1 /**
2 * @file p25519/f_field.h
3 * @author Mike Hamburg
4 *
5 * @copyright
6 * Copyright (c) 2015-2016 Cryptography Research, Inc. \n
7 * Released under the MIT License. See LICENSE.txt for license information.
8 *
9 * @brief Field-specific code for 2^255 - 19.
10 *
11 * @warning This file was automatically generated in Python.
12 * Please do not edit it.
13 */
14
15 #ifndef __P25519_F_FIELD_H__
16 #define __P25519_F_FIELD_H__ 1
17
18 #include "constant_time.h"
19 #include <string.h>
20 #include <assert.h>
21
22 #include "word.h"
23
24 #define __DECAF_25519_GF_DEFINED__ 1
25 #define NLIMBS (40/sizeof(word_t))
26 #define X_SER_BYTES 32
27 #define SER_BYTES 32
28 typedef struct gf_25519_s {
29 word_t limb[NLIMBS];
30 } __attribute__((aligned(32))) gf_25519_s, gf_25519_t[1];
31
32 #define GF_LIT_LIMB_BITS 51
33 #define GF_BITS 255
34 #define ZERO gf_25519_ZERO
35 #define ONE gf_25519_ONE
36 #define MODULUS gf_25519_MODULUS
37 #define gf gf_25519_t
38 #define gf_s gf_25519_s
39 #define gf_eq gf_25519_eq
40 #define gf_hibit gf_25519_hibit
41 #define gf_lobit gf_25519_lobit
42 #define gf_copy gf_25519_copy
43 #define gf_add gf_25519_add
44 #define gf_sub gf_25519_sub
45 #define gf_add_RAW gf_25519_add_RAW
46 #define gf_sub_RAW gf_25519_sub_RAW
47 #define gf_bias gf_25519_bias
48 #define gf_weak_reduce gf_25519_weak_reduce
49 #define gf_strong_reduce gf_25519_strong_reduce
50 #define gf_mul gf_25519_mul
51 #define gf_sqr gf_25519_sqr
52 #define gf_mulw_unsigned gf_25519_mulw_unsigned
53 #define gf_isr gf_25519_isr
54 #define gf_serialize gf_25519_serialize
55 #define gf_deserialize gf_25519_deserialize
56
57 /* RFC 7748 support */
58 #define X_PUBLIC_BYTES X_SER_BYTES
59 #define X_PRIVATE_BYTES X_PUBLIC_BYTES
60 #define X_PRIVATE_BITS 255
61
62 #define SQRT_MINUS_ONE P25519_SQRT_MINUS_ONE /* might not be defined */
63
64 #define INLINE_UNUSED __inline__ __attribute__((unused,always_inline))
65
66 #ifdef __cplusplus
67 extern "C" {
68 #endif
69
70 /* Defined below in f_impl.h */
gf_copy(gf out,const gf a)71 static INLINE_UNUSED void gf_copy (gf out, const gf a) { *out = *a; }
72 static INLINE_UNUSED void gf_add_RAW (gf out, const gf a, const gf b);
73 static INLINE_UNUSED void gf_sub_RAW (gf out, const gf a, const gf b);
74 static INLINE_UNUSED void gf_bias (gf inout, int amount);
75 static INLINE_UNUSED void gf_weak_reduce (gf inout);
76
77 void gf_strong_reduce (gf inout);
78 void gf_add (gf out, const gf a, const gf b);
79 void gf_sub (gf out, const gf a, const gf b);
80 void gf_mul (gf_s *__restrict__ out, const gf a, const gf b);
81 void gf_mulw_unsigned (gf_s *__restrict__ out, const gf a, uint32_t b);
82 void gf_sqr (gf_s *__restrict__ out, const gf a);
83 mask_t gf_isr(gf a, const gf x); /** a^2 x = 1, QNR, or 0 if x=0. Return true if successful */
84 mask_t gf_eq (const gf x, const gf y);
85 mask_t gf_lobit (const gf x);
86 mask_t gf_hibit (const gf x);
87
88 void gf_serialize (uint8_t *serial, const gf x,int with_highbit);
89 mask_t gf_deserialize (gf x, const uint8_t serial[SER_BYTES],int with_hibit,uint8_t hi_nmask);
90
91
92 #ifdef __cplusplus
93 } /* extern "C" */
94 #endif
95
96 #include "f_impl.h" /* Bring in the inline implementations */
97
98 #define P_MOD_8 5
99 #if P_MOD_8 == 5
100 extern const gf SQRT_MINUS_ONE;
101 #endif
102
103 #ifndef LIMBPERM
104 #define LIMBPERM(i) (i)
105 #endif
106 #define LIMB_MASK(i) (((1ull)<<LIMB_PLACE_VALUE(i))-1)
107
108 static const gf ZERO = {{{0}}}, ONE = {{{ [LIMBPERM(0)] = 1 }}};
109
110 #endif /* __P25519_F_FIELD_H__ */
111