X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/0bcb8184cfce875a4dde57621139dd44c433f3a5..refs/heads/mdw/xdh:/qfarith.h diff --git a/qfarith.h b/qfarith.h index fcedf3e..f41aa95 100644 --- a/qfarith.h +++ b/qfarith.h @@ -1,40 +1,3 @@ -/* - * qfarith.h: utilities for quick field arithmetic - */ -/* - * This file is Free Software. It has been modified to as part of its - * incorporation into secnet. - * - * Copyright 2017 Mark Wooding - * - * You may redistribute this file and/or modify it under the terms of - * the permissive licence shown below. - * - * You may redistribute secnet as a whole and/or modify it under the - * terms of the GNU General Public License as published by the Free - * Software Foundation; either version 3, or (at your option) any - * later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see - * https://www.gnu.org/licenses/gpl.html. - */ -/* - * Imported from Catacomb, and modified for Secnet (2017-04-30): - * - * * Use `fake-mLib-bits.h' in place of the real . - * - * * Use C99 signed integer types instead of our own local probing. - * - * * Remove the support for non-two's-complement targets. - * - * The file's original comment headers are preserved below. - */ /* -*-c-*- * * Utilities for quick field arithmetic @@ -44,7 +7,26 @@ /*----- Licensing notice --------------------------------------------------* * - * This file is part of Catacomb. + * This file is part of secnet. + * See README for full list of copyright holders. + * + * secnet is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version d of the License, or + * (at your option) any later version. + * + * secnet is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 3 along with secnet; if not, see + * https://www.gnu.org/licenses/gpl.html. + * + * This file was originally part of Catacomb, but has been automatically + * modified for incorporation into secnet: see `import-catacomb-crypto' + * for details. * * Catacomb is free software; you can redistribute it and/or modify * it under the terms of the GNU Library General Public License as @@ -72,14 +54,12 @@ /*----- Header files ------------------------------------------------------*/ #include -#include #include "fake-mLib-bits.h" - /*----- Signed integer types ----------------------------------------------*/ -typedef int_fast32_t int32; -typedef int_fast64_t int64; +typedef int32_t int32; +typedef int64_t int64; #define HAVE_INT64 1 /*----- General bit-hacking utilities -------------------------------------*/ @@ -100,42 +80,38 @@ typedef int_fast64_t int64; /*----- Constant-time utilities -------------------------------------------*/ /* The following have better implementations on a two's complement target. */ -#ifdef NEG_TWOC - - /* If we have two's complement arithmetic then masks are signed; this - * avoids a switch to unsigned representation, with the consequent problem - * of overflow when we convert back. - */ - typedef int32 mask32; - - /* Convert an unsigned mask M into a `mask32'. This is a hairy-looking - * no-op on many targets, but, given that we have two's complement - * integers, it is free of arithmetic overflow. - */ -# define FIX_MASK32(m) \ - ((mask32)((m)&0x7fffffffu) + (-(mask32)0x7fffffff - 1)*(((m) >> 31)&1u)) - - /* If Z is zero and M has its low 32 bits set, then copy (at least) the low - * 32 bits of X to Z; if M is zero, do nothing. Otherwise, scramble Z - * unhelpfully. - */ -# define CONDPICK(z, x, m) do { (z) |= (x)&(m); } while (0) - - /* If M has its low 32 bits set, then return (at least) the low 32 bits of - * X in Z; if M is zero, then return (at least) the low 32 bits of Y in Z. - * Otherwise, return an unhelful result. - */ -# define PICK2(x, y, m) (((x)&(m)) | ((y)&~(m))) - - /* If M has its low 32 bits set then swap (at least) the low 32 bits of X - * and Y; if M is zero, then do nothing. Otherwise, scramble X and Y - * unhelpfully. - */ -# define CONDSWAP(x, y, m) \ - do { mask32 t_ = ((x) ^ (y))&(m); (x) ^= t_; (y) ^= t_; } while (0) -#else -# error "Targets without two's complement arithmetic aren't supported" -#endif + +/* If we have two's complement arithmetic then masks are signed; this + * avoids a switch to unsigned representation, with the consequent problem + * of overflow when we convert back. + */ +typedef int32 mask32; + +/* Convert an unsigned mask M into a `mask32'. This is a hairy-looking + * no-op on many targets, but, given that we have two's complement + * integers, it is free of arithmetic overflow. + */ +#define FIX_MASK32(m) \ + ((mask32)((m)&0x7fffffffu) + (-(mask32)0x7fffffff - 1)*(((m) >> 31)&1u)) + +/* If Z is zero and M has its low 32 bits set, then copy (at least) the low + * 32 bits of X to Z; if M is zero, do nothing. Otherwise, scramble Z + * unhelpfully. + */ +#define CONDPICK(z, x, m) do { (z) |= (x)&(m); } while (0) + +/* If M has its low 32 bits set, then return (at least) the low 32 bits of + * X in Z; if M is zero, then return (at least) the low 32 bits of Y in Z. + * Otherwise, return an unhelful result. + */ +#define PICK2(x, y, m) (((x)&(m)) | ((y)&~(m))) + +/* If M has its low 32 bits set then swap (at least) the low 32 bits of X + * and Y; if M is zero, then do nothing. Otherwise, scramble X and Y + * unhelpfully. + */ +#define CONDSWAP(x, y, m) \ + do { mask32 t_ = ((x) ^ (y))&(m); (x) ^= t_; (y) ^= t_; } while (0) /* Return zero if bit 31 of X is clear, or a mask with (at least) the low 32 * bits set if bit 31 of X is set.