1 /* Arithmetic in prime fields
2 * Daniel Beer <dlbeer@gmail.com>, 10 Jan 2014
4 * This file is in the public domain.
13 /* Maximum size of a field element (or a prime). Field elements are
14 * always manipulated and stored in normalized form, with 0 <= x < p.
15 * You can use normalize() to convert a denormalized bitstring to normal
18 * Operations are constant with respect to the value of field elements,
19 * but not with respect to the modulus.
21 * The modulus is a number p, such that 2p-1 fits in FPRIME_SIZE bytes.
23 #define FPRIME_SIZE 32
25 /* Load a large constant */
26 void fprime_from_bytes(uint8_t *x
,
27 const uint8_t *in
, size_t len
,
28 const uint8_t *modulus
);
31 static inline void fprime_copy(uint8_t *x
, const uint8_t *a
)
33 memcpy(x
, a
, FPRIME_SIZE
);
36 /* Compare two field points in constant time. Return one if equal, zero
37 * otherwise. This should be performed only on normalized values.
39 uint8_t fprime_eq(const uint8_t *x
, const uint8_t *y
);
41 /* Conditional copy. If condition == 0, then zero is copied to dst. If
42 * condition == 1, then one is copied to dst. Any other value results in
43 * undefined behaviour.
45 void fprime_select(uint8_t *dst
,
46 const uint8_t *zero
, const uint8_t *one
,
49 /* Add one value to another. The two pointers must be distinct. */
50 void fprime_add(uint8_t *r
, const uint8_t *a
, const uint8_t *modulus
);
52 /* Multiply two values to get a third. r must be distinct from a and b */
53 void fprime_mul(uint8_t *r
, const uint8_t *a
, const uint8_t *b
,
54 const uint8_t *modulus
);