forked from microsoft/PQCrypto-SIDH
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfp_arm64.c
109 lines (76 loc) · 3.08 KB
/
fp_arm64.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/********************************************************************************************
* SIDH: an efficient supersingular isogeny cryptography library
*
* Abstract: modular arithmetic optimized for 64-bit ARMv8 platforms for P610
*********************************************************************************************/
#include "../P610_internal.h"
// Global constants
extern const uint64_t p610[NWORDS_FIELD];
extern const uint64_t p610p1[NWORDS_FIELD];
extern const uint64_t p610x2[NWORDS_FIELD];
extern const uint64_t p610x4[NWORDS_FIELD];
__inline void mp_sub610_p2(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 2*p, c = a-b+2p.
mp_sub610_p2_asm(a, b, c);
}
__inline void mp_sub610_p4(const digit_t* a, const digit_t* b, digit_t* c)
{ // Multiprecision subtraction with correction with 4*p, c = a-b+4p.
mp_sub610_p4_asm(a, b, c);
}
__inline void fpadd610(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular addition, c = a+b mod p610.
// Inputs: a, b in [0, 2*p610-1]
// Output: c in [0, 2*p610-1]
fpadd610_asm(a, b, c);
}
__inline void fpsub610(const digit_t* a, const digit_t* b, digit_t* c)
{ // Modular subtraction, c = a-b mod p610.
// Inputs: a, b in [0, 2*p610-1]
// Output: c in [0, 2*p610-1]
fpsub610_asm(a, b, c);
}
__inline void fpneg610(digit_t* a)
{ // Modular negation, a = -a mod p610.
// Input/output: a in [0, 2*p610-1]
unsigned int i, borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
SUBC(borrow, ((digit_t*)p610x2)[i], a[i], borrow, a[i]);
}
}
void fpdiv2_610(const digit_t* a, digit_t* c)
{ // Modular division by two, c = a/2 mod p610.
// Input : a in [0, 2*p610-1]
// Output: c in [0, 2*p610-1]
unsigned int i, carry = 0;
digit_t mask;
mask = 0 - (digit_t)(a[0] & 1); // If a is odd compute a+p521
for (i = 0; i < NWORDS_FIELD; i++) {
ADDC(carry, a[i], ((digit_t*)p610)[i] & mask, carry, c[i]);
}
mp_shiftr1(c, NWORDS_FIELD);
}
void fpcorrection610(digit_t* a)
{ // Modular correction to reduce field element a in [0, 2*p610-1] to [0, p610-1].
unsigned int i, borrow = 0;
digit_t mask;
for (i = 0; i < NWORDS_FIELD; i++) {
SUBC(borrow, a[i], ((digit_t*)p610)[i], borrow, a[i]);
}
mask = 0 - (digit_t)borrow;
borrow = 0;
for (i = 0; i < NWORDS_FIELD; i++) {
ADDC(borrow, a[i], ((digit_t*)p610)[i] & mask, borrow, a[i]);
}
}
void mp_mul(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int nwords)
{ // Multiprecision multiply, c = a*b, where lng(a) = lng(b) = nwords.
UNREFERENCED_PARAMETER(nwords);
mul610_asm(a, b, c);
}
void rdc_mont(digit_t* ma, digit_t* mc)
{ // Montgomery reduction exploiting special form of the prime.
// mc = ma*R^-1 mod p610x2, where R = 2^512.
// If ma < 2^512*p610, the output mc is in the range [0, 2*p610-1].
// ma is assumed to be in Montgomery representation.
rdc610_asm(ma, mc);
}