LEFT | RIGHT |
1 // Copyright 2012 The Go Authors. All rights reserved. | 1 // Copyright 2012 The Go Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
4 | 4 |
5 // +build amd64,!gccgo | 5 // +build amd64,!gccgo |
6 | 6 |
7 package curve25519 | 7 package curve25519 |
8 | 8 |
9 // These functions are implemented in the .s files. The names of the functions | 9 // These functions are implemented in the .s files. The names of the functions |
10 // in the rest of the file are also taken from the SUPERCOP sources to help | 10 // in the rest of the file are also taken from the SUPERCOP sources to help |
11 // people following along. | 11 // people following along. |
12 | 12 |
13 //go:noescape | 13 //go:noescape |
| 14 |
14 func cswap(inout *[5]uint64, v uint64) | 15 func cswap(inout *[5]uint64, v uint64) |
15 | 16 |
16 //go:noescape | 17 //go:noescape |
| 18 |
17 func ladderstep(inout *[5][5]uint64) | 19 func ladderstep(inout *[5][5]uint64) |
18 | 20 |
19 //go:noescape | 21 //go:noescape |
| 22 |
20 func freeze(inout *[5]uint64) | 23 func freeze(inout *[5]uint64) |
21 | 24 |
22 //go:noescape | 25 //go:noescape |
| 26 |
23 func mul(dest, a, b *[5]uint64) | 27 func mul(dest, a, b *[5]uint64) |
24 | 28 |
25 //go:noescape | 29 //go:noescape |
| 30 |
26 func square(out, in *[5]uint64) | 31 func square(out, in *[5]uint64) |
27 | 32 |
28 // mladder uses a Montgomery ladder to calculate (xr/zr) *= s. | 33 // mladder uses a Montgomery ladder to calculate (xr/zr) *= s. |
29 func mladder(xr, zr *[5]uint64, s *[32]byte) { | 34 func mladder(xr, zr *[5]uint64, s *[32]byte) { |
30 var work [5][5]uint64 | 35 var work [5][5]uint64 |
31 | 36 |
32 work[0] = *xr | 37 work[0] = *xr |
33 setint(&work[1], 1) | 38 setint(&work[1], 1) |
34 setint(&work[2], 0) | 39 setint(&work[2], 0) |
35 work[3] = *xr | 40 work[3] = *xr |
(...skipping 190 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
226 | 231 |
227 square(&t, &t) /* 2^251 - 2^1 */ | 232 square(&t, &t) /* 2^251 - 2^1 */ |
228 square(&t, &t) /* 2^252 - 2^2 */ | 233 square(&t, &t) /* 2^252 - 2^2 */ |
229 square(&t, &t) /* 2^253 - 2^3 */ | 234 square(&t, &t) /* 2^253 - 2^3 */ |
230 | 235 |
231 square(&t, &t) /* 2^254 - 2^4 */ | 236 square(&t, &t) /* 2^254 - 2^4 */ |
232 | 237 |
233 square(&t, &t) /* 2^255 - 2^5 */ | 238 square(&t, &t) /* 2^255 - 2^5 */ |
234 mul(r, &t, &z11) /* 2^255 - 21 */ | 239 mul(r, &t, &z11) /* 2^255 - 21 */ |
235 } | 240 } |
LEFT | RIGHT |