Update coding style.
diff --git a/asm_arm.inc b/asm_arm.inc
index eff1673..fdaf04d 100644
--- a/asm_arm.inc
+++ b/asm_arm.inc
@@ -20,11 +20,10 @@
#if (uECC_ASM == uECC_asm_fast)
-static uint32_t vli_add(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- uint32_t l_carry = 0;
- uint32_t l_left;
- uint32_t l_right;
+static uint32_t vli_add(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ uint32_t carry = 0;
+ uint32_t left_word;
+ uint32_t right_word;
__asm__ volatile (
".syntax unified \n\t"
@@ -34,34 +33,34 @@
"stmia %[dptr]!, {%[left]} \n\t" /* Store result word. */
/* Now we just do the remaining words with the carry bit (using ADC) */
- REPEAT(DEC(uECC_WORDS), "ldmia %[lptr]!, {%[left]} \n\t"
+ REPEAT(DEC(uECC_WORDS),
+ "ldmia %[lptr]!, {%[left]} \n\t"
"ldmia %[rptr]!, {%[right]} \n\t"
"adcs %[left], %[right] \n\t"
"stmia %[dptr]!, {%[left]} \n\t")
- "adcs %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
+ "adcs %[carry], %[carry] \n\t" /* Store carry bit. */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
#if (uECC_PLATFORM == uECC_arm_thumb)
- : [dptr] "+l" (p_result), [lptr] "+l" (p_left), [rptr] "+l" (p_right),
- [carry] "+l" (l_carry), [left] "=l" (l_left), [right] "=l" (l_right)
+ : [dptr] "+l" (result), [lptr] "+l" (left), [rptr] "+l" (right),
+ [carry] "+l" (carry), [left] "=l" (left_word), [right] "=l" (right_word)
#else
- : [dptr] "+r" (p_result), [lptr] "+r" (p_left), [rptr] "+r" (p_right),
- [carry] "+r" (l_carry), [left] "=r" (l_left), [right] "=r" (l_right)
+ : [dptr] "+r" (result), [lptr] "+r" (left), [rptr] "+r" (right),
+ [carry] "+r" (carry), [left] "=r" (left_word), [right] "=r" (right_word)
#endif
:
: "cc", "memory"
);
- return l_carry;
+ return carry;
}
#define asm_add 1
-static uint32_t vli_sub(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- uint32_t l_carry = 0;
- uint32_t l_left;
- uint32_t l_right;
+static uint32_t vli_sub(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ uint32_t carry = 0;
+ uint32_t left_word;
+ uint32_t right_word;
__asm__ volatile (
".syntax unified \n\t"
@@ -71,36 +70,37 @@
"stmia %[dptr]!, {%[left]} \n\t" /* Store result word. */
/* Now we just do the remaining words with the carry bit (using SBC) */
- REPEAT(DEC(uECC_WORDS), "ldmia %[lptr]!, {%[left]} \n\t"
+ REPEAT(DEC(uECC_WORDS),
+ "ldmia %[lptr]!, {%[left]} \n\t"
"ldmia %[rptr]!, {%[right]} \n\t"
"sbcs %[left], %[right] \n\t"
"stmia %[dptr]!, {%[left]} \n\t")
- "adcs %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
+ "adcs %[carry], %[carry] \n\t" /* Store carry bit. */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
#if (uECC_PLATFORM == uECC_arm_thumb)
- : [dptr] "+l" (p_result), [lptr] "+l" (p_left), [rptr] "+l" (p_right),
- [carry] "+l" (l_carry), [left] "=l" (l_left), [right] "=l" (l_right)
+ : [dptr] "+l" (result), [lptr] "+l" (left), [rptr] "+l" (right),
+ [carry] "+l" (carry), [left] "=l" (left_word), [right] "=l" (right_word)
#else
- : [dptr] "+r" (p_result), [lptr] "+r" (p_left), [rptr] "+r" (p_right),
- [carry] "+r" (l_carry), [left] "=r" (l_left), [right] "=r" (l_right)
+ : [dptr] "+r" (result), [lptr] "+r" (left), [rptr] "+r" (right),
+ [carry] "+r" (carry), [left] "=r" (left_word), [right] "=r" (right_word)
#endif
:
: "cc", "memory"
);
- return !l_carry; // note that on ARM, carry flag set means "no borrow" when subtracting (for some reason...)
+ return !carry; // note that on ARM, carry flag set means "no borrow" when subtracting
+ // (for some reason...)
}
#define asm_sub 1
#if (uECC_PLATFORM != uECC_arm_thumb)
#if (uECC_WORDS == 5)
-static void vli_mult(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
- register const uint32_t *r2 __asm__("r2") = p_right;
+static void vli_mult(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
+ register const uint32_t *r2 __asm__("r2") = right;
__asm__ volatile (
".syntax unified \n\t"
@@ -267,11 +267,10 @@
#endif /* (uECC_WORDS == 5) */
#if (uECC_WORDS == 6)
-static void vli_mult(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
- register const uint32_t *r2 __asm__("r2") = p_right;
+static void vli_mult(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
+ register const uint32_t *r2 __asm__("r2") = right;
__asm__ volatile (
".syntax unified \n\t"
@@ -503,11 +502,10 @@
#endif /* (uECC_WORDS == 6) */
#if (uECC_WORDS == 8)
-static void vli_mult(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
- register const uint32_t *r2 __asm__("r2") = p_right;
+static void vli_mult(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
+ register const uint32_t *r2 __asm__("r2") = right;
__asm__ volatile (
".syntax unified \n\t"
@@ -924,10 +922,9 @@
#endif /* (uECC_WORDS == 8) */
#if (uECC_WORDS == 5)
-static void vli_square(uint32_t *p_result, const uint32_t *p_left)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
+static void vli_square(uint32_t *result, const uint32_t *left) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
__asm__ volatile (
".syntax unified \n\t"
@@ -1046,10 +1043,9 @@
#endif /* (uECC_WORDS == 5) */
#if (uECC_WORDS == 6)
-static void vli_square(uint32_t *p_result, const uint32_t *p_left)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
+static void vli_square(uint32_t *result, const uint32_t *left) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
__asm__ volatile (
".syntax unified \n\t"
@@ -1204,10 +1200,9 @@
#endif /* (uECC_WORDS == 6) */
#if (uECC_WORDS == 8)
-static void vli_square(uint32_t *p_result, const uint32_t *p_left)
-{
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
+static void vli_square(uint32_t *result, const uint32_t *left) {
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
__asm__ volatile (
".syntax unified \n\t"
@@ -1488,86 +1483,86 @@
#endif /* (uECC_WORDS == 8) */
#endif /* (uECC_PLATFORM != uECC_arm_thumb) */
-
#endif /* (uECC_ASM == uECC_asm_fast) */
#if !asm_add
-static uint32_t vli_add(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- uint32_t l_counter = uECC_WORDS;
- uint32_t l_carry = 0; /* carry = 0 initially */
- uint32_t l_left;
- uint32_t l_right;
+static uint32_t vli_add(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ uint32_t counter = uECC_WORDS;
+ uint32_t carry = 0;
+ uint32_t left_word;
+ uint32_t right_word;
__asm__ volatile (
".syntax unified \n\t"
"1: \n\t"
"ldmia %[lptr]!, {%[left]} \n\t" /* Load left word. */
"ldmia %[rptr]!, {%[right]} \n\t" /* Load right word. */
- "lsrs %[carry], #1 \n\t" /* Set up carry flag (l_carry = 0 after this). */
+ "lsrs %[carry], #1 \n\t" /* Set up carry flag (carry = 0 after this). */
"adcs %[left], %[right] \n\t" /* Add with carry. */
- "adcs %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
+ "adcs %[carry], %[carry] \n\t" /* Store carry bit. */
"stmia %[dptr]!, {%[left]} \n\t" /* Store result word. */
- "subs %[ctr], #1 \n\t" /* Decrement index. */
- "bne 1b \n\t" /* Loop until index == 0. */
+ "subs %[ctr], #1 \n\t" /* Decrement counter. */
+ "bne 1b \n\t" /* Loop until counter == 0. */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
#if (uECC_PLATFORM == uECC_arm_thumb)
- : [dptr] "+l" (p_result), [lptr] "+l" (p_left), [rptr] "+l" (p_right),
- [ctr] "+l" (l_counter), [carry] "+l" (l_carry), [left] "=l" (l_left), [right] "=l" (l_right)
+ : [dptr] "+l" (result), [lptr] "+l" (left), [rptr] "+l" (right),
+ [ctr] "+l" (counter), [carry] "+l" (carry),
+ [left] "=l" (left_word), [right] "=l" (right_word)
#else
- : [dptr] "+r" (p_result), [lptr] "+r" (p_left), [rptr] "+r" (p_right),
- [ctr] "+r" (l_counter), [carry] "+r" (l_carry), [left] "=r" (l_left), [right] "=r" (l_right)
+ : [dptr] "+r" (result), [lptr] "+r" (left), [rptr] "+r" (right),
+ [ctr] "+r" (counter), [carry] "+r" (carry),
+ [left] "=r" (left_word), [right] "=r" (right_word)
#endif
:
: "cc", "memory"
);
- return l_carry;
+ return carry;
}
#define asm_add 1
#endif
#if !asm_sub
-static uint32_t vli_sub(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
- uint32_t l_counter = uECC_WORDS;
- uint32_t l_carry = 1; /* carry = 1 initially (means don't borrow) */
- uint32_t l_left;
- uint32_t l_right;
+static uint32_t vli_sub(uint32_t *result, const uint32_t *left, const uint32_t *right) {
+ uint32_t counter = uECC_WORDS;
+ uint32_t carry = 1; /* carry = 1 initially (means don't borrow) */
+ uint32_t left_word;
+ uint32_t right_word;
__asm__ volatile (
".syntax unified \n\t"
"1: \n\t"
"ldmia %[lptr]!, {%[left]} \n\t" /* Load left word. */
"ldmia %[rptr]!, {%[right]} \n\t" /* Load right word. */
- "lsrs %[carry], #1 \n\t" /* Set up carry flag (l_carry = 0 after this). */
+ "lsrs %[carry], #1 \n\t" /* Set up carry flag (carry = 0 after this). */
"sbcs %[left], %[right] \n\t" /* Subtract with borrow. */
- "adcs %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
+ "adcs %[carry], %[carry] \n\t" /* Store carry bit. */
"stmia %[dptr]!, {%[left]} \n\t" /* Store result word. */
- "subs %[ctr], #1 \n\t" /* Decrement index. */
- "bne 1b \n\t" /* Loop until index == 0. */
+ "subs %[ctr], #1 \n\t" /* Decrement counter. */
+ "bne 1b \n\t" /* Loop until counter == 0. */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
#if (uECC_PLATFORM == uECC_arm_thumb)
- : [dptr] "+l" (p_result), [lptr] "+l" (p_left), [rptr] "+l" (p_right),
- [ctr] "+l" (l_counter), [carry] "+l" (l_carry), [left] "=l" (l_left), [right] "=l" (l_right)
+ : [dptr] "+l" (result), [lptr] "+l" (left), [rptr] "+l" (right),
+ [ctr] "+l" (counter), [carry] "+l" (carry),
+ [left] "=l" (left_word), [right] "=l" (right_word)
#else
- : [dptr] "+r" (p_result), [lptr] "+r" (p_left), [rptr] "+r" (p_right),
- [ctr] "+r" (l_counter), [carry] "+r" (l_carry), [left] "=r" (l_left), [right] "=r" (l_right)
+ : [dptr] "+r" (result), [lptr] "+r" (left), [rptr] "+r" (right),
+ [ctr] "+r" (counter), [carry] "+r" (carry),
+ [left] "=r" (left_word), [right] "=r" (right_word)
#endif
:
: "cc", "memory"
);
- return !l_carry;
+ return !carry;
}
#define asm_sub 1
#endif
#if !asm_mult
-static void vli_mult(uint32_t *p_result, const uint32_t *p_left, const uint32_t *p_right)
-{
+static void vli_mult(uint32_t *result, const uint32_t *left, const uint32_t *right) {
#if (uECC_PLATFORM != uECC_arm_thumb)
uint32_t c0 = 0;
uint32_t c1 = 0;
@@ -1590,10 +1585,10 @@
"3: \n\t" /* inner loop */
"subs %[t0], %[k], %[i] \n\t" /* t0 = k-i */
- "ldr %[t1], [%[right], %[t0]] \n\t" /* t1 = p_right[k-i] */
- "ldr %[t0], [%[left], %[i]] \n\t" /* t0 = p_left[i] */
+ "ldr %[t1], [%[right], %[t0]] \n\t" /* t1 = right[k - i] */
+ "ldr %[t0], [%[left], %[i]] \n\t" /* t0 = left[i] */
- "umull %[t0], %[t1], %[t0], %[t1] \n\t" /* (t0, t1) = p_left[i] * p_right[k-i] */
+ "umull %[t0], %[t1], %[t0], %[t1] \n\t" /* (t0, t1) = left[i] * right[k - i] */
"adds %[c0], %[t0] \n\t" /* add low word to c0 */
"adcs %[c1], %[t1] \n\t" /* add high word to c1, including carry */
@@ -1601,38 +1596,40 @@
"adds %[i], #4 \n\t" /* i += 4 */
"cmp %[i], %[eccd] \n\t" /* i < uECC_WORDS (times 4)? */
- "bge 4f \n\t" /* if not, exit the loop */
+ "bge 4f \n\t" /* if not, exit the loop */
"cmp %[i], %[k] \n\t" /* i <= k? */
- "ble 3b \n\t" /* if so, continue looping */
+ "ble 3b \n\t" /* if so, continue looping */
"4: \n\t" /* end inner loop */
- "str %[c0], [%[result], %[k]] \n\t" /* p_result[k] = c0 */
+ "str %[c0], [%[result], %[k]] \n\t" /* result[k] = c0 */
"mov %[c0], %[c1] \n\t" /* c0 = c1 */
"mov %[c1], %[c2] \n\t" /* c1 = c2 */
"movs %[c2], #0 \n\t" /* c2 = 0 */
"adds %[k], #4 \n\t" /* k += 4 */
"cmp %[k], %[eccd] \n\t" /* k < uECC_WORDS (times 4) ? */
- "blt 1b \n\t" /* if not, loop back, start with i = 0 */
+ "blt 1b \n\t" /* if not, loop back, start with i = 0 */
"cmp %[k], %[eccd2m1] \n\t" /* k < uECC_WORDS * 2 - 1 (times 4) ? */
- "blt 2b \n\t" /* if not, loop back, start with i = (k+1) - uECC_WORDS */
+ "blt 2b \n\t" /* if not, loop back, start with i = (k + 1) - uECC_WORDS */
/* end outer loop */
- "str %[c0], [%[result], %[k]] \n\t" /* p_result[uECC_WORDS * 2 - 1] = c0 */
+ "str %[c0], [%[result], %[k]] \n\t" /* result[uECC_WORDS * 2 - 1] = c0 */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
- : [c0] "+r" (c0), [c1] "+r" (c1), [c2] "+r" (c2), [k] "+r" (k), [i] "=&r" (i), [t0] "=&r" (t0), [t1] "=&r" (t1)
- : [result] "r" (p_result), [left] "r" (p_left), [right] "r" (p_right),
- [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4), [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
+ : [c0] "+r" (c0), [c1] "+r" (c1), [c2] "+r" (c2),
+ [k] "+r" (k), [i] "=&r" (i), [t0] "=&r" (t0), [t1] "=&r" (t1)
+ : [result] "r" (result), [left] "r" (left), [right] "r" (right),
+ [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4),
+ [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
: "cc", "memory"
);
#else /* Thumb-1 */
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
- register const uint32_t *r2 __asm__("r2") = p_right;
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
+ register const uint32_t *r2 __asm__("r2") = right;
__asm__ volatile (
".syntax unified \n\t"
@@ -1641,7 +1638,7 @@
"movs r5, #0 \n\t" /* c2 = 0 */
"movs r6, #0 \n\t" /* k = 0 */
- "push {r0} \n\t" /* keep p_result on the stack */
+ "push {r0} \n\t" /* keep result on the stack */
"1: \n\t" /* outer loop (k < uECC_WORDS) */
"movs r7, #0 \n\t" /* r7 = i = 0 */
@@ -1653,10 +1650,10 @@
"3: \n\t" /* inner loop */
"push {r3, r4, r5, r6} \n\t" /* push things, r3 (c0) is at the top of stack. */
- "subs r0, r6, r7 \n\t" /* r0 = k-i */
+ "subs r0, r6, r7 \n\t" /* r0 = k - i */
- "ldr r4, [r2, r0] \n\t" /* r4 = p_right[k-i] */
- "ldr r0, [r1, r7] \n\t" /* r0 = p_left[i] */
+ "ldr r4, [r2, r0] \n\t" /* r4 = right[k - i] */
+ "ldr r0, [r1, r7] \n\t" /* r0 = left[i] */
"lsrs r3, r0, #16 \n\t" /* r3 = a1 */
"uxth r0, r0 \n\t" /* r0 = a0 */
@@ -1665,21 +1662,21 @@
"uxth r4, r4 \n\t" /* r4 = b0 */
"movs r6, r3 \n\t" /* r6 = a1 */
- "muls r6, r5, r6 \n\t" /* r6 = a1*b1 */
- "muls r3, r4, r3 \n\t" /* r3 = b0*a1 */
- "muls r5, r0, r5 \n\t" /* r5 = a0*b1 */
- "muls r0, r4, r0 \n\t" /* r0 = a0*b0 */
+ "muls r6, r5, r6 \n\t" /* r6 = a1 * b1 */
+ "muls r3, r4, r3 \n\t" /* r3 = b0 * a1 */
+ "muls r5, r0, r5 \n\t" /* r5 = a0 * b1 */
+ "muls r0, r4, r0 \n\t" /* r0 = a0 * b0 */
"movs r4, #0 \n\t" /* r4 = 0 */
- "adds r3, r5 \n\t" /* r3 = b0*a1 + a0*b1 */
+ "adds r3, r5 \n\t" /* r3 = b0 * a1 + a0 * b1 */
"adcs r4, r4 \n\t" /* r4 = carry */
"lsls r4, #16 \n\t" /* r4 = carry << 16 */
- "adds r6, r4 \n\t" /* r6 = a1*b1 + carry */
+ "adds r6, r4 \n\t" /* r6 = a1 * b1 + carry */
- "lsls r4, r3, #16 \n\t" /* r4 = (b0*a1 + a0*b1) << 16 */
- "lsrs r3, #16 \n\t" /* r3 = (b0*a1 + a0*b1) >> 16 */
- "adds r0, r4 \n\t" /* r0 = low word = a0*b0 + ((b0*a1 + a0*b1) << 16) */
- "adcs r6, r3 \n\t" /* r6 = high word = a1*b1 + carry + ((b0*a1 + a0*b1) >> 16) */
+ "lsls r4, r3, #16 \n\t" /* r4 = (b0 * a1 + a0 * b1) << 16 */
+ "lsrs r3, #16 \n\t" /* r3 = (b0 * a1 + a0 * b1) >> 16 */
+ "adds r0, r4 \n\t" /* r0 = low word = a0 * b0 + ((b0 * a1 + a0 * b1) << 16) */
+ "adcs r6, r3 \n\t" /* r6 = high word = a1 * b1 + carry + ((b0 * a1 + a0 * b1) >> 16) */
"pop {r3, r4, r5} \n\t" /* r3 = c0, r4 = c1, r5 = c2 */
"adds r3, r0 \n\t" /* add low word to c0 */
@@ -1691,27 +1688,27 @@
"adds r7, #4 \n\t" /* i += 4 */
"cmp r7, %[eccd] \n\t" /* i < uECC_WORDS (times 4)? */
- "bge 4f \n\t" /* if not, exit the loop */
+ "bge 4f \n\t" /* if not, exit the loop */
"cmp r7, r6 \n\t" /* i <= k? */
- "ble 3b \n\t" /* if so, continue looping */
+ "ble 3b \n\t" /* if so, continue looping */
"4: \n\t" /* end inner loop */
- "ldr r0, [sp, #0] \n\t" /* r0 = p_result */
+ "ldr r0, [sp, #0] \n\t" /* r0 = result */
- "str r3, [r0, r6] \n\t" /* p_result[k] = c0 */
+ "str r3, [r0, r6] \n\t" /* result[k] = c0 */
"mov r3, r4 \n\t" /* c0 = c1 */
"mov r4, r5 \n\t" /* c1 = c2 */
"movs r5, #0 \n\t" /* c2 = 0 */
"adds r6, #4 \n\t" /* k += 4 */
"cmp r6, %[eccd] \n\t" /* k < uECC_WORDS (times 4) ? */
- "blt 1b \n\t" /* if not, loop back, start with i = 0 */
+ "blt 1b \n\t" /* if not, loop back, start with i = 0 */
"cmp r6, %[eccd2m1] \n\t" /* k < uECC_WORDS * 2 - 1 (times 4) ? */
- "blt 2b \n\t" /* if not, loop back, start with i = (k+1) - uECC_WORDS */
+ "blt 2b \n\t" /* if not, loop back, start with i = (k + 1) - uECC_WORDS */
/* end outer loop */
- "str r3, [r0, r6] \n\t" /* p_result[uECC_WORDS * 2 - 1] = c0 */
- "pop {r0} \n\t" /* pop p_result off the stack */
+ "str r3, [r0, r6] \n\t" /* result[uECC_WORDS * 2 - 1] = c0 */
+ "pop {r0} \n\t" /* pop result off the stack */
".syntax divided \n\t"
:
@@ -1725,8 +1722,7 @@
#if uECC_SQUARE_FUNC
#if !asm_square
-static void vli_square(uint32_t *p_result, const uint32_t *p_left)
-{
+static void vli_square(uint32_t *result, const uint32_t *left) {
#if (uECC_PLATFORM != uECC_arm_thumb)
uint32_t c0 = 0;
uint32_t c1 = 0;
@@ -1749,17 +1745,17 @@
"3: \n\t" /* inner loop */
"subs %[tt], %[k], %[i] \n\t" /* tt = k-i */
- "ldr %[t1], [%[left], %[tt]] \n\t" /* t1 = p_left[k-i] */
- "ldr %[t0], [%[left], %[i]] \n\t" /* t0 = p_left[i] */
+ "ldr %[t1], [%[left], %[tt]] \n\t" /* t1 = left[k - i] */
+ "ldr %[t0], [%[left], %[i]] \n\t" /* t0 = left[i] */
- "umull %[t0], %[t1], %[t0], %[t1] \n\t" /* (t0, t1) = p_left[i] * p_right[k-i] */
+ "umull %[t0], %[t1], %[t0], %[t1] \n\t" /* (t0, t1) = left[i] * right[k - i] */
- "cmp %[i], %[tt] \n\t" /* (i < k-i) ? */
- "bge 4f \n\t" /* if i >= k-i, skip */
- "lsls %[t1], #1 \n\t" /* high word << 1 */
- "adc %[c2], #0 \n\t" /* add carry bit to c2 */
- "lsls %[t0], #1 \n\t" /* low word << 1 */
- "adc %[t1], #0 \n\t" /* add carry bit to high word */
+ "cmp %[i], %[tt] \n\t" /* (i < k - i) ? */
+ "bge 4f \n\t" /* if i >= k - i, skip */
+ "lsls %[t1], #1 \n\t" /* high word << 1 */
+ "adc %[c2], #0 \n\t" /* add carry bit to c2 */
+ "lsls %[t0], #1 \n\t" /* low word << 1 */
+ "adc %[t1], #0 \n\t" /* add carry bit to high word */
"4: \n\t"
@@ -1769,38 +1765,40 @@
"adds %[i], #4 \n\t" /* i += 4 */
"cmp %[i], %[k] \n\t" /* i <= k? */
- "bge 5f \n\t" /* if not, exit the loop */
- "subs %[tt], %[k], %[i] \n\t" /* tt = k-i */
- "cmp %[i], %[tt] \n\t" /* i <= k-i? */
- "ble 3b \n\t" /* if so, continue looping */
+ "bge 5f \n\t" /* if not, exit the loop */
+ "subs %[tt], %[k], %[i] \n\t" /* tt = k - i */
+ "cmp %[i], %[tt] \n\t" /* i <= k - i? */
+ "ble 3b \n\t" /* if so, continue looping */
"5: \n\t" /* end inner loop */
- "str %[c0], [%[result], %[k]] \n\t" /* p_result[k] = c0 */
+ "str %[c0], [%[result], %[k]] \n\t" /* result[k] = c0 */
"mov %[c0], %[c1] \n\t" /* c0 = c1 */
"mov %[c1], %[c2] \n\t" /* c1 = c2 */
"movs %[c2], #0 \n\t" /* c2 = 0 */
"adds %[k], #4 \n\t" /* k += 4 */
"cmp %[k], %[eccd] \n\t" /* k < uECC_WORDS (times 4) ? */
- "blt 1b \n\t" /* if not, loop back, start with i = 0 */
+ "blt 1b \n\t" /* if not, loop back, start with i = 0 */
"cmp %[k], %[eccd2m1] \n\t" /* k < uECC_WORDS * 2 - 1 (times 4) ? */
- "blt 2b \n\t" /* if not, loop back, start with i = (k+1) - uECC_WORDS */
+ "blt 2b \n\t" /* if not, loop back, start with i = (k + 1) - uECC_WORDS */
/* end outer loop */
- "str %[c0], [%[result], %[k]] \n\t" /* p_result[uECC_WORDS * 2 - 1] = c0 */
+ "str %[c0], [%[result], %[k]] \n\t" /* result[uECC_WORDS * 2 - 1] = c0 */
#if (uECC_PLATFORM != uECC_arm_thumb2)
".syntax divided \n\t"
#endif
- : [c0] "+r" (c0), [c1] "+r" (c1), [c2] "+r" (c2), [k] "+r" (k), [i] "=&r" (i), [tt] "=&r" (tt), [t0] "=&r" (t0), [t1] "=&r" (t1)
- : [result] "r" (p_result), [left] "r" (p_left),
- [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4), [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
+ : [c0] "+r" (c0), [c1] "+r" (c1), [c2] "+r" (c2),
+ [k] "+r" (k), [i] "=&r" (i), [tt] "=&r" (tt), [t0] "=&r" (t0), [t1] "=&r" (t1)
+ : [result] "r" (result), [left] "r" (left),
+ [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4),
+ [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
: "cc", "memory"
);
#else
- register uint32_t *r0 __asm__("r0") = p_result;
- register const uint32_t *r1 __asm__("r1") = p_left;
+ register uint32_t *r0 __asm__("r0") = result;
+ register const uint32_t *r1 __asm__("r1") = left;
__asm__ volatile (
".syntax unified \n\t"
@@ -1809,7 +1807,7 @@
"movs r4, #0 \n\t" /* c2 = 0 */
"movs r5, #0 \n\t" /* k = 0 */
- "push {r0} \n\t" /* keep p_result on the stack */
+ "push {r0} \n\t" /* keep result on the stack */
"1: \n\t" /* outer loop (k < uECC_WORDS) */
"movs r6, #0 \n\t" /* r6 = i = 0 */
@@ -1821,10 +1819,10 @@
"3: \n\t" /* inner loop */
"push {r2, r3, r4, r5} \n\t" /* push things, r2 (c0) is at the top of stack. */
- "subs r7, r5, r6 \n\t" /* r7 = k-i */
+ "subs r7, r5, r6 \n\t" /* r7 = k - i */
- "ldr r3, [r1, r7] \n\t" /* r3 = p_left[k-i] */
- "ldr r0, [r1, r6] \n\t" /* r0 = p_left[i] */
+ "ldr r3, [r1, r7] \n\t" /* r3 = left[k - i] */
+ "ldr r0, [r1, r6] \n\t" /* r0 = left[i] */
"lsrs r2, r0, #16 \n\t" /* r2 = a1 */
"uxth r0, r0 \n\t" /* r0 = a0 */
@@ -1833,26 +1831,26 @@
"uxth r3, r3 \n\t" /* r3 = b0 */
"movs r5, r2 \n\t" /* r5 = a1 */
- "muls r5, r4, r5 \n\t" /* r5 = a1*b1 */
- "muls r2, r3, r2 \n\t" /* r2 = b0*a1 */
- "muls r4, r0, r4 \n\t" /* r4 = a0*b1 */
- "muls r0, r3, r0 \n\t" /* r0 = a0*b0 */
+ "muls r5, r4, r5 \n\t" /* r5 = a1 * b1 */
+ "muls r2, r3, r2 \n\t" /* r2 = b0 * a1 */
+ "muls r4, r0, r4 \n\t" /* r4 = a0 * b1 */
+ "muls r0, r3, r0 \n\t" /* r0 = a0 * b0 */
"movs r3, #0 \n\t" /* r3 = 0 */
- "adds r2, r4 \n\t" /* r2 = b0*a1 + a0*b1 */
+ "adds r2, r4 \n\t" /* r2 = b0 * a1 + a0 * b1 */
"adcs r3, r3 \n\t" /* r3 = carry */
"lsls r3, #16 \n\t" /* r3 = carry << 16 */
- "adds r5, r3 \n\t" /* r5 = a1*b1 + carry */
+ "adds r5, r3 \n\t" /* r5 = a1 * b1 + carry */
- "lsls r3, r2, #16 \n\t" /* r3 = (b0*a1 + a0*b1) << 16 */
- "lsrs r2, #16 \n\t" /* r2 = (b0*a1 + a0*b1) >> 16 */
- "adds r0, r3 \n\t" /* r0 = low word = a0*b0 + ((b0*a1 + a0*b1) << 16) */
- "adcs r5, r2 \n\t" /* r5 = high word = a1*b1 + carry + ((b0*a1 + a0*b1) >> 16) */
+ "lsls r3, r2, #16 \n\t" /* r3 = (b0 * a1 + a0 * b1) << 16 */
+ "lsrs r2, #16 \n\t" /* r2 = (b0 * a1 + a0 * b1) >> 16 */
+ "adds r0, r3 \n\t" /* r0 = low word = a0 * b0 + ((b0 * a1 + a0 * b1) << 16) */
+ "adcs r5, r2 \n\t" /* r5 = high word = a1 * b1 + carry + ((b0 * a1 + a0 * b1) >> 16) */
"movs r3, #0 \n\t" /* r3 = 0 */
- "cmp r6, r7 \n\t" /* (i < k-i) ? */
+ "cmp r6, r7 \n\t" /* (i < k - i) ? */
"mov r7, r3 \n\t" /* r7 = 0 (does not affect condition)*/
- "bge 4f \n\t" /* if i >= k-i, skip */
+ "bge 4f \n\t" /* if i >= k - i, skip */
"lsls r5, #1 \n\t" /* high word << 1 */
"adcs r7, r3 \n\t" /* r7 = carry bit for c2 */
"lsls r0, #1 \n\t" /* low word << 1 */
@@ -1870,33 +1868,34 @@
"adds r6, #4 \n\t" /* i += 4 */
"cmp r6, r5 \n\t" /* i <= k? */
- "bge 5f \n\t" /* if not, exit the loop */
- "subs r7, r5, r6 \n\t" /* r7 = k-i */
- "cmp r6, r7 \n\t" /* i <= k-i? */
- "ble 3b \n\t" /* if so, continue looping */
+ "bge 5f \n\t" /* if not, exit the loop */
+ "subs r7, r5, r6 \n\t" /* r7 = k - i */
+ "cmp r6, r7 \n\t" /* i <= k - i? */
+ "ble 3b \n\t" /* if so, continue looping */
"5: \n\t" /* end inner loop */
- "ldr r0, [sp, #0] \n\t" /* r0 = p_result */
+ "ldr r0, [sp, #0] \n\t" /* r0 = result */
- "str r2, [r0, r5] \n\t" /* p_result[k] = c0 */
+ "str r2, [r0, r5] \n\t" /* result[k] = c0 */
"mov r2, r3 \n\t" /* c0 = c1 */
"mov r3, r4 \n\t" /* c1 = c2 */
"movs r4, #0 \n\t" /* c2 = 0 */
"adds r5, #4 \n\t" /* k += 4 */
"cmp r5, %[eccd] \n\t" /* k < uECC_WORDS (times 4) ? */
- "blt 1b \n\t" /* if not, loop back, start with i = 0 */
+ "blt 1b \n\t" /* if not, loop back, start with i = 0 */
"cmp r5, %[eccd2m1] \n\t" /* k < uECC_WORDS * 2 - 1 (times 4) ? */
- "blt 2b \n\t" /* if not, loop back, start with i = (k+1) - uECC_WORDS */
+ "blt 2b \n\t" /* if not, loop back, start with i = (k + 1) - uECC_WORDS */
/* end outer loop */
- "str r2, [r0, r5] \n\t" /* p_result[uECC_WORDS * 2 - 1] = c0 */
- "pop {r0} \n\t" /* pop p_result off the stack */
+ "str r2, [r0, r5] \n\t" /* result[uECC_WORDS * 2 - 1] = c0 */
+ "pop {r0} \n\t" /* pop result off the stack */
".syntax divided \n\t"
: [r0] "+l" (r0), [r1] "+l" (r1)
- : [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4), [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
- : "r2", "r3", "r4", "r5", "r6", "r7", "cc", "memory"
+ : [eccd] "I" (uECC_WORDS * 4), [eccdm1] "I" ((uECC_WORDS-1) * 4),
+ [eccd2m1] "I" ((uECC_WORDS * 2 - 1) * 4)
+ : "r2", "r3", "r4", "r5", "r6", "cc", "memory"
);
#endif
}
diff --git a/asm_avr.inc b/asm_avr.inc
index 48d8f32..b176af7 100644
--- a/asm_avr.inc
+++ b/asm_avr.inc
@@ -44,32 +44,30 @@
#if (uECC_ASM == uECC_asm_fast)
-static void vli_clear(uint8_t *p_vli)
-{
+static void vli_clear(uint8_t *vli) {
__asm__ volatile (
- REPEAT(uECC_BYTES, "st %a[ptr]+, r1 \n\t")
-
- : [ptr] "+e" (p_vli)
+ REPEAT(uECC_BYTES,
+ "st %a[ptr]+, r1 \n\t")
+ : [ptr] "+e" (vli)
:
: "r0", "cc", "memory"
);
}
#define asm_clear 1
-static void vli_set(uint8_t *p_dest, const uint8_t *p_src)
-{
+static void vli_set(uint8_t *dest, const uint8_t *src) {
__asm__ volatile (
- REPEAT(uECC_BYTES, "ld r0, %a[sptr]+ \n\t"
+ REPEAT(uECC_BYTES,
+ "ld r0, %a[sptr]+ \n\t"
"st %a[dptr]+, r0 \n\t")
- : [dptr] "+e" (p_dest), [sptr] "+e" (p_src)
+ : [dptr] "+e" (dest), [sptr] "+e" (src)
:
: "r0", "cc", "memory"
);
}
#define asm_set 1
-static void vli_rshift1(uint8_t *p_vli)
-{
+static void vli_rshift1(uint8_t *vli) {
__asm__ volatile (
"adiw r30, " STR(uECC_BYTES) " \n\t"
"ld r0, -z \n\t" /* Load byte. */
@@ -77,23 +75,22 @@
"st z, r0 \n\t" /* Store the first result byte. */
/* Now we just do the remaining bytes with the carry bit (using ROR) */
- REPEAT(DEC(uECC_BYTES), "ld r0, -z \n\t"
+ REPEAT(DEC(uECC_BYTES),
+ "ld r0, -z \n\t"
"ror r0 \n\t"
"st z, r0 \n\t")
-
- : "+z" (p_vli)
+ : "+z" (vli)
:
: "r0", "cc", "memory"
);
}
#define asm_rshift1 1
-/* Computes p_result = p_left + p_right, returning carry. Can modify in place. */
-static uint8_t vli_add(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
- uint8_t l_carry = 0;
- uint8_t l_left;
- uint8_t l_right;
+/* Computes result = left + right, returning carry. Can modify in place. */
+static uint8_t vli_add(uint8_t *result, const uint8_t *left, const uint8_t *right) {
+ uint8_t carry = 0;
+ uint8_t left_byte;
+ uint8_t right_byte;
__asm__ volatile (
"ld %[left], x+ \n\t" /* Load left byte. */
@@ -102,30 +99,29 @@
"st z+, %[left] \n\t" /* Store the first result byte. */
/* Now we just do the remaining bytes with the carry bit (using ADC) */
- REPEAT(DEC(uECC_BYTES), "ld %[left], x+ \n\t"
+ REPEAT(DEC(uECC_BYTES),
+ "ld %[left], x+ \n\t"
"ld %[right], y+ \n\t"
"adc %[left], %[right] \n\t"
"st z+, %[left] \n\t")
- "adc %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
-
+ "adc %[carry], %[carry] \n\t" /* Store carry bit. */
"sbiw r28, " STR(uECC_BYTES) " \n\t" /* Restore Y */
- : "+z" (p_result), "+x" (p_left),
- [carry] "+r" (l_carry), [left] "=&r" (l_left), [right] "=&r" (l_right)
- : "y" (p_right)
+ : "+z" (result), "+x" (left),
+ [carry] "+r" (carry), [left] "=&r" (left_byte), [right] "=&r" (right_byte)
+ : "y" (right)
: "cc", "memory"
);
- return l_carry;
+ return carry;
}
#define asm_add 1
-/* Computes p_result = p_left - p_right, returning borrow. Can modify in place. */
-static uint8_t vli_sub(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
- uint8_t l_borrow = 0;
- uint8_t l_left;
- uint8_t l_right;
+/* Computes result = left - right, returning borrow. Can modify in place. */
+static uint8_t vli_sub(uint8_t *result, const uint8_t *left, const uint8_t *right) {
+ uint8_t borrow = 0;
+ uint8_t left_byte;
+ uint8_t right_byte;
__asm__ volatile (
"ld %[left], x+ \n\t" /* Load left byte. */
@@ -134,28 +130,27 @@
"st z+, %[left] \n\t" /* Store the first result byte. */
/* Now we just do the remaining bytes with the carry bit (using SBC) */
- REPEAT(DEC(uECC_BYTES), "ld %[left], x+ \n\t"
+ REPEAT(DEC(uECC_BYTES),
+ "ld %[left], x+ \n\t"
"ld %[right], y+ \n\t"
"sbc %[left], %[right] \n\t"
"st z+, %[left] \n\t")
- "adc %[borrow], %[borrow] \n\t" /* Store carry bit in l_borrow. */
-
+ "adc %[borrow], %[borrow] \n\t" /* Store carry bit in borrow. */
"sbiw r28, " STR(uECC_BYTES) " \n\t" /* Restore Y */
- : "+z" (p_result), "+x" (p_left),
- [borrow] "+r" (l_borrow), [left] "=&r" (l_left), [right] "=&r" (l_right)
- : "y" (p_right)
+ : "+z" (result), "+x" (left),
+ [borrow] "+r" (borrow), [left] "=&r" (left_byte), [right] "=&r" (right_byte)
+ : "y" (right)
: "cc", "memory"
);
- return l_borrow;
+ return borrow;
}
#define asm_sub 1
#if (uECC_BYTES == 20)
__attribute((noinline))
-static void vli_mult(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static void vli_mult(uint8_t *result, const uint8_t *left, const uint8_t *right) {
__asm__ volatile (
"adiw r30, 10 \n\t"
"adiw r28, 10 \n\t"
@@ -2060,17 +2055,17 @@
"st z+, r23 \n\t"
"st z+, r24 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+y" (p_right), "+z" (p_result)
+ : "+x" (left), "+y" (right), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "cc", "memory"
);
}
#define asm_mult 1
#elif (uECC_BYTES == 24)
__attribute((noinline))
-static void vli_mult(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static void vli_mult(uint8_t *result, const uint8_t *left, const uint8_t *right) {
__asm__ volatile (
"adiw r30, 20 \n\t"
"adiw r28, 20 \n\t"
@@ -4843,17 +4838,17 @@
"st z+, r23 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+y" (p_right), "+z" (p_result)
+ : "+x" (left), "+y" (right), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "cc", "memory"
);
}
#define asm_mult 1
#elif (uECC_BYTES == 32)
__attribute((noinline))
-static void vli_mult(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static void vli_mult(uint8_t *result, const uint8_t *left, const uint8_t *right) {
__asm__ volatile (
"adiw r30, 30 \n\t"
"adiw r28, 30 \n\t"
@@ -9769,10 +9764,11 @@
"st z+, r24 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+y" (p_right), "+z" (p_result)
+ : "+x" (left), "+y" (right), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "cc", "memory"
);
}
#define asm_mult 1
@@ -9781,8 +9777,7 @@
#if uECC_SQUARE_FUNC
#if (uECC_BYTES == 20)
-static void vli_square(uint8_t *p_result, const uint8_t *p_left)
-{
+static void vli_square(uint8_t *result, const uint8_t *left) {
__asm__ volatile (
"ld r2, x+ \n\t"
"ld r3, x+ \n\t"
@@ -10937,10 +10932,11 @@
"st z+, r23 \n\t"
"st z+, r25 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+z" (p_result)
+ : "+x" (left), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "cc", "memory"
);
}
#define asm_square 1
@@ -10948,8 +10944,7 @@
#elif (uECC_BYTES == 24)
__attribute((noinline))
-static void vli_square(uint8_t *p_result, const uint8_t *p_left)
-{
+static void vli_square(uint8_t *result, const uint8_t *left) {
__asm__ volatile (
"ldi r25, 0 \n\t"
"movw r28, r26 \n\t"
@@ -12596,10 +12591,11 @@
"st z+, r23 \n\t"
"st z+, r28 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+z" (p_result)
+ : "+x" (left), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "r28", "r29", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "r28", "r29", "cc", "memory"
);
}
#define asm_square 1
@@ -12607,8 +12603,7 @@
#elif (uECC_BYTES == 32)
__attribute((noinline))
-static void vli_square(uint8_t *p_result, const uint8_t *p_left)
-{
+static void vli_square(uint8_t *result, const uint8_t *left) {
__asm__ volatile (
"ldi r25, 0 \n\t"
"movw r28, r26 \n\t"
@@ -15431,10 +15426,11 @@
"st z+, r23 \n\t"
"st z+, r28 \n\t"
"eor r1, r1 \n\t"
- : "+x" (p_left), "+z" (p_result)
+ : "+x" (left), "+z" (result)
:
- : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12",
- "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "r28", "r29", "cc", "memory"
+ : "r0", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
+ "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20",
+ "r21", "r22", "r23", "r24", "r25", "r28", "r29", "cc", "memory"
);
}
#define asm_square 1
@@ -15442,29 +15438,29 @@
#endif /* uECC_BYTES == xx */
#endif /* uECC_SQUARE_FUNC */
-static void vli_modSub_fast(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static void vli_modSub_fast(uint8_t *result, const uint8_t *left, const uint8_t *right) {
uint8_t t1, t2;
__asm__ volatile (
"push r28 \n\t" /* Save Y */
"push r29 \n\t"
- "ld %[t1], x+ \n\t" /* Load left word. */
- "ld %[t2], y+ \n\t" /* Load right word. */
+ "ld %[t1], x+ \n\t" /* Load left word. */
+ "ld %[t2], y+ \n\t" /* Load right word. */
"sub %[t1], %[t2] \n\t" /* Subtract the first word. */
- "st z+, %[t1] \n\t" /* Store the first result word. */
+ "st z+, %[t1] \n\t" /* Store the first result word. */
/* Now we just do the remaining words with the carry bit (using SBC) */
- REPEAT(DEC(uECC_BYTES), "ld %[t1], x+ \n\t"
+ REPEAT(DEC(uECC_BYTES),
+ "ld %[t1], x+ \n\t"
"ld %[t2], y+ \n\t"
"sbc %[t1], %[t2] \n\t"
"st z+, %[t1] \n\t")
- "brcs 1f \n\t" /* If borrow is set, then we need to add */
+ "brcs 1f \n\t" /* If borrow is set, then we need to add */
"rjmp done \n\t" /* otherwise we are done */
"1: \n\t"
- "sbiw r30, " STR(uECC_BYTES) " \n\t" /* make z point at p_result again */
+ "sbiw r30, " STR(uECC_BYTES) " \n\t" /* make z point at result again */
"ldi r28, lo8(curve_p) \n\t" /* make y point at curve_p */
"ldi r29, hi8(curve_p) \n\t"
@@ -15473,7 +15469,8 @@
"ld %[t2], y+ \n\t"
"add %[t1], %[t2] \n\t"
"st z+, %[t1] \n\t"
- REPEAT(DEC(uECC_BYTES), "ld %[t1], z \n\t"
+ REPEAT(DEC(uECC_BYTES),
+ "ld %[t1], z \n\t"
"ld %[t2], y+ \n\t"
"adc %[t1], %[t2] \n\t"
"st z+, %[t1] \n\t")
@@ -15482,18 +15479,17 @@
"pop r29 \n\t" /* Restore Y */
"pop r28 \n\t"
- : "+z" (p_result), "+x" (p_left),
+ : "+z" (result), "+x" (left),
[t1] "=&r" (t1), [t2] "=&r" (t2)
- : "y" (p_right)
+ : "y" (right)
: "cc", "memory"
);
}
#define asm_modSub_fast 1
#if uECC_CURVE == uECC_secp160r1
-static void vli_mmod_fast(uint8_t *RESTRICT p_result, uint8_t *RESTRICT p_product)
-{
- uint8_t l_carry = 0;
+static void vli_mmod_fast(uint8_t *RESTRICT result, uint8_t *RESTRICT product) {
+ uint8_t carry = 0;
__asm__ volatile (
"in r30, __SP_L__ \n\t"
"in r31, __SP_H__ \n\t"
@@ -15504,23 +15500,25 @@
"out __SREG__, r0 \n\t"
"out __SP_L__, r30 \n\t"
- "adiw r30, 25 \n\t" /* we are shifting by 31 bits, so shift over 4 bytes (+ 1 since z initially points below the stack) */
- "adiw r26, 40 \n\t" /* end of p_product */
- "ld r18, -x \n\t" /* Load word. */
- "lsr r18 \n\t" /* Shift. */
- "st -z, r18 \n\t" /* Store the first result word. */
+ "adiw r30, 25 \n\t" /* we are shifting by 31 bits, so shift over 4 bytes
+ (+ 1 since z initially points below the stack) */
+ "adiw r26, 40 \n\t" /* end of product */
+ "ld r18, -x \n\t" /* Load word. */
+ "lsr r18 \n\t" /* Shift. */
+ "st -z, r18 \n\t" /* Store the first result word. */
/* Now we just do the remaining words with the carry bit (using ROR) */
- REPEAT(19, "ld r18, -x \n\t"
+ REPEAT(19,
+ "ld r18, -x \n\t"
"ror r18 \n\t"
"st -z, r18 \n\t")
"eor r18, r18 \n\t" /* r18 = 0 */
- "ror r18 \n\t" /* get last bit */
- "st -z, r18 \n\t" /* store it */
+ "ror r18 \n\t" /* get last bit */
+ "st -z, r18 \n\t" /* store it */
"sbiw r30, 3 \n\t" /* move z back to point at tmp */
- /* now we add p_right */
+ /* now we add right */
"ld r18, x+ \n\t"
"st z+, r18 \n\t" /* the first 3 bytes do not need to be added */
"ld r18, x+ \n\t"
@@ -15534,12 +15532,13 @@
"st z+, r18 \n\t"
/* Now we just do the remaining words with the carry bit (using ADC) */
- REPEAT(16, "ld r18, x+ \n\t"
+ REPEAT(16,
+ "ld r18, x+ \n\t"
"ld r19, z \n\t"
"adc r18, r19 \n\t"
"st z+, r18 \n\t")
- /* Propagate over the remaining bytes of p_result */
+ /* Propagate over the remaining bytes of result */
"ld r18, z \n\t"
"adc r18, r1 \n\t"
"st z+, r18 \n\t"
@@ -15557,27 +15556,29 @@
"st z+, r18 \n\t"
"sbiw r30, 24 \n\t" /* move z back to point at tmp */
- "sbiw r26, 40 \n\t" /* move x back to point at p_product */
+ "sbiw r26, 40 \n\t" /* move x back to point at product */
- /* add low bytes of tmp to p_product, storing in p_result */
+ /* add low bytes of tmp to product, storing in result */
"ld r18, z+ \n\t"
"ld r19, x+ \n\t"
"add r18, r19 \n\t"
"st y+, r18 \n\t"
- REPEAT(19, "ld r18, z+ \n\t"
+ REPEAT(19,
+ "ld r18, z+ \n\t"
"ld r19, x+ \n\t"
"adc r18, r19 \n\t"
"st y+, r18 \n\t")
- "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
- /* at this point x is at the end of p_product, y is at the end of p_result, z is 20 bytes into tmp */
- "sbiw r28, 20 \n\t" /* move y back to point at p_result */
- "adiw r30, 4 \n\t" /* move z to point to the end of tmp */
+ "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
+ /* at this point x is at the end of product, y is at the end of result,
+ z is 20 bytes into tmp */
+ "sbiw r28, 20 \n\t" /* move y back to point at result */
+ "adiw r30, 4 \n\t" /* move z to point to the end of tmp */
/* do omega_mult again with the 4 relevant bytes */
- /* z points to the end of tmp, x points to the end of p_product */
- "ld r18, -z \n\t" /* Load word. */
- "lsr r18 \n\t" /* Shift. */
- "st -x, r18 \n\t" /* Store the first result word. */
+ /* z points to the end of tmp, x points to the end of product */
+ "ld r18, -z \n\t" /* Load word. */
+ "lsr r18 \n\t" /* Shift. */
+ "st -x, r18 \n\t" /* Store the first result word. */
"ld r18, -z \n\t"
"ror r18 \n\t"
@@ -15590,8 +15591,8 @@
"st -x, r18 \n\t"
"eor r18, r18 \n\t" /* r18 = 0 */
- "ror r18 \n\t" /* get last bit */
- "st -x, r18 \n\t" /* store it */
+ "ror r18 \n\t" /* get last bit */
+ "st -x, r18 \n\t" /* store it */
"sbiw r26, 3 \n\t" /* move x back to point at beginning */
/* now we add a copy of the 4 bytes */
@@ -15624,25 +15625,28 @@
"adc r18, r1 \n\t"
"st x+, r18 \n\t"
- /* now z points to the end of tmp, x points to the end of p_product (y still points at p_result) */
+ /* now z points to the end of tmp, x points to the end of product
+ (y still points at result) */
"sbiw r26, 8 \n\t" /* move x back to point at beginning of actual data */
- /* add into p_result */
+ /* add into result */
"ld r18, x+ \n\t"
"ld r19, y \n\t"
"add r18, r19 \n\t"
"st y+, r18 \n\t"
- REPEAT(7, "ld r18, x+ \n\t"
+ REPEAT(7,
+ "ld r18, x+ \n\t"
"ld r19, y \n\t"
"adc r18, r19 \n\t"
"st y+, r18 \n\t")
/* Done adding, now propagate carry bit */
- REPEAT(12, "ld r18, y \n\t"
+ REPEAT(12,
+ "ld r18, y \n\t"
"adc r18, __zero_reg__ \n\t"
"st y+, r18 \n\t")
- "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
- "sbiw r28, 20 \n\t" /* move y back to point at p_result */
+ "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
+ "sbiw r28, 20 \n\t" /* move y back to point at result */
"sbiw r30, 1 \n\t" /* fix stack pointer */
"in r0, __SREG__ \n\t"
@@ -15651,32 +15655,27 @@
"out __SREG__, r0 \n\t"
"out __SP_L__, r30 \n\t"
- : "+x" (p_product), [carry] "+r" (l_carry)
- : "y" (p_result)
+ : "+x" (product), [carry] "+r" (carry)
+ : "y" (result)
: "r0", "r18", "r19", "r30", "r31", "cc", "memory"
);
- if(l_carry > 0)
- {
- --l_carry;
- vli_sub(p_result, p_result, curve_p);
+ if (carry > 0) {
+ --carry;
+ vli_sub(result, result, curve_p);
}
- if(l_carry > 0)
- {
- vli_sub(p_result, p_result, curve_p);
+ if (carry > 0) {
+ vli_sub(result, result, curve_p);
}
-
- if(vli_cmp(p_result, curve_p) > 0)
- {
- vli_sub(p_result, p_result, curve_p);
+ if (vli_cmp(result, curve_p) > 0) {
+ vli_sub(result, result, curve_p);
}
}
#define asm_mmod_fast 1
#elif (uECC_CURVE == uECC_secp256k1)
-static void vli_mmod_fast(uint8_t *RESTRICT p_result, uint8_t *RESTRICT p_product)
-{
- uint8_t l_carry = 0;
+static void vli_mmod_fast(uint8_t *RESTRICT result, uint8_t *RESTRICT product) {
+ uint8_t carry = 0;
__asm__ volatile (
"in r30, __SP_L__ \n\t"
"in r31, __SP_H__ \n\t"
@@ -15687,8 +15686,8 @@
"out __SREG__, r0 \n\t"
"out __SP_L__, r30 \n\t"
- "adiw r30, 1 \n\t" /* add 1 since z initially points below the stack */
- "adiw r26, 32 \n\t" /* p_product + uECC_WORDS */
+ "adiw r30, 1 \n\t" /* add 1 since z initially points below the stack */
+ "adiw r26, 32 \n\t" /* product + uECC_WORDS */
"ldi r25, 0x03 \n\t"
"ldi r24, 0xD1 \n\t"
"ld r18, x+ \n\t"
@@ -15852,27 +15851,29 @@
"eor r1, r1 \n\t" /* make r1 be 0 again */
"sbiw r30, 37 \n\t" /* move z back to point at tmp */
- "subi r26, 64 \n\t" /* move x back to point at p_product */
+ "subi r26, 64 \n\t" /* move x back to point at product */
"sbc r27, __zero_reg__ \n\t"
- /* add low bytes of tmp to p_product, storing in p_result */
+ /* add low bytes of tmp to product, storing in result */
"ld r18, z+ \n\t"
"ld r19, x+ \n\t"
"add r18, r19 \n\t"
"st y+, r18 \n\t"
- REPEAT(31, "ld r18, z+ \n\t"
+ REPEAT(31,
+ "ld r18, z+ \n\t"
"ld r19, x+ \n\t"
"adc r18, r19 \n\t"
"st y+, r18 \n\t")
- "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
- /* at this point x is at the end of p_product, y is at the end of p_result, z is 32 bytes into tmp */
- "sbiw r28, 32 \n\t" /* move y back to point at p_result */
+ "adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
+ /* at this point x is at the end of product, y is at the end of result,
+ z is 32 bytes into tmp */
+ "sbiw r28, 32 \n\t" /* move y back to point at result */
/* do omega_mult again with the 5 relevant bytes */
- /* z points to l_tmp + uECC_WORDS, x points to the end of p_product */
- "sbiw r26, 32 \n\t" /* shift x back to point into the p_product buffer (we can overwrite it now) */
-
+ /* z points to tmp + uECC_WORDS, x points to the end of product */
+ "sbiw r26, 32 \n\t" /* shift x back to point into the product buffer
+ (we can overwrite it now) */
"ld r18, z+ \n\t"
"ld r19, z+ \n\t"
"ld r20, z+ \n\t"
@@ -15947,25 +15948,28 @@
"st x+, r22 \n\t"
"eor r1, r1 \n\t" /* make r1 be 0 again */
- /* now z points to the end of tmp, x points to the end of p_product (y still points at p_result) */
+ /* now z points to the end of tmp, x points to the end of product
+ (y still points at result) */
"sbiw r26, 10 \n\t" /* move x back to point at beginning of actual data */
- /* add into p_result */
+ /* add into result */
"ld r18, x+ \n\t"
"ld r19, y \n\t"
"add r18, r19 \n\t"
"st y+, r18 \n\t"
- REPEAT(9, "ld r18, x+ \n\t"
+ REPEAT(9,
+ "ld r18, x+ \n\t"
"ld r19, y \n\t"
"adc r18, r19 \n\t"
"st y+, r18 \n\t")
/* Done adding, now propagate carry bit */
- REPEAT(22, "ld r18, y \n\t"
+ REPEAT(22,
+ "ld r18, y \n\t"
"adc r18, __zero_reg__ \n\t"
"st y+, r18 \n\t")
"adc %[carry], __zero_reg__ \n\t" /* Store carry bit (carry flag is cleared). */
- "sbiw r28, 32 \n\t" /* move y back to point at p_result */
+ "sbiw r28, 32 \n\t" /* move y back to point at result */
"sbiw r30, 1 \n\t" /* fix stack pointer */
"in r0, __SREG__ \n\t"
@@ -15974,24 +15978,20 @@
"out __SREG__, r0 \n\t"
"out __SP_L__, r30 \n\t"
- : "+x" (p_product), [carry] "+r" (l_carry)
- : "y" (p_result)
+ : "+x" (product), [carry] "+r" (carry)
+ : "y" (result)
: "r0", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "r30", "r31", "cc", "memory"
);
- if(l_carry > 0)
- {
- --l_carry;
- vli_sub(p_result, p_result, curve_p);
+ if (carry > 0) {
+ --carry;
+ vli_sub(result, result, curve_p);
}
- if(l_carry > 0)
- {
- vli_sub(p_result, p_result, curve_p);
+ if (carry > 0) {
+ vli_sub(result, result, curve_p);
}
-
- if(vli_cmp(p_result, curve_p) > 0)
- {
- vli_sub(p_result, p_result, curve_p);
+ if (vli_cmp(result, curve_p) > 0) {
+ vli_sub(result, result, curve_p);
}
}
#define asm_mmod_fast 1
@@ -16001,8 +16001,7 @@
#endif /* (uECC_ASM == uECC_asm_fast) */
#if !asm_rshift1
-static void vli_rshift1(uint8_t *p_vli)
-{
+static void vli_rshift1(uint8_t *vli) {
uint8_t i = uECC_BYTES;
__asm__ volatile (
"adiw r30, " STR(uECC_BYTES) " \n\t"
@@ -16015,7 +16014,7 @@
"dec %[i] \n\t"
"brne 1b \n\t"
- : "+z" (p_vli), [i] "+r" (i)
+ : "+z" (vli), [i] "+r" (i)
:
: "r0", "cc", "memory"
);
@@ -16024,12 +16023,11 @@
#endif
#if !asm_add
-static uint8_t vli_add(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static uint8_t vli_add(uint8_t *result, const uint8_t *left, const uint8_t *right) {
uint8_t i = uECC_BYTES;
- uint8_t l_carry = 0;
- uint8_t l_left;
- uint8_t l_right;
+ uint8_t carry = 0;
+ uint8_t left_byte;
+ uint8_t right_byte;
__asm__ volatile (
"clc \n\t"
@@ -16042,27 +16040,25 @@
"dec %[i] \n\t"
"brne 1b \n\t"
- "adc %[carry], %[carry] \n\t" /* Store carry bit in l_carry. */
-
+ "adc %[carry], %[carry] \n\t" /* Store carry bit. */
"sbiw r28, " STR(uECC_BYTES) " \n\t" /* Restore Y */
- : "+z" (p_result), "+x" (p_left), [i] "+r" (i),
- [carry] "+r" (l_carry), [left] "=&r" (l_left), [right] "=&r" (l_right)
- : "y" (p_right)
+ : "+z" (result), "+x" (left), [i] "+r" (i),
+ [carry] "+r" (carry), [left] "=&r" (left_byte), [right] "=&r" (right_byte)
+ : "y" (right)
: "cc", "memory"
);
- return l_carry;
+ return carry;
}
#define asm_add 1
#endif
#if !asm_sub
-static uint8_t vli_sub(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static uint8_t vli_sub(uint8_t *result, const uint8_t *left, const uint8_t *right) {
uint8_t i = uECC_BYTES;
- uint8_t l_borrow = 0;
- uint8_t l_left;
- uint8_t l_right;
+ uint8_t borrow = 0;
+ uint8_t left_byte;
+ uint8_t right_byte;
__asm__ volatile (
"clc \n\t"
@@ -16075,37 +16071,33 @@
"dec %[i] \n\t"
"brne 1b \n\t"
- "adc %[borrow], %[borrow] \n\t" /* Store carry bit in l_borrow. */
-
+ "adc %[borrow], %[borrow] \n\t" /* Store carry bit in borrow. */
"sbiw r28, " STR(uECC_BYTES) " \n\t" /* Restore Y */
- : "+z" (p_result), "+x" (p_left), [i] "+r" (i),
- [borrow] "+r" (l_borrow), [left] "=&r" (l_left), [right] "=&r" (l_right)
- : "y" (p_right)
+ : "+z" (result), "+x" (left), [i] "+r" (i),
+ [borrow] "+r" (borrow), [left] "=&r" (left_byte), [right] "=&r" (right_byte)
+ : "y" (right)
: "cc", "memory"
);
- return l_borrow;
+ return borrow;
}
#define asm_sub 1
#endif
#if !asm_mult
__attribute((noinline))
-static void vli_mult(uint8_t *p_result, const uint8_t *p_left, const uint8_t *p_right)
-{
+static void vli_mult(uint8_t *result, const uint8_t *left, const uint8_t *right) {
uint8_t r0 = 0;
uint8_t r1 = 0;
uint8_t r2 = 0;
-
- uint8_t l_zero = 0;
-
+ uint8_t zero = 0;
uint8_t k, i;
__asm__ volatile (
"ldi %[k], 1 \n\t" /* k = 1; k < uECC_BYTES; ++k */
"1: \n\t"
- "ldi %[i], 0 \n\t" /* i=0; i < k; ++i */
+ "ldi %[i], 0 \n\t" /* i = 0; i < k; ++i */
"add r28, %[k] \n\t" /* pre-add right ptr */
"adc r29, %[zero] \n\t"
@@ -16137,10 +16129,10 @@
/* second half */
"ldi %[k], " STR(uECC_BYTES) " \n\t" /* k = uECC_BYTES; k > 0; --k */
- "adiw r28, " STR(uECC_BYTES) " \n\t" /* move right ptr to point at the end of p_right */
+ "adiw r28, " STR(uECC_BYTES) " \n\t" /* move right ptr to point at the end of right */
"1: \n\t"
- "ldi %[i], 0 \n\t" /* i=0; i < k; ++i */
+ "ldi %[i], 0 \n\t" /* i = 0; i < k; ++i */
"2: \n\t"
"ld r0, x+ \n\t"
@@ -16164,22 +16156,21 @@
"mov %[r2], %[zero] \n\t"
"dec %[k] \n\t"
- "sub r26, %[k] \n\t" /* fix up left ptr (after k is decremented, so next time we start 1 higher) */
+ "sub r26, %[k] \n\t" /* fix up left ptr (after k is decremented, so next time
+ we start 1 higher) */
"sbc r27, %[zero] \n\t"
"cpi %[k], 0 \n\t"
"brne 1b \n\t" /* loop if k > 0 */
"st z+, %[r0] \n\t" /* Store last result byte. */
-
"eor r1, r1 \n\t" /* fix r1 to be 0 again */
-
"sbiw r28, " STR(uECC_BYTES) " \n\t" /* Restore Y */
- : "+z" (p_result), "+x" (p_left),
- [r0] "+r" (r0), [r1] "+r" (r1), [r2] "+r" (r2), [zero] "+r" (l_zero),
+ : "+z" (result), "+x" (left),
+ [r0] "+r" (r0), [r1] "+r" (r1), [r2] "+r" (r2), [zero] "+r" (zero),
[k] "=&a" (k), [i] "=&a" (i)
- : "y" (p_right)
+ : "y" (right)
: "r0", "cc", "memory"
);
}
@@ -16188,18 +16179,15 @@
#if uECC_SQUARE_FUNC
#if !asm_square
-static void vli_square(uint8_t *p_result, const uint8_t *p_left)
-{
+static void vli_square(uint8_t *result, const uint8_t *left) {
uint8_t r0 = 0;
uint8_t r1 = 0;
uint8_t r2 = 0;
-
- uint8_t l_zero = 0;
-
+ uint8_t zero = 0;
uint8_t k;
__asm__ volatile (
- "ldi %[k], 1 \n\t" /* k = 1; k < uECC_BYTES*2; ++k */
+ "ldi %[k], 1 \n\t" /* k = 1; k < uECC_BYTES * 2; ++k */
"1: \n\t"
@@ -16223,7 +16211,8 @@
"3: \n\t"
"ld r0, x+ \n\t"
- "cp r26, r30 \n\t" /* if left == right here, then we are done after this mult (and we don't need to double) */
+ "cp r26, r30 \n\t" /* if left == right here, then we are done after this mult
+ (and we don't need to double) */
"breq 4f \n\t"
"ld r1, -z \n\t"
"mul r0, r1 \n\t"
@@ -16248,9 +16237,9 @@
"adc %[r2], %[zero] \n\t"
"5: \n\t"
- "movw r30, %[result] \n\t" /* make z point to result */
- "st z+, %[r0] \n\t" /* Store the result. */
- "movw %[result], r30 \n\t" /* update result ptr*/
+ "movw r30, %[result] \n\t" /* make z point to result */
+ "st z+, %[r0] \n\t" /* Store the result. */
+ "movw %[result], r30 \n\t" /* update result ptr*/
"mov %[r0], %[r1] \n\t"
"mov %[r1], %[r2] \n\t"
"mov %[r2], %[zero] \n\t"
@@ -16261,13 +16250,12 @@
"movw r30, %[result] \n\t" /* make z point to result */
"st z+, %[r0] \n\t" /* Store last result byte. */
-
"eor r1, r1 \n\t" /* fix r1 to be 0 again */
- : [result] "+r" (p_result),
- [r0] "+r" (r0), [r1] "+r" (r1), [r2] "+r" (r2), [zero] "+r" (l_zero),
+ : [result] "+r" (result),
+ [r0] "+r" (r0), [r1] "+r" (r1), [r2] "+r" (r2), [zero] "+r" (zero),
[k] "=&a" (k)
- : [orig] "r" (p_left), [max] "M" (2*uECC_BYTES)
+ : [orig] "r" (left), [max] "M" (2*uECC_BYTES)
: "r0", "r26", "r27", "r30", "r31", "cc", "memory"
);
}
diff --git a/test/ecc_test/ecc_test.ino b/test/ecc_test/ecc_test.ino
index a72c368..8fde301 100644
--- a/test/ecc_test/ecc_test.ino
+++ b/test/ecc_test/ecc_test.ino
@@ -2,95 +2,82 @@
extern "C" {
-static int RNG(uint8_t *p_dest, unsigned p_size)
-{
- // Use the least-significant bits from the ADC for an unconnected pin (or connected to a source of random noise)
- // This can take a long time to generate random data if the result of analogRead(0) doesn't change very frequently.
- while(p_size) {
- uint8_t l_val = 0;
- for(unsigned i=0; i<8; ++i)
- {
- int l_init = analogRead(0);
- int l_count = 0;
- while(analogRead(0) == l_init)
- {
- ++l_count;
+static int RNG(uint8_t *dest, unsigned size) {
+ // Use the least-significant bits from the ADC for an unconnected pin (or connected to a source of
+ // random noise). This can take a long time to generate random data if the result of analogRead(0)
+ // doesn't change very frequently.
+ while (size) {
+ uint8_t val = 0;
+ for (unsigned i = 0; i < 8; ++i) {
+ int init = analogRead(0);
+ int count = 0;
+ while (analogRead(0) == init) {
+ ++count;
}
- if(l_count == 0)
- {
- l_val = (l_val << 1) | (l_init & 0x01);
- }
- else
- {
- l_val = (l_val << 1) | (l_count & 0x01);
+ if (count == 0) {
+ val = (val << 1) | (init & 0x01);
+ } else {
+ val = (val << 1) | (count & 0x01);
}
}
- *p_dest = l_val;
- ++p_dest;
- --p_size;
+ *dest = val;
+ ++dest;
+ --size;
}
-
// NOTE: it would be a good idea to hash the resulting random data using SHA-256 or similar.
return 1;
}
-}
+} // extern "C"
-void setup()
-{
+void setup() {
Serial.begin(115200);
Serial.print("Testing ecc\n");
-
uECC_set_rng(&RNG);
}
void loop() {
- uint8_t l_private1[uECC_BYTES];
- uint8_t l_private2[uECC_BYTES];
+ uint8_t private1[uECC_BYTES];
+ uint8_t private2[uECC_BYTES];
- uint8_t l_public1[uECC_BYTES * 2];
- uint8_t l_public2[uECC_BYTES * 2];
+ uint8_t public1[uECC_BYTES * 2];
+ uint8_t public2[uECC_BYTES * 2];
- uint8_t l_secret1[uECC_BYTES];
- uint8_t l_secret2[uECC_BYTES];
+ uint8_t secret1[uECC_BYTES];
+ uint8_t secret2[uECC_BYTES];
unsigned long a = millis();
- uECC_make_key(l_public1, l_private1);
+ uECC_make_key(public1, private1);
unsigned long b = millis();
Serial.print("Made key 1 in "); Serial.println(b-a);
a = millis();
- uECC_make_key(l_public2, l_private2);
+ uECC_make_key(public2, private2);
b = millis();
Serial.print("Made key 2 in "); Serial.println(b-a);
a = millis();
- int r = uECC_shared_secret(l_public2, l_private1, l_secret1);
+ int r = uECC_shared_secret(public2, private1, secret1);
b = millis();
Serial.print("Shared secret 1 in "); Serial.println(b-a);
- if(!r)
- {
+ if (!r) {
Serial.print("shared_secret() failed (1)\n");
return;
}
a = millis();
- r = uECC_shared_secret(l_public1, l_private2, l_secret2);
+ r = uECC_shared_secret(public1, private2, secret2);
b = millis();
Serial.print("Shared secret 2 in "); Serial.println(b-a);
- if(!r)
- {
+ if (!r) {
Serial.print("shared_secret() failed (2)\n");
return;
}
- if(memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0)
- {
+ if (memcmp(secret1, secret2, sizeof(secret1)) != 0) {
Serial.print("Shared secrets are not identical!\n");
- }
- else
- {
+ } else {
Serial.print("Shared secrets are identical\n");
}
}
diff --git a/test/test_compute.c b/test/test_compute.c
index 88b6703..fe2292e 100644
--- a/test/test_compute.c
+++ b/test/test_compute.c
@@ -5,64 +5,57 @@
#include <stdio.h>
#include <string.h>
-void vli_print(uint8_t *p_vli, unsigned int p_size)
-{
- while(p_size)
- {
- printf("%02X ", (unsigned)p_vli[p_size - 1]);
- --p_size;
+void vli_print(uint8_t *vli, unsigned int size) {
+ while (size) {
+ printf("%02X ", (unsigned)vli[size - 1]);
+ --size;
}
}
-int main()
-{
+int main() {
int i;
int success;
-
- uint8_t l_private[uECC_BYTES];
-
- uint8_t l_public[uECC_BYTES * 2];
- uint8_t l_public_computed[uECC_BYTES * 2];
+ uint8_t private[uECC_BYTES];
+ uint8_t public[uECC_BYTES * 2];
+ uint8_t public_computed[uECC_BYTES * 2];
printf("Testing 256 random private key pairs\n");
-
- for(i=0; i<256; ++i)
- {
+ for (i = 0; i < 256; ++i) {
printf(".");
+ #if !LPC11XX
fflush(stdout);
+ #endif
- int success = uECC_make_key(l_public, l_private);
+ success = uECC_make_key(public, private);
if (!success) {
printf("uECC_make_key() failed\n");
return 1;
}
- success = uECC_compute_public_key(l_private, l_public_computed);
+ success = uECC_compute_public_key(private, public_computed);
if (!success) {
printf("uECC_compute_public_key() failed\n");
}
- if(memcmp(l_public, l_public_computed, sizeof(l_public)) != 0)
- {
+ if (memcmp(public, public_computed, sizeof(public)) != 0) {
printf("Computed and provided public keys are not identical!\n");
printf("Computed public key = ");
- vli_print(l_public_computed, uECC_BYTES);
+ vli_print(public_computed, uECC_BYTES);
printf("\n");
printf("Provided public key = ");
- vli_print(l_public, uECC_BYTES);
+ vli_print(public, uECC_BYTES);
printf("\n");
printf("Private key = ");
- vli_print(l_private, uECC_BYTES);
+ vli_print(private, uECC_BYTES);
printf("\n");
}
}
printf("\n");
-
printf("Testing private key = 0\n");
- memset(l_private, 0, uECC_BYTES);
- success = uECC_compute_public_key(l_private, l_public_computed);
+ memset(private, 0, uECC_BYTES);
+ success = uECC_compute_public_key(private, public_computed);
if (success) {
printf("uECC_compute_public_key() should have failed\n");
}
diff --git a/test/test_ecdh.c b/test/test_ecdh.c
index 4b4176b..2388126 100644
--- a/test/test_ecdh.c
+++ b/test/test_ecdh.c
@@ -11,34 +11,29 @@
#include "/Projects/lpc11xx/peripherals/time.h"
static uint64_t g_rand = 88172645463325252ull;
-int fake_rng(uint8_t *p_dest, unsigned p_size)
-{
- while(p_size)
- {
+int fake_rng(uint8_t *dest, unsigned size) {
+ while (size) {
g_rand ^= (g_rand << 13);
g_rand ^= (g_rand >> 7);
g_rand ^= (g_rand << 17);
- unsigned l_amount = (p_size > 8 ? 8 : p_size);
- memcpy(p_dest, &g_rand, l_amount);
- p_size -= l_amount;
+ unsigned amount = (size > 8 ? 8 : size);
+ memcpy(dest, &g_rand, amount);
+ size -= amount;
}
return 1;
}
#endif
-void vli_print(uint8_t *p_vli, unsigned int p_size)
-{
- while(p_size)
- {
- printf("%02X ", (unsigned)p_vli[p_size - 1]);
- --p_size;
+void vli_print(uint8_t *vli, unsigned int size) {
+ while (size) {
+ printf("%02X ", (unsigned)vli[size - 1]);
+ --size;
}
}
-int main()
-{
+int main() {
#if LPC11XX
uartInit(BAUD_115200);
initTime();
@@ -47,57 +42,49 @@
#endif
int i;
-
- uint8_t l_private1[uECC_BYTES];
- uint8_t l_private2[uECC_BYTES];
-
- uint8_t l_public1[uECC_BYTES * 2];
- uint8_t l_public2[uECC_BYTES * 2];
-
- uint8_t l_secret1[uECC_BYTES];
- uint8_t l_secret2[uECC_BYTES];
+ uint8_t private1[uECC_BYTES];
+ uint8_t private2[uECC_BYTES];
+ uint8_t public1[uECC_BYTES * 2];
+ uint8_t public2[uECC_BYTES * 2];
+ uint8_t secret1[uECC_BYTES];
+ uint8_t secret2[uECC_BYTES];
printf("Testing 256 random private key pairs\n");
- for(i=0; i<256; ++i)
- {
+ for (i = 0; i < 256; ++i) {
printf(".");
#if !LPC11XX
fflush(stdout);
#endif
- if(!uECC_make_key(l_public1, l_private1) || !uECC_make_key(l_public2, l_private2))
- {
+ if (!uECC_make_key(public1, private1) || !uECC_make_key(public2, private2)) {
printf("uECC_make_key() failed\n");
return 1;
}
- if(!uECC_shared_secret(l_public2, l_private1, l_secret1))
- {
+ if (!uECC_shared_secret(public2, private1, secret1)) {
printf("shared_secret() failed (1)\n");
return 1;
}
- if(!uECC_shared_secret(l_public1, l_private2, l_secret2))
- {
+ if (!uECC_shared_secret(public1, private2, secret2)) {
printf("shared_secret() failed (2)\n");
return 1;
}
- if(memcmp(l_secret1, l_secret2, sizeof(l_secret1)) != 0)
- {
+ if (memcmp(secret1, secret2, sizeof(secret1)) != 0) {
printf("Shared secrets are not identical!\n");
printf("Shared secret 1 = ");
- vli_print(l_secret1, uECC_BYTES);
+ vli_print(secret1, uECC_BYTES);
printf("\n");
printf("Shared secret 2 = ");
- vli_print(l_secret2, uECC_BYTES);
+ vli_print(secret2, uECC_BYTES);
printf("\n");
printf("Private key 1 = ");
- vli_print(l_private1, uECC_BYTES);
+ vli_print(private1, uECC_BYTES);
printf("\n");
printf("Private key 2 = ");
- vli_print(l_private2, uECC_BYTES);
+ vli_print(private2, uECC_BYTES);
printf("\n");
}
}
diff --git a/test/test_ecdsa.c b/test/test_ecdsa.c
index 9be3b93..2fc75be 100644
--- a/test/test_ecdsa.c
+++ b/test/test_ecdsa.c
@@ -11,25 +11,22 @@
#include "/Projects/lpc11xx/peripherals/time.h"
static uint64_t g_rand = 88172645463325252ull;
-int fake_rng(uint8_t *p_dest, unsigned p_size)
-{
- while(p_size)
- {
+int fake_rng(uint8_t *dest, unsigned size) {
+ while (size) {
g_rand ^= (g_rand << 13);
g_rand ^= (g_rand >> 7);
g_rand ^= (g_rand << 17);
- unsigned l_amount = (p_size > 8 ? 8 : p_size);
- memcpy(p_dest, &g_rand, l_amount);
- p_size -= l_amount;
+ unsigned amount = (size > 8 ? 8 : size);
+ memcpy(dest, &g_rand, amount);
+ size -= amount;
}
return 1;
}
#endif
-int main()
-{
+int main() {
#if LPC11XX
uartInit(BAUD_115200);
initTime();
@@ -37,39 +34,31 @@
uECC_set_rng(&fake_rng);
#endif
- uint8_t l_public[uECC_BYTES*2];
- uint8_t l_private[uECC_BYTES];
-
- uint8_t l_hash[uECC_BYTES];
-
- uint8_t l_sig[uECC_BYTES*2];
+ uint8_t public[uECC_BYTES * 2];
+ uint8_t private[uECC_BYTES];
+ uint8_t hash[uECC_BYTES];
+ uint8_t sig[uECC_BYTES * 2];
int i;
-
printf("Testing 256 signatures\n");
-
- for(i=0; i<256; ++i)
- {
+ for (i = 0; i < 256; ++i) {
printf(".");
#if !LPC11XX
fflush(stdout);
#endif
- if(!uECC_make_key(l_public, l_private))
- {
+ if (!uECC_make_key(public, private)) {
printf("uECC_make_key() failed\n");
continue;
}
- memcpy(l_hash, l_public, uECC_BYTES);
+ memcpy(hash, public, uECC_BYTES);
- if(!uECC_sign(l_private, l_hash, l_sig))
- {
+ if (!uECC_sign(private, hash, sig)) {
printf("uECC_sign() failed\n");
continue;
}
- if(!uECC_verify(l_public, l_hash, l_sig))
- {
+ if (!uECC_verify(public, hash, sig)) {
printf("uECC_verify() failed\n");
}
}
diff --git a/uECC.c b/uECC.c
index 281922f..4166a18 100644
--- a/uECC.c
+++ b/uECC.c
@@ -49,7 +49,9 @@
#define uECC_WORD_SIZE 1
#endif
-#if (uECC_ASM && (uECC_PLATFORM == uECC_arm || uECC_PLATFORM == uECC_arm_thumb) && (uECC_WORD_SIZE != 4))
+#if (uECC_ASM && \
+ (uECC_PLATFORM == uECC_arm || uECC_PLATFORM == uECC_arm_thumb) && \
+ (uECC_WORD_SIZE != 4))
#pragma message ("uECC_WORD_SIZE must be 4 when using ARM asm")
#undef uECC_WORD_SIZE
#define uECC_WORD_SIZE 4
@@ -200,13 +202,17 @@
#define Curve_P_1 {0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
#define Curve_P_2 {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
-#define Curve_P_3 {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF}
-#define Curve_P_4 {0xFFFFFC2F, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
+#define Curve_P_3 {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, \
+ 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF}
+#define Curve_P_4 {0xFFFFFC2F, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, \
+ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
#define Curve_B_1 {0xC565FA45, 0x81D4D4AD, 0x65ACF89F, 0x54BD7A8B, 0x1C97BEFC}
#define Curve_B_2 {0xC146B9B1, 0xFEB8DEEC, 0x72243049, 0x0FA7E9AB, 0xE59C80E7, 0x64210519}
-#define Curve_B_3 {0x27D2604B, 0x3BCE3C3E, 0xCC53B0F6, 0x651D06B0, 0x769886BC, 0xB3EBBD55, 0xAA3A93E7, 0x5AC635D8}
-#define Curve_B_4 {0x00000007, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}
+#define Curve_B_3 {0x27D2604B, 0x3BCE3C3E, 0xCC53B0F6, 0x651D06B0, \
+ 0x769886BC, 0xB3EBBD55, 0xAA3A93E7, 0x5AC635D8}
+#define Curve_B_4 {0x00000007, 0x00000000, 0x00000000, 0x00000000, \
+ 0x00000000, 0x00000000, 0x00000000, 0x00000000}
#define Curve_G_1 { \
{0x13CBFC82, 0x68C38BB9, 0x46646989, 0x8EF57328, 0x4A96B568}, \
@@ -217,17 +223,23 @@
{0x1E794811, 0x73F977A1, 0x6B24CDD5, 0x631011ED, 0xFFC8DA78, 0x07192B95}}
#define Curve_G_3 { \
- {0xD898C296, 0xF4A13945, 0x2DEB33A0, 0x77037D81, 0x63A440F2, 0xF8BCE6E5, 0xE12C4247, 0x6B17D1F2}, \
- {0x37BF51F5, 0xCBB64068, 0x6B315ECE, 0x2BCE3357, 0x7C0F9E16, 0x8EE7EB4A, 0xFE1A7F9B, 0x4FE342E2}}
+ {0xD898C296, 0xF4A13945, 0x2DEB33A0, 0x77037D81, \
+ 0x63A440F2, 0xF8BCE6E5, 0xE12C4247, 0x6B17D1F2}, \
+ {0x37BF51F5, 0xCBB64068, 0x6B315ECE, 0x2BCE3357, \
+ 0x7C0F9E16, 0x8EE7EB4A, 0xFE1A7F9B, 0x4FE342E2}}
#define Curve_G_4 { \
- {0x16F81798, 0x59F2815B, 0x2DCE28D9, 0x029BFCDB, 0xCE870B07, 0x55A06295, 0xF9DCBBAC, 0x79BE667E}, \
- {0xFB10D4B8, 0x9C47D08F, 0xA6855419, 0xFD17B448, 0x0E1108A8, 0x5DA4FBFC, 0x26A3C465, 0x483ADA77}}
+ {0x16F81798, 0x59F2815B, 0x2DCE28D9, 0x029BFCDB, \
+ 0xCE870B07, 0x55A06295, 0xF9DCBBAC, 0x79BE667E}, \
+ {0xFB10D4B8, 0x9C47D08F, 0xA6855419, 0xFD17B448, \
+ 0x0E1108A8, 0x5DA4FBFC, 0x26A3C465, 0x483ADA77}}
#define Curve_N_1 {0xCA752257, 0xF927AED3, 0x0001F4C8, 0x00000000, 0x00000000, 0x00000001}
#define Curve_N_2 {0xB4D22831, 0x146BC9B1, 0x99DEF836, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
-#define Curve_N_3 {0xFC632551, 0xF3B9CAC2, 0xA7179E84, 0xBCE6FAAD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF}
-#define Curve_N_4 {0xD0364141, 0xBFD25E8C, 0xAF48A03B, 0xBAAEDCE6, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
+#define Curve_N_3 {0xFC632551, 0xF3B9CAC2, 0xA7179E84, 0xBCE6FAAD, \
+ 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF}
+#define Curve_N_4 {0xD0364141, 0xBFD25E8C, 0xAF48A03B, 0xBAAEDCE6, \
+ 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
#elif (uECC_WORD_SIZE == 8)
@@ -257,13 +269,17 @@
#define Curve_P_1 {0xFFFFFFFF7FFFFFFFull, 0xFFFFFFFFFFFFFFFFull, 0x00000000FFFFFFFFull}
#define Curve_P_2 {0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFEull, 0xFFFFFFFFFFFFFFFFull}
-#define Curve_P_3 {0xFFFFFFFFFFFFFFFFull, 0x00000000FFFFFFFFull, 0x0000000000000000ull, 0xFFFFFFFF00000001ull}
-#define Curve_P_4 {0xFFFFFFFEFFFFFC2Full, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull}
+#define Curve_P_3 {0xFFFFFFFFFFFFFFFFull, 0x00000000FFFFFFFFull, \
+ 0x0000000000000000ull, 0xFFFFFFFF00000001ull}
+#define Curve_P_4 {0xFFFFFFFEFFFFFC2Full, 0xFFFFFFFFFFFFFFFFull, \
+ 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull}
#define Curve_B_1 {0x81D4D4ADC565FA45ull, 0x54BD7A8B65ACF89Full, 0x000000001C97BEFCull}
#define Curve_B_2 {0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, 0x64210519E59C80E7ull}
-#define Curve_B_3 {0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull}
-#define Curve_B_4 {0x0000000000000007ull, 0x0000000000000000ull, 0x0000000000000000ull, 0x0000000000000000ull}
+#define Curve_B_3 {0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, \
+ 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull}
+#define Curve_B_4 {0x0000000000000007ull, 0x0000000000000000ull, \
+ 0x0000000000000000ull, 0x0000000000000000ull}
#define Curve_G_1 { \
{0x68C38BB913CBFC82ull, 0x8EF5732846646989ull, 0x000000004A96B568ull}, \
@@ -278,21 +294,22 @@
{0xCBB6406837BF51F5ull, 0x2BCE33576B315ECEull, 0x8EE7EB4A7C0F9E16ull, 0x4FE342E2FE1A7F9Bull}}
#define Curve_G_4 { \
- {0x59F2815B16F81798, 0x029BFCDB2DCE28D9, 0x55A06295CE870B07, 0x79BE667EF9DCBBAC}, \
- {0x9C47D08FFB10D4B8, 0xFD17B448A6855419, 0x5DA4FBFC0E1108A8, 0x483ADA7726A3C465}}
+ {0x59F2815B16F81798ull, 0x029BFCDB2DCE28D9ull, 0x55A06295CE870B07ull, 0x79BE667EF9DCBBACull}, \
+ {0x9C47D08FFB10D4B8ull, 0xFD17B448A6855419ull, 0x5DA4FBFC0E1108A8ull, 0x483ADA7726A3C465ull}}
#define Curve_N_1 {0xF927AED3CA752257ull, 0x000000000001F4C8ull, 0x0000000100000000ull}
#define Curve_N_2 {0x146BC9B1B4D22831ull, 0xFFFFFFFF99DEF836ull, 0xFFFFFFFFFFFFFFFFull}
-#define Curve_N_3 {0xF3B9CAC2FC632551ull, 0xBCE6FAADA7179E84ull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull}
-#define Curve_N_4 {0xBFD25E8CD0364141, 0xBAAEDCE6AF48A03B, 0xFFFFFFFFFFFFFFFE, 0xFFFFFFFFFFFFFFFF}
+#define Curve_N_3 {0xF3B9CAC2FC632551ull, 0xBCE6FAADA7179E84ull, \
+ 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull}
+#define Curve_N_4 {0xBFD25E8CD0364141ull, 0xBAAEDCE6AF48A03Bull, \
+ 0xFFFFFFFFFFFFFFFEull, 0xFFFFFFFFFFFFFFFFull}
#endif /* (uECC_WORD_SIZE == 8) */
#define uECC_WORDS uECC_CONCAT(uECC_WORDS_, uECC_CURVE)
#define uECC_N_WORDS uECC_CONCAT(uECC_N_WORDS_, uECC_CURVE)
-typedef struct EccPoint
-{
+typedef struct EccPoint {
uECC_word_t x[uECC_WORDS];
uECC_word_t y[uECC_WORDS];
} EccPoint;
@@ -310,13 +327,25 @@
static cmpresult_t vli_cmp(const uECC_word_t *p_left, const uECC_word_t *p_right);
static cmpresult_t vli_equal(const uECC_word_t *p_left, const uECC_word_t *p_right);
static void vli_rshift1(uECC_word_t *p_vli);
-static uECC_word_t vli_add(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right);
-static uECC_word_t vli_sub(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right);
+static uECC_word_t vli_add(uECC_word_t *p_result,
+ const uECC_word_t *p_left,
+ const uECC_word_t *p_right);
+static uECC_word_t vli_sub(uECC_word_t *p_result,
+ const uECC_word_t *p_left,
+ const uECC_word_t *p_right);
static void vli_mult(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right);
-static void vli_modAdd(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right, const uECC_word_t *p_mod);
-static void vli_modSub(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right, const uECC_word_t *p_mod);
+static void vli_modAdd(uECC_word_t *p_result,
+ const uECC_word_t *p_left,
+ const uECC_word_t *p_right,
+ const uECC_word_t *p_mod);
+static void vli_modSub(uECC_word_t *p_result,
+ const uECC_word_t *p_left,
+ const uECC_word_t *p_right,
+ const uECC_word_t *p_mod);
static void vli_mmod_fast(uECC_word_t *RESTRICT p_result, uECC_word_t *RESTRICT p_product);
-static void vli_modMult_fast(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right);
+static void vli_modMult_fast(uECC_word_t *p_result,
+ const uECC_word_t *p_left,
+ const uECC_word_t *p_right);
static void vli_modInv(uECC_word_t *p_result, const uECC_word_t *p_input, const uECC_word_t *p_mod);
#if uECC_SQUARE_FUNC
static void vli_square(uECC_word_t *p_result, const uECC_word_t *p_left);
@@ -330,17 +359,14 @@
#include <windows.h>
#include <wincrypt.h>
-static int default_RNG(uint8_t *p_dest, unsigned p_size)
-{
- HCRYPTPROV l_prov;
- if(!CryptAcquireContext(&l_prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
- {
+static int default_RNG(uint8_t *dest, unsigned size) {
+ HCRYPTPROV prov;
+ if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
return 0;
}
- CryptGenRandom(l_prov, p_size, (BYTE *)p_dest);
- CryptReleaseContext(l_prov, 0);
-
+ CryptGenRandom(prov, size, (BYTE *)dest);
+ CryptReleaseContext(prov, 0);
return 1;
}
@@ -356,50 +382,43 @@
#define O_CLOEXEC 0
#endif
-static int default_RNG(uint8_t *p_dest, unsigned p_size)
-{
- int l_fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
- if(l_fd == -1)
- {
- l_fd = open("/dev/random", O_RDONLY | O_CLOEXEC);
- if(l_fd == -1)
- {
+static int default_RNG(uint8_t *dest, unsigned size) {
+ int fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
+ if (fd == -1) {
+ fd = open("/dev/random", O_RDONLY | O_CLOEXEC);
+ if (fd == -1) {
return 0;
}
}
- char *l_ptr = (char *)p_dest;
- size_t l_left = p_size;
- while(l_left > 0)
- {
- ssize_t l_read = read(l_fd, l_ptr, l_left);
- if(l_read <= 0)
- { // read failed
- close(l_fd);
+ char *ptr = (char *)dest;
+ size_t left = size;
+ while (left > 0) {
+ ssize_t bytes_read = read(fd, ptr, left);
+ if (bytes_read <= 0) { // read failed
+ close(fd);
return 0;
}
- l_left -= l_read;
- l_ptr += l_read;
+ left -= bytes_read;
+ ptr += bytes_read;
}
- close(l_fd);
+ close(fd);
return 1;
}
#else /* Some other platform */
-static int default_RNG(uint8_t *p_dest, unsigned p_size)
-{
+static int default_RNG(uint8_t *dest, unsigned size) {
return 0;
}
#endif
-static uECC_RNG_Function g_rng = &default_RNG;
+static uECC_RNG_Function g_rng_function = &default_RNG;
-void uECC_set_rng(uECC_RNG_Function p_rng)
-{
- g_rng = p_rng;
+void uECC_set_rng(uECC_RNG_Function rng_function) {
+ g_rng_function = rng_function;
}
#ifdef __GNUC__ /* Only support GCC inline asm for now */
@@ -407,31 +426,27 @@
#include "asm_avr.inc"
#endif
- #if (uECC_ASM && (uECC_PLATFORM == uECC_arm || uECC_PLATFORM == uECC_arm_thumb || uECC_PLATFORM == uECC_arm_thumb2))
+ #if (uECC_ASM && (uECC_PLATFORM == uECC_arm || uECC_PLATFORM == uECC_arm_thumb || \
+ uECC_PLATFORM == uECC_arm_thumb2))
#include "asm_arm.inc"
#endif
#endif
#if !asm_clear
-static void vli_clear(uECC_word_t *p_vli)
-{
+static void vli_clear(uECC_word_t *vli) {
wordcount_t i;
- for(i = 0; i < uECC_WORDS; ++i)
- {
- p_vli[i] = 0;
+ for (i = 0; i < uECC_WORDS; ++i) {
+ vli[i] = 0;
}
}
#endif
-/* Returns 1 if p_vli == 0, 0 otherwise. */
+/* Returns 1 if vli == 0, 0 otherwise. */
#if !asm_isZero
-static uECC_word_t vli_isZero(const uECC_word_t *p_vli)
-{
+static uECC_word_t vli_isZero(const uECC_word_t *vli) {
wordcount_t i;
- for(i = 0; i < uECC_WORDS; ++i)
- {
- if(p_vli[i])
- {
+ for (i = 0; i < uECC_WORDS; ++i) {
+ if (vli[i]) {
return 0;
}
}
@@ -439,75 +454,62 @@
}
#endif
-/* Returns nonzero if bit p_bit of p_vli is set. */
+/* Returns nonzero if bit 'bit' of vli is set. */
#if !asm_testBit
-static uECC_word_t vli_testBit(const uECC_word_t *p_vli, bitcount_t p_bit)
-{
- return (p_vli[p_bit >> uECC_WORD_BITS_SHIFT] & ((uECC_word_t)1 << (p_bit & uECC_WORD_BITS_MASK)));
+static uECC_word_t vli_testBit(const uECC_word_t *vli, bitcount_t bit) {
+ return (vli[bit >> uECC_WORD_BITS_SHIFT] & ((uECC_word_t)1 << (bit & uECC_WORD_BITS_MASK)));
}
#endif
-/* Counts the number of words in p_vli. */
+/* Counts the number of words in vli. */
#if !asm_numBits
-static wordcount_t vli_numDigits(const uECC_word_t *p_vli, wordcount_t p_maxWords)
-{
+static wordcount_t vli_numDigits(const uECC_word_t *vli, wordcount_t max_words) {
swordcount_t i;
/* Search from the end until we find a non-zero digit.
We do it in reverse because we expect that most digits will be nonzero. */
- for(i = p_maxWords-1; i >= 0 && p_vli[i] == 0; --i)
- {
+ for (i = max_words - 1; i >= 0 && vli[i] == 0; --i) {
}
return (i + 1);
}
-/* Counts the number of bits required to represent p_vli. */
-static bitcount_t vli_numBits(const uECC_word_t *p_vli, wordcount_t p_maxWords)
-{
+/* Counts the number of bits required to represent vli. */
+static bitcount_t vli_numBits(const uECC_word_t *vli, wordcount_t max_words) {
uECC_word_t i;
- uECC_word_t l_digit;
+ uECC_word_t digit;
- wordcount_t l_numDigits = vli_numDigits(p_vli, p_maxWords);
- if(l_numDigits == 0)
- {
+ wordcount_t num_digits = vli_numDigits(vli, max_words);
+ if (num_digits == 0) {
return 0;
}
- l_digit = p_vli[l_numDigits - 1];
- for(i = 0; l_digit; ++i)
- {
- l_digit >>= 1;
+ digit = vli[num_digits - 1];
+ for (i = 0; digit; ++i) {
+ digit >>= 1;
}
- return (((bitcount_t)(l_numDigits - 1) << uECC_WORD_BITS_SHIFT) + i);
+ return (((bitcount_t)(num_digits - 1) << uECC_WORD_BITS_SHIFT) + i);
}
#endif /* !asm_numBits */
-/* Sets p_dest = p_src. */
+/* Sets dest = src. */
#if !asm_set
-static void vli_set(uECC_word_t *p_dest, const uECC_word_t *p_src)
-{
+static void vli_set(uECC_word_t *dest, const uECC_word_t *src) {
wordcount_t i;
- for(i=0; i<uECC_WORDS; ++i)
- {
- p_dest[i] = p_src[i];
+ for (i = 0; i < uECC_WORDS; ++i) {
+ dest[i] = src[i];
}
}
#endif
-/* Returns sign of p_left - p_right. */
+/* Returns sign of left - right. */
#if !asm_cmp
-static cmpresult_t vli_cmp(const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
+static cmpresult_t vli_cmp(const uECC_word_t *left, const uECC_word_t *right) {
swordcount_t i;
- for(i = uECC_WORDS-1; i >= 0; --i)
- {
- if(p_left[i] > p_right[i])
- {
+ for (i = uECC_WORDS - 1; i >= 0; --i) {
+ if (left[i] > right[i]) {
return 1;
- }
- else if(p_left[i] < p_right[i])
- {
+ } else if (left[i] < right[i]) {
return -1;
}
}
@@ -515,77 +517,68 @@
}
#endif
-static cmpresult_t vli_equal(const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_result = 0;
-
+static cmpresult_t vli_equal(const uECC_word_t *left, const uECC_word_t *right) {
+ uECC_word_t result = 0;
swordcount_t i;
- for(i = uECC_WORDS-1; i >= 0; --i)
- {
- l_result |= (p_left[i] ^ p_right[i]);
+ for (i = uECC_WORDS - 1; i >= 0; --i) {
+ result |= (left[i] ^ right[i]);
}
-
- return (l_result == 0);
+ return (result == 0);
}
-/* Computes p_vli = p_vli >> 1. */
+/* Computes vli = vli >> 1. */
#if !asm_rshift1
-static void vli_rshift1(uECC_word_t *p_vli)
-{
- uECC_word_t *l_end = p_vli;
- uECC_word_t l_carry = 0;
+static void vli_rshift1(uECC_word_t *vli) {
+ uECC_word_t *end = vli;
+ uECC_word_t carry = 0;
- p_vli += uECC_WORDS;
- while(p_vli-- > l_end)
- {
- uECC_word_t l_temp = *p_vli;
- *p_vli = (l_temp >> 1) | l_carry;
- l_carry = l_temp << (uECC_WORD_BITS - 1);
+ vli += uECC_WORDS;
+ while (vli-- > end) {
+ uECC_word_t temp = *vli;
+ *vli = (temp >> 1) | carry;
+ carry = temp << (uECC_WORD_BITS - 1);
}
}
#endif
-/* Computes p_result = p_left + p_right, returning carry. Can modify in place. */
+/* Computes result = left + right, returning carry. Can modify in place. */
#if !asm_add
-static uECC_word_t vli_add(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_carry = 0;
+static uECC_word_t vli_add(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
+ uECC_word_t carry = 0;
wordcount_t i;
- for(i = 0; i < uECC_WORDS; ++i)
- {
- uECC_word_t l_sum = p_left[i] + p_right[i] + l_carry;
- if(l_sum != p_left[i])
- {
- l_carry = (l_sum < p_left[i]);
+ for (i = 0; i < uECC_WORDS; ++i) {
+ uECC_word_t sum = left[i] + right[i] + carry;
+ if (sum != left[i]) {
+ carry = (sum < left[i]);
}
- p_result[i] = l_sum;
+ result[i] = sum;
}
- return l_carry;
+ return carry;
}
#endif
-/* Computes p_result = p_left - p_right, returning borrow. Can modify in place. */
+/* Computes result = left - right, returning borrow. Can modify in place. */
#if !asm_sub
-static uECC_word_t vli_sub(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_borrow = 0;
+static uECC_word_t vli_sub(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
+ uECC_word_t borrow = 0;
wordcount_t i;
- for(i = 0; i < uECC_WORDS; ++i)
- {
- uECC_word_t l_diff = p_left[i] - p_right[i] - l_borrow;
- if(l_diff != p_left[i])
- {
- l_borrow = (l_diff > p_left[i]);
+ for (i = 0; i < uECC_WORDS; ++i) {
+ uECC_word_t diff = left[i] - right[i] - borrow;
+ if (diff != left[i]) {
+ borrow = (diff > left[i]);
}
- p_result[i] = l_diff;
+ result[i] = diff;
}
- return l_borrow;
+ return borrow;
}
#endif
#if (!asm_mult || !asm_square || uECC_CURVE == uECC_secp256k1)
-static void muladd(uECC_word_t a, uECC_word_t b, uECC_word_t *r0, uECC_word_t *r1, uECC_word_t *r2)
-{
+static void muladd(uECC_word_t a,
+ uECC_word_t b,
+ uECC_word_t *r0,
+ uECC_word_t *r1,
+ uECC_word_t *r2) {
#if uECC_WORD_SIZE == 8 && !SUPPORTS_INT128
uint64_t a0 = a & 0xffffffffull;
uint64_t a1 = a >> 32;
@@ -601,8 +594,7 @@
i2 += (i0 >> 32);
i2 += i1;
- if(i2 < i1)
- { // overflow
+ if (i2 < i1) { // overflow
i3 += 0x100000000ull;
}
@@ -625,47 +617,43 @@
#endif
#if !asm_mult
-static void vli_mult(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
+static void vli_mult(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
uECC_word_t r0 = 0;
uECC_word_t r1 = 0;
uECC_word_t r2 = 0;
-
wordcount_t i, k;
- /* Compute each digit of p_result in sequence, maintaining the carries. */
- for(k = 0; k < uECC_WORDS; ++k)
- {
- for(i = 0; i <= k; ++i)
- {
- muladd(p_left[i], p_right[k-i], &r0, &r1, &r2);
+ /* Compute each digit of result in sequence, maintaining the carries. */
+ for (k = 0; k < uECC_WORDS; ++k) {
+ for (i = 0; i <= k; ++i) {
+ muladd(left[i], right[k - i], &r0, &r1, &r2);
}
- p_result[k] = r0;
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
- for(k = uECC_WORDS; k < uECC_WORDS*2 - 1; ++k)
- {
- for(i = (k + 1) - uECC_WORDS; i<uECC_WORDS; ++i)
- {
- muladd(p_left[i], p_right[k-i], &r0, &r1, &r2);
+ for (k = uECC_WORDS; k < uECC_WORDS * 2 - 1; ++k) {
+ for (i = (k + 1) - uECC_WORDS; i < uECC_WORDS; ++i) {
+ muladd(left[i], right[k - i], &r0, &r1, &r2);
}
- p_result[k] = r0;
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
-
- p_result[uECC_WORDS*2 - 1] = r0;
+ result[uECC_WORDS * 2 - 1] = r0;
}
#endif
#if uECC_SQUARE_FUNC
#if !asm_square
-static void mul2add(uECC_word_t a, uECC_word_t b, uECC_word_t *r0, uECC_word_t *r1, uECC_word_t *r2)
-{
+static void mul2add(uECC_word_t a,
+ uECC_word_t b,
+ uECC_word_t *r0,
+ uECC_word_t *r1,
+ uECC_word_t *r2) {
#if uECC_WORD_SIZE == 8 && !SUPPORTS_INT128
uint64_t a0 = a & 0xffffffffull;
uint64_t a1 = a >> 32;
@@ -681,7 +669,7 @@
i2 += (i0 >> 32);
i2 += i1;
- if(i2 < i1)
+ if (i2 < i1)
{ // overflow
i3 += 0x100000000ull;
}
@@ -708,35 +696,29 @@
#endif
}
-static void vli_square(uECC_word_t *p_result, const uECC_word_t *p_left)
-{
+static void vli_square(uECC_word_t *result, const uECC_word_t *left) {
uECC_word_t r0 = 0;
uECC_word_t r1 = 0;
uECC_word_t r2 = 0;
wordcount_t i, k;
- for(k = 0; k < uECC_WORDS*2 - 1; ++k)
- {
- uECC_word_t l_min = (k < uECC_WORDS ? 0 : (k + 1) - uECC_WORDS);
- for(i = l_min; i<=k && i<=k-i; ++i)
- {
- if(i < k-i)
- {
- mul2add(p_left[i], p_left[k-i], &r0, &r1, &r2);
- }
- else
- {
- muladd(p_left[i], p_left[k-i], &r0, &r1, &r2);
+ for (k = 0; k < uECC_WORDS * 2 - 1; ++k) {
+ uECC_word_t min = (k < uECC_WORDS ? 0 : (k + 1) - uECC_WORDS);
+ for (i = min; i <= k && i <= k - i; ++i) {
+ if (i < k-i) {
+ mul2add(left[i], left[k - i], &r0, &r1, &r2);
+ } else {
+ muladd(left[i], left[k - i], &r0, &r1, &r2);
}
}
- p_result[k] = r0;
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
- p_result[uECC_WORDS*2 - 1] = r0;
+ result[uECC_WORDS * 2 - 1] = r0;
}
#endif
@@ -747,29 +729,33 @@
#endif /* uECC_SQUARE_FUNC */
-/* Computes p_result = (p_left + p_right) % p_mod.
- Assumes that p_left < p_mod and p_right < p_mod, p_result != p_mod. */
+/* Computes result = (left + right) % mod.
+ Assumes that left < mod and right < mod, and that result does not overlap mod. */
#if !asm_modAdd
-static void vli_modAdd(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right, const uECC_word_t *p_mod)
-{
- uECC_word_t l_carry = vli_add(p_result, p_left, p_right);
- if(l_carry || vli_cmp(p_result, p_mod) >= 0)
- { /* p_result > p_mod (p_result = p_mod + remainder), so subtract p_mod to get remainder. */
- vli_sub(p_result, p_result, p_mod);
+static void vli_modAdd(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right,
+ const uECC_word_t *mod) {
+ uECC_word_t carry = vli_add(result, left, right);
+ if (carry || vli_cmp(result, mod) >= 0) {
+ /* result > mod (result = mod + remainder), so subtract mod to get remainder. */
+ vli_sub(result, result, mod);
}
}
#endif
-/* Computes p_result = (p_left - p_right) % p_mod.
- Assumes that p_left < p_mod and p_right < p_mod, p_result != p_mod. */
+/* Computes result = (left - right) % mod.
+ Assumes that left < mod and right < mod, and that result does not overlap mod. */
#if !asm_modSub
-static void vli_modSub(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right, const uECC_word_t *p_mod)
-{
- uECC_word_t l_borrow = vli_sub(p_result, p_left, p_right);
- if(l_borrow)
- { /* In this case, p_result == -diff == (max int) - diff.
- Since -x % d == d - x, we can get the correct result from p_result + p_mod (with overflow). */
- vli_add(p_result, p_result, p_mod);
+static void vli_modSub(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right,
+ const uECC_word_t *mod) {
+ uECC_word_t l_borrow = vli_sub(result, left, right);
+ if (l_borrow) {
+ /* In this case, result == -diff == (max int) - diff. Since -x % d == d - x,
+ we can get the correct result from result + mod (with overflow). */
+ vli_add(result, result, mod);
}
}
#endif
@@ -782,36 +768,32 @@
#if (uECC_CURVE == uECC_secp160r1 || uECC_CURVE == uECC_secp256k1)
/* omega_mult() is defined farther below for the different curves / word sizes */
-static void omega_mult(uECC_word_t * RESTRICT p_result, const uECC_word_t * RESTRICT p_right);
+static void omega_mult(uECC_word_t * RESTRICT result, const uECC_word_t * RESTRICT right);
-/* Computes p_result = p_product % curve_p
+/* Computes result = product % curve_p
see http://www.isys.uni-klu.ac.at/PDF/2001-0126-MT.pdf page 354
- Note that this only works if log2(omega) < log2(p)/2 */
-static void vli_mmod_fast(uECC_word_t *RESTRICT p_result, uECC_word_t *RESTRICT p_product)
-{
- uECC_word_t l_tmp[2*uECC_WORDS];
- uECC_word_t l_carry;
+ Note that this only works if log2(omega) < log2(p) / 2 */
+static void vli_mmod_fast(uECC_word_t *RESTRICT result, uECC_word_t *RESTRICT product) {
+ uECC_word_t tmp[2 * uECC_WORDS];
+ uECC_word_t carry;
- vli_clear(l_tmp);
- vli_clear(l_tmp + uECC_WORDS);
+ vli_clear(tmp);
+ vli_clear(tmp + uECC_WORDS);
- omega_mult(l_tmp, p_product + uECC_WORDS); /* (Rq, q) = q * c */
+ omega_mult(tmp, product + uECC_WORDS); /* (Rq, q) = q * c */
- l_carry = vli_add(p_result, p_product, l_tmp); /* (C, r) = r + q */
- vli_clear(p_product);
- omega_mult(p_product, l_tmp + uECC_WORDS); /* Rq*c */
- l_carry += vli_add(p_result, p_result, p_product); /* (C1, r) = r + Rq*c */
+ carry = vli_add(result, product, tmp); /* (C, r) = r + q */
+ vli_clear(product);
+ omega_mult(product, tmp + uECC_WORDS); /* Rq*c */
+ carry += vli_add(result, result, product); /* (C1, r) = r + Rq*c */
- while(l_carry > 0)
- {
- --l_carry;
- vli_sub(p_result, p_result, curve_p);
+ while (carry > 0) {
+ --carry;
+ vli_sub(result, result, curve_p);
}
-
- if(vli_cmp(p_result, curve_p) > 0)
- {
- vli_sub(p_result, p_result, curve_p);
+ if (vli_cmp(result, curve_p) > 0) {
+ vli_sub(result, result, curve_p);
}
}
@@ -820,435 +802,407 @@
#if uECC_CURVE == uECC_secp160r1
#if uECC_WORD_SIZE == 1
-static void omega_mult(uint8_t * RESTRICT p_result, const uint8_t * RESTRICT p_right)
-{
- uint8_t l_carry;
+static void omega_mult(uint8_t * RESTRICT result, const uint8_t * RESTRICT right) {
+ uint8_t carry;
uint8_t i;
/* Multiply by (2^31 + 1). */
- vli_set(p_result + 4, p_right); /* 2^32 */
- vli_rshift1(p_result + 4); /* 2^31 */
- p_result[3] = p_right[0] << 7; /* get last bit from shift */
+ vli_set(result + 4, right); /* 2^32 */
+ vli_rshift1(result + 4); /* 2^31 */
+ result[3] = right[0] << 7; /* get last bit from shift */
- l_carry = vli_add(p_result, p_result, p_right); /* 2^31 + 1 */
- for(i = uECC_WORDS; l_carry; ++i)
- {
- uint16_t l_sum = (uint16_t)p_result[i] + l_carry;
- p_result[i] = (uint8_t)l_sum;
- l_carry = l_sum >> 8;
+ carry = vli_add(result, result, right); /* 2^31 + 1 */
+ for (i = uECC_WORDS; carry; ++i) {
+ uint16_t sum = (uint16_t)result[i] + carry;
+ result[i] = (uint8_t)sum;
+ carry = sum >> 8;
}
}
#elif uECC_WORD_SIZE == 4
-static void omega_mult(uint32_t * RESTRICT p_result, const uint32_t * RESTRICT p_right)
-{
- uint32_t l_carry;
+static void omega_mult(uint32_t * RESTRICT result, const uint32_t * RESTRICT right) {
+ uint32_t carry;
unsigned i;
/* Multiply by (2^31 + 1). */
- vli_set(p_result + 1, p_right); /* 2^32 */
- vli_rshift1(p_result + 1); /* 2^31 */
- p_result[0] = p_right[0] << 31; /* get last bit from shift */
+ vli_set(result + 1, right); /* 2^32 */
+ vli_rshift1(result + 1); /* 2^31 */
+ result[0] = right[0] << 31; /* get last bit from shift */
- l_carry = vli_add(p_result, p_result, p_right); /* 2^31 + 1 */
- for(i = uECC_WORDS; l_carry; ++i)
- {
- uint64_t l_sum = (uint64_t)p_result[i] + l_carry;
- p_result[i] = (uint32_t)l_sum;
- l_carry = l_sum >> 32;
+ carry = vli_add(result, result, right); /* 2^31 + 1 */
+ for (i = uECC_WORDS; carry; ++i) {
+ uint64_t sum = (uint64_t)result[i] + carry;
+ result[i] = (uint32_t)sum;
+ carry = sum >> 32;
}
}
#endif /* uECC_WORD_SIZE */
#elif uECC_CURVE == uECC_secp192r1
-/* Computes p_result = p_product % curve_p.
+/* Computes result = product % curve_p.
See algorithm 5 and 6 from http://www.isys.uni-klu.ac.at/PDF/2001-0126-MT.pdf */
#if uECC_WORD_SIZE == 1
-static void vli_mmod_fast(uint8_t *RESTRICT p_result, uint8_t *RESTRICT p_product)
-{
- uint8_t l_tmp[uECC_WORDS];
- uint8_t l_carry;
+static void vli_mmod_fast(uint8_t *RESTRICT result, uint8_t *RESTRICT product) {
+ uint8_t tmp[uECC_WORDS];
+ uint8_t carry;
- vli_set(p_result, p_product);
+ vli_set(result, product);
- vli_set(l_tmp, &p_product[24]);
- l_carry = vli_add(p_result, p_result, l_tmp);
+ vli_set(tmp, &product[24]);
+ carry = vli_add(result, result, tmp);
- l_tmp[0] = l_tmp[1] = l_tmp[2] = l_tmp[3] = l_tmp[4] = l_tmp[5] = l_tmp[6] = l_tmp[7] = 0;
- l_tmp[8] = p_product[24]; l_tmp[9] = p_product[25]; l_tmp[10] = p_product[26]; l_tmp[11] = p_product[27];
- l_tmp[12] = p_product[28]; l_tmp[13] = p_product[29]; l_tmp[14] = p_product[30]; l_tmp[15] = p_product[31];
- l_tmp[16] = p_product[32]; l_tmp[17] = p_product[33]; l_tmp[18] = p_product[34]; l_tmp[19] = p_product[35];
- l_tmp[20] = p_product[36]; l_tmp[21] = p_product[37]; l_tmp[22] = p_product[38]; l_tmp[23] = p_product[39];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[1] = tmp[2] = tmp[3] = tmp[4] = tmp[5] = tmp[6] = tmp[7] = 0;
+ tmp[8] = product[24]; tmp[9] = product[25]; tmp[10] = product[26]; tmp[11] = product[27];
+ tmp[12] = product[28]; tmp[13] = product[29]; tmp[14] = product[30]; tmp[15] = product[31];
+ tmp[16] = product[32]; tmp[17] = product[33]; tmp[18] = product[34]; tmp[19] = product[35];
+ tmp[20] = product[36]; tmp[21] = product[37]; tmp[22] = product[38]; tmp[23] = product[39];
+ carry += vli_add(result, result, tmp);
- l_tmp[0] = l_tmp[8] = p_product[40];
- l_tmp[1] = l_tmp[9] = p_product[41];
- l_tmp[2] = l_tmp[10] = p_product[42];
- l_tmp[3] = l_tmp[11] = p_product[43];
- l_tmp[4] = l_tmp[12] = p_product[44];
- l_tmp[5] = l_tmp[13] = p_product[45];
- l_tmp[6] = l_tmp[14] = p_product[46];
- l_tmp[7] = l_tmp[15] = p_product[47];
- l_tmp[16] = l_tmp[17] = l_tmp[18] = l_tmp[19] = l_tmp[20] = l_tmp[21] = l_tmp[22] = l_tmp[23] = 0;
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[8] = product[40];
+ tmp[1] = tmp[9] = product[41];
+ tmp[2] = tmp[10] = product[42];
+ tmp[3] = tmp[11] = product[43];
+ tmp[4] = tmp[12] = product[44];
+ tmp[5] = tmp[13] = product[45];
+ tmp[6] = tmp[14] = product[46];
+ tmp[7] = tmp[15] = product[47];
+ tmp[16] = tmp[17] = tmp[18] = tmp[19] = tmp[20] = tmp[21] = tmp[22] = tmp[23] = 0;
+ carry += vli_add(result, result, tmp);
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
#elif uECC_WORD_SIZE == 4
-static void vli_mmod_fast(uint32_t *RESTRICT p_result, uint32_t *RESTRICT p_product)
-{
- uint32_t l_tmp[uECC_WORDS];
- int l_carry;
+static void vli_mmod_fast(uint32_t *RESTRICT result, uint32_t *RESTRICT product) {
+ uint32_t tmp[uECC_WORDS];
+ int carry;
- vli_set(p_result, p_product);
+ vli_set(result, product);
- vli_set(l_tmp, &p_product[6]);
- l_carry = vli_add(p_result, p_result, l_tmp);
+ vli_set(tmp, &product[6]);
+ carry = vli_add(result, result, tmp);
- l_tmp[0] = l_tmp[1] = 0;
- l_tmp[2] = p_product[6];
- l_tmp[3] = p_product[7];
- l_tmp[4] = p_product[8];
- l_tmp[5] = p_product[9];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[1] = 0;
+ tmp[2] = product[6];
+ tmp[3] = product[7];
+ tmp[4] = product[8];
+ tmp[5] = product[9];
+ carry += vli_add(result, result, tmp);
- l_tmp[0] = l_tmp[2] = p_product[10];
- l_tmp[1] = l_tmp[3] = p_product[11];
- l_tmp[4] = l_tmp[5] = 0;
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[2] = product[10];
+ tmp[1] = tmp[3] = product[11];
+ tmp[4] = tmp[5] = 0;
+ carry += vli_add(result, result, tmp);
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
#else
-static void vli_mmod_fast(uint64_t *RESTRICT p_result, uint64_t *RESTRICT p_product)
-{
- uint64_t l_tmp[uECC_WORDS];
- int l_carry;
+static void vli_mmod_fast(uint64_t *RESTRICT result, uint64_t *RESTRICT product) {
+ uint64_t tmp[uECC_WORDS];
+ int carry;
- vli_set(p_result, p_product);
+ vli_set(result, product);
- vli_set(l_tmp, &p_product[3]);
- l_carry = vli_add(p_result, p_result, l_tmp);
+ vli_set(tmp, &product[3]);
+ carry = vli_add(result, result, tmp);
- l_tmp[0] = 0;
- l_tmp[1] = p_product[3];
- l_tmp[2] = p_product[4];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = 0;
+ tmp[1] = product[3];
+ tmp[2] = product[4];
+ carry += vli_add(result, result, tmp);
- l_tmp[0] = l_tmp[1] = p_product[5];
- l_tmp[2] = 0;
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[1] = product[5];
+ tmp[2] = 0;
+ carry += vli_add(result, result, tmp);
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
#endif /* uECC_WORD_SIZE */
#elif uECC_CURVE == uECC_secp256r1
-/* Computes p_result = p_product % curve_p
+/* Computes result = product % curve_p
from http://www.nsa.gov/ia/_files/nist-routines.pdf */
#if uECC_WORD_SIZE == 1
-static void vli_mmod_fast(uint8_t *RESTRICT p_result, uint8_t *RESTRICT p_product)
-{
- uint8_t l_tmp[uECC_BYTES];
- int8_t l_carry;
+static void vli_mmod_fast(uint8_t *RESTRICT result, uint8_t *RESTRICT product) {
+ uint8_t tmp[uECC_BYTES];
+ int8_t carry;
/* t */
- vli_set(p_result, p_product);
+ vli_set(result, product);
/* s1 */
- l_tmp[0] = l_tmp[1] = l_tmp[2] = l_tmp[3] = 0;
- l_tmp[4] = l_tmp[5] = l_tmp[6] = l_tmp[7] = 0;
- l_tmp[8] = l_tmp[9] = l_tmp[10] = l_tmp[11] = 0;
- l_tmp[12] = p_product[44]; l_tmp[13] = p_product[45]; l_tmp[14] = p_product[46]; l_tmp[15] = p_product[47];
- l_tmp[16] = p_product[48]; l_tmp[17] = p_product[49]; l_tmp[18] = p_product[50]; l_tmp[19] = p_product[51];
- l_tmp[20] = p_product[52]; l_tmp[21] = p_product[53]; l_tmp[22] = p_product[54]; l_tmp[23] = p_product[55];
- l_tmp[24] = p_product[56]; l_tmp[25] = p_product[57]; l_tmp[26] = p_product[58]; l_tmp[27] = p_product[59];
- l_tmp[28] = p_product[60]; l_tmp[29] = p_product[61]; l_tmp[30] = p_product[62]; l_tmp[31] = p_product[63];
- l_carry = vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[1] = tmp[2] = tmp[3] = 0;
+ tmp[4] = tmp[5] = tmp[6] = tmp[7] = 0;
+ tmp[8] = tmp[9] = tmp[10] = tmp[11] = 0;
+ tmp[12] = product[44]; tmp[13] = product[45]; tmp[14] = product[46]; tmp[15] = product[47];
+ tmp[16] = product[48]; tmp[17] = product[49]; tmp[18] = product[50]; tmp[19] = product[51];
+ tmp[20] = product[52]; tmp[21] = product[53]; tmp[22] = product[54]; tmp[23] = product[55];
+ tmp[24] = product[56]; tmp[25] = product[57]; tmp[26] = product[58]; tmp[27] = product[59];
+ tmp[28] = product[60]; tmp[29] = product[61]; tmp[30] = product[62]; tmp[31] = product[63];
+ carry = vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s2 */
- l_tmp[12] = p_product[48]; l_tmp[13] = p_product[49]; l_tmp[14] = p_product[50]; l_tmp[15] = p_product[51];
- l_tmp[16] = p_product[52]; l_tmp[17] = p_product[53]; l_tmp[18] = p_product[54]; l_tmp[19] = p_product[55];
- l_tmp[20] = p_product[56]; l_tmp[21] = p_product[57]; l_tmp[22] = p_product[58]; l_tmp[23] = p_product[59];
- l_tmp[24] = p_product[60]; l_tmp[25] = p_product[61]; l_tmp[26] = p_product[62]; l_tmp[27] = p_product[63];
- l_tmp[28] = l_tmp[29] = l_tmp[30] = l_tmp[31] = 0;
- l_carry += vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[12] = product[48]; tmp[13] = product[49]; tmp[14] = product[50]; tmp[15] = product[51];
+ tmp[16] = product[52]; tmp[17] = product[53]; tmp[18] = product[54]; tmp[19] = product[55];
+ tmp[20] = product[56]; tmp[21] = product[57]; tmp[22] = product[58]; tmp[23] = product[59];
+ tmp[24] = product[60]; tmp[25] = product[61]; tmp[26] = product[62]; tmp[27] = product[63];
+ tmp[28] = tmp[29] = tmp[30] = tmp[31] = 0;
+ carry += vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s3 */
- l_tmp[0] = p_product[32]; l_tmp[1] = p_product[33]; l_tmp[2] = p_product[34]; l_tmp[3] = p_product[35];
- l_tmp[4] = p_product[36]; l_tmp[5] = p_product[37]; l_tmp[6] = p_product[38]; l_tmp[7] = p_product[39];
- l_tmp[8] = p_product[40]; l_tmp[9] = p_product[41]; l_tmp[10] = p_product[42]; l_tmp[11] = p_product[43];
- l_tmp[12] = l_tmp[13] = l_tmp[14] = l_tmp[15] = 0;
- l_tmp[16] = l_tmp[17] = l_tmp[18] = l_tmp[19] = 0;
- l_tmp[20] = l_tmp[21] = l_tmp[22] = l_tmp[23] = 0;
- l_tmp[24] = p_product[56]; l_tmp[25] = p_product[57]; l_tmp[26] = p_product[58]; l_tmp[27] = p_product[59];
- l_tmp[28] = p_product[60]; l_tmp[29] = p_product[61]; l_tmp[30] = p_product[62]; l_tmp[31] = p_product[63];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = product[32]; tmp[1] = product[33]; tmp[2] = product[34]; tmp[3] = product[35];
+ tmp[4] = product[36]; tmp[5] = product[37]; tmp[6] = product[38]; tmp[7] = product[39];
+ tmp[8] = product[40]; tmp[9] = product[41]; tmp[10] = product[42]; tmp[11] = product[43];
+ tmp[12] = tmp[13] = tmp[14] = tmp[15] = 0;
+ tmp[16] = tmp[17] = tmp[18] = tmp[19] = 0;
+ tmp[20] = tmp[21] = tmp[22] = tmp[23] = 0;
+ tmp[24] = product[56]; tmp[25] = product[57]; tmp[26] = product[58]; tmp[27] = product[59];
+ tmp[28] = product[60]; tmp[29] = product[61]; tmp[30] = product[62]; tmp[31] = product[63];
+ carry += vli_add(result, result, tmp);
/* s4 */
- l_tmp[0] = p_product[36]; l_tmp[1] = p_product[37]; l_tmp[2] = p_product[38]; l_tmp[3] = p_product[39];
- l_tmp[4] = p_product[40]; l_tmp[5] = p_product[41]; l_tmp[6] = p_product[42]; l_tmp[7] = p_product[43];
- l_tmp[8] = p_product[44]; l_tmp[9] = p_product[45]; l_tmp[10] = p_product[46]; l_tmp[11] = p_product[47];
- l_tmp[12] = p_product[52]; l_tmp[13] = p_product[53]; l_tmp[14] = p_product[54]; l_tmp[15] = p_product[55];
- l_tmp[16] = p_product[56]; l_tmp[17] = p_product[57]; l_tmp[18] = p_product[58]; l_tmp[19] = p_product[59];
- l_tmp[20] = p_product[60]; l_tmp[21] = p_product[61]; l_tmp[22] = p_product[62]; l_tmp[23] = p_product[63];
- l_tmp[24] = p_product[52]; l_tmp[25] = p_product[53]; l_tmp[26] = p_product[54]; l_tmp[27] = p_product[55];
- l_tmp[28] = p_product[32]; l_tmp[29] = p_product[33]; l_tmp[30] = p_product[34]; l_tmp[31] = p_product[35];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = product[36]; tmp[1] = product[37]; tmp[2] = product[38]; tmp[3] = product[39];
+ tmp[4] = product[40]; tmp[5] = product[41]; tmp[6] = product[42]; tmp[7] = product[43];
+ tmp[8] = product[44]; tmp[9] = product[45]; tmp[10] = product[46]; tmp[11] = product[47];
+ tmp[12] = product[52]; tmp[13] = product[53]; tmp[14] = product[54]; tmp[15] = product[55];
+ tmp[16] = product[56]; tmp[17] = product[57]; tmp[18] = product[58]; tmp[19] = product[59];
+ tmp[20] = product[60]; tmp[21] = product[61]; tmp[22] = product[62]; tmp[23] = product[63];
+ tmp[24] = product[52]; tmp[25] = product[53]; tmp[26] = product[54]; tmp[27] = product[55];
+ tmp[28] = product[32]; tmp[29] = product[33]; tmp[30] = product[34]; tmp[31] = product[35];
+ carry += vli_add(result, result, tmp);
/* d1 */
- l_tmp[0] = p_product[44]; l_tmp[1] = p_product[45]; l_tmp[2] = p_product[46]; l_tmp[3] = p_product[47];
- l_tmp[4] = p_product[48]; l_tmp[5] = p_product[49]; l_tmp[6] = p_product[50]; l_tmp[7] = p_product[51];
- l_tmp[8] = p_product[52]; l_tmp[9] = p_product[53]; l_tmp[10] = p_product[54]; l_tmp[11] = p_product[55];
- l_tmp[12] = l_tmp[13] = l_tmp[14] = l_tmp[15] = 0;
- l_tmp[16] = l_tmp[17] = l_tmp[18] = l_tmp[19] = 0;
- l_tmp[20] = l_tmp[21] = l_tmp[22] = l_tmp[23] = 0;
- l_tmp[24] = p_product[32]; l_tmp[25] = p_product[33]; l_tmp[26] = p_product[34]; l_tmp[27] = p_product[35];
- l_tmp[28] = p_product[40]; l_tmp[29] = p_product[41]; l_tmp[30] = p_product[42]; l_tmp[31] = p_product[43];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[44]; tmp[1] = product[45]; tmp[2] = product[46]; tmp[3] = product[47];
+ tmp[4] = product[48]; tmp[5] = product[49]; tmp[6] = product[50]; tmp[7] = product[51];
+ tmp[8] = product[52]; tmp[9] = product[53]; tmp[10] = product[54]; tmp[11] = product[55];
+ tmp[12] = tmp[13] = tmp[14] = tmp[15] = 0;
+ tmp[16] = tmp[17] = tmp[18] = tmp[19] = 0;
+ tmp[20] = tmp[21] = tmp[22] = tmp[23] = 0;
+ tmp[24] = product[32]; tmp[25] = product[33]; tmp[26] = product[34]; tmp[27] = product[35];
+ tmp[28] = product[40]; tmp[29] = product[41]; tmp[30] = product[42]; tmp[31] = product[43];
+ carry -= vli_sub(result, result, tmp);
/* d2 */
- l_tmp[0] = p_product[48]; l_tmp[1] = p_product[49]; l_tmp[2] = p_product[50]; l_tmp[3] = p_product[51];
- l_tmp[4] = p_product[52]; l_tmp[5] = p_product[53]; l_tmp[6] = p_product[54]; l_tmp[7] = p_product[55];
- l_tmp[8] = p_product[56]; l_tmp[9] = p_product[57]; l_tmp[10] = p_product[58]; l_tmp[11] = p_product[59];
- l_tmp[12] = p_product[60]; l_tmp[13] = p_product[61]; l_tmp[14] = p_product[62]; l_tmp[15] = p_product[63];
- l_tmp[16] = l_tmp[17] = l_tmp[18] = l_tmp[19] = 0;
- l_tmp[20] = l_tmp[21] = l_tmp[22] = l_tmp[23] = 0;
- l_tmp[24] = p_product[36]; l_tmp[25] = p_product[37]; l_tmp[26] = p_product[38]; l_tmp[27] = p_product[39];
- l_tmp[28] = p_product[44]; l_tmp[29] = p_product[45]; l_tmp[30] = p_product[46]; l_tmp[31] = p_product[47];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[48]; tmp[1] = product[49]; tmp[2] = product[50]; tmp[3] = product[51];
+ tmp[4] = product[52]; tmp[5] = product[53]; tmp[6] = product[54]; tmp[7] = product[55];
+ tmp[8] = product[56]; tmp[9] = product[57]; tmp[10] = product[58]; tmp[11] = product[59];
+ tmp[12] = product[60]; tmp[13] = product[61]; tmp[14] = product[62]; tmp[15] = product[63];
+ tmp[16] = tmp[17] = tmp[18] = tmp[19] = 0;
+ tmp[20] = tmp[21] = tmp[22] = tmp[23] = 0;
+ tmp[24] = product[36]; tmp[25] = product[37]; tmp[26] = product[38]; tmp[27] = product[39];
+ tmp[28] = product[44]; tmp[29] = product[45]; tmp[30] = product[46]; tmp[31] = product[47];
+ carry -= vli_sub(result, result, tmp);
/* d3 */
- l_tmp[0] = p_product[52]; l_tmp[1] = p_product[53]; l_tmp[2] = p_product[54]; l_tmp[3] = p_product[55];
- l_tmp[4] = p_product[56]; l_tmp[5] = p_product[57]; l_tmp[6] = p_product[58]; l_tmp[7] = p_product[59];
- l_tmp[8] = p_product[60]; l_tmp[9] = p_product[61]; l_tmp[10] = p_product[62]; l_tmp[11] = p_product[63];
- l_tmp[12] = p_product[32]; l_tmp[13] = p_product[33]; l_tmp[14] = p_product[34]; l_tmp[15] = p_product[35];
- l_tmp[16] = p_product[36]; l_tmp[17] = p_product[37]; l_tmp[18] = p_product[38]; l_tmp[19] = p_product[39];
- l_tmp[20] = p_product[40]; l_tmp[21] = p_product[41]; l_tmp[22] = p_product[42]; l_tmp[23] = p_product[43];
- l_tmp[24] = l_tmp[25] = l_tmp[26] = l_tmp[27] = 0;
- l_tmp[28] = p_product[48]; l_tmp[29] = p_product[49]; l_tmp[30] = p_product[50]; l_tmp[31] = p_product[51];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[52]; tmp[1] = product[53]; tmp[2] = product[54]; tmp[3] = product[55];
+ tmp[4] = product[56]; tmp[5] = product[57]; tmp[6] = product[58]; tmp[7] = product[59];
+ tmp[8] = product[60]; tmp[9] = product[61]; tmp[10] = product[62]; tmp[11] = product[63];
+ tmp[12] = product[32]; tmp[13] = product[33]; tmp[14] = product[34]; tmp[15] = product[35];
+ tmp[16] = product[36]; tmp[17] = product[37]; tmp[18] = product[38]; tmp[19] = product[39];
+ tmp[20] = product[40]; tmp[21] = product[41]; tmp[22] = product[42]; tmp[23] = product[43];
+ tmp[24] = tmp[25] = tmp[26] = tmp[27] = 0;
+ tmp[28] = product[48]; tmp[29] = product[49]; tmp[30] = product[50]; tmp[31] = product[51];
+ carry -= vli_sub(result, result, tmp);
/* d4 */
- l_tmp[0] = p_product[56]; l_tmp[1] = p_product[57]; l_tmp[2] = p_product[58]; l_tmp[3] = p_product[59];
- l_tmp[4] = p_product[60]; l_tmp[5] = p_product[61]; l_tmp[6] = p_product[62]; l_tmp[7] = p_product[63];
- l_tmp[8] = l_tmp[9] = l_tmp[10] = l_tmp[11] = 0;
- l_tmp[12] = p_product[36]; l_tmp[13] = p_product[37]; l_tmp[14] = p_product[38]; l_tmp[15] = p_product[39];
- l_tmp[16] = p_product[40]; l_tmp[17] = p_product[41]; l_tmp[18] = p_product[42]; l_tmp[19] = p_product[43];
- l_tmp[20] = p_product[44]; l_tmp[21] = p_product[45]; l_tmp[22] = p_product[46]; l_tmp[23] = p_product[47];
- l_tmp[24] = l_tmp[25] = l_tmp[26] = l_tmp[27] = 0;
- l_tmp[28] = p_product[52]; l_tmp[29] = p_product[53]; l_tmp[30] = p_product[54]; l_tmp[31] = p_product[55];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[56]; tmp[1] = product[57]; tmp[2] = product[58]; tmp[3] = product[59];
+ tmp[4] = product[60]; tmp[5] = product[61]; tmp[6] = product[62]; tmp[7] = product[63];
+ tmp[8] = tmp[9] = tmp[10] = tmp[11] = 0;
+ tmp[12] = product[36]; tmp[13] = product[37]; tmp[14] = product[38]; tmp[15] = product[39];
+ tmp[16] = product[40]; tmp[17] = product[41]; tmp[18] = product[42]; tmp[19] = product[43];
+ tmp[20] = product[44]; tmp[21] = product[45]; tmp[22] = product[46]; tmp[23] = product[47];
+ tmp[24] = tmp[25] = tmp[26] = tmp[27] = 0;
+ tmp[28] = product[52]; tmp[29] = product[53]; tmp[30] = product[54]; tmp[31] = product[55];
+ carry -= vli_sub(result, result, tmp);
- if(l_carry < 0)
- {
- do
- {
- l_carry += vli_add(p_result, p_result, curve_p);
- } while(l_carry < 0);
- }
- else
- {
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ if (carry < 0) {
+ do {
+ carry += vli_add(result, result, curve_p);
+ } while (carry < 0);
+ } else {
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
}
#elif uECC_WORD_SIZE == 4
-static void vli_mmod_fast(uint32_t *RESTRICT p_result, uint32_t *RESTRICT p_product)
-{
- uint32_t l_tmp[uECC_WORDS];
- int l_carry;
+static void vli_mmod_fast(uint32_t *RESTRICT result, uint32_t *RESTRICT product) {
+ uint32_t tmp[uECC_WORDS];
+ int carry;
/* t */
- vli_set(p_result, p_product);
+ vli_set(result, product);
/* s1 */
- l_tmp[0] = l_tmp[1] = l_tmp[2] = 0;
- l_tmp[3] = p_product[11];
- l_tmp[4] = p_product[12];
- l_tmp[5] = p_product[13];
- l_tmp[6] = p_product[14];
- l_tmp[7] = p_product[15];
- l_carry = vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = tmp[1] = tmp[2] = 0;
+ tmp[3] = product[11];
+ tmp[4] = product[12];
+ tmp[5] = product[13];
+ tmp[6] = product[14];
+ tmp[7] = product[15];
+ carry = vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s2 */
- l_tmp[3] = p_product[12];
- l_tmp[4] = p_product[13];
- l_tmp[5] = p_product[14];
- l_tmp[6] = p_product[15];
- l_tmp[7] = 0;
- l_carry += vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[3] = product[12];
+ tmp[4] = product[13];
+ tmp[5] = product[14];
+ tmp[6] = product[15];
+ tmp[7] = 0;
+ carry += vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s3 */
- l_tmp[0] = p_product[8];
- l_tmp[1] = p_product[9];
- l_tmp[2] = p_product[10];
- l_tmp[3] = l_tmp[4] = l_tmp[5] = 0;
- l_tmp[6] = p_product[14];
- l_tmp[7] = p_product[15];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = product[8];
+ tmp[1] = product[9];
+ tmp[2] = product[10];
+ tmp[3] = tmp[4] = tmp[5] = 0;
+ tmp[6] = product[14];
+ tmp[7] = product[15];
+ carry += vli_add(result, result, tmp);
/* s4 */
- l_tmp[0] = p_product[9];
- l_tmp[1] = p_product[10];
- l_tmp[2] = p_product[11];
- l_tmp[3] = p_product[13];
- l_tmp[4] = p_product[14];
- l_tmp[5] = p_product[15];
- l_tmp[6] = p_product[13];
- l_tmp[7] = p_product[8];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = product[9];
+ tmp[1] = product[10];
+ tmp[2] = product[11];
+ tmp[3] = product[13];
+ tmp[4] = product[14];
+ tmp[5] = product[15];
+ tmp[6] = product[13];
+ tmp[7] = product[8];
+ carry += vli_add(result, result, tmp);
/* d1 */
- l_tmp[0] = p_product[11];
- l_tmp[1] = p_product[12];
- l_tmp[2] = p_product[13];
- l_tmp[3] = l_tmp[4] = l_tmp[5] = 0;
- l_tmp[6] = p_product[8];
- l_tmp[7] = p_product[10];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[11];
+ tmp[1] = product[12];
+ tmp[2] = product[13];
+ tmp[3] = tmp[4] = tmp[5] = 0;
+ tmp[6] = product[8];
+ tmp[7] = product[10];
+ carry -= vli_sub(result, result, tmp);
/* d2 */
- l_tmp[0] = p_product[12];
- l_tmp[1] = p_product[13];
- l_tmp[2] = p_product[14];
- l_tmp[3] = p_product[15];
- l_tmp[4] = l_tmp[5] = 0;
- l_tmp[6] = p_product[9];
- l_tmp[7] = p_product[11];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[12];
+ tmp[1] = product[13];
+ tmp[2] = product[14];
+ tmp[3] = product[15];
+ tmp[4] = tmp[5] = 0;
+ tmp[6] = product[9];
+ tmp[7] = product[11];
+ carry -= vli_sub(result, result, tmp);
/* d3 */
- l_tmp[0] = p_product[13];
- l_tmp[1] = p_product[14];
- l_tmp[2] = p_product[15];
- l_tmp[3] = p_product[8];
- l_tmp[4] = p_product[9];
- l_tmp[5] = p_product[10];
- l_tmp[6] = 0;
- l_tmp[7] = p_product[12];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[13];
+ tmp[1] = product[14];
+ tmp[2] = product[15];
+ tmp[3] = product[8];
+ tmp[4] = product[9];
+ tmp[5] = product[10];
+ tmp[6] = 0;
+ tmp[7] = product[12];
+ carry -= vli_sub(result, result, tmp);
/* d4 */
- l_tmp[0] = p_product[14];
- l_tmp[1] = p_product[15];
- l_tmp[2] = 0;
- l_tmp[3] = p_product[9];
- l_tmp[4] = p_product[10];
- l_tmp[5] = p_product[11];
- l_tmp[6] = 0;
- l_tmp[7] = p_product[13];
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[14];
+ tmp[1] = product[15];
+ tmp[2] = 0;
+ tmp[3] = product[9];
+ tmp[4] = product[10];
+ tmp[5] = product[11];
+ tmp[6] = 0;
+ tmp[7] = product[13];
+ carry -= vli_sub(result, result, tmp);
- if(l_carry < 0)
- {
- do
- {
- l_carry += vli_add(p_result, p_result, curve_p);
- } while(l_carry < 0);
- }
- else
- {
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ if (carry < 0) {
+ do {
+ carry += vli_add(result, result, curve_p);
+ } while (carry < 0);
+ } else {
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
}
#else
-static void vli_mmod_fast(uint64_t *RESTRICT p_result, uint64_t *RESTRICT p_product)
-{
- uint64_t l_tmp[uECC_WORDS];
- int l_carry;
+static void vli_mmod_fast(uint64_t *RESTRICT result, uint64_t *RESTRICT product) {
+ uint64_t tmp[uECC_WORDS];
+ int carry;
/* t */
- vli_set(p_result, p_product);
+ vli_set(result, product);
/* s1 */
- l_tmp[0] = 0;
- l_tmp[1] = p_product[5] & 0xffffffff00000000ull;
- l_tmp[2] = p_product[6];
- l_tmp[3] = p_product[7];
- l_carry = vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = 0;
+ tmp[1] = product[5] & 0xffffffff00000000ull;
+ tmp[2] = product[6];
+ tmp[3] = product[7];
+ carry = vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s2 */
- l_tmp[1] = p_product[6] << 32;
- l_tmp[2] = (p_product[6] >> 32) | (p_product[7] << 32);
- l_tmp[3] = p_product[7] >> 32;
- l_carry += vli_add(l_tmp, l_tmp, l_tmp);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[1] = product[6] << 32;
+ tmp[2] = (product[6] >> 32) | (product[7] << 32);
+ tmp[3] = product[7] >> 32;
+ carry += vli_add(tmp, tmp, tmp);
+ carry += vli_add(result, result, tmp);
/* s3 */
- l_tmp[0] = p_product[4];
- l_tmp[1] = p_product[5] & 0xffffffff;
- l_tmp[2] = 0;
- l_tmp[3] = p_product[7];
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = product[4];
+ tmp[1] = product[5] & 0xffffffff;
+ tmp[2] = 0;
+ tmp[3] = product[7];
+ carry += vli_add(result, result, tmp);
/* s4 */
- l_tmp[0] = (p_product[4] >> 32) | (p_product[5] << 32);
- l_tmp[1] = (p_product[5] >> 32) | (p_product[6] & 0xffffffff00000000ull);
- l_tmp[2] = p_product[7];
- l_tmp[3] = (p_product[6] >> 32) | (p_product[4] << 32);
- l_carry += vli_add(p_result, p_result, l_tmp);
+ tmp[0] = (product[4] >> 32) | (product[5] << 32);
+ tmp[1] = (product[5] >> 32) | (product[6] & 0xffffffff00000000ull);
+ tmp[2] = product[7];
+ tmp[3] = (product[6] >> 32) | (product[4] << 32);
+ carry += vli_add(result, result, tmp);
/* d1 */
- l_tmp[0] = (p_product[5] >> 32) | (p_product[6] << 32);
- l_tmp[1] = (p_product[6] >> 32);
- l_tmp[2] = 0;
- l_tmp[3] = (p_product[4] & 0xffffffff) | (p_product[5] << 32);
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = (product[5] >> 32) | (product[6] << 32);
+ tmp[1] = (product[6] >> 32);
+ tmp[2] = 0;
+ tmp[3] = (product[4] & 0xffffffff) | (product[5] << 32);
+ carry -= vli_sub(result, result, tmp);
/* d2 */
- l_tmp[0] = p_product[6];
- l_tmp[1] = p_product[7];
- l_tmp[2] = 0;
- l_tmp[3] = (p_product[4] >> 32) | (p_product[5] & 0xffffffff00000000ull);
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[6];
+ tmp[1] = product[7];
+ tmp[2] = 0;
+ tmp[3] = (product[4] >> 32) | (product[5] & 0xffffffff00000000ull);
+ carry -= vli_sub(result, result, tmp);
/* d3 */
- l_tmp[0] = (p_product[6] >> 32) | (p_product[7] << 32);
- l_tmp[1] = (p_product[7] >> 32) | (p_product[4] << 32);
- l_tmp[2] = (p_product[4] >> 32) | (p_product[5] << 32);
- l_tmp[3] = (p_product[6] << 32);
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = (product[6] >> 32) | (product[7] << 32);
+ tmp[1] = (product[7] >> 32) | (product[4] << 32);
+ tmp[2] = (product[4] >> 32) | (product[5] << 32);
+ tmp[3] = (product[6] << 32);
+ carry -= vli_sub(result, result, tmp);
/* d4 */
- l_tmp[0] = p_product[7];
- l_tmp[1] = p_product[4] & 0xffffffff00000000ull;
- l_tmp[2] = p_product[5];
- l_tmp[3] = p_product[6] & 0xffffffff00000000ull;
- l_carry -= vli_sub(p_result, p_result, l_tmp);
+ tmp[0] = product[7];
+ tmp[1] = product[4] & 0xffffffff00000000ull;
+ tmp[2] = product[5];
+ tmp[3] = product[6] & 0xffffffff00000000ull;
+ carry -= vli_sub(result, result, tmp);
- if(l_carry < 0)
- {
- do
- {
- l_carry += vli_add(p_result, p_result, curve_p);
- } while(l_carry < 0);
- }
- else
- {
- while(l_carry || vli_cmp(curve_p, p_result) != 1)
- {
- l_carry -= vli_sub(p_result, p_result, curve_p);
+ if (carry < 0) {
+ do {
+ carry += vli_add(result, result, curve_p);
+ } while (carry < 0);
+ } else {
+ while (carry || vli_cmp(curve_p, result) != 1) {
+ carry -= vli_sub(result, result, curve_p);
}
}
}
@@ -1257,97 +1211,87 @@
#elif uECC_CURVE == uECC_secp256k1
#if uECC_WORD_SIZE == 1
-static void omega_mult(uint8_t * RESTRICT p_result, const uint8_t * RESTRICT p_right)
-{
+static void omega_mult(uint8_t * RESTRICT result, const uint8_t * RESTRICT right) {
/* Multiply by (2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1). */
uECC_word_t r0 = 0;
uECC_word_t r1 = 0;
uECC_word_t r2 = 0;
-
wordcount_t k;
/* Multiply by (2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1). */
- muladd(0xD1, p_right[0], &r0, &r1, &r2);
- p_result[0] = r0;
+ muladd(0xD1, right[0], &r0, &r1, &r2);
+ result[0] = r0;
r0 = r1;
r1 = r2;
/* r2 is still 0 */
- for(k = 1; k < uECC_WORDS; ++k)
- {
- muladd(0x03, p_right[k-1], &r0, &r1, &r2);
- muladd(0xD1, p_right[k], &r0, &r1, &r2);
- p_result[k] = r0;
+ for (k = 1; k < uECC_WORDS; ++k) {
+ muladd(0x03, right[k - 1], &r0, &r1, &r2);
+ muladd(0xD1, right[k], &r0, &r1, &r2);
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
-
- muladd(0x03, p_right[uECC_WORDS-1], &r0, &r1, &r2);
- p_result[uECC_WORDS] = r0;
- p_result[uECC_WORDS + 1] = r1;
-
- p_result[4 + uECC_WORDS] = vli_add(p_result + 4, p_result + 4, p_right); /* add the 2^32 multiple */
+ muladd(0x03, right[uECC_WORDS - 1], &r0, &r1, &r2);
+ result[uECC_WORDS] = r0;
+ result[uECC_WORDS + 1] = r1;
+
+ result[4 + uECC_WORDS] = vli_add(result + 4, result + 4, right); /* add the 2^32 multiple */
}
#elif uECC_WORD_SIZE == 4
-static void omega_mult(uint32_t * RESTRICT p_result, const uint32_t * RESTRICT p_right)
-{
+static void omega_mult(uint32_t * RESTRICT result, const uint32_t * RESTRICT right) {
/* Multiply by (2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1). */
- uint32_t l_carry = 0;
+ uint32_t carry = 0;
wordcount_t k;
- for(k = 0; k < uECC_WORDS; ++k)
- {
- uint64_t p = (uint64_t)0x3D1 * p_right[k] + l_carry;
- p_result[k] = (p & 0xffffffff);
- l_carry = p >> 32;
+ for (k = 0; k < uECC_WORDS; ++k) {
+ uint64_t p = (uint64_t)0x3D1 * right[k] + carry;
+ result[k] = (p & 0xffffffff);
+ carry = p >> 32;
}
- p_result[uECC_WORDS] = l_carry;
+ result[uECC_WORDS] = carry;
- p_result[1 + uECC_WORDS] = vli_add(p_result + 1, p_result + 1, p_right); /* add the 2^32 multiple */
+ result[1 + uECC_WORDS] = vli_add(result + 1, result + 1, right); /* add the 2^32 multiple */
}
#else
-static void omega_mult(uint64_t * RESTRICT p_result, const uint64_t * RESTRICT p_right)
-{
+static void omega_mult(uint64_t * RESTRICT result, const uint64_t * RESTRICT right) {
uECC_word_t r0 = 0;
uECC_word_t r1 = 0;
uECC_word_t r2 = 0;
-
wordcount_t k;
/* Multiply by (2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1). */
- for(k = 0; k < uECC_WORDS; ++k)
- {
- muladd(0x1000003D1ull, p_right[k], &r0, &r1, &r2);
- p_result[k] = r0;
+ for (k = 0; k < uECC_WORDS; ++k) {
+ muladd(0x1000003D1ull, right[k], &r0, &r1, &r2);
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
-
- p_result[uECC_WORDS] = r0;
+ result[uECC_WORDS] = r0;
}
#endif /* uECC_WORD_SIZE */
#endif /* uECC_CURVE */
#endif /* !asm_mmod_fast */
-/* Computes p_result = (p_left * p_right) % curve_p. */
-static void vli_modMult_fast(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_product[2 * uECC_WORDS];
- vli_mult(l_product, p_left, p_right);
- vli_mmod_fast(p_result, l_product);
+/* Computes result = (left * right) % curve_p. */
+static void vli_modMult_fast(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right) {
+ uECC_word_t product[2 * uECC_WORDS];
+ vli_mult(product, left, right);
+ vli_mmod_fast(result, product);
}
#if uECC_SQUARE_FUNC
-/* Computes p_result = p_left^2 % curve_p. */
-static void vli_modSquare_fast(uECC_word_t *p_result, const uECC_word_t *p_left)
-{
- uECC_word_t l_product[2 * uECC_WORDS];
- vli_square(l_product, p_left);
- vli_mmod_fast(p_result, l_product);
+/* Computes result = left^2 % curve_p. */
+static void vli_modSquare_fast(uECC_word_t *result, const uECC_word_t *left) {
+ uECC_word_t product[2 * uECC_WORDS];
+ vli_square(product, left);
+ vli_mmod_fast(result, product);
}
#else /* uECC_SQUARE_FUNC */
@@ -1358,106 +1302,84 @@
#define EVEN(vli) (!(vli[0] & 1))
-/* Computes p_result = (1 / p_input) % p_mod. All VLIs are the same size.
+/* Computes result = (1 / input) % mod. All VLIs are the same size.
See "From Euclid's GCD to Montgomery Multiplication to the Great Divide"
https://labs.oracle.com/techrep/2001/smli_tr-2001-95.pdf */
#if !asm_modInv
-static void vli_modInv(uECC_word_t *p_result, const uECC_word_t *p_input, const uECC_word_t *p_mod)
-{
+static void vli_modInv(uECC_word_t *result, const uECC_word_t *input, const uECC_word_t *mod) {
uECC_word_t a[uECC_WORDS], b[uECC_WORDS], u[uECC_WORDS], v[uECC_WORDS];
- uECC_word_t l_carry;
- cmpresult_t l_cmpResult;
+ uECC_word_t carry;
+ cmpresult_t cmpResult;
- if(vli_isZero(p_input))
- {
- vli_clear(p_result);
+ if (vli_isZero(input)) {
+ vli_clear(result);
return;
}
- vli_set(a, p_input);
- vli_set(b, p_mod);
+ vli_set(a, input);
+ vli_set(b, mod);
vli_clear(u);
u[0] = 1;
vli_clear(v);
- while((l_cmpResult = vli_cmp(a, b)) != 0)
- {
- l_carry = 0;
- if(EVEN(a))
- {
+ while ((cmpResult = vli_cmp(a, b)) != 0) {
+ carry = 0;
+ if (EVEN(a)) {
vli_rshift1(a);
- if(!EVEN(u))
- {
- l_carry = vli_add(u, u, p_mod);
+ if (!EVEN(u)) {
+ carry = vli_add(u, u, mod);
}
vli_rshift1(u);
- if(l_carry)
- {
- u[uECC_WORDS-1] |= HIGH_BIT_SET;
+ if (carry) {
+ u[uECC_WORDS - 1] |= HIGH_BIT_SET;
}
- }
- else if(EVEN(b))
- {
+ } else if (EVEN(b)) {
vli_rshift1(b);
- if(!EVEN(v))
- {
- l_carry = vli_add(v, v, p_mod);
+ if (!EVEN(v)) {
+ carry = vli_add(v, v, mod);
}
vli_rshift1(v);
- if(l_carry)
- {
- v[uECC_WORDS-1] |= HIGH_BIT_SET;
+ if (carry) {
+ v[uECC_WORDS - 1] |= HIGH_BIT_SET;
}
- }
- else if(l_cmpResult > 0)
- {
+ } else if (cmpResult > 0) {
vli_sub(a, a, b);
vli_rshift1(a);
- if(vli_cmp(u, v) < 0)
- {
- vli_add(u, u, p_mod);
+ if (vli_cmp(u, v) < 0) {
+ vli_add(u, u, mod);
}
vli_sub(u, u, v);
- if(!EVEN(u))
- {
- l_carry = vli_add(u, u, p_mod);
+ if (!EVEN(u)) {
+ carry = vli_add(u, u, mod);
}
vli_rshift1(u);
- if(l_carry)
- {
- u[uECC_WORDS-1] |= HIGH_BIT_SET;
+ if (carry) {
+ u[uECC_WORDS - 1] |= HIGH_BIT_SET;
}
- }
- else
- {
+ } else {
vli_sub(b, b, a);
vli_rshift1(b);
- if(vli_cmp(v, u) < 0)
- {
- vli_add(v, v, p_mod);
+ if (vli_cmp(v, u) < 0) {
+ vli_add(v, v, mod);
}
vli_sub(v, v, u);
- if(!EVEN(v))
- {
- l_carry = vli_add(v, v, p_mod);
+ if (!EVEN(v)) {
+ carry = vli_add(v, v, mod);
}
vli_rshift1(v);
- if(l_carry)
- {
- v[uECC_WORDS-1] |= HIGH_BIT_SET;
+ if (carry) {
+ v[uECC_WORDS - 1] |= HIGH_BIT_SET;
}
}
}
-
- vli_set(p_result, u);
+ vli_set(result, u);
}
#endif /* !asm_modInv */
/* ------ Point operations ------ */
-/* Returns 1 if p_point is the point at infinity, 0 otherwise. */
-static cmpresult_t EccPoint_isZero(const EccPoint *p_point)
-{
- return (vli_isZero(p_point->x) && vli_isZero(p_point->y));
+/* Returns 1 if 'point' is the point at infinity, 0 otherwise. */
+static cmpresult_t EccPoint_isZero(const EccPoint *point) {
+ return (vli_isZero(point->x) && vli_isZero(point->y));
}
/* Point multiplication algorithm using Montgomery's ladder with co-Z coordinates.
@@ -1466,14 +1388,14 @@
/* Double in place */
#if (uECC_CURVE == uECC_secp256k1)
-static void EccPoint_double_jacobian(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1, uECC_word_t * RESTRICT Z1)
-{
+static void EccPoint_double_jacobian(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ uECC_word_t * RESTRICT Z1) {
/* t1 = X, t2 = Y, t3 = Z */
uECC_word_t t4[uECC_WORDS];
uECC_word_t t5[uECC_WORDS];
- if(vli_isZero(Z1))
- {
+ if (vli_isZero(Z1)) {
return;
}
@@ -1485,19 +1407,16 @@
vli_modAdd(Y1, X1, X1, curve_p); /* t2 = 2*x1^2 */
vli_modAdd(Y1, Y1, X1, curve_p); /* t2 = 3*x1^2 */
- if(vli_testBit(Y1, 0))
- {
- uECC_word_t l_carry = vli_add(Y1, Y1, curve_p);
+ if (vli_testBit(Y1, 0)) {
+ uECC_word_t carry = vli_add(Y1, Y1, curve_p);
vli_rshift1(Y1);
- Y1[uECC_WORDS-1] |= l_carry << (uECC_WORD_BITS - 1);
- }
- else
- {
+ Y1[uECC_WORDS - 1] |= carry << (uECC_WORD_BITS - 1);
+ } else {
vli_rshift1(Y1);
}
/* t2 = 3/2*(x1^2) = B */
- vli_modSquare_fast(X1, Y1); /* t1 = B^2 */
+ vli_modSquare_fast(X1, Y1); /* t1 = B^2 */
vli_modSub(X1, X1, t4, curve_p); /* t1 = B^2 - A */
vli_modSub(X1, X1, t4, curve_p); /* t1 = B^2 - 2A = x3 */
@@ -1506,14 +1425,14 @@
vli_modSub(Y1, Y1, t5, curve_p); /* t2 = B * (A - x3) - y1^4 = y3 */
}
#else
-static void EccPoint_double_jacobian(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1, uECC_word_t * RESTRICT Z1)
-{
+static void EccPoint_double_jacobian(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ uECC_word_t * RESTRICT Z1) {
/* t1 = X, t2 = Y, t3 = Z */
uECC_word_t t4[uECC_WORDS];
uECC_word_t t5[uECC_WORDS];
- if(vli_isZero(Z1))
- {
+ if (vli_isZero(Z1)) {
return;
}
@@ -1525,29 +1444,26 @@
vli_modAdd(X1, X1, Z1, curve_p); /* t1 = x1 + z1^2 */
vli_modAdd(Z1, Z1, Z1, curve_p); /* t3 = 2*z1^2 */
- vli_modSub_fast(Z1, X1, Z1); /* t3 = x1 - z1^2 */
+ vli_modSub_fast(Z1, X1, Z1); /* t3 = x1 - z1^2 */
vli_modMult_fast(X1, X1, Z1); /* t1 = x1^2 - z1^4 */
vli_modAdd(Z1, X1, X1, curve_p); /* t3 = 2*(x1^2 - z1^4) */
vli_modAdd(X1, X1, Z1, curve_p); /* t1 = 3*(x1^2 - z1^4) */
- if(vli_testBit(X1, 0))
- {
+ if (vli_testBit(X1, 0)) {
uECC_word_t l_carry = vli_add(X1, X1, curve_p);
vli_rshift1(X1);
- X1[uECC_WORDS-1] |= l_carry << (uECC_WORD_BITS - 1);
- }
- else
- {
+ X1[uECC_WORDS - 1] |= l_carry << (uECC_WORD_BITS - 1);
+ } else {
vli_rshift1(X1);
}
/* t1 = 3/2*(x1^2 - z1^4) = B */
- vli_modSquare_fast(Z1, X1); /* t3 = B^2 */
- vli_modSub_fast(Z1, Z1, t5); /* t3 = B^2 - A */
- vli_modSub_fast(Z1, Z1, t5); /* t3 = B^2 - 2A = x3 */
- vli_modSub_fast(t5, t5, Z1); /* t5 = A - x3 */
- vli_modMult_fast(X1, X1, t5); /* t1 = B * (A - x3) */
- vli_modSub_fast(t4, X1, t4); /* t4 = B * (A - x3) - y1^4 = y3 */
+ vli_modSquare_fast(Z1, X1); /* t3 = B^2 */
+ vli_modSub_fast(Z1, Z1, t5); /* t3 = B^2 - A */
+ vli_modSub_fast(Z1, Z1, t5); /* t3 = B^2 - 2A = x3 */
+ vli_modSub_fast(t5, t5, Z1); /* t5 = A - x3 */
+ vli_modMult_fast(X1, X1, t5); /* t1 = B * (A - x3) */
+ vli_modSub_fast(t4, X1, t4); /* t4 = B * (A - x3) - y1^4 = y3 */
vli_set(X1, Z1);
vli_set(Z1, Y1);
@@ -1556,8 +1472,9 @@
#endif
/* Modify (x1, y1) => (x1 * z^2, y1 * z^3) */
-static void apply_z(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1, const uECC_word_t * RESTRICT Z)
-{
+static void apply_z(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ const uECC_word_t * RESTRICT Z) {
uECC_word_t t1[uECC_WORDS];
vli_modSquare_fast(t1, Z); /* z^2 */
@@ -1567,9 +1484,11 @@
}
/* P = (x1, y1) => 2P, (x2, y2) => P' */
-static void XYcZ_initial_double(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1,
- uECC_word_t * RESTRICT X2, uECC_word_t * RESTRICT Y2, const uECC_word_t * RESTRICT p_initialZ)
-{
+static void XYcZ_initial_double(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ uECC_word_t * RESTRICT X2,
+ uECC_word_t * RESTRICT Y2,
+ const uECC_word_t * RESTRICT p_initialZ) {
uECC_word_t z[uECC_WORDS];
vli_set(X2, X1);
@@ -1577,15 +1496,12 @@
vli_clear(z);
z[0] = 1;
- if(p_initialZ)
- {
+ if (p_initialZ) {
vli_set(z, p_initialZ);
}
apply_z(X1, Y1, z);
-
EccPoint_double_jacobian(X1, Y1, z);
-
apply_z(X2, Y2, z);
}
@@ -1593,25 +1509,27 @@
Output P' = (x1', y1', Z3), P + Q = (x3, y3, Z3)
or P => P', Q => P + Q
*/
-static void XYcZ_add(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1, uECC_word_t * RESTRICT X2, uECC_word_t * RESTRICT Y2)
-{
+static void XYcZ_add(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ uECC_word_t * RESTRICT X2,
+ uECC_word_t * RESTRICT Y2) {
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
uECC_word_t t5[uECC_WORDS];
- vli_modSub_fast(t5, X2, X1); /* t5 = x2 - x1 */
- vli_modSquare_fast(t5, t5); /* t5 = (x2 - x1)^2 = A */
- vli_modMult_fast(X1, X1, t5); /* t1 = x1*A = B */
- vli_modMult_fast(X2, X2, t5); /* t3 = x2*A = C */
- vli_modSub_fast(Y2, Y2, Y1); /* t4 = y2 - y1 */
- vli_modSquare_fast(t5, Y2); /* t5 = (y2 - y1)^2 = D */
+ vli_modSub_fast(t5, X2, X1); /* t5 = x2 - x1 */
+ vli_modSquare_fast(t5, t5); /* t5 = (x2 - x1)^2 = A */
+ vli_modMult_fast(X1, X1, t5); /* t1 = x1*A = B */
+ vli_modMult_fast(X2, X2, t5); /* t3 = x2*A = C */
+ vli_modSub_fast(Y2, Y2, Y1); /* t4 = y2 - y1 */
+ vli_modSquare_fast(t5, Y2); /* t5 = (y2 - y1)^2 = D */
- vli_modSub_fast(t5, t5, X1); /* t5 = D - B */
- vli_modSub_fast(t5, t5, X2); /* t5 = D - B - C = x3 */
- vli_modSub_fast(X2, X2, X1); /* t3 = C - B */
- vli_modMult_fast(Y1, Y1, X2); /* t2 = y1*(C - B) */
- vli_modSub_fast(X2, X1, t5); /* t3 = B - x3 */
- vli_modMult_fast(Y2, Y2, X2); /* t4 = (y2 - y1)*(B - x3) */
- vli_modSub_fast(Y2, Y2, Y1); /* t4 = y3 */
+ vli_modSub_fast(t5, t5, X1); /* t5 = D - B */
+ vli_modSub_fast(t5, t5, X2); /* t5 = D - B - C = x3 */
+ vli_modSub_fast(X2, X2, X1); /* t3 = C - B */
+ vli_modMult_fast(Y1, Y1, X2); /* t2 = y1*(C - B) */
+ vli_modSub_fast(X2, X1, t5); /* t3 = B - x3 */
+ vli_modMult_fast(Y2, Y2, X2); /* t4 = (y2 - y1)*(B - x3) */
+ vli_modSub_fast(Y2, Y2, Y1); /* t4 = y3 */
vli_set(X2, t5);
}
@@ -1620,42 +1538,46 @@
Output P + Q = (x3, y3, Z3), P - Q = (x3', y3', Z3)
or P => P - Q, Q => P + Q
*/
-static void XYcZ_addC(uECC_word_t * RESTRICT X1, uECC_word_t * RESTRICT Y1, uECC_word_t * RESTRICT X2, uECC_word_t * RESTRICT Y2)
-{
+static void XYcZ_addC(uECC_word_t * RESTRICT X1,
+ uECC_word_t * RESTRICT Y1,
+ uECC_word_t * RESTRICT X2,
+ uECC_word_t * RESTRICT Y2) {
/* t1 = X1, t2 = Y1, t3 = X2, t4 = Y2 */
uECC_word_t t5[uECC_WORDS];
uECC_word_t t6[uECC_WORDS];
uECC_word_t t7[uECC_WORDS];
- vli_modSub_fast(t5, X2, X1); /* t5 = x2 - x1 */
+ vli_modSub_fast(t5, X2, X1); /* t5 = x2 - x1 */
vli_modSquare_fast(t5, t5); /* t5 = (x2 - x1)^2 = A */
vli_modMult_fast(X1, X1, t5); /* t1 = x1*A = B */
vli_modMult_fast(X2, X2, t5); /* t3 = x2*A = C */
vli_modAdd(t5, Y2, Y1, curve_p); /* t4 = y2 + y1 */
- vli_modSub_fast(Y2, Y2, Y1); /* t4 = y2 - y1 */
+ vli_modSub_fast(Y2, Y2, Y1); /* t4 = y2 - y1 */
- vli_modSub_fast(t6, X2, X1); /* t6 = C - B */
+ vli_modSub_fast(t6, X2, X1); /* t6 = C - B */
vli_modMult_fast(Y1, Y1, t6); /* t2 = y1 * (C - B) */
vli_modAdd(t6, X1, X2, curve_p); /* t6 = B + C */
vli_modSquare_fast(X2, Y2); /* t3 = (y2 - y1)^2 */
- vli_modSub_fast(X2, X2, t6); /* t3 = x3 */
+ vli_modSub_fast(X2, X2, t6); /* t3 = x3 */
- vli_modSub_fast(t7, X1, X2); /* t7 = B - x3 */
- vli_modMult_fast(Y2, Y2, t7); /* t4 = (y2 - y1)*(B - x3) */
- vli_modSub_fast(Y2, Y2, Y1); /* t4 = y3 */
+ vli_modSub_fast(t7, X1, X2); /* t7 = B - x3 */
+ vli_modMult_fast(Y2, Y2, t7); /* t4 = (y2 - y1)*(B - x3) */
+ vli_modSub_fast(Y2, Y2, Y1); /* t4 = y3 */
- vli_modSquare_fast(t7, t5); /* t7 = (y2 + y1)^2 = F */
- vli_modSub_fast(t7, t7, t6); /* t7 = x3' */
- vli_modSub_fast(t6, t7, X1); /* t6 = x3' - B */
- vli_modMult_fast(t6, t6, t5); /* t6 = (y2 + y1)*(x3' - B) */
- vli_modSub_fast(Y1, t6, Y1); /* t2 = y3' */
+ vli_modSquare_fast(t7, t5); /* t7 = (y2 + y1)^2 = F */
+ vli_modSub_fast(t7, t7, t6); /* t7 = x3' */
+ vli_modSub_fast(t6, t7, X1); /* t6 = x3' - B */
+ vli_modMult_fast(t6, t6, t5); /* t6 = (y2 + y1)*(x3' - B) */
+ vli_modSub_fast(Y1, t6, Y1); /* t2 = y3' */
vli_set(X1, t7);
}
-static void EccPoint_mult(EccPoint * RESTRICT p_result, const EccPoint * RESTRICT p_point,
- const uECC_word_t * RESTRICT p_scalar, const uECC_word_t * RESTRICT p_initialZ, bitcount_t p_numBits)
-{
+static void EccPoint_mult(EccPoint * RESTRICT result,
+ const EccPoint * RESTRICT point,
+ const uECC_word_t * RESTRICT scalar,
+ const uECC_word_t * RESTRICT initialZ,
+ bitcount_t numBits) {
/* R0 and R1 */
uECC_word_t Rx[2][uECC_WORDS];
uECC_word_t Ry[2][uECC_WORDS];
@@ -1664,67 +1586,58 @@
bitcount_t i;
uECC_word_t nb;
- vli_set(Rx[1], p_point->x);
- vli_set(Ry[1], p_point->y);
+ vli_set(Rx[1], point->x);
+ vli_set(Ry[1], point->y);
- XYcZ_initial_double(Rx[1], Ry[1], Rx[0], Ry[0], p_initialZ);
+ XYcZ_initial_double(Rx[1], Ry[1], Rx[0], Ry[0], initialZ);
- for(i = p_numBits - 2; i > 0; --i)
- {
- nb = !vli_testBit(p_scalar, i);
- XYcZ_addC(Rx[1-nb], Ry[1-nb], Rx[nb], Ry[nb]);
- XYcZ_add(Rx[nb], Ry[nb], Rx[1-nb], Ry[1-nb]);
+ for (i = numBits - 2; i > 0; --i) {
+ nb = !vli_testBit(scalar, i);
+ XYcZ_addC(Rx[1 - nb], Ry[1 - nb], Rx[nb], Ry[nb]);
+ XYcZ_add(Rx[nb], Ry[nb], Rx[1 - nb], Ry[1 - nb]);
}
- nb = !vli_testBit(p_scalar, 0);
- XYcZ_addC(Rx[1-nb], Ry[1-nb], Rx[nb], Ry[nb]);
+ nb = !vli_testBit(scalar, 0);
+ XYcZ_addC(Rx[1 - nb], Ry[1 - nb], Rx[nb], Ry[nb]);
/* Find final 1/Z value. */
- vli_modSub_fast(z, Rx[1], Rx[0]); /* X1 - X0 */
- vli_modMult_fast(z, z, Ry[1-nb]); /* Yb * (X1 - X0) */
- vli_modMult_fast(z, z, p_point->x); /* xP * Yb * (X1 - X0) */
- vli_modInv(z, z, curve_p); /* 1 / (xP * Yb * (X1 - X0)) */
- vli_modMult_fast(z, z, p_point->y); /* yP / (xP * Yb * (X1 - X0)) */
- vli_modMult_fast(z, z, Rx[1-nb]); /* Xb * yP / (xP * Yb * (X1 - X0)) */
+ vli_modSub_fast(z, Rx[1], Rx[0]); /* X1 - X0 */
+ vli_modMult_fast(z, z, Ry[1 - nb]); /* Yb * (X1 - X0) */
+ vli_modMult_fast(z, z, point->x); /* xP * Yb * (X1 - X0) */
+ vli_modInv(z, z, curve_p); /* 1 / (xP * Yb * (X1 - X0)) */
+ vli_modMult_fast(z, z, point->y); /* yP / (xP * Yb * (X1 - X0)) */
+ vli_modMult_fast(z, z, Rx[1 - nb]); /* Xb * yP / (xP * Yb * (X1 - X0)) */
/* End 1/Z calculation */
- XYcZ_add(Rx[nb], Ry[nb], Rx[1-nb], Ry[1-nb]);
-
+ XYcZ_add(Rx[nb], Ry[nb], Rx[1 - nb], Ry[1 - nb]);
apply_z(Rx[0], Ry[0], z);
- vli_set(p_result->x, Rx[0]);
- vli_set(p_result->y, Ry[0]);
+ vli_set(result->x, Rx[0]);
+ vli_set(result->y, Ry[0]);
}
-static int EccPoint_compute_public_key(EccPoint *p_result, const uECC_word_t *p_private) {
-
+static int EccPoint_compute_public_key(EccPoint *result, const uECC_word_t *private) {
/* Make sure the private key is in the range [1, n-1]. */
- if(vli_isZero(p_private))
- {
+ if (vli_isZero(private)) {
return 0;
}
#if uECC_CURVE != uECC_secp160r1
- if(vli_cmp(curve_n, p_private) != 1)
- {
+ if (vli_cmp(curve_n, private) != 1) {
return 0;
}
#endif
/* Compute the public point */
- EccPoint_mult(p_result, &curve_G, p_private, 0, vli_numBits(p_private, uECC_WORDS));
-
- if (EccPoint_isZero(p_result))
- {
+ EccPoint_mult(result, &curve_G, private, 0, vli_numBits(private, uECC_WORDS));
+ if (EccPoint_isZero(result)) {
return 0;
}
-
return 1;
}
/* Compute a = sqrt(a) (mod curve_p). */
-static void mod_sqrt(uECC_word_t *a)
-{
+static void mod_sqrt(uECC_word_t *a) {
bitcount_t i;
uECC_word_t p1[uECC_WORDS] = {1};
uECC_word_t l_result[uECC_WORDS] = {1};
@@ -1732,11 +1645,9 @@
/* Since curve_p == 3 (mod 4) for all supported curves, we can
compute sqrt(a) = a^((curve_p + 1) / 4) (mod curve_p). */
vli_add(p1, curve_p, p1); /* p1 = curve_p + 1 */
- for(i = vli_numBits(p1, uECC_WORDS) - 1; i > 1; --i)
- {
+ for (i = vli_numBits(p1, uECC_WORDS) - 1; i > 1; --i) {
vli_modSquare_fast(l_result, l_result);
- if(vli_testBit(p1, i))
- {
+ if (vli_testBit(p1, i)) {
vli_modMult_fast(l_result, l_result, a);
}
}
@@ -1745,12 +1656,10 @@
#if uECC_WORD_SIZE == 1
-static void vli_nativeToBytes(uint8_t * RESTRICT p_dest, const uint8_t * RESTRICT p_src)
-{
+static void vli_nativeToBytes(uint8_t * RESTRICT dest, const uint8_t * RESTRICT src) {
uint8_t i;
- for(i=0; i<uECC_BYTES; ++i)
- {
- p_dest[i] = p_src[(uECC_BYTES - 1) - i];
+ for (i = 0; i < uECC_BYTES; ++i) {
+ dest[i] = src[(uECC_BYTES - 1) - i];
}
}
@@ -1758,250 +1667,250 @@
#elif uECC_WORD_SIZE == 4
-static void vli_nativeToBytes(uint8_t *p_bytes, const uint32_t *p_native)
-{
+static void vli_nativeToBytes(uint8_t *bytes, const uint32_t *native) {
unsigned i;
- for(i=0; i<uECC_WORDS; ++i)
- {
- uint8_t *p_digit = p_bytes + 4 * (uECC_WORDS - 1 - i);
- p_digit[0] = p_native[i] >> 24;
- p_digit[1] = p_native[i] >> 16;
- p_digit[2] = p_native[i] >> 8;
- p_digit[3] = p_native[i];
+ for (i = 0; i < uECC_WORDS; ++i) {
+ uint8_t *digit = bytes + 4 * (uECC_WORDS - 1 - i);
+ digit[0] = native[i] >> 24;
+ digit[1] = native[i] >> 16;
+ digit[2] = native[i] >> 8;
+ digit[3] = native[i];
}
}
-static void vli_bytesToNative(uint32_t *p_native, const uint8_t *p_bytes)
-{
+static void vli_bytesToNative(uint32_t *native, const uint8_t *bytes) {
unsigned i;
- for(i=0; i<uECC_WORDS; ++i)
- {
- const uint8_t *p_digit = p_bytes + 4 * (uECC_WORDS - 1 - i);
- p_native[i] = ((uint32_t)p_digit[0] << 24) | ((uint32_t)p_digit[1] << 16) | ((uint32_t)p_digit[2] << 8) | (uint32_t)p_digit[3];
+ for (i = 0; i < uECC_WORDS; ++i) {
+ const uint8_t *digit = bytes + 4 * (uECC_WORDS - 1 - i);
+ native[i] = ((uint32_t)digit[0] << 24) | ((uint32_t)digit[1] << 16) |
+ ((uint32_t)digit[2] << 8) | (uint32_t)digit[3];
}
}
#else
-static void vli_nativeToBytes(uint8_t *p_bytes, const uint64_t *p_native)
-{
+static void vli_nativeToBytes(uint8_t *bytes, const uint64_t *native) {
unsigned i;
- for(i=0; i<uECC_WORDS; ++i)
- {
- uint8_t *p_digit = p_bytes + 8 * (uECC_WORDS - 1 - i);
- p_digit[0] = p_native[i] >> 56;
- p_digit[1] = p_native[i] >> 48;
- p_digit[2] = p_native[i] >> 40;
- p_digit[3] = p_native[i] >> 32;
- p_digit[4] = p_native[i] >> 24;
- p_digit[5] = p_native[i] >> 16;
- p_digit[6] = p_native[i] >> 8;
- p_digit[7] = p_native[i];
+ for (i = 0; i < uECC_WORDS; ++i) {
+ uint8_t *digit = bytes + 8 * (uECC_WORDS - 1 - i);
+ digit[0] = native[i] >> 56;
+ digit[1] = native[i] >> 48;
+ digit[2] = native[i] >> 40;
+ digit[3] = native[i] >> 32;
+ digit[4] = native[i] >> 24;
+ digit[5] = native[i] >> 16;
+ digit[6] = native[i] >> 8;
+ digit[7] = native[i];
}
}
-static void vli_bytesToNative(uint64_t *p_native, const uint8_t *p_bytes)
-{
+static void vli_bytesToNative(uint64_t *native, const uint8_t *bytes) {
unsigned i;
- for(i=0; i<uECC_WORDS; ++i)
- {
- const uint8_t *p_digit = p_bytes + 8 * (uECC_WORDS - 1 - i);
- p_native[i] = ((uint64_t)p_digit[0] << 56) | ((uint64_t)p_digit[1] << 48) | ((uint64_t)p_digit[2] << 40) | ((uint64_t)p_digit[3] << 32) |
- ((uint64_t)p_digit[4] << 24) | ((uint64_t)p_digit[5] << 16) | ((uint64_t)p_digit[6] << 8) | (uint64_t)p_digit[7];
+ for (i = 0; i < uECC_WORDS; ++i) {
+ const uint8_t *digit = bytes + 8 * (uECC_WORDS - 1 - i);
+ native[i] = ((uint64_t)digit[0] << 56) | ((uint64_t)digit[1] << 48) |
+ ((uint64_t)digit[2] << 40) | ((uint64_t)digit[3] << 32) |
+ ((uint64_t)digit[4] << 24) | ((uint64_t)digit[5] << 16) |
+ ((uint64_t)digit[6] << 8) | (uint64_t)digit[7];
}
}
#endif /* uECC_WORD_SIZE */
-int uECC_make_key(uint8_t p_publicKey[uECC_BYTES*2], uint8_t p_privateKey[uECC_BYTES])
-{
- uECC_word_t l_private[uECC_WORDS];
- uECC_word_t l_tries = 0;
+int uECC_make_key(uint8_t public_key[uECC_BYTES*2], uint8_t private_key[uECC_BYTES]) {
+ uECC_word_t private[uECC_WORDS];
+ uECC_word_t tries = 0;
+ EccPoint public;
- EccPoint l_public;
-
- while (1)
- {
- if(!g_rng((uint8_t *)l_private, sizeof(l_private)) || (l_tries++ >= MAX_TRIES))
- {
+ while (1) {
+ if (!g_rng_function((uint8_t *)private, sizeof(private)) || (tries++ >= MAX_TRIES)) {
return 0;
}
-
- if (EccPoint_compute_public_key(&l_public, l_private)) {
+ if (EccPoint_compute_public_key(&public, private)) {
break;
}
}
- vli_nativeToBytes(p_privateKey, l_private);
-
- vli_nativeToBytes(p_publicKey, l_public.x);
- vli_nativeToBytes(p_publicKey + uECC_BYTES, l_public.y);
-
+ vli_nativeToBytes(private_key, private);
+ vli_nativeToBytes(public_key, public.x);
+ vli_nativeToBytes(public_key + uECC_BYTES, public.y);
return 1;
}
-int uECC_shared_secret(const uint8_t p_publicKey[uECC_BYTES*2], const uint8_t p_privateKey[uECC_BYTES], uint8_t p_secret[uECC_BYTES])
-{
- EccPoint l_public;
- EccPoint l_product;
- uECC_word_t l_private[uECC_WORDS];
- uECC_word_t l_random[uECC_WORDS];
+int uECC_shared_secret(const uint8_t public_key[uECC_BYTES*2],
+ const uint8_t private_key[uECC_BYTES],
+ uint8_t secret[uECC_BYTES]) {
+ EccPoint public;
+ EccPoint product;
+ uECC_word_t private[uECC_WORDS];
+ uECC_word_t random[uECC_WORDS];
- g_rng((uint8_t *)l_random, sizeof(l_random));
+ g_rng_function((uint8_t *)random, sizeof(random));
- vli_bytesToNative(l_private, p_privateKey);
- vli_bytesToNative(l_public.x, p_publicKey);
- vli_bytesToNative(l_public.y, p_publicKey + uECC_BYTES);
+ vli_bytesToNative(private, private_key);
+ vli_bytesToNative(public.x, public_key);
+ vli_bytesToNative(public.y, public_key + uECC_BYTES);
- EccPoint_mult(&l_product, &l_public, l_private, (vli_isZero(l_random) ? 0: l_random), vli_numBits(l_private, uECC_WORDS));
-
- vli_nativeToBytes(p_secret, l_product.x);
-
- return !EccPoint_isZero(&l_product);
+ EccPoint_mult(&product,
+ &public,
+ private,
+ (vli_isZero(random) ? 0: random),
+ vli_numBits(private, uECC_WORDS));
+ vli_nativeToBytes(secret, product.x);
+ return !EccPoint_isZero(&product);
}
-void uECC_compress(const uint8_t p_publicKey[uECC_BYTES*2], uint8_t p_compressed[uECC_BYTES+1])
-{
+void uECC_compress(const uint8_t public_key[uECC_BYTES*2], uint8_t compressed[uECC_BYTES+1]) {
wordcount_t i;
- for(i=0; i<uECC_BYTES; ++i)
- {
- p_compressed[i+1] = p_publicKey[i];
+ for (i = 0; i < uECC_BYTES; ++i) {
+ compressed[i+1] = public_key[i];
}
- p_compressed[0] = 2 + (p_publicKey[uECC_BYTES * 2 - 1] & 0x01);
+ compressed[0] = 2 + (public_key[uECC_BYTES * 2 - 1] & 0x01);
}
-/* Computes p_result = x^3 + ax + b. p_result must not overlap x. */
-static void curve_x_side(uECC_word_t * RESTRICT p_result, const uECC_word_t * RESTRICT x)
-{
+/* Computes result = x^3 + ax + b. result must not overlap x. */
+static void curve_x_side(uECC_word_t * RESTRICT result, const uECC_word_t * RESTRICT x) {
#if (uECC_CURVE == uECC_secp256k1)
- vli_modSquare_fast(p_result, x); /* r = x^2 */
- vli_modMult_fast(p_result, p_result, x); /* r = x^3 */
- vli_modAdd(p_result, p_result, curve_b, curve_p); /* r = x^3 + b */
+ vli_modSquare_fast(result, x); /* r = x^2 */
+ vli_modMult_fast(result, result, x); /* r = x^3 */
+ vli_modAdd(result, result, curve_b, curve_p); /* r = x^3 + b */
#else
uECC_word_t _3[uECC_WORDS] = {3}; /* -a = 3 */
- vli_modSquare_fast(p_result, x); /* r = x^2 */
- vli_modSub_fast(p_result, p_result, _3); /* r = x^2 - 3 */
- vli_modMult_fast(p_result, p_result, x); /* r = x^3 - 3x */
- vli_modAdd(p_result, p_result, curve_b, curve_p); /* r = x^3 - 3x + b */
+ vli_modSquare_fast(result, x); /* r = x^2 */
+ vli_modSub_fast(result, result, _3); /* r = x^2 - 3 */
+ vli_modMult_fast(result, result, x); /* r = x^3 - 3x */
+ vli_modAdd(result, result, curve_b, curve_p); /* r = x^3 - 3x + b */
#endif
}
-void uECC_decompress(const uint8_t p_compressed[uECC_BYTES+1], uint8_t p_publicKey[uECC_BYTES*2])
-{
- EccPoint l_point;
- vli_bytesToNative(l_point.x, p_compressed + 1);
- curve_x_side(l_point.y, l_point.x);
- mod_sqrt(l_point.y);
+void uECC_decompress(const uint8_t compressed[uECC_BYTES+1], uint8_t public_key[uECC_BYTES*2]) {
+ EccPoint point;
+ vli_bytesToNative(point.x, compressed + 1);
+ curve_x_side(point.y, point.x);
+ mod_sqrt(point.y);
- if((l_point.y[0] & 0x01) != (p_compressed[0] & 0x01))
- {
- vli_sub(l_point.y, curve_p, l_point.y);
+ if ((point.y[0] & 0x01) != (compressed[0] & 0x01)) {
+ vli_sub(point.y, curve_p, point.y);
}
- vli_nativeToBytes(p_publicKey, l_point.x);
- vli_nativeToBytes(p_publicKey + uECC_BYTES, l_point.y);
+ vli_nativeToBytes(public_key, point.x);
+ vli_nativeToBytes(public_key + uECC_BYTES, point.y);
}
-int uECC_valid_public_key(const uint8_t p_publicKey[uECC_BYTES*2])
-{
- uECC_word_t l_tmp1[uECC_WORDS];
- uECC_word_t l_tmp2[uECC_WORDS];
- EccPoint l_public;
- vli_bytesToNative(l_public.x, p_publicKey);
- vli_bytesToNative(l_public.y, p_publicKey + uECC_BYTES);
+int uECC_valid_public_key(const uint8_t public_key[uECC_BYTES*2]) {
+ uECC_word_t tmp1[uECC_WORDS];
+ uECC_word_t tmp2[uECC_WORDS];
+ EccPoint public;
+ vli_bytesToNative(public.x, public_key);
+ vli_bytesToNative(public.y, public_key + uECC_BYTES);
// The point at infinity is invalid.
- if(EccPoint_isZero(&l_public))
- {
+ if (EccPoint_isZero(&public)) {
return 0;
}
// x and y must be smaller than p.
- if(vli_cmp(curve_p, l_public.x) != 1 || vli_cmp(curve_p, l_public.y) != 1)
- {
+ if (vli_cmp(curve_p, public.x) != 1 || vli_cmp(curve_p, public.y) != 1) {
return 0;
}
- vli_modSquare_fast(l_tmp1, l_public.y); /* tmp1 = y^2 */
-
- curve_x_side(l_tmp2, l_public.x); /* tmp2 = x^3 + ax + b */
+ vli_modSquare_fast(tmp1, public.y); /* tmp1 = y^2 */
+ curve_x_side(tmp2, public.x); /* tmp2 = x^3 + ax + b */
/* Make sure that y^2 == x^3 + ax + b */
- return (vli_cmp(l_tmp1, l_tmp2) == 0);
+ return (vli_cmp(tmp1, tmp2) == 0);
+}
+
+int uECC_compute_public_key(const uint8_t private_key[uECC_BYTES],
+ uint8_t public_key[uECC_BYTES * 2]) {
+ uECC_word_t private[uECC_WORDS];
+ EccPoint public;
+
+ vli_bytesToNative(private, private_key);
+
+ if (!EccPoint_compute_public_key(&public, private)) {
+ return 0;
+ }
+
+ vli_nativeToBytes(public_key, public.x);
+ vli_nativeToBytes(public_key + uECC_BYTES, public.y);
+ return 1;
+}
+
+int uECC_bytes(void) {
+ return uECC_BYTES;
+}
+
+int uECC_curve(void) {
+ return uECC_CURVE;
}
/* -------- ECDSA code -------- */
#if (uECC_CURVE == uECC_secp160r1)
-static void vli_clear_n(uECC_word_t *p_vli)
-{
- vli_clear(p_vli);
- p_vli[uECC_N_WORDS - 1] = 0;
+static void vli_clear_n(uECC_word_t *vli) {
+ vli_clear(vli);
+ vli[uECC_N_WORDS - 1] = 0;
}
-static uECC_word_t vli_isZero_n(const uECC_word_t *p_vli)
-{
- if(p_vli[uECC_N_WORDS - 1])
- {
+static uECC_word_t vli_isZero_n(const uECC_word_t *vli) {
+ if (vli[uECC_N_WORDS - 1]) {
return 0;
}
- return vli_isZero(p_vli);
+ return vli_isZero(vli);
}
-static void vli_set_n(uECC_word_t *p_dest, const uECC_word_t *p_src)
-{
- vli_set(p_dest, p_src);
- p_dest[uECC_N_WORDS-1] = p_src[uECC_N_WORDS-1];
+static void vli_set_n(uECC_word_t *dest, const uECC_word_t *src) {
+ vli_set(dest, src);
+ dest[uECC_N_WORDS - 1] = src[uECC_N_WORDS - 1];
}
-static cmpresult_t vli_cmp_n(const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- if(p_left[uECC_N_WORDS-1] > p_right[uECC_N_WORDS-1])
- {
+static cmpresult_t vli_cmp_n(const uECC_word_t *left, const uECC_word_t *right) {
+ if (left[uECC_N_WORDS - 1] > right[uECC_N_WORDS - 1]) {
return 1;
- }
- else if(p_left[uECC_N_WORDS-1] < p_right[uECC_N_WORDS-1])
- {
+ } else if (left[uECC_N_WORDS - 1] < right[uECC_N_WORDS - 1]) {
return -1;
}
- return vli_cmp(p_left, p_right);
+ return vli_cmp(left, right);
}
-static void vli_rshift1_n(uECC_word_t *p_vli)
-{
- vli_rshift1(p_vli);
- p_vli[uECC_N_WORDS-2] |= p_vli[uECC_N_WORDS-1] << (uECC_WORD_BITS - 1);
- p_vli[uECC_N_WORDS-1] = p_vli[uECC_N_WORDS-1] >> 1;
+static void vli_rshift1_n(uECC_word_t *vli) {
+ vli_rshift1(vli);
+ vli[uECC_N_WORDS - 2] |= vli[uECC_N_WORDS - 1] << (uECC_WORD_BITS - 1);
+ vli[uECC_N_WORDS - 1] = vli[uECC_N_WORDS - 1] >> 1;
}
-static uECC_word_t vli_add_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_carry = vli_add(p_result, p_left, p_right);
- uECC_word_t l_sum = p_left[uECC_N_WORDS-1] + p_right[uECC_N_WORDS-1] + l_carry;
- if(l_sum != p_left[uECC_N_WORDS-1])
- {
- l_carry = (l_sum < p_left[uECC_N_WORDS-1]);
+static uECC_word_t vli_add_n(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right) {
+ uECC_word_t carry = vli_add(result, left, right);
+ uECC_word_t sum = left[uECC_N_WORDS - 1] + right[uECC_N_WORDS - 1] + carry;
+ if (sum != left[uECC_N_WORDS - 1]) {
+ carry = (sum < left[uECC_N_WORDS - 1]);
}
- p_result[uECC_N_WORDS-1] = l_sum;
- return l_carry;
+ result[uECC_N_WORDS - 1] = sum;
+ return carry;
}
-static uECC_word_t vli_sub_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_borrow = vli_sub(p_result, p_left, p_right);
- uECC_word_t l_diff = p_left[uECC_N_WORDS-1] - p_right[uECC_N_WORDS-1] - l_borrow;
- if(l_diff != p_left[uECC_N_WORDS-1])
- {
- l_borrow = (l_diff > p_left[uECC_N_WORDS-1]);
+static uECC_word_t vli_sub_n(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right) {
+ uECC_word_t borrow = vli_sub(result, left, right);
+ uECC_word_t diff = left[uECC_N_WORDS - 1] - right[uECC_N_WORDS - 1] - borrow;
+ if (diff != left[uECC_N_WORDS - 1]) {
+ borrow = (diff > left[uECC_N_WORDS - 1]);
}
- p_result[uECC_N_WORDS-1] = l_diff;
- return l_borrow;
+ result[uECC_N_WORDS - 1] = diff;
+ return borrow;
}
#if !muladd_exists
-static void muladd(uECC_word_t a, uECC_word_t b, uECC_word_t *r0, uECC_word_t *r1, uECC_word_t *r2)
-{
+static void muladd(uECC_word_t a,
+ uECC_word_t b,
+ uECC_word_t *r0,
+ uECC_word_t *r1,
+ uECC_word_t *r2) {
uECC_dword_t p = (uECC_dword_t)a * b;
uECC_dword_t r01 = ((uECC_dword_t)(*r1) << uECC_WORD_BITS) | *r0;
r01 += p;
@@ -2012,146 +1921,149 @@
#define muladd_exists 1
#endif
-static void vli_mult_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
+static void vli_mult_n(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
uECC_word_t r0 = 0;
uECC_word_t r1 = 0;
uECC_word_t r2 = 0;
-
wordcount_t i, k;
- for(k = 0; k < uECC_N_WORDS*2 - 1; ++k)
- {
- wordcount_t l_min = (k < uECC_N_WORDS ? 0 : (k + 1) - uECC_N_WORDS);
- wordcount_t l_max = (k < uECC_N_WORDS ? k : uECC_N_WORDS-1);
- for(i = l_min; i <= l_max; ++i)
- {
- muladd(p_left[i], p_right[k-i], &r0, &r1, &r2);
+
+ for (k = 0; k < uECC_N_WORDS * 2 - 1; ++k) {
+ wordcount_t min = (k < uECC_N_WORDS ? 0 : (k + 1) - uECC_N_WORDS);
+ wordcount_t max = (k < uECC_N_WORDS ? k : uECC_N_WORDS - 1);
+ for (i = min; i <= max; ++i) {
+ muladd(left[i], right[k - i], &r0, &r1, &r2);
}
- p_result[k] = r0;
+ result[k] = r0;
r0 = r1;
r1 = r2;
r2 = 0;
}
-
- p_result[uECC_N_WORDS*2 - 1] = r0;
+ result[uECC_N_WORDS * 2 - 1] = r0;
}
-static void vli_modAdd_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right, const uECC_word_t *p_mod)
-{
- uECC_word_t l_carry = vli_add_n(p_result, p_left, p_right);
- if(l_carry || vli_cmp_n(p_result, p_mod) >= 0)
- {
- vli_sub_n(p_result, p_result, p_mod);
+static void vli_modAdd_n(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right,
+ const uECC_word_t *mod) {
+ uECC_word_t carry = vli_add_n(result, left, right);
+ if (carry || vli_cmp_n(result, mod) >= 0) {
+ vli_sub_n(result, result, mod);
}
}
-static void vli_modInv_n(uECC_word_t *p_result, const uECC_word_t *p_input, const uECC_word_t *p_mod)
-{
+static void vli_modInv_n(uECC_word_t *result, const uECC_word_t *input, const uECC_word_t *mod) {
uECC_word_t a[uECC_N_WORDS], b[uECC_N_WORDS], u[uECC_N_WORDS], v[uECC_N_WORDS];
- uECC_word_t l_carry;
- cmpresult_t l_cmpResult;
+ uECC_word_t carry;
+ cmpresult_t cmpResult;
- if(vli_isZero_n(p_input))
- {
- vli_clear_n(p_result);
+ if (vli_isZero_n(input)) {
+ vli_clear_n(result);
return;
}
- vli_set_n(a, p_input);
- vli_set_n(b, p_mod);
+ vli_set_n(a, input);
+ vli_set_n(b, mod);
vli_clear_n(u);
u[0] = 1;
vli_clear_n(v);
- while((l_cmpResult = vli_cmp_n(a, b)) != 0)
- {
- l_carry = 0;
- if(EVEN(a))
- {
+ while ((cmpResult = vli_cmp_n(a, b)) != 0) {
+ carry = 0;
+ if (EVEN(a)) {
vli_rshift1_n(a);
- if(!EVEN(u)) l_carry = vli_add_n(u, u, p_mod);
+ if (!EVEN(u)) {
+ carry = vli_add_n(u, u, mod);
+ }
vli_rshift1_n(u);
- if(l_carry) u[uECC_N_WORDS-1] |= HIGH_BIT_SET;
- }
- else if(EVEN(b))
- {
+ if (carry) {
+ u[uECC_N_WORDS - 1] |= HIGH_BIT_SET;
+ }
+ } else if (EVEN(b)) {
vli_rshift1_n(b);
- if(!EVEN(v)) l_carry = vli_add_n(v, v, p_mod);
+ if (!EVEN(v)) {
+ carry = vli_add_n(v, v, mod);
+ }
vli_rshift1_n(v);
- if(l_carry) v[uECC_N_WORDS-1] |= HIGH_BIT_SET;
- }
- else if(l_cmpResult > 0)
- {
+ if (carry) {
+ v[uECC_N_WORDS - 1] |= HIGH_BIT_SET;
+ }
+ } else if (cmpResult > 0) {
vli_sub_n(a, a, b);
vli_rshift1_n(a);
- if(vli_cmp_n(u, v) < 0) vli_add_n(u, u, p_mod);
+ if (vli_cmp_n(u, v) < 0) {
+ vli_add_n(u, u, mod);
+ }
vli_sub_n(u, u, v);
- if(!EVEN(u)) l_carry = vli_add_n(u, u, p_mod);
+ if (!EVEN(u)) {
+ carry = vli_add_n(u, u, mod);
+ }
vli_rshift1_n(u);
- if(l_carry) u[uECC_N_WORDS-1] |= HIGH_BIT_SET;
- }
- else
- {
+ if (carry) {
+ u[uECC_N_WORDS - 1] |= HIGH_BIT_SET;
+ }
+ } else {
vli_sub_n(b, b, a);
vli_rshift1_n(b);
- if(vli_cmp_n(v, u) < 0) vli_add_n(v, v, p_mod);
+ if (vli_cmp_n(v, u) < 0) {
+ vli_add_n(v, v, mod);
+ }
vli_sub_n(v, v, u);
- if(!EVEN(v)) l_carry = vli_add_n(v, v, p_mod);
+ if (!EVEN(v)) {
+ carry = vli_add_n(v, v, mod);
+ }
vli_rshift1_n(v);
- if(l_carry) v[uECC_N_WORDS-1] |= HIGH_BIT_SET;
+ if (carry) {
+ v[uECC_N_WORDS - 1] |= HIGH_BIT_SET;
+ }
}
}
-
- vli_set_n(p_result, u);
+ vli_set_n(result, u);
}
-static void vli2_rshift1_n(uECC_word_t *p_vli)
-{
- vli_rshift1_n(p_vli);
- p_vli[uECC_N_WORDS-1] |= p_vli[uECC_N_WORDS] << (uECC_WORD_BITS - 1);
- vli_rshift1_n(p_vli + uECC_N_WORDS);
+static void vli2_rshift1_n(uECC_word_t *vli) {
+ vli_rshift1_n(vli);
+ vli[uECC_N_WORDS - 1] |= vli[uECC_N_WORDS] << (uECC_WORD_BITS - 1);
+ vli_rshift1_n(vli + uECC_N_WORDS);
}
-static uECC_word_t vli2_sub_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_borrow = 0;
+static uECC_word_t vli2_sub_n(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right) {
+ uECC_word_t borrow = 0;
wordcount_t i;
- for(i=0; i<uECC_N_WORDS*2; ++i)
- {
- uECC_word_t l_diff = p_left[i] - p_right[i] - l_borrow;
- if(l_diff != p_left[i])
- {
- l_borrow = (l_diff > p_left[i]);
+ for (i = 0; i < uECC_N_WORDS * 2; ++i) {
+ uECC_word_t diff = left[i] - right[i] - borrow;
+ if (diff != left[i]) {
+ borrow = (diff > left[i]);
}
- p_result[i] = l_diff;
+ result[i] = diff;
}
- return l_borrow;
+ return borrow;
}
-/* Computes p_result = (p_left * p_right) % curve_n. */
-static void vli_modMult_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
+/* Computes result = (left * right) % curve_n. */
+static void vli_modMult_n(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
bitcount_t i;
- uECC_word_t l_product[2 * uECC_N_WORDS];
- uECC_word_t l_modMultiple[2 * uECC_N_WORDS];
- uECC_word_t l_tmp[2 * uECC_N_WORDS];
- uECC_word_t *v[2] = {l_tmp, l_product};
- uECC_word_t l_index = 1;
+ uECC_word_t product[2 * uECC_N_WORDS];
+ uECC_word_t modMultiple[2 * uECC_N_WORDS];
+ uECC_word_t tmp[2 * uECC_N_WORDS];
+ uECC_word_t *v[2] = {tmp, product};
+ uECC_word_t index = 1;
- vli_mult_n(l_product, p_left, p_right);
- vli_clear_n(l_modMultiple);
- vli_set(l_modMultiple + uECC_N_WORDS + 1, curve_n);
- vli_rshift1(l_modMultiple + uECC_N_WORDS + 1);
- l_modMultiple[2 * uECC_N_WORDS - 1] |= HIGH_BIT_SET;
- l_modMultiple[uECC_N_WORDS] = HIGH_BIT_SET;
+ vli_mult_n(product, left, right);
+ vli_clear_n(modMultiple);
+ vli_set(modMultiple + uECC_N_WORDS + 1, curve_n);
+ vli_rshift1(modMultiple + uECC_N_WORDS + 1);
+ modMultiple[2 * uECC_N_WORDS - 1] |= HIGH_BIT_SET;
+ modMultiple[uECC_N_WORDS] = HIGH_BIT_SET;
- for(i=0; i<=((((bitcount_t)uECC_N_WORDS) << uECC_WORD_BITS_SHIFT) + (uECC_WORD_BITS - 1)); ++i)
- {
- uECC_word_t l_borrow = vli2_sub_n(v[1-l_index], v[l_index], l_modMultiple);
- l_index = !(l_index ^ l_borrow); /* Swap the index if there was no borrow */
- vli2_rshift1_n(l_modMultiple);
+ for (i = 0;
+ i <= ((((bitcount_t)uECC_N_WORDS) << uECC_WORD_BITS_SHIFT) + (uECC_WORD_BITS - 1));
+ ++i) {
+ uECC_word_t borrow = vli2_sub_n(v[1 - index], v[index], modMultiple);
+ index = !(index ^ borrow); /* Swap the index if there was no borrow */
+ vli2_rshift1_n(modMultiple);
}
-
- vli_set_n(p_result, v[l_index]);
+ vli_set_n(result, v[index]);
}
#else
@@ -2159,232 +2071,217 @@
#define vli_modInv_n vli_modInv
#define vli_modAdd_n vli_modAdd
-static void vli2_rshift1(uECC_word_t *p_vli)
-{
- vli_rshift1(p_vli);
- p_vli[uECC_WORDS-1] |= p_vli[uECC_WORDS] << (uECC_WORD_BITS - 1);
- vli_rshift1(p_vli + uECC_WORDS);
+static void vli2_rshift1(uECC_word_t *vli) {
+ vli_rshift1(vli);
+ vli[uECC_WORDS - 1] |= vli[uECC_WORDS] << (uECC_WORD_BITS - 1);
+ vli_rshift1(vli + uECC_WORDS);
}
-static uECC_word_t vli2_sub(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_borrow = 0;
+static uECC_word_t vli2_sub(uECC_word_t *result,
+ const uECC_word_t *left,
+ const uECC_word_t *right) {
+ uECC_word_t borrow = 0;
wordcount_t i;
- for(i=0; i<uECC_WORDS*2; ++i)
- {
- uECC_word_t l_diff = p_left[i] - p_right[i] - l_borrow;
- if(l_diff != p_left[i])
- {
- l_borrow = (l_diff > p_left[i]);
+ for (i = 0; i < uECC_WORDS * 2; ++i) {
+ uECC_word_t diff = left[i] - right[i] - borrow;
+ if (diff != left[i]) {
+ borrow = (diff > left[i]);
}
- p_result[i] = l_diff;
+ result[i] = diff;
}
- return l_borrow;
+ return borrow;
}
-/* Computes p_result = (p_left * p_right) % curve_n. */
-static void vli_modMult_n(uECC_word_t *p_result, const uECC_word_t *p_left, const uECC_word_t *p_right)
-{
- uECC_word_t l_product[2 * uECC_WORDS];
- uECC_word_t l_modMultiple[2 * uECC_WORDS];
- uECC_word_t l_tmp[2 * uECC_WORDS];
- uECC_word_t *v[2] = {l_tmp, l_product};
+/* Computes result = (left * right) % curve_n. */
+static void vli_modMult_n(uECC_word_t *result, const uECC_word_t *left, const uECC_word_t *right) {
+ uECC_word_t product[2 * uECC_WORDS];
+ uECC_word_t modMultiple[2 * uECC_WORDS];
+ uECC_word_t tmp[2 * uECC_WORDS];
+ uECC_word_t *v[2] = {tmp, product};
- vli_mult(l_product, p_left, p_right);
- vli_set(l_modMultiple + uECC_WORDS, curve_n); /* works if curve_n has its highest bit set */
- vli_clear(l_modMultiple);
+ vli_mult(product, left, right);
+ vli_set(modMultiple + uECC_WORDS, curve_n); /* works if curve_n has its highest bit set */
+ vli_clear(modMultiple);
bitcount_t i;
- uECC_word_t l_index = 1;
- for(i=0; i<=uECC_BYTES * 8; ++i)
- {
- uECC_word_t l_borrow = vli2_sub(v[1-l_index], v[l_index], l_modMultiple);
- l_index = !(l_index ^ l_borrow); /* Swap the index if there was no borrow */
- vli2_rshift1(l_modMultiple);
+ uECC_word_t index = 1;
+ for (i = 0; i <= uECC_BYTES * 8; ++i) {
+ uECC_word_t borrow = vli2_sub(v[1 - index], v[index], modMultiple);
+ index = !(index ^ borrow); /* Swap the index if there was no borrow */
+ vli2_rshift1(modMultiple);
}
-
- vli_set(p_result, v[l_index]);
+ vli_set(result, v[index]);
}
#endif /* (uECC_CURVE != uECC_secp160r1) */
-int uECC_sign(const uint8_t p_privateKey[uECC_BYTES], const uint8_t p_hash[uECC_BYTES], uint8_t p_signature[uECC_BYTES*2])
-{
+int uECC_sign(const uint8_t private_key[uECC_BYTES],
+ const uint8_t hash[uECC_BYTES],
+ uint8_t signature[uECC_BYTES*2]) {
uECC_word_t k[uECC_N_WORDS];
- uECC_word_t l_tmp[uECC_N_WORDS];
+ uECC_word_t tmp[uECC_N_WORDS];
uECC_word_t s[uECC_N_WORDS];
- uECC_word_t *k2[2] = {l_tmp, s};
+ uECC_word_t *k2[2] = {tmp, s};
EccPoint p;
- uECC_word_t l_tries = 0;
+ uECC_word_t tries = 0;
do
{
- uECC_word_t l_carry;
+ uECC_word_t carry;
repeat:
- if(!g_rng((uint8_t *)k, sizeof(k)) || (l_tries++ >= MAX_TRIES))
- {
+ if (!g_rng_function((uint8_t *)k, sizeof(k)) || (tries++ >= MAX_TRIES)) {
return 0;
}
- if(vli_isZero(k))
- {
+ if (vli_isZero(k)) {
goto repeat;
}
#if (uECC_CURVE == uECC_secp160r1)
k[uECC_WORDS] &= 0x01;
- if(vli_cmp_n(curve_n, k) != 1)
- {
+ if (vli_cmp_n(curve_n, k) != 1) {
goto repeat;
}
/* make sure that we don't leak timing information about k. See http://eprint.iacr.org/2011/232.pdf */
- vli_add_n(l_tmp, k, curve_n);
- l_carry = (l_tmp[uECC_WORDS] & 0x02);
- vli_add_n(s, l_tmp, curve_n);
+ vli_add_n(tmp, k, curve_n);
+ carry = (tmp[uECC_WORDS] & 0x02);
+ vli_add_n(s, tmp, curve_n);
/* p = k * G */
- EccPoint_mult(&p, &curve_G, k2[!l_carry], 0, (uECC_BYTES * 8) + 2);
+ EccPoint_mult(&p, &curve_G, k2[!carry], 0, (uECC_BYTES * 8) + 2);
#else
- if(vli_cmp(curve_n, k) != 1)
- {
+ if (vli_cmp(curve_n, k) != 1) {
goto repeat;
}
/* make sure that we don't leak timing information about k. See http://eprint.iacr.org/2011/232.pdf */
- l_carry = vli_add(l_tmp, k, curve_n);
- vli_add(s, l_tmp, curve_n);
+ carry = vli_add(tmp, k, curve_n);
+ vli_add(s, tmp, curve_n);
/* p = k * G */
- EccPoint_mult(&p, &curve_G, k2[!l_carry], 0, (uECC_BYTES * 8) + 1);
+ EccPoint_mult(&p, &curve_G, k2[!carry], 0, (uECC_BYTES * 8) + 1);
/* r = x1 (mod n) */
- if(vli_cmp(curve_n, p.x) != 1)
- {
+ if (vli_cmp(curve_n, p.x) != 1) {
vli_sub(p.x, p.x, curve_n);
}
#endif
- } while(vli_isZero(p.x));
+ } while (vli_isZero(p.x));
- l_tries = 0;
+ tries = 0;
do
{
- if(!g_rng((uint8_t *)l_tmp, sizeof(l_tmp)) || (l_tries++ >= MAX_TRIES))
- {
+ if (!g_rng_function((uint8_t *)tmp, sizeof(tmp)) || (tries++ >= MAX_TRIES)) {
return 0;
}
- } while(vli_isZero(l_tmp));
+ } while (vli_isZero(tmp));
/* Prevent side channel analysis of vli_modInv() to determine
bits of k / the private key by premultiplying by a random number */
- vli_modMult_n(k, k, l_tmp); /* k' = rand * k */
+ vli_modMult_n(k, k, tmp); /* k' = rand * k */
vli_modInv_n(k, k, curve_n); /* k = 1 / k' */
- vli_modMult_n(k, k, l_tmp); /* k = 1 / k */
+ vli_modMult_n(k, k, tmp); /* k = 1 / k */
- vli_nativeToBytes(p_signature, p.x); /* store r */
+ vli_nativeToBytes(signature, p.x); /* store r */
- l_tmp[uECC_N_WORDS-1] = 0;
- vli_bytesToNative(l_tmp, p_privateKey); /* tmp = d */
- s[uECC_N_WORDS-1] = 0;
+ tmp[uECC_N_WORDS - 1] = 0;
+ vli_bytesToNative(tmp, private_key); /* tmp = d */
+ s[uECC_N_WORDS - 1] = 0;
vli_set(s, p.x);
- vli_modMult_n(s, l_tmp, s); /* s = r*d */
+ vli_modMult_n(s, tmp, s); /* s = r*d */
- vli_bytesToNative(l_tmp, p_hash);
- vli_modAdd_n(s, l_tmp, s, curve_n); /* s = e + r*d */
+ vli_bytesToNative(tmp, hash);
+ vli_modAdd_n(s, tmp, s, curve_n); /* s = e + r*d */
vli_modMult_n(s, s, k); /* s = (e + r*d) / k */
#if (uECC_CURVE == uECC_secp160r1)
- if(s[uECC_N_WORDS-1])
- {
+ if (s[uECC_N_WORDS - 1]) {
goto repeat;
}
#endif
- vli_nativeToBytes(p_signature + uECC_BYTES, s);
+ vli_nativeToBytes(signature + uECC_BYTES, s);
return 1;
}
-static bitcount_t smax(bitcount_t a, bitcount_t b)
-{
+static bitcount_t smax(bitcount_t a, bitcount_t b) {
return (a > b ? a : b);
}
-int uECC_verify(const uint8_t p_publicKey[uECC_BYTES*2], const uint8_t p_hash[uECC_BYTES], const uint8_t p_signature[uECC_BYTES*2])
-{
+int uECC_verify(const uint8_t public_key[uECC_BYTES*2],
+ const uint8_t hash[uECC_BYTES],
+ const uint8_t signature[uECC_BYTES*2]) {
uECC_word_t u1[uECC_N_WORDS], u2[uECC_N_WORDS];
uECC_word_t z[uECC_N_WORDS];
- EccPoint l_public, l_sum;
+ EccPoint public, sum;
uECC_word_t rx[uECC_WORDS];
uECC_word_t ry[uECC_WORDS];
uECC_word_t tx[uECC_WORDS];
uECC_word_t ty[uECC_WORDS];
uECC_word_t tz[uECC_WORDS];
- const EccPoint *l_points[4];
- const EccPoint *l_point;
- bitcount_t l_numBits;
+ const EccPoint *points[4];
+ const EccPoint *point;
+ bitcount_t numBits;
bitcount_t i;
uECC_word_t r[uECC_N_WORDS], s[uECC_N_WORDS];
- r[uECC_N_WORDS-1] = 0;
- s[uECC_N_WORDS-1] = 0;
+ r[uECC_N_WORDS - 1] = 0;
+ s[uECC_N_WORDS - 1] = 0;
- vli_bytesToNative(l_public.x, p_publicKey);
- vli_bytesToNative(l_public.y, p_publicKey + uECC_BYTES);
- vli_bytesToNative(r, p_signature);
- vli_bytesToNative(s, p_signature + uECC_BYTES);
+ vli_bytesToNative(public.x, public_key);
+ vli_bytesToNative(public.y, public_key + uECC_BYTES);
+ vli_bytesToNative(r, signature);
+ vli_bytesToNative(s, signature + uECC_BYTES);
- if(vli_isZero(r) || vli_isZero(s))
- { /* r, s must not be 0. */
+ if (vli_isZero(r) || vli_isZero(s)) { /* r, s must not be 0. */
return 0;
}
#if (uECC_CURVE != uECC_secp160r1)
- if(vli_cmp(curve_n, r) != 1 || vli_cmp(curve_n, s) != 1)
- { /* r, s must be < n. */
+ if (vli_cmp(curve_n, r) != 1 || vli_cmp(curve_n, s) != 1) { /* r, s must be < n. */
return 0;
}
#endif
/* Calculate u1 and u2. */
vli_modInv_n(z, s, curve_n); /* Z = s^-1 */
- u1[uECC_N_WORDS-1] = 0;
- vli_bytesToNative(u1, p_hash);
+ u1[uECC_N_WORDS - 1] = 0;
+ vli_bytesToNative(u1, hash);
vli_modMult_n(u1, u1, z); /* u1 = e/s */
vli_modMult_n(u2, r, z); /* u2 = r/s */
- /* Calculate l_sum = G + Q. */
- vli_set(l_sum.x, l_public.x);
- vli_set(l_sum.y, l_public.y);
+ /* Calculate sum = G + Q. */
+ vli_set(sum.x, public.x);
+ vli_set(sum.y, public.y);
vli_set(tx, curve_G.x);
vli_set(ty, curve_G.y);
- vli_modSub_fast(z, l_sum.x, tx); /* Z = x2 - x1 */
- XYcZ_add(tx, ty, l_sum.x, l_sum.y);
+ vli_modSub_fast(z, sum.x, tx); /* Z = x2 - x1 */
+ XYcZ_add(tx, ty, sum.x, sum.y);
vli_modInv(z, z, curve_p); /* Z = 1/Z */
- apply_z(l_sum.x, l_sum.y, z);
+ apply_z(sum.x, sum.y, z);
/* Use Shamir's trick to calculate u1*G + u2*Q */
- l_points[0] = 0;
- l_points[1] = &curve_G;
- l_points[2] = &l_public;
- l_points[3] = &l_sum;
- l_numBits = smax(vli_numBits(u1, uECC_N_WORDS), vli_numBits(u2, uECC_N_WORDS));
+ points[0] = 0;
+ points[1] = &curve_G;
+ points[2] = &public;
+ points[3] = ∑
+ numBits = smax(vli_numBits(u1, uECC_N_WORDS), vli_numBits(u2, uECC_N_WORDS));
- l_point = l_points[(!!vli_testBit(u1, l_numBits-1)) | ((!!vli_testBit(u2, l_numBits-1)) << 1)];
- vli_set(rx, l_point->x);
- vli_set(ry, l_point->y);
+ point = points[(!!vli_testBit(u1, numBits - 1)) | ((!!vli_testBit(u2, numBits - 1)) << 1)];
+ vli_set(rx, point->x);
+ vli_set(ry, point->y);
vli_clear(z);
z[0] = 1;
- for(i = l_numBits - 2; i >= 0; --i)
- {
- uECC_word_t l_index;
+ for (i = numBits - 2; i >= 0; --i) {
+ uECC_word_t index;
EccPoint_double_jacobian(rx, ry, z);
- l_index = (!!vli_testBit(u1, i)) | ((!!vli_testBit(u2, i)) << 1);
- l_point = l_points[l_index];
- if(l_point)
- {
- vli_set(tx, l_point->x);
- vli_set(ty, l_point->y);
+ index = (!!vli_testBit(u1, i)) | ((!!vli_testBit(u2, i)) << 1);
+ point = points[index];
+ if (point) {
+ vli_set(tx, point->x);
+ vli_set(ty, point->y);
apply_z(tx, ty, z);
vli_modSub_fast(tz, rx, tx); /* Z = x2 - x1 */
XYcZ_add(tx, ty, rx, ry);
@@ -2397,8 +2294,7 @@
/* v = x1 (mod n) */
#if (uECC_CURVE != uECC_secp160r1)
- if(vli_cmp(curve_n, rx) != 1)
- {
+ if (vli_cmp(curve_n, rx) != 1) {
vli_sub(rx, rx, curve_n);
}
#endif
@@ -2406,30 +2302,3 @@
/* Accept only if v == r. */
return vli_equal(rx, r);
}
-
-int uECC_compute_public_key(const uint8_t p_privateKey[uECC_BYTES], uint8_t p_publicKey[uECC_BYTES * 2])
-{
- uECC_word_t l_private[uECC_WORDS];
- EccPoint l_public;
-
- vli_bytesToNative(l_private, p_privateKey);
-
- if (!EccPoint_compute_public_key(&l_public, l_private)) {
- return 0;
- }
-
- vli_nativeToBytes(p_publicKey, l_public.x);
- vli_nativeToBytes(p_publicKey + uECC_BYTES, l_public.y);
-
- return 1;
-}
-
-int uECC_bytes(void)
-{
- return uECC_BYTES;
-}
-
-int uECC_curve(void)
-{
- return uECC_CURVE;
-}
diff --git a/uECC.h b/uECC.h
index 0a89add..b8bdc6d 100644
--- a/uECC.h
+++ b/uECC.h
@@ -17,11 +17,13 @@
#define uECC_arm_thumb2 6
/* If desired, you can define uECC_WORD_SIZE as appropriate for your platform (1, 4, or 8 bytes).
-If uECC_WORD_SIZE is not explicitly defined then it will be automatically set based on your platform. */
+If uECC_WORD_SIZE is not explicitly defined then it will be automatically set based on your
+platform. */
/* Inline assembly options.
uECC_asm_none - Use standard C99 only.
-uECC_asm_small - Use GCC inline assembly for the target platform (if available), optimized for minimum size.
+uECC_asm_small - Use GCC inline assembly for the target platform (if available), optimized for
+ minimum size.
uECC_asm_fast - Use GCC inline assembly optimized for maximum speed. */
#define uECC_asm_none 0
#define uECC_asm_small 1
@@ -39,8 +41,9 @@
#define uECC_CURVE uECC_secp160r1
#endif
-/* uECC_SQUARE_FUNC - If enabled (defined as nonzero), this will cause a specific function to be used for (scalar) squaring
- instead of the generic multiplication function. This will make things faster by about 8% but increases the code size. */
+/* uECC_SQUARE_FUNC - If enabled (defined as nonzero), this will cause a specific function to be
+used for (scalar) squaring instead of the generic multiplication function. This will make things
+faster by about 8% but increases the code size. */
#ifndef uECC_SQUARE_FUNC
#define uECC_SQUARE_FUNC 1
#endif
@@ -61,8 +64,8 @@
#endif
/* uECC_RNG_Function type
-The RNG function should fill p_size random bytes into p_dest. It should return 1 if
-p_dest was filled with random data, or 0 if the random data could not be generated.
+The RNG function should fill 'size' random bytes into 'dest'. It should return 1 if
+'dest' was filled with random data, or 0 if the random data could not be generated.
The filled-in values should be either truly random, or from a cryptographically-secure PRNG.
A correctly functioning RNG function must be set (using uECC_set_rng()) before calling
@@ -73,7 +76,7 @@
you can define uECC_POSIX to use the predefined RNG. For embedded platforms there is no predefined
RNG function; you must provide your own.
*/
-typedef int (*uECC_RNG_Function)(uint8_t *p_dest, unsigned p_size);
+typedef int (*uECC_RNG_Function)(uint8_t *dest, unsigned size);
/* uECC_set_rng() function.
Set the function that will be used to generate random bytes. The RNG function should
@@ -83,35 +86,38 @@
be called before uECC_make_key() or uECC_sign() are used.
Inputs:
- p_rng - The function that will be used to generate random bytes.
+ rng_function - The function that will be used to generate random bytes.
*/
-void uECC_set_rng(uECC_RNG_Function p_rng);
+void uECC_set_rng(uECC_RNG_Function rng_function);
/* uECC_make_key() function.
Create a public/private key pair.
Outputs:
- p_publicKey - Will be filled in with the public key.
- p_privateKey - Will be filled in with the private key.
+ public_key - Will be filled in with the public key.
+ private_key - Will be filled in with the private key.
Returns 1 if the key pair was generated successfully, 0 if an error occurred.
*/
-int uECC_make_key(uint8_t p_publicKey[uECC_BYTES*2], uint8_t p_privateKey[uECC_BYTES]);
+int uECC_make_key(uint8_t public_key[uECC_BYTES*2], uint8_t private_key[uECC_BYTES]);
/* uECC_shared_secret() function.
Compute a shared secret given your secret key and someone else's public key.
-Note: It is recommended that you hash the result of uECC_shared_secret() before using it for symmetric encryption or HMAC.
+Note: It is recommended that you hash the result of uECC_shared_secret() before using it for
+symmetric encryption or HMAC.
Inputs:
- p_publicKey - The public key of the remote party.
- p_privateKey - Your private key.
+ public_key - The public key of the remote party.
+ private_key - Your private key.
Outputs:
- p_secret - Will be filled in with the shared secret value.
+ secret - Will be filled in with the shared secret value.
Returns 1 if the shared secret was generated successfully, 0 if an error occurred.
*/
-int uECC_shared_secret(const uint8_t p_publicKey[uECC_BYTES*2], const uint8_t p_privateKey[uECC_BYTES], uint8_t p_secret[uECC_BYTES]);
+int uECC_shared_secret(const uint8_t public_key[uECC_BYTES*2],
+ const uint8_t private_key[uECC_BYTES],
+ uint8_t secret[uECC_BYTES]);
/* uECC_sign() function.
Generate an ECDSA signature for a given hash value.
@@ -120,15 +126,17 @@
this function along with your private key.
Inputs:
- p_privateKey - Your private key.
- p_hash - The message hash to sign.
+ private_key - Your private key.
+ hash - The message hash to sign.
Outputs:
- p_signature - Will be filled in with the signature value.
+ signature - Will be filled in with the signature value.
Returns 1 if the signature generated successfully, 0 if an error occurred.
*/
-int uECC_sign(const uint8_t p_privateKey[uECC_BYTES], const uint8_t p_hash[uECC_BYTES], uint8_t p_signature[uECC_BYTES*2]);
+int uECC_sign(const uint8_t private_key[uECC_BYTES],
+ const uint8_t hash[uECC_BYTES],
+ uint8_t signature[uECC_BYTES*2]);
/* uECC_verify() function.
Verify an ECDSA signature.
@@ -137,35 +145,37 @@
pass it to this function along with the signer's public key and the signature values (r and s).
Inputs:
- p_publicKey - The signer's public key
- p_hash - The hash of the signed data.
- p_signature - The signature value.
+ public_key - The signer's public key
+ hash - The hash of the signed data.
+ signature - The signature value.
Returns 1 if the signature is valid, 0 if it is invalid.
*/
-int uECC_verify(const uint8_t p_publicKey[uECC_BYTES*2], const uint8_t p_hash[uECC_BYTES], const uint8_t p_signature[uECC_BYTES*2]);
+int uECC_verify(const uint8_t private_key[uECC_BYTES*2],
+ const uint8_t hash[uECC_BYTES],
+ const uint8_t signature[uECC_BYTES*2]);
/* uECC_compress() function.
Compress a public key.
Inputs:
- p_publicKey - The public key to compress.
+ public_key - The public key to compress.
Outputs:
- p_compressed - Will be filled in with the compressed public key.
+ compressed - Will be filled in with the compressed public key.
*/
-void uECC_compress(const uint8_t p_publicKey[uECC_BYTES*2], uint8_t p_compressed[uECC_BYTES+1]);
+void uECC_compress(const uint8_t public_key[uECC_BYTES*2], uint8_t compressed[uECC_BYTES+1]);
/* uECC_decompress() function.
Decompress a compressed public key.
Inputs:
- p_compressed - The compressed public key.
+ compressed - The compressed public key.
Outputs:
- p_publicKey - Will be filled in with the decompressed public key.
+ public_key - Will be filled in with the decompressed public key.
*/
-void uECC_decompress(const uint8_t p_compressed[uECC_BYTES+1], uint8_t p_publicKey[uECC_BYTES*2]);
+void uECC_decompress(const uint8_t compressed[uECC_BYTES+1], uint8_t public_key[uECC_BYTES*2]);
/* uECC_valid_public_key() function.
Check to see if a public key is valid.
@@ -175,24 +185,25 @@
verifying a signature using an invalid public key.
Inputs:
- p_publicKey - The public key to check.
+ public_key - The public key to check.
Returns 1 if the public key is valid, 0 if it is invalid.
*/
-int uECC_valid_public_key(const uint8_t p_publicKey[uECC_BYTES*2]);
+int uECC_valid_public_key(const uint8_t public_key[uECC_BYTES*2]);
/* uECC_compute_public_key() function.
Compute the corresponding public key for a private key.
Inputs:
- p_privateKey - The private key to compute the public key for
+ private_key - The private key to compute the public key for
Outputs:
- p_publicKey - Will be filled in with the corresponding public key
+ public_key - Will be filled in with the corresponding public key
Returns 1 if the key was computed successfully, 0 if an error occurred.
*/
-int uECC_compute_public_key(const uint8_t p_privateKey[uECC_BYTES], uint8_t p_publicKey[uECC_BYTES * 2]);
+int uECC_compute_public_key(const uint8_t private_key[uECC_BYTES],
+ uint8_t public_key[uECC_BYTES * 2]);
/* uECC_bytes() function.
