|
|
@@ -1,16 +1,24 @@ |
|
|
|
/* Copyright (c) 2015, Google Inc. |
|
|
|
* |
|
|
|
* Permission to use, copy, modify, and/or distribute this software for any |
|
|
|
* purpose with or without fee is hereby granted, provided that the above |
|
|
|
* copyright notice and this permission notice appear in all copies. |
|
|
|
* |
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
|
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
|
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
|
|
|
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
|
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
|
|
|
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
|
|
|
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
|
|
|
// The MIT License (MIT) |
|
|
|
// |
|
|
|
// Copyright (c) 2015-2016 the fiat-crypto authors (see the AUTHORS file). |
|
|
|
// |
|
|
|
// Permission is hereby granted, free of charge, to any person obtaining a copy |
|
|
|
// of this software and associated documentation files (the "Software"), to deal |
|
|
|
// in the Software without restriction, including without limitation the rights |
|
|
|
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
|
|
// copies of the Software, and to permit persons to whom the Software is |
|
|
|
// furnished to do so, subject to the following conditions: |
|
|
|
// |
|
|
|
// The above copyright notice and this permission notice shall be included in all |
|
|
|
// copies or substantial portions of the Software. |
|
|
|
// |
|
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
|
|
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
|
|
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
|
|
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
|
|
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
|
|
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
|
|
// SOFTWARE. |
|
|
|
|
|
|
|
#ifndef OPENSSL_HEADER_CURVE25519_INTERNAL_H |
|
|
|
#define OPENSSL_HEADER_CURVE25519_INTERNAL_H |
|
|
@@ -40,13 +48,13 @@ void x25519_NEON(uint8_t out[32], const uint8_t scalar[32], |
|
|
|
// fe means field element. Here the field is \Z/(2^255-19). An element t, |
|
|
|
// entries t[0]...t[9], represents the integer t[0]+2^26 t[1]+2^51 t[2]+2^77 |
|
|
|
// t[3]+2^102 t[4]+...+2^230 t[9]. |
|
|
|
// fe limbs are bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
|
|
// fe limbs are bounded by 1.125*2^26,1.125*2^25,1.125*2^26,1.125*2^25,etc. |
|
|
|
// Multiplication and carrying produce fe from fe_loose. |
|
|
|
typedef struct fe { int32_t v[10]; } fe; |
|
|
|
typedef struct fe { uint32_t v[10]; } fe; |
|
|
|
|
|
|
|
// fe_loose limbs are bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. |
|
|
|
// fe_loose limbs are bounded by 3.375*2^26,3.375*2^25,3.375*2^26,3.375*2^25,etc. |
|
|
|
// Addition and subtraction produce fe_loose from (fe, fe). |
|
|
|
typedef struct fe_loose { int32_t v[10]; } fe_loose; |
|
|
|
typedef struct fe_loose { uint32_t v[10]; } fe_loose; |
|
|
|
|
|
|
|
/* ge means group element. |
|
|
|
|
|
|
|