mirror of
https://github.com/cathugger/mkp224o.git
synced 2025-12-05 21:27:13 -06:00
dont do indirection in for batch stuff
This commit is contained in:
cathugger
@@ -67,23 +67,31 @@ curve25519_setone(bignum25519 out) {
|
||||
* if that's the case then we're doing batch invert there
|
||||
*/
|
||||
static void
|
||||
curve25519_batchrecip(bignum25519 *out[], bignum25519 tmp[], bignum25519 * const in[], size_t num) {
|
||||
bignum25519 ALIGN(16) acc, tmpacc;
|
||||
curve25519_batchrecip(bignum25519 *out, const bignum25519 *in, bignum25519 *tmp, size_t num, size_t offset) {
|
||||
bignum25519 ALIGN(16) acc,tmpacc;
|
||||
size_t i;
|
||||
const bignum25519 *inp;
|
||||
bignum25519 *outp;
|
||||
|
||||
curve25519_setone(acc);
|
||||
|
||||
inp = in;
|
||||
for (i = 0; i < num; ++i) {
|
||||
curve25519_copy(tmp[i], acc);
|
||||
curve25519_mul(acc, acc, *in[i]);
|
||||
curve25519_mul(acc, acc, *inp);
|
||||
inp = (const bignum25519 *)((const char *)inp + offset);
|
||||
}
|
||||
|
||||
curve25519_recip(acc, acc);
|
||||
|
||||
i = num;
|
||||
inp = (const bignum25519 *)((const char *)in + offset * num);
|
||||
outp = (bignum25519 *)((char *)out + offset * num);
|
||||
while (i--) {
|
||||
curve25519_mul(tmpacc, acc, *in[i]);
|
||||
curve25519_mul(*out[i], acc, tmp[i]);
|
||||
inp = (const bignum25519 *)((const char *)inp - offset);
|
||||
outp = (bignum25519 *)((char *)outp - offset);
|
||||
curve25519_mul(tmpacc, acc, *inp);
|
||||
curve25519_mul(*outp, acc, tmp[i]);
|
||||
curve25519_copy(acc, tmpacc);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,15 +8,15 @@ DONNA_INLINE static void
|
||||
ge25519_p1p1_to_partial(ge25519 *r, const ge25519_p1p1 *p) {
|
||||
curve25519_mul(r->x, p->x, p->t);
|
||||
curve25519_mul(r->y, p->y, p->z);
|
||||
curve25519_mul(r->z, p->z, p->t);
|
||||
curve25519_mul(r->z, p->z, p->t);
|
||||
}
|
||||
|
||||
DONNA_INLINE static void
|
||||
ge25519_p1p1_to_full(ge25519 *r, const ge25519_p1p1 *p) {
|
||||
curve25519_mul(r->x, p->x, p->t);
|
||||
curve25519_mul(r->y, p->y, p->z);
|
||||
curve25519_mul(r->z, p->z, p->t);
|
||||
curve25519_mul(r->t, p->x, p->y);
|
||||
curve25519_mul(r->z, p->z, p->t);
|
||||
curve25519_mul(r->t, p->x, p->y);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -190,13 +190,12 @@ ge25519_pack(unsigned char r[32], const ge25519 *p) {
|
||||
r[31] ^= ((parity[0] & 1) << 7);
|
||||
}
|
||||
|
||||
// assumes inz[] points to things in in[]
|
||||
// NOTE: leaves in unfinished state
|
||||
static void
|
||||
ge25519_batchpack_destructive_1(bytes32 out[], ge25519 in[], bignum25519 *inz[], bignum25519 tmp[], size_t num) {
|
||||
ge25519_batchpack_destructive_1(bytes32 *out, ge25519 *in, bignum25519 *tmp, size_t num) {
|
||||
bignum25519 ty;
|
||||
|
||||
curve25519_batchrecip(inz, tmp, inz, num);
|
||||
curve25519_batchrecip(&in->z, &in->z, tmp, num, sizeof(ge25519));
|
||||
|
||||
for (size_t i = 0; i < num; ++i) {
|
||||
curve25519_mul(ty, in[i].y, in[i].z);
|
||||
@@ -276,7 +275,7 @@ ge25519_unpack_negative_vartime(ge25519 *r, const unsigned char p[32]) {
|
||||
#define S2_TABLE_SIZE (1<<(S2_SWINDOWSIZE-2))
|
||||
|
||||
/* computes [s1]p1 + [s2]basepoint */
|
||||
static void
|
||||
static void
|
||||
ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1, const bignum256modm s2) {
|
||||
signed char slide1[256], slide2[256];
|
||||
ge25519_pniels pre1[S1_TABLE_SIZE];
|
||||
@@ -371,7 +370,7 @@ ge25519_scalarmult_base_niels(ge25519 *r, const uint8_t basepoint_table[256][96]
|
||||
curve25519_add_reduce(r->y, t.xaddy, t.ysubx);
|
||||
memset(r->z, 0, sizeof(bignum25519));
|
||||
curve25519_copy(r->t, t.t2d);
|
||||
r->z[0] = 2;
|
||||
r->z[0] = 2;
|
||||
for (i = 3; i < 64; i += 2) {
|
||||
ge25519_scalarmult_base_choose_niels(&t, basepoint_table, i / 2, b[i]);
|
||||
ge25519_nielsadd2(r, &t);
|
||||
|
||||
@@ -14,7 +14,7 @@ ge25519_p1p1_to_partial(ge25519 *r, const ge25519_p1p1 *p) {
|
||||
curve25519_untangle64(r->x, r->z, xzout);
|
||||
}
|
||||
|
||||
static void
|
||||
static void
|
||||
ge25519_p1p1_to_full(ge25519 *r, const ge25519_p1p1 *p) {
|
||||
packed64bignum25519 ALIGN(16) zy, xt, xx, zz, ty;
|
||||
curve25519_tangle64(ty, p->t, p->y);
|
||||
@@ -222,10 +222,10 @@ ge25519_pack(unsigned char r[32], const ge25519 *p) {
|
||||
// assumes inz[] points to things in in[]
|
||||
// NOTE: leaves in unfinished state
|
||||
static void
|
||||
ge25519_batchpack_destructive_1(bytes32 out[], ge25519 in[], bignum25519 *inz[], bignum25519 tmp[], size_t num) {
|
||||
ge25519_batchpack_destructive_1(bytes32 *out, ge25519 *in, bignum25519 *tmp, size_t num) {
|
||||
bignum25519 ALIGN(16) ty;
|
||||
|
||||
curve25519_batchrecip(inz, tmp, inz, num);
|
||||
curve25519_batchrecip(&in->z, &in->z, tmp, num, sizeof(ge25519));
|
||||
|
||||
for (size_t i = 0; i < num; ++i) {
|
||||
curve25519_mul(ty, in[i].y, in[i].z);
|
||||
@@ -395,7 +395,7 @@ ge25519_scalarmult_base_niels(ge25519 *r, const uint8_t table[256][96], const bi
|
||||
ge25519_scalarmult_base_choose_niels(&t, table, 0, b[1]);
|
||||
curve25519_sub_reduce(r->x, t.xaddy, t.ysubx);
|
||||
curve25519_add_reduce(r->y, t.xaddy, t.ysubx);
|
||||
memset(r->z, 0, sizeof(bignum25519));
|
||||
memset(r->z, 0, sizeof(bignum25519));
|
||||
r->z[0] = 2;
|
||||
curve25519_copy(r->t, t.t2d);
|
||||
for (i = 3; i < 64; i += 2) {
|
||||
|
||||
Reference in New Issue
Block a user