Specific/solinas32_2e384m5x2e368m1/femul.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v b/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v index ac2452c60..84341069f 100644 --- a/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e384m5x2e368m1/freeze.v b/src/Specific/solinas32_2e384m5x2e368m1/freeze.v index 9b39e69bb..23cd4284a 100644 --- a/src/Specific/solinas32_2e384m5x2e368m1/freeze.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v b/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v index feb1df7c6..91c9e295e 100644 --- a/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v +++ b/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e384m79x2e376m1/femul.v b/src/Specific/solinas32_2e384m79x2e376m1/femul.v index b75f09ecb..68d8fbb89 100644 --- a/src/Specific/solinas32_2e384m79x2e376m1/femul.v +++ b/src/Specific/solinas32_2e384m79x2e376m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v b/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v index e0ab6b6f0..92416197a 100644 --- a/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v +++ b/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e384m79x2e376m1/freeze.v b/src/Specific/solinas32_2e384m79x2e376m1/freeze.v index c8f63c1a8..42c170bca 100644 --- a/src/Specific/solinas32_2e384m79x2e376m1/freeze.v +++ b/src/Specific/solinas32_2e384m79x2e376m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e401m31/CurveParameters.v b/src/Specific/solinas32_2e401m31/CurveParameters.v index e35786f5d..3f0b95dfb 100644 --- a/src/Specific/solinas32_2e401m31/CurveParameters.v +++ b/src/Specific/solinas32_2e401m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e401m31/femul.v b/src/Specific/solinas32_2e401m31/femul.v index 65a5a7a07..510b9da45 100644 --- a/src/Specific/solinas32_2e401m31/femul.v +++ b/src/Specific/solinas32_2e401m31/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e401m31/fesquare.v b/src/Specific/solinas32_2e401m31/fesquare.v index 627bea25e..759a1d02f 100644 --- a/src/Specific/solinas32_2e401m31/fesquare.v +++ b/src/Specific/solinas32_2e401m31/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e401m31/freeze.v b/src/Specific/solinas32_2e401m31/freeze.v index 267ccd8e7..55d4e786d 100644 --- a/src/Specific/solinas32_2e401m31/freeze.v +++ b/src/Specific/solinas32_2e401m31/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e414m17/CurveParameters.v b/src/Specific/solinas32_2e414m17/CurveParameters.v index 1f27f5735..943a6dc12 100644 --- a/src/Specific/solinas32_2e414m17/CurveParameters.v +++ b/src/Specific/solinas32_2e414m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e414m17/femul.v b/src/Specific/solinas32_2e414m17/femul.v index d8da6338b..a1e575642 100644 --- a/src/Specific/solinas32_2e414m17/femul.v +++ b/src/Specific/solinas32_2e414m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e414m17/fesquare.v b/src/Specific/solinas32_2e414m17/fesquare.v index 8f0c40e80..3ff77fe17 100644 --- a/src/Specific/solinas32_2e414m17/fesquare.v +++ b/src/Specific/solinas32_2e414m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e414m17/freeze.v b/src/Specific/solinas32_2e414m17/freeze.v index c6ef7ae1b..91aa166e5 100644 --- a/src/Specific/solinas32_2e414m17/freeze.v +++ b/src/Specific/solinas32_2e414m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v b/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v index ebf5d3625..225811e1b 100644 --- a/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e416m2e208m1/femul.v b/src/Specific/solinas32_2e416m2e208m1/femul.v index f9789442e..94af32300 100644 --- a/src/Specific/solinas32_2e416m2e208m1/femul.v +++ b/src/Specific/solinas32_2e416m2e208m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e416m2e208m1/fesquare.v b/src/Specific/solinas32_2e416m2e208m1/fesquare.v index d01d4eb59..065d229fa 100644 --- a/src/Specific/solinas32_2e416m2e208m1/fesquare.v +++ b/src/Specific/solinas32_2e416m2e208m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e416m2e208m1/freeze.v b/src/Specific/solinas32_2e416m2e208m1/freeze.v index 83e408313..ffc99fd17 100644 --- a/src/Specific/solinas32_2e416m2e208m1/freeze.v +++ b/src/Specific/solinas32_2e416m2e208m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e444m17/CurveParameters.v b/src/Specific/solinas32_2e444m17/CurveParameters.v index 58e94a2bb..dda8b0de0 100644 --- a/src/Specific/solinas32_2e444m17/CurveParameters.v +++ b/src/Specific/solinas32_2e444m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e444m17/femul.v b/src/Specific/solinas32_2e444m17/femul.v index 8df65140d..5cd7bcc63 100644 --- a/src/Specific/solinas32_2e444m17/femul.v +++ b/src/Specific/solinas32_2e444m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e444m17/fesquare.v b/src/Specific/solinas32_2e444m17/fesquare.v index 5299608be..2f740437f 100644 --- a/src/Specific/solinas32_2e444m17/fesquare.v +++ b/src/Specific/solinas32_2e444m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e444m17/freeze.v b/src/Specific/solinas32_2e444m17/freeze.v index 6d7c502d4..aeb3d5855 100644 --- a/src/Specific/solinas32_2e444m17/freeze.v +++ b/src/Specific/solinas32_2e444m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v b/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v index 0d00e5071..b60282c0f 100644 --- a/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e448m2e224m1/femul.v b/src/Specific/solinas32_2e448m2e224m1/femul.v index 84c220637..6c5ee28df 100644 --- a/src/Specific/solinas32_2e448m2e224m1/femul.v +++ b/src/Specific/solinas32_2e448m2e224m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e448m2e224m1/fesquare.v b/src/Specific/solinas32_2e448m2e224m1/fesquare.v index 9990b11d8..2886f929a 100644 --- a/src/Specific/solinas32_2e448m2e224m1/fesquare.v +++ b/src/Specific/solinas32_2e448m2e224m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e448m2e224m1/freeze.v b/src/Specific/solinas32_2e448m2e224m1/freeze.v index 261e0fd2b..eb3ef1bf0 100644 --- a/src/Specific/solinas32_2e448m2e224m1/freeze.v +++ b/src/Specific/solinas32_2e448m2e224m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v b/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v index 5c878a9ff..d7741bda7 100644 --- a/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e450m2e225m1/femul.v b/src/Specific/solinas32_2e450m2e225m1/femul.v index 0c73d608b..f4a02c286 100644 --- a/src/Specific/solinas32_2e450m2e225m1/femul.v +++ b/src/Specific/solinas32_2e450m2e225m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e450m2e225m1/fesquare.v b/src/Specific/solinas32_2e450m2e225m1/fesquare.v index 8c8e7edc0..cf1257fb8 100644 --- a/src/Specific/solinas32_2e450m2e225m1/fesquare.v +++ b/src/Specific/solinas32_2e450m2e225m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e450m2e225m1/freeze.v b/src/Specific/solinas32_2e450m2e225m1/freeze.v index 829ea37ec..bc7af4d8b 100644 --- a/src/Specific/solinas32_2e450m2e225m1/freeze.v +++ b/src/Specific/solinas32_2e450m2e225m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e452m3/CurveParameters.v b/src/Specific/solinas32_2e452m3/CurveParameters.v index 9b6f858a1..62460e879 100644 --- a/src/Specific/solinas32_2e452m3/CurveParameters.v +++ b/src/Specific/solinas32_2e452m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e452m3/femul.v b/src/Specific/solinas32_2e452m3/femul.v index 7421c0f54..083ec02dc 100644 --- a/src/Specific/solinas32_2e452m3/femul.v +++ b/src/Specific/solinas32_2e452m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e452m3/fesquare.v b/src/Specific/solinas32_2e452m3/fesquare.v index 1e524dcb7..9355341ce 100644 --- a/src/Specific/solinas32_2e452m3/fesquare.v +++ b/src/Specific/solinas32_2e452m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e452m3/freeze.v b/src/Specific/solinas32_2e452m3/freeze.v index ef149e3ba..f25d8f850 100644 --- a/src/Specific/solinas32_2e452m3/freeze.v +++ b/src/Specific/solinas32_2e452m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e468m17/CurveParameters.v b/src/Specific/solinas32_2e468m17/CurveParameters.v index 76c6f128f..9a2f689cf 100644 --- a/src/Specific/solinas32_2e468m17/CurveParameters.v +++ b/src/Specific/solinas32_2e468m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e468m17/femul.v b/src/Specific/solinas32_2e468m17/femul.v index e36b17051..0fc7ec3a3 100644 --- a/src/Specific/solinas32_2e468m17/femul.v +++ b/src/Specific/solinas32_2e468m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e468m17/fesquare.v b/src/Specific/solinas32_2e468m17/fesquare.v index 4231e3d62..a75ccc430 100644 --- a/src/Specific/solinas32_2e468m17/fesquare.v +++ b/src/Specific/solinas32_2e468m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e468m17/freeze.v b/src/Specific/solinas32_2e468m17/freeze.v index 61bfaa79b..bcf0088fd 100644 --- a/src/Specific/solinas32_2e468m17/freeze.v +++ b/src/Specific/solinas32_2e468m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v b/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v index fc8e075e7..88f7b62dc 100644 --- a/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e480m2e240m1/femul.v b/src/Specific/solinas32_2e480m2e240m1/femul.v index eae613170..fb742e249 100644 --- a/src/Specific/solinas32_2e480m2e240m1/femul.v +++ b/src/Specific/solinas32_2e480m2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e480m2e240m1/fesquare.v b/src/Specific/solinas32_2e480m2e240m1/fesquare.v index 9520f0bd1..26889b7c8 100644 --- a/src/Specific/solinas32_2e480m2e240m1/fesquare.v +++ b/src/Specific/solinas32_2e480m2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e480m2e240m1/freeze.v b/src/Specific/solinas32_2e480m2e240m1/freeze.v index 8631a693f..d10462aba 100644 --- a/src/Specific/solinas32_2e480m2e240m1/freeze.v +++ b/src/Specific/solinas32_2e480m2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e488m17/CurveParameters.v b/src/Specific/solinas32_2e488m17/CurveParameters.v index d3decd385..78967fede 100644 --- a/src/Specific/solinas32_2e488m17/CurveParameters.v +++ b/src/Specific/solinas32_2e488m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e488m17/femul.v b/src/Specific/solinas32_2e488m17/femul.v index 0e0db057a..06cd6df69 100644 --- a/src/Specific/solinas32_2e488m17/femul.v +++ b/src/Specific/solinas32_2e488m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e488m17/fesquare.v b/src/Specific/solinas32_2e488m17/fesquare.v index d1d14baf6..0644bc327 100644 --- a/src/Specific/solinas32_2e488m17/fesquare.v +++ b/src/Specific/solinas32_2e488m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e488m17/freeze.v b/src/Specific/solinas32_2e488m17/freeze.v index 3fd216fde..a48ca4156 100644 --- a/src/Specific/solinas32_2e488m17/freeze.v +++ b/src/Specific/solinas32_2e488m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e489m21/CurveParameters.v b/src/Specific/solinas32_2e489m21/CurveParameters.v index 0ef8bb62a..03ee43b95 100644 --- a/src/Specific/solinas32_2e489m21/CurveParameters.v +++ b/src/Specific/solinas32_2e489m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e489m21/femul.v b/src/Specific/solinas32_2e489m21/femul.v index 1ac7dc8aa..8b01b21d4 100644 --- a/src/Specific/solinas32_2e489m21/femul.v +++ b/src/Specific/solinas32_2e489m21/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e489m21/fesquare.v b/src/Specific/solinas32_2e489m21/fesquare.v index 5dbbb15e6..ae5ec5e35 100644 --- a/src/Specific/solinas32_2e489m21/fesquare.v +++ b/src/Specific/solinas32_2e489m21/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e489m21/freeze.v b/src/Specific/solinas32_2e489m21/freeze.v index 5e5698f13..1d4c3544b 100644 --- a/src/Specific/solinas32_2e489m21/freeze.v +++ b/src/Specific/solinas32_2e489m21/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e495m31/CurveParameters.v b/src/Specific/solinas32_2e495m31/CurveParameters.v index 1667e9155..f30322224 100644 --- a/src/Specific/solinas32_2e495m31/CurveParameters.v +++ b/src/Specific/solinas32_2e495m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e495m31/femul.v b/src/Specific/solinas32_2e495m31/femul.v index 5966a0422..3c0f27e7f 100644 --- a/src/Specific/solinas32_2e495m31/femul.v +++ b/src/Specific/solinas32_2e495m31/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e495m31/fesquare.v b/src/Specific/solinas32_2e495m31/fesquare.v index 3de31e47c..7772a1a20 100644 --- a/src/Specific/solinas32_2e495m31/fesquare.v +++ b/src/Specific/solinas32_2e495m31/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e495m31/freeze.v b/src/Specific/solinas32_2e495m31/freeze.v index 4718230b4..75174feb8 100644 --- a/src/Specific/solinas32_2e495m31/freeze.v +++ b/src/Specific/solinas32_2e495m31/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v b/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v index 90b433bdd..9160fda47 100644 --- a/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v +++ b/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e510m290x2e496m1/femul.v b/src/Specific/solinas32_2e510m290x2e496m1/femul.v index 14f4ab1c3..dd6941230 100644 --- a/src/Specific/solinas32_2e510m290x2e496m1/femul.v +++ b/src/Specific/solinas32_2e510m290x2e496m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v b/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v index f607a0d14..eb4f18cf6 100644 --- a/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v +++ b/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e510m290x2e496m1/freeze.v b/src/Specific/solinas32_2e510m290x2e496m1/freeze.v index cdd6776df..1f0d0a7ac 100644 --- a/src/Specific/solinas32_2e510m290x2e496m1/freeze.v +++ b/src/Specific/solinas32_2e510m290x2e496m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e511m187/CurveParameters.v b/src/Specific/solinas32_2e511m187/CurveParameters.v index d0b30ca7d..1ccfc438e 100644 --- a/src/Specific/solinas32_2e511m187/CurveParameters.v +++ b/src/Specific/solinas32_2e511m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e511m187/femul.v b/src/Specific/solinas32_2e511m187/femul.v index c9e3fd28b..f369e47bc 100644 --- a/src/Specific/solinas32_2e511m187/femul.v +++ b/src/Specific/solinas32_2e511m187/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e511m187/fesquare.v b/src/Specific/solinas32_2e511m187/fesquare.v index 3ae8d534d..6ca547cd9 100644 --- a/src/Specific/solinas32_2e511m187/fesquare.v +++ b/src/Specific/solinas32_2e511m187/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e511m187/freeze.v b/src/Specific/solinas32_2e511m187/freeze.v index 06f962ca8..7c748465a 100644 --- a/src/Specific/solinas32_2e511m187/freeze.v +++ b/src/Specific/solinas32_2e511m187/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e511m481/CurveParameters.v b/src/Specific/solinas32_2e511m481/CurveParameters.v index 4006af256..10a07a04a 100644 --- a/src/Specific/solinas32_2e511m481/CurveParameters.v +++ b/src/Specific/solinas32_2e511m481/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e511m481/femul.v b/src/Specific/solinas32_2e511m481/femul.v index c8f938e03..758204a90 100644 --- a/src/Specific/solinas32_2e511m481/femul.v +++ b/src/Specific/solinas32_2e511m481/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e511m481/fesquare.v b/src/Specific/solinas32_2e511m481/fesquare.v index 379d9e1cd..a578f838a 100644 --- a/src/Specific/solinas32_2e511m481/fesquare.v +++ b/src/Specific/solinas32_2e511m481/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e511m481/freeze.v b/src/Specific/solinas32_2e511m481/freeze.v index a6df1c054..acf407f65 100644 --- a/src/Specific/solinas32_2e511m481/freeze.v +++ b/src/Specific/solinas32_2e511m481/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v b/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v index 6b4dacd3f..d0e7b78e1 100644 --- a/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v +++ b/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e512m491x2e496m1/femul.v b/src/Specific/solinas32_2e512m491x2e496m1/femul.v index 2f24d9c94..e56bf9e4a 100644 --- a/src/Specific/solinas32_2e512m491x2e496m1/femul.v +++ b/src/Specific/solinas32_2e512m491x2e496m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v b/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v index d189d9098..8b8b2c229 100644 --- a/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v +++ b/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e512m491x2e496m1/freeze.v b/src/Specific/solinas32_2e512m491x2e496m1/freeze.v index 1277b0383..09931ac84 100644 --- a/src/Specific/solinas32_2e512m491x2e496m1/freeze.v +++ b/src/Specific/solinas32_2e512m491x2e496m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e512m569/CurveParameters.v b/src/Specific/solinas32_2e512m569/CurveParameters.v index 293f039d0..4753c1271 100644 --- a/src/Specific/solinas32_2e512m569/CurveParameters.v +++ b/src/Specific/solinas32_2e512m569/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e512m569/femul.v b/src/Specific/solinas32_2e512m569/femul.v index 9d14591c0..edcf687e9 100644 --- a/src/Specific/solinas32_2e512m569/femul.v +++ b/src/Specific/solinas32_2e512m569/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e512m569/fesquare.v b/src/Specific/solinas32_2e512m569/fesquare.v index 829642ae3..be10c8011 100644 --- a/src/Specific/solinas32_2e512m569/fesquare.v +++ b/src/Specific/solinas32_2e512m569/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e512m569/freeze.v b/src/Specific/solinas32_2e512m569/freeze.v index f38a4c5f8..5dee7fae3 100644 --- a/src/Specific/solinas32_2e512m569/freeze.v +++ b/src/Specific/solinas32_2e512m569/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas32_2e521m1/CurveParameters.v b/src/Specific/solinas32_2e521m1/CurveParameters.v index 30d8f552a..27f9a0c19 100644 --- a/src/Specific/solinas32_2e521m1/CurveParameters.v +++ b/src/Specific/solinas32_2e521m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas32_2e521m1/femul.v b/src/Specific/solinas32_2e521m1/femul.v index 52399b985..0111407c9 100644 --- a/src/Specific/solinas32_2e521m1/femul.v +++ b/src/Specific/solinas32_2e521m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas32_2e521m1/fesquare.v b/src/Specific/solinas32_2e521m1/fesquare.v index 2b0a9c83c..066d5138f 100644 --- a/src/Specific/solinas32_2e521m1/fesquare.v +++ b/src/Specific/solinas32_2e521m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas32_2e521m1/freeze.v b/src/Specific/solinas32_2e521m1/freeze.v index b8c4a4206..620427c85 100644 --- a/src/Specific/solinas32_2e521m1/freeze.v +++ b/src/Specific/solinas32_2e521m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas32_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e127m1/CurveParameters.v b/src/Specific/solinas64_2e127m1/CurveParameters.v index 63151249c..295d9bcab 100644 --- a/src/Specific/solinas64_2e127m1/CurveParameters.v +++ b/src/Specific/solinas64_2e127m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e127m1/femul.v b/src/Specific/solinas64_2e127m1/femul.v index 6a32e72ba..b2c0799b4 100644 --- a/src/Specific/solinas64_2e127m1/femul.v +++ b/src/Specific/solinas64_2e127m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e127m1/fesquare.v b/src/Specific/solinas64_2e127m1/fesquare.v index 2e2bb8680..014f312c8 100644 --- a/src/Specific/solinas64_2e127m1/fesquare.v +++ b/src/Specific/solinas64_2e127m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e127m1/freeze.v b/src/Specific/solinas64_2e127m1/freeze.v index 6fc2987f8..8b713351e 100644 --- a/src/Specific/solinas64_2e127m1/freeze.v +++ b/src/Specific/solinas64_2e127m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e127m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e129m25/CurveParameters.v b/src/Specific/solinas64_2e129m25/CurveParameters.v index 636c20507..96fd81053 100644 --- a/src/Specific/solinas64_2e129m25/CurveParameters.v +++ b/src/Specific/solinas64_2e129m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e129m25/femul.v b/src/Specific/solinas64_2e129m25/femul.v index c90c753f3..ffc0bc3bf 100644 --- a/src/Specific/solinas64_2e129m25/femul.v +++ b/src/Specific/solinas64_2e129m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e129m25/fesquare.v b/src/Specific/solinas64_2e129m25/fesquare.v index 376e8011f..40d0bd506 100644 --- a/src/Specific/solinas64_2e129m25/fesquare.v +++ b/src/Specific/solinas64_2e129m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e129m25/freeze.v b/src/Specific/solinas64_2e129m25/freeze.v index 7e2f08b5a..0113e8d90 100644 --- a/src/Specific/solinas64_2e129m25/freeze.v +++ b/src/Specific/solinas64_2e129m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e129m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e130m5/CurveParameters.v b/src/Specific/solinas64_2e130m5/CurveParameters.v index 776139ca6..d2ca5cc37 100644 --- a/src/Specific/solinas64_2e130m5/CurveParameters.v +++ b/src/Specific/solinas64_2e130m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e130m5/femul.v b/src/Specific/solinas64_2e130m5/femul.v index 46646f68f..eefd008e4 100644 --- a/src/Specific/solinas64_2e130m5/femul.v +++ b/src/Specific/solinas64_2e130m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e130m5/fesquare.v b/src/Specific/solinas64_2e130m5/fesquare.v index ae5980253..b4b62657b 100644 --- a/src/Specific/solinas64_2e130m5/fesquare.v +++ b/src/Specific/solinas64_2e130m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e130m5/freeze.v b/src/Specific/solinas64_2e130m5/freeze.v index c5ef0d3b6..e6aec5b0b 100644 --- a/src/Specific/solinas64_2e130m5/freeze.v +++ b/src/Specific/solinas64_2e130m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e130m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e137m13/CurveParameters.v b/src/Specific/solinas64_2e137m13/CurveParameters.v index 406cf19d6..4f1115fad 100644 --- a/src/Specific/solinas64_2e137m13/CurveParameters.v +++ b/src/Specific/solinas64_2e137m13/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e137m13/femul.v b/src/Specific/solinas64_2e137m13/femul.v index ddb855b06..e0efc049b 100644 --- a/src/Specific/solinas64_2e137m13/femul.v +++ b/src/Specific/solinas64_2e137m13/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e137m13/fesquare.v b/src/Specific/solinas64_2e137m13/fesquare.v index 9c43cb9bf..546a6126c 100644 --- a/src/Specific/solinas64_2e137m13/fesquare.v +++ b/src/Specific/solinas64_2e137m13/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e137m13/freeze.v b/src/Specific/solinas64_2e137m13/freeze.v index ab3a2dae7..f6f81845a 100644 --- a/src/Specific/solinas64_2e137m13/freeze.v +++ b/src/Specific/solinas64_2e137m13/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e137m13.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e140m27/CurveParameters.v b/src/Specific/solinas64_2e140m27/CurveParameters.v index 0d5a9151e..94213885b 100644 --- a/src/Specific/solinas64_2e140m27/CurveParameters.v +++ b/src/Specific/solinas64_2e140m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e140m27/femul.v b/src/Specific/solinas64_2e140m27/femul.v index 93d679f88..904fdb4db 100644 --- a/src/Specific/solinas64_2e140m27/femul.v +++ b/src/Specific/solinas64_2e140m27/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e140m27/fesquare.v b/src/Specific/solinas64_2e140m27/fesquare.v index 861cd6abe..29e6e17d5 100644 --- a/src/Specific/solinas64_2e140m27/fesquare.v +++ b/src/Specific/solinas64_2e140m27/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e140m27/freeze.v b/src/Specific/solinas64_2e140m27/freeze.v index ac55c52b6..6e370ad30 100644 --- a/src/Specific/solinas64_2e140m27/freeze.v +++ b/src/Specific/solinas64_2e140m27/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e140m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e141m9/CurveParameters.v b/src/Specific/solinas64_2e141m9/CurveParameters.v index e93ea3c60..d83903c89 100644 --- a/src/Specific/solinas64_2e141m9/CurveParameters.v +++ b/src/Specific/solinas64_2e141m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e141m9/femul.v b/src/Specific/solinas64_2e141m9/femul.v index 4f059bb2d..a470f163a 100644 --- a/src/Specific/solinas64_2e141m9/femul.v +++ b/src/Specific/solinas64_2e141m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e141m9/fesquare.v b/src/Specific/solinas64_2e141m9/fesquare.v index a06e1b888..e79fb6550 100644 --- a/src/Specific/solinas64_2e141m9/fesquare.v +++ b/src/Specific/solinas64_2e141m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e141m9/freeze.v b/src/Specific/solinas64_2e141m9/freeze.v index 99b1f6275..28ab550d2 100644 --- a/src/Specific/solinas64_2e141m9/freeze.v +++ b/src/Specific/solinas64_2e141m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e141m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e150m3/CurveParameters.v b/src/Specific/solinas64_2e150m3/CurveParameters.v index 3b5dbdd48..bf35f1164 100644 --- a/src/Specific/solinas64_2e150m3/CurveParameters.v +++ b/src/Specific/solinas64_2e150m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e150m3/femul.v b/src/Specific/solinas64_2e150m3/femul.v index 93dc6f33b..78ea2def5 100644 --- a/src/Specific/solinas64_2e150m3/femul.v +++ b/src/Specific/solinas64_2e150m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e150m3/fesquare.v b/src/Specific/solinas64_2e150m3/fesquare.v index ae9a5f780..1dff45ec2 100644 --- a/src/Specific/solinas64_2e150m3/fesquare.v +++ b/src/Specific/solinas64_2e150m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e150m3/freeze.v b/src/Specific/solinas64_2e150m3/freeze.v index a48b95941..cf4aab1df 100644 --- a/src/Specific/solinas64_2e150m3/freeze.v +++ b/src/Specific/solinas64_2e150m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e150m5/CurveParameters.v b/src/Specific/solinas64_2e150m5/CurveParameters.v index f486147b8..718dbb762 100644 --- a/src/Specific/solinas64_2e150m5/CurveParameters.v +++ b/src/Specific/solinas64_2e150m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e150m5/femul.v b/src/Specific/solinas64_2e150m5/femul.v index bd3f3ccce..5312aa8ea 100644 --- a/src/Specific/solinas64_2e150m5/femul.v +++ b/src/Specific/solinas64_2e150m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e150m5/fesquare.v b/src/Specific/solinas64_2e150m5/fesquare.v index dd9df6ff8..c8e0eac3d 100644 --- a/src/Specific/solinas64_2e150m5/fesquare.v +++ b/src/Specific/solinas64_2e150m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e150m5/freeze.v b/src/Specific/solinas64_2e150m5/freeze.v index d9be7c053..5ec58495e 100644 --- a/src/Specific/solinas64_2e150m5/freeze.v +++ b/src/Specific/solinas64_2e150m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e150m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e152m17/CurveParameters.v b/src/Specific/solinas64_2e152m17/CurveParameters.v index a171839df..2d7cd9ea1 100644 --- a/src/Specific/solinas64_2e152m17/CurveParameters.v +++ b/src/Specific/solinas64_2e152m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e152m17/femul.v b/src/Specific/solinas64_2e152m17/femul.v index cf75e2e1b..84c089ca7 100644 --- a/src/Specific/solinas64_2e152m17/femul.v +++ b/src/Specific/solinas64_2e152m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e152m17/fesquare.v b/src/Specific/solinas64_2e152m17/fesquare.v index bda80b139..134dcd936 100644 --- a/src/Specific/solinas64_2e152m17/fesquare.v +++ b/src/Specific/solinas64_2e152m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e152m17/freeze.v b/src/Specific/solinas64_2e152m17/freeze.v index b5e58a256..5a0a26e85 100644 --- a/src/Specific/solinas64_2e152m17/freeze.v +++ b/src/Specific/solinas64_2e152m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e152m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e158m15/CurveParameters.v b/src/Specific/solinas64_2e158m15/CurveParameters.v index 1302caf85..7016fa94e 100644 --- a/src/Specific/solinas64_2e158m15/CurveParameters.v +++ b/src/Specific/solinas64_2e158m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e158m15/femul.v b/src/Specific/solinas64_2e158m15/femul.v index aa97e498f..a58059d70 100644 --- a/src/Specific/solinas64_2e158m15/femul.v +++ b/src/Specific/solinas64_2e158m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e158m15/fesquare.v b/src/Specific/solinas64_2e158m15/fesquare.v index 35ebec493..14faabdc9 100644 --- a/src/Specific/solinas64_2e158m15/fesquare.v +++ b/src/Specific/solinas64_2e158m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e158m15/freeze.v b/src/Specific/solinas64_2e158m15/freeze.v index 88e853f1b..d00ac88fd 100644 --- a/src/Specific/solinas64_2e158m15/freeze.v +++ b/src/Specific/solinas64_2e158m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e158m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e165m25/CurveParameters.v b/src/Specific/solinas64_2e165m25/CurveParameters.v index b769fea46..25d170524 100644 --- a/src/Specific/solinas64_2e165m25/CurveParameters.v +++ b/src/Specific/solinas64_2e165m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e165m25/femul.v b/src/Specific/solinas64_2e165m25/femul.v index d313d1047..44d73e592 100644 --- a/src/Specific/solinas64_2e165m25/femul.v +++ b/src/Specific/solinas64_2e165m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e165m25/fesquare.v b/src/Specific/solinas64_2e165m25/fesquare.v index 97cdfae25..bfb55c80e 100644 --- a/src/Specific/solinas64_2e165m25/fesquare.v +++ b/src/Specific/solinas64_2e165m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e165m25/freeze.v b/src/Specific/solinas64_2e165m25/freeze.v index eee4a5682..b7e14e4fd 100644 --- a/src/Specific/solinas64_2e165m25/freeze.v +++ b/src/Specific/solinas64_2e165m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e165m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e166m5/CurveParameters.v b/src/Specific/solinas64_2e166m5/CurveParameters.v index ea8266421..7672318f0 100644 --- a/src/Specific/solinas64_2e166m5/CurveParameters.v +++ b/src/Specific/solinas64_2e166m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e166m5/femul.v b/src/Specific/solinas64_2e166m5/femul.v index a497284b4..aa0b1bd3d 100644 --- a/src/Specific/solinas64_2e166m5/femul.v +++ b/src/Specific/solinas64_2e166m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e166m5/fesquare.v b/src/Specific/solinas64_2e166m5/fesquare.v index e32d86d3f..a069848d3 100644 --- a/src/Specific/solinas64_2e166m5/fesquare.v +++ b/src/Specific/solinas64_2e166m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e166m5/freeze.v b/src/Specific/solinas64_2e166m5/freeze.v index 714f783e3..194098a02 100644 --- a/src/Specific/solinas64_2e166m5/freeze.v +++ b/src/Specific/solinas64_2e166m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e166m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e171m19/CurveParameters.v b/src/Specific/solinas64_2e171m19/CurveParameters.v index f07eed61b..9c8f78cbb 100644 --- a/src/Specific/solinas64_2e171m19/CurveParameters.v +++ b/src/Specific/solinas64_2e171m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e171m19/femul.v b/src/Specific/solinas64_2e171m19/femul.v index 9cee13f45..1ecb2ba74 100644 --- a/src/Specific/solinas64_2e171m19/femul.v +++ b/src/Specific/solinas64_2e171m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e171m19/fesquare.v b/src/Specific/solinas64_2e171m19/fesquare.v index 68d9032bc..4cc59a829 100644 --- a/src/Specific/solinas64_2e171m19/fesquare.v +++ b/src/Specific/solinas64_2e171m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e171m19/freeze.v b/src/Specific/solinas64_2e171m19/freeze.v index d0429d5e9..cce2fe794 100644 --- a/src/Specific/solinas64_2e171m19/freeze.v +++ b/src/Specific/solinas64_2e171m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e171m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e174m17/CurveParameters.v b/src/Specific/solinas64_2e174m17/CurveParameters.v index cd59a9160..cccbe28d9 100644 --- a/src/Specific/solinas64_2e174m17/CurveParameters.v +++ b/src/Specific/solinas64_2e174m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e174m17/femul.v b/src/Specific/solinas64_2e174m17/femul.v index 8dc10586c..38e5a9c44 100644 --- a/src/Specific/solinas64_2e174m17/femul.v +++ b/src/Specific/solinas64_2e174m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e174m17/fesquare.v b/src/Specific/solinas64_2e174m17/fesquare.v index fbe8c70cf..94bf887fc 100644 --- a/src/Specific/solinas64_2e174m17/fesquare.v +++ b/src/Specific/solinas64_2e174m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e174m17/freeze.v b/src/Specific/solinas64_2e174m17/freeze.v index dcb7ce4a5..9f53894ae 100644 --- a/src/Specific/solinas64_2e174m17/freeze.v +++ b/src/Specific/solinas64_2e174m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e174m3/CurveParameters.v b/src/Specific/solinas64_2e174m3/CurveParameters.v index add857a17..ef1b83ba0 100644 --- a/src/Specific/solinas64_2e174m3/CurveParameters.v +++ b/src/Specific/solinas64_2e174m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e174m3/femul.v b/src/Specific/solinas64_2e174m3/femul.v index 65ad73687..71a3cda97 100644 --- a/src/Specific/solinas64_2e174m3/femul.v +++ b/src/Specific/solinas64_2e174m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e174m3/fesquare.v b/src/Specific/solinas64_2e174m3/fesquare.v index d8363dd6c..81f37a621 100644 --- a/src/Specific/solinas64_2e174m3/fesquare.v +++ b/src/Specific/solinas64_2e174m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e174m3/freeze.v b/src/Specific/solinas64_2e174m3/freeze.v index e02586feb..a03bbe82a 100644 --- a/src/Specific/solinas64_2e174m3/freeze.v +++ b/src/Specific/solinas64_2e174m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e174m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e189m25/CurveParameters.v b/src/Specific/solinas64_2e189m25/CurveParameters.v index f4a62adbc..d36fff1d8 100644 --- a/src/Specific/solinas64_2e189m25/CurveParameters.v +++ b/src/Specific/solinas64_2e189m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e189m25/femul.v b/src/Specific/solinas64_2e189m25/femul.v index 8f1ac0330..0a396fedb 100644 --- a/src/Specific/solinas64_2e189m25/femul.v +++ b/src/Specific/solinas64_2e189m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e189m25/fesquare.v b/src/Specific/solinas64_2e189m25/fesquare.v index fec65e5fa..d68b1a9bd 100644 --- a/src/Specific/solinas64_2e189m25/fesquare.v +++ b/src/Specific/solinas64_2e189m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e189m25/freeze.v b/src/Specific/solinas64_2e189m25/freeze.v index 2906a9cc7..2e34dba5e 100644 --- a/src/Specific/solinas64_2e189m25/freeze.v +++ b/src/Specific/solinas64_2e189m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e189m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e190m11/CurveParameters.v b/src/Specific/solinas64_2e190m11/CurveParameters.v index 34d576ead..da8101a3f 100644 --- a/src/Specific/solinas64_2e190m11/CurveParameters.v +++ b/src/Specific/solinas64_2e190m11/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e190m11/femul.v b/src/Specific/solinas64_2e190m11/femul.v index 3deab4092..6954da082 100644 --- a/src/Specific/solinas64_2e190m11/femul.v +++ b/src/Specific/solinas64_2e190m11/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e190m11/fesquare.v b/src/Specific/solinas64_2e190m11/fesquare.v index edaf8a1a3..622f00e94 100644 --- a/src/Specific/solinas64_2e190m11/fesquare.v +++ b/src/Specific/solinas64_2e190m11/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e190m11/freeze.v b/src/Specific/solinas64_2e190m11/freeze.v index 638dd3dd6..bbc3c6459 100644 --- a/src/Specific/solinas64_2e190m11/freeze.v +++ b/src/Specific/solinas64_2e190m11/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e190m11.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e191m19/CurveParameters.v b/src/Specific/solinas64_2e191m19/CurveParameters.v index 2d0f66618..de1dfbf8b 100644 --- a/src/Specific/solinas64_2e191m19/CurveParameters.v +++ b/src/Specific/solinas64_2e191m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e191m19/femul.v b/src/Specific/solinas64_2e191m19/femul.v index de522d215..1b59946a8 100644 --- a/src/Specific/solinas64_2e191m19/femul.v +++ b/src/Specific/solinas64_2e191m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e191m19/fesquare.v b/src/Specific/solinas64_2e191m19/fesquare.v index e7321b8ed..69e2a0082 100644 --- a/src/Specific/solinas64_2e191m19/fesquare.v +++ b/src/Specific/solinas64_2e191m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e191m19/freeze.v b/src/Specific/solinas64_2e191m19/freeze.v index 8c416c3fe..65d975369 100644 --- a/src/Specific/solinas64_2e191m19/freeze.v +++ b/src/Specific/solinas64_2e191m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e191m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v b/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v index 67da4413d..0b605eea5 100644 --- a/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e192m2e64m1/femul.v b/src/Specific/solinas64_2e192m2e64m1/femul.v index 6db3540ea..de64f3d23 100644 --- a/src/Specific/solinas64_2e192m2e64m1/femul.v +++ b/src/Specific/solinas64_2e192m2e64m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e192m2e64m1/fesquare.v b/src/Specific/solinas64_2e192m2e64m1/fesquare.v index 793f280ea..95c5d2294 100644 --- a/src/Specific/solinas64_2e192m2e64m1/fesquare.v +++ b/src/Specific/solinas64_2e192m2e64m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e192m2e64m1/freeze.v b/src/Specific/solinas64_2e192m2e64m1/freeze.v index 093270d8b..c9243702e 100644 --- a/src/Specific/solinas64_2e192m2e64m1/freeze.v +++ b/src/Specific/solinas64_2e192m2e64m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e192m2e64m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e194m33/CurveParameters.v b/src/Specific/solinas64_2e194m33/CurveParameters.v index 5d3b8f54e..145f8cfa3 100644 --- a/src/Specific/solinas64_2e194m33/CurveParameters.v +++ b/src/Specific/solinas64_2e194m33/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e194m33/femul.v b/src/Specific/solinas64_2e194m33/femul.v index 1fb6e9859..d5361de61 100644 --- a/src/Specific/solinas64_2e194m33/femul.v +++ b/src/Specific/solinas64_2e194m33/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e194m33/fesquare.v b/src/Specific/solinas64_2e194m33/fesquare.v index af1ee2fcc..5a34d194e 100644 --- a/src/Specific/solinas64_2e194m33/fesquare.v +++ b/src/Specific/solinas64_2e194m33/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e194m33/freeze.v b/src/Specific/solinas64_2e194m33/freeze.v index 6e040077e..c585043fd 100644 --- a/src/Specific/solinas64_2e194m33/freeze.v +++ b/src/Specific/solinas64_2e194m33/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e194m33.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e196m15/CurveParameters.v b/src/Specific/solinas64_2e196m15/CurveParameters.v index b96fc274e..1d3245ba0 100644 --- a/src/Specific/solinas64_2e196m15/CurveParameters.v +++ b/src/Specific/solinas64_2e196m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e196m15/femul.v b/src/Specific/solinas64_2e196m15/femul.v index 9ddf9db05..0f4842b7b 100644 --- a/src/Specific/solinas64_2e196m15/femul.v +++ b/src/Specific/solinas64_2e196m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e196m15/fesquare.v b/src/Specific/solinas64_2e196m15/fesquare.v index 1f4b0923c..bc2fece87 100644 --- a/src/Specific/solinas64_2e196m15/fesquare.v +++ b/src/Specific/solinas64_2e196m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e196m15/freeze.v b/src/Specific/solinas64_2e196m15/freeze.v index 94f78409d..528dc0603 100644 --- a/src/Specific/solinas64_2e196m15/freeze.v +++ b/src/Specific/solinas64_2e196m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e196m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e198m17/CurveParameters.v b/src/Specific/solinas64_2e198m17/CurveParameters.v index b33c2e5ec..ae38f6968 100644 --- a/src/Specific/solinas64_2e198m17/CurveParameters.v +++ b/src/Specific/solinas64_2e198m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e198m17/femul.v b/src/Specific/solinas64_2e198m17/femul.v index 7bb9dbce7..0380b7994 100644 --- a/src/Specific/solinas64_2e198m17/femul.v +++ b/src/Specific/solinas64_2e198m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e198m17/fesquare.v b/src/Specific/solinas64_2e198m17/fesquare.v index d02a29ad1..28bdd3e06 100644 --- a/src/Specific/solinas64_2e198m17/fesquare.v +++ b/src/Specific/solinas64_2e198m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e198m17/freeze.v b/src/Specific/solinas64_2e198m17/freeze.v index 108d627e3..2ba20c0e4 100644 --- a/src/Specific/solinas64_2e198m17/freeze.v +++ b/src/Specific/solinas64_2e198m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e198m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v b/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v index 73e04415d..fc06a06c9 100644 --- a/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v +++ b/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e205m45x2e198m1/femul.v b/src/Specific/solinas64_2e205m45x2e198m1/femul.v index ed7590e15..ada96cd3d 100644 --- a/src/Specific/solinas64_2e205m45x2e198m1/femul.v +++ b/src/Specific/solinas64_2e205m45x2e198m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v b/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v index 3c32aeda2..1326e3efe 100644 --- a/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v +++ b/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e205m45x2e198m1/freeze.v b/src/Specific/solinas64_2e205m45x2e198m1/freeze.v index 67bcd0225..cc89d7425 100644 --- a/src/Specific/solinas64_2e205m45x2e198m1/freeze.v +++ b/src/Specific/solinas64_2e205m45x2e198m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e206m5/CurveParameters.v b/src/Specific/solinas64_2e206m5/CurveParameters.v index ac2cf35f3..c722b983b 100644 --- a/src/Specific/solinas64_2e206m5/CurveParameters.v +++ b/src/Specific/solinas64_2e206m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e206m5/femul.v b/src/Specific/solinas64_2e206m5/femul.v index d344ad1db..e7b659784 100644 --- a/src/Specific/solinas64_2e206m5/femul.v +++ b/src/Specific/solinas64_2e206m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e206m5/fesquare.v b/src/Specific/solinas64_2e206m5/fesquare.v index c06188613..60994ebd0 100644 --- a/src/Specific/solinas64_2e206m5/fesquare.v +++ b/src/Specific/solinas64_2e206m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e206m5/freeze.v b/src/Specific/solinas64_2e206m5/freeze.v index 4fc9ca136..dd8d1f044 100644 --- a/src/Specific/solinas64_2e206m5/freeze.v +++ b/src/Specific/solinas64_2e206m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e206m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e212m29/CurveParameters.v b/src/Specific/solinas64_2e212m29/CurveParameters.v index 9c508d117..87ab43407 100644 --- a/src/Specific/solinas64_2e212m29/CurveParameters.v +++ b/src/Specific/solinas64_2e212m29/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e212m29/femul.v b/src/Specific/solinas64_2e212m29/femul.v index f2f8e3eec..b25f57211 100644 --- a/src/Specific/solinas64_2e212m29/femul.v +++ b/src/Specific/solinas64_2e212m29/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e212m29/fesquare.v b/src/Specific/solinas64_2e212m29/fesquare.v index 3af075eee..7d07cdb8e 100644 --- a/src/Specific/solinas64_2e212m29/fesquare.v +++ b/src/Specific/solinas64_2e212m29/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e212m29/freeze.v b/src/Specific/solinas64_2e212m29/freeze.v index 759086c34..dee41bcb4 100644 --- a/src/Specific/solinas64_2e212m29/freeze.v +++ b/src/Specific/solinas64_2e212m29/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e212m29.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e213m3/CurveParameters.v b/src/Specific/solinas64_2e213m3/CurveParameters.v index 709dccc29..8022eb3ed 100644 --- a/src/Specific/solinas64_2e213m3/CurveParameters.v +++ b/src/Specific/solinas64_2e213m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e213m3/femul.v b/src/Specific/solinas64_2e213m3/femul.v index 3e1d54398..4015e75ec 100644 --- a/src/Specific/solinas64_2e213m3/femul.v +++ b/src/Specific/solinas64_2e213m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e213m3/fesquare.v b/src/Specific/solinas64_2e213m3/fesquare.v index 663ba494d..bab6cde1c 100644 --- a/src/Specific/solinas64_2e213m3/fesquare.v +++ b/src/Specific/solinas64_2e213m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e213m3/freeze.v b/src/Specific/solinas64_2e213m3/freeze.v index a2feaf97f..c7d3cc6fc 100644 --- a/src/Specific/solinas64_2e213m3/freeze.v +++ b/src/Specific/solinas64_2e213m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e213m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v b/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v index fc0f08e45..9bd95fba4 100644 --- a/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e216m2e108m1/femul.v b/src/Specific/solinas64_2e216m2e108m1/femul.v index ee74263f8..103102556 100644 --- a/src/Specific/solinas64_2e216m2e108m1/femul.v +++ b/src/Specific/solinas64_2e216m2e108m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e216m2e108m1/fesquare.v b/src/Specific/solinas64_2e216m2e108m1/fesquare.v index 824b92f04..f813b25fb 100644 --- a/src/Specific/solinas64_2e216m2e108m1/fesquare.v +++ b/src/Specific/solinas64_2e216m2e108m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e216m2e108m1/freeze.v b/src/Specific/solinas64_2e216m2e108m1/freeze.v index d8d9008c9..90e0205ac 100644 --- a/src/Specific/solinas64_2e216m2e108m1/freeze.v +++ b/src/Specific/solinas64_2e216m2e108m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e216m2e108m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e221m3/CurveParameters.v b/src/Specific/solinas64_2e221m3/CurveParameters.v index 80d07c36c..fa880e875 100644 --- a/src/Specific/solinas64_2e221m3/CurveParameters.v +++ b/src/Specific/solinas64_2e221m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e221m3/femul.v b/src/Specific/solinas64_2e221m3/femul.v index e832b8bde..aa8fca1d0 100644 --- a/src/Specific/solinas64_2e221m3/femul.v +++ b/src/Specific/solinas64_2e221m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e221m3/fesquare.v b/src/Specific/solinas64_2e221m3/fesquare.v index f07ba64ff..b3b789da0 100644 --- a/src/Specific/solinas64_2e221m3/fesquare.v +++ b/src/Specific/solinas64_2e221m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e221m3/freeze.v b/src/Specific/solinas64_2e221m3/freeze.v index 08fa26edb..bb778b4e0 100644 --- a/src/Specific/solinas64_2e221m3/freeze.v +++ b/src/Specific/solinas64_2e221m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e221m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e222m117/CurveParameters.v b/src/Specific/solinas64_2e222m117/CurveParameters.v index 8385730c6..52d07cc8e 100644 --- a/src/Specific/solinas64_2e222m117/CurveParameters.v +++ b/src/Specific/solinas64_2e222m117/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e222m117/femul.v b/src/Specific/solinas64_2e222m117/femul.v index 003b9de75..56e0d14d3 100644 --- a/src/Specific/solinas64_2e222m117/femul.v +++ b/src/Specific/solinas64_2e222m117/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e222m117/fesquare.v b/src/Specific/solinas64_2e222m117/fesquare.v index 3c56d3496..bb3bcb00f 100644 --- a/src/Specific/solinas64_2e222m117/fesquare.v +++ b/src/Specific/solinas64_2e222m117/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e222m117/freeze.v b/src/Specific/solinas64_2e222m117/freeze.v index 1113a6619..cd04b3dec 100644 --- a/src/Specific/solinas64_2e222m117/freeze.v +++ b/src/Specific/solinas64_2e222m117/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e222m117.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v b/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v index b8da00ee3..9a4d93212 100644 --- a/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e224m2e96p1/femul.v b/src/Specific/solinas64_2e224m2e96p1/femul.v index 04a891c54..883ace718 100644 --- a/src/Specific/solinas64_2e224m2e96p1/femul.v +++ b/src/Specific/solinas64_2e224m2e96p1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e224m2e96p1/fesquare.v b/src/Specific/solinas64_2e224m2e96p1/fesquare.v index 0f6ee91ea..41035d223 100644 --- a/src/Specific/solinas64_2e224m2e96p1/fesquare.v +++ b/src/Specific/solinas64_2e224m2e96p1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e224m2e96p1/freeze.v b/src/Specific/solinas64_2e224m2e96p1/freeze.v index c50291623..cc1afe287 100644 --- a/src/Specific/solinas64_2e224m2e96p1/freeze.v +++ b/src/Specific/solinas64_2e224m2e96p1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e224m2e96p1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e226m5/CurveParameters.v b/src/Specific/solinas64_2e226m5/CurveParameters.v index dc06ba562..07474bfa5 100644 --- a/src/Specific/solinas64_2e226m5/CurveParameters.v +++ b/src/Specific/solinas64_2e226m5/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e226m5/femul.v b/src/Specific/solinas64_2e226m5/femul.v index 35499708c..9ee1a7e1b 100644 --- a/src/Specific/solinas64_2e226m5/femul.v +++ b/src/Specific/solinas64_2e226m5/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e226m5/fesquare.v b/src/Specific/solinas64_2e226m5/fesquare.v index 199a7540a..b1f66cde3 100644 --- a/src/Specific/solinas64_2e226m5/fesquare.v +++ b/src/Specific/solinas64_2e226m5/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e226m5/freeze.v b/src/Specific/solinas64_2e226m5/freeze.v index edc65f60d..0de45c7a5 100644 --- a/src/Specific/solinas64_2e226m5/freeze.v +++ b/src/Specific/solinas64_2e226m5/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e226m5.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e230m27/CurveParameters.v b/src/Specific/solinas64_2e230m27/CurveParameters.v index f5370f16f..881ad3371 100644 --- a/src/Specific/solinas64_2e230m27/CurveParameters.v +++ b/src/Specific/solinas64_2e230m27/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e230m27/femul.v b/src/Specific/solinas64_2e230m27/femul.v index 31fa7948d..d63b91d4a 100644 --- a/src/Specific/solinas64_2e230m27/femul.v +++ b/src/Specific/solinas64_2e230m27/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e230m27/fesquare.v b/src/Specific/solinas64_2e230m27/fesquare.v index 613acc13f..f21086d15 100644 --- a/src/Specific/solinas64_2e230m27/fesquare.v +++ b/src/Specific/solinas64_2e230m27/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e230m27/freeze.v b/src/Specific/solinas64_2e230m27/freeze.v index 5f89077dd..90077aae4 100644 --- a/src/Specific/solinas64_2e230m27/freeze.v +++ b/src/Specific/solinas64_2e230m27/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e230m27.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e235m15/CurveParameters.v b/src/Specific/solinas64_2e235m15/CurveParameters.v index 29b3a512c..782c518d0 100644 --- a/src/Specific/solinas64_2e235m15/CurveParameters.v +++ b/src/Specific/solinas64_2e235m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e235m15/femul.v b/src/Specific/solinas64_2e235m15/femul.v index 0af89ab4e..db3bbfd86 100644 --- a/src/Specific/solinas64_2e235m15/femul.v +++ b/src/Specific/solinas64_2e235m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e235m15/fesquare.v b/src/Specific/solinas64_2e235m15/fesquare.v index 96d151af7..adf2125a3 100644 --- a/src/Specific/solinas64_2e235m15/fesquare.v +++ b/src/Specific/solinas64_2e235m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e235m15/freeze.v b/src/Specific/solinas64_2e235m15/freeze.v index 660941de1..08f3672ff 100644 --- a/src/Specific/solinas64_2e235m15/freeze.v +++ b/src/Specific/solinas64_2e235m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e235m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e243m9/CurveParameters.v b/src/Specific/solinas64_2e243m9/CurveParameters.v index 5387aae69..f82527cda 100644 --- a/src/Specific/solinas64_2e243m9/CurveParameters.v +++ b/src/Specific/solinas64_2e243m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e243m9/femul.v b/src/Specific/solinas64_2e243m9/femul.v index 1236a315f..f12e29622 100644 --- a/src/Specific/solinas64_2e243m9/femul.v +++ b/src/Specific/solinas64_2e243m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e243m9/fesquare.v b/src/Specific/solinas64_2e243m9/fesquare.v index dd63ef01b..ad3565c62 100644 --- a/src/Specific/solinas64_2e243m9/fesquare.v +++ b/src/Specific/solinas64_2e243m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e243m9/freeze.v b/src/Specific/solinas64_2e243m9/freeze.v index f733c0429..38bc105b9 100644 --- a/src/Specific/solinas64_2e243m9/freeze.v +++ b/src/Specific/solinas64_2e243m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e243m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e251m9/CurveParameters.v b/src/Specific/solinas64_2e251m9/CurveParameters.v index d322589c9..0a70c2d9c 100644 --- a/src/Specific/solinas64_2e251m9/CurveParameters.v +++ b/src/Specific/solinas64_2e251m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e251m9/femul.v b/src/Specific/solinas64_2e251m9/femul.v index beaa1363a..2093c4588 100644 --- a/src/Specific/solinas64_2e251m9/femul.v +++ b/src/Specific/solinas64_2e251m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e251m9/fesquare.v b/src/Specific/solinas64_2e251m9/fesquare.v index 2d696d431..aa043b1d8 100644 --- a/src/Specific/solinas64_2e251m9/fesquare.v +++ b/src/Specific/solinas64_2e251m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e251m9/freeze.v b/src/Specific/solinas64_2e251m9/freeze.v index 6401b8d23..bf3f93cf8 100644 --- a/src/Specific/solinas64_2e251m9/freeze.v +++ b/src/Specific/solinas64_2e251m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e251m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v b/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v index 121e14ecb..c3d5cadb3 100644 --- a/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v +++ b/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e254m127x2e240m1/femul.v b/src/Specific/solinas64_2e254m127x2e240m1/femul.v index ac9275024..0f78f96e2 100644 --- a/src/Specific/solinas64_2e254m127x2e240m1/femul.v +++ b/src/Specific/solinas64_2e254m127x2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v b/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v index 1f8dd73f5..6a2042afc 100644 --- a/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v +++ b/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e254m127x2e240m1/freeze.v b/src/Specific/solinas64_2e254m127x2e240m1/freeze.v index 48ccdaea9..395568eea 100644 --- a/src/Specific/solinas64_2e254m127x2e240m1/freeze.v +++ b/src/Specific/solinas64_2e254m127x2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e255m19/CurveParameters.v b/src/Specific/solinas64_2e255m19/CurveParameters.v index 8b66cd4a0..0e01137f3 100644 --- a/src/Specific/solinas64_2e255m19/CurveParameters.v +++ b/src/Specific/solinas64_2e255m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e255m19/femul.v b/src/Specific/solinas64_2e255m19/femul.v index 03161ea6a..9c14958ec 100644 --- a/src/Specific/solinas64_2e255m19/femul.v +++ b/src/Specific/solinas64_2e255m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e255m19/fesquare.v b/src/Specific/solinas64_2e255m19/fesquare.v index f284b7bcd..52ecdfeef 100644 --- a/src/Specific/solinas64_2e255m19/fesquare.v +++ b/src/Specific/solinas64_2e255m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e255m19/freeze.v b/src/Specific/solinas64_2e255m19/freeze.v index 30c397bd1..cbdaf4afd 100644 --- a/src/Specific/solinas64_2e255m19/freeze.v +++ b/src/Specific/solinas64_2e255m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v index e02d32c2b..9fc910069 100644 --- a/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e255m2e4m2e1m1/femul.v b/src/Specific/solinas64_2e255m2e4m2e1m1/femul.v index 14820c29b..ebce83c32 100644 --- a/src/Specific/solinas64_2e255m2e4m2e1m1/femul.v +++ b/src/Specific/solinas64_2e255m2e4m2e1m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e255m2e4m2e1m1/fesquare.v b/src/Specific/solinas64_2e255m2e4m2e1m1/fesquare.v index e36113d72..da0008525 100644 --- a/src/Specific/solinas64_2e255m2e4m2e1m1/fesquare.v +++ b/src/Specific/solinas64_2e255m2e4m2e1m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e255m2e4m2e1m1/freeze.v b/src/Specific/solinas64_2e255m2e4m2e1m1/freeze.v index 7e1dc2694..1ad696f70 100644 --- a/src/Specific/solinas64_2e255m2e4m2e1m1/freeze.v +++ b/src/Specific/solinas64_2e255m2e4m2e1m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m2e4m2e1m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e255m765/CurveParameters.v b/src/Specific/solinas64_2e255m765/CurveParameters.v index 6a71be913..b539bfcba 100644 --- a/src/Specific/solinas64_2e255m765/CurveParameters.v +++ b/src/Specific/solinas64_2e255m765/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e255m765/femul.v b/src/Specific/solinas64_2e255m765/femul.v index 350689714..c41815e9f 100644 --- a/src/Specific/solinas64_2e255m765/femul.v +++ b/src/Specific/solinas64_2e255m765/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e255m765/fesquare.v b/src/Specific/solinas64_2e255m765/fesquare.v index e3aeb0b63..400b58331 100644 --- a/src/Specific/solinas64_2e255m765/fesquare.v +++ b/src/Specific/solinas64_2e255m765/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e255m765/freeze.v b/src/Specific/solinas64_2e255m765/freeze.v index ef8417be3..96871f4f1 100644 --- a/src/Specific/solinas64_2e255m765/freeze.v +++ b/src/Specific/solinas64_2e255m765/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e255m765.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e256m189/CurveParameters.v b/src/Specific/solinas64_2e256m189/CurveParameters.v index c5cfe895a..3faf572c1 100644 --- a/src/Specific/solinas64_2e256m189/CurveParameters.v +++ b/src/Specific/solinas64_2e256m189/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e256m189/femul.v b/src/Specific/solinas64_2e256m189/femul.v index 1f911915e..5f55b3e86 100644 --- a/src/Specific/solinas64_2e256m189/femul.v +++ b/src/Specific/solinas64_2e256m189/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e256m189/fesquare.v b/src/Specific/solinas64_2e256m189/fesquare.v index e84de71a7..9c28a7755 100644 --- a/src/Specific/solinas64_2e256m189/fesquare.v +++ b/src/Specific/solinas64_2e256m189/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e256m189/freeze.v b/src/Specific/solinas64_2e256m189/freeze.v index ae621e819..4aad6407e 100644 --- a/src/Specific/solinas64_2e256m189/freeze.v +++ b/src/Specific/solinas64_2e256m189/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m189.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v index 8eb76146f..00a7b7726 100644 --- a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/femul.v b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/femul.v index 97363f7f4..28a8ba1ce 100644 --- a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/femul.v +++ b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/fesquare.v b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/fesquare.v index 7a3a25c64..a46867d6c 100644 --- a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/fesquare.v +++ b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/freeze.v b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/freeze.v index 304343493..863e682c4 100644 --- a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/freeze.v +++ b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e224p2e192p2e96m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v b/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v index 729cf0fbd..68cb8dcd8 100644 --- a/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e256m2e32m977/femul.v b/src/Specific/solinas64_2e256m2e32m977/femul.v index d879e9eb7..c66074483 100644 --- a/src/Specific/solinas64_2e256m2e32m977/femul.v +++ b/src/Specific/solinas64_2e256m2e32m977/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e256m2e32m977/fesquare.v b/src/Specific/solinas64_2e256m2e32m977/fesquare.v index 5288aaa13..5e58ca1e2 100644 --- a/src/Specific/solinas64_2e256m2e32m977/fesquare.v +++ b/src/Specific/solinas64_2e256m2e32m977/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e256m2e32m977/freeze.v b/src/Specific/solinas64_2e256m2e32m977/freeze.v index ace27596c..78671d8d1 100644 --- a/src/Specific/solinas64_2e256m2e32m977/freeze.v +++ b/src/Specific/solinas64_2e256m2e32m977/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m2e32m977.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v b/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v index 318dec010..1679a5878 100644 --- a/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v +++ b/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e256m88x2e240m1/femul.v b/src/Specific/solinas64_2e256m88x2e240m1/femul.v index 998ca23b3..06a7ecc3c 100644 --- a/src/Specific/solinas64_2e256m88x2e240m1/femul.v +++ b/src/Specific/solinas64_2e256m88x2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v b/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v index 34ea58eda..e95e08977 100644 --- a/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v +++ b/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e256m88x2e240m1/freeze.v b/src/Specific/solinas64_2e256m88x2e240m1/freeze.v index 36643c70a..bc262af7c 100644 --- a/src/Specific/solinas64_2e256m88x2e240m1/freeze.v +++ b/src/Specific/solinas64_2e256m88x2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e266m3/CurveParameters.v b/src/Specific/solinas64_2e266m3/CurveParameters.v index fd8997066..c6a6d6f0f 100644 --- a/src/Specific/solinas64_2e266m3/CurveParameters.v +++ b/src/Specific/solinas64_2e266m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e266m3/femul.v b/src/Specific/solinas64_2e266m3/femul.v index d4c9e7362..83533bf81 100644 --- a/src/Specific/solinas64_2e266m3/femul.v +++ b/src/Specific/solinas64_2e266m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e266m3/fesquare.v b/src/Specific/solinas64_2e266m3/fesquare.v index 674c62a32..f1e61f87f 100644 --- a/src/Specific/solinas64_2e266m3/fesquare.v +++ b/src/Specific/solinas64_2e266m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e266m3/freeze.v b/src/Specific/solinas64_2e266m3/freeze.v index 4a16e2d4a..500e5524c 100644 --- a/src/Specific/solinas64_2e266m3/freeze.v +++ b/src/Specific/solinas64_2e266m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e266m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e285m9/CurveParameters.v b/src/Specific/solinas64_2e285m9/CurveParameters.v index 181c8eb7a..983ba5c44 100644 --- a/src/Specific/solinas64_2e285m9/CurveParameters.v +++ b/src/Specific/solinas64_2e285m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e285m9/femul.v b/src/Specific/solinas64_2e285m9/femul.v index 1bf49d36d..21ca34895 100644 --- a/src/Specific/solinas64_2e285m9/femul.v +++ b/src/Specific/solinas64_2e285m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e285m9/fesquare.v b/src/Specific/solinas64_2e285m9/fesquare.v index 828bbde72..faf848f1d 100644 --- a/src/Specific/solinas64_2e285m9/fesquare.v +++ b/src/Specific/solinas64_2e285m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e285m9/freeze.v b/src/Specific/solinas64_2e285m9/freeze.v index ad81f4345..504727825 100644 --- a/src/Specific/solinas64_2e285m9/freeze.v +++ b/src/Specific/solinas64_2e285m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e285m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e291m19/CurveParameters.v b/src/Specific/solinas64_2e291m19/CurveParameters.v index 3cc49a95a..ce2892f3c 100644 --- a/src/Specific/solinas64_2e291m19/CurveParameters.v +++ b/src/Specific/solinas64_2e291m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e291m19/femul.v b/src/Specific/solinas64_2e291m19/femul.v index 8c1c05c03..2180a0d8a 100644 --- a/src/Specific/solinas64_2e291m19/femul.v +++ b/src/Specific/solinas64_2e291m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e291m19/fesquare.v b/src/Specific/solinas64_2e291m19/fesquare.v index a0947927e..8a8b0341c 100644 --- a/src/Specific/solinas64_2e291m19/fesquare.v +++ b/src/Specific/solinas64_2e291m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e291m19/freeze.v b/src/Specific/solinas64_2e291m19/freeze.v index 0c2f49e06..b115165c8 100644 --- a/src/Specific/solinas64_2e291m19/freeze.v +++ b/src/Specific/solinas64_2e291m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e291m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e321m9/CurveParameters.v b/src/Specific/solinas64_2e321m9/CurveParameters.v index 4813d5a75..237d94057 100644 --- a/src/Specific/solinas64_2e321m9/CurveParameters.v +++ b/src/Specific/solinas64_2e321m9/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e321m9/femul.v b/src/Specific/solinas64_2e321m9/femul.v index 03d4aae34..c031af451 100644 --- a/src/Specific/solinas64_2e321m9/femul.v +++ b/src/Specific/solinas64_2e321m9/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e321m9/fesquare.v b/src/Specific/solinas64_2e321m9/fesquare.v index 9d7b962c1..c45849160 100644 --- a/src/Specific/solinas64_2e321m9/fesquare.v +++ b/src/Specific/solinas64_2e321m9/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e321m9/freeze.v b/src/Specific/solinas64_2e321m9/freeze.v index be9f9f183..308011642 100644 --- a/src/Specific/solinas64_2e321m9/freeze.v +++ b/src/Specific/solinas64_2e321m9/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e321m9.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v b/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v index b01476d80..53426dc32 100644 --- a/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e322m2e161m1/femul.v b/src/Specific/solinas64_2e322m2e161m1/femul.v index 74a26dcf1..5e1eb88b1 100644 --- a/src/Specific/solinas64_2e322m2e161m1/femul.v +++ b/src/Specific/solinas64_2e322m2e161m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e322m2e161m1/fesquare.v b/src/Specific/solinas64_2e322m2e161m1/fesquare.v index a21febd23..018fb3e3c 100644 --- a/src/Specific/solinas64_2e322m2e161m1/fesquare.v +++ b/src/Specific/solinas64_2e322m2e161m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e322m2e161m1/freeze.v b/src/Specific/solinas64_2e322m2e161m1/freeze.v index 43fab11cc..5c9bb1c67 100644 --- a/src/Specific/solinas64_2e322m2e161m1/freeze.v +++ b/src/Specific/solinas64_2e322m2e161m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e322m2e161m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e336m17/CurveParameters.v b/src/Specific/solinas64_2e336m17/CurveParameters.v index f3415361d..bfc39f125 100644 --- a/src/Specific/solinas64_2e336m17/CurveParameters.v +++ b/src/Specific/solinas64_2e336m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e336m17/femul.v b/src/Specific/solinas64_2e336m17/femul.v index ffd402365..9d162fcd0 100644 --- a/src/Specific/solinas64_2e336m17/femul.v +++ b/src/Specific/solinas64_2e336m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e336m17/fesquare.v b/src/Specific/solinas64_2e336m17/fesquare.v index 015d213ad..622bb2e2a 100644 --- a/src/Specific/solinas64_2e336m17/fesquare.v +++ b/src/Specific/solinas64_2e336m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e336m17/freeze.v b/src/Specific/solinas64_2e336m17/freeze.v index a4b6fb12d..7f76aa11c 100644 --- a/src/Specific/solinas64_2e336m17/freeze.v +++ b/src/Specific/solinas64_2e336m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e336m3/CurveParameters.v b/src/Specific/solinas64_2e336m3/CurveParameters.v index a13a5c103..d96a4df65 100644 --- a/src/Specific/solinas64_2e336m3/CurveParameters.v +++ b/src/Specific/solinas64_2e336m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e336m3/femul.v b/src/Specific/solinas64_2e336m3/femul.v index bbcf8a69d..ebf445dde 100644 --- a/src/Specific/solinas64_2e336m3/femul.v +++ b/src/Specific/solinas64_2e336m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e336m3/fesquare.v b/src/Specific/solinas64_2e336m3/fesquare.v index 900d9d7a4..11bc75324 100644 --- a/src/Specific/solinas64_2e336m3/fesquare.v +++ b/src/Specific/solinas64_2e336m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e336m3/freeze.v b/src/Specific/solinas64_2e336m3/freeze.v index 5aac90ce3..d40fe4ed0 100644 --- a/src/Specific/solinas64_2e336m3/freeze.v +++ b/src/Specific/solinas64_2e336m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e336m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e338m15/CurveParameters.v b/src/Specific/solinas64_2e338m15/CurveParameters.v index 01885b97d..51da3f012 100644 --- a/src/Specific/solinas64_2e338m15/CurveParameters.v +++ b/src/Specific/solinas64_2e338m15/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e338m15/femul.v b/src/Specific/solinas64_2e338m15/femul.v index f66328f3d..df0ffe73a 100644 --- a/src/Specific/solinas64_2e338m15/femul.v +++ b/src/Specific/solinas64_2e338m15/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e338m15/fesquare.v b/src/Specific/solinas64_2e338m15/fesquare.v index e8f705302..5db3b3293 100644 --- a/src/Specific/solinas64_2e338m15/fesquare.v +++ b/src/Specific/solinas64_2e338m15/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e338m15/freeze.v b/src/Specific/solinas64_2e338m15/freeze.v index 72d4b9405..7c101a37c 100644 --- a/src/Specific/solinas64_2e338m15/freeze.v +++ b/src/Specific/solinas64_2e338m15/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e338m15.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e369m25/CurveParameters.v b/src/Specific/solinas64_2e369m25/CurveParameters.v index 7cf3e2518..e9bdceb4f 100644 --- a/src/Specific/solinas64_2e369m25/CurveParameters.v +++ b/src/Specific/solinas64_2e369m25/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e369m25/femul.v b/src/Specific/solinas64_2e369m25/femul.v index 161f52ba0..9f388998b 100644 --- a/src/Specific/solinas64_2e369m25/femul.v +++ b/src/Specific/solinas64_2e369m25/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e369m25/fesquare.v b/src/Specific/solinas64_2e369m25/fesquare.v index 888970715..fbaa5da9c 100644 --- a/src/Specific/solinas64_2e369m25/fesquare.v +++ b/src/Specific/solinas64_2e369m25/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e369m25/freeze.v b/src/Specific/solinas64_2e369m25/freeze.v index 2b84327e4..adf81969b 100644 --- a/src/Specific/solinas64_2e369m25/freeze.v +++ b/src/Specific/solinas64_2e369m25/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e369m25.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e379m19/CurveParameters.v b/src/Specific/solinas64_2e379m19/CurveParameters.v index 57e5253a7..328340177 100644 --- a/src/Specific/solinas64_2e379m19/CurveParameters.v +++ b/src/Specific/solinas64_2e379m19/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e379m19/femul.v b/src/Specific/solinas64_2e379m19/femul.v index 516181b39..bf674cdac 100644 --- a/src/Specific/solinas64_2e379m19/femul.v +++ b/src/Specific/solinas64_2e379m19/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e379m19/fesquare.v b/src/Specific/solinas64_2e379m19/fesquare.v index bb0d3f332..786de8c38 100644 --- a/src/Specific/solinas64_2e379m19/fesquare.v +++ b/src/Specific/solinas64_2e379m19/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e379m19/freeze.v b/src/Specific/solinas64_2e379m19/freeze.v index ac35825d8..72f6e1d54 100644 --- a/src/Specific/solinas64_2e379m19/freeze.v +++ b/src/Specific/solinas64_2e379m19/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e379m19.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e382m105/CurveParameters.v b/src/Specific/solinas64_2e382m105/CurveParameters.v index 7a7ae9ea2..556c60ca5 100644 --- a/src/Specific/solinas64_2e382m105/CurveParameters.v +++ b/src/Specific/solinas64_2e382m105/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e382m105/femul.v b/src/Specific/solinas64_2e382m105/femul.v index c5fce8202..f60f85b90 100644 --- a/src/Specific/solinas64_2e382m105/femul.v +++ b/src/Specific/solinas64_2e382m105/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e382m105/fesquare.v b/src/Specific/solinas64_2e382m105/fesquare.v index 1ef6b3973..0c7767474 100644 --- a/src/Specific/solinas64_2e382m105/fesquare.v +++ b/src/Specific/solinas64_2e382m105/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e382m105/freeze.v b/src/Specific/solinas64_2e382m105/freeze.v index 93d7bf1e1..f3e53ea57 100644 --- a/src/Specific/solinas64_2e382m105/freeze.v +++ b/src/Specific/solinas64_2e382m105/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e382m105.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v index 9c48feacd..80c0d0de2 100644 --- a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/femul.v b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/femul.v index 200b1e83e..390bb085d 100644 --- a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/femul.v +++ b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/fesquare.v b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/fesquare.v index 72ee12ad6..63a5c7b39 100644 --- a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/fesquare.v +++ b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/freeze.v b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/freeze.v index bca2d8b76..6c492eb1b 100644 --- a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/freeze.v +++ b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m2e128m2e96p2e32m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e384m317/CurveParameters.v b/src/Specific/solinas64_2e384m317/CurveParameters.v index f08624b81..98c11d04c 100644 --- a/src/Specific/solinas64_2e384m317/CurveParameters.v +++ b/src/Specific/solinas64_2e384m317/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e384m317/femul.v b/src/Specific/solinas64_2e384m317/femul.v index cf26eef23..dfaa5d2e0 100644 --- a/src/Specific/solinas64_2e384m317/femul.v +++ b/src/Specific/solinas64_2e384m317/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e384m317/fesquare.v b/src/Specific/solinas64_2e384m317/fesquare.v index 35051d2b3..0a21797c0 100644 --- a/src/Specific/solinas64_2e384m317/fesquare.v +++ b/src/Specific/solinas64_2e384m317/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e384m317/freeze.v b/src/Specific/solinas64_2e384m317/freeze.v index 89a321f88..749872ffa 100644 --- a/src/Specific/solinas64_2e384m317/freeze.v +++ b/src/Specific/solinas64_2e384m317/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m317.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v b/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v index c5c19f790..464bdd196 100644 --- a/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v +++ b/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e384m5x2e368m1/femul.v b/src/Specific/solinas64_2e384m5x2e368m1/femul.v index a125a1c48..43a736efb 100644 --- a/src/Specific/solinas64_2e384m5x2e368m1/femul.v +++ b/src/Specific/solinas64_2e384m5x2e368m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v b/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v index c7189459d..720b3d6e9 100644 --- a/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v +++ b/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e384m5x2e368m1/freeze.v b/src/Specific/solinas64_2e384m5x2e368m1/freeze.v index 0cbc13418..50e555fdc 100644 --- a/src/Specific/solinas64_2e384m5x2e368m1/freeze.v +++ b/src/Specific/solinas64_2e384m5x2e368m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v b/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v index 2731ca0bc..aa9062b2b 100644 --- a/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v +++ b/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e384m79x2e376m1/femul.v b/src/Specific/solinas64_2e384m79x2e376m1/femul.v index bbe9a04c7..5b2fbc588 100644 --- a/src/Specific/solinas64_2e384m79x2e376m1/femul.v +++ b/src/Specific/solinas64_2e384m79x2e376m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v b/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v index 8530053ba..c1b626bd0 100644 --- a/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v +++ b/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e384m79x2e376m1/freeze.v b/src/Specific/solinas64_2e384m79x2e376m1/freeze.v index 8d09d46b8..63d49ad6d 100644 --- a/src/Specific/solinas64_2e384m79x2e376m1/freeze.v +++ b/src/Specific/solinas64_2e384m79x2e376m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e401m31/CurveParameters.v b/src/Specific/solinas64_2e401m31/CurveParameters.v index 93adb078d..bd98620a8 100644 --- a/src/Specific/solinas64_2e401m31/CurveParameters.v +++ b/src/Specific/solinas64_2e401m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e401m31/femul.v b/src/Specific/solinas64_2e401m31/femul.v index 44cc10cc4..57a494bd3 100644 --- a/src/Specific/solinas64_2e401m31/femul.v +++ b/src/Specific/solinas64_2e401m31/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e401m31/fesquare.v b/src/Specific/solinas64_2e401m31/fesquare.v index f9bf9175f..9e47f3f43 100644 --- a/src/Specific/solinas64_2e401m31/fesquare.v +++ b/src/Specific/solinas64_2e401m31/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e401m31/freeze.v b/src/Specific/solinas64_2e401m31/freeze.v index e86f5274d..903d88e01 100644 --- a/src/Specific/solinas64_2e401m31/freeze.v +++ b/src/Specific/solinas64_2e401m31/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e401m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e413m21/CurveParameters.v b/src/Specific/solinas64_2e413m21/CurveParameters.v index 97ac0b6f0..d383b4fa8 100644 --- a/src/Specific/solinas64_2e413m21/CurveParameters.v +++ b/src/Specific/solinas64_2e413m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e413m21/femul.v b/src/Specific/solinas64_2e413m21/femul.v index 20a671ba1..4e83757fa 100644 --- a/src/Specific/solinas64_2e413m21/femul.v +++ b/src/Specific/solinas64_2e413m21/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e413m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e413m21/fesquare.v b/src/Specific/solinas64_2e413m21/fesquare.v index 21920016f..b2a54684c 100644 --- a/src/Specific/solinas64_2e413m21/fesquare.v +++ b/src/Specific/solinas64_2e413m21/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e413m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e413m21/freeze.v b/src/Specific/solinas64_2e413m21/freeze.v index 137bf018c..ba2d0beaa 100644 --- a/src/Specific/solinas64_2e413m21/freeze.v +++ b/src/Specific/solinas64_2e413m21/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e413m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e414m17/CurveParameters.v b/src/Specific/solinas64_2e414m17/CurveParameters.v index 75c1d6051..d06e02006 100644 --- a/src/Specific/solinas64_2e414m17/CurveParameters.v +++ b/src/Specific/solinas64_2e414m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e414m17/femul.v b/src/Specific/solinas64_2e414m17/femul.v index 06b417c7a..1b95a5859 100644 --- a/src/Specific/solinas64_2e414m17/femul.v +++ b/src/Specific/solinas64_2e414m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e414m17/fesquare.v b/src/Specific/solinas64_2e414m17/fesquare.v index 9768c51bf..de9cbbd8c 100644 --- a/src/Specific/solinas64_2e414m17/fesquare.v +++ b/src/Specific/solinas64_2e414m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e414m17/freeze.v b/src/Specific/solinas64_2e414m17/freeze.v index 8202136ad..7574a70dd 100644 --- a/src/Specific/solinas64_2e414m17/freeze.v +++ b/src/Specific/solinas64_2e414m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e414m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v b/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v index f77f00844..b7c68efb5 100644 --- a/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e416m2e208m1/femul.v b/src/Specific/solinas64_2e416m2e208m1/femul.v index f35ee0d20..6bfc5be2f 100644 --- a/src/Specific/solinas64_2e416m2e208m1/femul.v +++ b/src/Specific/solinas64_2e416m2e208m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e416m2e208m1/fesquare.v b/src/Specific/solinas64_2e416m2e208m1/fesquare.v index cad70e764..db50753e7 100644 --- a/src/Specific/solinas64_2e416m2e208m1/fesquare.v +++ b/src/Specific/solinas64_2e416m2e208m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e416m2e208m1/freeze.v b/src/Specific/solinas64_2e416m2e208m1/freeze.v index 1ff8812b2..363cb2fd5 100644 --- a/src/Specific/solinas64_2e416m2e208m1/freeze.v +++ b/src/Specific/solinas64_2e416m2e208m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e416m2e208m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e444m17/CurveParameters.v b/src/Specific/solinas64_2e444m17/CurveParameters.v index 7c3c6383c..df67731b8 100644 --- a/src/Specific/solinas64_2e444m17/CurveParameters.v +++ b/src/Specific/solinas64_2e444m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e444m17/femul.v b/src/Specific/solinas64_2e444m17/femul.v index f9d507ce8..02bf481fc 100644 --- a/src/Specific/solinas64_2e444m17/femul.v +++ b/src/Specific/solinas64_2e444m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e444m17/fesquare.v b/src/Specific/solinas64_2e444m17/fesquare.v index 5f73be8d3..783ed74f9 100644 --- a/src/Specific/solinas64_2e444m17/fesquare.v +++ b/src/Specific/solinas64_2e444m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e444m17/freeze.v b/src/Specific/solinas64_2e444m17/freeze.v index a0b44808b..00a6a22c7 100644 --- a/src/Specific/solinas64_2e444m17/freeze.v +++ b/src/Specific/solinas64_2e444m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e444m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v b/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v index 7944833c7..c89fcc8a5 100644 --- a/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e448m2e224m1/femul.v b/src/Specific/solinas64_2e448m2e224m1/femul.v index 6aafaf303..9a88a5c55 100644 --- a/src/Specific/solinas64_2e448m2e224m1/femul.v +++ b/src/Specific/solinas64_2e448m2e224m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e448m2e224m1/fesquare.v b/src/Specific/solinas64_2e448m2e224m1/fesquare.v index b998369bb..6e54d709a 100644 --- a/src/Specific/solinas64_2e448m2e224m1/fesquare.v +++ b/src/Specific/solinas64_2e448m2e224m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e448m2e224m1/freeze.v b/src/Specific/solinas64_2e448m2e224m1/freeze.v index e030100dc..0feac9060 100644 --- a/src/Specific/solinas64_2e448m2e224m1/freeze.v +++ b/src/Specific/solinas64_2e448m2e224m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e448m2e224m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v b/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v index 6140a4030..079a6f996 100644 --- a/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e450m2e225m1/femul.v b/src/Specific/solinas64_2e450m2e225m1/femul.v index 90e63ad16..ff762ce82 100644 --- a/src/Specific/solinas64_2e450m2e225m1/femul.v +++ b/src/Specific/solinas64_2e450m2e225m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e450m2e225m1/fesquare.v b/src/Specific/solinas64_2e450m2e225m1/fesquare.v index 363d18c2f..ec82ce793 100644 --- a/src/Specific/solinas64_2e450m2e225m1/fesquare.v +++ b/src/Specific/solinas64_2e450m2e225m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e450m2e225m1/freeze.v b/src/Specific/solinas64_2e450m2e225m1/freeze.v index 423012515..52b623183 100644 --- a/src/Specific/solinas64_2e450m2e225m1/freeze.v +++ b/src/Specific/solinas64_2e450m2e225m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e450m2e225m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e452m3/CurveParameters.v b/src/Specific/solinas64_2e452m3/CurveParameters.v index 055f6f14a..1101199b0 100644 --- a/src/Specific/solinas64_2e452m3/CurveParameters.v +++ b/src/Specific/solinas64_2e452m3/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e452m3/femul.v b/src/Specific/solinas64_2e452m3/femul.v index af859ed21..100f26ca8 100644 --- a/src/Specific/solinas64_2e452m3/femul.v +++ b/src/Specific/solinas64_2e452m3/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e452m3/fesquare.v b/src/Specific/solinas64_2e452m3/fesquare.v index 22dac873f..dcb3873e6 100644 --- a/src/Specific/solinas64_2e452m3/fesquare.v +++ b/src/Specific/solinas64_2e452m3/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e452m3/freeze.v b/src/Specific/solinas64_2e452m3/freeze.v index 7dd0c7666..99f6281f7 100644 --- a/src/Specific/solinas64_2e452m3/freeze.v +++ b/src/Specific/solinas64_2e452m3/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e452m3.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e468m17/CurveParameters.v b/src/Specific/solinas64_2e468m17/CurveParameters.v index 28bc87973..f2c5524a6 100644 --- a/src/Specific/solinas64_2e468m17/CurveParameters.v +++ b/src/Specific/solinas64_2e468m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e468m17/femul.v b/src/Specific/solinas64_2e468m17/femul.v index 9a6c95f1b..42e990b58 100644 --- a/src/Specific/solinas64_2e468m17/femul.v +++ b/src/Specific/solinas64_2e468m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e468m17/fesquare.v b/src/Specific/solinas64_2e468m17/fesquare.v index d035fa7cc..79094299e 100644 --- a/src/Specific/solinas64_2e468m17/fesquare.v +++ b/src/Specific/solinas64_2e468m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e468m17/freeze.v b/src/Specific/solinas64_2e468m17/freeze.v index b61064065..bd87e27e8 100644 --- a/src/Specific/solinas64_2e468m17/freeze.v +++ b/src/Specific/solinas64_2e468m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e468m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v b/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v index f3f9d57e5..d15f5c033 100644 --- a/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e480m2e240m1/femul.v b/src/Specific/solinas64_2e480m2e240m1/femul.v index b2049a894..558485a84 100644 --- a/src/Specific/solinas64_2e480m2e240m1/femul.v +++ b/src/Specific/solinas64_2e480m2e240m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e480m2e240m1/fesquare.v b/src/Specific/solinas64_2e480m2e240m1/fesquare.v index b2f8f2276..7966e35a9 100644 --- a/src/Specific/solinas64_2e480m2e240m1/fesquare.v +++ b/src/Specific/solinas64_2e480m2e240m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e480m2e240m1/freeze.v b/src/Specific/solinas64_2e480m2e240m1/freeze.v index cf72decd0..65e4a4fc0 100644 --- a/src/Specific/solinas64_2e480m2e240m1/freeze.v +++ b/src/Specific/solinas64_2e480m2e240m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e480m2e240m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e488m17/CurveParameters.v b/src/Specific/solinas64_2e488m17/CurveParameters.v index bc94dcfb2..11dabfb7a 100644 --- a/src/Specific/solinas64_2e488m17/CurveParameters.v +++ b/src/Specific/solinas64_2e488m17/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e488m17/femul.v b/src/Specific/solinas64_2e488m17/femul.v index b62a50886..b7445508a 100644 --- a/src/Specific/solinas64_2e488m17/femul.v +++ b/src/Specific/solinas64_2e488m17/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e488m17/fesquare.v b/src/Specific/solinas64_2e488m17/fesquare.v index a8f0e20d7..d427f4b49 100644 --- a/src/Specific/solinas64_2e488m17/fesquare.v +++ b/src/Specific/solinas64_2e488m17/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e488m17/freeze.v b/src/Specific/solinas64_2e488m17/freeze.v index 08a3241e7..3f9f43201 100644 --- a/src/Specific/solinas64_2e488m17/freeze.v +++ b/src/Specific/solinas64_2e488m17/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e488m17.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e489m21/CurveParameters.v b/src/Specific/solinas64_2e489m21/CurveParameters.v index 0391280f4..3332babb3 100644 --- a/src/Specific/solinas64_2e489m21/CurveParameters.v +++ b/src/Specific/solinas64_2e489m21/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e489m21/femul.v b/src/Specific/solinas64_2e489m21/femul.v index 764ce93a8..e46b9e5aa 100644 --- a/src/Specific/solinas64_2e489m21/femul.v +++ b/src/Specific/solinas64_2e489m21/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e489m21/fesquare.v b/src/Specific/solinas64_2e489m21/fesquare.v index 9d47bca90..1679523a9 100644 --- a/src/Specific/solinas64_2e489m21/fesquare.v +++ b/src/Specific/solinas64_2e489m21/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e489m21/freeze.v b/src/Specific/solinas64_2e489m21/freeze.v index add2dd470..684e30a33 100644 --- a/src/Specific/solinas64_2e489m21/freeze.v +++ b/src/Specific/solinas64_2e489m21/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e489m21.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e495m31/CurveParameters.v b/src/Specific/solinas64_2e495m31/CurveParameters.v index 4f39cde1c..19ff6e419 100644 --- a/src/Specific/solinas64_2e495m31/CurveParameters.v +++ b/src/Specific/solinas64_2e495m31/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e495m31/femul.v b/src/Specific/solinas64_2e495m31/femul.v index ccd2cbb45..cbe01edbb 100644 --- a/src/Specific/solinas64_2e495m31/femul.v +++ b/src/Specific/solinas64_2e495m31/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e495m31/fesquare.v b/src/Specific/solinas64_2e495m31/fesquare.v index 6e97a9ce2..0a6fa646e 100644 --- a/src/Specific/solinas64_2e495m31/fesquare.v +++ b/src/Specific/solinas64_2e495m31/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e495m31/freeze.v b/src/Specific/solinas64_2e495m31/freeze.v index 43da1337a..8921cdc86 100644 --- a/src/Specific/solinas64_2e495m31/freeze.v +++ b/src/Specific/solinas64_2e495m31/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e495m31.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v b/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v index 9beea1463..b5322d6a5 100644 --- a/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v +++ b/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e510m290x2e496m1/femul.v b/src/Specific/solinas64_2e510m290x2e496m1/femul.v index 8dc46da93..92367751e 100644 --- a/src/Specific/solinas64_2e510m290x2e496m1/femul.v +++ b/src/Specific/solinas64_2e510m290x2e496m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v b/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v index 3e186c0ce..722483442 100644 --- a/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v +++ b/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e510m290x2e496m1/freeze.v b/src/Specific/solinas64_2e510m290x2e496m1/freeze.v index b432a6126..1647b8ed7 100644 --- a/src/Specific/solinas64_2e510m290x2e496m1/freeze.v +++ b/src/Specific/solinas64_2e510m290x2e496m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e511m187/CurveParameters.v b/src/Specific/solinas64_2e511m187/CurveParameters.v index 04106b89a..95ed58cf9 100644 --- a/src/Specific/solinas64_2e511m187/CurveParameters.v +++ b/src/Specific/solinas64_2e511m187/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e511m187/femul.v b/src/Specific/solinas64_2e511m187/femul.v index 86a5c5014..dfb8fe169 100644 --- a/src/Specific/solinas64_2e511m187/femul.v +++ b/src/Specific/solinas64_2e511m187/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e511m187/fesquare.v b/src/Specific/solinas64_2e511m187/fesquare.v index 8f4b7f345..6c44acf5a 100644 --- a/src/Specific/solinas64_2e511m187/fesquare.v +++ b/src/Specific/solinas64_2e511m187/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e511m187/freeze.v b/src/Specific/solinas64_2e511m187/freeze.v index db6dbd38e..d402a482f 100644 --- a/src/Specific/solinas64_2e511m187/freeze.v +++ b/src/Specific/solinas64_2e511m187/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m187.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e511m481/CurveParameters.v b/src/Specific/solinas64_2e511m481/CurveParameters.v index 71e14aea4..3980e7c06 100644 --- a/src/Specific/solinas64_2e511m481/CurveParameters.v +++ b/src/Specific/solinas64_2e511m481/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e511m481/femul.v b/src/Specific/solinas64_2e511m481/femul.v index ccbb4d089..cfbfd0abe 100644 --- a/src/Specific/solinas64_2e511m481/femul.v +++ b/src/Specific/solinas64_2e511m481/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e511m481/fesquare.v b/src/Specific/solinas64_2e511m481/fesquare.v index dcadbce19..cd56965df 100644 --- a/src/Specific/solinas64_2e511m481/fesquare.v +++ b/src/Specific/solinas64_2e511m481/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e511m481/freeze.v b/src/Specific/solinas64_2e511m481/freeze.v index c0a0c3c4f..2d12d5038 100644 --- a/src/Specific/solinas64_2e511m481/freeze.v +++ b/src/Specific/solinas64_2e511m481/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e511m481.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v b/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v index 1240de52b..3c85a70eb 100644 --- a/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v +++ b/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e512m491x2e496m1/femul.v b/src/Specific/solinas64_2e512m491x2e496m1/femul.v index 0f8e9c1fe..6934fb40a 100644 --- a/src/Specific/solinas64_2e512m491x2e496m1/femul.v +++ b/src/Specific/solinas64_2e512m491x2e496m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v b/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v index 8671b27e3..8476ca13d 100644 --- a/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v +++ b/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e512m491x2e496m1/freeze.v b/src/Specific/solinas64_2e512m491x2e496m1/freeze.v index 612617e17..6d3724e0f 100644 --- a/src/Specific/solinas64_2e512m491x2e496m1/freeze.v +++ b/src/Specific/solinas64_2e512m491x2e496m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e512m569/CurveParameters.v b/src/Specific/solinas64_2e512m569/CurveParameters.v index 88fe6f337..47256506f 100644 --- a/src/Specific/solinas64_2e512m569/CurveParameters.v +++ b/src/Specific/solinas64_2e512m569/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e512m569/femul.v b/src/Specific/solinas64_2e512m569/femul.v index e06004eaf..9af7f19e3 100644 --- a/src/Specific/solinas64_2e512m569/femul.v +++ b/src/Specific/solinas64_2e512m569/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e512m569/fesquare.v b/src/Specific/solinas64_2e512m569/fesquare.v index a6a44c600..07f530e28 100644 --- a/src/Specific/solinas64_2e512m569/fesquare.v +++ b/src/Specific/solinas64_2e512m569/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e512m569/freeze.v b/src/Specific/solinas64_2e512m569/freeze.v index 54f65a751..8d8c77010 100644 --- a/src/Specific/solinas64_2e512m569/freeze.v +++ b/src/Specific/solinas64_2e512m569/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e512m569.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). diff --git a/src/Specific/solinas64_2e521m1/CurveParameters.v b/src/Specific/solinas64_2e521m1/CurveParameters.v index 00119e548..7f2289806 100644 --- a/src/Specific/solinas64_2e521m1/CurveParameters.v +++ b/src/Specific/solinas64_2e521m1/CurveParameters.v @@ -18,7 +18,7 @@ Definition curve : CurveParameters := a24 := None; coef_div_modulus := Some 2%nat; - goldilocks := Some false; + goldilocks := None; montgomery := false; freeze := Some true; ladderstep := false; @@ -27,7 +27,8 @@ Definition curve : CurveParameters := square_code := None; - upper_bound_of_exponent := None; + upper_bound_of_exponent_loose := None; + upper_bound_of_exponent_tight := None; allowable_bit_widths := None; freeze_extra_allowable_bit_widths := None; modinv_fuel := None diff --git a/src/Specific/solinas64_2e521m1/femul.v b/src/Specific/solinas64_2e521m1/femul.v index 3a07cee90..efe13e3aa 100644 --- a/src/Specific/solinas64_2e521m1/femul.v +++ b/src/Specific/solinas64_2e521m1/femul.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : - { mul : feBW -> feBW -> feBW - | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. + { mul : feBW_loose -> feBW_loose -> feBW_tight + | forall a b, phiBW_tight (mul a b) = F.mul (phiBW_loose a) (phiBW_loose b) }. Proof. Set Ltac Profiling. Time synthesize_mul (). diff --git a/src/Specific/solinas64_2e521m1/fesquare.v b/src/Specific/solinas64_2e521m1/fesquare.v index 50cc2e10a..e5edbd938 100644 --- a/src/Specific/solinas64_2e521m1/fesquare.v +++ b/src/Specific/solinas64_2e521m1/fesquare.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : - { square : feBW -> feBW - | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. + { square : feBW_loose -> feBW_tight + | forall a, phiBW_tight (square a) = F.mul (phiBW_loose a) (phiBW_loose a) }. Proof. Set Ltac Profiling. Time synthesize_square (). diff --git a/src/Specific/solinas64_2e521m1/freeze.v b/src/Specific/solinas64_2e521m1/freeze.v index 1f483f2ab..bcaa28d81 100644 --- a/src/Specific/solinas64_2e521m1/freeze.v +++ b/src/Specific/solinas64_2e521m1/freeze.v @@ -3,8 +3,8 @@ Require Import Crypto.Specific.solinas64_2e521m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : - { freeze : feBW -> feBW - | forall a, phiBW (freeze a) = phiBW a }. + { freeze : feBW_tight -> feBW_limbwidths + | forall a, phiBW_limbwidths (freeze a) = phiBW_tight a }. Proof. Set Ltac Profiling. Time synthesize_freeze (). |