aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/lib/pubkey/ed25519/ed25519_fe.cpp514
-rw-r--r--src/lib/pubkey/ed25519/ed25519_internal.h18
2 files changed, 262 insertions, 270 deletions
diff --git a/src/lib/pubkey/ed25519/ed25519_fe.cpp b/src/lib/pubkey/ed25519/ed25519_fe.cpp
index 8087aaff1..067c9dc18 100644
--- a/src/lib/pubkey/ed25519/ed25519_fe.cpp
+++ b/src/lib/pubkey/ed25519/ed25519_fe.cpp
@@ -150,106 +150,106 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
int32_t f5_2 = 2 * f5;
int32_t f7_2 = 2 * f7;
int32_t f9_2 = 2 * f9;
- int64_t f0g0 = f0 * (int64_t) g0;
- int64_t f0g1 = f0 * (int64_t) g1;
- int64_t f0g2 = f0 * (int64_t) g2;
- int64_t f0g3 = f0 * (int64_t) g3;
- int64_t f0g4 = f0 * (int64_t) g4;
- int64_t f0g5 = f0 * (int64_t) g5;
- int64_t f0g6 = f0 * (int64_t) g6;
- int64_t f0g7 = f0 * (int64_t) g7;
- int64_t f0g8 = f0 * (int64_t) g8;
- int64_t f0g9 = f0 * (int64_t) g9;
- int64_t f1g0 = f1 * (int64_t) g0;
- int64_t f1g1_2 = f1_2 * (int64_t) g1;
- int64_t f1g2 = f1 * (int64_t) g2;
- int64_t f1g3_2 = f1_2 * (int64_t) g3;
- int64_t f1g4 = f1 * (int64_t) g4;
- int64_t f1g5_2 = f1_2 * (int64_t) g5;
- int64_t f1g6 = f1 * (int64_t) g6;
- int64_t f1g7_2 = f1_2 * (int64_t) g7;
- int64_t f1g8 = f1 * (int64_t) g8;
- int64_t f1g9_38 = f1_2 * (int64_t) g9_19;
- int64_t f2g0 = f2 * (int64_t) g0;
- int64_t f2g1 = f2 * (int64_t) g1;
- int64_t f2g2 = f2 * (int64_t) g2;
- int64_t f2g3 = f2 * (int64_t) g3;
- int64_t f2g4 = f2 * (int64_t) g4;
- int64_t f2g5 = f2 * (int64_t) g5;
- int64_t f2g6 = f2 * (int64_t) g6;
- int64_t f2g7 = f2 * (int64_t) g7;
- int64_t f2g8_19 = f2 * (int64_t) g8_19;
- int64_t f2g9_19 = f2 * (int64_t) g9_19;
- int64_t f3g0 = f3 * (int64_t) g0;
- int64_t f3g1_2 = f3_2 * (int64_t) g1;
- int64_t f3g2 = f3 * (int64_t) g2;
- int64_t f3g3_2 = f3_2 * (int64_t) g3;
- int64_t f3g4 = f3 * (int64_t) g4;
- int64_t f3g5_2 = f3_2 * (int64_t) g5;
- int64_t f3g6 = f3 * (int64_t) g6;
- int64_t f3g7_38 = f3_2 * (int64_t) g7_19;
- int64_t f3g8_19 = f3 * (int64_t) g8_19;
- int64_t f3g9_38 = f3_2 * (int64_t) g9_19;
- int64_t f4g0 = f4 * (int64_t) g0;
- int64_t f4g1 = f4 * (int64_t) g1;
- int64_t f4g2 = f4 * (int64_t) g2;
- int64_t f4g3 = f4 * (int64_t) g3;
- int64_t f4g4 = f4 * (int64_t) g4;
- int64_t f4g5 = f4 * (int64_t) g5;
- int64_t f4g6_19 = f4 * (int64_t) g6_19;
- int64_t f4g7_19 = f4 * (int64_t) g7_19;
- int64_t f4g8_19 = f4 * (int64_t) g8_19;
- int64_t f4g9_19 = f4 * (int64_t) g9_19;
- int64_t f5g0 = f5 * (int64_t) g0;
- int64_t f5g1_2 = f5_2 * (int64_t) g1;
- int64_t f5g2 = f5 * (int64_t) g2;
- int64_t f5g3_2 = f5_2 * (int64_t) g3;
- int64_t f5g4 = f5 * (int64_t) g4;
- int64_t f5g5_38 = f5_2 * (int64_t) g5_19;
- int64_t f5g6_19 = f5 * (int64_t) g6_19;
- int64_t f5g7_38 = f5_2 * (int64_t) g7_19;
- int64_t f5g8_19 = f5 * (int64_t) g8_19;
- int64_t f5g9_38 = f5_2 * (int64_t) g9_19;
- int64_t f6g0 = f6 * (int64_t) g0;
- int64_t f6g1 = f6 * (int64_t) g1;
- int64_t f6g2 = f6 * (int64_t) g2;
- int64_t f6g3 = f6 * (int64_t) g3;
- int64_t f6g4_19 = f6 * (int64_t) g4_19;
- int64_t f6g5_19 = f6 * (int64_t) g5_19;
- int64_t f6g6_19 = f6 * (int64_t) g6_19;
- int64_t f6g7_19 = f6 * (int64_t) g7_19;
- int64_t f6g8_19 = f6 * (int64_t) g8_19;
- int64_t f6g9_19 = f6 * (int64_t) g9_19;
- int64_t f7g0 = f7 * (int64_t) g0;
- int64_t f7g1_2 = f7_2 * (int64_t) g1;
- int64_t f7g2 = f7 * (int64_t) g2;
- int64_t f7g3_38 = f7_2 * (int64_t) g3_19;
- int64_t f7g4_19 = f7 * (int64_t) g4_19;
- int64_t f7g5_38 = f7_2 * (int64_t) g5_19;
- int64_t f7g6_19 = f7 * (int64_t) g6_19;
- int64_t f7g7_38 = f7_2 * (int64_t) g7_19;
- int64_t f7g8_19 = f7 * (int64_t) g8_19;
- int64_t f7g9_38 = f7_2 * (int64_t) g9_19;
- int64_t f8g0 = f8 * (int64_t) g0;
- int64_t f8g1 = f8 * (int64_t) g1;
- int64_t f8g2_19 = f8 * (int64_t) g2_19;
- int64_t f8g3_19 = f8 * (int64_t) g3_19;
- int64_t f8g4_19 = f8 * (int64_t) g4_19;
- int64_t f8g5_19 = f8 * (int64_t) g5_19;
- int64_t f8g6_19 = f8 * (int64_t) g6_19;
- int64_t f8g7_19 = f8 * (int64_t) g7_19;
- int64_t f8g8_19 = f8 * (int64_t) g8_19;
- int64_t f8g9_19 = f8 * (int64_t) g9_19;
- int64_t f9g0 = f9 * (int64_t) g0;
- int64_t f9g1_38 = f9_2 * (int64_t) g1_19;
- int64_t f9g2_19 = f9 * (int64_t) g2_19;
- int64_t f9g3_38 = f9_2 * (int64_t) g3_19;
- int64_t f9g4_19 = f9 * (int64_t) g4_19;
- int64_t f9g5_38 = f9_2 * (int64_t) g5_19;
- int64_t f9g6_19 = f9 * (int64_t) g6_19;
- int64_t f9g7_38 = f9_2 * (int64_t) g7_19;
- int64_t f9g8_19 = f9 * (int64_t) g8_19;
- int64_t f9g9_38 = f9_2 * (int64_t) g9_19;
+ int64_t f0g0 = f0 * static_cast<int64_t>(g0);
+ int64_t f0g1 = f0 * static_cast<int64_t>(g1);
+ int64_t f0g2 = f0 * static_cast<int64_t>(g2);
+ int64_t f0g3 = f0 * static_cast<int64_t>(g3);
+ int64_t f0g4 = f0 * static_cast<int64_t>(g4);
+ int64_t f0g5 = f0 * static_cast<int64_t>(g5);
+ int64_t f0g6 = f0 * static_cast<int64_t>(g6);
+ int64_t f0g7 = f0 * static_cast<int64_t>(g7);
+ int64_t f0g8 = f0 * static_cast<int64_t>(g8);
+ int64_t f0g9 = f0 * static_cast<int64_t>(g9);
+ int64_t f1g0 = f1 * static_cast<int64_t>(g0);
+ int64_t f1g1_2 = f1_2 * static_cast<int64_t>(g1);
+ int64_t f1g2 = f1 * static_cast<int64_t>(g2);
+ int64_t f1g3_2 = f1_2 * static_cast<int64_t>(g3);
+ int64_t f1g4 = f1 * static_cast<int64_t>(g4);
+ int64_t f1g5_2 = f1_2 * static_cast<int64_t>(g5);
+ int64_t f1g6 = f1 * static_cast<int64_t>(g6);
+ int64_t f1g7_2 = f1_2 * static_cast<int64_t>(g7);
+ int64_t f1g8 = f1 * static_cast<int64_t>(g8);
+ int64_t f1g9_38 = f1_2 * static_cast<int64_t>(g9_19);
+ int64_t f2g0 = f2 * static_cast<int64_t>(g0);
+ int64_t f2g1 = f2 * static_cast<int64_t>(g1);
+ int64_t f2g2 = f2 * static_cast<int64_t>(g2);
+ int64_t f2g3 = f2 * static_cast<int64_t>(g3);
+ int64_t f2g4 = f2 * static_cast<int64_t>(g4);
+ int64_t f2g5 = f2 * static_cast<int64_t>(g5);
+ int64_t f2g6 = f2 * static_cast<int64_t>(g6);
+ int64_t f2g7 = f2 * static_cast<int64_t>(g7);
+ int64_t f2g8_19 = f2 * static_cast<int64_t>(g8_19);
+ int64_t f2g9_19 = f2 * static_cast<int64_t>(g9_19);
+ int64_t f3g0 = f3 * static_cast<int64_t>(g0);
+ int64_t f3g1_2 = f3_2 * static_cast<int64_t>(g1);
+ int64_t f3g2 = f3 * static_cast<int64_t>(g2);
+ int64_t f3g3_2 = f3_2 * static_cast<int64_t>(g3);
+ int64_t f3g4 = f3 * static_cast<int64_t>(g4);
+ int64_t f3g5_2 = f3_2 * static_cast<int64_t>(g5);
+ int64_t f3g6 = f3 * static_cast<int64_t>(g6);
+ int64_t f3g7_38 = f3_2 * static_cast<int64_t>(g7_19);
+ int64_t f3g8_19 = f3 * static_cast<int64_t>(g8_19);
+ int64_t f3g9_38 = f3_2 * static_cast<int64_t>(g9_19);
+ int64_t f4g0 = f4 * static_cast<int64_t>(g0);
+ int64_t f4g1 = f4 * static_cast<int64_t>(g1);
+ int64_t f4g2 = f4 * static_cast<int64_t>(g2);
+ int64_t f4g3 = f4 * static_cast<int64_t>(g3);
+ int64_t f4g4 = f4 * static_cast<int64_t>(g4);
+ int64_t f4g5 = f4 * static_cast<int64_t>(g5);
+ int64_t f4g6_19 = f4 * static_cast<int64_t>(g6_19);
+ int64_t f4g7_19 = f4 * static_cast<int64_t>(g7_19);
+ int64_t f4g8_19 = f4 * static_cast<int64_t>(g8_19);
+ int64_t f4g9_19 = f4 * static_cast<int64_t>(g9_19);
+ int64_t f5g0 = f5 * static_cast<int64_t>(g0);
+ int64_t f5g1_2 = f5_2 * static_cast<int64_t>(g1);
+ int64_t f5g2 = f5 * static_cast<int64_t>(g2);
+ int64_t f5g3_2 = f5_2 * static_cast<int64_t>(g3);
+ int64_t f5g4 = f5 * static_cast<int64_t>(g4);
+ int64_t f5g5_38 = f5_2 * static_cast<int64_t>(g5_19);
+ int64_t f5g6_19 = f5 * static_cast<int64_t>(g6_19);
+ int64_t f5g7_38 = f5_2 * static_cast<int64_t>(g7_19);
+ int64_t f5g8_19 = f5 * static_cast<int64_t>(g8_19);
+ int64_t f5g9_38 = f5_2 * static_cast<int64_t>(g9_19);
+ int64_t f6g0 = f6 * static_cast<int64_t>(g0);
+ int64_t f6g1 = f6 * static_cast<int64_t>(g1);
+ int64_t f6g2 = f6 * static_cast<int64_t>(g2);
+ int64_t f6g3 = f6 * static_cast<int64_t>(g3);
+ int64_t f6g4_19 = f6 * static_cast<int64_t>(g4_19);
+ int64_t f6g5_19 = f6 * static_cast<int64_t>(g5_19);
+ int64_t f6g6_19 = f6 * static_cast<int64_t>(g6_19);
+ int64_t f6g7_19 = f6 * static_cast<int64_t>(g7_19);
+ int64_t f6g8_19 = f6 * static_cast<int64_t>(g8_19);
+ int64_t f6g9_19 = f6 * static_cast<int64_t>(g9_19);
+ int64_t f7g0 = f7 * static_cast<int64_t>(g0);
+ int64_t f7g1_2 = f7_2 * static_cast<int64_t>(g1);
+ int64_t f7g2 = f7 * static_cast<int64_t>(g2);
+ int64_t f7g3_38 = f7_2 * static_cast<int64_t>(g3_19);
+ int64_t f7g4_19 = f7 * static_cast<int64_t>(g4_19);
+ int64_t f7g5_38 = f7_2 * static_cast<int64_t>(g5_19);
+ int64_t f7g6_19 = f7 * static_cast<int64_t>(g6_19);
+ int64_t f7g7_38 = f7_2 * static_cast<int64_t>(g7_19);
+ int64_t f7g8_19 = f7 * static_cast<int64_t>(g8_19);
+ int64_t f7g9_38 = f7_2 * static_cast<int64_t>(g9_19);
+ int64_t f8g0 = f8 * static_cast<int64_t>(g0);
+ int64_t f8g1 = f8 * static_cast<int64_t>(g1);
+ int64_t f8g2_19 = f8 * static_cast<int64_t>(g2_19);
+ int64_t f8g3_19 = f8 * static_cast<int64_t>(g3_19);
+ int64_t f8g4_19 = f8 * static_cast<int64_t>(g4_19);
+ int64_t f8g5_19 = f8 * static_cast<int64_t>(g5_19);
+ int64_t f8g6_19 = f8 * static_cast<int64_t>(g6_19);
+ int64_t f8g7_19 = f8 * static_cast<int64_t>(g7_19);
+ int64_t f8g8_19 = f8 * static_cast<int64_t>(g8_19);
+ int64_t f8g9_19 = f8 * static_cast<int64_t>(g9_19);
+ int64_t f9g0 = f9 * static_cast<int64_t>(g0);
+ int64_t f9g1_38 = f9_2 * static_cast<int64_t>(g1_19);
+ int64_t f9g2_19 = f9 * static_cast<int64_t>(g2_19);
+ int64_t f9g3_38 = f9_2 * static_cast<int64_t>(g3_19);
+ int64_t f9g4_19 = f9 * static_cast<int64_t>(g4_19);
+ int64_t f9g5_38 = f9_2 * static_cast<int64_t>(g5_19);
+ int64_t f9g6_19 = f9 * static_cast<int64_t>(g6_19);
+ int64_t f9g7_38 = f9_2 * static_cast<int64_t>(g7_19);
+ int64_t f9g8_19 = f9 * static_cast<int64_t>(g8_19);
+ int64_t f9g9_38 = f9_2 * static_cast<int64_t>(g9_19);
int64_t h0 = f0g0+f1g9_38+f2g8_19+f3g7_38+f4g6_19+f5g5_38+f6g4_19+f7g3_38+f8g2_19+f9g1_38;
int64_t h1 = f0g1+f1g0 +f2g9_19+f3g8_19+f4g7_19+f5g6_19+f6g5_19+f7g4_19+f8g3_19+f9g2_19;
int64_t h2 = f0g2+f1g1_2 +f2g0 +f3g9_38+f4g8_19+f5g7_38+f6g6_19+f7g5_38+f8g4_19+f9g3_38;
@@ -278,10 +278,10 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
i.e. |h1| <= 1.7*2^59; narrower ranges for h3, h5, h7, h9
*/
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
/* |h0| <= 2^25 */
@@ -289,10 +289,10 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
/* |h1| <= 1.71*2^59 */
/* |h5| <= 1.71*2^59 */
- carry1 = (h1 + (int64_t)(1<<24)) >> 25;
+ carry1 = (h1 + (static_cast<int64_t>(1) << 24)) >> 25;
h2 += carry1;
h1 -= carry1 << 25;
- carry5 = (h5 + (int64_t)(1<<24)) >> 25;
+ carry5 = (h5 + (static_cast<int64_t>(1) << 24)) >> 25;
h6 += carry5;
h5 -= carry5 << 25;
/* |h1| <= 2^24; from now on fits into int32 */
@@ -300,10 +300,10 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
/* |h2| <= 1.41*2^60 */
/* |h6| <= 1.41*2^60 */
- carry2 = (h2 + (int64_t)(1<<25)) >> 26;
+ carry2 = (h2 + (static_cast<int64_t>(1) << 25)) >> 26;
h3 += carry2;
h2 -= carry2 << 26;
- carry6 = (h6 + (int64_t)(1<<25)) >> 26;
+ carry6 = (h6 + (static_cast<int64_t>(1) << 25)) >> 26;
h7 += carry6;
h6 -= carry6 << 26;
/* |h2| <= 2^25; from now on fits into int32 unchanged */
@@ -311,10 +311,10 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
/* |h3| <= 1.71*2^59 */
/* |h7| <= 1.71*2^59 */
- carry3 = (h3 + (int64_t)(1<<24)) >> 25;
+ carry3 = (h3 + (static_cast<int64_t>(1) << 24)) >> 25;
h4 += carry3;
h3 -= carry3 << 25;
- carry7 = (h7 + (int64_t)(1<<24)) >> 25;
+ carry7 = (h7 + (static_cast<int64_t>(1) << 24)) >> 25;
h8 += carry7;
h7 -= carry7 << 25;
/* |h3| <= 2^24; from now on fits into int32 unchanged */
@@ -322,10 +322,10 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
/* |h4| <= 1.72*2^34 */
/* |h8| <= 1.41*2^60 */
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- carry8 = (h8 + (int64_t)(1<<25)) >> 26;
+ carry8 = (h8 + (static_cast<int64_t>(1) << 25)) >> 26;
h9 += carry8;
h8 -= carry8 << 26;
/* |h4| <= 2^25; from now on fits into int32 unchanged */
@@ -333,13 +333,13 @@ FE_25519 FE_25519::mul(const FE_25519& f, const FE_25519& g)
/* |h5| <= 1.01*2^24 */
/* |h9| <= 1.71*2^59 */
- carry9 = (h9 + (int64_t)(1<<24)) >> 25;
+ carry9 = (h9 + (static_cast<int64_t>(1) << 24)) >> 25;
h0 += carry9 * 19;
h9 -= carry9 << 25;
/* |h9| <= 2^24; from now on fits into int32 unchanged */
/* |h0| <= 1.1*2^39 */
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
/* |h0| <= 2^25; from now on fits into int32 unchanged */
@@ -393,61 +393,61 @@ FE_25519 FE_25519::sqr_iter(const FE_25519& f, size_t iter)
const int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */
const int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */
- const int64_t f0f0 = f0 * (int64_t) f0;
- const int64_t f0f1_2 = f0_2 * (int64_t) f1;
- const int64_t f0f2_2 = f0_2 * (int64_t) f2;
- const int64_t f0f3_2 = f0_2 * (int64_t) f3;
- const int64_t f0f4_2 = f0_2 * (int64_t) f4;
- const int64_t f0f5_2 = f0_2 * (int64_t) f5;
- const int64_t f0f6_2 = f0_2 * (int64_t) f6;
- const int64_t f0f7_2 = f0_2 * (int64_t) f7;
- const int64_t f0f8_2 = f0_2 * (int64_t) f8;
- const int64_t f0f9_2 = f0_2 * (int64_t) f9;
- const int64_t f1f1_2 = f1_2 * (int64_t) f1;
- const int64_t f1f2_2 = f1_2 * (int64_t) f2;
- const int64_t f1f3_4 = f1_2 * (int64_t) f3_2;
- const int64_t f1f4_2 = f1_2 * (int64_t) f4;
- const int64_t f1f5_4 = f1_2 * (int64_t) f5_2;
- const int64_t f1f6_2 = f1_2 * (int64_t) f6;
- const int64_t f1f7_4 = f1_2 * (int64_t) f7_2;
- const int64_t f1f8_2 = f1_2 * (int64_t) f8;
- const int64_t f1f9_76 = f1_2 * (int64_t) f9_38;
- const int64_t f2f2 = f2 * (int64_t) f2;
- const int64_t f2f3_2 = f2_2 * (int64_t) f3;
- const int64_t f2f4_2 = f2_2 * (int64_t) f4;
- const int64_t f2f5_2 = f2_2 * (int64_t) f5;
- const int64_t f2f6_2 = f2_2 * (int64_t) f6;
- const int64_t f2f7_2 = f2_2 * (int64_t) f7;
- const int64_t f2f8_38 = f2_2 * (int64_t) f8_19;
- const int64_t f2f9_38 = f2 * (int64_t) f9_38;
- const int64_t f3f3_2 = f3_2 * (int64_t) f3;
- const int64_t f3f4_2 = f3_2 * (int64_t) f4;
- const int64_t f3f5_4 = f3_2 * (int64_t) f5_2;
- const int64_t f3f6_2 = f3_2 * (int64_t) f6;
- const int64_t f3f7_76 = f3_2 * (int64_t) f7_38;
- const int64_t f3f8_38 = f3_2 * (int64_t) f8_19;
- const int64_t f3f9_76 = f3_2 * (int64_t) f9_38;
- const int64_t f4f4 = f4 * (int64_t) f4;
- const int64_t f4f5_2 = f4_2 * (int64_t) f5;
- const int64_t f4f6_38 = f4_2 * (int64_t) f6_19;
- const int64_t f4f7_38 = f4 * (int64_t) f7_38;
- const int64_t f4f8_38 = f4_2 * (int64_t) f8_19;
- const int64_t f4f9_38 = f4 * (int64_t) f9_38;
- const int64_t f5f5_38 = f5 * (int64_t) f5_38;
- const int64_t f5f6_38 = f5_2 * (int64_t) f6_19;
- const int64_t f5f7_76 = f5_2 * (int64_t) f7_38;
- const int64_t f5f8_38 = f5_2 * (int64_t) f8_19;
- const int64_t f5f9_76 = f5_2 * (int64_t) f9_38;
- const int64_t f6f6_19 = f6 * (int64_t) f6_19;
- const int64_t f6f7_38 = f6 * (int64_t) f7_38;
- const int64_t f6f8_38 = f6_2 * (int64_t) f8_19;
- const int64_t f6f9_38 = f6 * (int64_t) f9_38;
- const int64_t f7f7_38 = f7 * (int64_t) f7_38;
- const int64_t f7f8_38 = f7_2 * (int64_t) f8_19;
- const int64_t f7f9_76 = f7_2 * (int64_t) f9_38;
- const int64_t f8f8_19 = f8 * (int64_t) f8_19;
- const int64_t f8f9_38 = f8 * (int64_t) f9_38;
- const int64_t f9f9_38 = f9 * (int64_t) f9_38;
+ const int64_t f0f0 = f0 * static_cast<int64_t>(f0);
+ const int64_t f0f1_2 = f0_2 * static_cast<int64_t>(f1);
+ const int64_t f0f2_2 = f0_2 * static_cast<int64_t>(f2);
+ const int64_t f0f3_2 = f0_2 * static_cast<int64_t>(f3);
+ const int64_t f0f4_2 = f0_2 * static_cast<int64_t>(f4);
+ const int64_t f0f5_2 = f0_2 * static_cast<int64_t>(f5);
+ const int64_t f0f6_2 = f0_2 * static_cast<int64_t>(f6);
+ const int64_t f0f7_2 = f0_2 * static_cast<int64_t>(f7);
+ const int64_t f0f8_2 = f0_2 * static_cast<int64_t>(f8);
+ const int64_t f0f9_2 = f0_2 * static_cast<int64_t>(f9);
+ const int64_t f1f1_2 = f1_2 * static_cast<int64_t>(f1);
+ const int64_t f1f2_2 = f1_2 * static_cast<int64_t>(f2);
+ const int64_t f1f3_4 = f1_2 * static_cast<int64_t>(f3_2);
+ const int64_t f1f4_2 = f1_2 * static_cast<int64_t>(f4);
+ const int64_t f1f5_4 = f1_2 * static_cast<int64_t>(f5_2);
+ const int64_t f1f6_2 = f1_2 * static_cast<int64_t>(f6);
+ const int64_t f1f7_4 = f1_2 * static_cast<int64_t>(f7_2);
+ const int64_t f1f8_2 = f1_2 * static_cast<int64_t>(f8);
+ const int64_t f1f9_76 = f1_2 * static_cast<int64_t>(f9_38);
+ const int64_t f2f2 = f2 * static_cast<int64_t>(f2);
+ const int64_t f2f3_2 = f2_2 * static_cast<int64_t>(f3);
+ const int64_t f2f4_2 = f2_2 * static_cast<int64_t>(f4);
+ const int64_t f2f5_2 = f2_2 * static_cast<int64_t>(f5);
+ const int64_t f2f6_2 = f2_2 * static_cast<int64_t>(f6);
+ const int64_t f2f7_2 = f2_2 * static_cast<int64_t>(f7);
+ const int64_t f2f8_38 = f2_2 * static_cast<int64_t>(f8_19);
+ const int64_t f2f9_38 = f2 * static_cast<int64_t>(f9_38);
+ const int64_t f3f3_2 = f3_2 * static_cast<int64_t>(f3);
+ const int64_t f3f4_2 = f3_2 * static_cast<int64_t>(f4);
+ const int64_t f3f5_4 = f3_2 * static_cast<int64_t>(f5_2);
+ const int64_t f3f6_2 = f3_2 * static_cast<int64_t>(f6);
+ const int64_t f3f7_76 = f3_2 * static_cast<int64_t>(f7_38);
+ const int64_t f3f8_38 = f3_2 * static_cast<int64_t>(f8_19);
+ const int64_t f3f9_76 = f3_2 * static_cast<int64_t>(f9_38);
+ const int64_t f4f4 = f4 * static_cast<int64_t>(f4);
+ const int64_t f4f5_2 = f4_2 * static_cast<int64_t>(f5);
+ const int64_t f4f6_38 = f4_2 * static_cast<int64_t>(f6_19);
+ const int64_t f4f7_38 = f4 * static_cast<int64_t>(f7_38);
+ const int64_t f4f8_38 = f4_2 * static_cast<int64_t>(f8_19);
+ const int64_t f4f9_38 = f4 * static_cast<int64_t>(f9_38);
+ const int64_t f5f5_38 = f5 * static_cast<int64_t>(f5_38);
+ const int64_t f5f6_38 = f5_2 * static_cast<int64_t>(f6_19);
+ const int64_t f5f7_76 = f5_2 * static_cast<int64_t>(f7_38);
+ const int64_t f5f8_38 = f5_2 * static_cast<int64_t>(f8_19);
+ const int64_t f5f9_76 = f5_2 * static_cast<int64_t>(f9_38);
+ const int64_t f6f6_19 = f6 * static_cast<int64_t>(f6_19);
+ const int64_t f6f7_38 = f6 * static_cast<int64_t>(f7_38);
+ const int64_t f6f8_38 = f6_2 * static_cast<int64_t>(f8_19);
+ const int64_t f6f9_38 = f6 * static_cast<int64_t>(f9_38);
+ const int64_t f7f7_38 = f7 * static_cast<int64_t>(f7_38);
+ const int64_t f7f8_38 = f7_2 * static_cast<int64_t>(f8_19);
+ const int64_t f7f9_76 = f7_2 * static_cast<int64_t>(f9_38);
+ const int64_t f8f8_19 = f8 * static_cast<int64_t>(f8_19);
+ const int64_t f8f9_38 = f8 * static_cast<int64_t>(f9_38);
+ const int64_t f9f9_38 = f9 * static_cast<int64_t>(f9_38);
int64_t h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38;
int64_t h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38;
@@ -471,45 +471,45 @@ FE_25519 FE_25519::sqr_iter(const FE_25519& f, size_t iter)
int64_t carry8;
int64_t carry9;
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- carry1 = (h1 + (int64_t)(1<<24)) >> 25;
+ carry1 = (h1 + (static_cast<int64_t>(1) << 24)) >> 25;
h2 += carry1;
h1 -= carry1 << 25;
- carry5 = (h5 + (int64_t)(1<<24)) >> 25;
+ carry5 = (h5 + (static_cast<int64_t>(1) << 24)) >> 25;
h6 += carry5;
h5 -= carry5 << 25;
- carry2 = (h2 + (int64_t)(1<<25)) >> 26;
+ carry2 = (h2 + (static_cast<int64_t>(1) << 25)) >> 26;
h3 += carry2;
h2 -= carry2 << 26;
- carry6 = (h6 + (int64_t)(1<<25)) >> 26;
+ carry6 = (h6 + (static_cast<int64_t>(1) << 25)) >> 26;
h7 += carry6;
h6 -= carry6 << 26;
- carry3 = (h3 + (int64_t)(1<<24)) >> 25;
+ carry3 = (h3 + (static_cast<int64_t>(1) << 24)) >> 25;
h4 += carry3;
h3 -= carry3 << 25;
- carry7 = (h7 + (int64_t)(1<<24)) >> 25;
+ carry7 = (h7 + (static_cast<int64_t>(1) << 24)) >> 25;
h8 += carry7;
h7 -= carry7 << 25;
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- carry8 = (h8 + (int64_t)(1<<25)) >> 26;
+ carry8 = (h8 + (static_cast<int64_t>(1) << 25)) >> 26;
h9 += carry8;
h8 -= carry8 << 26;
- carry9 = (h9 + (int64_t)(1<<24)) >> 25;
+ carry9 = (h9 + (static_cast<int64_t>(1) << 24)) >> 25;
h0 += carry9 * 19;
h9 -= carry9 << 25;
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
@@ -569,61 +569,61 @@ FE_25519 FE_25519::sqr2(const FE_25519& f)
int32_t f7_38 = 38 * f7; /* 1.959375*2^30 */
int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */
int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */
- int64_t f0f0 = f0 * (int64_t) f0;
- int64_t f0f1_2 = f0_2 * (int64_t) f1;
- int64_t f0f2_2 = f0_2 * (int64_t) f2;
- int64_t f0f3_2 = f0_2 * (int64_t) f3;
- int64_t f0f4_2 = f0_2 * (int64_t) f4;
- int64_t f0f5_2 = f0_2 * (int64_t) f5;
- int64_t f0f6_2 = f0_2 * (int64_t) f6;
- int64_t f0f7_2 = f0_2 * (int64_t) f7;
- int64_t f0f8_2 = f0_2 * (int64_t) f8;
- int64_t f0f9_2 = f0_2 * (int64_t) f9;
- int64_t f1f1_2 = f1_2 * (int64_t) f1;
- int64_t f1f2_2 = f1_2 * (int64_t) f2;
- int64_t f1f3_4 = f1_2 * (int64_t) f3_2;
- int64_t f1f4_2 = f1_2 * (int64_t) f4;
- int64_t f1f5_4 = f1_2 * (int64_t) f5_2;
- int64_t f1f6_2 = f1_2 * (int64_t) f6;
- int64_t f1f7_4 = f1_2 * (int64_t) f7_2;
- int64_t f1f8_2 = f1_2 * (int64_t) f8;
- int64_t f1f9_76 = f1_2 * (int64_t) f9_38;
- int64_t f2f2 = f2 * (int64_t) f2;
- int64_t f2f3_2 = f2_2 * (int64_t) f3;
- int64_t f2f4_2 = f2_2 * (int64_t) f4;
- int64_t f2f5_2 = f2_2 * (int64_t) f5;
- int64_t f2f6_2 = f2_2 * (int64_t) f6;
- int64_t f2f7_2 = f2_2 * (int64_t) f7;
- int64_t f2f8_38 = f2_2 * (int64_t) f8_19;
- int64_t f2f9_38 = f2 * (int64_t) f9_38;
- int64_t f3f3_2 = f3_2 * (int64_t) f3;
- int64_t f3f4_2 = f3_2 * (int64_t) f4;
- int64_t f3f5_4 = f3_2 * (int64_t) f5_2;
- int64_t f3f6_2 = f3_2 * (int64_t) f6;
- int64_t f3f7_76 = f3_2 * (int64_t) f7_38;
- int64_t f3f8_38 = f3_2 * (int64_t) f8_19;
- int64_t f3f9_76 = f3_2 * (int64_t) f9_38;
- int64_t f4f4 = f4 * (int64_t) f4;
- int64_t f4f5_2 = f4_2 * (int64_t) f5;
- int64_t f4f6_38 = f4_2 * (int64_t) f6_19;
- int64_t f4f7_38 = f4 * (int64_t) f7_38;
- int64_t f4f8_38 = f4_2 * (int64_t) f8_19;
- int64_t f4f9_38 = f4 * (int64_t) f9_38;
- int64_t f5f5_38 = f5 * (int64_t) f5_38;
- int64_t f5f6_38 = f5_2 * (int64_t) f6_19;
- int64_t f5f7_76 = f5_2 * (int64_t) f7_38;
- int64_t f5f8_38 = f5_2 * (int64_t) f8_19;
- int64_t f5f9_76 = f5_2 * (int64_t) f9_38;
- int64_t f6f6_19 = f6 * (int64_t) f6_19;
- int64_t f6f7_38 = f6 * (int64_t) f7_38;
- int64_t f6f8_38 = f6_2 * (int64_t) f8_19;
- int64_t f6f9_38 = f6 * (int64_t) f9_38;
- int64_t f7f7_38 = f7 * (int64_t) f7_38;
- int64_t f7f8_38 = f7_2 * (int64_t) f8_19;
- int64_t f7f9_76 = f7_2 * (int64_t) f9_38;
- int64_t f8f8_19 = f8 * (int64_t) f8_19;
- int64_t f8f9_38 = f8 * (int64_t) f9_38;
- int64_t f9f9_38 = f9 * (int64_t) f9_38;
+ int64_t f0f0 = f0 * static_cast<int64_t>(f0);
+ int64_t f0f1_2 = f0_2 * static_cast<int64_t>(f1);
+ int64_t f0f2_2 = f0_2 * static_cast<int64_t>(f2);
+ int64_t f0f3_2 = f0_2 * static_cast<int64_t>(f3);
+ int64_t f0f4_2 = f0_2 * static_cast<int64_t>(f4);
+ int64_t f0f5_2 = f0_2 * static_cast<int64_t>(f5);
+ int64_t f0f6_2 = f0_2 * static_cast<int64_t>(f6);
+ int64_t f0f7_2 = f0_2 * static_cast<int64_t>(f7);
+ int64_t f0f8_2 = f0_2 * static_cast<int64_t>(f8);
+ int64_t f0f9_2 = f0_2 * static_cast<int64_t>(f9);
+ int64_t f1f1_2 = f1_2 * static_cast<int64_t>(f1);
+ int64_t f1f2_2 = f1_2 * static_cast<int64_t>(f2);
+ int64_t f1f3_4 = f1_2 * static_cast<int64_t>(f3_2);
+ int64_t f1f4_2 = f1_2 * static_cast<int64_t>(f4);
+ int64_t f1f5_4 = f1_2 * static_cast<int64_t>(f5_2);
+ int64_t f1f6_2 = f1_2 * static_cast<int64_t>(f6);
+ int64_t f1f7_4 = f1_2 * static_cast<int64_t>(f7_2);
+ int64_t f1f8_2 = f1_2 * static_cast<int64_t>(f8);
+ int64_t f1f9_76 = f1_2 * static_cast<int64_t>(f9_38);
+ int64_t f2f2 = f2 * static_cast<int64_t>(f2);
+ int64_t f2f3_2 = f2_2 * static_cast<int64_t>(f3);
+ int64_t f2f4_2 = f2_2 * static_cast<int64_t>(f4);
+ int64_t f2f5_2 = f2_2 * static_cast<int64_t>(f5);
+ int64_t f2f6_2 = f2_2 * static_cast<int64_t>(f6);
+ int64_t f2f7_2 = f2_2 * static_cast<int64_t>(f7);
+ int64_t f2f8_38 = f2_2 * static_cast<int64_t>(f8_19);
+ int64_t f2f9_38 = f2 * static_cast<int64_t>(f9_38);
+ int64_t f3f3_2 = f3_2 * static_cast<int64_t>(f3);
+ int64_t f3f4_2 = f3_2 * static_cast<int64_t>(f4);
+ int64_t f3f5_4 = f3_2 * static_cast<int64_t>(f5_2);
+ int64_t f3f6_2 = f3_2 * static_cast<int64_t>(f6);
+ int64_t f3f7_76 = f3_2 * static_cast<int64_t>(f7_38);
+ int64_t f3f8_38 = f3_2 * static_cast<int64_t>(f8_19);
+ int64_t f3f9_76 = f3_2 * static_cast<int64_t>(f9_38);
+ int64_t f4f4 = f4 * static_cast<int64_t>(f4);
+ int64_t f4f5_2 = f4_2 * static_cast<int64_t>(f5);
+ int64_t f4f6_38 = f4_2 * static_cast<int64_t>(f6_19);
+ int64_t f4f7_38 = f4 * static_cast<int64_t>(f7_38);
+ int64_t f4f8_38 = f4_2 * static_cast<int64_t>(f8_19);
+ int64_t f4f9_38 = f4 * static_cast<int64_t>(f9_38);
+ int64_t f5f5_38 = f5 * static_cast<int64_t>(f5_38);
+ int64_t f5f6_38 = f5_2 * static_cast<int64_t>(f6_19);
+ int64_t f5f7_76 = f5_2 * static_cast<int64_t>(f7_38);
+ int64_t f5f8_38 = f5_2 * static_cast<int64_t>(f8_19);
+ int64_t f5f9_76 = f5_2 * static_cast<int64_t>(f9_38);
+ int64_t f6f6_19 = f6 * static_cast<int64_t>(f6_19);
+ int64_t f6f7_38 = f6 * static_cast<int64_t>(f7_38);
+ int64_t f6f8_38 = f6_2 * static_cast<int64_t>(f8_19);
+ int64_t f6f9_38 = f6 * static_cast<int64_t>(f9_38);
+ int64_t f7f7_38 = f7 * static_cast<int64_t>(f7_38);
+ int64_t f7f8_38 = f7_2 * static_cast<int64_t>(f8_19);
+ int64_t f7f9_76 = f7_2 * static_cast<int64_t>(f9_38);
+ int64_t f8f8_19 = f8 * static_cast<int64_t>(f8_19);
+ int64_t f8f9_38 = f8 * static_cast<int64_t>(f9_38);
+ int64_t f9f9_38 = f9 * static_cast<int64_t>(f9_38);
int64_t h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38;
int64_t h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38;
int64_t h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19;
@@ -656,46 +656,46 @@ FE_25519 FE_25519::sqr2(const FE_25519& f)
h8 += h8;
h9 += h9;
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- carry1 = (h1 + (int64_t)(1<<24)) >> 25;
+ carry1 = (h1 + (static_cast<int64_t>(1) << 24)) >> 25;
h2 += carry1;
h1 -= carry1 << 25;
- carry5 = (h5 + (int64_t)(1<<24)) >> 25;
+ carry5 = (h5 + (static_cast<int64_t>(1) << 24)) >> 25;
h6 += carry5;
h5 -= carry5 << 25;
- carry2 = (h2 + (int64_t)(1<<25)) >> 26;
+ carry2 = (h2 + (static_cast<int64_t>(1) << 25)) >> 26;
h3 += carry2;
h2 -= carry2 << 26;
- carry6 = (h6 + (int64_t)(1<<25)) >> 26;
+ carry6 = (h6 + (static_cast<int64_t>(1) << 25)) >> 26;
h7 += carry6;
h6 -= carry6 << 26;
- carry3 = (h3 + (int64_t)(1<<24)) >> 25;
+ carry3 = (h3 + (static_cast<int64_t>(1) << 24)) >> 25;
h4 += carry3;
h3 -= carry3 << 25;
- carry7 = (h7 + (int64_t)(1<<24)) >> 25;
+ carry7 = (h7 + (static_cast<int64_t>(1) << 24)) >> 25;
h8 += carry7;
h7 -= carry7 << 25;
- carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- carry8 = (h8 + (int64_t)(1<<25)) >> 26;
+ carry8 = (h8 + (static_cast<int64_t>(1) << 25)) >> 26;
h9 += carry8;
h8 -= carry8 << 26;
- carry9 = (h9 + (int64_t)(1<<24)) >> 25;
+ carry9 = (h9 + (static_cast<int64_t>(1) << 24)) >> 25;
h0 += carry9 * 19;
h9 -= carry9 << 25;
- carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
@@ -719,35 +719,35 @@ void FE_25519::from_bytes(const uint8_t s[32])
int64_t h8 = load_3(s + 26) << 4;
int64_t h9 = (load_3(s + 29) & 0x7fffff) << 2;
- const int64_t carry9 = (h9 + (int64_t)(1<<24)) >> 25;
+ const int64_t carry9 = (h9 + (static_cast<int64_t>(1) << 24)) >> 25;
h0 += carry9 * 19;
h9 -= carry9 << 25;
- const int64_t carry1 = (h1 + (int64_t)(1<<24)) >> 25;
+ const int64_t carry1 = (h1 + (static_cast<int64_t>(1) << 24)) >> 25;
h2 += carry1;
h1 -= carry1 << 25;
- const int64_t carry3 = (h3 + (int64_t)(1<<24)) >> 25;
+ const int64_t carry3 = (h3 + (static_cast<int64_t>(1) << 24)) >> 25;
h4 += carry3;
h3 -= carry3 << 25;
- const int64_t carry5 = (h5 + (int64_t)(1<<24)) >> 25;
+ const int64_t carry5 = (h5 + (static_cast<int64_t>(1) << 24)) >> 25;
h6 += carry5;
h5 -= carry5 << 25;
- const int64_t carry7 = (h7 + (int64_t)(1<<24)) >> 25;
+ const int64_t carry7 = (h7 + (static_cast<int64_t>(1) << 24)) >> 25;
h8 += carry7;
h7 -= carry7 << 25;
- const int64_t carry0 = (h0 + (int64_t)(1<<25)) >> 26;
+ const int64_t carry0 = (h0 + (static_cast<int64_t>(1) << 25)) >> 26;
h1 += carry0;
h0 -= carry0 << 26;
- const int64_t carry2 = (h2 + (int64_t)(1<<25)) >> 26;
+ const int64_t carry2 = (h2 + (static_cast<int64_t>(1) << 25)) >> 26;
h3 += carry2;
h2 -= carry2 << 26;
- const int64_t carry4 = (h4 + (int64_t)(1<<25)) >> 26;
+ const int64_t carry4 = (h4 + (static_cast<int64_t>(1) << 25)) >> 26;
h5 += carry4;
h4 -= carry4 << 26;
- const int64_t carry6 = (h6 + (int64_t)(1<<25)) >> 26;
+ const int64_t carry6 = (h6 + (static_cast<int64_t>(1) << 25)) >> 26;
h7 += carry6;
h6 -= carry6 << 26;
- const int64_t carry8 = (h8 + (int64_t)(1<<25)) >> 26;
+ const int64_t carry8 = (h8 + (static_cast<int64_t>(1) << 25)) >> 26;
h9 += carry8;
h8 -= carry8 << 26;
@@ -812,7 +812,7 @@ void FE_25519::to_bytes(uint8_t s[32]) const
int32_t carry8;
int32_t carry9;
- q = (19 * h9 + (((int32_t) 1) << 24)) >> 25;
+ q = (19 * h9 + ((static_cast<int32_t>(1) << 24))) >> 25;
q = (h0 + q) >> 26;
q = (h1 + q) >> 25;
q = (h2 + q) >> 26;
diff --git a/src/lib/pubkey/ed25519/ed25519_internal.h b/src/lib/pubkey/ed25519/ed25519_internal.h
index 2a86bb30e..8a0ccf44c 100644
--- a/src/lib/pubkey/ed25519/ed25519_internal.h
+++ b/src/lib/pubkey/ed25519/ed25519_internal.h
@@ -16,24 +16,16 @@
namespace Botan {
-inline uint64_t load_3(const uint8_t* in)
+inline uint64_t load_3(const uint8_t in[3])
{
- uint64_t result;
- result = (uint64_t) in[0];
- result |= ((uint64_t) in[1]) << 8;
- result |= ((uint64_t) in[2]) << 16;
- return result;
+ return static_cast<uint64_t>(in[0]) |
+ (static_cast<uint64_t>(in[1]) << 8) |
+ (static_cast<uint64_t>(in[2]) << 16);
}
inline uint64_t load_4(const uint8_t* in)
{
- uint64_t result;
- result = (uint64_t) in[0];
- result |= ((uint64_t) in[1]) << 8;
- result |= ((uint64_t) in[2]) << 16;
- result |= ((uint64_t) in[3]) << 24;
- return result;
- //return load_le<uint32_t>(in, 0);
+ return load_le<uint32_t>(in, 0);
}
/*