5#ifndef SSEC_UTILITIES_H
6#define SSEC_UTILITIES_H
12#define NUMBER_OF_BENCHMARK_EXPERIMENTS 1
13#define NUMBER_OF_TEST_EXPERIMENTS 1
15#define NUMBER_OF_BENCHMARK_EXPERIMENTS 500
16#define NUMBER_OF_TEST_EXPERIMENTS 500
19void multiplication_u64(uint64_t *output_low, uint64_t *output_high, uint64_t input_a, uint64_t input_b);
21void conditional_move_u64(uint64_t *output, uint8_t input_decision, uint64_t input_a, uint64_t input_b);
34#define addition_with_carry_u64(output, output_carry, input_carry, input_a, input_b) \
35 { uint64_t tmp = (input_a) + (uint64_t)(input_carry); \
36 (output) = (input_b) + tmp; \
37 (output_carry) = (constant_time_is_lessthan_u64(tmp, (uint64_t)(input_carry)) | constant_time_is_lessthan_u64((output), tmp)); }
39#define subtraction_with_borrow_u64(output, output_borrow, input_borrow, input_a, input_b) \
40 { uint64_t tmp = (input_a) - (input_b); \
41 uint64_t borrowReg = (constant_time_is_lessthan_u64((input_a), (input_b)) | ((input_borrow) & constant_time_is_zero_u64(tmp))); \
42 (output) = tmp - (uint64_t)(input_borrow); \
43 (output_borrow) = borrowReg; }
45#define constant_time_shift_to_right_u64(shiftOut, highIn, lowIn, shift, DigitSize) \
46 (shiftOut) = ((lowIn) >> (shift)) ^ ((highIn) << ((DigitSize) - (shift)));
48#define constant_time_shift_to_left_u64(shiftOut, highIn, lowIn, shift, DigitSize) \
49 (shiftOut) = ((highIn) << (shift)) ^ ((lowIn) >> ((DigitSize) - (shift)));
51void multiprecision_addition(uint64_t *output,
const uint64_t *input_a,
const uint64_t *input_b, uint64_t input_length);
57static void cmov(uint32_t *r,
const uint32_t
a, uint32_t b) {
65static uint32_t isequal(uint32_t
a, uint32_t b) {
68 unsigned char *ta = (
unsigned char *)&
a;
69 unsigned char *tb = (
unsigned char *)&b;
70 r = (ta[0] ^ tb[0]) | (ta[1] ^ tb[1]) | (ta[2] ^ tb[2]) | (ta[3] ^ tb[3]);
73 return (uint32_t)(1-r);
76static uint32_t lookup(
size_t pos, uint32_t
const table[],
size_t N) {
79 uint32_t r = table[0];
80 for(
size_t i = 1;
i < N;
i++)
83 cmov(&r, table[
i], b);
88static int32_t issmaller(int32_t x, int32_t y) {
96static void to_trit_string(uint32_t *output,
const uint8_t *input,
size_t length) {
98 uint32_t table[243] = {
99 0x00000, 0x00001, 0x00002,
100 0x00010, 0x00011, 0x00012,
101 0x00020, 0x00021, 0x00022,
102 0x00100, 0x00101, 0x00102,
103 0x00110, 0x00111, 0x00112,
104 0x00120, 0x00121, 0x00122,
105 0x00200, 0x00201, 0x00202,
106 0x00210, 0x00211, 0x00212,
107 0x00220, 0x00221, 0x00222,
108 0x01000, 0x01001, 0x01002,
109 0x01010, 0x01011, 0x01012,
110 0x01020, 0x01021, 0x01022,
111 0x01100, 0x01101, 0x01102,
112 0x01110, 0x01111, 0x01112,
113 0x01120, 0x01121, 0x01122,
114 0x01200, 0x01201, 0x01202,
115 0x01210, 0x01211, 0x01212,
116 0x01220, 0x01221, 0x01222,
117 0x02000, 0x02001, 0x02002,
118 0x02010, 0x02011, 0x02012,
119 0x02020, 0x02021, 0x02022,
120 0x02100, 0x02101, 0x02102,
121 0x02110, 0x02111, 0x02112,
122 0x02120, 0x02121, 0x02122,
123 0x02200, 0x02201, 0x02202,
124 0x02210, 0x02211, 0x02212,
125 0x02220, 0x02221, 0x02222,
126 0x10000, 0x10001, 0x10002,
127 0x10010, 0x10011, 0x10012,
128 0x10020, 0x10021, 0x10022,
129 0x10100, 0x10101, 0x10102,
130 0x10110, 0x10111, 0x10112,
131 0x10120, 0x10121, 0x10122,
132 0x10200, 0x10201, 0x10202,
133 0x10210, 0x10211, 0x10212,
134 0x10220, 0x10221, 0x10222,
135 0x11000, 0x11001, 0x11002,
136 0x11010, 0x11011, 0x11012,
137 0x11020, 0x11021, 0x11022,
138 0x11100, 0x11101, 0x11102,
139 0x11110, 0x11111, 0x11112,
140 0x11120, 0x11121, 0x11122,
141 0x11200, 0x11201, 0x11202,
142 0x11210, 0x11211, 0x11212,
143 0x11220, 0x11221, 0x11222,
144 0x12000, 0x12001, 0x12002,
145 0x12010, 0x12011, 0x12012,
146 0x12020, 0x12021, 0x12022,
147 0x12100, 0x12101, 0x12102,
148 0x12110, 0x12111, 0x12112,
149 0x12120, 0x12121, 0x12122,
150 0x12200, 0x12201, 0x12202,
151 0x12210, 0x12211, 0x12212,
152 0x12220, 0x12221, 0x12222,
153 0x20000, 0x20001, 0x20002,
154 0x20010, 0x20011, 0x20012,
155 0x20020, 0x20021, 0x20022,
156 0x20100, 0x20101, 0x20102,
157 0x20110, 0x20111, 0x20112,
158 0x20120, 0x20121, 0x20122,
159 0x20200, 0x20201, 0x20202,
160 0x20210, 0x20211, 0x20212,
161 0x20220, 0x20221, 0x20222,
162 0x21000, 0x21001, 0x21002,
163 0x21010, 0x21011, 0x21012,
164 0x21020, 0x21021, 0x21022,
165 0x21100, 0x21101, 0x21102,
166 0x21110, 0x21111, 0x21112,
167 0x21120, 0x21121, 0x21122,
168 0x21200, 0x21201, 0x21202,
169 0x21210, 0x21211, 0x21212,
170 0x21220, 0x21221, 0x21222,
171 0x22000, 0x22001, 0x22002,
172 0x22010, 0x22011, 0x22012,
173 0x22020, 0x22021, 0x22022,
174 0x22100, 0x22101, 0x22102,
175 0x22110, 0x22111, 0x22112,
176 0x22120, 0x22121, 0x22122,
177 0x22200, 0x22201, 0x22202,
178 0x22210, 0x22211, 0x22212,
179 0x22220, 0x22221, 0x22222
182 for(
size_t i = 0;
i < length;
i++) {
183 output[
i] = lookup(input[
i], table, 243);
void multiprecision_shift_to_right(uint64_t *input_a_output_shifted_a, uint64_t input_words_length)
void multiprecision_subtraction(uint64_t *output, const uint64_t *input_a, const uint64_t *input_b, uint64_t input_length)
void conditional_move_u64(uint64_t *output, uint8_t input_decision, uint64_t input_a, uint64_t input_b)
void multiprecision_shift_to_left(uint64_t *input_a_output_shifted_a, uint64_t input_words_length)
uint64_t constant_time_is_zero_u64(uint64_t x)
void constant_time_conditional_mov(uint8_t *output, const uint8_t *input, uint64_t input_length, uint8_t input_selector)
void multiplication_u64(uint64_t *output_low, uint64_t *output_high, uint64_t input_a, uint64_t input_b)
void multiprecision_addition(uint64_t *output, const uint64_t *input_a, const uint64_t *input_b, uint64_t input_length)
uint64_t constant_time_is_lessthan_u64(uint64_t x, uint64_t y)
uint64_t constant_time_is_nonzero_u64(uint64_t x)
uint8_t constant_time_compare(const uint8_t *input_a, const uint8_t *input_b, uint64_t input_length)
uint8_t multiprecision_is_smaller(const uint64_t *input1, const uint64_t *input2, uint64_t input_length)
1.14.0