diff --git a/p751toolbox/field.go b/p751toolbox/field.go index cbace38..b5dfc7b 100644 --- a/p751toolbox/field.go +++ b/p751toolbox/field.go @@ -210,18 +210,6 @@ func ExtensionFieldConditionalSwap(x, y *ExtensionFieldElement, choice uint8) { fp751ConditionalSwap(&x.B, &y.B, choice) } -// Set dest = if choice == 0 { x } else { y }, in constant time. -// -// Can overlap z with x or y or both. -// -// Returns dest to allow chaining operations. -func (dest *ExtensionFieldElement) ConditionalAssign(x, y *ExtensionFieldElement, choice uint8) *ExtensionFieldElement { - fp751ConditionalAssign(&dest.A, &x.A, &y.A, choice) - fp751ConditionalAssign(&dest.B, &x.B, &y.B, choice) - - return dest -} - // Returns true if lhs = rhs. Takes variable time. func (lhs *ExtensionFieldElement) VartimeEq(rhs *ExtensionFieldElement) bool { return lhs.A.vartimeEq(rhs.A) && lhs.B.vartimeEq(rhs.B) @@ -387,17 +375,6 @@ func PrimeFieldConditionalSwap(x, y *PrimeFieldElement, choice uint8) { fp751ConditionalSwap(&x.A, &y.A, choice) } -// Set dest = if choice == 0 { x } else { y }, in constant time. -// -// Can overlap z with x or y or both. -// -// Returns dest to allow chaining operations. -func (dest *PrimeFieldElement) ConditionalAssign(x, y *PrimeFieldElement, choice uint8) *PrimeFieldElement { - fp751ConditionalAssign(&dest.A, &x.A, &y.A, choice) - - return dest -} - // Set dest = sqrt(x), if x is a square. If x is nonsquare dest is undefined. // // Allowed to overlap x with dest. @@ -500,13 +477,6 @@ type fp751X2 [2 * fp751NumWords]uint64 //go:noescape func fp751ConditionalSwap(x, y *Fp751Element, choice uint8) -// If choice = 0, set z = x. If choice = 1, set z = y. -// This function executes in constant time. -// -// Can overlap z with x or y or both. -//go:noescape -func fp751ConditionalAssign(z, x, y *Fp751Element, choice uint8) - // Compute z = x + y (mod p). //go:noescape func fp751AddReduced(z, x, y *Fp751Element) diff --git a/p751toolbox/field_amd64.s b/p751toolbox/field_amd64.s index 5994025..6618987 100644 --- a/p751toolbox/field_amd64.s +++ b/p751toolbox/field_amd64.s @@ -250,101 +250,6 @@ TEXT ·fp751ConditionalSwap(SB), NOSPLIT, $0-17 RET -TEXT ·fp751ConditionalAssign(SB), NOSPLIT, $0-25 - - MOVQ z+0(FP), REG_P3 - MOVQ x+8(FP), REG_P1 - MOVQ y+16(FP), REG_P2 - MOVB choice+24(FP), AL // AL = 0 or 1 - MOVBLZX AL, AX // AX = 0 or 1 - NEGQ AX // RAX = 0x00..00 or 0xff..ff - - MOVQ (0*8)(REG_P1), BX // BX = x[0] - MOVQ (0*8)(REG_P2), CX // CX = y[0] - XORQ BX, CX // CX = y[0] ^ x[0] - ANDQ AX, CX // CX = (y[0] ^ x[0]) & mask - XORQ BX, CX // CX = (y[0] ^ x[0]) & mask) ^ x[0] - MOVQ CX, (0*8)(REG_P3) // = x[0] or y[0] - - MOVQ (1*8)(REG_P1), BX - MOVQ (1*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (1*8)(REG_P3) - - MOVQ (2*8)(REG_P1), BX - MOVQ (2*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (2*8)(REG_P3) - - MOVQ (3*8)(REG_P1), BX - MOVQ (3*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (3*8)(REG_P3) - - MOVQ (4*8)(REG_P1), BX - MOVQ (4*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (4*8)(REG_P3) - - MOVQ (5*8)(REG_P1), BX - MOVQ (5*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (5*8)(REG_P3) - - MOVQ (6*8)(REG_P1), BX - MOVQ (6*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (6*8)(REG_P3) - - MOVQ (7*8)(REG_P1), BX - MOVQ (7*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (7*8)(REG_P3) - - MOVQ (8*8)(REG_P1), BX - MOVQ (8*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (8*8)(REG_P3) - - MOVQ (9*8)(REG_P1), BX - MOVQ (9*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (9*8)(REG_P3) - - MOVQ (10*8)(REG_P1), BX - MOVQ (10*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (10*8)(REG_P3) - - MOVQ (11*8)(REG_P1), BX - MOVQ (11*8)(REG_P2), CX - XORQ BX, CX - ANDQ AX, CX - XORQ BX, CX - MOVQ CX, (11*8)(REG_P3) - - RET - TEXT ·fp751AddReduced(SB), NOSPLIT, $0-24 MOVQ z+0(FP), REG_P3 diff --git a/p751toolbox/field_test.go b/p751toolbox/field_test.go index 9742dab..ce3b058 100644 --- a/p751toolbox/field_test.go +++ b/p751toolbox/field_test.go @@ -390,24 +390,6 @@ func TestFp751ElementConditionalSwap(t *testing.T) { } } -func TestFp751ElementConditionalAssign(t *testing.T) { - var one = Fp751Element{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1} - var two = Fp751Element{2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2} - var three = Fp751Element{3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3} - - fp751ConditionalAssign(&one, &two, &three, 0) - - if one != two { - t.Error("Found", one, "expected", two) - } - - fp751ConditionalAssign(&one, &two, &three, 1) - - if one != three { - t.Error("Found", one, "expected", three) - } -} - // Package-level storage for this field element is intended to deter // compiler optimizations. var benchmarkFp751Element Fp751Element