Skip to content

Commit

Permalink
Generate code for the scalar field of standard curves (#1259)
Browse files Browse the repository at this point in the history 
fiat-crypto is already used for arithmetic on scalars, at least
by the Zig standard library and in Rust (p384_rs, being merged
into the p384 crate as we speak).

So it may be useful to pregenerate and test this in fiat-crypto.

This change adds support for the curve25519, p256, secp256k1
and p384 scalar fields.
  • Loading branch information
@jedisct1
jedisct1 authored May 31, 2022
1 parent 3ee1d93 commit 3f421f1
Show file tree
Hide file tree
Showing 55 changed files with 777,652 additions and 2 deletions.
8 changes: 7 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,8 +292,14 @@ $(foreach bw,64 32,$(eval $(call add_curve_keys,p384_$(bw),WORD_BY_WORD_MONTGOME
$(foreach bw,64 32,$(eval $(call add_curve_keys,p224_$(bw),WORD_BY_WORD_MONTGOMERY,'p224',$(bw),'2^224 - 2^96 + 1',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY)))
$(foreach bw,64,$(eval $(call add_curve_keys,p434_$(bw),WORD_BY_WORD_MONTGOMERY,'p434',$(bw),'2^216 * 3^137 - 1',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY))) # 32 is a bit too heavy

$(foreach bw,64 32,$(eval $(call add_curve_keys,curve25519_scalar_$(bw),WORD_BY_WORD_MONTGOMERY,'25519_scalar',$(bw),'2^252 + 27742317777372353535851937790883648493',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY)))
$(foreach bw,64 32,$(eval $(call add_curve_keys,p256_scalar_$(bw),WORD_BY_WORD_MONTGOMERY,'p256_scalar',$(bw),'2^256 - 2^224 + 2^192 - 89188191075325690597107910205041859247',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY)))
$(foreach bw,64 32,$(eval $(call add_curve_keys,p384_scalar_$(bw),WORD_BY_WORD_MONTGOMERY,'p384_scalar',$(bw),'2^384 - 1388124618062372383947042015309946732620727252194336364173',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY)))
$(foreach bw,64 32,$(eval $(call add_curve_keys,secp256k1_scalar_$(bw),WORD_BY_WORD_MONTGOMERY,'secp256k1_scalar',$(bw),'2^256 - 432420386565659656852420866394968145599',$(WORD_BY_WORD_MONTGOMERY_FUNCTIONS),WORD_BY_WORD_MONTGOMERY)))

# Files taking 30s or less
LITE_BASE_FILES := curve25519_64 poly1305_64 poly1305_32 p256_64 secp256k1_64 p384_64 p224_32 p434_64 p448_solinas_64 secp256k1_32 p256_32 p448_solinas_32
LITE_BASE_FILES := curve25519_64 poly1305_64 poly1305_32 p256_64 secp256k1_64 p384_64 p224_32 p434_64 p448_solinas_64 secp256k1_32 p256_32 p448_solinas_32 \
curve25519_scalar_64 p256_scalar_64 secp256k1_scalar_64 p384_scalar_64 secp256k1_scalar_32 p256_scalar_32

EXTRA_C_FILES := inversion/c/*_test.c

Expand Down
6 changes: 5 additions & 1 deletion fiat-amd64/gentest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,15 @@ def removeprefix(s, prefix):
poly1305=('3', '2^130 - 5'))

montgomeryprimes = dict(
curve25519_scalar='2^252 + 27742317777372353535851937790883648493',
p224='2^224 - 2^96 + 1',
p256='2^256 - 2^224 + 2^192 + 2^96 - 1',
p256_scalar='2^256 - 2^224 + 2^192 - 89188191075325690597107910205041859247',
p384='2^384 - 2^128 - 2^96 + 2^32 - 1',
p384_scalar='2^384 - 1388124618062372383947042015309946732620727252194336364173',
p434='2^216 * 3^137 - 1',
secp256k1='2^256 - 2^32 - 977')
secp256k1='2^256 - 2^32 - 977',
secp256k1_scalar='2^256 - 432420386565659656852420866394968145599')

output_makefile = ('--makefile' in sys.argv[1:])
asm_files = tuple(i for i in sys.argv[1:] if i not in ('--makefile',))
Expand Down
4,976 changes: 4,976 additions & 0 deletions fiat-bedrock2/src/curve25519_scalar_32.c
View file

Large diffs are not rendered by default.

1,984 changes: 1,984 additions & 0 deletions fiat-bedrock2/src/curve25519_scalar_64.c
View file

Large diffs are not rendered by default.

5,562 changes: 5,562 additions & 0 deletions fiat-bedrock2/src/p256_scalar_32.c
View file

Large diffs are not rendered by default.

2,163 changes: 2,163 additions & 0 deletions fiat-bedrock2/src/p256_scalar_64.c
View file

Large diffs are not rendered by default.

11,823 changes: 11,823 additions & 0 deletions fiat-bedrock2/src/p384_scalar_32.c
View file

Large diffs are not rendered by default.

3,867 changes: 3,867 additions & 0 deletions fiat-bedrock2/src/p384_scalar_64.c
View file

Large diffs are not rendered by default.

5,871 changes: 5,871 additions & 0 deletions fiat-bedrock2/src/secp256k1_scalar_32.c
View file

Large diffs are not rendered by default.

2,175 changes: 2,175 additions & 0 deletions fiat-bedrock2/src/secp256k1_scalar_64.c
View file

Large diffs are not rendered by default.

Loading

0 comments on commit 3f421f1

Please sign in to comment.