yggm/libs/f25519.cuh

#pragma once
#define F25519_SIZE 32
__device__ __forceinline__ void f25519_load(unsigned char* __restrict__ x, unsigned int c) {
#pragma unroll
    for (unsigned int i = 0; i < sizeof(c); i++) {
        x[i] = c & 0xFF;
        c >>= 8;
    }
#pragma unroll
    for (unsigned int i = sizeof(c); i < F25519_SIZE; i++) {
        x[i] = 0;
    }
}
__device__ __forceinline__ void f25519_copy(unsigned char* __restrict__ x, const unsigned char* __restrict__ a) {
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        x[i] = a[i];
    }
}
__device__ __forceinline__ void f25519_select(unsigned char* __restrict__ dst, const unsigned char* __restrict__ zero, const unsigned char* __restrict__ one, unsigned char cond) {
    const unsigned char mask = 0 - cond;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        dst[i] = zero[i] ^ (mask & (one[i] ^ zero[i]));
    }
}
__device__ __forceinline__ void f25519_normalize(unsigned char* __restrict__ x) {
    unsigned char minusp[F25519_SIZE];
    unsigned short c = (x[31] >> 7) * 19;
    x[31] &= 127;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        c += x[i];
        x[i] = (unsigned char)c;
        c >>= 8;
    }
    c = 19;
#pragma unroll
    for (int i = 0; i + 1 < F25519_SIZE; i++) {
        c += x[i];
        minusp[i] = (unsigned char)c;
        c >>= 8;
    }
    c += x[F25519_SIZE - 1] - 128;
    minusp[F25519_SIZE - 1] = (unsigned char)c;
    f25519_select(x, minusp, x, (c >> 15) & 1);
}
__device__ __forceinline__ void f25519_add(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {
    unsigned short c = 0;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        c = (c >> 8) + ((unsigned short)a[i]) + ((unsigned short)b[i]);
        r[i] = (unsigned char)c;
    }
    r[F25519_SIZE - 1] &= 127;
    c = (c >> 7) * 19;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        c += r[i];
        r[i] = (unsigned char)c;
        c >>= 8;
    }
}
__device__ __forceinline__ void f25519_sub(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {
    unsigned c = 218;
    int i = 0;
#pragma unroll
    for (i = 0; i + 1 < F25519_SIZE; i++) {
        c += 65280 + ((unsigned)a[i]) - ((unsigned)b[i]);
        r[i] = (unsigned char)c;
        c >>= 8;
    }
    c += ((unsigned)a[i]) - ((unsigned)b[i]);
    r[i] = (unsigned char)(c & 127);
    c = (c >> 7) * 19;
#pragma unroll
    for (i = 0; i < F25519_SIZE; i++) {
        c += r[i];
        r[i] = (unsigned char)c;
        c >>= 8;
    }
}
__device__ __forceinline__ void f25519_neg(unsigned char* __restrict__ r, const unsigned char* __restrict__ a) {
    unsigned c = 218;
    int i = 0;
#pragma unroll
    for (i = 0; i + 1 < F25519_SIZE; i++) {
        c += 65280 - ((unsigned)a[i]);
        r[i] = (unsigned char)c;
        c >>= 8;
    }
    c -= ((unsigned)a[i]);
    r[i] = (unsigned char)(c & 127);
    c = (c >> 7) * 19;
#pragma unroll
    for (i = 0; i < F25519_SIZE; i++) {
        c += r[i];
        r[i] = (unsigned char)c;
        c >>= 8;
    }
}
__device__ __forceinline__ void f25519_mul__distinct(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {
    unsigned c = 0;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        c >>= 8;
        for (int j = 0; j <= i; j++) {
            c += ((unsigned)a[j]) * ((unsigned)b[i - j]);
        }
        for (int j = i + 1; j < F25519_SIZE; j++) {
            c += ((unsigned)a[j]) * ((unsigned)b[F25519_SIZE + i - j]) * 38;
        }
        r[i] = (unsigned char)c;
    }
    r[F25519_SIZE - 1] &= 127;
    c = (c >> 7) * 19;
#pragma unroll
    for (int i = 0; i < F25519_SIZE; i++) {
        c += r[i];
        r[i] = (unsigned char)c;
        c >>= 8;
    }
}
__device__ __forceinline__ void f25519_inv__distinct(unsigned char* __restrict__ r, const unsigned char* __restrict__ x) {
    unsigned char s[F25519_SIZE];
    f25519_mul__distinct(s, x, x);
    f25519_mul__distinct(r, s, x);
#pragma unroll
    for (int i = 0; i < 248; i++) {
        f25519_mul__distinct(s, r, r);
        f25519_mul__distinct(r, s, x);
    }
    f25519_mul__distinct(s, r, r);
    f25519_mul__distinct(r, s, s);
    f25519_mul__distinct(s, r, x);
    f25519_mul__distinct(r, s, s);
    f25519_mul__distinct(s, r, r);
    f25519_mul__distinct(r, s, x);
    f25519_mul__distinct(s, r, r);
    f25519_mul__distinct(r, s, x);
}
code cleanup 2025-03-13 19:43:54 +05:00			`#pragma once`
test 2025-03-13 04:09:27 +05:00			`#define F25519_SIZE 32`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_load(unsigned char* __restrict__ x, unsigned int c) {`
test 2025-03-13 04:09:27 +05:00			`#pragma unroll`
			`for (unsigned int i = 0; i < sizeof(c); i++) {`
			`x[i] = c & 0xFF;`
			`c >>= 8;`
			`}`
			`#pragma unroll`
			`for (unsigned int i = sizeof(c); i < F25519_SIZE; i++) {`
			`x[i] = 0;`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_copy(unsigned char* __restrict__ x, const unsigned char* __restrict__ a) {`
test 2025-03-13 04:09:27 +05:00			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`x[i] = a[i];`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_select(unsigned char* __restrict__ dst, const unsigned char* __restrict__ zero, const unsigned char* __restrict__ one, unsigned char cond) {`
			`const unsigned char mask = 0 - cond;`
test 2025-03-13 04:09:27 +05:00			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`dst[i] = zero[i] ^ (mask & (one[i] ^ zero[i]));`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_normalize(unsigned char* __restrict__ x) {`
			`unsigned char minusp[F25519_SIZE];`
			`unsigned short c = (x[31] >> 7) * 19;`
test 2025-03-13 04:09:27 +05:00			`x[31] &= 127;`
			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`c += x[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`x[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`c = 19;`
			`#pragma unroll`
			`for (int i = 0; i + 1 < F25519_SIZE; i++) {`
			`c += x[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`minusp[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`c += x[F25519_SIZE - 1] - 128;`
code cleanup 2025-03-13 19:43:54 +05:00			`minusp[F25519_SIZE - 1] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`f25519_select(x, minusp, x, (c >> 15) & 1);`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_add(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {`
			`unsigned short c = 0;`
test 2025-03-13 04:09:27 +05:00			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
code cleanup 2025-03-13 19:43:54 +05:00			`c = (c >> 8) + ((unsigned short)a[i]) + ((unsigned short)b[i]);`
			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`}`
			`r[F25519_SIZE - 1] &= 127;`
			`c = (c >> 7) * 19;`
			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`c += r[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_sub(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {`
test 2025-03-14 19:55:09 +05:00			`unsigned c = 218;`
test 2025-03-13 04:09:27 +05:00			`int i = 0;`
			`#pragma unroll`
			`for (i = 0; i + 1 < F25519_SIZE; i++) {`
test 2025-03-14 19:55:09 +05:00			`c += 65280 + ((unsigned)a[i]) - ((unsigned)b[i]);`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
test 2025-03-14 19:55:09 +05:00			`c += ((unsigned)a[i]) - ((unsigned)b[i]);`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)(c & 127);`
test 2025-03-13 04:09:27 +05:00			`c = (c >> 7) * 19;`
			`#pragma unroll`
			`for (i = 0; i < F25519_SIZE; i++) {`
			`c += r[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_neg(unsigned char* __restrict__ r, const unsigned char* __restrict__ a) {`
test 2025-03-14 19:55:09 +05:00			`unsigned c = 218;`
test 2025-03-13 04:09:27 +05:00			`int i = 0;`
			`#pragma unroll`
			`for (i = 0; i + 1 < F25519_SIZE; i++) {`
test 2025-03-14 19:55:09 +05:00			`c += 65280 - ((unsigned)a[i]);`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
test 2025-03-14 19:55:09 +05:00			`c -= ((unsigned)a[i]);`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)(c & 127);`
test 2025-03-13 04:09:27 +05:00			`c = (c >> 7) * 19;`
			`#pragma unroll`
			`for (i = 0; i < F25519_SIZE; i++) {`
			`c += r[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_mul__distinct(unsigned char* __restrict__ r, const unsigned char* __restrict__ a, const unsigned char* __restrict__ b) {`
test 2025-03-14 19:55:09 +05:00			`unsigned c = 0;`
test 2025-03-13 04:09:27 +05:00			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`c >>= 8;`
			`for (int j = 0; j <= i; j++) {`
test 2025-03-14 19:55:09 +05:00			`c += ((unsigned)a[j]) * ((unsigned)b[i - j]);`
test 2025-03-13 04:09:27 +05:00			`}`
			`for (int j = i + 1; j < F25519_SIZE; j++) {`
test 2025-03-14 19:55:09 +05:00			`c += ((unsigned)a[j]) * ((unsigned)b[F25519_SIZE + i - j]) * 38;`
test 2025-03-13 04:09:27 +05:00			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`}`
			`r[F25519_SIZE - 1] &= 127;`
			`c = (c >> 7) * 19;`
			`#pragma unroll`
			`for (int i = 0; i < F25519_SIZE; i++) {`
			`c += r[i];`
code cleanup 2025-03-13 19:43:54 +05:00			`r[i] = (unsigned char)c;`
test 2025-03-13 04:09:27 +05:00			`c >>= 8;`
			`}`
			`}`
code cleanup 2025-03-13 19:43:54 +05:00			`__device__ __forceinline__ void f25519_inv__distinct(unsigned char* __restrict__ r, const unsigned char* __restrict__ x) {`
			`unsigned char s[F25519_SIZE];`
test 2025-03-13 04:09:27 +05:00			`f25519_mul__distinct(s, x, x);`
			`f25519_mul__distinct(r, s, x);`
			`#pragma unroll`
			`for (int i = 0; i < 248; i++) {`
			`f25519_mul__distinct(s, r, r);`
			`f25519_mul__distinct(r, s, x);`
			`}`
			`f25519_mul__distinct(s, r, r);`
			`f25519_mul__distinct(r, s, s);`
			`f25519_mul__distinct(s, r, x);`
			`f25519_mul__distinct(r, s, s);`
			`f25519_mul__distinct(s, r, r);`
			`f25519_mul__distinct(r, s, x);`
			`f25519_mul__distinct(s, r, r);`
			`f25519_mul__distinct(r, s, x);`
code cleanup 2025-03-13 19:45:21 +05:00			`}`