Xuyi Wang / wolfcrypt

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers fe_operations.h Source File

fe_operations.h

00001 /* fe_operations.h
00002  *
00003  * Copyright (C) 2006-2017 wolfSSL Inc.
00004  *
00005  * This file is part of wolfSSL.
00006  *
00007  * wolfSSL is free software; you can redistribute it and/or modify
00008  * it under the terms of the GNU General Public License as published by
00009  * the Free Software Foundation; either version 2 of the License, or
00010  * (at your option) any later version.
00011  *
00012  * wolfSSL is distributed in the hope that it will be useful,
00013  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  * GNU General Public License for more details.
00016  *
00017  * You should have received a copy of the GNU General Public License
00018  * along with this program; if not, write to the Free Software
00019  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
00020  */
00021 
00022 
00023 #ifndef WOLF_CRYPT_FE_OPERATIONS_H
00024 #define WOLF_CRYPT_FE_OPERATIONS_H
00025 
00026 #include <wolfcrypt/settings.h>
00027 
00028 #if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
00029 
00030 #if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
00031     #include <stdint.h>
00032 #endif
00033 
00034 #include <wolfcrypt/types.h>
00035 
00036 #if defined(USE_INTEL_SPEEDUP) && !defined(NO_CURVED25519_X64)
00037     #define CURVED25519_X64
00038 #elif defined(HAVE___UINT128_T) && !defined(NO_CURVED25519_128BIT)
00039     #define CURVED25519_128BIT
00040 #endif
00041 
00042 /*
00043 fe means field element.
00044 Here the field is \Z/(2^255-19).
00045 An element t, entries t[0]...t[9], represents the integer
00046 t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].
00047 Bounds on each t[i] vary depending on context.
00048 */
00049 
00050 #if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
00051     #define F25519_SIZE 32
00052 
00053     WOLFSSL_LOCAL void lm_copy(byte*, const byte*);
00054     WOLFSSL_LOCAL void lm_add(byte*, const byte*, const byte*);
00055     WOLFSSL_LOCAL void lm_sub(byte*, const byte*, const byte*);
00056     WOLFSSL_LOCAL void lm_neg(byte*,const byte*);
00057     WOLFSSL_LOCAL void lm_invert(byte*, const byte*);
00058     WOLFSSL_LOCAL void lm_mul(byte*,const byte*,const byte*);
00059 #endif
00060 
00061 
00062 #if !defined(FREESCALE_LTC_ECC)
00063 WOLFSSL_LOCAL void fe_init(void);
00064 
00065 WOLFSSL_LOCAL int  curve25519(byte * q, byte * n, byte * p);
00066 #endif
00067 
00068 /* default to be faster but take more memory */
00069 #if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
00070 
00071 #ifdef CURVED25519_X64
00072     typedef int64_t  fe[4];
00073 #elif defined(CURVED25519_128BIT)
00074     typedef int64_t  fe[5];
00075 #else
00076     typedef int32_t  fe[10];
00077 #endif
00078 
00079 WOLFSSL_LOCAL void fe_copy(fe, const fe);
00080 WOLFSSL_LOCAL void fe_add(fe, const fe, const fe);
00081 WOLFSSL_LOCAL void fe_neg(fe,const fe);
00082 WOLFSSL_LOCAL void fe_sub(fe, const fe, const fe);
00083 WOLFSSL_LOCAL void fe_invert(fe, const fe);
00084 WOLFSSL_LOCAL void fe_mul(fe,const fe,const fe);
00085 
00086 
00087 /* Based On Daniel J Bernstein's curve25519 and ed25519 Public Domain ref10
00088    work. */
00089 
00090 WOLFSSL_LOCAL void fe_0(fe);
00091 WOLFSSL_LOCAL void fe_1(fe);
00092 WOLFSSL_LOCAL int  fe_isnonzero(const fe);
00093 WOLFSSL_LOCAL int  fe_isnegative(const fe);
00094 WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe);
00095 WOLFSSL_LOCAL void fe_sq(fe, const fe);
00096 WOLFSSL_LOCAL void fe_sq2(fe,const fe);
00097 WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *);
00098 WOLFSSL_LOCAL void fe_cswap(fe, fe, int);
00099 WOLFSSL_LOCAL void fe_mul121666(fe,fe);
00100 WOLFSSL_LOCAL void fe_cmov(fe,const fe, int);
00101 WOLFSSL_LOCAL void fe_pow22523(fe,const fe);
00102 
00103 /* 64 type needed for SHA512 */
00104 WOLFSSL_LOCAL uint64_t load_3(const unsigned char *in);
00105 WOLFSSL_LOCAL uint64_t load_4(const unsigned char *in);
00106 
00107 #ifdef CURVED25519_X64
00108 WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py,
00109                                const fe pz, const fe pt);
00110 WOLFSSL_LOCAL void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px,
00111                                const fe py, const fe pz, const fe pt);
00112 WOLFSSL_LOCAL void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px,
00113                              const fe py, const fe pz);
00114 WOLFSSL_LOCAL void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px,
00115                               const fe py, const fe pz, const fe pt,
00116                               const fe qxy2d, const fe qyplusx,
00117                               const fe qyminusx);
00118 WOLFSSL_LOCAL void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px,
00119                               const fe py, const fe pz, const fe pt,
00120                               const fe qxy2d, const fe qyplusx,
00121                               const fe qyminusx);
00122 WOLFSSL_LOCAL void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px,
00123                              const fe py, const fe pz, const fe pt, const fe qz,
00124                              const fe qt2d, const fe qyplusx,
00125                              const fe qyminusx);
00126 WOLFSSL_LOCAL void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px,
00127                              const fe py, const fe pz, const fe pt, const fe qz,
00128                              const fe qt2d, const fe qyplusx,
00129                              const fe qyminusx);
00130 WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);
00131 #endif /* CURVED25519_X64 */
00132 #endif /* !CURVE25519_SMALL || !ED25519_SMALL */
00133 
00134 /* Use less memory and only 32bit types or less, but is slower
00135    Based on Daniel Beer's public domain work. */
00136 #if defined(CURVE25519_SMALL) || defined(ED25519_SMALL)
00137 static const byte c25519_base_x[F25519_SIZE] = {9};
00138 static const byte f25519_zero[F25519_SIZE]   = {0};
00139 static const byte f25519_one[F25519_SIZE]    = {1};
00140 static const byte fprime_zero[F25519_SIZE]   = {0};
00141 static const byte fprime_one[F25519_SIZE]    = {1};
00142 
00143 WOLFSSL_LOCAL void fe_load(byte *x, word32 c);
00144 WOLFSSL_LOCAL void fe_normalize(byte *x);
00145 WOLFSSL_LOCAL void fe_inv__distinct(byte *r, const byte *x);
00146 
00147 /* Conditional copy. If condition == 0, then zero is copied to dst. If
00148  * condition == 1, then one is copied to dst. Any other value results in
00149  * undefined behavior.
00150  */
00151 WOLFSSL_LOCAL void fe_select(byte *dst, const byte *zero, const byte *one,
00152            byte condition);
00153 
00154 /* Multiply a point by a small constant. The two pointers are not
00155  * required to be distinct.
00156  *
00157  * The constant must be less than 2^24.
00158  */
00159 WOLFSSL_LOCAL void fe_mul_c(byte *r, const byte *a, word32 b);
00160 WOLFSSL_LOCAL void fe_mul__distinct(byte *r, const byte *a, const byte *b);
00161 
00162 /* Compute one of the square roots of the field element, if the element
00163  * is square. The other square is -r.
00164  *
00165  * If the input is not square, the returned value is a valid field
00166  * element, but not the correct answer. If you don't already know that
00167  * your element is square, you should square the return value and test.
00168  */
00169 WOLFSSL_LOCAL void fe_sqrt(byte *r, const byte *x);
00170 
00171 /* Conditional copy. If condition == 0, then zero is copied to dst. If
00172  * condition == 1, then one is copied to dst. Any other value results in
00173  * undefined behavior.
00174  */
00175 WOLFSSL_LOCAL void fprime_select(byte *dst, const byte *zero, const byte *one,
00176                                  byte condition);
00177 WOLFSSL_LOCAL void fprime_add(byte *r, const byte *a, const byte *modulus);
00178 WOLFSSL_LOCAL void fprime_sub(byte *r, const byte *a, const byte *modulus);
00179 WOLFSSL_LOCAL void fprime_mul(byte *r, const byte *a, const byte *b,
00180                               const byte *modulus);
00181 WOLFSSL_LOCAL void fprime_copy(byte *x, const byte *a);
00182 
00183 #endif /* CURVE25519_SMALL || ED25519_SMALL */
00184 #endif /* HAVE_CURVE25519 || HAVE_ED25519 */
00185 
00186 #endif /* WOLF_CRYPT_FE_OPERATIONS_H */
00187
Generated on Tue Jul 12 2022 16:58:06 by  doxygen 1.7.2