Skip to content

Commit

Permalink
p256: Implement scalar arithmetic via Barrett reduction (#83)
Browse files Browse the repository at this point in the history
Co-authored-by: Nicolas Stalder <n@stalder.io>
  • Loading branch information
tarcieri and nickray authored Jul 22, 2020
1 parent 0586693 commit 061a1a2
Show file tree
Hide file tree
Showing 2 changed files with 616 additions and 15 deletions.
7 changes: 5 additions & 2 deletions p256/src/arithmetic/field.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ use elliptic_curve::rand_core::{CryptoRng, RngCore};

use super::util::{adc, mac, sbb};

/// The number of 64-bit limbs used to represent a [`FieldElement`].
const LIMBS: usize = 4;

/// Constant representing the modulus
/// p = 2^{224}(2^{32} − 1) + 2^{192} + 2^{96} − 1
pub const MODULUS: FieldElement = FieldElement([
Expand Down Expand Up @@ -38,7 +41,7 @@ const R2: FieldElement = FieldElement([
// The internal representation is in little-endian order. Elements are always in
// Montgomery form; i.e., FieldElement(a) = aR mod p, with R = 2^256.
#[derive(Clone, Copy, Debug)]
pub struct FieldElement(pub(crate) [u64; 4]);
pub struct FieldElement(pub(crate) [u64; LIMBS]);

impl ConditionallySelectable for FieldElement {
fn conditional_select(a: &FieldElement, b: &FieldElement, choice: Choice) -> FieldElement {
Expand Down Expand Up @@ -112,7 +115,7 @@ impl FieldElement {
/// Returns None if the byte array does not contain a big-endian integer in the range
/// [0, p).
pub fn from_bytes(bytes: [u8; 32]) -> CtOption<Self> {
let mut w = [0u64; 4];
let mut w = [0u64; LIMBS];

// Interpret the bytes as a big-endian integer w.
w[3] = u64::from_be_bytes(bytes[0..8].try_into().unwrap());
Expand Down
Loading

0 comments on commit 061a1a2

Please sign in to comment.