From 4aebd8010533bd0aec2886ed8b61bedb8692f30a Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Tue, 21 May 2019 16:31:50 -0600 Subject: [PATCH 1/2] Change AffinePoint::to_niels to be a const fn. --- src/fq.rs | 25 +++++++++++++++---------- src/lib.rs | 8 ++++---- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/src/fq.rs b/src/fq.rs index 2aeaab0..e31b32f 100644 --- a/src/fq.rs +++ b/src/fq.rs @@ -109,14 +109,7 @@ impl<'a, 'b> Add<&'b Fq> for &'a Fq { #[inline] fn add(self, rhs: &'b Fq) -> Fq { - let (d0, carry) = adc(self.0[0], rhs.0[0], 0); - let (d1, carry) = adc(self.0[1], rhs.0[1], carry); - let (d2, carry) = adc(self.0[2], rhs.0[2], carry); - let (d3, _) = adc(self.0[3], rhs.0[3], carry); - - // Attempt to subtract the modulus, to ensure the value - // is smaller than the modulus. - Fq([d0, d1, d2, d3]) - &MODULUS + self.field_add(rhs) } } @@ -554,7 +547,7 @@ impl Fq { } #[inline] - const fn multiply(&self, rhs: &Self) -> Self { + pub(crate) const fn multiply(&self, rhs: &Self) -> Self { // Schoolbook multiplication let (r0, carry) = mac(0, self.0[0], rhs.0[0], 0); @@ -581,7 +574,7 @@ impl Fq { } #[inline] - const fn subtract(&self, rhs: &Self) -> Self { + pub(crate) const fn subtract(&self, rhs: &Self) -> Self { let (d0, borrow) = sbb(self.0[0], rhs.0[0], 0); let (d1, borrow) = sbb(self.0[1], rhs.0[1], borrow); let (d2, borrow) = sbb(self.0[2], rhs.0[2], borrow); @@ -596,6 +589,18 @@ impl Fq { Fq([d0, d1, d2, d3]) } + + #[inline] + pub(crate) const fn field_add(&self, rhs: &Self) -> Self { + let (d0, carry) = adc(self.0[0], rhs.0[0], 0); + let (d1, carry) = adc(self.0[1], rhs.0[1], carry); + let (d2, carry) = adc(self.0[2], rhs.0[2], carry); + let (d3, _) = adc(self.0[3], rhs.0[3], carry); + + // Attempt to subtract the modulus, to ensure the value + // is smaller than the modulus. + Fq([d0, d1, d2, d3]).subtract(&MODULUS) + } } impl<'a> From<&'a Fq> for [u8; 32] { diff --git a/src/lib.rs b/src/lib.rs index 93c356d..515ec7b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -371,11 +371,11 @@ impl AffinePoint { /// Performs a pre-processing step that produces an `AffineNielsPoint` /// for use in multiple additions. - pub fn to_niels(&self) -> AffineNielsPoint { + pub const fn to_niels(&self) -> AffineNielsPoint { AffineNielsPoint { - v_plus_u: &self.v + &self.u, - v_minus_u: &self.v - &self.u, - t2d: &self.u * &self.v * EDWARDS_D2, + v_plus_u: self.v.field_add(&self.u), + v_minus_u: self.v.subtract(&self.u), + t2d: self.u.multiply(&self.v).multiply(&EDWARDS_D2) } } From 8c5adc370890e04c27ee9b1ad7332fd24a3d31d0 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Tue, 21 May 2019 16:32:08 -0600 Subject: [PATCH 2/2] cargo fmt --- src/fq.rs | 39 ++++++++++++++++++++++++++------------- src/fr.rs | 39 ++++++++++++++++++++++++++------------- src/lib.rs | 26 +++++++++++++++++--------- 3 files changed, 69 insertions(+), 35 deletions(-) diff --git a/src/fq.rs b/src/fq.rs index e31b32f..f62a893 100644 --- a/src/fq.rs +++ b/src/fq.rs @@ -692,7 +692,8 @@ fn test_from_bytes() { Fq::from_bytes([ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 - ]).unwrap(), + ]) + .unwrap(), Fq::zero() ); @@ -700,7 +701,8 @@ fn test_from_bytes() { Fq::from_bytes([ 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 - ]).unwrap(), + ]) + .unwrap(), Fq::one() ); @@ -708,7 +710,8 @@ fn test_from_bytes() { Fq::from_bytes([ 254, 255, 255, 255, 1, 0, 0, 0, 2, 72, 3, 0, 250, 183, 132, 88, 245, 79, 188, 236, 239, 79, 140, 153, 111, 5, 197, 172, 89, 177, 36, 24 - ]).unwrap(), + ]) + .unwrap(), R2 ); @@ -717,8 +720,10 @@ fn test_from_bytes() { Fq::from_bytes([ 0, 0, 0, 0, 255, 255, 255, 255, 254, 91, 254, 255, 2, 164, 189, 83, 5, 216, 161, 9, 8, 216, 57, 51, 72, 125, 157, 41, 83, 167, 237, 115 - ]).is_some() - .unwrap_u8() == 1 + ]) + .is_some() + .unwrap_u8() + == 1 ); // modulus is invalid @@ -726,8 +731,10 @@ fn test_from_bytes() { Fq::from_bytes([ 1, 0, 0, 0, 255, 255, 255, 255, 254, 91, 254, 255, 2, 164, 189, 83, 5, 216, 161, 9, 8, 216, 57, 51, 72, 125, 157, 41, 83, 167, 237, 115 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); // Anything larger than the modulus is invalid @@ -735,22 +742,28 @@ fn test_from_bytes() { Fq::from_bytes([ 2, 0, 0, 0, 255, 255, 255, 255, 254, 91, 254, 255, 2, 164, 189, 83, 5, 216, 161, 9, 8, 216, 57, 51, 72, 125, 157, 41, 83, 167, 237, 115 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); assert!( Fq::from_bytes([ 1, 0, 0, 0, 255, 255, 255, 255, 254, 91, 254, 255, 2, 164, 189, 83, 5, 216, 161, 9, 8, 216, 58, 51, 72, 125, 157, 41, 83, 167, 237, 115 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); assert!( Fq::from_bytes([ 1, 0, 0, 0, 255, 255, 255, 255, 254, 91, 254, 255, 2, 164, 189, 83, 5, 216, 161, 9, 8, 216, 57, 51, 72, 125, 157, 41, 83, 167, 237, 116 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); } diff --git a/src/fr.rs b/src/fr.rs index 6426045..14c513f 100644 --- a/src/fr.rs +++ b/src/fr.rs @@ -645,7 +645,8 @@ fn test_from_bytes() { Fr::from_bytes([ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 - ]).unwrap(), + ]) + .unwrap(), Fr::zero() ); @@ -653,7 +654,8 @@ fn test_from_bytes() { Fr::from_bytes([ 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 - ]).unwrap(), + ]) + .unwrap(), Fr::one() ); @@ -661,7 +663,8 @@ fn test_from_bytes() { Fr::from_bytes([ 217, 7, 150, 185, 179, 11, 248, 37, 80, 231, 182, 102, 47, 214, 21, 243, 244, 20, 136, 235, 238, 20, 37, 147, 198, 85, 145, 71, 111, 252, 166, 9 - ]).unwrap(), + ]) + .unwrap(), R2 ); @@ -670,8 +673,10 @@ fn test_from_bytes() { Fr::from_bytes([ 182, 44, 247, 214, 94, 14, 151, 208, 130, 16, 200, 204, 147, 32, 104, 166, 0, 59, 52, 1, 1, 59, 103, 6, 169, 175, 51, 101, 234, 180, 125, 14 - ]).is_some() - .unwrap_u8() == 1 + ]) + .is_some() + .unwrap_u8() + == 1 ); // modulus is invalid @@ -679,8 +684,10 @@ fn test_from_bytes() { Fr::from_bytes([ 183, 44, 247, 214, 94, 14, 151, 208, 130, 16, 200, 204, 147, 32, 104, 166, 0, 59, 52, 1, 1, 59, 103, 6, 169, 175, 51, 101, 234, 180, 125, 14 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); // Anything larger than the modulus is invalid @@ -688,24 +695,30 @@ fn test_from_bytes() { Fr::from_bytes([ 184, 44, 247, 214, 94, 14, 151, 208, 130, 16, 200, 204, 147, 32, 104, 166, 0, 59, 52, 1, 1, 59, 103, 6, 169, 175, 51, 101, 234, 180, 125, 14 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); assert!( Fr::from_bytes([ 183, 44, 247, 214, 94, 14, 151, 208, 130, 16, 200, 204, 147, 32, 104, 166, 0, 59, 52, 1, 1, 59, 104, 6, 169, 175, 51, 101, 234, 180, 125, 14 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); assert!( Fr::from_bytes([ 183, 44, 247, 214, 94, 14, 151, 208, 130, 16, 200, 204, 147, 32, 104, 166, 0, 59, 52, 1, 1, 59, 103, 6, 169, 175, 51, 101, 234, 180, 125, 15 - ]).is_none() - .unwrap_u8() == 1 + ]) + .is_none() + .unwrap_u8() + == 1 ); } diff --git a/src/lib.rs b/src/lib.rs index 515ec7b..c268e01 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -375,7 +375,7 @@ impl AffinePoint { AffineNielsPoint { v_plus_u: self.v.field_add(&self.u), v_minus_u: self.v.subtract(&self.u), - t2d: self.u.multiply(&self.v).multiply(&EDWARDS_D2) + t2d: self.u.multiply(&self.v).multiply(&EDWARDS_D2), } } @@ -545,7 +545,8 @@ impl ExtendedPoint { v: vv_plus_uu, z: vv_minus_uu, t: &zz2 - &vv_minus_uu, - }.into_extended() + } + .into_extended() } #[inline] @@ -630,7 +631,8 @@ impl<'a, 'b> Add<&'b ExtendedNielsPoint> for &'a ExtendedPoint { v: &b + &a, z: &d + &c, t: &d - &c, - }.into_extended() + } + .into_extended() } } @@ -648,7 +650,8 @@ impl<'a, 'b> Sub<&'b ExtendedNielsPoint> for &'a ExtendedPoint { v: &b + &a, z: &d - &c, t: &d + &c, - }.into_extended() + } + .into_extended() } } @@ -674,7 +677,8 @@ impl<'a, 'b> Add<&'b AffineNielsPoint> for &'a ExtendedPoint { v: &b + &a, z: &d + &c, t: &d - &c, - }.into_extended() + } + .into_extended() } } @@ -692,7 +696,8 @@ impl<'a, 'b> Sub<&'b AffineNielsPoint> for &'a ExtendedPoint { v: &b + &a, z: &d - &c, t: &d + &c, - }.into_extended() + } + .into_extended() } } @@ -890,7 +895,8 @@ fn test_assoc() { 0x46462e26d4edb8c7, 0x10b4c1517ca82e9b, ]), - }).mul_by_cofactor(); + }) + .mul_by_cofactor(); assert!(p.is_on_curve_vartime()); assert_eq!( @@ -915,7 +921,8 @@ fn test_batch_normalize() { 0x46462e26d4edb8c7, 0x10b4c1517ca82e9b, ]), - }).mul_by_cofactor(); + }) + .mul_by_cofactor(); let mut v = vec![]; for _ in 0..10 { @@ -1149,7 +1156,8 @@ fn test_mul_consistency() { 0x46462e26d4edb8c7, 0x10b4c1517ca82e9b, ]), - }).mul_by_cofactor(); + }) + .mul_by_cofactor(); assert_eq!(p * c, (p * a) * b); }