X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/ee39a683a2b623a1da0747ec20f20b63470a2db6..8f2287ef5c05d496fcb9b012629af007fe56f897:/math/f25519.h diff --git a/math/f25519.h b/math/f25519.h index a70ca2df..4a2a2191 100644 --- a/math/f25519.h +++ b/math/f25519.h @@ -55,6 +55,13 @@ typedef union { # define F25519_IMPL 10 #endif +#if F25519_IMPL == 26 + typedef int32 f25519_piece; +#endif +#if F25519_IMPL == 10 + typedef int16 f25519_piece; +#endif + /*----- Functions provided ------------------------------------------------*/ /* --- @f25519_set@ --- * @@ -108,6 +115,39 @@ extern void f25519_load(f25519 */*z*/, const octet /*xv*/[32]); extern void f25519_store(octet /*zv*/[32], const f25519 */*x*/); +/* --- @f25519_pick2@ --- * + * + * Arguments: @f25519 *z@ = where to put the result (may alias @x@ or @y@) + * @const f25519 *x, *y@ = two operands + * @uint32 m@ = a mask + * + * Returns: --- + * + * Use: If @m@ is zero, set @z = y@; if @m@ is all-bits-set, then set + * @z = x@. If @m@ has some other value, then scramble @z@ in + * an unhelpful way. + */ + +extern void f25519_pick2(f25519 */*z*/, const f25519 */*x*/, + const f25519 */*y*/, uint32 /*m*/); + +/* --- @f25519_pickn@ --- * + * + * Arguments: @f25519 *z@ = where to put the result + * @const f25519 *v@ = a table of entries + * @size_t n@ = the number of entries in @v@ + * @size_t i@ = an index + * + * Returns: --- + * + * Use: If @0 <= i < n < 32@ then set @z = v[i]@. If @n >= 32@ then + * do something unhelpful; otherwise, if @i >= n@ then set @z@ + * to zero. + */ + +extern void f25519_pickn(f25519 */*z*/, const f25519 */*v*/, size_t /*n*/, + size_t /*i*/); + /* --- @f25519_condswap@ --- * * * Arguments: @f25519 *x, *y@ = two operands @@ -148,6 +188,33 @@ extern void f25519_add(f25519 */*z*/, extern void f25519_sub(f25519 */*z*/, const f25519 */*x*/, const f25519 */*y*/); +/* --- @f25519_neg@ --- * + * + * Arguments: @f25519 *z@ = where to put the result (may alias @x@) + * @const f25519 *x@ = an operand + * + * Returns: --- + * + * Use: Set @z = -x@. + */ + +extern void f25519_neg(f25519 */*z*/, const f25519 */*x*/); + +/* --- @f25519_condneg@ --- * + * + * Arguments: @f25519 *z@ = where to put the result (may alias @x@) + * @const f25519 *x@ = an operand + * @uint32 m@ = a mask + * + * Returns: --- + * + * Use: If @m@ is zero, set @z = x@; if @m@ is all-bits-set, then set + * @z = -x@. If @m@ has some other value then scramble @z@ in + * an unhelpful way. + */ + +extern void f25519_condneg(f25519 */*z*/, const f25519 */*x*/, uint32 /*m*/); + /* --- @f25519_mulconst@ --- * * * Arguments: @f25519 *z@ = where to put the result (may alias @x@) @@ -200,6 +267,22 @@ extern void f25519_sqr(f25519 */*z*/, const f25519 */*x*/); extern void f25519_inv(f25519 */*z*/, const f25519 */*x*/); +/* --- @f25519_quosqrt@ --- * + * + * Arguments: @f25519 *z@ = where to put the result (may alias @x@ or @y@) + * @const f25519 *x, *y@ = two operands + * + * Returns: Zero if successful, @-1@ if %$x/y$% is not a square. + * + * Use: Stores in @z@ the one of the square roots %$\pm\sqrt{x/y}$%. + * If %$x = y = 0% then the result is zero; if %$y = 0$% but %$x + * \ne 0$% then the operation fails. If you wanted a specific + * square root then you'll have to pick it yourself. + */ + +extern int f25519_quosqrt(f25519 */*z*/, + const f25519 */*x*/, const f25519 */*y*/); + /*----- That's all, folks -------------------------------------------------*/ #ifdef __cplusplus