mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-06 06:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

crypto.pcurves.common: generalize invert() (#23039)

Browse Source 
The Bernstein-Yang inversion code was meant to be used only with the
fields we currently use for the NIST curves.

But people copied that code and were confused that it didn't work as
expected with other field sizes.

It doesn't cost anything to make it work with other field sizes,
that may support in the future. So let's do it.
This also reduces the diff with the example zig code in fiat crypto.

Suggested by @Rexicon226 -- Thank you!
This commit is contained in:
Frank Denis 2025-03-02 11:27:04 +01:00 committed by GitHub
parent a6525c1762
commit d8d2aa9af4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/std/crypto/pcurves/common.zig
View File

@ -197,7 +197,7 @@ pub fn Field(comptime params: FieldParams) type {
/// Return the inverse of a field element, or 0 if a=0. /// Return the inverse of a field element, or 0 if a=0.
// Field inversion from https://eprint.iacr.org/2021/549.pdf // Field inversion from https://eprint.iacr.org/2021/549.pdf
pub fn invert(a: Fe) Fe { pub fn invert(a: Fe) Fe {
const iterations = (49 * field_bits + 57) / 17; const iterations = (49 * field_bits + if (field_bits < 46) 80 else 57) / 17;
const Limbs = @TypeOf(a.limbs); const Limbs = @TypeOf(a.limbs);
const Word = @TypeOf(a.limbs[0]); const Word = @TypeOf(a.limbs[0]);
const XLimbs = [a.limbs.len + 1]Word; const XLimbs = [a.limbs.len + 1]Word;