1 /**
2 * @file p448/f_field.h
3 * @author Mike Hamburg
4 *
5 * @copyright
6 * Copyright (c) 2015-2016 Cryptography Research, Inc. \n
7 * Released under the MIT License. See LICENSE.txt for license information.
8 *
9 * @brief Field-specific code for 2^448 - 2^224 - 1.
10 *
11 * @warning This file was automatically generated in Python.
12 * Please do not edit it.
13 */
14
15 #ifndef __P448_F_FIELD_H__
16 #define __P448_F_FIELD_H__ 1
17
18 #include "constant_time.h"
19 #include <string.h>
20 #include <assert.h>
21
22 #include "word.h"
23
24 #define __CRYPTONITE_DECAF_448_GF_DEFINED__ 1
25 #define NLIMBS (64/sizeof(word_t))
26 #define X_SER_BYTES 56
27 #define SER_BYTES 56
28 typedef struct cryptonite_gf_448_s {
29 word_t limb[NLIMBS];
30 } __attribute__((aligned(16))) cryptonite_gf_448_s, cryptonite_gf_448_t[1];
31
32 #define GF_LIT_LIMB_BITS 56
33 #define GF_BITS 448
34 #define ZERO cryptonite_gf_448_ZERO
35 #define ONE cryptonite_gf_448_ONE
36 #define MODULUS cryptonite_gf_448_MODULUS
37 #define gf cryptonite_gf_448_t
38 #define cryptonite_gf_s cryptonite_gf_448_s
39 #define cryptonite_gf_eq cryptonite_gf_448_eq
40 #define cryptonite_gf_hibit cryptonite_gf_448_hibit
41 #define cryptonite_gf_copy cryptonite_gf_448_copy
42 #define cryptonite_gf_add cryptonite_gf_448_add
43 #define cryptonite_gf_sub cryptonite_gf_448_sub
44 #define cryptonite_gf_add_RAW cryptonite_gf_448_add_RAW
45 #define cryptonite_gf_sub_RAW cryptonite_gf_448_sub_RAW
46 #define cryptonite_gf_bias cryptonite_gf_448_bias
47 #define cryptonite_gf_weak_reduce cryptonite_gf_448_weak_reduce
48 #define cryptonite_gf_strong_reduce cryptonite_gf_448_strong_reduce
49 #define cryptonite_gf_mul cryptonite_gf_448_mul
50 #define cryptonite_gf_sqr cryptonite_gf_448_sqr
51 #define cryptonite_gf_mulw_unsigned cryptonite_gf_448_mulw_unsigned
52 #define cryptonite_gf_isr cryptonite_gf_448_isr
53 #define cryptonite_gf_serialize cryptonite_gf_448_serialize
54 #define cryptonite_gf_deserialize cryptonite_gf_448_deserialize
55
56 /* RFC 7748 support */
57 #define X_PUBLIC_BYTES X_SER_BYTES
58 #define X_PRIVATE_BYTES X_PUBLIC_BYTES
59 #define X_PRIVATE_BITS 448
60
61 #define SQRT_MINUS_ONE P448_SQRT_MINUS_ONE /* might not be defined */
62
63 #define INLINE_UNUSED __inline__ __attribute__((unused,always_inline))
64
65 #ifdef __cplusplus
66 extern "C" {
67 #endif
68
69 /* Defined below in f_impl.h */
cryptonite_gf_copy(gf out,const gf a)70 static INLINE_UNUSED void cryptonite_gf_copy (gf out, const gf a) { *out = *a; }
71 static INLINE_UNUSED void cryptonite_gf_add_RAW (gf out, const gf a, const gf b);
72 static INLINE_UNUSED void cryptonite_gf_sub_RAW (gf out, const gf a, const gf b);
73 static INLINE_UNUSED void cryptonite_gf_bias (gf inout, int amount);
74 static INLINE_UNUSED void cryptonite_gf_weak_reduce (gf inout);
75
76 void cryptonite_gf_strong_reduce (gf inout);
77 void cryptonite_gf_add (gf out, const gf a, const gf b);
78 void cryptonite_gf_sub (gf out, const gf a, const gf b);
79 void cryptonite_gf_mul (cryptonite_gf_s *__restrict__ out, const gf a, const gf b);
80 void cryptonite_gf_mulw_unsigned (cryptonite_gf_s *__restrict__ out, const gf a, uint32_t b);
81 void cryptonite_gf_sqr (cryptonite_gf_s *__restrict__ out, const gf a);
82 mask_t cryptonite_gf_isr(gf a, const gf x); /** a^2 x = 1, QNR, or 0 if x=0. Return true if successful */
83 mask_t cryptonite_gf_eq (const gf x, const gf y);
84 mask_t cryptonite_gf_hibit (const gf x);
85
86 void cryptonite_gf_serialize (uint8_t *serial, const gf x,int with_highbit);
87 mask_t cryptonite_gf_deserialize (gf x, const uint8_t serial[SER_BYTES],int with_highbit);
88
89
90 #ifdef __cplusplus
91 } /* extern "C" */
92 #endif
93
94 #include "f_impl.h" /* Bring in the inline implementations */
95
96 #define P_MOD_8 7
97 #if P_MOD_8 == 5
98 extern const gf SQRT_MINUS_ONE;
99 #endif
100
101 #ifndef LIMBPERM
102 #define LIMBPERM(i) (i)
103 #endif
104 #define LIMB_MASK(i) (((1ull)<<LIMB_PLACE_VALUE(i))-1)
105
106 static const gf ZERO = {{{0}}}, ONE = {{{ [LIMBPERM(0)] = 1 }}};
107
108 #endif /* __P448_F_FIELD_H__ */
109