diff options
567 files changed, 4126 insertions, 548 deletions
diff --git a/_CoqProject b/_CoqProject index 1cb453066..84924788a 100644 --- a/_CoqProject +++ b/_CoqProject @@ -572,6 +572,18 @@ src/Specific/montgomery32_2e198m17/feopp.v src/Specific/montgomery32_2e198m17/feoppDisplay.v src/Specific/montgomery32_2e198m17/fesub.v src/Specific/montgomery32_2e198m17/fesubDisplay.v +src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v +src/Specific/montgomery32_2e205m45x2e198m1/Synthesis.v +src/Specific/montgomery32_2e205m45x2e198m1/feadd.v +src/Specific/montgomery32_2e205m45x2e198m1/feaddDisplay.v +src/Specific/montgomery32_2e205m45x2e198m1/femul.v +src/Specific/montgomery32_2e205m45x2e198m1/femulDisplay.v +src/Specific/montgomery32_2e205m45x2e198m1/fenz.v +src/Specific/montgomery32_2e205m45x2e198m1/fenzDisplay.v +src/Specific/montgomery32_2e205m45x2e198m1/feopp.v +src/Specific/montgomery32_2e205m45x2e198m1/feoppDisplay.v +src/Specific/montgomery32_2e205m45x2e198m1/fesub.v +src/Specific/montgomery32_2e205m45x2e198m1/fesubDisplay.v src/Specific/montgomery32_2e206m5/CurveParameters.v src/Specific/montgomery32_2e206m5/Synthesis.v src/Specific/montgomery32_2e206m5/feadd.v @@ -716,6 +728,18 @@ src/Specific/montgomery32_2e251m9/feopp.v src/Specific/montgomery32_2e251m9/feoppDisplay.v src/Specific/montgomery32_2e251m9/fesub.v src/Specific/montgomery32_2e251m9/fesubDisplay.v +src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v +src/Specific/montgomery32_2e254m127x2e240m1/Synthesis.v +src/Specific/montgomery32_2e254m127x2e240m1/feadd.v +src/Specific/montgomery32_2e254m127x2e240m1/feaddDisplay.v +src/Specific/montgomery32_2e254m127x2e240m1/femul.v +src/Specific/montgomery32_2e254m127x2e240m1/femulDisplay.v +src/Specific/montgomery32_2e254m127x2e240m1/fenz.v +src/Specific/montgomery32_2e254m127x2e240m1/fenzDisplay.v +src/Specific/montgomery32_2e254m127x2e240m1/feopp.v +src/Specific/montgomery32_2e254m127x2e240m1/feoppDisplay.v +src/Specific/montgomery32_2e254m127x2e240m1/fesub.v +src/Specific/montgomery32_2e254m127x2e240m1/fesubDisplay.v src/Specific/montgomery32_2e255m19/CurveParameters.v src/Specific/montgomery32_2e255m19/Synthesis.v src/Specific/montgomery32_2e255m19/feadd.v @@ -788,6 +812,18 @@ src/Specific/montgomery32_2e256m2e32m977/feopp.v src/Specific/montgomery32_2e256m2e32m977/feoppDisplay.v src/Specific/montgomery32_2e256m2e32m977/fesub.v src/Specific/montgomery32_2e256m2e32m977/fesubDisplay.v +src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v +src/Specific/montgomery32_2e256m88x2e240m1/Synthesis.v +src/Specific/montgomery32_2e256m88x2e240m1/feadd.v +src/Specific/montgomery32_2e256m88x2e240m1/feaddDisplay.v +src/Specific/montgomery32_2e256m88x2e240m1/femul.v +src/Specific/montgomery32_2e256m88x2e240m1/femulDisplay.v +src/Specific/montgomery32_2e256m88x2e240m1/fenz.v +src/Specific/montgomery32_2e256m88x2e240m1/fenzDisplay.v +src/Specific/montgomery32_2e256m88x2e240m1/feopp.v +src/Specific/montgomery32_2e256m88x2e240m1/feoppDisplay.v +src/Specific/montgomery32_2e256m88x2e240m1/fesub.v +src/Specific/montgomery32_2e256m88x2e240m1/fesubDisplay.v src/Specific/montgomery32_2e266m3/CurveParameters.v src/Specific/montgomery32_2e266m3/Synthesis.v src/Specific/montgomery32_2e266m3/feadd.v @@ -980,6 +1016,30 @@ src/Specific/montgomery32_2e384m317/feopp.v src/Specific/montgomery32_2e384m317/feoppDisplay.v src/Specific/montgomery32_2e384m317/fesub.v src/Specific/montgomery32_2e384m317/fesubDisplay.v +src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v +src/Specific/montgomery32_2e384m5x2e368m1/Synthesis.v +src/Specific/montgomery32_2e384m5x2e368m1/feadd.v +src/Specific/montgomery32_2e384m5x2e368m1/feaddDisplay.v +src/Specific/montgomery32_2e384m5x2e368m1/femul.v +src/Specific/montgomery32_2e384m5x2e368m1/femulDisplay.v +src/Specific/montgomery32_2e384m5x2e368m1/fenz.v +src/Specific/montgomery32_2e384m5x2e368m1/fenzDisplay.v +src/Specific/montgomery32_2e384m5x2e368m1/feopp.v +src/Specific/montgomery32_2e384m5x2e368m1/feoppDisplay.v +src/Specific/montgomery32_2e384m5x2e368m1/fesub.v +src/Specific/montgomery32_2e384m5x2e368m1/fesubDisplay.v +src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v +src/Specific/montgomery32_2e384m79x2e376m1/Synthesis.v +src/Specific/montgomery32_2e384m79x2e376m1/feadd.v +src/Specific/montgomery32_2e384m79x2e376m1/feaddDisplay.v +src/Specific/montgomery32_2e384m79x2e376m1/femul.v +src/Specific/montgomery32_2e384m79x2e376m1/femulDisplay.v +src/Specific/montgomery32_2e384m79x2e376m1/fenz.v +src/Specific/montgomery32_2e384m79x2e376m1/fenzDisplay.v +src/Specific/montgomery32_2e384m79x2e376m1/feopp.v +src/Specific/montgomery32_2e384m79x2e376m1/feoppDisplay.v +src/Specific/montgomery32_2e384m79x2e376m1/fesub.v +src/Specific/montgomery32_2e384m79x2e376m1/fesubDisplay.v src/Specific/montgomery32_2e389m21/CurveParameters.v src/Specific/montgomery32_2e389m21/Synthesis.v src/Specific/montgomery32_2e389m21/feadd.v @@ -1148,6 +1208,18 @@ src/Specific/montgomery32_2e495m31/feopp.v src/Specific/montgomery32_2e495m31/feoppDisplay.v src/Specific/montgomery32_2e495m31/fesub.v src/Specific/montgomery32_2e495m31/fesubDisplay.v +src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v +src/Specific/montgomery32_2e510m290x2e496m1/Synthesis.v +src/Specific/montgomery32_2e510m290x2e496m1/feadd.v +src/Specific/montgomery32_2e510m290x2e496m1/feaddDisplay.v +src/Specific/montgomery32_2e510m290x2e496m1/femul.v +src/Specific/montgomery32_2e510m290x2e496m1/femulDisplay.v +src/Specific/montgomery32_2e510m290x2e496m1/fenz.v +src/Specific/montgomery32_2e510m290x2e496m1/fenzDisplay.v +src/Specific/montgomery32_2e510m290x2e496m1/feopp.v +src/Specific/montgomery32_2e510m290x2e496m1/feoppDisplay.v +src/Specific/montgomery32_2e510m290x2e496m1/fesub.v +src/Specific/montgomery32_2e510m290x2e496m1/fesubDisplay.v src/Specific/montgomery32_2e511m187/CurveParameters.v src/Specific/montgomery32_2e511m187/Synthesis.v src/Specific/montgomery32_2e511m187/feadd.v @@ -1172,6 +1244,18 @@ src/Specific/montgomery32_2e511m481/feopp.v src/Specific/montgomery32_2e511m481/feoppDisplay.v src/Specific/montgomery32_2e511m481/fesub.v src/Specific/montgomery32_2e511m481/fesubDisplay.v +src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v +src/Specific/montgomery32_2e512m491x2e496m1/Synthesis.v +src/Specific/montgomery32_2e512m491x2e496m1/feadd.v +src/Specific/montgomery32_2e512m491x2e496m1/feaddDisplay.v +src/Specific/montgomery32_2e512m491x2e496m1/femul.v +src/Specific/montgomery32_2e512m491x2e496m1/femulDisplay.v +src/Specific/montgomery32_2e512m491x2e496m1/fenz.v +src/Specific/montgomery32_2e512m491x2e496m1/fenzDisplay.v +src/Specific/montgomery32_2e512m491x2e496m1/feopp.v +src/Specific/montgomery32_2e512m491x2e496m1/feoppDisplay.v +src/Specific/montgomery32_2e512m491x2e496m1/fesub.v +src/Specific/montgomery32_2e512m491x2e496m1/fesubDisplay.v src/Specific/montgomery32_2e512m569/CurveParameters.v src/Specific/montgomery32_2e512m569/Synthesis.v src/Specific/montgomery32_2e512m569/feadd.v @@ -1460,6 +1544,18 @@ src/Specific/montgomery64_2e198m17/feopp.v src/Specific/montgomery64_2e198m17/feoppDisplay.v src/Specific/montgomery64_2e198m17/fesub.v src/Specific/montgomery64_2e198m17/fesubDisplay.v +src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v +src/Specific/montgomery64_2e205m45x2e198m1/Synthesis.v +src/Specific/montgomery64_2e205m45x2e198m1/feadd.v +src/Specific/montgomery64_2e205m45x2e198m1/feaddDisplay.v +src/Specific/montgomery64_2e205m45x2e198m1/femul.v +src/Specific/montgomery64_2e205m45x2e198m1/femulDisplay.v +src/Specific/montgomery64_2e205m45x2e198m1/fenz.v +src/Specific/montgomery64_2e205m45x2e198m1/fenzDisplay.v +src/Specific/montgomery64_2e205m45x2e198m1/feopp.v +src/Specific/montgomery64_2e205m45x2e198m1/feoppDisplay.v +src/Specific/montgomery64_2e205m45x2e198m1/fesub.v +src/Specific/montgomery64_2e205m45x2e198m1/fesubDisplay.v src/Specific/montgomery64_2e206m5/CurveParameters.v src/Specific/montgomery64_2e206m5/Synthesis.v src/Specific/montgomery64_2e206m5/feadd.v @@ -1604,6 +1700,18 @@ src/Specific/montgomery64_2e251m9/feopp.v src/Specific/montgomery64_2e251m9/feoppDisplay.v src/Specific/montgomery64_2e251m9/fesub.v src/Specific/montgomery64_2e251m9/fesubDisplay.v +src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v +src/Specific/montgomery64_2e254m127x2e240m1/Synthesis.v +src/Specific/montgomery64_2e254m127x2e240m1/feadd.v +src/Specific/montgomery64_2e254m127x2e240m1/feaddDisplay.v +src/Specific/montgomery64_2e254m127x2e240m1/femul.v +src/Specific/montgomery64_2e254m127x2e240m1/femulDisplay.v +src/Specific/montgomery64_2e254m127x2e240m1/fenz.v +src/Specific/montgomery64_2e254m127x2e240m1/fenzDisplay.v +src/Specific/montgomery64_2e254m127x2e240m1/feopp.v +src/Specific/montgomery64_2e254m127x2e240m1/feoppDisplay.v +src/Specific/montgomery64_2e254m127x2e240m1/fesub.v +src/Specific/montgomery64_2e254m127x2e240m1/fesubDisplay.v src/Specific/montgomery64_2e255m19/CurveParameters.v src/Specific/montgomery64_2e255m19/Synthesis.v src/Specific/montgomery64_2e255m19/feadd.v @@ -1676,6 +1784,18 @@ src/Specific/montgomery64_2e256m2e32m977/feopp.v src/Specific/montgomery64_2e256m2e32m977/feoppDisplay.v src/Specific/montgomery64_2e256m2e32m977/fesub.v src/Specific/montgomery64_2e256m2e32m977/fesubDisplay.v +src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v +src/Specific/montgomery64_2e256m88x2e240m1/Synthesis.v +src/Specific/montgomery64_2e256m88x2e240m1/feadd.v +src/Specific/montgomery64_2e256m88x2e240m1/feaddDisplay.v +src/Specific/montgomery64_2e256m88x2e240m1/femul.v +src/Specific/montgomery64_2e256m88x2e240m1/femulDisplay.v +src/Specific/montgomery64_2e256m88x2e240m1/fenz.v +src/Specific/montgomery64_2e256m88x2e240m1/fenzDisplay.v +src/Specific/montgomery64_2e256m88x2e240m1/feopp.v +src/Specific/montgomery64_2e256m88x2e240m1/feoppDisplay.v +src/Specific/montgomery64_2e256m88x2e240m1/fesub.v +src/Specific/montgomery64_2e256m88x2e240m1/fesubDisplay.v src/Specific/montgomery64_2e266m3/CurveParameters.v src/Specific/montgomery64_2e266m3/Synthesis.v src/Specific/montgomery64_2e266m3/feadd.v @@ -1868,6 +1988,30 @@ src/Specific/montgomery64_2e384m317/feopp.v src/Specific/montgomery64_2e384m317/feoppDisplay.v src/Specific/montgomery64_2e384m317/fesub.v src/Specific/montgomery64_2e384m317/fesubDisplay.v +src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v +src/Specific/montgomery64_2e384m5x2e368m1/Synthesis.v +src/Specific/montgomery64_2e384m5x2e368m1/feadd.v +src/Specific/montgomery64_2e384m5x2e368m1/feaddDisplay.v +src/Specific/montgomery64_2e384m5x2e368m1/femul.v +src/Specific/montgomery64_2e384m5x2e368m1/femulDisplay.v +src/Specific/montgomery64_2e384m5x2e368m1/fenz.v +src/Specific/montgomery64_2e384m5x2e368m1/fenzDisplay.v +src/Specific/montgomery64_2e384m5x2e368m1/feopp.v +src/Specific/montgomery64_2e384m5x2e368m1/feoppDisplay.v +src/Specific/montgomery64_2e384m5x2e368m1/fesub.v +src/Specific/montgomery64_2e384m5x2e368m1/fesubDisplay.v +src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v +src/Specific/montgomery64_2e384m79x2e376m1/Synthesis.v +src/Specific/montgomery64_2e384m79x2e376m1/feadd.v +src/Specific/montgomery64_2e384m79x2e376m1/feaddDisplay.v +src/Specific/montgomery64_2e384m79x2e376m1/femul.v +src/Specific/montgomery64_2e384m79x2e376m1/femulDisplay.v +src/Specific/montgomery64_2e384m79x2e376m1/fenz.v +src/Specific/montgomery64_2e384m79x2e376m1/fenzDisplay.v +src/Specific/montgomery64_2e384m79x2e376m1/feopp.v +src/Specific/montgomery64_2e384m79x2e376m1/feoppDisplay.v +src/Specific/montgomery64_2e384m79x2e376m1/fesub.v +src/Specific/montgomery64_2e384m79x2e376m1/fesubDisplay.v src/Specific/montgomery64_2e389m21/CurveParameters.v src/Specific/montgomery64_2e389m21/Synthesis.v src/Specific/montgomery64_2e389m21/feadd.v @@ -2036,6 +2180,18 @@ src/Specific/montgomery64_2e495m31/feopp.v src/Specific/montgomery64_2e495m31/feoppDisplay.v src/Specific/montgomery64_2e495m31/fesub.v src/Specific/montgomery64_2e495m31/fesubDisplay.v +src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v +src/Specific/montgomery64_2e510m290x2e496m1/Synthesis.v +src/Specific/montgomery64_2e510m290x2e496m1/feadd.v +src/Specific/montgomery64_2e510m290x2e496m1/feaddDisplay.v +src/Specific/montgomery64_2e510m290x2e496m1/femul.v +src/Specific/montgomery64_2e510m290x2e496m1/femulDisplay.v +src/Specific/montgomery64_2e510m290x2e496m1/fenz.v +src/Specific/montgomery64_2e510m290x2e496m1/fenzDisplay.v +src/Specific/montgomery64_2e510m290x2e496m1/feopp.v +src/Specific/montgomery64_2e510m290x2e496m1/feoppDisplay.v +src/Specific/montgomery64_2e510m290x2e496m1/fesub.v +src/Specific/montgomery64_2e510m290x2e496m1/fesubDisplay.v src/Specific/montgomery64_2e511m187/CurveParameters.v src/Specific/montgomery64_2e511m187/Synthesis.v src/Specific/montgomery64_2e511m187/feadd.v @@ -2060,6 +2216,18 @@ src/Specific/montgomery64_2e511m481/feopp.v src/Specific/montgomery64_2e511m481/feoppDisplay.v src/Specific/montgomery64_2e511m481/fesub.v src/Specific/montgomery64_2e511m481/fesubDisplay.v +src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v +src/Specific/montgomery64_2e512m491x2e496m1/Synthesis.v +src/Specific/montgomery64_2e512m491x2e496m1/feadd.v +src/Specific/montgomery64_2e512m491x2e496m1/feaddDisplay.v +src/Specific/montgomery64_2e512m491x2e496m1/femul.v +src/Specific/montgomery64_2e512m491x2e496m1/femulDisplay.v +src/Specific/montgomery64_2e512m491x2e496m1/fenz.v +src/Specific/montgomery64_2e512m491x2e496m1/fenzDisplay.v +src/Specific/montgomery64_2e512m491x2e496m1/feopp.v +src/Specific/montgomery64_2e512m491x2e496m1/feoppDisplay.v +src/Specific/montgomery64_2e512m491x2e496m1/fesub.v +src/Specific/montgomery64_2e512m491x2e496m1/fesubDisplay.v src/Specific/montgomery64_2e512m569/CurveParameters.v src/Specific/montgomery64_2e512m569/Synthesis.v src/Specific/montgomery64_2e512m569/feadd.v @@ -2260,6 +2428,14 @@ src/Specific/solinas32_2e198m17/fesquare.v src/Specific/solinas32_2e198m17/fesquareDisplay.v src/Specific/solinas32_2e198m17/freeze.v src/Specific/solinas32_2e198m17/freezeDisplay.v +src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v +src/Specific/solinas32_2e205m45x2e198m1/Synthesis.v +src/Specific/solinas32_2e205m45x2e198m1/femul.v +src/Specific/solinas32_2e205m45x2e198m1/femulDisplay.v +src/Specific/solinas32_2e205m45x2e198m1/fesquare.v +src/Specific/solinas32_2e205m45x2e198m1/fesquareDisplay.v +src/Specific/solinas32_2e205m45x2e198m1/freeze.v +src/Specific/solinas32_2e205m45x2e198m1/freezeDisplay.v src/Specific/solinas32_2e206m5/CurveParameters.v src/Specific/solinas32_2e206m5/Synthesis.v src/Specific/solinas32_2e206m5/femul.v @@ -2356,6 +2532,14 @@ src/Specific/solinas32_2e251m9/fesquare.v src/Specific/solinas32_2e251m9/fesquareDisplay.v src/Specific/solinas32_2e251m9/freeze.v src/Specific/solinas32_2e251m9/freezeDisplay.v +src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v +src/Specific/solinas32_2e254m127x2e240m1/Synthesis.v +src/Specific/solinas32_2e254m127x2e240m1/femul.v +src/Specific/solinas32_2e254m127x2e240m1/femulDisplay.v +src/Specific/solinas32_2e254m127x2e240m1/fesquare.v +src/Specific/solinas32_2e254m127x2e240m1/fesquareDisplay.v +src/Specific/solinas32_2e254m127x2e240m1/freeze.v +src/Specific/solinas32_2e254m127x2e240m1/freezeDisplay.v src/Specific/solinas32_2e255m19/CurveParameters.v src/Specific/solinas32_2e255m19/Synthesis.v src/Specific/solinas32_2e255m19/femul.v @@ -2404,6 +2588,14 @@ src/Specific/solinas32_2e256m2e32m977/fesquare.v src/Specific/solinas32_2e256m2e32m977/fesquareDisplay.v src/Specific/solinas32_2e256m2e32m977/freeze.v src/Specific/solinas32_2e256m2e32m977/freezeDisplay.v +src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v +src/Specific/solinas32_2e256m88x2e240m1/Synthesis.v +src/Specific/solinas32_2e256m88x2e240m1/femul.v +src/Specific/solinas32_2e256m88x2e240m1/femulDisplay.v +src/Specific/solinas32_2e256m88x2e240m1/fesquare.v +src/Specific/solinas32_2e256m88x2e240m1/fesquareDisplay.v +src/Specific/solinas32_2e256m88x2e240m1/freeze.v +src/Specific/solinas32_2e256m88x2e240m1/freezeDisplay.v src/Specific/solinas32_2e266m3/CurveParameters.v src/Specific/solinas32_2e266m3/Synthesis.v src/Specific/solinas32_2e266m3/femul.v @@ -2508,6 +2700,22 @@ src/Specific/solinas32_2e384m317/fesquare.v src/Specific/solinas32_2e384m317/fesquareDisplay.v src/Specific/solinas32_2e384m317/freeze.v src/Specific/solinas32_2e384m317/freezeDisplay.v +src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v +src/Specific/solinas32_2e384m5x2e368m1/Synthesis.v +src/Specific/solinas32_2e384m5x2e368m1/femul.v +src/Specific/solinas32_2e384m5x2e368m1/femulDisplay.v +src/Specific/solinas32_2e384m5x2e368m1/fesquare.v +src/Specific/solinas32_2e384m5x2e368m1/fesquareDisplay.v +src/Specific/solinas32_2e384m5x2e368m1/freeze.v +src/Specific/solinas32_2e384m5x2e368m1/freezeDisplay.v +src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v +src/Specific/solinas32_2e384m79x2e376m1/Synthesis.v +src/Specific/solinas32_2e384m79x2e376m1/femul.v +src/Specific/solinas32_2e384m79x2e376m1/femulDisplay.v +src/Specific/solinas32_2e384m79x2e376m1/fesquare.v +src/Specific/solinas32_2e384m79x2e376m1/fesquareDisplay.v +src/Specific/solinas32_2e384m79x2e376m1/freeze.v +src/Specific/solinas32_2e384m79x2e376m1/freezeDisplay.v src/Specific/solinas32_2e401m31/CurveParameters.v src/Specific/solinas32_2e401m31/Synthesis.v src/Specific/solinas32_2e401m31/femul.v @@ -2516,14 +2724,6 @@ src/Specific/solinas32_2e401m31/fesquare.v src/Specific/solinas32_2e401m31/fesquareDisplay.v src/Specific/solinas32_2e401m31/freeze.v src/Specific/solinas32_2e401m31/freezeDisplay.v -src/Specific/solinas32_2e413m21/CurveParameters.v -src/Specific/solinas32_2e413m21/Synthesis.v -src/Specific/solinas32_2e413m21/femul.v -src/Specific/solinas32_2e413m21/femulDisplay.v -src/Specific/solinas32_2e413m21/fesquare.v -src/Specific/solinas32_2e413m21/fesquareDisplay.v -src/Specific/solinas32_2e413m21/freeze.v -src/Specific/solinas32_2e413m21/freezeDisplay.v src/Specific/solinas32_2e414m17/CurveParameters.v src/Specific/solinas32_2e414m17/Synthesis.v src/Specific/solinas32_2e414m17/femul.v @@ -2612,6 +2812,14 @@ src/Specific/solinas32_2e495m31/fesquare.v src/Specific/solinas32_2e495m31/fesquareDisplay.v src/Specific/solinas32_2e495m31/freeze.v src/Specific/solinas32_2e495m31/freezeDisplay.v +src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v +src/Specific/solinas32_2e510m290x2e496m1/Synthesis.v +src/Specific/solinas32_2e510m290x2e496m1/femul.v +src/Specific/solinas32_2e510m290x2e496m1/femulDisplay.v +src/Specific/solinas32_2e510m290x2e496m1/fesquare.v +src/Specific/solinas32_2e510m290x2e496m1/fesquareDisplay.v +src/Specific/solinas32_2e510m290x2e496m1/freeze.v +src/Specific/solinas32_2e510m290x2e496m1/freezeDisplay.v src/Specific/solinas32_2e511m187/CurveParameters.v src/Specific/solinas32_2e511m187/Synthesis.v src/Specific/solinas32_2e511m187/femul.v @@ -2628,6 +2836,14 @@ src/Specific/solinas32_2e511m481/fesquare.v src/Specific/solinas32_2e511m481/fesquareDisplay.v src/Specific/solinas32_2e511m481/freeze.v src/Specific/solinas32_2e511m481/freezeDisplay.v +src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v +src/Specific/solinas32_2e512m491x2e496m1/Synthesis.v +src/Specific/solinas32_2e512m491x2e496m1/femul.v +src/Specific/solinas32_2e512m491x2e496m1/femulDisplay.v +src/Specific/solinas32_2e512m491x2e496m1/fesquare.v +src/Specific/solinas32_2e512m491x2e496m1/fesquareDisplay.v +src/Specific/solinas32_2e512m491x2e496m1/freeze.v +src/Specific/solinas32_2e512m491x2e496m1/freezeDisplay.v src/Specific/solinas32_2e512m569/CurveParameters.v src/Specific/solinas32_2e512m569/Synthesis.v src/Specific/solinas32_2e512m569/femul.v @@ -2820,6 +3036,14 @@ src/Specific/solinas64_2e198m17/fesquare.v src/Specific/solinas64_2e198m17/fesquareDisplay.v src/Specific/solinas64_2e198m17/freeze.v src/Specific/solinas64_2e198m17/freezeDisplay.v +src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v +src/Specific/solinas64_2e205m45x2e198m1/Synthesis.v +src/Specific/solinas64_2e205m45x2e198m1/femul.v +src/Specific/solinas64_2e205m45x2e198m1/femulDisplay.v +src/Specific/solinas64_2e205m45x2e198m1/fesquare.v +src/Specific/solinas64_2e205m45x2e198m1/fesquareDisplay.v +src/Specific/solinas64_2e205m45x2e198m1/freeze.v +src/Specific/solinas64_2e205m45x2e198m1/freezeDisplay.v src/Specific/solinas64_2e206m5/CurveParameters.v src/Specific/solinas64_2e206m5/Synthesis.v src/Specific/solinas64_2e206m5/femul.v @@ -2916,6 +3140,14 @@ src/Specific/solinas64_2e251m9/fesquare.v src/Specific/solinas64_2e251m9/fesquareDisplay.v src/Specific/solinas64_2e251m9/freeze.v src/Specific/solinas64_2e251m9/freezeDisplay.v +src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v +src/Specific/solinas64_2e254m127x2e240m1/Synthesis.v +src/Specific/solinas64_2e254m127x2e240m1/femul.v +src/Specific/solinas64_2e254m127x2e240m1/femulDisplay.v +src/Specific/solinas64_2e254m127x2e240m1/fesquare.v +src/Specific/solinas64_2e254m127x2e240m1/fesquareDisplay.v +src/Specific/solinas64_2e254m127x2e240m1/freeze.v +src/Specific/solinas64_2e254m127x2e240m1/freezeDisplay.v src/Specific/solinas64_2e255m19/CurveParameters.v src/Specific/solinas64_2e255m19/Synthesis.v src/Specific/solinas64_2e255m19/femul.v @@ -2964,6 +3196,14 @@ src/Specific/solinas64_2e256m2e32m977/fesquare.v src/Specific/solinas64_2e256m2e32m977/fesquareDisplay.v src/Specific/solinas64_2e256m2e32m977/freeze.v src/Specific/solinas64_2e256m2e32m977/freezeDisplay.v +src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v +src/Specific/solinas64_2e256m88x2e240m1/Synthesis.v +src/Specific/solinas64_2e256m88x2e240m1/femul.v +src/Specific/solinas64_2e256m88x2e240m1/femulDisplay.v +src/Specific/solinas64_2e256m88x2e240m1/fesquare.v +src/Specific/solinas64_2e256m88x2e240m1/fesquareDisplay.v +src/Specific/solinas64_2e256m88x2e240m1/freeze.v +src/Specific/solinas64_2e256m88x2e240m1/freezeDisplay.v src/Specific/solinas64_2e266m3/CurveParameters.v src/Specific/solinas64_2e266m3/Synthesis.v src/Specific/solinas64_2e266m3/femul.v @@ -3068,6 +3308,22 @@ src/Specific/solinas64_2e384m317/fesquare.v src/Specific/solinas64_2e384m317/fesquareDisplay.v src/Specific/solinas64_2e384m317/freeze.v src/Specific/solinas64_2e384m317/freezeDisplay.v +src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v +src/Specific/solinas64_2e384m5x2e368m1/Synthesis.v +src/Specific/solinas64_2e384m5x2e368m1/femul.v +src/Specific/solinas64_2e384m5x2e368m1/femulDisplay.v +src/Specific/solinas64_2e384m5x2e368m1/fesquare.v +src/Specific/solinas64_2e384m5x2e368m1/fesquareDisplay.v +src/Specific/solinas64_2e384m5x2e368m1/freeze.v +src/Specific/solinas64_2e384m5x2e368m1/freezeDisplay.v +src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v +src/Specific/solinas64_2e384m79x2e376m1/Synthesis.v +src/Specific/solinas64_2e384m79x2e376m1/femul.v +src/Specific/solinas64_2e384m79x2e376m1/femulDisplay.v +src/Specific/solinas64_2e384m79x2e376m1/fesquare.v +src/Specific/solinas64_2e384m79x2e376m1/fesquareDisplay.v +src/Specific/solinas64_2e384m79x2e376m1/freeze.v +src/Specific/solinas64_2e384m79x2e376m1/freezeDisplay.v src/Specific/solinas64_2e401m31/CurveParameters.v src/Specific/solinas64_2e401m31/Synthesis.v src/Specific/solinas64_2e401m31/femul.v @@ -3172,6 +3428,14 @@ src/Specific/solinas64_2e495m31/fesquare.v src/Specific/solinas64_2e495m31/fesquareDisplay.v src/Specific/solinas64_2e495m31/freeze.v src/Specific/solinas64_2e495m31/freezeDisplay.v +src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v +src/Specific/solinas64_2e510m290x2e496m1/Synthesis.v +src/Specific/solinas64_2e510m290x2e496m1/femul.v +src/Specific/solinas64_2e510m290x2e496m1/femulDisplay.v +src/Specific/solinas64_2e510m290x2e496m1/fesquare.v +src/Specific/solinas64_2e510m290x2e496m1/fesquareDisplay.v +src/Specific/solinas64_2e510m290x2e496m1/freeze.v +src/Specific/solinas64_2e510m290x2e496m1/freezeDisplay.v src/Specific/solinas64_2e511m187/CurveParameters.v src/Specific/solinas64_2e511m187/Synthesis.v src/Specific/solinas64_2e511m187/femul.v @@ -3188,6 +3452,14 @@ src/Specific/solinas64_2e511m481/fesquare.v src/Specific/solinas64_2e511m481/fesquareDisplay.v src/Specific/solinas64_2e511m481/freeze.v src/Specific/solinas64_2e511m481/freezeDisplay.v +src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v +src/Specific/solinas64_2e512m491x2e496m1/Synthesis.v +src/Specific/solinas64_2e512m491x2e496m1/femul.v +src/Specific/solinas64_2e512m491x2e496m1/femulDisplay.v +src/Specific/solinas64_2e512m491x2e496m1/fesquare.v +src/Specific/solinas64_2e512m491x2e496m1/fesquareDisplay.v +src/Specific/solinas64_2e512m491x2e496m1/freeze.v +src/Specific/solinas64_2e512m491x2e496m1/freezeDisplay.v src/Specific/solinas64_2e512m569/CurveParameters.v src/Specific/solinas64_2e512m569/Synthesis.v src/Specific/solinas64_2e512m569/femul.v diff --git a/src/Specific/Framework/make_curve.py b/src/Specific/Framework/make_curve.py index 516b67868..65577fec6 100755 --- a/src/Specific/Framework/make_curve.py +++ b/src/Specific/Framework/make_curve.py @@ -29,6 +29,13 @@ def compute_c(modulus_str): ret.append((part, '1')) elif part[:3] == '-2^' and part[3:].isdigit(): ret.append((part[1:], '-1')) + elif len(part.split('*')) == 2: + a, b = part.split("*") + if "^" not in b: + ret.append((part, '1')) + else: + assert(b.replace(' ', '')[:2] == '2^') + ret.append((a.strip(), b.strip())) else: raw_input('Unhandled part: %s' % part) ret = None @@ -53,10 +60,23 @@ def compute_goldilocks(s, c): if two_k != 2 * k: return False return True - +def parse_base(base): + ret = 0 + for term in base.split('+'): + term = term.strip() + if term.isdigit(): + ret += int(term) + elif '.' in term and '/' not in term: + ret += float(term) + elif '/' in term and '.' not in term: + ret += Fraction(term) + else: + raw_input('Unhandled: %s' % term) + assert(False) + return ret def negate_numexpr(expr): - remap = dict([(d, d) for d in '0123456789^ '] + [('-', '+'), ('+', '-')]) + remap = dict([(d, d) for d in '0123456789^* '] + [('-', '+'), ('+', '-')]) return ''.join(remap[ch] for ch in expr) def usage(exitcode=0, errmsg=None): @@ -195,9 +215,9 @@ def make_curve_parameters(parameters): return 'Some %s%s' % (term, scope_string) return term replacements = dict(parameters) - assert(all(ch in '0123456789^+- ' for ch in parameters['modulus'])) + assert(all(ch in '0123456789^+-* ' for ch in parameters['modulus'])) modulus = eval(parameters['modulus'].replace('^', '**')) - base = float(parameters['base']) + base = parse_base(parameters['base']) replacements['reformatted_base'] = reformat_base(parameters['base']) replacements['bitwidth'] = parameters.get('bitwidth', str(compute_bitwidth(base))) bitwidth = int(replacements['bitwidth']) diff --git a/src/Specific/montgomery32_2e127m1/CurveParameters.v b/src/Specific/montgomery32_2e127m1/CurveParameters.v index 6136ed227..9358344c4 100644 --- a/src/Specific/montgomery32_2e127m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e127m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 32; bitwidth := 32; s := 2^127; diff --git a/src/Specific/montgomery32_2e129m25/CurveParameters.v b/src/Specific/montgomery32_2e129m25/CurveParameters.v index e0264fe37..0de9b8ac7 100644 --- a/src/Specific/montgomery32_2e129m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e129m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^129; diff --git a/src/Specific/montgomery32_2e130m5/CurveParameters.v b/src/Specific/montgomery32_2e130m5/CurveParameters.v index ceb6b7a5f..90ebc9870 100644 --- a/src/Specific/montgomery32_2e130m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e130m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^130; diff --git a/src/Specific/montgomery32_2e137m13/CurveParameters.v b/src/Specific/montgomery32_2e137m13/CurveParameters.v index 31d502cba..81688dd25 100644 --- a/src/Specific/montgomery32_2e137m13/CurveParameters.v +++ b/src/Specific/montgomery32_2e137m13/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^137; diff --git a/src/Specific/montgomery32_2e140m27/CurveParameters.v b/src/Specific/montgomery32_2e140m27/CurveParameters.v index 8d7400d1d..6dcc54ffe 100644 --- a/src/Specific/montgomery32_2e140m27/CurveParameters.v +++ b/src/Specific/montgomery32_2e140m27/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^140; diff --git a/src/Specific/montgomery32_2e141m9/CurveParameters.v b/src/Specific/montgomery32_2e141m9/CurveParameters.v index 7aba5803b..2eacbe651 100644 --- a/src/Specific/montgomery32_2e141m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e141m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^141; diff --git a/src/Specific/montgomery32_2e150m3/CurveParameters.v b/src/Specific/montgomery32_2e150m3/CurveParameters.v index df1bd424f..9edb203d5 100644 --- a/src/Specific/montgomery32_2e150m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e150m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^150; diff --git a/src/Specific/montgomery32_2e150m5/CurveParameters.v b/src/Specific/montgomery32_2e150m5/CurveParameters.v index 12c8f87a4..47b5448f1 100644 --- a/src/Specific/montgomery32_2e150m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e150m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^150; diff --git a/src/Specific/montgomery32_2e152m17/CurveParameters.v b/src/Specific/montgomery32_2e152m17/CurveParameters.v index a0c5cf694..60aa65ea7 100644 --- a/src/Specific/montgomery32_2e152m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e152m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^152; diff --git a/src/Specific/montgomery32_2e158m15/CurveParameters.v b/src/Specific/montgomery32_2e158m15/CurveParameters.v index 0f5113951..cf33dacd6 100644 --- a/src/Specific/montgomery32_2e158m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e158m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 32; bitwidth := 32; s := 2^158; diff --git a/src/Specific/montgomery32_2e165m25/CurveParameters.v b/src/Specific/montgomery32_2e165m25/CurveParameters.v index 7025f5e42..799249730 100644 --- a/src/Specific/montgomery32_2e165m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e165m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^165; diff --git a/src/Specific/montgomery32_2e166m5/CurveParameters.v b/src/Specific/montgomery32_2e166m5/CurveParameters.v index 0b3c6a6cd..35b9cfb3f 100644 --- a/src/Specific/montgomery32_2e166m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e166m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^166; diff --git a/src/Specific/montgomery32_2e171m19/CurveParameters.v b/src/Specific/montgomery32_2e171m19/CurveParameters.v index c36112bef..c5e55c2c5 100644 --- a/src/Specific/montgomery32_2e171m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e171m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^171; diff --git a/src/Specific/montgomery32_2e174m17/CurveParameters.v b/src/Specific/montgomery32_2e174m17/CurveParameters.v index 4d5c2d9f7..4e809dd80 100644 --- a/src/Specific/montgomery32_2e174m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e174m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^174; diff --git a/src/Specific/montgomery32_2e174m3/CurveParameters.v b/src/Specific/montgomery32_2e174m3/CurveParameters.v index 086388838..72e1a456c 100644 --- a/src/Specific/montgomery32_2e174m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e174m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^174; diff --git a/src/Specific/montgomery32_2e189m25/CurveParameters.v b/src/Specific/montgomery32_2e189m25/CurveParameters.v index c8989d6b3..961b162ab 100644 --- a/src/Specific/montgomery32_2e189m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e189m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^189; diff --git a/src/Specific/montgomery32_2e190m11/CurveParameters.v b/src/Specific/montgomery32_2e190m11/CurveParameters.v index f93d3067a..c3bff376a 100644 --- a/src/Specific/montgomery32_2e190m11/CurveParameters.v +++ b/src/Specific/montgomery32_2e190m11/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^190; diff --git a/src/Specific/montgomery32_2e191m19/CurveParameters.v b/src/Specific/montgomery32_2e191m19/CurveParameters.v index 9e8e487fe..99631914d 100644 --- a/src/Specific/montgomery32_2e191m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e191m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 32; bitwidth := 32; s := 2^191; diff --git a/src/Specific/montgomery32_2e194m33/CurveParameters.v b/src/Specific/montgomery32_2e194m33/CurveParameters.v index 2a035de9f..e729fef23 100644 --- a/src/Specific/montgomery32_2e194m33/CurveParameters.v +++ b/src/Specific/montgomery32_2e194m33/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^194; diff --git a/src/Specific/montgomery32_2e196m15/CurveParameters.v b/src/Specific/montgomery32_2e196m15/CurveParameters.v index cbd4fa1ca..d0fd04dc4 100644 --- a/src/Specific/montgomery32_2e196m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e196m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^196; diff --git a/src/Specific/montgomery32_2e198m17/CurveParameters.v b/src/Specific/montgomery32_2e198m17/CurveParameters.v index 6a25f2758..c99571090 100644 --- a/src/Specific/montgomery32_2e198m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e198m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^198; diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v b/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v new file mode 100644 index 000000000..1374b29d2 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^205 - 45*2^198 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 7%nat; + base := 32; + bitwidth := 32; + s := 2^205; + c := [(1, 1); (45, 2^198)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/Synthesis.v b/src/Specific/montgomery32_2e205m45x2e198m1/Synthesis.v new file mode 100644 index 000000000..cbcef2a10 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/compiler.sh b/src/Specific/montgomery32_2e205m45x2e198m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/feadd.v b/src/Specific/montgomery32_2e205m45x2e198m1/feadd.v new file mode 100644 index 000000000..d86390d7e --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/feaddDisplay.v b/src/Specific/montgomery32_2e205m45x2e198m1/feaddDisplay.v new file mode 100644 index 000000000..4c141eaa3 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/femul.v b/src/Specific/montgomery32_2e205m45x2e198m1/femul.v new file mode 100644 index 000000000..eb03610f7 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/femulDisplay.v b/src/Specific/montgomery32_2e205m45x2e198m1/femulDisplay.v new file mode 100644 index 000000000..f51bb90df --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/fenz.v b/src/Specific/montgomery32_2e205m45x2e198m1/fenz.v new file mode 100644 index 000000000..dde9441c0 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/fenzDisplay.v b/src/Specific/montgomery32_2e205m45x2e198m1/fenzDisplay.v new file mode 100644 index 000000000..44965faef --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/feopp.v b/src/Specific/montgomery32_2e205m45x2e198m1/feopp.v new file mode 100644 index 000000000..0c0ffd4b8 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/feoppDisplay.v b/src/Specific/montgomery32_2e205m45x2e198m1/feoppDisplay.v new file mode 100644 index 000000000..eba98ca57 --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/fesub.v b/src/Specific/montgomery32_2e205m45x2e198m1/fesub.v new file mode 100644 index 000000000..2b2f35c4d --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e205m45x2e198m1/fesubDisplay.v b/src/Specific/montgomery32_2e205m45x2e198m1/fesubDisplay.v new file mode 100644 index 000000000..643f85d2d --- /dev/null +++ b/src/Specific/montgomery32_2e205m45x2e198m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e205m45x2e198m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e206m5/CurveParameters.v b/src/Specific/montgomery32_2e206m5/CurveParameters.v index 088ed05e0..5caa022a1 100644 --- a/src/Specific/montgomery32_2e206m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e206m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^206; diff --git a/src/Specific/montgomery32_2e212m29/CurveParameters.v b/src/Specific/montgomery32_2e212m29/CurveParameters.v index a6bca7a82..250a9dfa1 100644 --- a/src/Specific/montgomery32_2e212m29/CurveParameters.v +++ b/src/Specific/montgomery32_2e212m29/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^212; diff --git a/src/Specific/montgomery32_2e213m3/CurveParameters.v b/src/Specific/montgomery32_2e213m3/CurveParameters.v index a471ab852..be14f44a4 100644 --- a/src/Specific/montgomery32_2e213m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e213m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^213; diff --git a/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v b/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v index a695673e7..597832cc2 100644 --- a/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e216m2e108m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^216; diff --git a/src/Specific/montgomery32_2e221m3/CurveParameters.v b/src/Specific/montgomery32_2e221m3/CurveParameters.v index 6a77d7443..74772530b 100644 --- a/src/Specific/montgomery32_2e221m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e221m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^221; diff --git a/src/Specific/montgomery32_2e222m117/CurveParameters.v b/src/Specific/montgomery32_2e222m117/CurveParameters.v index c0b8d466c..e3ea52dfc 100644 --- a/src/Specific/montgomery32_2e222m117/CurveParameters.v +++ b/src/Specific/montgomery32_2e222m117/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 32; bitwidth := 32; s := 2^222; diff --git a/src/Specific/montgomery32_2e226m5/CurveParameters.v b/src/Specific/montgomery32_2e226m5/CurveParameters.v index bd36e92f8..9fd618414 100644 --- a/src/Specific/montgomery32_2e226m5/CurveParameters.v +++ b/src/Specific/montgomery32_2e226m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^226; diff --git a/src/Specific/montgomery32_2e230m27/CurveParameters.v b/src/Specific/montgomery32_2e230m27/CurveParameters.v index 8cd75df4e..1a147b65d 100644 --- a/src/Specific/montgomery32_2e230m27/CurveParameters.v +++ b/src/Specific/montgomery32_2e230m27/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^230; diff --git a/src/Specific/montgomery32_2e235m15/CurveParameters.v b/src/Specific/montgomery32_2e235m15/CurveParameters.v index 3fa85530e..4d3b8e5af 100644 --- a/src/Specific/montgomery32_2e235m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e235m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^235; diff --git a/src/Specific/montgomery32_2e243m9/CurveParameters.v b/src/Specific/montgomery32_2e243m9/CurveParameters.v index c51a03964..d2cfa65e9 100644 --- a/src/Specific/montgomery32_2e243m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e243m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^243; diff --git a/src/Specific/montgomery32_2e251m9/CurveParameters.v b/src/Specific/montgomery32_2e251m9/CurveParameters.v index b566f38e9..922013c7e 100644 --- a/src/Specific/montgomery32_2e251m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e251m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^251; diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v b/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v new file mode 100644 index 000000000..e10321c0e --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^254 - 127*2^240 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 32; + bitwidth := 32; + s := 2^254; + c := [(1, 1); (127, 2^240)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/Synthesis.v b/src/Specific/montgomery32_2e254m127x2e240m1/Synthesis.v new file mode 100644 index 000000000..09250bed0 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/compiler.sh b/src/Specific/montgomery32_2e254m127x2e240m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/feadd.v b/src/Specific/montgomery32_2e254m127x2e240m1/feadd.v new file mode 100644 index 000000000..f6105cd33 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/feaddDisplay.v b/src/Specific/montgomery32_2e254m127x2e240m1/feaddDisplay.v new file mode 100644 index 000000000..a1fa65b73 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/femul.v b/src/Specific/montgomery32_2e254m127x2e240m1/femul.v new file mode 100644 index 000000000..bd4fc0b79 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/femulDisplay.v b/src/Specific/montgomery32_2e254m127x2e240m1/femulDisplay.v new file mode 100644 index 000000000..c2e8059e0 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/fenz.v b/src/Specific/montgomery32_2e254m127x2e240m1/fenz.v new file mode 100644 index 000000000..0c866adb2 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/fenzDisplay.v b/src/Specific/montgomery32_2e254m127x2e240m1/fenzDisplay.v new file mode 100644 index 000000000..b15572fac --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/feopp.v b/src/Specific/montgomery32_2e254m127x2e240m1/feopp.v new file mode 100644 index 000000000..5262d3b30 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/feoppDisplay.v b/src/Specific/montgomery32_2e254m127x2e240m1/feoppDisplay.v new file mode 100644 index 000000000..111090a92 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/fesub.v b/src/Specific/montgomery32_2e254m127x2e240m1/fesub.v new file mode 100644 index 000000000..6a43cecb4 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e254m127x2e240m1/fesubDisplay.v b/src/Specific/montgomery32_2e254m127x2e240m1/fesubDisplay.v new file mode 100644 index 000000000..82b7a6c50 --- /dev/null +++ b/src/Specific/montgomery32_2e254m127x2e240m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e254m127x2e240m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e255m19/CurveParameters.v b/src/Specific/montgomery32_2e255m19/CurveParameters.v index 0a3e03d08..882c29b3a 100644 --- a/src/Specific/montgomery32_2e255m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^255; diff --git a/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v index 60fbf139e..967198b0b 100644 --- a/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m2e4m2e1m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^255; diff --git a/src/Specific/montgomery32_2e255m765/CurveParameters.v b/src/Specific/montgomery32_2e255m765/CurveParameters.v index 3d0a72d1e..74934f07d 100644 --- a/src/Specific/montgomery32_2e255m765/CurveParameters.v +++ b/src/Specific/montgomery32_2e255m765/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 32; bitwidth := 32; s := 2^255; diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v b/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v new file mode 100644 index 000000000..59b5f47d2 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^256 - 88*2^240 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 32; + bitwidth := 32; + s := 2^256; + c := [(1, 1); (88, 2^240)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/Synthesis.v b/src/Specific/montgomery32_2e256m88x2e240m1/Synthesis.v new file mode 100644 index 000000000..1c406cb34 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/compiler.sh b/src/Specific/montgomery32_2e256m88x2e240m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/feadd.v b/src/Specific/montgomery32_2e256m88x2e240m1/feadd.v new file mode 100644 index 000000000..0b58fa270 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/feaddDisplay.v b/src/Specific/montgomery32_2e256m88x2e240m1/feaddDisplay.v new file mode 100644 index 000000000..d78b78c7b --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/femul.v b/src/Specific/montgomery32_2e256m88x2e240m1/femul.v new file mode 100644 index 000000000..0ac609744 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/femulDisplay.v b/src/Specific/montgomery32_2e256m88x2e240m1/femulDisplay.v new file mode 100644 index 000000000..04216dd82 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/fenz.v b/src/Specific/montgomery32_2e256m88x2e240m1/fenz.v new file mode 100644 index 000000000..b30307e39 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/fenzDisplay.v b/src/Specific/montgomery32_2e256m88x2e240m1/fenzDisplay.v new file mode 100644 index 000000000..e1615f8cb --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/feopp.v b/src/Specific/montgomery32_2e256m88x2e240m1/feopp.v new file mode 100644 index 000000000..358cbf783 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/feoppDisplay.v b/src/Specific/montgomery32_2e256m88x2e240m1/feoppDisplay.v new file mode 100644 index 000000000..0829b99d2 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/fesub.v b/src/Specific/montgomery32_2e256m88x2e240m1/fesub.v new file mode 100644 index 000000000..20ee713da --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e256m88x2e240m1/fesubDisplay.v b/src/Specific/montgomery32_2e256m88x2e240m1/fesubDisplay.v new file mode 100644 index 000000000..68fa56507 --- /dev/null +++ b/src/Specific/montgomery32_2e256m88x2e240m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e256m88x2e240m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e266m3/CurveParameters.v b/src/Specific/montgomery32_2e266m3/CurveParameters.v index f44e38151..b3c5bdf84 100644 --- a/src/Specific/montgomery32_2e266m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e266m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 8%nat; + sz := 9%nat; base := 32; bitwidth := 32; s := 2^266; diff --git a/src/Specific/montgomery32_2e285m9/CurveParameters.v b/src/Specific/montgomery32_2e285m9/CurveParameters.v index 1f89bdf96..e64ebee61 100644 --- a/src/Specific/montgomery32_2e285m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e285m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 8%nat; + sz := 9%nat; base := 32; bitwidth := 32; s := 2^285; diff --git a/src/Specific/montgomery32_2e291m19/CurveParameters.v b/src/Specific/montgomery32_2e291m19/CurveParameters.v index f26d12d8f..dd118d9a6 100644 --- a/src/Specific/montgomery32_2e291m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e291m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 9%nat; + sz := 10%nat; base := 32; bitwidth := 32; s := 2^291; diff --git a/src/Specific/montgomery32_2e321m9/CurveParameters.v b/src/Specific/montgomery32_2e321m9/CurveParameters.v index 67708c2ea..7f94ff4b1 100644 --- a/src/Specific/montgomery32_2e321m9/CurveParameters.v +++ b/src/Specific/montgomery32_2e321m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 10%nat; + sz := 11%nat; base := 32; bitwidth := 32; s := 2^321; diff --git a/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v b/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v index 85f5f62eb..00d733c0f 100644 --- a/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e322m2e161m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 10%nat; + sz := 11%nat; base := 32; bitwidth := 32; s := 2^322; diff --git a/src/Specific/montgomery32_2e336m17/CurveParameters.v b/src/Specific/montgomery32_2e336m17/CurveParameters.v index 18912be80..034efd61e 100644 --- a/src/Specific/montgomery32_2e336m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e336m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 10%nat; + sz := 11%nat; base := 32; bitwidth := 32; s := 2^336; diff --git a/src/Specific/montgomery32_2e336m3/CurveParameters.v b/src/Specific/montgomery32_2e336m3/CurveParameters.v index 074daa69f..60b2a8d4c 100644 --- a/src/Specific/montgomery32_2e336m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e336m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 10%nat; + sz := 11%nat; base := 32; bitwidth := 32; s := 2^336; diff --git a/src/Specific/montgomery32_2e338m15/CurveParameters.v b/src/Specific/montgomery32_2e338m15/CurveParameters.v index e67a76c36..0b7d98635 100644 --- a/src/Specific/montgomery32_2e338m15/CurveParameters.v +++ b/src/Specific/montgomery32_2e338m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 10%nat; + sz := 11%nat; base := 32; bitwidth := 32; s := 2^338; diff --git a/src/Specific/montgomery32_2e369m25/CurveParameters.v b/src/Specific/montgomery32_2e369m25/CurveParameters.v index ee4541b67..cf91eb0eb 100644 --- a/src/Specific/montgomery32_2e369m25/CurveParameters.v +++ b/src/Specific/montgomery32_2e369m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^369; diff --git a/src/Specific/montgomery32_2e379m19/CurveParameters.v b/src/Specific/montgomery32_2e379m19/CurveParameters.v index 1a6df497b..df019d336 100644 --- a/src/Specific/montgomery32_2e379m19/CurveParameters.v +++ b/src/Specific/montgomery32_2e379m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^379; diff --git a/src/Specific/montgomery32_2e382m105/CurveParameters.v b/src/Specific/montgomery32_2e382m105/CurveParameters.v index 909604998..10a96fec5 100644 --- a/src/Specific/montgomery32_2e382m105/CurveParameters.v +++ b/src/Specific/montgomery32_2e382m105/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^382; diff --git a/src/Specific/montgomery32_2e383m187/CurveParameters.v b/src/Specific/montgomery32_2e383m187/CurveParameters.v index b72d17dd6..fcb68dcf1 100644 --- a/src/Specific/montgomery32_2e383m187/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m187/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^383; diff --git a/src/Specific/montgomery32_2e383m31/CurveParameters.v b/src/Specific/montgomery32_2e383m31/CurveParameters.v index aebd3d049..80cb76575 100644 --- a/src/Specific/montgomery32_2e383m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^383; diff --git a/src/Specific/montgomery32_2e383m421/CurveParameters.v b/src/Specific/montgomery32_2e383m421/CurveParameters.v index f566ed3be..527fd372c 100644 --- a/src/Specific/montgomery32_2e383m421/CurveParameters.v +++ b/src/Specific/montgomery32_2e383m421/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 11%nat; + sz := 12%nat; base := 32; bitwidth := 32; s := 2^383; diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v b/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v new file mode 100644 index 000000000..80a370bd9 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 5*2^368 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 12%nat; + base := 32; + bitwidth := 32; + s := 2^384; + c := [(1, 1); (5, 2^368)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/Synthesis.v b/src/Specific/montgomery32_2e384m5x2e368m1/Synthesis.v new file mode 100644 index 000000000..dede29556 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/compiler.sh b/src/Specific/montgomery32_2e384m5x2e368m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/feadd.v b/src/Specific/montgomery32_2e384m5x2e368m1/feadd.v new file mode 100644 index 000000000..e7a20f7a5 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/feaddDisplay.v b/src/Specific/montgomery32_2e384m5x2e368m1/feaddDisplay.v new file mode 100644 index 000000000..7719b0841 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/femul.v b/src/Specific/montgomery32_2e384m5x2e368m1/femul.v new file mode 100644 index 000000000..cbaf2badf --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/femulDisplay.v b/src/Specific/montgomery32_2e384m5x2e368m1/femulDisplay.v new file mode 100644 index 000000000..1d94e70f9 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/fenz.v b/src/Specific/montgomery32_2e384m5x2e368m1/fenz.v new file mode 100644 index 000000000..3ba70df87 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/fenzDisplay.v b/src/Specific/montgomery32_2e384m5x2e368m1/fenzDisplay.v new file mode 100644 index 000000000..3fc994228 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/feopp.v b/src/Specific/montgomery32_2e384m5x2e368m1/feopp.v new file mode 100644 index 000000000..abef621b8 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/feoppDisplay.v b/src/Specific/montgomery32_2e384m5x2e368m1/feoppDisplay.v new file mode 100644 index 000000000..c58f46f7d --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/fesub.v b/src/Specific/montgomery32_2e384m5x2e368m1/fesub.v new file mode 100644 index 000000000..e91ae2ac2 --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e384m5x2e368m1/fesubDisplay.v b/src/Specific/montgomery32_2e384m5x2e368m1/fesubDisplay.v new file mode 100644 index 000000000..768f257ec --- /dev/null +++ b/src/Specific/montgomery32_2e384m5x2e368m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m5x2e368m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v b/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v new file mode 100644 index 000000000..b5ca90018 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 79*2^376 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 12%nat; + base := 32; + bitwidth := 32; + s := 2^384; + c := [(1, 1); (79, 2^376)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/Synthesis.v b/src/Specific/montgomery32_2e384m79x2e376m1/Synthesis.v new file mode 100644 index 000000000..d2b4caae3 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/compiler.sh b/src/Specific/montgomery32_2e384m79x2e376m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/feadd.v b/src/Specific/montgomery32_2e384m79x2e376m1/feadd.v new file mode 100644 index 000000000..45c9b6c77 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/feaddDisplay.v b/src/Specific/montgomery32_2e384m79x2e376m1/feaddDisplay.v new file mode 100644 index 000000000..c07999d5d --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/femul.v b/src/Specific/montgomery32_2e384m79x2e376m1/femul.v new file mode 100644 index 000000000..af5ef7399 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/femulDisplay.v b/src/Specific/montgomery32_2e384m79x2e376m1/femulDisplay.v new file mode 100644 index 000000000..26b3b9e59 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/fenz.v b/src/Specific/montgomery32_2e384m79x2e376m1/fenz.v new file mode 100644 index 000000000..b16b05c16 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/fenzDisplay.v b/src/Specific/montgomery32_2e384m79x2e376m1/fenzDisplay.v new file mode 100644 index 000000000..0a9cce4e9 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/feopp.v b/src/Specific/montgomery32_2e384m79x2e376m1/feopp.v new file mode 100644 index 000000000..a0fbc526c --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/feoppDisplay.v b/src/Specific/montgomery32_2e384m79x2e376m1/feoppDisplay.v new file mode 100644 index 000000000..0e037953b --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/fesub.v b/src/Specific/montgomery32_2e384m79x2e376m1/fesub.v new file mode 100644 index 000000000..fa7e16232 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e384m79x2e376m1/fesubDisplay.v b/src/Specific/montgomery32_2e384m79x2e376m1/fesubDisplay.v new file mode 100644 index 000000000..cf18b0d71 --- /dev/null +++ b/src/Specific/montgomery32_2e384m79x2e376m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e384m79x2e376m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e389m21/CurveParameters.v b/src/Specific/montgomery32_2e389m21/CurveParameters.v index 210aa7fba..5523a6892 100644 --- a/src/Specific/montgomery32_2e389m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e389m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 12%nat; + sz := 13%nat; base := 32; bitwidth := 32; s := 2^389; diff --git a/src/Specific/montgomery32_2e401m31/CurveParameters.v b/src/Specific/montgomery32_2e401m31/CurveParameters.v index f4e7012c7..841a2f256 100644 --- a/src/Specific/montgomery32_2e401m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e401m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 12%nat; + sz := 13%nat; base := 32; bitwidth := 32; s := 2^401; diff --git a/src/Specific/montgomery32_2e413m21/CurveParameters.v b/src/Specific/montgomery32_2e413m21/CurveParameters.v index 532d6f952..1225f0a9e 100644 --- a/src/Specific/montgomery32_2e413m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e413m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 12%nat; + sz := 13%nat; base := 32; bitwidth := 32; s := 2^413; diff --git a/src/Specific/montgomery32_2e414m17/CurveParameters.v b/src/Specific/montgomery32_2e414m17/CurveParameters.v index a798c53fb..cff72e949 100644 --- a/src/Specific/montgomery32_2e414m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e414m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 12%nat; + sz := 13%nat; base := 32; bitwidth := 32; s := 2^414; diff --git a/src/Specific/montgomery32_2e444m17/CurveParameters.v b/src/Specific/montgomery32_2e444m17/CurveParameters.v index e30dc6ee2..59605f566 100644 --- a/src/Specific/montgomery32_2e444m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e444m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 13%nat; + sz := 14%nat; base := 32; bitwidth := 32; s := 2^444; diff --git a/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v b/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v index 2ce8dbb80..ee95aec46 100644 --- a/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e450m2e225m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 14%nat; + sz := 15%nat; base := 32; bitwidth := 32; s := 2^450; diff --git a/src/Specific/montgomery32_2e452m3/CurveParameters.v b/src/Specific/montgomery32_2e452m3/CurveParameters.v index bfac593c2..718c3cd2f 100644 --- a/src/Specific/montgomery32_2e452m3/CurveParameters.v +++ b/src/Specific/montgomery32_2e452m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 14%nat; + sz := 15%nat; base := 32; bitwidth := 32; s := 2^452; diff --git a/src/Specific/montgomery32_2e468m17/CurveParameters.v b/src/Specific/montgomery32_2e468m17/CurveParameters.v index 1ff5d433d..8aab9ab47 100644 --- a/src/Specific/montgomery32_2e468m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e468m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 14%nat; + sz := 15%nat; base := 32; bitwidth := 32; s := 2^468; diff --git a/src/Specific/montgomery32_2e488m17/CurveParameters.v b/src/Specific/montgomery32_2e488m17/CurveParameters.v index a392806d2..b65ca3f1f 100644 --- a/src/Specific/montgomery32_2e488m17/CurveParameters.v +++ b/src/Specific/montgomery32_2e488m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 15%nat; + sz := 16%nat; base := 32; bitwidth := 32; s := 2^488; diff --git a/src/Specific/montgomery32_2e489m21/CurveParameters.v b/src/Specific/montgomery32_2e489m21/CurveParameters.v index 7aa49d3c8..000a49072 100644 --- a/src/Specific/montgomery32_2e489m21/CurveParameters.v +++ b/src/Specific/montgomery32_2e489m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 15%nat; + sz := 16%nat; base := 32; bitwidth := 32; s := 2^489; diff --git a/src/Specific/montgomery32_2e495m31/CurveParameters.v b/src/Specific/montgomery32_2e495m31/CurveParameters.v index d366176e4..42089566c 100644 --- a/src/Specific/montgomery32_2e495m31/CurveParameters.v +++ b/src/Specific/montgomery32_2e495m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 15%nat; + sz := 16%nat; base := 32; bitwidth := 32; s := 2^495; diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v b/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v new file mode 100644 index 000000000..514249c20 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^510 - 290*2^496 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 16%nat; + base := 32; + bitwidth := 32; + s := 2^510; + c := [(1, 1); (290, 2^496)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/Synthesis.v b/src/Specific/montgomery32_2e510m290x2e496m1/Synthesis.v new file mode 100644 index 000000000..115f65f85 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/compiler.sh b/src/Specific/montgomery32_2e510m290x2e496m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/feadd.v b/src/Specific/montgomery32_2e510m290x2e496m1/feadd.v new file mode 100644 index 000000000..b50364d80 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/feaddDisplay.v b/src/Specific/montgomery32_2e510m290x2e496m1/feaddDisplay.v new file mode 100644 index 000000000..42fab026b --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/femul.v b/src/Specific/montgomery32_2e510m290x2e496m1/femul.v new file mode 100644 index 000000000..ea131cf07 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/femulDisplay.v b/src/Specific/montgomery32_2e510m290x2e496m1/femulDisplay.v new file mode 100644 index 000000000..d5eb0eb90 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/fenz.v b/src/Specific/montgomery32_2e510m290x2e496m1/fenz.v new file mode 100644 index 000000000..c903453fb --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/fenzDisplay.v b/src/Specific/montgomery32_2e510m290x2e496m1/fenzDisplay.v new file mode 100644 index 000000000..f4af5a52e --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/feopp.v b/src/Specific/montgomery32_2e510m290x2e496m1/feopp.v new file mode 100644 index 000000000..9986b1840 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/feoppDisplay.v b/src/Specific/montgomery32_2e510m290x2e496m1/feoppDisplay.v new file mode 100644 index 000000000..6d256d884 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/fesub.v b/src/Specific/montgomery32_2e510m290x2e496m1/fesub.v new file mode 100644 index 000000000..d211bb244 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e510m290x2e496m1/fesubDisplay.v b/src/Specific/montgomery32_2e510m290x2e496m1/fesubDisplay.v new file mode 100644 index 000000000..1cf2015f3 --- /dev/null +++ b/src/Specific/montgomery32_2e510m290x2e496m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e510m290x2e496m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e511m187/CurveParameters.v b/src/Specific/montgomery32_2e511m187/CurveParameters.v index e60e97107..5858be101 100644 --- a/src/Specific/montgomery32_2e511m187/CurveParameters.v +++ b/src/Specific/montgomery32_2e511m187/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 15%nat; + sz := 16%nat; base := 32; bitwidth := 32; s := 2^511; diff --git a/src/Specific/montgomery32_2e511m481/CurveParameters.v b/src/Specific/montgomery32_2e511m481/CurveParameters.v index edafe1df8..b7a052497 100644 --- a/src/Specific/montgomery32_2e511m481/CurveParameters.v +++ b/src/Specific/montgomery32_2e511m481/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 15%nat; + sz := 16%nat; base := 32; bitwidth := 32; s := 2^511; diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v b/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v new file mode 100644 index 000000000..0c5c7fd7f --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^512 - 491*2^496 - 1 +Base: 32 +***) + +Definition curve : CurveParameters := + {| + sz := 16%nat; + base := 32; + bitwidth := 32; + s := 2^512; + c := [(1, 1); (491, 2^496)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/Synthesis.v b/src/Specific/montgomery32_2e512m491x2e496m1/Synthesis.v new file mode 100644 index 000000000..51b8f9154 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/compiler.sh b/src/Specific/montgomery32_2e512m491x2e496m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/feadd.v b/src/Specific/montgomery32_2e512m491x2e496m1/feadd.v new file mode 100644 index 000000000..1d430bd46 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/feaddDisplay.v b/src/Specific/montgomery32_2e512m491x2e496m1/feaddDisplay.v new file mode 100644 index 000000000..460690c74 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/femul.v b/src/Specific/montgomery32_2e512m491x2e496m1/femul.v new file mode 100644 index 000000000..5868f1b36 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/femulDisplay.v b/src/Specific/montgomery32_2e512m491x2e496m1/femulDisplay.v new file mode 100644 index 000000000..2c6358662 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/fenz.v b/src/Specific/montgomery32_2e512m491x2e496m1/fenz.v new file mode 100644 index 000000000..3281825dd --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/fenzDisplay.v b/src/Specific/montgomery32_2e512m491x2e496m1/fenzDisplay.v new file mode 100644 index 000000000..3c83807fd --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/feopp.v b/src/Specific/montgomery32_2e512m491x2e496m1/feopp.v new file mode 100644 index 000000000..eae422448 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/feoppDisplay.v b/src/Specific/montgomery32_2e512m491x2e496m1/feoppDisplay.v new file mode 100644 index 000000000..bd08d0f97 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/fesub.v b/src/Specific/montgomery32_2e512m491x2e496m1/fesub.v new file mode 100644 index 000000000..60949983b --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery32_2e512m491x2e496m1/fesubDisplay.v b/src/Specific/montgomery32_2e512m491x2e496m1/fesubDisplay.v new file mode 100644 index 000000000..b6c2cf4e4 --- /dev/null +++ b/src/Specific/montgomery32_2e512m491x2e496m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery32_2e512m491x2e496m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery32_2e521m1/CurveParameters.v b/src/Specific/montgomery32_2e521m1/CurveParameters.v index 1fc41b51e..74e1cdbba 100644 --- a/src/Specific/montgomery32_2e521m1/CurveParameters.v +++ b/src/Specific/montgomery32_2e521m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 32 Definition curve : CurveParameters := {| - sz := 16%nat; + sz := 17%nat; base := 32; bitwidth := 32; s := 2^521; diff --git a/src/Specific/montgomery64_2e127m1/CurveParameters.v b/src/Specific/montgomery64_2e127m1/CurveParameters.v index 3cff26742..05d6ceec8 100644 --- a/src/Specific/montgomery64_2e127m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e127m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 1%nat; + sz := 2%nat; base := 64; bitwidth := 64; s := 2^127; diff --git a/src/Specific/montgomery64_2e129m25/CurveParameters.v b/src/Specific/montgomery64_2e129m25/CurveParameters.v index da08712b9..b4e53def3 100644 --- a/src/Specific/montgomery64_2e129m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e129m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^129; diff --git a/src/Specific/montgomery64_2e130m5/CurveParameters.v b/src/Specific/montgomery64_2e130m5/CurveParameters.v index 3cbce9b48..385d82ef4 100644 --- a/src/Specific/montgomery64_2e130m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e130m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^130; diff --git a/src/Specific/montgomery64_2e137m13/CurveParameters.v b/src/Specific/montgomery64_2e137m13/CurveParameters.v index 33aa6f0d3..ea86a2f32 100644 --- a/src/Specific/montgomery64_2e137m13/CurveParameters.v +++ b/src/Specific/montgomery64_2e137m13/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^137; diff --git a/src/Specific/montgomery64_2e140m27/CurveParameters.v b/src/Specific/montgomery64_2e140m27/CurveParameters.v index 695e6b715..189d6e0c5 100644 --- a/src/Specific/montgomery64_2e140m27/CurveParameters.v +++ b/src/Specific/montgomery64_2e140m27/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^140; diff --git a/src/Specific/montgomery64_2e141m9/CurveParameters.v b/src/Specific/montgomery64_2e141m9/CurveParameters.v index 7995a342c..a220ad508 100644 --- a/src/Specific/montgomery64_2e141m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e141m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^141; diff --git a/src/Specific/montgomery64_2e150m3/CurveParameters.v b/src/Specific/montgomery64_2e150m3/CurveParameters.v index 50d5f8712..70548247f 100644 --- a/src/Specific/montgomery64_2e150m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e150m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^150; diff --git a/src/Specific/montgomery64_2e150m5/CurveParameters.v b/src/Specific/montgomery64_2e150m5/CurveParameters.v index 52fa3e568..35159c919 100644 --- a/src/Specific/montgomery64_2e150m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e150m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^150; diff --git a/src/Specific/montgomery64_2e152m17/CurveParameters.v b/src/Specific/montgomery64_2e152m17/CurveParameters.v index b1a43d05e..5f49999b8 100644 --- a/src/Specific/montgomery64_2e152m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e152m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^152; diff --git a/src/Specific/montgomery64_2e158m15/CurveParameters.v b/src/Specific/montgomery64_2e158m15/CurveParameters.v index 9ac621b75..975e10e4b 100644 --- a/src/Specific/montgomery64_2e158m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e158m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^158; diff --git a/src/Specific/montgomery64_2e165m25/CurveParameters.v b/src/Specific/montgomery64_2e165m25/CurveParameters.v index 7367f1917..ad381ca7b 100644 --- a/src/Specific/montgomery64_2e165m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e165m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^165; diff --git a/src/Specific/montgomery64_2e166m5/CurveParameters.v b/src/Specific/montgomery64_2e166m5/CurveParameters.v index e4eb3863a..0f60a6f9d 100644 --- a/src/Specific/montgomery64_2e166m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e166m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^166; diff --git a/src/Specific/montgomery64_2e171m19/CurveParameters.v b/src/Specific/montgomery64_2e171m19/CurveParameters.v index 12a53ed35..5d4127e80 100644 --- a/src/Specific/montgomery64_2e171m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e171m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^171; diff --git a/src/Specific/montgomery64_2e174m17/CurveParameters.v b/src/Specific/montgomery64_2e174m17/CurveParameters.v index a642cc5f9..e945a542d 100644 --- a/src/Specific/montgomery64_2e174m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e174m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^174; diff --git a/src/Specific/montgomery64_2e174m3/CurveParameters.v b/src/Specific/montgomery64_2e174m3/CurveParameters.v index c7cfe5599..da956623d 100644 --- a/src/Specific/montgomery64_2e174m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e174m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^174; diff --git a/src/Specific/montgomery64_2e189m25/CurveParameters.v b/src/Specific/montgomery64_2e189m25/CurveParameters.v index cc2f90097..9405615e6 100644 --- a/src/Specific/montgomery64_2e189m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e189m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^189; diff --git a/src/Specific/montgomery64_2e190m11/CurveParameters.v b/src/Specific/montgomery64_2e190m11/CurveParameters.v index 2f12f5ada..40bfdccce 100644 --- a/src/Specific/montgomery64_2e190m11/CurveParameters.v +++ b/src/Specific/montgomery64_2e190m11/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^190; diff --git a/src/Specific/montgomery64_2e191m19/CurveParameters.v b/src/Specific/montgomery64_2e191m19/CurveParameters.v index f598649f4..e556c2673 100644 --- a/src/Specific/montgomery64_2e191m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e191m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 2%nat; + sz := 3%nat; base := 64; bitwidth := 64; s := 2^191; diff --git a/src/Specific/montgomery64_2e194m33/CurveParameters.v b/src/Specific/montgomery64_2e194m33/CurveParameters.v index 1ee1f898c..42c580827 100644 --- a/src/Specific/montgomery64_2e194m33/CurveParameters.v +++ b/src/Specific/montgomery64_2e194m33/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^194; diff --git a/src/Specific/montgomery64_2e196m15/CurveParameters.v b/src/Specific/montgomery64_2e196m15/CurveParameters.v index dd98299e3..560e03f67 100644 --- a/src/Specific/montgomery64_2e196m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e196m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^196; diff --git a/src/Specific/montgomery64_2e198m17/CurveParameters.v b/src/Specific/montgomery64_2e198m17/CurveParameters.v index b4c22eee4..a197820b8 100644 --- a/src/Specific/montgomery64_2e198m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e198m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^198; diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v b/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v new file mode 100644 index 000000000..68dc729ec --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^205 - 45*2^198 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 4%nat; + base := 64; + bitwidth := 64; + s := 2^205; + c := [(1, 1); (45, 2^198)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/Synthesis.v b/src/Specific/montgomery64_2e205m45x2e198m1/Synthesis.v new file mode 100644 index 000000000..c198f878c --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/compiler.sh b/src/Specific/montgomery64_2e205m45x2e198m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/feadd.v b/src/Specific/montgomery64_2e205m45x2e198m1/feadd.v new file mode 100644 index 000000000..1045be305 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/feaddDisplay.v b/src/Specific/montgomery64_2e205m45x2e198m1/feaddDisplay.v new file mode 100644 index 000000000..ec3b10113 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/femul.v b/src/Specific/montgomery64_2e205m45x2e198m1/femul.v new file mode 100644 index 000000000..93a255403 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/femulDisplay.v b/src/Specific/montgomery64_2e205m45x2e198m1/femulDisplay.v new file mode 100644 index 000000000..6db9ed501 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/fenz.v b/src/Specific/montgomery64_2e205m45x2e198m1/fenz.v new file mode 100644 index 000000000..14dd318e7 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/fenzDisplay.v b/src/Specific/montgomery64_2e205m45x2e198m1/fenzDisplay.v new file mode 100644 index 000000000..53a37a651 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/feopp.v b/src/Specific/montgomery64_2e205m45x2e198m1/feopp.v new file mode 100644 index 000000000..29491a2e4 --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/feoppDisplay.v b/src/Specific/montgomery64_2e205m45x2e198m1/feoppDisplay.v new file mode 100644 index 000000000..b1cd7c97e --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/fesub.v b/src/Specific/montgomery64_2e205m45x2e198m1/fesub.v new file mode 100644 index 000000000..2baac31cc --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e205m45x2e198m1/fesubDisplay.v b/src/Specific/montgomery64_2e205m45x2e198m1/fesubDisplay.v new file mode 100644 index 000000000..5777d734a --- /dev/null +++ b/src/Specific/montgomery64_2e205m45x2e198m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e205m45x2e198m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e206m5/CurveParameters.v b/src/Specific/montgomery64_2e206m5/CurveParameters.v index 0e9f3ce8f..91b8c200a 100644 --- a/src/Specific/montgomery64_2e206m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e206m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^206; diff --git a/src/Specific/montgomery64_2e212m29/CurveParameters.v b/src/Specific/montgomery64_2e212m29/CurveParameters.v index 917d26e1d..e7d74a534 100644 --- a/src/Specific/montgomery64_2e212m29/CurveParameters.v +++ b/src/Specific/montgomery64_2e212m29/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^212; diff --git a/src/Specific/montgomery64_2e213m3/CurveParameters.v b/src/Specific/montgomery64_2e213m3/CurveParameters.v index 2b8116172..d83449084 100644 --- a/src/Specific/montgomery64_2e213m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e213m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^213; diff --git a/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v b/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v index 87eea5950..3366cd3e6 100644 --- a/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e216m2e108m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^216; diff --git a/src/Specific/montgomery64_2e221m3/CurveParameters.v b/src/Specific/montgomery64_2e221m3/CurveParameters.v index 07eb471a4..60f7c5a2e 100644 --- a/src/Specific/montgomery64_2e221m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e221m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^221; diff --git a/src/Specific/montgomery64_2e222m117/CurveParameters.v b/src/Specific/montgomery64_2e222m117/CurveParameters.v index 12197d8c1..156ccf613 100644 --- a/src/Specific/montgomery64_2e222m117/CurveParameters.v +++ b/src/Specific/montgomery64_2e222m117/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^222; diff --git a/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v b/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v index a67a6fa82..1fdcb24b4 100644 --- a/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/montgomery64_2e224m2e96p1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^224; diff --git a/src/Specific/montgomery64_2e226m5/CurveParameters.v b/src/Specific/montgomery64_2e226m5/CurveParameters.v index 1d44e7e4d..90c368aa2 100644 --- a/src/Specific/montgomery64_2e226m5/CurveParameters.v +++ b/src/Specific/montgomery64_2e226m5/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^226; diff --git a/src/Specific/montgomery64_2e230m27/CurveParameters.v b/src/Specific/montgomery64_2e230m27/CurveParameters.v index 4ab77e91b..97753996c 100644 --- a/src/Specific/montgomery64_2e230m27/CurveParameters.v +++ b/src/Specific/montgomery64_2e230m27/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^230; diff --git a/src/Specific/montgomery64_2e235m15/CurveParameters.v b/src/Specific/montgomery64_2e235m15/CurveParameters.v index fbedeca2c..808fef04d 100644 --- a/src/Specific/montgomery64_2e235m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e235m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^235; diff --git a/src/Specific/montgomery64_2e243m9/CurveParameters.v b/src/Specific/montgomery64_2e243m9/CurveParameters.v index e8b538f70..1e5668ddb 100644 --- a/src/Specific/montgomery64_2e243m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e243m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^243; diff --git a/src/Specific/montgomery64_2e251m9/CurveParameters.v b/src/Specific/montgomery64_2e251m9/CurveParameters.v index 09e295c46..0bba1c9dd 100644 --- a/src/Specific/montgomery64_2e251m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e251m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^251; diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v new file mode 100644 index 000000000..2b3ff956e --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^254 - 127*2^240 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 4%nat; + base := 64; + bitwidth := 64; + s := 2^254; + c := [(1, 1); (127, 2^240)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/Synthesis.v b/src/Specific/montgomery64_2e254m127x2e240m1/Synthesis.v new file mode 100644 index 000000000..1aa2b7692 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/compiler.sh b/src/Specific/montgomery64_2e254m127x2e240m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/feadd.v b/src/Specific/montgomery64_2e254m127x2e240m1/feadd.v new file mode 100644 index 000000000..bddc46a1b --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/feaddDisplay.v b/src/Specific/montgomery64_2e254m127x2e240m1/feaddDisplay.v new file mode 100644 index 000000000..cb29439e7 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/femul.v b/src/Specific/montgomery64_2e254m127x2e240m1/femul.v new file mode 100644 index 000000000..c6efa7dd9 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/femulDisplay.v b/src/Specific/montgomery64_2e254m127x2e240m1/femulDisplay.v new file mode 100644 index 000000000..bb8bea612 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/fenz.v b/src/Specific/montgomery64_2e254m127x2e240m1/fenz.v new file mode 100644 index 000000000..ce858bfe8 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/fenzDisplay.v b/src/Specific/montgomery64_2e254m127x2e240m1/fenzDisplay.v new file mode 100644 index 000000000..b0b68222e --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/feopp.v b/src/Specific/montgomery64_2e254m127x2e240m1/feopp.v new file mode 100644 index 000000000..4f483a326 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/feoppDisplay.v b/src/Specific/montgomery64_2e254m127x2e240m1/feoppDisplay.v new file mode 100644 index 000000000..18ca1f058 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/fesub.v b/src/Specific/montgomery64_2e254m127x2e240m1/fesub.v new file mode 100644 index 000000000..6ac290273 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e254m127x2e240m1/fesubDisplay.v b/src/Specific/montgomery64_2e254m127x2e240m1/fesubDisplay.v new file mode 100644 index 000000000..c07cc5418 --- /dev/null +++ b/src/Specific/montgomery64_2e254m127x2e240m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e254m127x2e240m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e255m19/CurveParameters.v b/src/Specific/montgomery64_2e255m19/CurveParameters.v index 0f1bd8d29..a73e8697a 100644 --- a/src/Specific/montgomery64_2e255m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^255; diff --git a/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v index 1a8b1666a..846d4ef6c 100644 --- a/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m2e4m2e1m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^255; diff --git a/src/Specific/montgomery64_2e255m765/CurveParameters.v b/src/Specific/montgomery64_2e255m765/CurveParameters.v index 4b2cff902..43a5a2b86 100644 --- a/src/Specific/montgomery64_2e255m765/CurveParameters.v +++ b/src/Specific/montgomery64_2e255m765/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 3%nat; + sz := 4%nat; base := 64; bitwidth := 64; s := 2^255; diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v new file mode 100644 index 000000000..14d4c1f61 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^256 - 88*2^240 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 4%nat; + base := 64; + bitwidth := 64; + s := 2^256; + c := [(1, 1); (88, 2^240)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/Synthesis.v b/src/Specific/montgomery64_2e256m88x2e240m1/Synthesis.v new file mode 100644 index 000000000..069b57489 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/compiler.sh b/src/Specific/montgomery64_2e256m88x2e240m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/feadd.v b/src/Specific/montgomery64_2e256m88x2e240m1/feadd.v new file mode 100644 index 000000000..78de5132f --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/feaddDisplay.v b/src/Specific/montgomery64_2e256m88x2e240m1/feaddDisplay.v new file mode 100644 index 000000000..05619777d --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/femul.v b/src/Specific/montgomery64_2e256m88x2e240m1/femul.v new file mode 100644 index 000000000..d45c60a18 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/femulDisplay.v b/src/Specific/montgomery64_2e256m88x2e240m1/femulDisplay.v new file mode 100644 index 000000000..1ccf63479 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/fenz.v b/src/Specific/montgomery64_2e256m88x2e240m1/fenz.v new file mode 100644 index 000000000..4cc5e7310 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/fenzDisplay.v b/src/Specific/montgomery64_2e256m88x2e240m1/fenzDisplay.v new file mode 100644 index 000000000..1f5b5dfb2 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/feopp.v b/src/Specific/montgomery64_2e256m88x2e240m1/feopp.v new file mode 100644 index 000000000..eefd74f09 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/feoppDisplay.v b/src/Specific/montgomery64_2e256m88x2e240m1/feoppDisplay.v new file mode 100644 index 000000000..2a2a21595 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/fesub.v b/src/Specific/montgomery64_2e256m88x2e240m1/fesub.v new file mode 100644 index 000000000..d9b9289c3 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e256m88x2e240m1/fesubDisplay.v b/src/Specific/montgomery64_2e256m88x2e240m1/fesubDisplay.v new file mode 100644 index 000000000..d6e0dc6c1 --- /dev/null +++ b/src/Specific/montgomery64_2e256m88x2e240m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e256m88x2e240m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e266m3/CurveParameters.v b/src/Specific/montgomery64_2e266m3/CurveParameters.v index 86e248078..9e2ba280c 100644 --- a/src/Specific/montgomery64_2e266m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e266m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 64; bitwidth := 64; s := 2^266; diff --git a/src/Specific/montgomery64_2e285m9/CurveParameters.v b/src/Specific/montgomery64_2e285m9/CurveParameters.v index d64a049db..e7a278c7d 100644 --- a/src/Specific/montgomery64_2e285m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e285m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 64; bitwidth := 64; s := 2^285; diff --git a/src/Specific/montgomery64_2e291m19/CurveParameters.v b/src/Specific/montgomery64_2e291m19/CurveParameters.v index a7c8b8582..287660ddf 100644 --- a/src/Specific/montgomery64_2e291m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e291m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 4%nat; + sz := 5%nat; base := 64; bitwidth := 64; s := 2^291; diff --git a/src/Specific/montgomery64_2e321m9/CurveParameters.v b/src/Specific/montgomery64_2e321m9/CurveParameters.v index 80b72e6a1..fca0128bd 100644 --- a/src/Specific/montgomery64_2e321m9/CurveParameters.v +++ b/src/Specific/montgomery64_2e321m9/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^321; diff --git a/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v b/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v index af412b089..adcb408e8 100644 --- a/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e322m2e161m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^322; diff --git a/src/Specific/montgomery64_2e336m17/CurveParameters.v b/src/Specific/montgomery64_2e336m17/CurveParameters.v index 6fcd45813..3f26f7c08 100644 --- a/src/Specific/montgomery64_2e336m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e336m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^336; diff --git a/src/Specific/montgomery64_2e336m3/CurveParameters.v b/src/Specific/montgomery64_2e336m3/CurveParameters.v index 357ec07d3..e175f018f 100644 --- a/src/Specific/montgomery64_2e336m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e336m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^336; diff --git a/src/Specific/montgomery64_2e338m15/CurveParameters.v b/src/Specific/montgomery64_2e338m15/CurveParameters.v index 2469355f3..e7fef760a 100644 --- a/src/Specific/montgomery64_2e338m15/CurveParameters.v +++ b/src/Specific/montgomery64_2e338m15/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^338; diff --git a/src/Specific/montgomery64_2e369m25/CurveParameters.v b/src/Specific/montgomery64_2e369m25/CurveParameters.v index 68e2ddf13..78642c325 100644 --- a/src/Specific/montgomery64_2e369m25/CurveParameters.v +++ b/src/Specific/montgomery64_2e369m25/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^369; diff --git a/src/Specific/montgomery64_2e379m19/CurveParameters.v b/src/Specific/montgomery64_2e379m19/CurveParameters.v index 7ccff7ae7..c420d42f2 100644 --- a/src/Specific/montgomery64_2e379m19/CurveParameters.v +++ b/src/Specific/montgomery64_2e379m19/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^379; diff --git a/src/Specific/montgomery64_2e382m105/CurveParameters.v b/src/Specific/montgomery64_2e382m105/CurveParameters.v index 2a3a3b6cc..c9d0c9d34 100644 --- a/src/Specific/montgomery64_2e382m105/CurveParameters.v +++ b/src/Specific/montgomery64_2e382m105/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^382; diff --git a/src/Specific/montgomery64_2e383m187/CurveParameters.v b/src/Specific/montgomery64_2e383m187/CurveParameters.v index 11296b9cb..e046a8a5b 100644 --- a/src/Specific/montgomery64_2e383m187/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m187/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^383; diff --git a/src/Specific/montgomery64_2e383m31/CurveParameters.v b/src/Specific/montgomery64_2e383m31/CurveParameters.v index 7e8a4f6ed..bcccff484 100644 --- a/src/Specific/montgomery64_2e383m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^383; diff --git a/src/Specific/montgomery64_2e383m421/CurveParameters.v b/src/Specific/montgomery64_2e383m421/CurveParameters.v index 5b2ac43b4..608979ac5 100644 --- a/src/Specific/montgomery64_2e383m421/CurveParameters.v +++ b/src/Specific/montgomery64_2e383m421/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 5%nat; + sz := 6%nat; base := 64; bitwidth := 64; s := 2^383; diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v b/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v new file mode 100644 index 000000000..140aa5d74 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 5*2^368 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 6%nat; + base := 64; + bitwidth := 64; + s := 2^384; + c := [(1, 1); (5, 2^368)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/Synthesis.v b/src/Specific/montgomery64_2e384m5x2e368m1/Synthesis.v new file mode 100644 index 000000000..aff981f36 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/compiler.sh b/src/Specific/montgomery64_2e384m5x2e368m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/feadd.v b/src/Specific/montgomery64_2e384m5x2e368m1/feadd.v new file mode 100644 index 000000000..283b4049f --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/feaddDisplay.v b/src/Specific/montgomery64_2e384m5x2e368m1/feaddDisplay.v new file mode 100644 index 000000000..4926c4125 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/femul.v b/src/Specific/montgomery64_2e384m5x2e368m1/femul.v new file mode 100644 index 000000000..e107f9f55 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/femulDisplay.v b/src/Specific/montgomery64_2e384m5x2e368m1/femulDisplay.v new file mode 100644 index 000000000..dfb3a2883 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/fenz.v b/src/Specific/montgomery64_2e384m5x2e368m1/fenz.v new file mode 100644 index 000000000..7b2dfe9eb --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/fenzDisplay.v b/src/Specific/montgomery64_2e384m5x2e368m1/fenzDisplay.v new file mode 100644 index 000000000..3e3c53e96 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/feopp.v b/src/Specific/montgomery64_2e384m5x2e368m1/feopp.v new file mode 100644 index 000000000..b5ca84620 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/feoppDisplay.v b/src/Specific/montgomery64_2e384m5x2e368m1/feoppDisplay.v new file mode 100644 index 000000000..70b12d647 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/fesub.v b/src/Specific/montgomery64_2e384m5x2e368m1/fesub.v new file mode 100644 index 000000000..24f3efce1 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e384m5x2e368m1/fesubDisplay.v b/src/Specific/montgomery64_2e384m5x2e368m1/fesubDisplay.v new file mode 100644 index 000000000..3e4cfd661 --- /dev/null +++ b/src/Specific/montgomery64_2e384m5x2e368m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m5x2e368m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v b/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v new file mode 100644 index 000000000..2102147f2 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 79*2^376 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 6%nat; + base := 64; + bitwidth := 64; + s := 2^384; + c := [(1, 1); (79, 2^376)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/Synthesis.v b/src/Specific/montgomery64_2e384m79x2e376m1/Synthesis.v new file mode 100644 index 000000000..bef48e512 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/compiler.sh b/src/Specific/montgomery64_2e384m79x2e376m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/feadd.v b/src/Specific/montgomery64_2e384m79x2e376m1/feadd.v new file mode 100644 index 000000000..234d44a05 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/feaddDisplay.v b/src/Specific/montgomery64_2e384m79x2e376m1/feaddDisplay.v new file mode 100644 index 000000000..38fa66b7a --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/femul.v b/src/Specific/montgomery64_2e384m79x2e376m1/femul.v new file mode 100644 index 000000000..8523fc2d6 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/femulDisplay.v b/src/Specific/montgomery64_2e384m79x2e376m1/femulDisplay.v new file mode 100644 index 000000000..17d62c310 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/fenz.v b/src/Specific/montgomery64_2e384m79x2e376m1/fenz.v new file mode 100644 index 000000000..6f00c01c8 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/fenzDisplay.v b/src/Specific/montgomery64_2e384m79x2e376m1/fenzDisplay.v new file mode 100644 index 000000000..866b43ecb --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/feopp.v b/src/Specific/montgomery64_2e384m79x2e376m1/feopp.v new file mode 100644 index 000000000..e341413f3 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/feoppDisplay.v b/src/Specific/montgomery64_2e384m79x2e376m1/feoppDisplay.v new file mode 100644 index 000000000..87d700198 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/fesub.v b/src/Specific/montgomery64_2e384m79x2e376m1/fesub.v new file mode 100644 index 000000000..54ce86613 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e384m79x2e376m1/fesubDisplay.v b/src/Specific/montgomery64_2e384m79x2e376m1/fesubDisplay.v new file mode 100644 index 000000000..765908e48 --- /dev/null +++ b/src/Specific/montgomery64_2e384m79x2e376m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e384m79x2e376m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e389m21/CurveParameters.v b/src/Specific/montgomery64_2e389m21/CurveParameters.v index cafb3e08b..ce7cafebc 100644 --- a/src/Specific/montgomery64_2e389m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e389m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^389; diff --git a/src/Specific/montgomery64_2e401m31/CurveParameters.v b/src/Specific/montgomery64_2e401m31/CurveParameters.v index 90ea36075..45e9fae65 100644 --- a/src/Specific/montgomery64_2e401m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e401m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^401; diff --git a/src/Specific/montgomery64_2e413m21/CurveParameters.v b/src/Specific/montgomery64_2e413m21/CurveParameters.v index a4799b1ec..dc8342540 100644 --- a/src/Specific/montgomery64_2e413m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e413m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^413; diff --git a/src/Specific/montgomery64_2e414m17/CurveParameters.v b/src/Specific/montgomery64_2e414m17/CurveParameters.v index 0527b15c5..f18c252b3 100644 --- a/src/Specific/montgomery64_2e414m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e414m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^414; diff --git a/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v b/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v index 67bccbc64..00f87f5ef 100644 --- a/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e416m2e208m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^416; diff --git a/src/Specific/montgomery64_2e444m17/CurveParameters.v b/src/Specific/montgomery64_2e444m17/CurveParameters.v index 6000dfa9b..abd767350 100644 --- a/src/Specific/montgomery64_2e444m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e444m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 6%nat; + sz := 7%nat; base := 64; bitwidth := 64; s := 2^444; diff --git a/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v b/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v index 1bded1301..4625a6aaa 100644 --- a/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e450m2e225m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^450; diff --git a/src/Specific/montgomery64_2e452m3/CurveParameters.v b/src/Specific/montgomery64_2e452m3/CurveParameters.v index 206b538a4..279202f4a 100644 --- a/src/Specific/montgomery64_2e452m3/CurveParameters.v +++ b/src/Specific/montgomery64_2e452m3/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^452; diff --git a/src/Specific/montgomery64_2e468m17/CurveParameters.v b/src/Specific/montgomery64_2e468m17/CurveParameters.v index 2881d2193..2aa62a437 100644 --- a/src/Specific/montgomery64_2e468m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e468m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^468; diff --git a/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v b/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v index 24c2d43cb..b4f4b088b 100644 --- a/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e480m2e240m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^480; diff --git a/src/Specific/montgomery64_2e488m17/CurveParameters.v b/src/Specific/montgomery64_2e488m17/CurveParameters.v index bec557569..52caa4b94 100644 --- a/src/Specific/montgomery64_2e488m17/CurveParameters.v +++ b/src/Specific/montgomery64_2e488m17/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^488; diff --git a/src/Specific/montgomery64_2e489m21/CurveParameters.v b/src/Specific/montgomery64_2e489m21/CurveParameters.v index a54a56a6f..96cfe3183 100644 --- a/src/Specific/montgomery64_2e489m21/CurveParameters.v +++ b/src/Specific/montgomery64_2e489m21/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^489; diff --git a/src/Specific/montgomery64_2e495m31/CurveParameters.v b/src/Specific/montgomery64_2e495m31/CurveParameters.v index 724f4d062..515918702 100644 --- a/src/Specific/montgomery64_2e495m31/CurveParameters.v +++ b/src/Specific/montgomery64_2e495m31/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^495; diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v b/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v new file mode 100644 index 000000000..45a4ca90f --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^510 - 290*2^496 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 64; + bitwidth := 64; + s := 2^510; + c := [(1, 1); (290, 2^496)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/Synthesis.v b/src/Specific/montgomery64_2e510m290x2e496m1/Synthesis.v new file mode 100644 index 000000000..ce9151a5c --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/compiler.sh b/src/Specific/montgomery64_2e510m290x2e496m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/feadd.v b/src/Specific/montgomery64_2e510m290x2e496m1/feadd.v new file mode 100644 index 000000000..d0f2b0d62 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/feaddDisplay.v b/src/Specific/montgomery64_2e510m290x2e496m1/feaddDisplay.v new file mode 100644 index 000000000..736fca28e --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/femul.v b/src/Specific/montgomery64_2e510m290x2e496m1/femul.v new file mode 100644 index 000000000..1ade6255d --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/femulDisplay.v b/src/Specific/montgomery64_2e510m290x2e496m1/femulDisplay.v new file mode 100644 index 000000000..f35e38db7 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/fenz.v b/src/Specific/montgomery64_2e510m290x2e496m1/fenz.v new file mode 100644 index 000000000..ea01f0628 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/fenzDisplay.v b/src/Specific/montgomery64_2e510m290x2e496m1/fenzDisplay.v new file mode 100644 index 000000000..43fe80652 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/feopp.v b/src/Specific/montgomery64_2e510m290x2e496m1/feopp.v new file mode 100644 index 000000000..f79388203 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/feoppDisplay.v b/src/Specific/montgomery64_2e510m290x2e496m1/feoppDisplay.v new file mode 100644 index 000000000..055d5c2cc --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/fesub.v b/src/Specific/montgomery64_2e510m290x2e496m1/fesub.v new file mode 100644 index 000000000..0c0828582 --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e510m290x2e496m1/fesubDisplay.v b/src/Specific/montgomery64_2e510m290x2e496m1/fesubDisplay.v new file mode 100644 index 000000000..315f4f63a --- /dev/null +++ b/src/Specific/montgomery64_2e510m290x2e496m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e510m290x2e496m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e511m187/CurveParameters.v b/src/Specific/montgomery64_2e511m187/CurveParameters.v index 01ddf626d..73703ef25 100644 --- a/src/Specific/montgomery64_2e511m187/CurveParameters.v +++ b/src/Specific/montgomery64_2e511m187/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^511; diff --git a/src/Specific/montgomery64_2e511m481/CurveParameters.v b/src/Specific/montgomery64_2e511m481/CurveParameters.v index 9b39c3362..fded830f5 100644 --- a/src/Specific/montgomery64_2e511m481/CurveParameters.v +++ b/src/Specific/montgomery64_2e511m481/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 7%nat; + sz := 8%nat; base := 64; bitwidth := 64; s := 2^511; diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v b/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v new file mode 100644 index 000000000..ae3412b9f --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^512 - 491*2^496 - 1 +Base: 64 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 64; + bitwidth := 64; + s := 2^512; + c := [(1, 1); (491, 2^496)]; + carry_chains := None; + + a24 := None; + coef_div_modulus := None; + + goldilocks := Some false; + montgomery := true; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/Synthesis.v b/src/Specific/montgomery64_2e512m491x2e496m1/Synthesis.v new file mode 100644 index 000000000..a73511fb1 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/compiler.sh b/src/Specific/montgomery64_2e512m491x2e496m1/compiler.sh new file mode 100755 index 000000000..518f95765 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -fno-peephole2 `#GCC BUG 81300` -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes -Wno-incompatible-pointer-types -fno-strict-aliasing "$@" diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/feadd.v b/src/Specific/montgomery64_2e512m491x2e496m1/feadd.v new file mode 100644 index 000000000..204f214c7 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/feadd.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition add : + { add : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (add a b) = F.add (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_add (). + Show Ltac Profile. +Time Defined. + +Print Assumptions add. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/feaddDisplay.v b/src/Specific/montgomery64_2e512m491x2e496m1/feaddDisplay.v new file mode 100644 index 000000000..e6093550d --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/feaddDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.feadd. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display add. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/femul.v b/src/Specific/montgomery64_2e512m491x2e496m1/femul.v new file mode 100644 index 000000000..30964dee7 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (mul a b) = F.mul (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/femulDisplay.v b/src/Specific/montgomery64_2e512m491x2e496m1/femulDisplay.v new file mode 100644 index 000000000..407550e09 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/fenz.v b/src/Specific/montgomery64_2e512m491x2e496m1/fenz.v new file mode 100644 index 000000000..c9c8e2400 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/fenz.v @@ -0,0 +1,16 @@ +Require Import Coq.ZArith.ZArith. +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.Synthesis. +Local Open Scope Z_scope. + +(* TODO : change this to field once field isomorphism happens *) +Definition nonzero : + { nonzero : feBW_small -> BoundedWord.BoundedWord 1 adjusted_bitwidth bound1 + | forall a, (BoundedWord.BoundedWordToZ _ _ _ (nonzero a) =? 0) = (if Decidable.dec (phiM_small a = F.of_Z m 0) then true else false) }. +Proof. + Set Ltac Profiling. + Time synthesize_nonzero (). + Show Ltac Profile. +Time Defined. + +Print Assumptions nonzero. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/fenzDisplay.v b/src/Specific/montgomery64_2e512m491x2e496m1/fenzDisplay.v new file mode 100644 index 000000000..582c54929 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/fenzDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.fenz. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display nonzero. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/feopp.v b/src/Specific/montgomery64_2e512m491x2e496m1/feopp.v new file mode 100644 index 000000000..df85c99b8 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/feopp.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition opp : + { opp : feBW_small -> feBW_small + | forall a, phiM_small (opp a) = F.opp (phiM_small a) }. +Proof. + Set Ltac Profiling. + Time synthesize_opp (). + Show Ltac Profile. +Time Defined. + +Print Assumptions opp. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/feoppDisplay.v b/src/Specific/montgomery64_2e512m491x2e496m1/feoppDisplay.v new file mode 100644 index 000000000..d23a288f8 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/feoppDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.feopp. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display opp. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/fesub.v b/src/Specific/montgomery64_2e512m491x2e496m1/fesub.v new file mode 100644 index 000000000..e7f6b2120 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/fesub.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition sub : + { sub : feBW_small -> feBW_small -> feBW_small + | forall a b, phiM_small (sub a b) = F.sub (phiM_small a) (phiM_small b) }. +Proof. + Set Ltac Profiling. + Time synthesize_sub (). + Show Ltac Profile. +Time Defined. + +Print Assumptions sub. diff --git a/src/Specific/montgomery64_2e512m491x2e496m1/fesubDisplay.v b/src/Specific/montgomery64_2e512m491x2e496m1/fesubDisplay.v new file mode 100644 index 000000000..b50de8989 --- /dev/null +++ b/src/Specific/montgomery64_2e512m491x2e496m1/fesubDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.montgomery64_2e512m491x2e496m1.fesub. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display sub. diff --git a/src/Specific/montgomery64_2e521m1/CurveParameters.v b/src/Specific/montgomery64_2e521m1/CurveParameters.v index 5f50e8117..196b5d338 100644 --- a/src/Specific/montgomery64_2e521m1/CurveParameters.v +++ b/src/Specific/montgomery64_2e521m1/CurveParameters.v @@ -8,7 +8,7 @@ Base: 64 Definition curve : CurveParameters := {| - sz := 8%nat; + sz := 9%nat; base := 64; bitwidth := 64; s := 2^521; diff --git a/src/Specific/solinas32_2e127m1/CurveParameters.v b/src/Specific/solinas32_2e127m1/CurveParameters.v index 88a440104..fac8c496f 100644 --- a/src/Specific/solinas32_2e127m1/CurveParameters.v +++ b/src/Specific/solinas32_2e127m1/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^127 - 1 -Base: 21 +Base: 21 + 1/6 ***) Definition curve : CurveParameters := {| sz := 6%nat; - base := 21; + base := 21 + 1/6; bitwidth := 32; s := 2^127; c := [(1, 1)]; diff --git a/src/Specific/solinas32_2e129m25/CurveParameters.v b/src/Specific/solinas32_2e129m25/CurveParameters.v index 751d88025..71f3a2e45 100644 --- a/src/Specific/solinas32_2e129m25/CurveParameters.v +++ b/src/Specific/solinas32_2e129m25/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^129 - 25 -Base: 21 +Base: 21.5 ***) Definition curve : CurveParameters := {| sz := 6%nat; - base := 21; + base := 21 + 1/2; bitwidth := 32; s := 2^129; c := [(1, 25)]; diff --git a/src/Specific/solinas32_2e130m5/CurveParameters.v b/src/Specific/solinas32_2e130m5/CurveParameters.v index e0a411f19..bd713ed7c 100644 --- a/src/Specific/solinas32_2e130m5/CurveParameters.v +++ b/src/Specific/solinas32_2e130m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^130 - 5 -Base: 16 +Base: 26 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 16; + sz := 5%nat; + base := 26; bitwidth := 32; s := 2^130; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e137m13/CurveParameters.v b/src/Specific/solinas32_2e137m13/CurveParameters.v index 32edba1bf..81c3207a9 100644 --- a/src/Specific/solinas32_2e137m13/CurveParameters.v +++ b/src/Specific/solinas32_2e137m13/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^137 - 13 -Base: 17 +Base: 17.125 ***) Definition curve : CurveParameters := {| sz := 8%nat; - base := 17; + base := 17 + 1/8; bitwidth := 32; s := 2^137; c := [(1, 13)]; diff --git a/src/Specific/solinas32_2e140m27/CurveParameters.v b/src/Specific/solinas32_2e140m27/CurveParameters.v index ff2a817c9..69034a175 100644 --- a/src/Specific/solinas32_2e140m27/CurveParameters.v +++ b/src/Specific/solinas32_2e140m27/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^140 - 27 -Base: 20 +Base: 23 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 7%nat; - base := 20; + sz := 6%nat; + base := 23 + 1/3; bitwidth := 32; s := 2^140; c := [(1, 27)]; - carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e141m9/CurveParameters.v b/src/Specific/solinas32_2e141m9/CurveParameters.v index c7cdb8630..e48f00466 100644 --- a/src/Specific/solinas32_2e141m9/CurveParameters.v +++ b/src/Specific/solinas32_2e141m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^141 - 9 -Base: 20 +Base: 23.5 ***) Definition curve : CurveParameters := {| - sz := 7%nat; - base := 20; + sz := 6%nat; + base := 23 + 1/2; bitwidth := 32; s := 2^141; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e150m3/CurveParameters.v b/src/Specific/solinas32_2e150m3/CurveParameters.v index 2ed5af242..a9a04337d 100644 --- a/src/Specific/solinas32_2e150m3/CurveParameters.v +++ b/src/Specific/solinas32_2e150m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^150 - 3 -Base: 25 +Base: 30 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 25; + sz := 5%nat; + base := 30; bitwidth := 32; s := 2^150; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e150m5/CurveParameters.v b/src/Specific/solinas32_2e150m5/CurveParameters.v index fe8170e46..57de2a2b7 100644 --- a/src/Specific/solinas32_2e150m5/CurveParameters.v +++ b/src/Specific/solinas32_2e150m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^150 - 5 -Base: 15 +Base: 25 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 15; + sz := 6%nat; + base := 25; bitwidth := 32; s := 2^150; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e152m17/CurveParameters.v b/src/Specific/solinas32_2e152m17/CurveParameters.v index 846416f46..a7c103dc1 100644 --- a/src/Specific/solinas32_2e152m17/CurveParameters.v +++ b/src/Specific/solinas32_2e152m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^152 - 17 -Base: 19 +Base: 25 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 19; + sz := 6%nat; + base := 25 + 1/3; bitwidth := 32; s := 2^152; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e158m15/CurveParameters.v b/src/Specific/solinas32_2e158m15/CurveParameters.v index ba0ee328f..7abaad8eb 100644 --- a/src/Specific/solinas32_2e158m15/CurveParameters.v +++ b/src/Specific/solinas32_2e158m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^158 - 15 -Base: 13 +Base: 26 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 12%nat; - base := 13; + sz := 6%nat; + base := 26 + 1/3; bitwidth := 32; s := 2^158; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e165m25/CurveParameters.v b/src/Specific/solinas32_2e165m25/CurveParameters.v index ee2bd7088..00818672b 100644 --- a/src/Specific/solinas32_2e165m25/CurveParameters.v +++ b/src/Specific/solinas32_2e165m25/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^165 - 25 -Base: 18 +Base: 18 + 1/3 ***) Definition curve : CurveParameters := {| sz := 9%nat; - base := 18; + base := 18 + 1/3; bitwidth := 32; s := 2^165; c := [(1, 25)]; diff --git a/src/Specific/solinas32_2e166m5/CurveParameters.v b/src/Specific/solinas32_2e166m5/CurveParameters.v index 3cd6d3959..d8af4e9b4 100644 --- a/src/Specific/solinas32_2e166m5/CurveParameters.v +++ b/src/Specific/solinas32_2e166m5/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^166 - 5 -Base: 15 +Base: 15 + 1/11 ***) Definition curve : CurveParameters := {| sz := 11%nat; - base := 15; + base := 15 + 1/11; bitwidth := 32; s := 2^166; c := [(1, 5)]; diff --git a/src/Specific/solinas32_2e174m17/CurveParameters.v b/src/Specific/solinas32_2e174m17/CurveParameters.v index 6df8a62b1..b56250451 100644 --- a/src/Specific/solinas32_2e174m17/CurveParameters.v +++ b/src/Specific/solinas32_2e174m17/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^174 - 17 -Base: 19 +Base: 19 + 1/3 ***) Definition curve : CurveParameters := {| sz := 9%nat; - base := 19; + base := 19 + 1/3; bitwidth := 32; s := 2^174; c := [(1, 17)]; diff --git a/src/Specific/solinas32_2e174m3/CurveParameters.v b/src/Specific/solinas32_2e174m3/CurveParameters.v index 6cf82b368..f1c104157 100644 --- a/src/Specific/solinas32_2e174m3/CurveParameters.v +++ b/src/Specific/solinas32_2e174m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^174 - 3 -Base: 19 +Base: 29 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 19; + sz := 6%nat; + base := 29; bitwidth := 32; s := 2^174; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e189m25/CurveParameters.v b/src/Specific/solinas32_2e189m25/CurveParameters.v index 1aac16970..ddc22f423 100644 --- a/src/Specific/solinas32_2e189m25/CurveParameters.v +++ b/src/Specific/solinas32_2e189m25/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^189 - 25 -Base: 21 +Base: 27 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 21; + sz := 7%nat; + base := 27; bitwidth := 32; s := 2^189; c := [(1, 25)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e190m11/CurveParameters.v b/src/Specific/solinas32_2e190m11/CurveParameters.v index 36dac4f68..1c11ade3a 100644 --- a/src/Specific/solinas32_2e190m11/CurveParameters.v +++ b/src/Specific/solinas32_2e190m11/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^190 - 11 -Base: 21 +Base: 27 + 1/7 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 21; + sz := 7%nat; + base := 27 + 1/7; bitwidth := 32; s := 2^190; c := [(1, 11)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e191m19/CurveParameters.v b/src/Specific/solinas32_2e191m19/CurveParameters.v index cf183ae40..dc0290cfa 100644 --- a/src/Specific/solinas32_2e191m19/CurveParameters.v +++ b/src/Specific/solinas32_2e191m19/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^191 - 19 -Base: 19 +Base: 19.1 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 19; + base := 19 + 1/10; bitwidth := 32; s := 2^191; c := [(1, 19)]; diff --git a/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v b/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v index 637a7628f..078600612 100644 --- a/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/solinas32_2e192m2e64m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^192; c := [(1, 1); (2^64, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[1; 7]; [2; 0; 3; 1; 4; 5; 6; 7]; [2; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e194m33/CurveParameters.v b/src/Specific/solinas32_2e194m33/CurveParameters.v index 7b82a6d88..dd6c2987c 100644 --- a/src/Specific/solinas32_2e194m33/CurveParameters.v +++ b/src/Specific/solinas32_2e194m33/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^194 - 33 -Base: 16 +Base: 24.25 ***) Definition curve : CurveParameters := {| - sz := 12%nat; - base := 16; + sz := 8%nat; + base := 24 + 1/4; bitwidth := 32; s := 2^194; c := [(1, 33)]; - carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e196m15/CurveParameters.v b/src/Specific/solinas32_2e196m15/CurveParameters.v index 1bbe7a4b8..cf7add879 100644 --- a/src/Specific/solinas32_2e196m15/CurveParameters.v +++ b/src/Specific/solinas32_2e196m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^196 - 15 -Base: 24 +Base: 28 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 24; + sz := 7%nat; + base := 28; bitwidth := 32; s := 2^196; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e413m21/CurveParameters.v b/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v index 8d245211d..2d8d36713 100644 --- a/src/Specific/solinas32_2e413m21/CurveParameters.v +++ b/src/Specific/solinas32_2e205m45x2e198m1/CurveParameters.v @@ -2,18 +2,18 @@ Require Import Crypto.Specific.Framework.RawCurveParameters. Require Import Crypto.Util.LetIn. (*** -Modulus : 2^413 - 21 -Base: 7 +Modulus : 2^205 - 45*2^198 - 1 +Base: 20.5 ***) Definition curve : CurveParameters := {| - sz := 59%nat; - base := 7; + sz := 10%nat; + base := 20 + 1/2; bitwidth := 32; - s := 2^413; - c := [(1, 21)]; - carry_chains := Some [seq 0 (pred 59); [0; 1]]%nat; + s := 2^205; + c := [(1, 1); (45, 2^198)]; + carry_chains := Some [[8; 9]; [9; 0; 1; 2; 3; 4; 5; 6; 7; 8]; [9; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e205m45x2e198m1/Synthesis.v b/src/Specific/solinas32_2e205m45x2e198m1/Synthesis.v new file mode 100644 index 000000000..95495afea --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e413m21/compiler.sh b/src/Specific/solinas32_2e205m45x2e198m1/compiler.sh index 401968c8b..401968c8b 100755 --- a/src/Specific/solinas32_2e413m21/compiler.sh +++ b/src/Specific/solinas32_2e205m45x2e198m1/compiler.sh diff --git a/src/Specific/solinas32_2e205m45x2e198m1/femul.v b/src/Specific/solinas32_2e205m45x2e198m1/femul.v new file mode 100644 index 000000000..ed2253070 --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e205m45x2e198m1/femulDisplay.v b/src/Specific/solinas32_2e205m45x2e198m1/femulDisplay.v new file mode 100644 index 000000000..ba3060ad0 --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v b/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v new file mode 100644 index 000000000..026dc49ff --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e205m45x2e198m1/fesquareDisplay.v b/src/Specific/solinas32_2e205m45x2e198m1/fesquareDisplay.v new file mode 100644 index 000000000..4a60c468a --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e205m45x2e198m1/freeze.v b/src/Specific/solinas32_2e205m45x2e198m1/freeze.v new file mode 100644 index 000000000..0daf9a326 --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e205m45x2e198m1/freezeDisplay.v b/src/Specific/solinas32_2e205m45x2e198m1/freezeDisplay.v new file mode 100644 index 000000000..263fe2940 --- /dev/null +++ b/src/Specific/solinas32_2e205m45x2e198m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e205m45x2e198m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e206m5/CurveParameters.v b/src/Specific/solinas32_2e206m5/CurveParameters.v index 07f9d3f4c..a3d664c25 100644 --- a/src/Specific/solinas32_2e206m5/CurveParameters.v +++ b/src/Specific/solinas32_2e206m5/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^206 - 5 -Base: 17 +Base: 17 + 1/6 ***) Definition curve : CurveParameters := {| sz := 12%nat; - base := 17; + base := 17 + 1/6; bitwidth := 32; s := 2^206; c := [(1, 5)]; diff --git a/src/Specific/solinas32_2e212m29/CurveParameters.v b/src/Specific/solinas32_2e212m29/CurveParameters.v index fe09da328..550908675 100644 --- a/src/Specific/solinas32_2e212m29/CurveParameters.v +++ b/src/Specific/solinas32_2e212m29/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^212 - 29 -Base: 21 +Base: 26.5 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 21; + sz := 8%nat; + base := 26 + 1/2; bitwidth := 32; s := 2^212; c := [(1, 29)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e213m3/CurveParameters.v b/src/Specific/solinas32_2e213m3/CurveParameters.v index 693c68174..c8e8bb1a2 100644 --- a/src/Specific/solinas32_2e213m3/CurveParameters.v +++ b/src/Specific/solinas32_2e213m3/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^213 - 3 -Base: 14 +Base: 14.2 ***) Definition curve : CurveParameters := {| sz := 15%nat; - base := 14; + base := 14 + 1/5; bitwidth := 32; s := 2^213; c := [(1, 3)]; diff --git a/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v b/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v index ba0dcf76e..ef6c939d5 100644 --- a/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/solinas32_2e216m2e108m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^216; c := [(1, 1); (2^108, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[3; 7]; [4; 0; 5; 1; 6; 2; 7; 3]; [4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e221m3/CurveParameters.v b/src/Specific/solinas32_2e221m3/CurveParameters.v index 8577ba6df..81a51fd0e 100644 --- a/src/Specific/solinas32_2e221m3/CurveParameters.v +++ b/src/Specific/solinas32_2e221m3/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^221 - 3 -Base: 22 +Base: 22.1 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 22; + base := 22 + 1/10; bitwidth := 32; s := 2^221; c := [(1, 3)]; diff --git a/src/Specific/solinas32_2e222m117/CurveParameters.v b/src/Specific/solinas32_2e222m117/CurveParameters.v index 37ac18bee..06a6f7624 100644 --- a/src/Specific/solinas32_2e222m117/CurveParameters.v +++ b/src/Specific/solinas32_2e222m117/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^222 - 117 -Base: 22 +Base: 22.2 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 22; + base := 22 + 1/5; bitwidth := 32; s := 2^222; c := [(1, 117)]; diff --git a/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v b/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v index 1b39c9806..88e4d9ecc 100644 --- a/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/solinas32_2e224m2e96p1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^224; c := [(1, -1); (2^96, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[2; 7]; [3; 0; 4; 1; 5; 2; 6; 7]; [3; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e226m5/CurveParameters.v b/src/Specific/solinas32_2e226m5/CurveParameters.v index 4db734035..684374492 100644 --- a/src/Specific/solinas32_2e226m5/CurveParameters.v +++ b/src/Specific/solinas32_2e226m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^226 - 5 -Base: 25 +Base: 28.25 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 25; + sz := 8%nat; + base := 28 + 1/4; bitwidth := 32; s := 2^226; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e235m15/CurveParameters.v b/src/Specific/solinas32_2e235m15/CurveParameters.v index 4bc71e156..e4cb5d873 100644 --- a/src/Specific/solinas32_2e235m15/CurveParameters.v +++ b/src/Specific/solinas32_2e235m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^235 - 15 -Base: 23 +Base: 26 + 1/9 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 23; + sz := 9%nat; + base := 26 + 1/9; bitwidth := 32; s := 2^235; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e243m9/CurveParameters.v b/src/Specific/solinas32_2e243m9/CurveParameters.v index e71d50e3a..e3bf70582 100644 --- a/src/Specific/solinas32_2e243m9/CurveParameters.v +++ b/src/Specific/solinas32_2e243m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^243 - 9 -Base: 22 +Base: 27 ***) Definition curve : CurveParameters := {| - sz := 11%nat; - base := 22; + sz := 9%nat; + base := 27; bitwidth := 32; s := 2^243; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 11); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e251m9/CurveParameters.v b/src/Specific/solinas32_2e251m9/CurveParameters.v index 257923486..7fc2d901d 100644 --- a/src/Specific/solinas32_2e251m9/CurveParameters.v +++ b/src/Specific/solinas32_2e251m9/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^251 - 9 -Base: 25 +Base: 25.1 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 25; + base := 25 + 1/10; bitwidth := 32; s := 2^251; c := [(1, 9)]; diff --git a/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v b/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v new file mode 100644 index 000000000..5c99a3cb1 --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^254 - 127*2^240 - 1 +Base: 23 + 1/11 +***) + +Definition curve : CurveParameters := + {| + sz := 11%nat; + base := 23 + 1/11; + bitwidth := 32; + s := 2^254; + c := [(1, 1); (127, 2^240)]; + carry_chains := Some [[9; 10]; [10; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9]; [10; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/Synthesis.v b/src/Specific/solinas32_2e254m127x2e240m1/Synthesis.v new file mode 100644 index 000000000..372f58862 --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/compiler.sh b/src/Specific/solinas32_2e254m127x2e240m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e254m127x2e240m1/femul.v b/src/Specific/solinas32_2e254m127x2e240m1/femul.v new file mode 100644 index 000000000..dfa390a2e --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/femulDisplay.v b/src/Specific/solinas32_2e254m127x2e240m1/femulDisplay.v new file mode 100644 index 000000000..48555a4af --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v b/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v new file mode 100644 index 000000000..a98cf6949 --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/fesquareDisplay.v b/src/Specific/solinas32_2e254m127x2e240m1/fesquareDisplay.v new file mode 100644 index 000000000..36747cb4a --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/freeze.v b/src/Specific/solinas32_2e254m127x2e240m1/freeze.v new file mode 100644 index 000000000..776903712 --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e254m127x2e240m1/freezeDisplay.v b/src/Specific/solinas32_2e254m127x2e240m1/freezeDisplay.v new file mode 100644 index 000000000..abd4980bf --- /dev/null +++ b/src/Specific/solinas32_2e254m127x2e240m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e254m127x2e240m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e255m19/CurveParameters.v b/src/Specific/solinas32_2e255m19/CurveParameters.v index 13ab57fb6..1afa40624 100644 --- a/src/Specific/solinas32_2e255m19/CurveParameters.v +++ b/src/Specific/solinas32_2e255m19/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^255 - 19 -Base: 21 +Base: 25.5 ***) Definition curve : CurveParameters := {| - sz := 12%nat; - base := 21; + sz := 10%nat; + base := 25 + 1/2; bitwidth := 32; s := 2^255; c := [(1, 19)]; - carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v index 9506e6f5b..fc9eb4ba7 100644 --- a/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/solinas32_2e255m2e4m2e1m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^255 - 2^4 - 2^1 - 1 -Base: 28 +Base: 28 + 1/3 ***) Definition curve : CurveParameters := {| sz := 9%nat; - base := 28; + base := 28 + 1/3; bitwidth := 32; s := 2^255; c := [(1, 1); (2^1, 1); (2^4, 1)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [[8; 8; 8]; [0; 1; 2; 3; 4; 5; 6; 7]; [0; 0; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e255m765/CurveParameters.v b/src/Specific/solinas32_2e255m765/CurveParameters.v index 898e743f0..6c7649dce 100644 --- a/src/Specific/solinas32_2e255m765/CurveParameters.v +++ b/src/Specific/solinas32_2e255m765/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^255 - 765 -Base: 17 +Base: 21.25 ***) Definition curve : CurveParameters := {| - sz := 15%nat; - base := 17; + sz := 12%nat; + base := 21 + 1/4; bitwidth := 32; s := 2^255; c := [(1, 765)]; - carry_chains := Some [seq 0 (pred 15); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e256m189/CurveParameters.v b/src/Specific/solinas32_2e256m189/CurveParameters.v index 9323a1385..2843df550 100644 --- a/src/Specific/solinas32_2e256m189/CurveParameters.v +++ b/src/Specific/solinas32_2e256m189/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 189 -Base: 21 +Base: 21 + 1/3 ***) Definition curve : CurveParameters := {| sz := 12%nat; - base := 21; + base := 21 + 1/3; bitwidth := 32; s := 2^256; c := [(1, 189)]; diff --git a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v index 05eb83f42..bc2a3bea5 100644 --- a/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/solinas32_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 2^224 + 2^192 + 2^96 - 1 -Base: 21 +Base: 21 + 1/3 ***) Definition curve : CurveParameters := {| sz := 12%nat; - base := 21; + base := 21 + 1/3; bitwidth := 32; s := 2^256; c := [(1, 1); (2^96, -1); (2^192, -1); (2^224, 1)]; - carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; + carry_chains := Some [[9; 8; 3; 11]; [10; 9; 4; 0; 11; 5; 1; 6; 2; 7; 3; 8]; [10; 9; 4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v b/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v index e708379b5..167a414b6 100644 --- a/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/solinas32_2e256m2e32m977/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 2^32 - 977 -Base: 17 +Base: 21 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 15%nat; - base := 17; + sz := 12%nat; + base := 21 + 1/3; bitwidth := 32; s := 2^256; c := [(1, 977); (2^32, 1)]; - carry_chains := Some [seq 0 (pred 15); [0; 1]]%nat; + carry_chains := Some [[0; 11]; [1; 0; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11]; [1; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v b/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v new file mode 100644 index 000000000..4806253e5 --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^256 - 88*2^240 - 1 +Base: 21 + 1/3 +***) + +Definition curve : CurveParameters := + {| + sz := 12%nat; + base := 21 + 1/3; + bitwidth := 32; + s := 2^256; + c := [(1, 1); (88, 2^240)]; + carry_chains := Some [[10; 11]; [11; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10]; [11; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/Synthesis.v b/src/Specific/solinas32_2e256m88x2e240m1/Synthesis.v new file mode 100644 index 000000000..805d1d77d --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/compiler.sh b/src/Specific/solinas32_2e256m88x2e240m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e256m88x2e240m1/femul.v b/src/Specific/solinas32_2e256m88x2e240m1/femul.v new file mode 100644 index 000000000..5ea7db0f4 --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/femulDisplay.v b/src/Specific/solinas32_2e256m88x2e240m1/femulDisplay.v new file mode 100644 index 000000000..b57bd1d00 --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v b/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v new file mode 100644 index 000000000..6a4cdee35 --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/fesquareDisplay.v b/src/Specific/solinas32_2e256m88x2e240m1/fesquareDisplay.v new file mode 100644 index 000000000..2318c431f --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/freeze.v b/src/Specific/solinas32_2e256m88x2e240m1/freeze.v new file mode 100644 index 000000000..35d11de1c --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e256m88x2e240m1/freezeDisplay.v b/src/Specific/solinas32_2e256m88x2e240m1/freezeDisplay.v new file mode 100644 index 000000000..b5a4d82e6 --- /dev/null +++ b/src/Specific/solinas32_2e256m88x2e240m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e256m88x2e240m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e266m3/CurveParameters.v b/src/Specific/solinas32_2e266m3/CurveParameters.v index a11f58861..e0c955ee0 100644 --- a/src/Specific/solinas32_2e266m3/CurveParameters.v +++ b/src/Specific/solinas32_2e266m3/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^266 - 3 -Base: 22 +Base: 22 + 1/6 ***) Definition curve : CurveParameters := {| sz := 12%nat; - base := 22; + base := 22 + 1/6; bitwidth := 32; s := 2^266; c := [(1, 3)]; diff --git a/src/Specific/solinas32_2e291m19/CurveParameters.v b/src/Specific/solinas32_2e291m19/CurveParameters.v index 16ebd3202..f875bac7b 100644 --- a/src/Specific/solinas32_2e291m19/CurveParameters.v +++ b/src/Specific/solinas32_2e291m19/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^291 - 19 -Base: 24 +Base: 24.25 ***) Definition curve : CurveParameters := {| sz := 12%nat; - base := 24; + base := 24 + 1/4; bitwidth := 32; s := 2^291; c := [(1, 19)]; diff --git a/src/Specific/solinas32_2e321m9/CurveParameters.v b/src/Specific/solinas32_2e321m9/CurveParameters.v index 82d6f50d3..8f117da1b 100644 --- a/src/Specific/solinas32_2e321m9/CurveParameters.v +++ b/src/Specific/solinas32_2e321m9/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^321 - 9 -Base: 20 +Base: 20 + 1/16 ***) Definition curve : CurveParameters := {| sz := 16%nat; - base := 20; + base := 20 + 1/16; bitwidth := 32; s := 2^321; c := [(1, 9)]; diff --git a/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v b/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v index 3665be7ea..cb056a61e 100644 --- a/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/solinas32_2e322m2e161m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^322; c := [(1, 1); (2^161, 1)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [[6; 13]; [7; 0; 8; 1; 9; 2; 10; 3; 11; 4; 12; 5; 13; 6]; [7; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e336m3/CurveParameters.v b/src/Specific/solinas32_2e336m3/CurveParameters.v index 4a66a5dee..3e4f9d66a 100644 --- a/src/Specific/solinas32_2e336m3/CurveParameters.v +++ b/src/Specific/solinas32_2e336m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^336 - 3 -Base: 24 +Base: 28 ***) Definition curve : CurveParameters := {| - sz := 14%nat; - base := 24; + sz := 12%nat; + base := 28; bitwidth := 32; s := 2^336; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 12); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e338m15/CurveParameters.v b/src/Specific/solinas32_2e338m15/CurveParameters.v index bf960a8cd..ac59e0a81 100644 --- a/src/Specific/solinas32_2e338m15/CurveParameters.v +++ b/src/Specific/solinas32_2e338m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^338 - 15 -Base: 24 +Base: 26 ***) Definition curve : CurveParameters := {| - sz := 14%nat; - base := 24; + sz := 13%nat; + base := 26; bitwidth := 32; s := 2^338; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 13); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e369m25/CurveParameters.v b/src/Specific/solinas32_2e369m25/CurveParameters.v index e2d2792a1..d3b6dc232 100644 --- a/src/Specific/solinas32_2e369m25/CurveParameters.v +++ b/src/Specific/solinas32_2e369m25/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^369 - 25 -Base: 23 +Base: 23 + 1/16 ***) Definition curve : CurveParameters := {| sz := 16%nat; - base := 23; + base := 23 + 1/16; bitwidth := 32; s := 2^369; c := [(1, 25)]; diff --git a/src/Specific/solinas32_2e379m19/CurveParameters.v b/src/Specific/solinas32_2e379m19/CurveParameters.v index 597eb60c8..5fbb5d53f 100644 --- a/src/Specific/solinas32_2e379m19/CurveParameters.v +++ b/src/Specific/solinas32_2e379m19/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^379 - 19 -Base: 21 +Base: 21 + 1/18 ***) Definition curve : CurveParameters := {| sz := 18%nat; - base := 21; + base := 21 + 1/18; bitwidth := 32; s := 2^379; c := [(1, 19)]; diff --git a/src/Specific/solinas32_2e382m105/CurveParameters.v b/src/Specific/solinas32_2e382m105/CurveParameters.v index fc8d8de2f..30e317a80 100644 --- a/src/Specific/solinas32_2e382m105/CurveParameters.v +++ b/src/Specific/solinas32_2e382m105/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^382 - 105 -Base: 19 +Base: 19.1 ***) Definition curve : CurveParameters := {| sz := 20%nat; - base := 19; + base := 19 + 1/10; bitwidth := 32; s := 2^382; c := [(1, 105)]; diff --git a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v index 665b52900..b0ba473dd 100644 --- a/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/solinas32_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^384; c := [(1, 1); (2^32, -1); (2^96, 1); (2^128, 1)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [[4; 3; 0; 15]; [5; 4; 1; 0; 6; 2; 7; 3; 8; 9; 10; 11; 12; 13; 14; 15]; [5; 4; 1; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e384m317/CurveParameters.v b/src/Specific/solinas32_2e384m317/CurveParameters.v index bd88da389..ba2e0240e 100644 --- a/src/Specific/solinas32_2e384m317/CurveParameters.v +++ b/src/Specific/solinas32_2e384m317/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^384 - 317 -Base: 21 +Base: 21 + 1/3 ***) Definition curve : CurveParameters := {| sz := 18%nat; - base := 21; + base := 21 + 1/3; bitwidth := 32; s := 2^384; c := [(1, 317)]; diff --git a/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v b/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v new file mode 100644 index 000000000..eed756f94 --- /dev/null +++ b/src/Specific/solinas32_2e384m5x2e368m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 5*2^368 - 1 +Base: 24 +***) + +Definition curve : CurveParameters := + {| + sz := 16%nat; + base := 24; + bitwidth := 32; + s := 2^384; + c := [(1, 1); (5, 2^368)]; + carry_chains := Some [[14; 15]; [15; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14]; [15; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e413m21/Synthesis.v b/src/Specific/solinas32_2e384m5x2e368m1/Synthesis.v index b672e4d90..245e3c290 100644 --- a/src/Specific/solinas32_2e413m21/Synthesis.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/Synthesis.v @@ -1,5 +1,5 @@ Require Import Crypto.Specific.Framework.SynthesisFramework. -Require Import Crypto.Specific.solinas32_2e413m21.CurveParameters. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.CurveParameters. Module P <: PrePackage. Definition package : Tag.Context. diff --git a/src/Specific/solinas32_2e384m5x2e368m1/compiler.sh b/src/Specific/solinas32_2e384m5x2e368m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e384m5x2e368m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e413m21/femul.v b/src/Specific/solinas32_2e384m5x2e368m1/femul.v index 3822272e0..ed129081b 100644 --- a/src/Specific/solinas32_2e413m21/femul.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/femul.v @@ -1,5 +1,5 @@ Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import Crypto.Specific.solinas32_2e413m21.Synthesis. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition mul : diff --git a/src/Specific/solinas32_2e413m21/femulDisplay.v b/src/Specific/solinas32_2e384m5x2e368m1/femulDisplay.v index 7b58da74e..3514947f9 100644 --- a/src/Specific/solinas32_2e413m21/femulDisplay.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/femulDisplay.v @@ -1,4 +1,4 @@ -Require Import Crypto.Specific.solinas32_2e413m21.femul. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.femul. Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. Check display mul. diff --git a/src/Specific/solinas32_2e413m21/fesquare.v b/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v index d722d6ca1..ac2452c60 100644 --- a/src/Specific/solinas32_2e413m21/fesquare.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/fesquare.v @@ -1,5 +1,5 @@ Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import Crypto.Specific.solinas32_2e413m21.Synthesis. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition square : diff --git a/src/Specific/solinas32_2e413m21/fesquareDisplay.v b/src/Specific/solinas32_2e384m5x2e368m1/fesquareDisplay.v index 6b79c6f00..29735e50e 100644 --- a/src/Specific/solinas32_2e413m21/fesquareDisplay.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/fesquareDisplay.v @@ -1,4 +1,4 @@ -Require Import Crypto.Specific.solinas32_2e413m21.fesquare. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.fesquare. Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. Check display square. diff --git a/src/Specific/solinas32_2e413m21/freeze.v b/src/Specific/solinas32_2e384m5x2e368m1/freeze.v index e27e50870..9b39e69bb 100644 --- a/src/Specific/solinas32_2e413m21/freeze.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/freeze.v @@ -1,5 +1,5 @@ Require Import Crypto.Arithmetic.PrimeFieldTheorems. -Require Import Crypto.Specific.solinas32_2e413m21.Synthesis. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.Synthesis. (* TODO : change this to field once field isomorphism happens *) Definition freeze : diff --git a/src/Specific/solinas32_2e413m21/freezeDisplay.v b/src/Specific/solinas32_2e384m5x2e368m1/freezeDisplay.v index 7422f40d0..d1df7466e 100644 --- a/src/Specific/solinas32_2e413m21/freezeDisplay.v +++ b/src/Specific/solinas32_2e384m5x2e368m1/freezeDisplay.v @@ -1,4 +1,4 @@ -Require Import Crypto.Specific.solinas32_2e413m21.freeze. +Require Import Crypto.Specific.solinas32_2e384m5x2e368m1.freeze. Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. Check display freeze. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v b/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v new file mode 100644 index 000000000..644f03f38 --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 79*2^376 - 1 +Base: 24 +***) + +Definition curve : CurveParameters := + {| + sz := 16%nat; + base := 24; + bitwidth := 32; + s := 2^384; + c := [(1, 1); (79, 2^376)]; + carry_chains := Some [[14; 15]; [15; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14]; [15; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/Synthesis.v b/src/Specific/solinas32_2e384m79x2e376m1/Synthesis.v new file mode 100644 index 000000000..6c80f93f3 --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/compiler.sh b/src/Specific/solinas32_2e384m79x2e376m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e384m79x2e376m1/femul.v b/src/Specific/solinas32_2e384m79x2e376m1/femul.v new file mode 100644 index 000000000..b75f09ecb --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/femulDisplay.v b/src/Specific/solinas32_2e384m79x2e376m1/femulDisplay.v new file mode 100644 index 000000000..e3e07c9c2 --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v b/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v new file mode 100644 index 000000000..e0ab6b6f0 --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/fesquareDisplay.v b/src/Specific/solinas32_2e384m79x2e376m1/fesquareDisplay.v new file mode 100644 index 000000000..504cab37b --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/freeze.v b/src/Specific/solinas32_2e384m79x2e376m1/freeze.v new file mode 100644 index 000000000..c8f63c1a8 --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e384m79x2e376m1/freezeDisplay.v b/src/Specific/solinas32_2e384m79x2e376m1/freezeDisplay.v new file mode 100644 index 000000000..f02c13fcd --- /dev/null +++ b/src/Specific/solinas32_2e384m79x2e376m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e384m79x2e376m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e401m31/CurveParameters.v b/src/Specific/solinas32_2e401m31/CurveParameters.v index b0e9112f4..f649f7eda 100644 --- a/src/Specific/solinas32_2e401m31/CurveParameters.v +++ b/src/Specific/solinas32_2e401m31/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^401 - 31 -Base: 25 +Base: 25 + 1/16 ***) Definition curve : CurveParameters := {| sz := 16%nat; - base := 25; + base := 25 + 1/16; bitwidth := 32; s := 2^401; c := [(1, 31)]; diff --git a/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v b/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v index b8347211e..d3aecd6fe 100644 --- a/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/solinas32_2e416m2e208m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^416; c := [(1, 1); (2^208, 1)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [[7; 15]; [8; 0; 9; 1; 10; 2; 11; 3; 12; 4; 13; 5; 14; 6; 15; 7]; [8; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e444m17/CurveParameters.v b/src/Specific/solinas32_2e444m17/CurveParameters.v index 45727d7b0..9e2b9ecc5 100644 --- a/src/Specific/solinas32_2e444m17/CurveParameters.v +++ b/src/Specific/solinas32_2e444m17/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^444 - 17 -Base: 22 +Base: 22.2 ***) Definition curve : CurveParameters := {| sz := 20%nat; - base := 22; + base := 22 + 1/5; bitwidth := 32; s := 2^444; c := [(1, 17)]; diff --git a/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v b/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v index 11bb6b4e2..ca927d382 100644 --- a/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/solinas32_2e448m2e224m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^448; c := [(1, 1); (2^224, 1)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [[7; 15]; [8; 0; 9; 1; 10; 2; 11; 3; 12; 4; 13; 5; 14; 6; 15; 7]; [8; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v b/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v index eb7e3f444..06e781969 100644 --- a/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/solinas32_2e450m2e225m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^450 - 2^225 - 1 -Base: 28 +Base: 30 ***) Definition curve : CurveParameters := {| - sz := 16%nat; - base := 28; + sz := 15%nat; + base := 30; bitwidth := 32; s := 2^450; c := [(1, 1); (2^225, 1)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [[6; 14]; [7; 0; 8; 1; 9; 2; 10; 3; 11; 4; 12; 5; 13; 6; 14]; [7; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e452m3/CurveParameters.v b/src/Specific/solinas32_2e452m3/CurveParameters.v index e87f46107..6388bad63 100644 --- a/src/Specific/solinas32_2e452m3/CurveParameters.v +++ b/src/Specific/solinas32_2e452m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^452 - 3 -Base: 25 +Base: 28.25 ***) Definition curve : CurveParameters := {| - sz := 18%nat; - base := 25; + sz := 16%nat; + base := 28 + 1/4; bitwidth := 32; s := 2^452; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 18); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e468m17/CurveParameters.v b/src/Specific/solinas32_2e468m17/CurveParameters.v index e44d7b682..848cb58fc 100644 --- a/src/Specific/solinas32_2e468m17/CurveParameters.v +++ b/src/Specific/solinas32_2e468m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^468 - 17 -Base: 19 +Base: 26 ***) Definition curve : CurveParameters := {| - sz := 24%nat; - base := 19; + sz := 18%nat; + base := 26; bitwidth := 32; s := 2^468; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 24); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 18); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v b/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v index 3c9b6dc39..989efa049 100644 --- a/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/solinas32_2e480m2e240m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 32; s := 2^480; c := [(1, 1); (2^240, 1)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [[7; 15]; [8; 0; 9; 1; 10; 2; 11; 3; 12; 4; 13; 5; 14; 6; 15; 7]; [8; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e488m17/CurveParameters.v b/src/Specific/solinas32_2e488m17/CurveParameters.v index 910254a3d..930a9d0a3 100644 --- a/src/Specific/solinas32_2e488m17/CurveParameters.v +++ b/src/Specific/solinas32_2e488m17/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^488 - 17 -Base: 20 +Base: 20 + 1/3 ***) Definition curve : CurveParameters := {| sz := 24%nat; - base := 20; + base := 20 + 1/3; bitwidth := 32; s := 2^488; c := [(1, 17)]; diff --git a/src/Specific/solinas32_2e489m21/CurveParameters.v b/src/Specific/solinas32_2e489m21/CurveParameters.v index 5e42cf526..cfbfd01dc 100644 --- a/src/Specific/solinas32_2e489m21/CurveParameters.v +++ b/src/Specific/solinas32_2e489m21/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^489 - 21 -Base: 18 +Base: 18 + 1/9 ***) Definition curve : CurveParameters := {| sz := 27%nat; - base := 18; + base := 18 + 1/9; bitwidth := 32; s := 2^489; c := [(1, 21)]; diff --git a/src/Specific/solinas32_2e495m31/CurveParameters.v b/src/Specific/solinas32_2e495m31/CurveParameters.v index 2f2b48858..2cb435175 100644 --- a/src/Specific/solinas32_2e495m31/CurveParameters.v +++ b/src/Specific/solinas32_2e495m31/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^495 - 31 -Base: 22 +Base: 26 + 1/19 ***) Definition curve : CurveParameters := {| - sz := 22%nat; - base := 22; + sz := 19%nat; + base := 26 + 1/19; bitwidth := 32; s := 2^495; c := [(1, 31)]; - carry_chains := Some [seq 0 (pred 22); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 19); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v b/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v new file mode 100644 index 000000000..0a40537ce --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^510 - 290*2^496 - 1 +Base: 21.25 +***) + +Definition curve : CurveParameters := + {| + sz := 24%nat; + base := 21 + 1/4; + bitwidth := 32; + s := 2^510; + c := [(1, 1); (290, 2^496)]; + carry_chains := Some [[22; 23]; [23; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; 17; 18; 19; 20; 21; 22]; [23; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/Synthesis.v b/src/Specific/solinas32_2e510m290x2e496m1/Synthesis.v new file mode 100644 index 000000000..f3276364d --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/compiler.sh b/src/Specific/solinas32_2e510m290x2e496m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e510m290x2e496m1/femul.v b/src/Specific/solinas32_2e510m290x2e496m1/femul.v new file mode 100644 index 000000000..14f4ab1c3 --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/femulDisplay.v b/src/Specific/solinas32_2e510m290x2e496m1/femulDisplay.v new file mode 100644 index 000000000..924d110ed --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v b/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v new file mode 100644 index 000000000..f607a0d14 --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/fesquareDisplay.v b/src/Specific/solinas32_2e510m290x2e496m1/fesquareDisplay.v new file mode 100644 index 000000000..7ab7a089f --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/freeze.v b/src/Specific/solinas32_2e510m290x2e496m1/freeze.v new file mode 100644 index 000000000..cdd6776df --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e510m290x2e496m1/freezeDisplay.v b/src/Specific/solinas32_2e510m290x2e496m1/freezeDisplay.v new file mode 100644 index 000000000..0b3b105e3 --- /dev/null +++ b/src/Specific/solinas32_2e510m290x2e496m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e510m290x2e496m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e511m187/CurveParameters.v b/src/Specific/solinas32_2e511m187/CurveParameters.v index c6afd0f11..a9d891208 100644 --- a/src/Specific/solinas32_2e511m187/CurveParameters.v +++ b/src/Specific/solinas32_2e511m187/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^511 - 187 -Base: 18 +Base: 18.25 ***) Definition curve : CurveParameters := {| sz := 28%nat; - base := 18; + base := 18 + 1/4; bitwidth := 32; s := 2^511; c := [(1, 187)]; diff --git a/src/Specific/solinas32_2e511m481/CurveParameters.v b/src/Specific/solinas32_2e511m481/CurveParameters.v index de877ff5b..832d2d6a8 100644 --- a/src/Specific/solinas32_2e511m481/CurveParameters.v +++ b/src/Specific/solinas32_2e511m481/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^511 - 481 -Base: 18 +Base: 18.25 ***) Definition curve : CurveParameters := {| sz := 28%nat; - base := 18; + base := 18 + 1/4; bitwidth := 32; s := 2^511; c := [(1, 481)]; diff --git a/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v b/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v new file mode 100644 index 000000000..99b7d6333 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^512 - 491*2^496 - 1 +Base: 21 + 1/3 +***) + +Definition curve : CurveParameters := + {| + sz := 24%nat; + base := 21 + 1/3; + bitwidth := 32; + s := 2^512; + c := [(1, 1); (491, 2^496)]; + carry_chains := Some [[22; 23]; [23; 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; 17; 18; 19; 20; 21; 22]; [23; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/Synthesis.v b/src/Specific/solinas32_2e512m491x2e496m1/Synthesis.v new file mode 100644 index 000000000..10b75e690 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/compiler.sh b/src/Specific/solinas32_2e512m491x2e496m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas32_2e512m491x2e496m1/femul.v b/src/Specific/solinas32_2e512m491x2e496m1/femul.v new file mode 100644 index 000000000..2f24d9c94 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/femulDisplay.v b/src/Specific/solinas32_2e512m491x2e496m1/femulDisplay.v new file mode 100644 index 000000000..43019f5e0 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v b/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v new file mode 100644 index 000000000..d189d9098 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/fesquareDisplay.v b/src/Specific/solinas32_2e512m491x2e496m1/fesquareDisplay.v new file mode 100644 index 000000000..509baa545 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/freeze.v b/src/Specific/solinas32_2e512m491x2e496m1/freeze.v new file mode 100644 index 000000000..1277b0383 --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas32_2e512m491x2e496m1/freezeDisplay.v b/src/Specific/solinas32_2e512m491x2e496m1/freezeDisplay.v new file mode 100644 index 000000000..9d681d7cf --- /dev/null +++ b/src/Specific/solinas32_2e512m491x2e496m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas32_2e512m491x2e496m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas32_2e512m569/CurveParameters.v b/src/Specific/solinas32_2e512m569/CurveParameters.v index bc0433f2c..6c763cf85 100644 --- a/src/Specific/solinas32_2e512m569/CurveParameters.v +++ b/src/Specific/solinas32_2e512m569/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^512 - 569 -Base: 17 +Base: 21 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 30%nat; - base := 17; + sz := 24%nat; + base := 21 + 1/3; bitwidth := 32; s := 2^512; c := [(1, 569)]; - carry_chains := Some [seq 0 (pred 30); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 24); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas32_2e521m1/CurveParameters.v b/src/Specific/solinas32_2e521m1/CurveParameters.v index e5a6dfa8a..22dbde5a8 100644 --- a/src/Specific/solinas32_2e521m1/CurveParameters.v +++ b/src/Specific/solinas32_2e521m1/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^521 - 1 -Base: 26 +Base: 26 + 1/20 ***) Definition curve : CurveParameters := {| sz := 20%nat; - base := 26; + base := 26 + 1/20; bitwidth := 32; s := 2^521; c := [(1, 1)]; diff --git a/src/Specific/solinas64_2e127m1/CurveParameters.v b/src/Specific/solinas64_2e127m1/CurveParameters.v index 585295358..172f05b92 100644 --- a/src/Specific/solinas64_2e127m1/CurveParameters.v +++ b/src/Specific/solinas64_2e127m1/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^127 - 1 -Base: 42 +Base: 42 + 1/3 ***) Definition curve : CurveParameters := {| sz := 3%nat; - base := 42; + base := 42 + 1/3; bitwidth := 64; s := 2^127; c := [(1, 1)]; diff --git a/src/Specific/solinas64_2e129m25/CurveParameters.v b/src/Specific/solinas64_2e129m25/CurveParameters.v index 832c97c99..f65e5e494 100644 --- a/src/Specific/solinas64_2e129m25/CurveParameters.v +++ b/src/Specific/solinas64_2e129m25/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^129 - 25 -Base: 32 +Base: 43 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 32; + sz := 3%nat; + base := 43; bitwidth := 64; s := 2^129; c := [(1, 25)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e130m5/CurveParameters.v b/src/Specific/solinas64_2e130m5/CurveParameters.v index b1ede3d74..2f1b7af5e 100644 --- a/src/Specific/solinas64_2e130m5/CurveParameters.v +++ b/src/Specific/solinas64_2e130m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^130 - 5 -Base: 32 +Base: 43 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 32; + sz := 3%nat; + base := 43 + 1/3; bitwidth := 64; s := 2^130; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e137m13/CurveParameters.v b/src/Specific/solinas64_2e137m13/CurveParameters.v index 97f952285..a95c85080 100644 --- a/src/Specific/solinas64_2e137m13/CurveParameters.v +++ b/src/Specific/solinas64_2e137m13/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^137 - 13 -Base: 34 +Base: 34.25 ***) Definition curve : CurveParameters := {| sz := 4%nat; - base := 34; + base := 34 + 1/4; bitwidth := 64; s := 2^137; c := [(1, 13)]; diff --git a/src/Specific/solinas64_2e141m9/CurveParameters.v b/src/Specific/solinas64_2e141m9/CurveParameters.v index 42a59b213..2211349ae 100644 --- a/src/Specific/solinas64_2e141m9/CurveParameters.v +++ b/src/Specific/solinas64_2e141m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^141 - 9 -Base: 35 +Base: 47 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 35; + sz := 3%nat; + base := 47; bitwidth := 64; s := 2^141; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e150m3/CurveParameters.v b/src/Specific/solinas64_2e150m3/CurveParameters.v index 263868b60..fd18187b7 100644 --- a/src/Specific/solinas64_2e150m3/CurveParameters.v +++ b/src/Specific/solinas64_2e150m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^150 - 3 -Base: 37 +Base: 50 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 37; + sz := 3%nat; + base := 50; bitwidth := 64; s := 2^150; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e150m5/CurveParameters.v b/src/Specific/solinas64_2e150m5/CurveParameters.v index 967425999..2608e03dc 100644 --- a/src/Specific/solinas64_2e150m5/CurveParameters.v +++ b/src/Specific/solinas64_2e150m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^150 - 5 -Base: 37 +Base: 50 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 37; + sz := 3%nat; + base := 50; bitwidth := 64; s := 2^150; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e158m15/CurveParameters.v b/src/Specific/solinas64_2e158m15/CurveParameters.v index 1fa028164..8ed69cd57 100644 --- a/src/Specific/solinas64_2e158m15/CurveParameters.v +++ b/src/Specific/solinas64_2e158m15/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^158 - 15 -Base: 39 +Base: 39.5 ***) Definition curve : CurveParameters := {| sz := 4%nat; - base := 39; + base := 39 + 1/2; bitwidth := 64; s := 2^158; c := [(1, 15)]; diff --git a/src/Specific/solinas64_2e165m25/CurveParameters.v b/src/Specific/solinas64_2e165m25/CurveParameters.v index c89b7b5d7..f4c16bd5d 100644 --- a/src/Specific/solinas64_2e165m25/CurveParameters.v +++ b/src/Specific/solinas64_2e165m25/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^165 - 25 -Base: 41 +Base: 55 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 41; + sz := 3%nat; + base := 55; bitwidth := 64; s := 2^165; c := [(1, 25)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e166m5/CurveParameters.v b/src/Specific/solinas64_2e166m5/CurveParameters.v index beb1332fe..c640e29c2 100644 --- a/src/Specific/solinas64_2e166m5/CurveParameters.v +++ b/src/Specific/solinas64_2e166m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^166 - 5 -Base: 41 +Base: 55 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 41; + sz := 3%nat; + base := 55 + 1/3; bitwidth := 64; s := 2^166; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e171m19/CurveParameters.v b/src/Specific/solinas64_2e171m19/CurveParameters.v index 6b885508b..76664dbf1 100644 --- a/src/Specific/solinas64_2e171m19/CurveParameters.v +++ b/src/Specific/solinas64_2e171m19/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^171 - 19 -Base: 34 +Base: 57 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 34; + sz := 3%nat; + base := 57; bitwidth := 64; s := 2^171; c := [(1, 19)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e174m17/CurveParameters.v b/src/Specific/solinas64_2e174m17/CurveParameters.v index 79fc4445d..40c79ab54 100644 --- a/src/Specific/solinas64_2e174m17/CurveParameters.v +++ b/src/Specific/solinas64_2e174m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^174 - 17 -Base: 43 +Base: 58 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 43; + sz := 3%nat; + base := 58; bitwidth := 64; s := 2^174; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e174m3/CurveParameters.v b/src/Specific/solinas64_2e174m3/CurveParameters.v index 74521ff93..ab749a9bc 100644 --- a/src/Specific/solinas64_2e174m3/CurveParameters.v +++ b/src/Specific/solinas64_2e174m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^174 - 3 -Base: 43 +Base: 58 ***) Definition curve : CurveParameters := {| - sz := 4%nat; - base := 43; + sz := 3%nat; + base := 58; bitwidth := 64; s := 2^174; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 3); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e189m25/CurveParameters.v b/src/Specific/solinas64_2e189m25/CurveParameters.v index a79eb839e..692218069 100644 --- a/src/Specific/solinas64_2e189m25/CurveParameters.v +++ b/src/Specific/solinas64_2e189m25/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^189 - 25 -Base: 31 +Base: 47.25 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 31; + sz := 4%nat; + base := 47 + 1/4; bitwidth := 64; s := 2^189; c := [(1, 25)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e190m11/CurveParameters.v b/src/Specific/solinas64_2e190m11/CurveParameters.v index fff8cf373..6e3813371 100644 --- a/src/Specific/solinas64_2e190m11/CurveParameters.v +++ b/src/Specific/solinas64_2e190m11/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^190 - 11 -Base: 38 +Base: 47.5 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 38; + sz := 4%nat; + base := 47 + 1/2; bitwidth := 64; s := 2^190; c := [(1, 11)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e191m19/CurveParameters.v b/src/Specific/solinas64_2e191m19/CurveParameters.v index 680cd5a1e..80ed79ebe 100644 --- a/src/Specific/solinas64_2e191m19/CurveParameters.v +++ b/src/Specific/solinas64_2e191m19/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^191 - 19 -Base: 38 +Base: 38.2 ***) Definition curve : CurveParameters := {| sz := 5%nat; - base := 38; + base := 38 + 1/5; bitwidth := 64; s := 2^191; c := [(1, 19)]; diff --git a/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v b/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v index 5b497fc51..60a366173 100644 --- a/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v +++ b/src/Specific/solinas64_2e192m2e64m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^192; c := [(1, 1); (2^64, 1)]; - carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; + carry_chains := Some [[0; 3]; [1; 0; 2; 3]; [1; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e194m33/CurveParameters.v b/src/Specific/solinas64_2e194m33/CurveParameters.v index 6ae7ab953..9cfd38e73 100644 --- a/src/Specific/solinas64_2e194m33/CurveParameters.v +++ b/src/Specific/solinas64_2e194m33/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^194 - 33 -Base: 32 +Base: 48.5 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 32; + sz := 4%nat; + base := 48 + 1/2; bitwidth := 64; s := 2^194; c := [(1, 33)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e196m15/CurveParameters.v b/src/Specific/solinas64_2e196m15/CurveParameters.v index 920939b0b..49ae66256 100644 --- a/src/Specific/solinas64_2e196m15/CurveParameters.v +++ b/src/Specific/solinas64_2e196m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^196 - 15 -Base: 39 +Base: 49 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 39; + sz := 4%nat; + base := 49; bitwidth := 64; s := 2^196; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e198m17/CurveParameters.v b/src/Specific/solinas64_2e198m17/CurveParameters.v index 689c9cf14..bb16777a7 100644 --- a/src/Specific/solinas64_2e198m17/CurveParameters.v +++ b/src/Specific/solinas64_2e198m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^198 - 17 -Base: 33 +Base: 49.5 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 33; + sz := 4%nat; + base := 49 + 1/2; bitwidth := 64; s := 2^198; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v b/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v new file mode 100644 index 000000000..c69ff76ea --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^205 - 45*2^198 - 1 +Base: 51.25 +***) + +Definition curve : CurveParameters := + {| + sz := 4%nat; + base := 51 + 1/4; + bitwidth := 64; + s := 2^205; + c := [(1, 1); (45, 2^198)]; + carry_chains := Some [[2; 3]; [3; 0; 1; 2]; [3; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/Synthesis.v b/src/Specific/solinas64_2e205m45x2e198m1/Synthesis.v new file mode 100644 index 000000000..b0bd151f8 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/compiler.sh b/src/Specific/solinas64_2e205m45x2e198m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e205m45x2e198m1/femul.v b/src/Specific/solinas64_2e205m45x2e198m1/femul.v new file mode 100644 index 000000000..ed7590e15 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/femulDisplay.v b/src/Specific/solinas64_2e205m45x2e198m1/femulDisplay.v new file mode 100644 index 000000000..8554f26e5 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v b/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v new file mode 100644 index 000000000..3c32aeda2 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/fesquareDisplay.v b/src/Specific/solinas64_2e205m45x2e198m1/fesquareDisplay.v new file mode 100644 index 000000000..6b795e996 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/freeze.v b/src/Specific/solinas64_2e205m45x2e198m1/freeze.v new file mode 100644 index 000000000..67bcd0225 --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e205m45x2e198m1/freezeDisplay.v b/src/Specific/solinas64_2e205m45x2e198m1/freezeDisplay.v new file mode 100644 index 000000000..1704363fe --- /dev/null +++ b/src/Specific/solinas64_2e205m45x2e198m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e205m45x2e198m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e206m5/CurveParameters.v b/src/Specific/solinas64_2e206m5/CurveParameters.v index 40d0bf636..91e7a7340 100644 --- a/src/Specific/solinas64_2e206m5/CurveParameters.v +++ b/src/Specific/solinas64_2e206m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^206 - 5 -Base: 41 +Base: 51.5 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 41; + sz := 4%nat; + base := 51 + 1/2; bitwidth := 64; s := 2^206; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e212m29/CurveParameters.v b/src/Specific/solinas64_2e212m29/CurveParameters.v index 93575351f..5d5f77188 100644 --- a/src/Specific/solinas64_2e212m29/CurveParameters.v +++ b/src/Specific/solinas64_2e212m29/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^212 - 29 -Base: 35 +Base: 53 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 35; + sz := 4%nat; + base := 53; bitwidth := 64; s := 2^212; c := [(1, 29)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e213m3/CurveParameters.v b/src/Specific/solinas64_2e213m3/CurveParameters.v index 4aaa1b85a..5e75b33fd 100644 --- a/src/Specific/solinas64_2e213m3/CurveParameters.v +++ b/src/Specific/solinas64_2e213m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^213 - 3 -Base: 35 +Base: 53.25 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 35; + sz := 4%nat; + base := 53 + 1/4; bitwidth := 64; s := 2^213; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v b/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v index c6e24e21e..59bdb5d23 100644 --- a/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v +++ b/src/Specific/solinas64_2e216m2e108m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^216 - 2^108 - 1 -Base: 43 +Base: 54 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 43; + sz := 4%nat; + base := 54; bitwidth := 64; s := 2^216; c := [(1, 1); (2^108, 1)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [[1; 3]; [2; 0; 3; 1]; [2; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e221m3/CurveParameters.v b/src/Specific/solinas64_2e221m3/CurveParameters.v index 29c5a2813..b44058217 100644 --- a/src/Specific/solinas64_2e221m3/CurveParameters.v +++ b/src/Specific/solinas64_2e221m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^221 - 3 -Base: 44 +Base: 55.25 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 44; + sz := 4%nat; + base := 55 + 1/4; bitwidth := 64; s := 2^221; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e222m117/CurveParameters.v b/src/Specific/solinas64_2e222m117/CurveParameters.v index 8eb74563a..71faedd80 100644 --- a/src/Specific/solinas64_2e222m117/CurveParameters.v +++ b/src/Specific/solinas64_2e222m117/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^222 - 117 -Base: 37 +Base: 55.5 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 37; + sz := 4%nat; + base := 55 + 1/2; bitwidth := 64; s := 2^222; c := [(1, 117)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v b/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v index b76b2879f..36916c795 100644 --- a/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v +++ b/src/Specific/solinas64_2e224m2e96p1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^224 - 2^96 + 1 -Base: 37 +Base: 56 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 37; + sz := 4%nat; + base := 56; bitwidth := 64; s := 2^224; c := [(1, -1); (2^96, 1)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [[0; 3]; [1; 0; 2; 3]; [1; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e226m5/CurveParameters.v b/src/Specific/solinas64_2e226m5/CurveParameters.v index 6f4306093..39926acc6 100644 --- a/src/Specific/solinas64_2e226m5/CurveParameters.v +++ b/src/Specific/solinas64_2e226m5/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^226 - 5 -Base: 45 +Base: 56.5 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 45; + sz := 4%nat; + base := 56 + 1/2; bitwidth := 64; s := 2^226; c := [(1, 5)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e230m27/CurveParameters.v b/src/Specific/solinas64_2e230m27/CurveParameters.v index 2b909f1bb..46652185e 100644 --- a/src/Specific/solinas64_2e230m27/CurveParameters.v +++ b/src/Specific/solinas64_2e230m27/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^230 - 27 -Base: 46 +Base: 57.5 ***) Definition curve : CurveParameters := {| - sz := 5%nat; - base := 46; + sz := 4%nat; + base := 57 + 1/2; bitwidth := 64; s := 2^230; c := [(1, 27)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 4); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e243m9/CurveParameters.v b/src/Specific/solinas64_2e243m9/CurveParameters.v index c8dce3b16..6bdd89024 100644 --- a/src/Specific/solinas64_2e243m9/CurveParameters.v +++ b/src/Specific/solinas64_2e243m9/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^243 - 9 -Base: 40 +Base: 40.5 ***) Definition curve : CurveParameters := {| sz := 6%nat; - base := 40; + base := 40 + 1/2; bitwidth := 64; s := 2^243; c := [(1, 9)]; diff --git a/src/Specific/solinas64_2e251m9/CurveParameters.v b/src/Specific/solinas64_2e251m9/CurveParameters.v index 023041b13..cc6ac02f4 100644 --- a/src/Specific/solinas64_2e251m9/CurveParameters.v +++ b/src/Specific/solinas64_2e251m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^251 - 9 -Base: 25 +Base: 50.2 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 25; + sz := 5%nat; + base := 50 + 1/5; bitwidth := 64; s := 2^251; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v b/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v new file mode 100644 index 000000000..5e3edc80b --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^254 - 127*2^240 - 1 +Base: 42 + 1/3 +***) + +Definition curve : CurveParameters := + {| + sz := 6%nat; + base := 42 + 1/3; + bitwidth := 64; + s := 2^254; + c := [(1, 1); (127, 2^240)]; + carry_chains := Some [[4; 5]; [5; 0; 1; 2; 3; 4]; [5; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/Synthesis.v b/src/Specific/solinas64_2e254m127x2e240m1/Synthesis.v new file mode 100644 index 000000000..a0f315afc --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/compiler.sh b/src/Specific/solinas64_2e254m127x2e240m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e254m127x2e240m1/femul.v b/src/Specific/solinas64_2e254m127x2e240m1/femul.v new file mode 100644 index 000000000..ac9275024 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/femulDisplay.v b/src/Specific/solinas64_2e254m127x2e240m1/femulDisplay.v new file mode 100644 index 000000000..1c90bc1a4 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v b/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v new file mode 100644 index 000000000..1f8dd73f5 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/fesquareDisplay.v b/src/Specific/solinas64_2e254m127x2e240m1/fesquareDisplay.v new file mode 100644 index 000000000..899dc2751 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/freeze.v b/src/Specific/solinas64_2e254m127x2e240m1/freeze.v new file mode 100644 index 000000000..48ccdaea9 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e254m127x2e240m1/freezeDisplay.v b/src/Specific/solinas64_2e254m127x2e240m1/freezeDisplay.v new file mode 100644 index 000000000..13ab078b3 --- /dev/null +++ b/src/Specific/solinas64_2e254m127x2e240m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e254m127x2e240m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e255m19/CurveParameters.v b/src/Specific/solinas64_2e255m19/CurveParameters.v index 03964ea0c..67e2ee0e8 100644 --- a/src/Specific/solinas64_2e255m19/CurveParameters.v +++ b/src/Specific/solinas64_2e255m19/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^255 - 19 -Base: 42 +Base: 51 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 42; + sz := 5%nat; + base := 51; bitwidth := 64; s := 2^255; c := [(1, 19)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v b/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v index 5c2747c0b..35cdcd2a7 100644 --- a/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v +++ b/src/Specific/solinas64_2e255m2e4m2e1m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^255; c := [(1, 1); (2^1, 1); (2^4, 1)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [[4; 4; 4]; [0; 1; 2; 3]; [0; 0; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e255m765/CurveParameters.v b/src/Specific/solinas64_2e255m765/CurveParameters.v index 2d1c2199b..d33d55bed 100644 --- a/src/Specific/solinas64_2e255m765/CurveParameters.v +++ b/src/Specific/solinas64_2e255m765/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^255 - 765 -Base: 42 +Base: 51 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 42; + sz := 5%nat; + base := 51; bitwidth := 64; s := 2^255; c := [(1, 765)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e256m189/CurveParameters.v b/src/Specific/solinas64_2e256m189/CurveParameters.v index f9d9b9c06..e57002787 100644 --- a/src/Specific/solinas64_2e256m189/CurveParameters.v +++ b/src/Specific/solinas64_2e256m189/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 189 -Base: 32 +Base: 51.2 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 32; + sz := 5%nat; + base := 51 + 1/5; bitwidth := 64; s := 2^256; c := [(1, 189)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v index a169dfe68..028a49b50 100644 --- a/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v +++ b/src/Specific/solinas64_2e256m2e224p2e192p2e96m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 2^224 + 2^192 + 2^96 - 1 -Base: 51 +Base: 51.2 ***) Definition curve : CurveParameters := {| sz := 5%nat; - base := 51; + base := 51 + 1/5; bitwidth := 64; s := 2^256; c := [(1, 1); (2^96, -1); (2^192, -1); (2^224, 1)]; - carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; + carry_chains := Some [[3; 2; 0; 4]; [4; 3; 1; 0; 2]; [4; 3; 1; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v b/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v index d2fb79b54..1b5b5f7da 100644 --- a/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v +++ b/src/Specific/solinas64_2e256m2e32m977/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^256 - 2^32 - 977 -Base: 32 +Base: 51.2 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 32; + sz := 5%nat; + base := 51 + 1/5; bitwidth := 64; s := 2^256; c := [(1, 977); (2^32, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[4; 4]; [0; 1; 2; 3]; [0; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v b/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v new file mode 100644 index 000000000..14b56bcc0 --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^256 - 88*2^240 - 1 +Base: 51.2 +***) + +Definition curve : CurveParameters := + {| + sz := 5%nat; + base := 51 + 1/5; + bitwidth := 64; + s := 2^256; + c := [(1, 1); (88, 2^240)]; + carry_chains := Some [[3; 4]; [4; 0; 1; 2; 3]; [4; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/Synthesis.v b/src/Specific/solinas64_2e256m88x2e240m1/Synthesis.v new file mode 100644 index 000000000..f803ba58b --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/compiler.sh b/src/Specific/solinas64_2e256m88x2e240m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e256m88x2e240m1/femul.v b/src/Specific/solinas64_2e256m88x2e240m1/femul.v new file mode 100644 index 000000000..998ca23b3 --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/femulDisplay.v b/src/Specific/solinas64_2e256m88x2e240m1/femulDisplay.v new file mode 100644 index 000000000..03e18f5cd --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v b/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v new file mode 100644 index 000000000..34ea58eda --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/fesquareDisplay.v b/src/Specific/solinas64_2e256m88x2e240m1/fesquareDisplay.v new file mode 100644 index 000000000..8d57444ae --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/freeze.v b/src/Specific/solinas64_2e256m88x2e240m1/freeze.v new file mode 100644 index 000000000..36643c70a --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e256m88x2e240m1/freezeDisplay.v b/src/Specific/solinas64_2e256m88x2e240m1/freezeDisplay.v new file mode 100644 index 000000000..cffbb1e90 --- /dev/null +++ b/src/Specific/solinas64_2e256m88x2e240m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e256m88x2e240m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e266m3/CurveParameters.v b/src/Specific/solinas64_2e266m3/CurveParameters.v index abd42c2e9..20b9a834a 100644 --- a/src/Specific/solinas64_2e266m3/CurveParameters.v +++ b/src/Specific/solinas64_2e266m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^266 - 3 -Base: 44 +Base: 53.2 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 44; + sz := 5%nat; + base := 53 + 1/5; bitwidth := 64; s := 2^266; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e285m9/CurveParameters.v b/src/Specific/solinas64_2e285m9/CurveParameters.v index 52ba8173d..b9cb4ab1b 100644 --- a/src/Specific/solinas64_2e285m9/CurveParameters.v +++ b/src/Specific/solinas64_2e285m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^285 - 9 -Base: 47 +Base: 57 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 47; + sz := 5%nat; + base := 57; bitwidth := 64; s := 2^285; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e291m19/CurveParameters.v b/src/Specific/solinas64_2e291m19/CurveParameters.v index bb41bc110..b6e3aeb5d 100644 --- a/src/Specific/solinas64_2e291m19/CurveParameters.v +++ b/src/Specific/solinas64_2e291m19/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^291 - 19 -Base: 48 +Base: 58.2 ***) Definition curve : CurveParameters := {| - sz := 6%nat; - base := 48; + sz := 5%nat; + base := 58 + 1/5; bitwidth := 64; s := 2^291; c := [(1, 19)]; - carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 5); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e321m9/CurveParameters.v b/src/Specific/solinas64_2e321m9/CurveParameters.v index 3014703cf..89bf02b95 100644 --- a/src/Specific/solinas64_2e321m9/CurveParameters.v +++ b/src/Specific/solinas64_2e321m9/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^321 - 9 -Base: 40 +Base: 53.5 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 40; + sz := 6%nat; + base := 53 + 1/2; bitwidth := 64; s := 2^321; c := [(1, 9)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v b/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v index ba1442980..a26020ecc 100644 --- a/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v +++ b/src/Specific/solinas64_2e322m2e161m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^322; c := [(1, 1); (2^161, 1)]; - carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; + carry_chains := Some [[2; 6]; [3; 0; 4; 1; 5; 2; 6]; [3; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e336m17/CurveParameters.v b/src/Specific/solinas64_2e336m17/CurveParameters.v index ea471461d..4481489c7 100644 --- a/src/Specific/solinas64_2e336m17/CurveParameters.v +++ b/src/Specific/solinas64_2e336m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^336 - 17 -Base: 48 +Base: 56 ***) Definition curve : CurveParameters := {| - sz := 7%nat; - base := 48; + sz := 6%nat; + base := 56; bitwidth := 64; s := 2^336; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e336m3/CurveParameters.v b/src/Specific/solinas64_2e336m3/CurveParameters.v index cc3eff42c..2e7c06ee9 100644 --- a/src/Specific/solinas64_2e336m3/CurveParameters.v +++ b/src/Specific/solinas64_2e336m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^336 - 3 -Base: 48 +Base: 56 ***) Definition curve : CurveParameters := {| - sz := 7%nat; - base := 48; + sz := 6%nat; + base := 56; bitwidth := 64; s := 2^336; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e338m15/CurveParameters.v b/src/Specific/solinas64_2e338m15/CurveParameters.v index 7aec1cf59..13a47703a 100644 --- a/src/Specific/solinas64_2e338m15/CurveParameters.v +++ b/src/Specific/solinas64_2e338m15/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^338 - 15 -Base: 42 +Base: 56 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 8%nat; - base := 42; + sz := 6%nat; + base := 56 + 1/3; bitwidth := 64; s := 2^338; c := [(1, 15)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 6); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e369m25/CurveParameters.v b/src/Specific/solinas64_2e369m25/CurveParameters.v index c321b0364..5c11a8a63 100644 --- a/src/Specific/solinas64_2e369m25/CurveParameters.v +++ b/src/Specific/solinas64_2e369m25/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^369 - 25 -Base: 46 +Base: 46.125 ***) Definition curve : CurveParameters := {| sz := 8%nat; - base := 46; + base := 46 + 1/8; bitwidth := 64; s := 2^369; c := [(1, 25)]; diff --git a/src/Specific/solinas64_2e379m19/CurveParameters.v b/src/Specific/solinas64_2e379m19/CurveParameters.v index ee053dea7..054d03e32 100644 --- a/src/Specific/solinas64_2e379m19/CurveParameters.v +++ b/src/Specific/solinas64_2e379m19/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^379 - 19 -Base: 42 +Base: 54 + 1/7 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 42; + sz := 7%nat; + base := 54 + 1/7; bitwidth := 64; s := 2^379; c := [(1, 19)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e382m105/CurveParameters.v b/src/Specific/solinas64_2e382m105/CurveParameters.v index 661b261b3..d74c845f8 100644 --- a/src/Specific/solinas64_2e382m105/CurveParameters.v +++ b/src/Specific/solinas64_2e382m105/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^382 - 105 -Base: 38 +Base: 38.2 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 38; + base := 38 + 1/5; bitwidth := 64; s := 2^382; c := [(1, 105)]; diff --git a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v index 11d2ce031..fd10768f5 100644 --- a/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v +++ b/src/Specific/solinas64_2e384m2e128m2e96p2e32m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^384; c := [(1, 1); (2^32, -1); (2^96, 1); (2^128, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[1; 1; 7; 7]; [2; 0; 3; 1; 4; 5; 6; 7]; [2; 2; 0; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v b/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v new file mode 100644 index 000000000..fc2f1c107 --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 5*2^368 - 1 +Base: 48 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 48; + bitwidth := 64; + s := 2^384; + c := [(1, 1); (5, 2^368)]; + carry_chains := Some [[6; 7]; [7; 0; 1; 2; 3; 4; 5; 6]; [7; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/Synthesis.v b/src/Specific/solinas64_2e384m5x2e368m1/Synthesis.v new file mode 100644 index 000000000..fe074620c --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/compiler.sh b/src/Specific/solinas64_2e384m5x2e368m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e384m5x2e368m1/femul.v b/src/Specific/solinas64_2e384m5x2e368m1/femul.v new file mode 100644 index 000000000..a125a1c48 --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/femulDisplay.v b/src/Specific/solinas64_2e384m5x2e368m1/femulDisplay.v new file mode 100644 index 000000000..c4fcbc719 --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v b/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v new file mode 100644 index 000000000..c7189459d --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/fesquareDisplay.v b/src/Specific/solinas64_2e384m5x2e368m1/fesquareDisplay.v new file mode 100644 index 000000000..5bf19f297 --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/freeze.v b/src/Specific/solinas64_2e384m5x2e368m1/freeze.v new file mode 100644 index 000000000..0cbc13418 --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e384m5x2e368m1/freezeDisplay.v b/src/Specific/solinas64_2e384m5x2e368m1/freezeDisplay.v new file mode 100644 index 000000000..21c87b18f --- /dev/null +++ b/src/Specific/solinas64_2e384m5x2e368m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m5x2e368m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v b/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v new file mode 100644 index 000000000..0b5230dc1 --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^384 - 79*2^376 - 1 +Base: 48 +***) + +Definition curve : CurveParameters := + {| + sz := 8%nat; + base := 48; + bitwidth := 64; + s := 2^384; + c := [(1, 1); (79, 2^376)]; + carry_chains := Some [[6; 7]; [7; 0; 1; 2; 3; 4; 5; 6]; [7; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/Synthesis.v b/src/Specific/solinas64_2e384m79x2e376m1/Synthesis.v new file mode 100644 index 000000000..2bdc27685 --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/compiler.sh b/src/Specific/solinas64_2e384m79x2e376m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e384m79x2e376m1/femul.v b/src/Specific/solinas64_2e384m79x2e376m1/femul.v new file mode 100644 index 000000000..bbe9a04c7 --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/femulDisplay.v b/src/Specific/solinas64_2e384m79x2e376m1/femulDisplay.v new file mode 100644 index 000000000..684d130b1 --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v b/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v new file mode 100644 index 000000000..8530053ba --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/fesquareDisplay.v b/src/Specific/solinas64_2e384m79x2e376m1/fesquareDisplay.v new file mode 100644 index 000000000..52a40f6af --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/freeze.v b/src/Specific/solinas64_2e384m79x2e376m1/freeze.v new file mode 100644 index 000000000..8d09d46b8 --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e384m79x2e376m1/freezeDisplay.v b/src/Specific/solinas64_2e384m79x2e376m1/freezeDisplay.v new file mode 100644 index 000000000..26e596ebf --- /dev/null +++ b/src/Specific/solinas64_2e384m79x2e376m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e384m79x2e376m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e401m31/CurveParameters.v b/src/Specific/solinas64_2e401m31/CurveParameters.v index 4ef1e1a1e..03da8f907 100644 --- a/src/Specific/solinas64_2e401m31/CurveParameters.v +++ b/src/Specific/solinas64_2e401m31/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^401 - 31 -Base: 50 +Base: 50.125 ***) Definition curve : CurveParameters := {| sz := 8%nat; - base := 50; + base := 50 + 1/8; bitwidth := 64; s := 2^401; c := [(1, 31)]; diff --git a/src/Specific/solinas64_2e413m21/CurveParameters.v b/src/Specific/solinas64_2e413m21/CurveParameters.v index dcb5b3771..c9754833e 100644 --- a/src/Specific/solinas64_2e413m21/CurveParameters.v +++ b/src/Specific/solinas64_2e413m21/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^413 - 21 -Base: 29 +Base: 59 ***) Definition curve : CurveParameters := {| - sz := 14%nat; - base := 29; + sz := 7%nat; + base := 59; bitwidth := 64; s := 2^413; c := [(1, 21)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 7); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v b/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v index f9a5233df..eea30eb7c 100644 --- a/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v +++ b/src/Specific/solinas64_2e416m2e208m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^416; c := [(1, 1); (2^208, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[3; 7]; [4; 0; 5; 1; 6; 2; 7; 3]; [4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e444m17/CurveParameters.v b/src/Specific/solinas64_2e444m17/CurveParameters.v index 99fa3f6b9..e8e83bae7 100644 --- a/src/Specific/solinas64_2e444m17/CurveParameters.v +++ b/src/Specific/solinas64_2e444m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^444 - 17 -Base: 49 +Base: 55.5 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 49; + sz := 8%nat; + base := 55 + 1/2; bitwidth := 64; s := 2^444; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v b/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v index 112ca94f1..08796b56d 100644 --- a/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v +++ b/src/Specific/solinas64_2e448m2e224m1/CurveParameters.v @@ -13,7 +13,7 @@ Definition curve : CurveParameters := bitwidth := 64; s := 2^448; c := [(1, 1); (2^224, 1)]; - carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; + carry_chains := Some [[3; 7]; [4; 0; 5; 1; 6; 2; 7; 3]; [4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v b/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v index 8cd2a090a..9fb7b89b4 100644 --- a/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v +++ b/src/Specific/solinas64_2e450m2e225m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^450 - 2^225 - 1 -Base: 50 +Base: 56.25 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 50; + sz := 8%nat; + base := 56 + 1/4; bitwidth := 64; s := 2^450; c := [(1, 1); (2^225, 1)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [[3; 7]; [4; 0; 5; 1; 6; 2; 7; 3]; [4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e452m3/CurveParameters.v b/src/Specific/solinas64_2e452m3/CurveParameters.v index f081f9745..e1d77a1f9 100644 --- a/src/Specific/solinas64_2e452m3/CurveParameters.v +++ b/src/Specific/solinas64_2e452m3/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^452 - 3 -Base: 45 +Base: 56.5 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 45; + sz := 8%nat; + base := 56 + 1/2; bitwidth := 64; s := 2^452; c := [(1, 3)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e468m17/CurveParameters.v b/src/Specific/solinas64_2e468m17/CurveParameters.v index f82ed7f10..842db9897 100644 --- a/src/Specific/solinas64_2e468m17/CurveParameters.v +++ b/src/Specific/solinas64_2e468m17/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^468 - 17 -Base: 52 +Base: 58.5 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 52; + sz := 8%nat; + base := 58 + 1/2; bitwidth := 64; s := 2^468; c := [(1, 17)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 8); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v b/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v index cd5cb85c4..aaaa5ea71 100644 --- a/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v +++ b/src/Specific/solinas64_2e480m2e240m1/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^480 - 2^240 - 1 -Base: 53 +Base: 60 ***) Definition curve : CurveParameters := {| - sz := 9%nat; - base := 53; + sz := 8%nat; + base := 60; bitwidth := 64; s := 2^480; c := [(1, 1); (2^240, 1)]; - carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; + carry_chains := Some [[3; 7]; [4; 0; 5; 1; 6; 2; 7; 3]; [4; 0]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e488m17/CurveParameters.v b/src/Specific/solinas64_2e488m17/CurveParameters.v index 5244d6754..3fa499730 100644 --- a/src/Specific/solinas64_2e488m17/CurveParameters.v +++ b/src/Specific/solinas64_2e488m17/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^488 - 17 -Base: 30 +Base: 30.5 ***) Definition curve : CurveParameters := {| sz := 16%nat; - base := 30; + base := 30 + 1/2; bitwidth := 64; s := 2^488; c := [(1, 17)]; diff --git a/src/Specific/solinas64_2e489m21/CurveParameters.v b/src/Specific/solinas64_2e489m21/CurveParameters.v index e8980fda5..2ab9039a1 100644 --- a/src/Specific/solinas64_2e489m21/CurveParameters.v +++ b/src/Specific/solinas64_2e489m21/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^489 - 21 -Base: 27 +Base: 54 + 1/3 ***) Definition curve : CurveParameters := {| - sz := 18%nat; - base := 27; + sz := 9%nat; + base := 54 + 1/3; bitwidth := 64; s := 2^489; c := [(1, 21)]; - carry_chains := Some [seq 0 (pred 18); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e495m31/CurveParameters.v b/src/Specific/solinas64_2e495m31/CurveParameters.v index 29d85256a..d302f8949 100644 --- a/src/Specific/solinas64_2e495m31/CurveParameters.v +++ b/src/Specific/solinas64_2e495m31/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^495 - 31 -Base: 49 +Base: 55 ***) Definition curve : CurveParameters := {| - sz := 10%nat; - base := 49; + sz := 9%nat; + base := 55; bitwidth := 64; s := 2^495; c := [(1, 31)]; - carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 9); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v b/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v new file mode 100644 index 000000000..9a42e69f3 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^510 - 290*2^496 - 1 +Base: 51 +***) + +Definition curve : CurveParameters := + {| + sz := 10%nat; + base := 51; + bitwidth := 64; + s := 2^510; + c := [(1, 1); (290, 2^496)]; + carry_chains := Some [[8; 9]; [9; 0; 1; 2; 3; 4; 5; 6; 7; 8]; [9; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/Synthesis.v b/src/Specific/solinas64_2e510m290x2e496m1/Synthesis.v new file mode 100644 index 000000000..5d35f7753 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/compiler.sh b/src/Specific/solinas64_2e510m290x2e496m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e510m290x2e496m1/femul.v b/src/Specific/solinas64_2e510m290x2e496m1/femul.v new file mode 100644 index 000000000..8dc46da93 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/femulDisplay.v b/src/Specific/solinas64_2e510m290x2e496m1/femulDisplay.v new file mode 100644 index 000000000..d3aedf6b9 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v b/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v new file mode 100644 index 000000000..3e186c0ce --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/fesquareDisplay.v b/src/Specific/solinas64_2e510m290x2e496m1/fesquareDisplay.v new file mode 100644 index 000000000..b4fcdc2f4 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/freeze.v b/src/Specific/solinas64_2e510m290x2e496m1/freeze.v new file mode 100644 index 000000000..b432a6126 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e510m290x2e496m1/freezeDisplay.v b/src/Specific/solinas64_2e510m290x2e496m1/freezeDisplay.v new file mode 100644 index 000000000..0aff0e282 --- /dev/null +++ b/src/Specific/solinas64_2e510m290x2e496m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e510m290x2e496m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e511m187/CurveParameters.v b/src/Specific/solinas64_2e511m187/CurveParameters.v index 36c85b4db..f7af5e52f 100644 --- a/src/Specific/solinas64_2e511m187/CurveParameters.v +++ b/src/Specific/solinas64_2e511m187/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^511 - 187 -Base: 36 +Base: 51.1 ***) Definition curve : CurveParameters := {| - sz := 14%nat; - base := 36; + sz := 10%nat; + base := 51 + 1/10; bitwidth := 64; s := 2^511; c := [(1, 187)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e511m481/CurveParameters.v b/src/Specific/solinas64_2e511m481/CurveParameters.v index 5252e1dda..a50562de4 100644 --- a/src/Specific/solinas64_2e511m481/CurveParameters.v +++ b/src/Specific/solinas64_2e511m481/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^511 - 481 -Base: 36 +Base: 51.1 ***) Definition curve : CurveParameters := {| - sz := 14%nat; - base := 36; + sz := 10%nat; + base := 51 + 1/10; bitwidth := 64; s := 2^511; c := [(1, 481)]; - carry_chains := Some [seq 0 (pred 14); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v b/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v new file mode 100644 index 000000000..4246d7b14 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/CurveParameters.v @@ -0,0 +1,35 @@ +Require Import Crypto.Specific.Framework.RawCurveParameters. +Require Import Crypto.Util.LetIn. + +(*** +Modulus : 2^512 - 491*2^496 - 1 +Base: 51.2 +***) + +Definition curve : CurveParameters := + {| + sz := 10%nat; + base := 51 + 1/5; + bitwidth := 64; + s := 2^512; + c := [(1, 1); (491, 2^496)]; + carry_chains := Some [[8; 9]; [9; 0; 1; 2; 3; 4; 5; 6; 7; 8]; [9; 0]]%nat; + + a24 := None; + coef_div_modulus := Some 2%nat; + + goldilocks := Some false; + montgomery := false; + + mul_code := None; + + square_code := None; + + upper_bound_of_exponent := None; + allowable_bit_widths := None; + freeze_extra_allowable_bit_widths := None; + modinv_fuel := None + |}. + +Ltac extra_prove_mul_eq _ := idtac. +Ltac extra_prove_square_eq _ := idtac. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/Synthesis.v b/src/Specific/solinas64_2e512m491x2e496m1/Synthesis.v new file mode 100644 index 000000000..85ebf1a50 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/Synthesis.v @@ -0,0 +1,9 @@ +Require Import Crypto.Specific.Framework.SynthesisFramework. +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.CurveParameters. + +Module P <: PrePackage. + Definition package : Tag.Context. + Proof. make_Synthesis_package curve extra_prove_mul_eq extra_prove_square_eq. Defined. +End P. + +Module Export S := PackageSynthesis P. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/compiler.sh b/src/Specific/solinas64_2e512m491x2e496m1/compiler.sh new file mode 100755 index 000000000..401968c8b --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/compiler.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +gcc -march=native -mtune=native -std=gnu11 -O3 -flto -fomit-frame-pointer -fwrapv -Wno-attributes "$@" diff --git a/src/Specific/solinas64_2e512m491x2e496m1/femul.v b/src/Specific/solinas64_2e512m491x2e496m1/femul.v new file mode 100644 index 000000000..0f8e9c1fe --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/femul.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition mul : + { mul : feBW -> feBW -> feBW + | forall a b, phiBW (mul a b) = F.mul (phiBW a) (phiBW b) }. +Proof. + Set Ltac Profiling. + Time synthesize_mul (). + Show Ltac Profile. +Time Defined. + +Print Assumptions mul. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/femulDisplay.v b/src/Specific/solinas64_2e512m491x2e496m1/femulDisplay.v new file mode 100644 index 000000000..fada7de8c --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/femulDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.femul. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display mul. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v b/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v new file mode 100644 index 000000000..8671b27e3 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/fesquare.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition square : + { square : feBW -> feBW + | forall a, phiBW (square a) = F.mul (phiBW a) (phiBW a) }. +Proof. + Set Ltac Profiling. + Time synthesize_square (). + Show Ltac Profile. +Time Defined. + +Print Assumptions square. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/fesquareDisplay.v b/src/Specific/solinas64_2e512m491x2e496m1/fesquareDisplay.v new file mode 100644 index 000000000..f6ba9ada0 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/fesquareDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.fesquare. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display square. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/freeze.v b/src/Specific/solinas64_2e512m491x2e496m1/freeze.v new file mode 100644 index 000000000..612617e17 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/freeze.v @@ -0,0 +1,14 @@ +Require Import Crypto.Arithmetic.PrimeFieldTheorems. +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.Synthesis. + +(* TODO : change this to field once field isomorphism happens *) +Definition freeze : + { freeze : feBW -> feBW + | forall a, phiBW (freeze a) = phiBW a }. +Proof. + Set Ltac Profiling. + Time synthesize_freeze (). + Show Ltac Profile. +Time Defined. + +Print Assumptions freeze. diff --git a/src/Specific/solinas64_2e512m491x2e496m1/freezeDisplay.v b/src/Specific/solinas64_2e512m491x2e496m1/freezeDisplay.v new file mode 100644 index 000000000..69aa94287 --- /dev/null +++ b/src/Specific/solinas64_2e512m491x2e496m1/freezeDisplay.v @@ -0,0 +1,4 @@ +Require Import Crypto.Specific.solinas64_2e512m491x2e496m1.freeze. +Require Import Crypto.Specific.Framework.IntegrationTestDisplayCommon. + +Check display freeze. diff --git a/src/Specific/solinas64_2e512m569/CurveParameters.v b/src/Specific/solinas64_2e512m569/CurveParameters.v index 91ab7fcce..4d37db464 100644 --- a/src/Specific/solinas64_2e512m569/CurveParameters.v +++ b/src/Specific/solinas64_2e512m569/CurveParameters.v @@ -3,17 +3,17 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^512 - 569 -Base: 32 +Base: 51.2 ***) Definition curve : CurveParameters := {| - sz := 16%nat; - base := 32; + sz := 10%nat; + base := 51 + 1/5; bitwidth := 64; s := 2^512; c := [(1, 569)]; - carry_chains := Some [seq 0 (pred 16); [0; 1]]%nat; + carry_chains := Some [seq 0 (pred 10); [0; 1]]%nat; a24 := None; coef_div_modulus := Some 2%nat; diff --git a/src/Specific/solinas64_2e521m1/CurveParameters.v b/src/Specific/solinas64_2e521m1/CurveParameters.v index 0aa20d83b..938ab16e3 100644 --- a/src/Specific/solinas64_2e521m1/CurveParameters.v +++ b/src/Specific/solinas64_2e521m1/CurveParameters.v @@ -3,13 +3,13 @@ Require Import Crypto.Util.LetIn. (*** Modulus : 2^521 - 1 -Base: 52 +Base: 52.1 ***) Definition curve : CurveParameters := {| sz := 10%nat; - base := 52; + base := 52 + 1/10; bitwidth := 64; s := 2^521; c := [(1, 1)]; |