summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDonovan Hide <donovanhide@gmail.com>2015-05-24 18:15:47 +0100
committerAdam Langley <agl@google.com>2015-08-26 15:09:04 -0700
commit235aa498686d32912940f1c68d0e8ccda2f28d6f (patch)
treee8cb31ba9aeb194970acc31d601cd720b82a0e46
parent95b10c44db8faa0e3a95c76440b2b0d4665eb7a8 (diff)
downloaded25519-235aa498686d32912940f1c68d0e8ccda2f28d6f.tar.xz
Make life easier for the compiler
-rw-r--r--edwards25519/edwards25519.go286
1 files changed, 83 insertions, 203 deletions
diff --git a/edwards25519/edwards25519.go b/edwards25519/edwards25519.go
index a655825..0484f35 100644
--- a/edwards25519/edwards25519.go
+++ b/edwards25519/edwards25519.go
@@ -375,214 +375,94 @@ func FeCombine(h *FieldElement, h0, h1, h2, h3, h4, h5, h6, h7, h8, h9 int64) {
//
// With tighter constraints on inputs can squeeze carries into int32.
func FeMul(h, f, g *FieldElement) {
- g1_19 := 19 * g[1] /* 1.4*2^29 */
- g2_19 := 19 * g[2] /* 1.4*2^30; still ok */
- g3_19 := 19 * g[3]
- g4_19 := 19 * g[4]
- g5_19 := 19 * g[5]
- g6_19 := 19 * g[6]
- g7_19 := 19 * g[7]
- g8_19 := 19 * g[8]
- g9_19 := 19 * g[9]
- f1_2 := 2 * f[1]
- f3_2 := 2 * f[3]
- f5_2 := 2 * f[5]
- f7_2 := 2 * f[7]
- f9_2 := 2 * f[9]
- f0g0 := int64(f[0]) * int64(g[0])
- f0g1 := int64(f[0]) * int64(g[1])
- f0g2 := int64(f[0]) * int64(g[2])
- f0g3 := int64(f[0]) * int64(g[3])
- f0g4 := int64(f[0]) * int64(g[4])
- f0g5 := int64(f[0]) * int64(g[5])
- f0g6 := int64(f[0]) * int64(g[6])
- f0g7 := int64(f[0]) * int64(g[7])
- f0g8 := int64(f[0]) * int64(g[8])
- f0g9 := int64(f[0]) * int64(g[9])
- f1g0 := int64(f[1]) * int64(g[0])
- f1g1_2 := int64(f1_2) * int64(g[1])
- f1g2 := int64(f[1]) * int64(g[2])
- f1g3_2 := int64(f1_2) * int64(g[3])
- f1g4 := int64(f[1]) * int64(g[4])
- f1g5_2 := int64(f1_2) * int64(g[5])
- f1g6 := int64(f[1]) * int64(g[6])
- f1g7_2 := int64(f1_2) * int64(g[7])
- f1g8 := int64(f[1]) * int64(g[8])
- f1g9_38 := int64(f1_2) * int64(g9_19)
- f2g0 := int64(f[2]) * int64(g[0])
- f2g1 := int64(f[2]) * int64(g[1])
- f2g2 := int64(f[2]) * int64(g[2])
- f2g3 := int64(f[2]) * int64(g[3])
- f2g4 := int64(f[2]) * int64(g[4])
- f2g5 := int64(f[2]) * int64(g[5])
- f2g6 := int64(f[2]) * int64(g[6])
- f2g7 := int64(f[2]) * int64(g[7])
- f2g8_19 := int64(f[2]) * int64(g8_19)
- f2g9_19 := int64(f[2]) * int64(g9_19)
- f3g0 := int64(f[3]) * int64(g[0])
- f3g1_2 := int64(f3_2) * int64(g[1])
- f3g2 := int64(f[3]) * int64(g[2])
- f3g3_2 := int64(f3_2) * int64(g[3])
- f3g4 := int64(f[3]) * int64(g[4])
- f3g5_2 := int64(f3_2) * int64(g[5])
- f3g6 := int64(f[3]) * int64(g[6])
- f3g7_38 := int64(f3_2) * int64(g7_19)
- f3g8_19 := int64(f[3]) * int64(g8_19)
- f3g9_38 := int64(f3_2) * int64(g9_19)
- f4g0 := int64(f[4]) * int64(g[0])
- f4g1 := int64(f[4]) * int64(g[1])
- f4g2 := int64(f[4]) * int64(g[2])
- f4g3 := int64(f[4]) * int64(g[3])
- f4g4 := int64(f[4]) * int64(g[4])
- f4g5 := int64(f[4]) * int64(g[5])
- f4g6_19 := int64(f[4]) * int64(g6_19)
- f4g7_19 := int64(f[4]) * int64(g7_19)
- f4g8_19 := int64(f[4]) * int64(g8_19)
- f4g9_19 := int64(f[4]) * int64(g9_19)
- f5g0 := int64(f[5]) * int64(g[0])
- f5g1_2 := int64(f5_2) * int64(g[1])
- f5g2 := int64(f[5]) * int64(g[2])
- f5g3_2 := int64(f5_2) * int64(g[3])
- f5g4 := int64(f[5]) * int64(g[4])
- f5g5_38 := int64(f5_2) * int64(g5_19)
- f5g6_19 := int64(f[5]) * int64(g6_19)
- f5g7_38 := int64(f5_2) * int64(g7_19)
- f5g8_19 := int64(f[5]) * int64(g8_19)
- f5g9_38 := int64(f5_2) * int64(g9_19)
- f6g0 := int64(f[6]) * int64(g[0])
- f6g1 := int64(f[6]) * int64(g[1])
- f6g2 := int64(f[6]) * int64(g[2])
- f6g3 := int64(f[6]) * int64(g[3])
- f6g4_19 := int64(f[6]) * int64(g4_19)
- f6g5_19 := int64(f[6]) * int64(g5_19)
- f6g6_19 := int64(f[6]) * int64(g6_19)
- f6g7_19 := int64(f[6]) * int64(g7_19)
- f6g8_19 := int64(f[6]) * int64(g8_19)
- f6g9_19 := int64(f[6]) * int64(g9_19)
- f7g0 := int64(f[7]) * int64(g[0])
- f7g1_2 := int64(f7_2) * int64(g[1])
- f7g2 := int64(f[7]) * int64(g[2])
- f7g3_38 := int64(f7_2) * int64(g3_19)
- f7g4_19 := int64(f[7]) * int64(g4_19)
- f7g5_38 := int64(f7_2) * int64(g5_19)
- f7g6_19 := int64(f[7]) * int64(g6_19)
- f7g7_38 := int64(f7_2) * int64(g7_19)
- f7g8_19 := int64(f[7]) * int64(g8_19)
- f7g9_38 := int64(f7_2) * int64(g9_19)
- f8g0 := int64(f[8]) * int64(g[0])
- f8g1 := int64(f[8]) * int64(g[1])
- f8g2_19 := int64(f[8]) * int64(g2_19)
- f8g3_19 := int64(f[8]) * int64(g3_19)
- f8g4_19 := int64(f[8]) * int64(g4_19)
- f8g5_19 := int64(f[8]) * int64(g5_19)
- f8g6_19 := int64(f[8]) * int64(g6_19)
- f8g7_19 := int64(f[8]) * int64(g7_19)
- f8g8_19 := int64(f[8]) * int64(g8_19)
- f8g9_19 := int64(f[8]) * int64(g9_19)
- f9g0 := int64(f[9]) * int64(g[0])
- f9g1_38 := int64(f9_2) * int64(g1_19)
- f9g2_19 := int64(f[9]) * int64(g2_19)
- f9g3_38 := int64(f9_2) * int64(g3_19)
- f9g4_19 := int64(f[9]) * int64(g4_19)
- f9g5_38 := int64(f9_2) * int64(g5_19)
- f9g6_19 := int64(f[9]) * int64(g6_19)
- f9g7_38 := int64(f9_2) * int64(g7_19)
- f9g8_19 := int64(f[9]) * int64(g8_19)
- f9g9_38 := int64(f9_2) * int64(g9_19)
-
- h0 := f0g0 + f1g9_38 + f2g8_19 + f3g7_38 + f4g6_19 + f5g5_38 + f6g4_19 + f7g3_38 + f8g2_19 + f9g1_38
- h1 := f0g1 + f1g0 + f2g9_19 + f3g8_19 + f4g7_19 + f5g6_19 + f6g5_19 + f7g4_19 + f8g3_19 + f9g2_19
- h2 := f0g2 + f1g1_2 + f2g0 + f3g9_38 + f4g8_19 + f5g7_38 + f6g6_19 + f7g5_38 + f8g4_19 + f9g3_38
- h3 := f0g3 + f1g2 + f2g1 + f3g0 + f4g9_19 + f5g8_19 + f6g7_19 + f7g6_19 + f8g5_19 + f9g4_19
- h4 := f0g4 + f1g3_2 + f2g2 + f3g1_2 + f4g0 + f5g9_38 + f6g8_19 + f7g7_38 + f8g6_19 + f9g5_38
- h5 := f0g5 + f1g4 + f2g3 + f3g2 + f4g1 + f5g0 + f6g9_19 + f7g8_19 + f8g7_19 + f9g6_19
- h6 := f0g6 + f1g5_2 + f2g4 + f3g3_2 + f4g2 + f5g1_2 + f6g0 + f7g9_38 + f8g8_19 + f9g7_38
- h7 := f0g7 + f1g6 + f2g5 + f3g4 + f4g3 + f5g2 + f6g1 + f7g0 + f8g9_19 + f9g8_19
- h8 := f0g8 + f1g7_2 + f2g6 + f3g5_2 + f4g4 + f5g3_2 + f6g2 + f7g1_2 + f8g0 + f9g9_38
- h9 := f0g9 + f1g8 + f2g7 + f3g6 + f4g5 + f5g4 + f6g3 + f7g2 + f8g1 + f9g0
+ f0 := int64(f[0])
+ f1 := int64(f[1])
+ f2 := int64(f[2])
+ f3 := int64(f[3])
+ f4 := int64(f[4])
+ f5 := int64(f[5])
+ f6 := int64(f[6])
+ f7 := int64(f[7])
+ f8 := int64(f[8])
+ f9 := int64(f[9])
+
+ f1_2 := 2 * f1
+ f3_2 := 2 * f3
+ f5_2 := 2 * f5
+ f7_2 := 2 * f7
+ f9_2 := 2 * f9
+
+ g0 := int64(g[0])
+ g1 := int64(g[1])
+ g2 := int64(g[2])
+ g3 := int64(g[3])
+ g4 := int64(g[4])
+ g5 := int64(g[5])
+ g6 := int64(g[6])
+ g7 := int64(g[7])
+ g8 := int64(g[8])
+ g9 := int64(g[9])
+
+ g1_19 := 19 * g1 /* 1.4*2^29 */
+ g2_19 := 19 * g2 /* 1.4*2^30; still ok */
+ g3_19 := 19 * g3
+ g4_19 := 19 * g4
+ g5_19 := 19 * g5
+ g6_19 := 19 * g6
+ g7_19 := 19 * g7
+ g8_19 := 19 * g8
+ g9_19 := 19 * g9
+
+ h0 := f0*g0 + f1_2*g9_19 + f2*g8_19 + f3_2*g7_19 + f4*g6_19 + f5_2*g5_19 + f6*g4_19 + f7_2*g3_19 + f8*g2_19 + f9_2*g1_19
+ h1 := f0*g1 + f1*g0 + f2*g9_19 + f3*g8_19 + f4*g7_19 + f5*g6_19 + f6*g5_19 + f7*g4_19 + f8*g3_19 + f9*g2_19
+ h2 := f0*g2 + f1_2*g1 + f2*g0 + f3_2*g9_19 + f4*g8_19 + f5_2*g7_19 + f6*g6_19 + f7_2*g5_19 + f8*g4_19 + f9_2*g3_19
+ h3 := f0*g3 + f1*g2 + f2*g1 + f3*g0 + f4*g9_19 + f5*g8_19 + f6*g7_19 + f7*g6_19 + f8*g5_19 + f9*g4_19
+ h4 := f0*g4 + f1_2*g3 + f2*g2 + f3_2*g1 + f4*g0 + f5_2*g9_19 + f6*g8_19 + f7_2*g7_19 + f8*g6_19 + f9_2*g5_19
+ h5 := f0*g5 + f1*g4 + f2*g3 + f3*g2 + f4*g1 + f5*g0 + f6*g9_19 + f7*g8_19 + f8*g7_19 + f9*g6_19
+ h6 := f0*g6 + f1_2*g5 + f2*g4 + f3_2*g3 + f4*g2 + f5_2*g1 + f6*g0 + f7_2*g9_19 + f8*g8_19 + f9_2*g7_19
+ h7 := f0*g7 + f1*g6 + f2*g5 + f3*g4 + f4*g3 + f5*g2 + f6*g1 + f7*g0 + f8*g9_19 + f9*g8_19
+ h8 := f0*g8 + f1_2*g7 + f2*g6 + f3_2*g5 + f4*g4 + f5_2*g3 + f6*g2 + f7_2*g1 + f8*g0 + f9_2*g9_19
+ h9 := f0*g9 + f1*g8 + f2*g7 + f3*g6 + f4*g5 + f5*g4 + f6*g3 + f7*g2 + f8*g1 + f9*g0
FeCombine(h, h0, h1, h2, h3, h4, h5, h6, h7, h8, h9)
}
func feSquare(f *FieldElement) (h0, h1, h2, h3, h4, h5, h6, h7, h8, h9 int64) {
- f0_2 := 2 * f[0]
- f1_2 := 2 * f[1]
- f2_2 := 2 * f[2]
- f3_2 := 2 * f[3]
- f4_2 := 2 * f[4]
- f5_2 := 2 * f[5]
- f6_2 := 2 * f[6]
- f7_2 := 2 * f[7]
- f5_38 := 38 * f[5] // 1.31*2^30
- f6_19 := 19 * f[6] // 1.31*2^30
- f7_38 := 38 * f[7] // 1.31*2^30
- f8_19 := 19 * f[8] // 1.31*2^30
- f9_38 := 38 * f[9] // 1.31*2^30
- f0f0 := int64(f[0]) * int64(f[0])
- f0f1_2 := int64(f0_2) * int64(f[1])
- f0f2_2 := int64(f0_2) * int64(f[2])
- f0f3_2 := int64(f0_2) * int64(f[3])
- f0f4_2 := int64(f0_2) * int64(f[4])
- f0f5_2 := int64(f0_2) * int64(f[5])
- f0f6_2 := int64(f0_2) * int64(f[6])
- f0f7_2 := int64(f0_2) * int64(f[7])
- f0f8_2 := int64(f0_2) * int64(f[8])
- f0f9_2 := int64(f0_2) * int64(f[9])
- f1f1_2 := int64(f1_2) * int64(f[1])
- f1f2_2 := int64(f1_2) * int64(f[2])
- f1f3_4 := int64(f1_2) * int64(f3_2)
- f1f4_2 := int64(f1_2) * int64(f[4])
- f1f5_4 := int64(f1_2) * int64(f5_2)
- f1f6_2 := int64(f1_2) * int64(f[6])
- f1f7_4 := int64(f1_2) * int64(f7_2)
- f1f8_2 := int64(f1_2) * int64(f[8])
- f1f9_76 := int64(f1_2) * int64(f9_38)
- f2f2 := int64(f[2]) * int64(f[2])
- f2f3_2 := int64(f2_2) * int64(f[3])
- f2f4_2 := int64(f2_2) * int64(f[4])
- f2f5_2 := int64(f2_2) * int64(f[5])
- f2f6_2 := int64(f2_2) * int64(f[6])
- f2f7_2 := int64(f2_2) * int64(f[7])
- f2f8_38 := int64(f2_2) * int64(f8_19)
- f2f9_38 := int64(f[2]) * int64(f9_38)
- f3f3_2 := int64(f3_2) * int64(f[3])
- f3f4_2 := int64(f3_2) * int64(f[4])
- f3f5_4 := int64(f3_2) * int64(f5_2)
- f3f6_2 := int64(f3_2) * int64(f[6])
- f3f7_76 := int64(f3_2) * int64(f7_38)
- f3f8_38 := int64(f3_2) * int64(f8_19)
- f3f9_76 := int64(f3_2) * int64(f9_38)
- f4f4 := int64(f[4]) * int64(f[4])
- f4f5_2 := int64(f4_2) * int64(f[5])
- f4f6_38 := int64(f4_2) * int64(f6_19)
- f4f7_38 := int64(f[4]) * int64(f7_38)
- f4f8_38 := int64(f4_2) * int64(f8_19)
- f4f9_38 := int64(f[4]) * int64(f9_38)
- f5f5_38 := int64(f[5]) * int64(f5_38)
- f5f6_38 := int64(f5_2) * int64(f6_19)
- f5f7_76 := int64(f5_2) * int64(f7_38)
- f5f8_38 := int64(f5_2) * int64(f8_19)
- f5f9_76 := int64(f5_2) * int64(f9_38)
- f6f6_19 := int64(f[6]) * int64(f6_19)
- f6f7_38 := int64(f[6]) * int64(f7_38)
- f6f8_38 := int64(f6_2) * int64(f8_19)
- f6f9_38 := int64(f[6]) * int64(f9_38)
- f7f7_38 := int64(f[7]) * int64(f7_38)
- f7f8_38 := int64(f7_2) * int64(f8_19)
- f7f9_76 := int64(f7_2) * int64(f9_38)
- f8f8_19 := int64(f[8]) * int64(f8_19)
- f8f9_38 := int64(f[8]) * int64(f9_38)
- f9f9_38 := int64(f[9]) * int64(f9_38)
- h0 = f0f0 + f1f9_76 + f2f8_38 + f3f7_76 + f4f6_38 + f5f5_38
- h1 = f0f1_2 + f2f9_38 + f3f8_38 + f4f7_38 + f5f6_38
- h2 = f0f2_2 + f1f1_2 + f3f9_76 + f4f8_38 + f5f7_76 + f6f6_19
- h3 = f0f3_2 + f1f2_2 + f4f9_38 + f5f8_38 + f6f7_38
- h4 = f0f4_2 + f1f3_4 + f2f2 + f5f9_76 + f6f8_38 + f7f7_38
- h5 = f0f5_2 + f1f4_2 + f2f3_2 + f6f9_38 + f7f8_38
- h6 = f0f6_2 + f1f5_4 + f2f4_2 + f3f3_2 + f7f9_76 + f8f8_19
- h7 = f0f7_2 + f1f6_2 + f2f5_2 + f3f4_2 + f8f9_38
- h8 = f0f8_2 + f1f7_4 + f2f6_2 + f3f5_4 + f4f4 + f9f9_38
- h9 = f0f9_2 + f1f8_2 + f2f7_2 + f3f6_2 + f4f5_2
+ f0 := int64(f[0])
+ f1 := int64(f[1])
+ f2 := int64(f[2])
+ f3 := int64(f[3])
+ f4 := int64(f[4])
+ f5 := int64(f[5])
+ f6 := int64(f[6])
+ f7 := int64(f[7])
+ f8 := int64(f[8])
+ f9 := int64(f[9])
+ f0_2 := 2 * f0
+ f1_2 := 2 * f1
+ f2_2 := 2 * f2
+ f3_2 := 2 * f3
+ f4_2 := 2 * f4
+ f5_2 := 2 * f5
+ f6_2 := 2 * f6
+ f7_2 := 2 * f7
+ f5_38 := 38 * f5 // 1.31*2^30
+ f6_19 := 19 * f6 // 1.31*2^30
+ f7_38 := 38 * f7 // 1.31*2^30
+ f8_19 := 19 * f8 // 1.31*2^30
+ f9_38 := 38 * f9 // 1.31*2^30
+
+ h0 = f0*f0 + f1_2*f9_38 + f2_2*f8_19 + f3_2*f7_38 + f4_2*f6_19 + f5*f5_38
+ h1 = f0_2*f1 + f2*f9_38 + f3_2*f8_19 + f4*f7_38 + f5_2*f6_19
+ h2 = f0_2*f2 + f1_2*f1 + f3_2*f9_38 + f4_2*f8_19 + f5_2*f7_38 + f6*f6_19
+ h3 = f0_2*f3 + f1_2*f2 + f4*f9_38 + f5_2*f8_19 + f6*f7_38
+ h4 = f0_2*f4 + f1_2*f3_2 + f2*f2 + f5_2*f9_38 + f6_2*f8_19 + f7*f7_38
+ h5 = f0_2*f5 + f1_2*f4 + f2_2*f3 + f6*f9_38 + f7_2*f8_19
+ h6 = f0_2*f6 + f1_2*f5_2 + f2_2*f4 + f3_2*f3 + f7_2*f9_38 + f8*f8_19
+ h7 = f0_2*f7 + f1_2*f6 + f2_2*f5 + f3_2*f4 + f8*f9_38
+ h8 = f0_2*f8 + f1_2*f7_2 + f2_2*f6 + f3_2*f5_2 + f4*f4 + f9*f9_38
+ h9 = f0_2*f9 + f1_2*f8 + f2_2*f7 + f3_2*f6 + f4_2*f5
+
return
}