mdw@git.distorted.org.uk Git - secnet/blob - fgoldi.h

   1 /*
   2  * fgoldi.h: arithmetic modulo 2^448 - 2^224 - 1
   3  */
   4 /*
   5  * This file is Free Software.  It has been modified to as part of its
   6  * incorporation into secnet.
   7  *
   8  * Copyright 2017 Mark Wooding
   9  *
  10  * You may redistribute this file and/or modify it under the terms of
  11  * the permissive licence shown below.
  12  *
  13  * You may redistribute secnet as a whole and/or modify it under the
  14  * terms of the GNU General Public License as published by the Free
  15  * Software Foundation; either version 3, or (at your option) any
  16  * later version.
  17  *
  18  * This program is distributed in the hope that it will be useful,
  19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  21  * GNU General Public License for more details.
  22  *
  23  * You should have received a copy of the GNU General Public License
  24  * along with this program; if not, see
  25  * https://www.gnu.org/licenses/gpl.html.
  26  */
  27 /*
  28  * Imported from Catacomb, and lightly modified for Secnet (2017-04-30):
  29  *
  30  *   * Use `fake-mLib-bits.h' in place of the real <mLib/bits.h>.
  31  *
  32  *   * Remove the 16/32-bit implementation, since C99 always has 64-bit
  33  *     arithmetic.
  34  *
  35  * The file's original comment headers are preserved below.
  36  */
  37 /* -*-c-*-
  38  *
  39  * Arithmetic in the Goldilocks field GF(2^448 - 2^224 - 1)
  40  *
  41  * (c) 2017 Straylight/Edgeware
  42  */
  43
  44 /*----- Licensing notice --------------------------------------------------*
  45  *
  46  * This file is part of Catacomb.
  47  *
  48  * Catacomb is free software; you can redistribute it and/or modify
  49  * it under the terms of the GNU Library General Public License as
  50  * published by the Free Software Foundation; either version 2 of the
  51  * License, or (at your option) any later version.
  52  *
  53  * Catacomb is distributed in the hope that it will be useful,
  54  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  55  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  56  * GNU Library General Public License for more details.
  57  *
  58  * You should have received a copy of the GNU Library General Public
  59  * License along with Catacomb; if not, write to the Free
  60  * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
  61  * MA 02111-1307, USA.
  62  */
  63
  64 #ifndef CATACOMB_FGOLDI_H
  65 #define CATACOMB_FGOLDI_H
  66
  67 #ifdef __cplusplus
  68   extern "C" {
  69 #endif
  70
  71 /*----- Header files ------------------------------------------------------*/
  72
  73 #include "fake-mLib-bits.h"
  74
  75 #ifndef CATACOMB_QFARITH_H
  76 #  include "qfarith.h"
  77 #endif
  78
  79 /*----- Data structures ---------------------------------------------------*/
  80
  81 typedef union {
  82   int32 p28[16];
  83 } fgoldi;
  84
  85 #if !defined(FGOLDI_IMPL) && defined(HAVE_INT64)
  86 #  define FGOLDI_IMPL 28
  87 #endif
  88
  89 #ifndef FGOLDI_IMPL
  90 #  define FGOLDI_IMPL 12
  91 #endif
  92
  93 /*----- Functions provided ------------------------------------------------*/
  94
  95 /* --- @fgoldi_load@ --- *
  96  *
  97  * Arguments:   @fgoldi *z@ = where to store the result
  98  *              @const octet xv[56]@ = source to read
  99  *
 100  * Returns:     ---
 101  *
 102  * Use:         Reads an element of %$\gf{2^{448} - 2^{224} - 19}$% in
 103  *              external representation from @xv@ and stores it in @z@.
 104  *
 105  *              External representation is little-endian base-256.  Some
 106  *              elements have multiple encodings, which are not produced by
 107  *              correct software; use of noncanonical encodings is not an
 108  *              error, and toleration of them is considered a performance
 109  *              feature.
 110  */
 111
 112 extern void fgoldi_load(fgoldi */*z*/, const octet /*xv*/[56]);
 113
 114 /* --- @fgoldi_store@ --- *
 115  *
 116  * Arguments:   @octet zv[56]@ = where to write the result
 117  *              @const fgoldi *x@ = the field element to write
 118  *
 119  * Returns:     ---
 120  *
 121  * Use:         Stores a field element in the given octet vector in external
 122  *              representation.  A canonical encoding is always stored.
 123  */
 124
 125 extern void fgoldi_store(octet /*zv*/[56], const fgoldi */*x*/);
 126
 127 /* --- @fgoldi_set@ --- *
 128  *
 129  * Arguments:   @fgoldi *z@ = where to write the result
 130  *              @int a@ = a small-ish constant
 131  *
 132  * Returns:     ---
 133  *
 134  * Use:         Sets @z@ to equal @a@.
 135  */
 136
 137 extern void fgoldi_set(fgoldi */*x*/, int /*a*/);
 138
 139 /* --- @fgoldi_add@ --- *
 140  *
 141  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@ or @y@)
 142  *              @const fgoldi *x, *y@ = two operands
 143  *
 144  * Returns:     ---
 145  *
 146  * Use:         Set @z@ to the sum %$x + y$%.
 147  */
 148
 149 extern void fgoldi_add(fgoldi */*z*/,
 150                        const fgoldi */*x*/, const fgoldi */*y*/);
 151
 152 /* --- @fgoldi_sub@ --- *
 153  *
 154  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@ or @y@)
 155  *              @const fgoldi *x, *y@ = two operands
 156  *
 157  * Returns:     ---
 158  *
 159  * Use:         Set @z@ to the difference %$x - y$%.
 160  */
 161
 162 extern void fgoldi_sub(fgoldi */*z*/,
 163                        const fgoldi */*x*/, const fgoldi */*y*/);
 164
 165 /* --- @fgoldi_condswap@ --- *
 166  *
 167  * Arguments:   @fgoldi *x, *y@ = two operands
 168  *              @uint32 m@ = a mask
 169  *
 170  * Returns:     ---
 171  *
 172  * Use:         If @m@ is zero, do nothing; if @m@ is all-bits-set, then
 173  *              exchange @x@ and @y@.  If @m@ has some other value, then
 174  *              scramble @x@ and @y@ in an unhelpful way.
 175  */
 176
 177 extern void fgoldi_condswap(fgoldi */*x*/, fgoldi */*y*/, uint32 /*m*/);
 178
 179 /* --- @fgoldi_mulconst@ --- *
 180  *
 181  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@)
 182  *              @const fgoldi *x@ = an operand
 183  *              @long a@ = a small-ish constant; %$|a| < 2^{20}$%.
 184  *
 185  * Returns:     ---
 186  *
 187  * Use:         Set @z@ to the product %$a x$%.
 188  */
 189
 190 extern void fgoldi_mulconst(fgoldi */*z*/, const fgoldi */*x*/, long /*a*/);
 191
 192 /* --- @fgoldi_mul@ --- *
 193  *
 194  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@ or @y@)
 195  *              @const fgoldi *x, *y@ = two operands
 196  *
 197  * Returns:     ---
 198  *
 199  * Use:         Set @z@ to the product %$x y$%.
 200  */
 201
 202 extern void fgoldi_mul(fgoldi */*z*/,
 203                        const fgoldi */*x*/, const fgoldi */*y*/);
 204
 205 /* --- @fgoldi_sqr@ --- *
 206  *
 207  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@ or @y@)
 208  *              @const fgoldi *x@ = an operand
 209  *
 210  * Returns:     ---
 211  *
 212  * Use:         Set @z@ to the square %$x^2$%.
 213  */
 214
 215 extern void fgoldi_sqr(fgoldi */*z*/, const fgoldi */*x*/);
 216
 217 /* --- @fgoldi_inv@ --- *
 218  *
 219  * Arguments:   @fgoldi *z@ = where to put the result (may alias @x@)
 220  *              @const fgoldi *x@ = an operand
 221  *
 222  * Returns:     ---
 223  *
 224  * Use:         Stores in @z@ the multiplicative inverse %$x^{-1}$%.  If
 225  *              %$x = 0$% then @z@ is set to zero.  This is considered a
 226  *              feature.
 227  */
 228
 229 extern void fgoldi_inv(fgoldi */*z*/, const fgoldi */*x*/);
 230
 231 /*----- That's all, folks -------------------------------------------------*/
 232
 233 #ifdef __cplusplus
 234   }
 235 #endif
 236
 237 #endif