LCOV - code coverage report
Current view: top level - externals/compact25519/src/c25519 - f25519.h (source / functions) Hit Total Coverage
Test: lcov.info Lines: 3 3 100.0 %
Date: 2024-09-16 20:15:30 Functions: 1 1 100.0 %
Legend: Lines: hit not hit | Branches: + taken - not taken # not executed Branches: 0 0 - 

           Branch data     Line data    Source code
       1                 :            : /* Arithmetic mod p = 2^255-19
       2                 :            :  * Daniel Beer <dlbeer@gmail.com>, 8 Jan 2014
       3                 :            :  *
       4                 :            :  * This file is in the public domain.
       5                 :            :  */
       6                 :            : 
       7                 :            : #ifndef F25519_H_
       8                 :            : #define F25519_H_
       9                 :            : 
      10                 :            : #include <stdint.h>
      11                 :            : #include <string.h>
      12                 :            : 
      13                 :            : /* Field elements are represented as little-endian byte strings. All
      14                 :            :  * operations have timings which are independent of input data, so they
      15                 :            :  * can be safely used for cryptography.
      16                 :            :  *
      17                 :            :  * Computation is performed on un-normalized elements. These are byte
      18                 :            :  * strings which fall into the range 0 <= x < 2p. Use f25519_normalize()
      19                 :            :  * to convert to a value 0 <= x < p.
      20                 :            :  *
      21                 :            :  * Elements received from the outside may greater even than 2p.
      22                 :            :  * f25519_normalize() will correctly deal with these numbers too.
      23                 :            :  */
      24                 :            : #define F25519_SIZE  32
      25                 :            : 
      26                 :            : /* Identity constants */
      27                 :            : #ifdef FULL_C25519_CODE
      28                 :            : extern const uint8_t f25519_zero[F25519_SIZE];
      29                 :            : #endif
      30                 :            : extern const uint8_t f25519_one[F25519_SIZE];
      31                 :            : 
      32                 :            : /* Load a small constant */
      33                 :            : void f25519_load(uint8_t *x, uint32_t c);
      34                 :            : 
      35                 :            : /* Copy two points */
      36                 :         28 : static inline void f25519_copy(uint8_t *x, const uint8_t *a)
      37                 :            : {
      38                 :         28 :         memcpy(x, a, F25519_SIZE);
      39                 :         28 : }
      40                 :            : 
      41                 :            : /* Normalize a field point x < 2*p by subtracting p if necessary */
      42                 :            : void f25519_normalize(uint8_t *x);
      43                 :            : 
      44                 :            : /* Compare two field points in constant time. Return one if equal, zero
      45                 :            :  * otherwise. This should be performed only on normalized values.
      46                 :            :  */
      47                 :            : uint8_t f25519_eq(const uint8_t *x, const uint8_t *y);
      48                 :            : 
      49                 :            : /* Conditional copy. If condition == 0, then zero is copied to dst. If
      50                 :            :  * condition == 1, then one is copied to dst. Any other value results in
      51                 :            :  * undefined behaviour.
      52                 :            :  */
      53                 :            : void f25519_select(uint8_t *dst,
      54                 :            :                    const uint8_t *zero, const uint8_t *one,
      55                 :            :                    uint8_t condition);
      56                 :            : 
      57                 :            : /* Add/subtract two field points. The three pointers are not required to
      58                 :            :  * be distinct.
      59                 :            :  */
      60                 :            : void f25519_add(uint8_t *r, const uint8_t *a, const uint8_t *b);
      61                 :            : void f25519_sub(uint8_t *r, const uint8_t *a, const uint8_t *b);
      62                 :            : 
      63                 :            : /* Unary negation */
      64                 :            : void f25519_neg(uint8_t *r, const uint8_t *a);
      65                 :            : 
      66                 :            : /* Multiply two field points. The __distinct variant is used when r is
      67                 :            :  * known to be in a different location to a and b.
      68                 :            :  */
      69                 :            : #ifdef FULL_C25519_CODE
      70                 :            : void f25519_mul(uint8_t *r, const uint8_t *a, const uint8_t *b);
      71                 :            : #endif
      72                 :            : void f25519_mul__distinct(uint8_t *r, const uint8_t *a, const uint8_t *b);
      73                 :            : 
      74                 :            : /* Multiply a point by a small constant. The two pointers are not
      75                 :            :  * required to be distinct.
      76                 :            :  *
      77                 :            :  * The constant must be less than 2^24.
      78                 :            :  */
      79                 :            : void f25519_mul_c(uint8_t *r, const uint8_t *a, uint32_t b);
      80                 :            : 
      81                 :            : /* Take the reciprocal of a field point. The __distinct variant is used
      82                 :            :  * when r is known to be in a different location to x.
      83                 :            :  */
      84                 :            : #ifdef FULL_C25519_CODE
      85                 :            : void f25519_inv(uint8_t *r, const uint8_t *x);
      86                 :            : #endif
      87                 :            : void f25519_inv__distinct(uint8_t *r, const uint8_t *x);
      88                 :            : 
      89                 :            : /* Compute one of the square roots of the field element, if the element
      90                 :            :  * is square. The other square is -r.
      91                 :            :  *
      92                 :            :  * If the input is not square, the returned value is a valid field
      93                 :            :  * element, but not the correct answer. If you don't already know that
      94                 :            :  * your element is square, you should square the return value and test.
      95                 :            :  */
      96                 :            : void f25519_sqrt(uint8_t *r, const uint8_t *x);
      97                 :            : 
      98                 :            : #endif

Generated by: LCOV version 1.14