ChrisChrome/ccryptolib
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Replace ✕ with ×

Browse source
This commit is contained in:
Miguel Oliveira 2022-04-04 23:33:54 -03:00
parent 2fe2a37ca3
commit 4cf7c2e989
No known key found for this signature in database
GPG key ID: 2C2BE789E1377025
2 changed files with 25 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
internal/fp.lua
View file

@ -210,7 +210,7 @@ end
-- --
-- @tparam fp2 a -- @tparam fp2 a
-- @tparam fp2 b -- @tparam fp2 b
-- @treturn fp1 c ≡ a b (mod p). -- @treturn fp1 c ≡ a × b (mod p).
-- --
local function mul(a, b) local function mul(a, b)
local a00, a01, a02, a03, a04, a05, a06, a07, a08, a09, a10, a11 = unpack(a) local a00, a01, a02, a03, a04, a05, a06, a07, a08, a09, a10, a11 = unpack(a)
@ -564,7 +564,7 @@ end
-- --
-- @tparam fp2 a -- @tparam fp2 a
-- @tparam number k A number k in [0..2²²). -- @tparam number k A number k in [0..2²²).
-- @treturn fp1 c ≡ a k (mod p). -- @treturn fp1 c ≡ a × k (mod p).
-- --
local function kmul(a, k) local function kmul(a, k)
local a00, a01, a02, a03, a04, a05, a06, a07, a08, a09, a10, a11 = unpack(a) local a00, a01, a02, a03, a04, a05, a06, a07, a08, a09, a10, a11 = unpack(a)

46
internal/fq.lua
View file

@ -61,7 +61,7 @@ local T1 = {
--- Carries a number in base 2²⁴. --- Carries a number in base 2²⁴.
-- --
-- @tparam {number...} a A number 0 <= a < 2 ^ (24 (#a + 1)) as limbs in -- @tparam {number...} a A number 0 <= a < 2 ^ (24 × (#a + 1)) as limbs in
-- [-2⁵²..2⁵²]. -- [-2⁵²..2⁵²].
-- @treturn {number...} a as #a + 1 limbs in [0..2²⁴). -- @treturn {number...} a as #a + 1 limbs in [0..2²⁴).
-- --
@ -98,7 +98,7 @@ end
-- --
-- @tparam {number...} a An array of 11 limbs in [0..2²⁴). -- @tparam {number...} a An array of 11 limbs in [0..2²⁴).
-- @tparam {number...} b An array of 11 limbs in [0..2²⁴). -- @tparam {number...} b An array of 11 limbs in [0..2²⁴).
-- @treturn {number...} a b as 22 limbs in [0..2²⁴). -- @treturn {number...} a × b as 22 limbs in [0..2²⁴).
-- --
local function intMul(a, b) local function intMul(a, b)
local c = {} local c = {}
@ -110,8 +110,8 @@ local function intMul(a, b)
end end
end end
-- {a, b} < 2²⁶⁴ means that c < 2⁵²⁸ = 2 ^ (24 (21 + 1)). -- {a, b} < 2²⁶⁴ means that c < 2⁵²⁸ = 2 ^ (24 × (21 + 1)).
-- c's limbs are smaller than 2⁴⁸ 11 < 2⁵², since multiplication doubles -- c's limbs are smaller than 2⁴⁸ × 11 < 2⁵², since multiplication doubles
-- bit length, and 11 multiplied limbs are added together. -- bit length, and 11 multiplied limbs are added together.
return carry(c) return carry(c)
end end
@ -138,7 +138,7 @@ local function reduce(a)
end end
-- c >= q means c - q >= 0. -- c >= q means c - q >= 0.
-- Since q < 2²⁸⁸, c < 2q means c - q < q < 2²⁸⁸ = 2^(24 (11 + 1)). -- Since q < 2²⁸⁸, c < 2q means c - q < q < 2²⁸⁸ = 2^(24 × (11 + 1)).
-- c's limbs fit in [-2²⁵..2²⁵], since subtraction adds at most one bit. -- c's limbs fit in [-2²⁵..2²⁵], since subtraction adds at most one bit.
local cc = carry(c) local cc = carry(c)
cc[12] = nil -- cc < q implies that cc[12] = 0. cc[12] = nil -- cc < q implies that cc[12] = 0.
@ -148,7 +148,7 @@ end
--- Adds two scalars mod q. --- Adds two scalars mod q.
-- --
-- If the two operands are in Montgomery form, returns the correct result also -- If the two operands are in Montgomery form, returns the correct result also
-- in Montgomery form, since (2²⁶⁴ ✕ a) + (2²⁶⁴ ✕ b) ≡ 2²⁶⁴ ✕ (a + b) (mod q). -- in Montgomery form, since (2²⁶⁴ × a) + (2²⁶⁴ × b) ≡ 2²⁶⁴ × (a + b) (mod q).
-- --
-- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴). -- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴).
-- @tparam {number...} b A number b < q as 11 limbs in [0..2²⁴). -- @tparam {number...} b A number b < q as 11 limbs in [0..2²⁴).
@ -169,7 +169,7 @@ local function neg(a)
c[i] = Q[i] - a[i] c[i] = Q[i] - a[i]
end end
-- 0 < c < q implies 0 < q - c < q < 2²⁸⁸ = 2^(24 (11 + 1)). -- 0 < c < q implies 0 < q - c < q < 2²⁸⁸ = 2^(24 × (11 + 1)).
-- c's limbs fit in [-2²⁵..2²⁵], since subtraction adds at most one bit. -- c's limbs fit in [-2²⁵..2²⁵], since subtraction adds at most one bit.
-- q - c < q also implies q - c < 2q. -- q - c < q also implies q - c < 2q.
return reduce(carry(c)) return reduce(carry(c))
@ -177,8 +177,8 @@ end
--- Given a scalar a, computes 2⁻²⁶⁴ a mod q. --- Given a scalar a, computes 2⁻²⁶⁴ a mod q.
-- --
-- @tparam {number...} a A number a < 2²⁶⁴ q as 22 limbs in [0..2²⁴). -- @tparam {number...} a A number a < 2²⁶⁴ × q as 22 limbs in [0..2²⁴).
-- @treturn {number...} 2⁻²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2⁻²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- --
local function redc(a) local function redc(a)
local al = {unpack(a, 1, 11)} local al = {unpack(a, 1, 11)}
@ -192,29 +192,29 @@ end
--- Converts a scalar into Montgomery form. --- Converts a scalar into Montgomery form.
-- --
-- @tparam {number...} a A number a as 11 limbs in [0..2²⁴). -- @tparam {number...} a A number a as 11 limbs in [0..2²⁴).
-- @treturn {number...} 2²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- --
local function montgomery(a) local function montgomery(a)
-- a < 2²⁶⁴ and T1 < q imply that a ✕ T1 < 2²⁶⁴ ✕ q. -- a < 2²⁶⁴ and T1 < q imply that a × T1 < 2²⁶⁴ × q.
return redc(intMul(a, T1)) return redc(intMul(a, T1))
end end
--- Converts a scalar from Montgomery form. --- Converts a scalar from Montgomery form.
-- --
-- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴). -- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴).
-- @treturn {number...} 2⁻²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2⁻²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- --
local function demontgomery(a) local function demontgomery(a)
a = {unpack(a)} a = {unpack(a)}
for i = 12, 22 do a[i] = 0 end for i = 12, 22 do a[i] = 0 end
-- a < q < 2²⁶⁴ q. -- a < q < 2²⁶⁴ × q.
return redc(a) return redc(a)
end end
--- Converts a Lua number to a scalar. --- Converts a Lua number to a scalar.
-- --
-- @tparam number n A number n in [0..2²⁴). -- @tparam number n A number n in [0..2²⁴).
-- @treturn {number...} 2²⁶⁴ n mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × n mod q as 11 limbs in [0..2²⁴).
-- --
local function num(n) local function num(n)
return montgomery({n, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}) return montgomery({n, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0})
@ -222,18 +222,18 @@ end
--- Multiplies two scalars mod q. --- Multiplies two scalars mod q.
-- --
-- @tparam {number...} a 2²⁶⁴ a' mod q as 11 limbs in [0..2²⁴). -- @tparam {number...} a 2²⁶⁴ × a' mod q as 11 limbs in [0..2²⁴).
-- @tparam {number...} b 2²⁶⁴ b' mod q as 11 limbs in [0..2²⁴). -- @tparam {number...} b 2²⁶⁴ × b' mod q as 11 limbs in [0..2²⁴).
-- @treturn {number...} 2²⁶⁴ ✕ a' ✕ b' mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × a' × b' mod q as 11 limbs in [0..2²⁴).
-- --
local function mul(a, b) local function mul(a, b)
-- {a, b} < q so a ✕ b < q² < 2²⁶⁴ ✕ q. -- {a, b} < q so a × b < q² < 2²⁶⁴ × q.
return redc(intMul(a, b)) return redc(intMul(a, b))
end end
--- Encodes a scalar. --- Encodes a scalar.
-- --
-- @tparam {number...} a A number 2²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @tparam {number...} a A number 2²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- @treturn string The 32-byte string encoding of a. -- @treturn string The 32-byte string encoding of a.
-- --
local function encode(a) local function encode(a)
@ -243,7 +243,7 @@ end
--- Decodes a scalar. --- Decodes a scalar.
-- --
-- @tparam string str A 32-byte string encoding some little-endian number a. -- @tparam string str A 32-byte string encoding some little-endian number a.
-- @treturn {number...} 2²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- --
local function decode(str) local function decode(str)
local dec = {("<I3I3I3I3I3I3I3I3I3I3I2"):unpack(str)} dec[12] = nil local dec = {("<I3I3I3I3I3I3I3I3I3I3I2"):unpack(str)} dec[12] = nil
@ -253,7 +253,7 @@ end
--- Decodes a scalar from a "wide" string. --- Decodes a scalar from a "wide" string.
-- --
-- @tparam string str A 64-byte string encoding some little-endian number a. -- @tparam string str A 64-byte string encoding some little-endian number a.
-- @treturn {number...} 2²⁶⁴ a mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × a mod q as 11 limbs in [0..2²⁴).
-- --
local function decodeWide(str) local function decodeWide(str)
local low = {("<I3I3I3I3I3I3I3I3I3I3I3"):unpack(str)} low[12] = nil local low = {("<I3I3I3I3I3I3I3I3I3I3I3"):unpack(str)} low[12] = nil
@ -264,7 +264,7 @@ end
--- Decodes a scalar using the X25519/Ed25519 bit clamping scheme. --- Decodes a scalar using the X25519/Ed25519 bit clamping scheme.
-- --
-- @tparam string str A 32-byte string encoding some little-endian number a. -- @tparam string str A 32-byte string encoding some little-endian number a.
-- @treturn {number...} 2²⁶⁴ clamp(a) mod q as 11 limbs in [0..2²⁴). -- @treturn {number...} 2²⁶⁴ × clamp(a) mod q as 11 limbs in [0..2²⁴).
-- --
local function decodeClamped(str) local function decodeClamped(str)
-- Decode. -- Decode.
@ -281,7 +281,7 @@ end
--- Returns a scalar in binary. --- Returns a scalar in binary.
-- --
-- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴). -- @tparam {number...} a A number a < q as 11 limbs in [0..2²⁴).
-- @treturn {number...} 2⁻²⁶⁴ a mod q as 265 bits. -- @treturn {number...} 2⁻²⁶⁴ × a mod q as 265 bits.
-- --
local function bits(a) local function bits(a)
return util.rebaseLE(demontgomery(a), 2 ^ 24, 2) return util.rebaseLE(demontgomery(a), 2 ^ 24, 2)