undoing edits made by the BGN2 folks (can be reverted if necessary but as far as I can tell, it was mostly cruft around some debugging they were doing and playing with maybe using more bits (but it's not clear that it would've worked considering, like... I don't think they changed the curve itself?))

third_party/dclxvi-20130329/Makefile

@@ -0,0 +1,87 @@
+CPP=g++
+CPPFLAGS=-g -Wall -DCHECK
+
+CC=gcc
+CFLAGS=-std=c99 -O3 -fomit-frame-pointer
+LFLAGS=-lm
+
+all: as check c
+
+c: bilintest-c \
+	 speedtest-c
+
+as: bilintest-as \
+		speedtest-as \
+		test_curvepoint_multiscalar-as \
+		test_twistpoint_multiscalar-as
+
+check: bilintest-check \
+	     speedtest-check \
+			 test_curvepoint_multiscalar-check \
+			 test_twistpoint_multiscalar-check
+
+bilintest-check: bilintest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c
+	$(CPP) $(CPPFLAGS) -DNTESTS=20 -o $@ $^
+
+bilintest-c: bilintest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c
+	$(CC) $(CFLAGS) $(LFLAGS) -DNTESTS=1000 -o $@ $^
+
+bilintest-as: bilintest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c asfunctions.a
+	$(CC) $(CFLAGS) $(LFLAGS) -DQHASM -DNTESTS=1000000 -o $@ $^
+
+speedtest-check: speedtest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c
+	$(CPP) $(CPPFLAGS) -o $@ $^
+
+speedtest-c: speedtest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c
+	$(CC) $(CFLAGS) $(LFLAGS) -o $@ $^
+
+speedtest-as: speedtest.c linefunction.c optate.c fpe.c fp2e.c fp6e.c fp12e.c curvepoint_fp.c twistpoint_fp2.c final_expo.c scalar.c parameters.c mul.c mydouble.c asfunctions.a
+	$(CC) $(CFLAGS) $(LFLAGS) -DQHASM -o $@ $^
+
+test_curvepoint_multiscalar-check: test_curvepoint_multiscalar.c fpe.c scalar.c parameters.c curvepoint_fp.c mul.c mydouble.c \
+																		curvepoint_fp_multiscalar.c heap_rootreplaced.s index_heap.c scalar_sub_nored.s \
+																		asfunctions.a
+	$(CPP) $(CPPFLAGS) -o $@ $^
+
+test_curvepoint_multiscalar-as: test_curvepoint_multiscalar.c fpe.c scalar.c parameters.c curvepoint_fp.c mul.c mydouble.c \
+																curvepoint_fp_multiscalar.c heap_rootreplaced.s index_heap.c scalar_sub_nored.s \
+																asfunctions.a
+	$(CC) $(CFLAGS) $(LFLAGS) -DQHASM -o $@ $^
+
+test_twistpoint_multiscalar-check: test_twistpoint_multiscalar.c fpe.c fp2e.c scalar.c parameters.c twistpoint_fp2.c mul.c mydouble.c \
+																	twistpoint_fp2_multiscalar.c heap_rootreplaced.s index_heap.c scalar_sub_nored.s \
+																	asfunctions.a
+	$(CPP) $(CPPFLAGS) -o $@ $^
+
+test_twistpoint_multiscalar-as: test_twistpoint_multiscalar.c fpe.c fp2e.c scalar.c parameters.c twistpoint_fp2.c mul.c mydouble.c \
+																	twistpoint_fp2_multiscalar.c heap_rootreplaced.s index_heap.c scalar_sub_nored.s \
+																	asfunctions.a
+	$(CC) $(CFLAGS) $(LFLAGS) -DQHASM -o $@ $^
+
+
+%.o: %.s
+	$(CC) $(CFLAGS) -c -o $@ $^
+
+asfunctions.a: fp2e_add2.o fp2e_sub2.o \
+	fp2e_double2.o fp2e_triple2.o fp2e_neg2.o \
+	fp2e_mul.o fp2e_mul_fpe.o fp2e_short_coeffred.o \
+	fp2e_add.o fp2e_sub.o fp2e_parallel_coeffmul.o fp2e_mulxi.o\
+	fp2e_double.o fp2e_triple.o fp2e_neg.o fp2e_conjugate.o \
+	fpe_mul.o fp2e_square.o \
+	consts.o
+	rm -f asfunctions.a
+	ar cr asfunctions.a $^
+
+.PHONY: clean
+
+clean:
+	-rm bilintest-check 
+	-rm speedtest-check 
+	-rm bilintest-c
+	-rm speedtest-c
+	-rm bilintest-as 
+	-rm speedtest-as 
+	-rm test_curvepoint_multiscalar-as
+	-rm test_curvepoint_multiscalar-check
+	-rm *.o
+	-rm asfunctions.a

third_party/dclxvi-20130329/bilintest.c

@@ -1,21 +1,15 @@
-// g++  -lgmp -lgmpxx -I ../dclxvi-20130329 -I ../update -o ../bin/bilintest ../dclxvi-20130329/bilintest.c  ../dclxvi-20130329/fpe.c ../dclxvi-20130329/fp2e.c ../dclxvi-20130329/curvepoint_fp.c ../dclxvi-20130329/twistpoint_fp2.c  ../dclxvi-20130329/scalar.c ../dclxvi-20130329/parameters.c ../dclxvi-20130329/mul.c ../dclxvi-20130329/mydouble.c ../update/parameters_512.c ../update/fp2e_512.c ../update/scalar_512.c ../update/complete_addition.c ../update/test_functions.cpp ../dclxvi-20130329/optate.c     ../dclxvi-20130329/fp6e.c  ../dclxvi-20130329/linefunction.c ../dclxvi-20130329/fp12e.c ../dclxvi-20130329/final_expo.c ../update/final_expo_512.c   -DNTESTS=10 && ../bin/bilintest
+/*
+ * File:   dclxvi-20130329/bilintest.c
+ * Author: Ruben Niederhagen, Peter Schwabe
+ * Public Domain
+ */
 
 #include <stdio.h>
 
-#include "test_functions.hpp" //ajouté pour la mise à jour vers une clef 512 bits
-
-
-#include "mydouble.h" 
-extern "C" {	
-#include "fpe.h"
-#include "fp2e.h"
-#include "fp6e.h"
-#include "fp12e.h"
-} 
 #include "curvepoint_fp.h"
 #include "twistpoint_fp2.h"
+#include "fp12e.h"
 #include "optate.h"
-#include <unistd.h> //fonction sleep
 
 extern const curvepoint_fp_t bn_curvegen;
 extern const twistpoint_fp2_t bn_twistgen;
@@ -23,158 +17,122 @@ extern const scalar_t bn_n;
 
 int main(int argc, char* argv[])
 {
-	titre(Bilintest);
-	//zout(!0,!1,!456465);
-	//return 0;
-	fp12e_t e1, e2, e3;
-
-	curvepoint_fp_t p1;
-
-	twistpoint_fp2_t p2;
-
-	scalar_t s1, s2;
-
-	int i;
-	// Test with neutral element as argument
-	scalar_setrandom(s1, bn_n);
-	//scalar_print(stdout, s1); 
-	//exit(0);
-	curvepoint_fp_set(p1, bn_curvegen);
-
-	//curvepoint_fp_print(stdout,p1);
-	//exit(0);
-	twistpoint_fp2_setneutral(p2);
-	fpe_isreduced(p1->m_x);
-	fpe_isreduced(p1->m_y);
-	//abc;
-	//curvepoint_fp_print(stdout,p1);
-	//scalar_print(stdout,s1);
-	//where;
-	curvepoint_fp_scalarmult_vartime(p1, p1, s1); //64 additions
-	
-	//xyz;
-	curvepoint_fp_makeaffine(p1);
-	optate(e1, p2, p1);
-	if(!fp12e_isone(e1))
-	printf("Error in optimal ate: e(infty,P) != 1\n");
-	scalar_setrandom(s2, bn_n);
-	curvepoint_fp_setneutral(p1);
-	twistpoint_fp2_set(p2, bn_twistgen);
-	fp2e_isreduced(p2->m_x);
-	fp2e_isreduced(p2->m_y);
-
-	twistpoint_fp2_scalarmult_vartime(p2, p2, s2);
-	twistpoint_fp2_makeaffine(p2);
-	optate(e1, p2, p1);
-	if(!fp12e_isone(e1))
-	printf("Error in optimal ate: e(Q,infty) != 1\n");
-	
-	// Bilinearity test of optimal ate Pairing:
-	for(i=0;i<NTESTS;i++)
-	{
-		#if (NTESTS > 100)
-			if(!(i%(NTESTS/100)) && i!=0) printf("Number of tests: %d\n",i);
-		#else
-			if(i>=0) printf("Number of tests: %d\n",i);
-		#endif
-		//ecris(bn_n = );
-		//scalar_print(stdout,bn_n);
-		scalar_setrandom(s1, bn_n);
-
-		scalar_setrandom(s2, bn_n);
-		
-		
-		
-		
-		
-		//unsigned long long tab[4]={0x8ae69c5bcb039b07,	0x58549b8019d00d7b,	0x1102df67a4a9ace2,	0xc36d19fe776fac9f};
-		//scalar_set_lluarray(s1,tab);
-		
-		//unsigned long long tab2[4]={0xad89b6fb63df1643,	0x354658972be46274,	0x4df1d15eaa4d2322,	0x10bf308f77d3d38d};
-		//scalar_set_lluarray(s2,tab2);		
-		
-		
-		//unsigned long long tab[4]={8,0,0,0};
-		//unsigned long long tab2[4]={1,0,0,0};
-		//scalar_set_lluarray(s1,tab);
-		//scalar_set_lluarray(s2,tab2);
-
-		curvepoint_fp_set(p1, bn_curvegen);
-		twistpoint_fp2_set(p2, bn_twistgen);
-		//twistpoint_fp2_print(stdout,bn_twistgen);
-		fpe_isreduced(p1->m_x);
-		fpe_isreduced(p1->m_y);
-		fp2e_isreduced(p2->m_x);
-		fp2e_isreduced(p2->m_y);
-		curvepoint_fp_scalarmult_vartime(p1, p1, s1);
-		curvepoint_fp_makeaffine(p1);
-		twistpoint_fp2_scalarmult_vartime(p2, p2, s2);
-		twistpoint_fp2_makeaffine(p2);
-		//printf("s1p1 affine: ");
-		//curvepoint_fp_print(stdout,p1);
-		//printf("\n");
-		//printf("s2p2 affine: ");
-		//twistpoint_fp2_print(stdout,p2);
-		//printf("\n");
-		optate(e1, p2, p1);
-		curvepoint_fp_set(p1, bn_curvegen);
-		twistpoint_fp2_set(p2, bn_twistgen);
-		fpe_isreduced(p1->m_x);
-		fpe_isreduced(p1->m_y);
-		fp2e_isreduced(p2->m_x);
-		fp2e_isreduced(p2->m_y);
-		curvepoint_fp_scalarmult_vartime(p1, p1, s2);
-		curvepoint_fp_makeaffine(p1);
-		twistpoint_fp2_scalarmult_vartime(p2, p2, s1);
-		twistpoint_fp2_makeaffine(p2);
-		//printf("s2p1 affine: ");
-		//curvepoint_fp_print(stdout,p1);
-		//printf("\n");
-		//printf("s1p2 affine: ");
-		//twistpoint_fp2_print(stdout,p2);
-		//printf("\n");
-		optate(e2, p2, p1);
-
-		curvepoint_fp_set(p1, bn_curvegen);
-		twistpoint_fp2_set(p2, bn_twistgen);
-
-		optate(e3, p2, p1);
-
-		fp12e_pow_vartime(e3, e3, s1);
-		fp12e_pow_vartime(e3, e3, s2);
-
-		if(!fp12e_iseq(e1,e2))
-		{
-		  printf("Error in optimal ate: e1 != e2\n");
-		  //printf("e1: ");
-		  //fp12e_print(stdout, e1);
-		  //printf("\ne2: ");
-		  //fp12e_print(stdout, e2);
-		  //printf("\nScalars:\n");
-		  //printf("s1= ");
-		  //scalar_print(stdout, s1); 
-		  //printf("\ns2= ");
-		  //scalar_print(stdout, s2); 
-		  //printf("\n");
-		  }
-		else if(!fp12e_iseq(e2,e3))
-		{
-		  printf("Error in optimal ate: e2 != e3\n");
-		  printf("e2: ");
-		  fp12e_print(stdout, e2);
-		  printf("\ne3: ");
-		  fp12e_print(stdout, e3);
-		  printf("\nScalars:\n");
-		  printf("s1= ");
-		  scalar_print(stdout, s1); 
-		  printf("\ns2= ");
-		  scalar_print(stdout, s2); 
-		  printf("\n");
-		}
-		else if(fp12e_iszero(e2))
-		  printf("Error: Pairing value is zero\n");
-		else if(fp12e_isone(e2))
-		  printf("Warning: Pairing value is one\n");
-		}
-		return 0;
+  fp12e_t e1, e2, e3;
+
+  curvepoint_fp_t p1;
+  twistpoint_fp2_t p2;
+
+  scalar_t s1, s2;
+
+  int i;
+
+  // Test with neutral element as argument
+  scalar_setrandom(s1, bn_n);
+  curvepoint_fp_set(p1, bn_curvegen);
+  twistpoint_fp2_setneutral(p2);
+  fpe_isreduced(p1->m_x);
+  fpe_isreduced(p1->m_y);
+
+  curvepoint_fp_scalarmult_vartime(p1, p1, s1);
+  curvepoint_fp_makeaffine(p1);
+
+  optate(e1, p2, p1);
+
+  if(!fp12e_isone(e1))
+    printf("Error in optimal ate: e(infty,P) != 1\n");
+
+  scalar_setrandom(s2, bn_n);
+  curvepoint_fp_setneutral(p1);
+  twistpoint_fp2_set(p2, bn_twistgen);
+  fp2e_isreduced(p2->m_x);
+  fp2e_isreduced(p2->m_y);
+
+  twistpoint_fp2_scalarmult_vartime(p2, p2, s2);
+  twistpoint_fp2_makeaffine(p2);
+
+  optate(e1, p2, p1);
+  
+  if(!fp12e_isone(e1))
+    printf("Error in optimal ate: e(Q,infty) != 1\n");
+
+
+  // Bilinearity test of optimal ate Pairing:
+  for(i=0;i<NTESTS;i++)
+  {
+#if (NTESTS > 100)
+    if(!(i%(NTESTS/100)) && i!=0) printf("Number of tests: %d\n",i);
+#else
+    if(i!=0) printf("Number of tests: %d\n",i);
+#endif
+    scalar_setrandom(s1, bn_n);
+    scalar_setrandom(s2, bn_n);
+    curvepoint_fp_set(p1, bn_curvegen);
+    twistpoint_fp2_set(p2, bn_twistgen);
+    fpe_isreduced(p1->m_x);
+    fpe_isreduced(p1->m_y);
+    fp2e_isreduced(p2->m_x);
+    fp2e_isreduced(p2->m_y);
+
+    curvepoint_fp_scalarmult_vartime(p1, p1, s1);
+    curvepoint_fp_makeaffine(p1);
+    twistpoint_fp2_scalarmult_vartime(p2, p2, s2);
+    twistpoint_fp2_makeaffine(p2);
+
+    optate(e1, p2, p1);
+    
+    curvepoint_fp_set(p1, bn_curvegen);
+    twistpoint_fp2_set(p2, bn_twistgen);
+    fpe_isreduced(p1->m_x);
+    fpe_isreduced(p1->m_y);
+    fp2e_isreduced(p2->m_x);
+    fp2e_isreduced(p2->m_y);
+    curvepoint_fp_scalarmult_vartime(p1, p1, s2);
+    curvepoint_fp_makeaffine(p1);
+    twistpoint_fp2_scalarmult_vartime(p2, p2, s1);
+    twistpoint_fp2_makeaffine(p2);
+
+    optate(e2, p2, p1);
+    
+    curvepoint_fp_set(p1, bn_curvegen);
+    twistpoint_fp2_set(p2, bn_twistgen);
+
+    optate(e3, p2, p1);
+
+    fp12e_pow_vartime(e3, e3, s1);
+    fp12e_pow_vartime(e3, e3, s2);
+
+    if(!fp12e_iseq(e1,e2))
+    {
+      printf("Error in optimal ate: e1 != e2\n");
+      printf("e1: ");
+      fp12e_print(stdout, e1);
+      printf("\ne2: ");
+      fp12e_print(stdout, e2);
+      printf("\nScalars:\n");
+      printf("s1: ");
+      scalar_print(stdout, s1); 
+      printf("\ns2: ");
+      scalar_print(stdout, s2); 
+      printf("\n");
+    }
+    else if(!fp12e_iseq(e2,e3))
+    {
+      printf("Error in optimal ate: e2 != e3\n");
+      printf("e2: ");
+      fp12e_print(stdout, e2);
+      printf("\ne3: ");
+      fp12e_print(stdout, e3);
+      printf("\nScalars:\n");
+      printf("s1: ");
+      scalar_print(stdout, s1); 
+      printf("\ns2: ");
+      scalar_print(stdout, s2); 
+      printf("\n");
+    }
+    else if(fp12e_iszero(e2))
+      printf("Error: Pairing value is zero\n");
+    else if(fp12e_isone(e2))
+      printf("Warning: Pairing value is one\n");
+  }
+  return 0;
 }

third_party/dclxvi-20130329/checkdouble.h

@@ -13,7 +13,6 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <math.h>
-#include "zout.hpp" 
 
 #define MANTISSA_MAX ((1ULL << 53) - 1)
 
@@ -117,14 +116,13 @@ class CheckDouble{
 
           CheckDouble operator*(const CheckDouble &a)const
           {
-            uint64_t l1 = mmax & 0xffffffff; //les 32 bits de poids faible
+            uint64_t l1 = mmax & 0xffffffff;
             uint64_t l2 = a.mmax & 0xffffffff;
             uint64_t u1 = mmax >> 32;
             uint64_t u2 = a.mmax >> 32;
             unsigned long long upper = u1 * u2;
             if(upper != 0)
             {
-				ecris(upper);
               fprintf(stderr, "Overflow in %lf * %lf\n", v,a.v);
               fprintf(stderr, "Maximal values: %llu, %llu\n", mmax,a.mmax);
               abort();
@@ -133,16 +131,12 @@ class CheckDouble{
             unsigned long long lower = l1 * l2;
             if(lower >= MANTISSA_MAX)
             {
-				ecris(lower);
               fprintf(stderr, "Overflow in %lf * %lf\n", v,a.v);
               fprintf(stderr, "Maximal values: %llu, %llu\n", mmax,a.mmax);
               abort();
             }
             if(mid > (MANTISSA_MAX>>32))
             {
-				ecris(mid);
-				zout(l1,l2,u1,u2);
-				zout(mid,(MANTISSA_MAX>>32));
               fprintf(stderr, "Overflow in %lf * %lf\n", v,a.v);
               fprintf(stderr, "Maximal values: %llu, %llu\n", mmax,a.mmax);
               abort();
@@ -150,7 +144,6 @@ class CheckDouble{
             lower += (mid <<32);
             if(lower > MANTISSA_MAX)
             {
-				ecris(lower2);
               fprintf(stderr, "Overflow in %lf * %lf\n", v,a.v);
               fprintf(stderr, "Maximal values: %llu, %llu\n", mmax,a.mmax);
               abort();

third_party/dclxvi-20130329/curvepoint_fp.c

@@ -3,22 +3,11 @@
  * Author: Ruben Niederhagen, Peter Schwabe
  * Public Domain
  */
+
 #include <stdio.h>
 #include <stdlib.h>
-
-
-#include "mydouble.h" 
-extern "C" {	
 #include "fpe.h"
-} 
-
 #include "curvepoint_fp.h"
-//#include "scalar_512.h"
-
-#include "zout.hpp"
-#include <typeinfo>
-#include <cxxabi.h>
-
 
 //////////////////////////////////////////////////////////////////////////////////////////////////////////
 //            Point initialization and deletion functions
@@ -74,25 +63,12 @@ void curvepoint_fp_mixadd(curvepoint_fp_t rop, const curvepoint_fp_t op1, const
 }
 */
 
-
-#ifndef COMPLETE_ADDITION //UPDATE 512
-int number_call=0;
-
 void curvepoint_fp_double(curvepoint_fp_t rop, const curvepoint_fp_t op)
 {
-	if (number_call == 0)
-	{	
-		signature;
-	}
-	number_call++;	
 	fpe_t tfpe1, tfpe2, tfpe3, tfpe4; // Temporary variables needed for intermediary results
-	//abc;
 	fpe_square(tfpe1, op->m_y);
-	//xyz;
-	//debug(301);
 	fpe_mul(tfpe2, tfpe1, op->m_x);
 	fpe_double(tfpe2, tfpe2);
-	//printf("\n\n\ntfpe2=");  fpe_print(stdout,tfpe2);
 	fpe_double(tfpe2, tfpe2);
 	fpe_square(tfpe3, tfpe1);
 	fpe_double(tfpe3, tfpe3);
@@ -112,39 +88,10 @@ void curvepoint_fp_double(curvepoint_fp_t rop, const curvepoint_fp_t op)
 	fpe_mul(rop->m_y, tfpe4, tfpe1);
 	fpe_sub(rop->m_y, rop->m_y, tfpe3);
   fpe_short_coeffred(rop->m_y);
-  //curvepoint_fp_makeaffine(rop);
-}
-
-
-
-
-
-// Transform Jacobian to Affine Coordinates (z=1)
-void curvepoint_fp_makeaffine(curvepoint_fp_t point)
-{
-	//signature;
-	if (!fpe_iszero(point->m_z))
-	{	
-		fpe_t tfpe1;
-		fpe_invert(tfpe1, point->m_z);
-		fpe_mul(point->m_x, point->m_x, tfpe1);
-		fpe_mul(point->m_x, point->m_x, tfpe1);
-
-		fpe_mul(point->m_y, point->m_y, tfpe1);
-		fpe_mul(point->m_y, point->m_y, tfpe1);
-		fpe_mul(point->m_y, point->m_y, tfpe1);
-
-		fpe_setone(point->m_z);
-	}
 }
 
-#endif
-
-#ifndef COMPLETE_ADDITION //UPDATE 512
-
 void curvepoint_fp_add_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
 {
-	//signature; 
   if(fpe_iszero(op1->m_z))
     curvepoint_fp_set(rop,op2);
   else if(fpe_iszero(op2->m_z))
@@ -225,12 +172,8 @@ void curvepoint_fp_add_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op1, c
     fpe_mul(rop->m_z,t14,h);
     fpe_short_coeffred(rop->m_z);
   }
-  //curvepoint_fp_makeaffine(rop);
 }
 
-#endif
-
-
 
 static void curvepoint_fp_add_nocheck(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
 {
@@ -320,120 +263,94 @@ void curvepoint_fp_scalarmult_vartime_old(curvepoint_fp_t rop, const curvepoint_
 
 static void choose_t(curvepoint_fp_t t, struct curvepoint_fp_struct *pre, signed char b)
 {
-	//signature;
-			//zout((int)b);
   if(b>0)
     *t = pre[b-1];
   else 
   {
     *t = pre[-b-1];
-    	    //printf("avant t = ");
-	//curvepoint_fp_print(stdout,t);
-	//printf("\n\n\n");
     curvepoint_fp_neg(t,t);
-    	    //printf("apres t = ");
-	//curvepoint_fp_print(stdout,t);
-	//printf("\n\n\n");
   }
 }
 
 void curvepoint_fp_scalarmult_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op, const scalar_t scalar)
 {
-	signed char s[65]; 
-	int i; 
-	curvepoint_fp_t t;
-	struct curvepoint_fp_struct pre[8];
-	//zout(__builtin_return_address(0),__builtin_return_address(1),__func__,__PRETTY_FUNCTION__);
-	//cout << abi::__cxa_demangle(typeid(__func__).name(), 0, 0, 0);
-	scalar_window4(s,scalar);
-	//zout(__builtin_return_address(0),__func__);
-	//printf("\n");
-	//ecris(s = );
-	//for(i=0;i<64;i++)
-	//printf("%d ",s[i]);
-	//printf("\n");
-	pre[0] = *op;                                         //  P 
-	curvepoint_fp_double(&pre[1], &pre[0]);               // 2P
-	curvepoint_fp_add_vartime(&pre[2], &pre[0], &pre[1]); // 3P
-	curvepoint_fp_double(&pre[3], &pre[1]);               // 4P
-	curvepoint_fp_add_vartime(&pre[4], &pre[0], &pre[3]); // 5P
-	curvepoint_fp_double(&pre[5], &pre[2]);               // 6P
-	curvepoint_fp_add_vartime(&pre[6], &pre[0], &pre[5]); // 7P
-	curvepoint_fp_double(&pre[7], &pre[3]);               // 8P
-	//printf("\n\n\nP = ");  curvepoint_fp_print(stdout,&pre[0]);
-	//printf("\n\n\n2P = ");  curvepoint_fp_print(stdout,&pre[1]);
-	//printf("\n\n\n3P = ");  curvepoint_fp_print(stdout,&pre[2]);
-	//printf("\n\n\n4P = ");  curvepoint_fp_print(stdout,&pre[3]);
-	//printf("\n\n\n5P = ");  curvepoint_fp_print(stdout,&pre[4]);
-	//printf("\n\n\n6P = ");  curvepoint_fp_print(stdout,&pre[5]);
-	//printf("\n\n\n7P = ");  curvepoint_fp_print(stdout,&pre[6]);
-	//printf("\n\n\n8P = ");  curvepoint_fp_print(stdout,&pre[7]);
-	//printf("\n\n\n");
-	i = 64; 
-		
-	while(!s[i]&&i>0) i--;
-
-	if(!s[i]) 
-	{
-		curvepoint_fp_setneutral(rop);
-		//printf("\n\n\n rop = ");
-		//curvepoint_fp_print(stdout,rop);
-	}
-	else
-	{  
-		choose_t(rop,pre,s[i]);
-		i--;
-		for(;i>=0;i--)
-		{
-			//printf("i = %d\n",i);	
-			curvepoint_fp_double(rop, rop); 
-			curvepoint_fp_double(rop, rop);
-			curvepoint_fp_double(rop, rop);
-			curvepoint_fp_double(rop, rop);
-			if(s[i])
-			{
-				
-				//printf("i=%d \t s[i] = %d\n",i,s[i]);		
-				choose_t(t,pre,s[i]);
-				//printf("rop = ");
-				//curvepoint_fp_print(stdout,rop);
-				//printf("\n\n\n");
-				//printf("t = ");
-				//curvepoint_fp_print(stdout,t);
-				//printf("\n\n\n");
-				curvepoint_fp_add_vartime(rop,rop,t);
-			} 
-		}
-	}
+  signed char s[65];
+  int i; 
+  curvepoint_fp_t t;
+  struct curvepoint_fp_struct pre[8];
+  scalar_window4(s,scalar);
+  /*
+  for(i=0;i<64;i++)
+    printf("%d ",s[i]);
+  printf("\n");
+  */
+  
+  pre[0] = *op;                                         //  P 
+  curvepoint_fp_double(&pre[1], &pre[0]);               // 2P
+  curvepoint_fp_add_nocheck(&pre[2], &pre[0], &pre[1]); // 3P
+  curvepoint_fp_double(&pre[3], &pre[1]);               // 4P
+  curvepoint_fp_add_nocheck(&pre[4], &pre[0], &pre[3]); // 5P
+  curvepoint_fp_double(&pre[5], &pre[2]);               // 6P
+  curvepoint_fp_add_nocheck(&pre[6], &pre[0], &pre[5]); // 7P
+  curvepoint_fp_double(&pre[7], &pre[3]);               // 8P
+
+  i = 64;
+  while(!s[i]&&i>0) i--;
+
+  if(!s[i]) 
+    curvepoint_fp_setneutral(rop);
+  else
+  {
+    choose_t(rop,pre,s[i]);
+    i--;
+    for(;i>=0;i--)
+    {
+      curvepoint_fp_double(rop, rop);
+      curvepoint_fp_double(rop, rop);
+      curvepoint_fp_double(rop, rop);
+      curvepoint_fp_double(rop, rop);
+      if(s[i])
+      {
+        choose_t(t,pre,s[i]);
+        curvepoint_fp_add_nocheck(rop,rop,t);
+      }
+    }
+  }
 }
 
 // Negate a point, store in rop:
 void curvepoint_fp_neg(curvepoint_fp_t rop, const curvepoint_fp_t op)
 {
-	if (fpe_iszero(op->m_z))
-	{
-		curvepoint_fp_set(rop,op);
-	}
-    else
-    {
-		fpe_t tfpe1;
-		fpe_set(rop->m_x, op->m_x);
-		fpe_neg(rop->m_y, op->m_y);
-		fpe_set(rop->m_z, op->m_z);
-	}
+  fpe_t tfpe1;
+	fpe_set(rop->m_x, op->m_x);
+	fpe_neg(rop->m_y, op->m_y);
+	fpe_set(rop->m_z, op->m_z);
 }
 
+// Transform to Affine Coordinates (z=1)
+void curvepoint_fp_makeaffine(curvepoint_fp_t point)
+{
+  fpe_t tfpe1;
+  fpe_invert(tfpe1, point->m_z);
+  fpe_mul(point->m_x, point->m_x, tfpe1);
+  fpe_mul(point->m_x, point->m_x, tfpe1);
 
+  fpe_mul(point->m_y, point->m_y, tfpe1);
+  fpe_mul(point->m_y, point->m_y, tfpe1);
+  fpe_mul(point->m_y, point->m_y, tfpe1);
+
+  fpe_setone(point->m_z);
+}
 
 // Print a point:
 void curvepoint_fp_print(FILE *outfile, const curvepoint_fp_t point)
 {
-	fprintf(outfile, "______________Curve______________\n\nX = ");
+	fprintf(outfile, "[");
 	fpe_print(outfile, point->m_x);
-	fprintf(outfile, "\n\nY = ");
+	fprintf(outfile, ", ");
 	fpe_print(outfile, point->m_y);
-	fprintf(outfile, "\n\nZ = ");
+	fprintf(outfile, ", ");
 	fpe_print(outfile, point->m_z);
-	fprintf(outfile, "\n_________________________________\n");
+	fprintf(outfile, "]");
 }
 

third_party/dclxvi-20130329/curvepoint_fp.h

@@ -10,11 +10,7 @@
 #include <stdio.h>
 
 #include "fpe.h"
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
 
 /// Structure describing a point on a BN-curve
 typedef struct curvepoint_fp_struct curvepoint_fp_struct_t;

third_party/dclxvi-20130329/final_expo.c

@@ -1,6 +1,3 @@
-#ifndef NEW_PARAMETERS
-
-
 /*
  * File:   dclxvi-20130329/final_expo.c
  * Author: Ruben Niederhagen, Peter Schwabe
@@ -127,6 +124,3 @@ void final_expo(fp12e_t rop)
   fp12e_mul(rop, t0, t1);
 
 }
-
-
-#endif

third_party/dclxvi-20130329/final_expo.h

@@ -7,17 +7,7 @@
 #ifndef FINAL_EXPO_H
 #define FINAL_EXPO_H
 
-// AVANT
-//#include "fp12e.h"
-
-// APRES
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
-#include "fp2e.h"
-#include "fp6e.h"
 #include "fp12e.h"
-} 
 
 void final_expo(fp12e_t rop);
 

third_party/dclxvi-20130329/fp12e.c

@@ -4,29 +4,15 @@
  * Public Domain
  */
 
-
 #include <stdio.h>
 #include <assert.h>
 
-
-//AVANT
-//#include "fp6e.h"
-//#include "fp12e.h"
-
-//APRES
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
-#include "fp2e.h"
 #include "fp6e.h"
 #include "fp12e.h"
-} 
 
 extern const fp2e_t bn_zpminus1;
 extern const fpe_t bn_zeta;
 
-
-
 // Set fp12e_t rop to given value:
 void fp12e_set(fp12e_t rop, const fp12e_t op)
 {
@@ -340,7 +326,7 @@ void fp12e_frobenius_p2(fp12e_t rop, const fp12e_t op)
 void fp12e_print(FILE *outfile, const fp12e_t op)
 {
   fp6e_print(outfile, op->m_a);
-  fprintf(outfile, " * Z\n\n + ");
+  fprintf(outfile, " * Z + ");
   fp6e_print(outfile, op->m_b);
 }
 

third_party/dclxvi-20130329/fp12e.h

@@ -8,11 +8,7 @@
 #define FP12E_H
 
 #include "fp6e.h"
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
 
 #ifdef BENCH
 unsigned long long multp12cycles; unsigned long long nummultp12;
@@ -103,6 +99,4 @@ void fp12e_mul_scalar(fp12e_t rop, const fp12e_t op1, const scalar_t op2);
 // Print the element to stdout:
 void fp12e_print(FILE *outfile, const fp12e_t op);
 
-
-
 #endif // ifndef FP12E_H

third_party/dclxvi-20130329/fp2e.c

@@ -7,19 +7,12 @@
 #include <stdio.h>
 #include <assert.h>
 #include <math.h>
-#include "cpucycles.h"
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
-#include "scalar.h"
-#endif
 
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
+#include "cpucycles.h"
 #include "fp2e.h"
-} 
-
+#include "fpe.h"
+#include "mul.h"
+#include "scalar.h"
 
 extern const double bn_v;
 extern const double bn_v6;
@@ -144,7 +137,7 @@ void fp2e_short_coeffred_c(fp2e_t rop)
 }
 #endif
 
-void fp2e_to_2fpe(fpe_t ropa, fpe_t ropb, const fp2e_t op)//ai+b
+void fp2e_to_2fpe(fpe_t ropa, fpe_t ropb, const fp2e_t op)
 {
   int i;
   for(i=0;i<12;i++)
@@ -154,7 +147,7 @@ void fp2e_to_2fpe(fpe_t ropa, fpe_t ropb, const fp2e_t op)//ai+b
   }
 }
 
-void _2fpe_to_fp2e(fp2e_t rop, const fpe_t opa, const fpe_t opb)//ai+b
+void _2fpe_to_fp2e(fp2e_t rop, const fpe_t opa, const fpe_t opb)
 {
   int i;
   for(i=0;i<12;i++)
@@ -510,7 +503,6 @@ void fp2e_square_c(fp2e_t rop, const fp2e_t op)
 }
 #endif
 
-#ifndef  NEW_PARAMETERS
 #ifndef QHASM
 // Multiply by xi=i+3 which is used to construct F_p^6
 // (a*i + b)*(i + 3) = (3*b - 1*a) + (3*a + b)*i
@@ -533,9 +525,6 @@ void fp2e_mulxi_c(fp2e_t rop, const fp2e_t op)
   _2fpe_to_fp2e(rop, t4, t5);
 }
 #endif
-#endif
-
-
 
 // Scalar multiple of an fp2e, store result in rop:
 #ifndef QHASM

third_party/dclxvi-20130329/fp2e.h

@@ -11,7 +11,6 @@
 #include "fpe.h"
 #include "mydouble.h"
 
-
 // Elements from F_{p^2}= F_p[X] / (x^2 - alpha)F_p[X] are represented as aX + b
 typedef struct fp2e_struct
 {
@@ -168,21 +167,11 @@ void fp2e_mul(fp2e_t rop, const fp2e_t op1, const fp2e_t op2);
 void fp2e_square(fp2e_t rop, const fp2e_t op);
 
 // Multiply by xi which is used to construct F_p^6
-
 #ifdef QHASM
-	#ifdef NEW_PARAMETERS
-		#define fp2e_mulxi fp2e_mulxi_qhasm_512
-	#else
-		#define fp2e_mulxi fp2e_mulxi_qhasm
-	#endif
+#define fp2e_mulxi fp2e_mulxi_qhasm
 #else
-	#ifdef NEW_PARAMETERS
-		#define fp2e_mulxi fp2e_mulxi_c_512
-	#else
-		#define fp2e_mulxi fp2e_mulxi_c
-	#endif
+#define fp2e_mulxi fp2e_mulxi_c
 #endif
-	
 void fp2e_mulxi(fp2e_t rop, const fp2e_t op);
 
 // Multiple of an fp2e, store result in rop:

third_party/dclxvi-20130329/fp6e.c

@@ -7,19 +7,7 @@
 #include <stdio.h>
 #include <assert.h>
 
-//AVANT
-//#include "fp6e.h"
-
-
-//APRES
-
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
-#include "fp2e.h"
 #include "fp6e.h"
-} 
-
 
 extern const fp2e_t bn_ypminus1;
 extern const fp2e_t bn_ypminus1_squ;
@@ -326,9 +314,9 @@ void fp6e_print(FILE * outfile, const fp6e_t op)
 {
 	fprintf(outfile, "[");
 	fp2e_print(outfile, op->m_a);
-	fprintf(outfile, " * Y^2\n  + ");
+	fprintf(outfile, " * Y^2 + ");
 	fp2e_print(outfile, op->m_b);
-	fprintf(outfile, " * Y\n + ");
+	fprintf(outfile, " * Y + ");
 	fp2e_print(outfile, op->m_c);
 	fprintf(outfile, "]");
 }

third_party/dclxvi-20130329/fpe.c

@@ -4,27 +4,11 @@
  * Public Domain
  */
 
-
 #include <math.h> 
 #include <assert.h>
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
-
-
-#include "mul.h" 
-extern "C" {	
 #include "fpe.h"
-} 
-#include "zout.hpp"
-
-// sans mul.h la cible « ../obj/fpe_666.o » a échouée erreur: ‘coeffred_round_par’ was not declared in this scope
-// sans extern "C" la cible « bgn » a échouée référence indéfinie vers « fpe_iszero »
-// sans "fpe.h" la cible « ../obj/fpe_666.o » a échouée erreur: variable or field ‘fpe_short_coeffred’ declared void
-
-
+#include "mul.h"
 
 extern const scalar_t bn_pminus2;
 extern const double bn_v;
@@ -182,11 +166,9 @@ void fpe_neg(fpe_t rop, const fpe_t op)
 // Double an fpe:
 void fpe_double(fpe_t rop, const fpe_t op)
 {
-//printf("\n\n\nop=");  fpe_print(stdout,op);
   int i;
   for(i=0;i<12;i++)
     rop->v[i] = op->v[i]*2;
-    //printf("%f\n",rop->v[i]);
 }
 
 // Double an fpe:
@@ -219,16 +201,13 @@ void fpe_sub(fpe_t rop, const fpe_t op1, const fpe_t op2)
 #ifndef QHASM
 void fpe_mul_c(fpe_t rop, const fpe_t op1, const fpe_t op2)
 {
-	//debug(50);
-	mydouble h[24];
-	//abc;
-	polymul(h,op1->v,op2->v);
-	//xyz;
-	degred(h);
-	coeffred_round_par(h); 
-	int i;
-	for (i=0;i<12;i++)
-	rop->v[i] = h[i];
+  mydouble h[24];
+  polymul(h,op1->v,op2->v);
+  degred(h);
+  coeffred_round_par(h); 
+  int i;
+  for (i=0;i<12;i++)
+    rop->v[i] = h[i];
 }
 #endif
 
@@ -256,8 +235,6 @@ void fpe_invert(fpe_t rop, const fpe_t op1)
 void fpe_print(FILE * outfile, const fpe_t op)
 {
   int i;
-  //for(i=0;i<11;i++) fprintf(outfile, "%10lf, ", todouble(op->v[i]));
-  //fprintf(outfile, "%10lf", todouble(op->v[11]));
-  for(i=0;i<11;i++) fprintf(outfile, "%.0lf, ", todouble(op->v[i]));
-  fprintf(outfile, "%.0lf", todouble(op->v[11]));
+  for(i=0;i<11;i++) fprintf(outfile, "%10lf, ", todouble(op->v[i]));
+  fprintf(outfile, "%10lf", todouble(op->v[11]));
 }

third_party/dclxvi-20130329/fpe.h

@@ -7,7 +7,6 @@
 #ifndef FPE_H
 #define FPE_H
 
-
 #include <stdio.h>
 #include "mydouble.h"
 

third_party/dclxvi-20130329/gmp_convert.c

@@ -7,24 +7,11 @@
 #include <math.h>
 #include <stdio.h>
 #include <gmp.h>
-//#include "parameters.h"
-
-
-//avant
-//#include "fpe.h"
-//#include "fp2e.h"
-//#include "fp6e.h"
-//#include "fp12e.h"
-
-
-//APRES
-#include "mul.h"
-extern "C" {	
 #include "fpe.h"
 #include "fp2e.h"
 #include "fp6e.h"
 #include "fp12e.h"
-} 
+//#include "parameters.h"
 
 extern const double bn_v;
 extern const double bn_v6;

third_party/dclxvi-20130329/index_heap.c

@@ -5,11 +5,7 @@
  */
 
 #include <assert.h>
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
 #include "index_heap.h"
 
 static void heap_push(unsigned long long *h, unsigned long long *hlen, unsigned long long elem, scalar_t *s)

third_party/dclxvi-20130329/index_heap.h

@@ -7,11 +7,7 @@
 #ifndef INDEX_HEAP_H
 #define INDEX_HEAP_H
 
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
 
 #ifdef __cplusplus
  extern "C" {

third_party/dclxvi-20130329/linefunction.c

@@ -4,22 +4,10 @@
  * Public Domain
  */
 
-//AVANT
-//#include "fp2e.h"
-//#include "curvepoint_fp.h"
-//#include "twistpoint_fp2.h"
-
-
-//APRES
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
 #include "fp2e.h"
-} 
 #include "curvepoint_fp.h"
 #include "twistpoint_fp2.h"
 
-
 #ifdef N_OPS
   unsigned long long linefunction_addctr; 
   unsigned long long linefunction_doublectr; 

third_party/dclxvi-20130329/mul.c

@@ -7,47 +7,39 @@
 #include <math.h>
 #include "mul.h"
 #include "mydouble.h"
-#include "zout.hpp"
 
 extern const double bn_v;
 extern const double bn_v6;
 
 void polymul(mydouble *h, const mydouble *f, const mydouble *g)
 {
-	mydouble t[24];
-	//debug(421);	
-	//zout(f[0].v,g[0].v,f[0].mmax,g[0].mmax);
-	//if (f[0].mmax>3*5604099)	zout(f[0].mmax);	
-
-	t[0] = f[0]*g[0];
-	//debug(422);
-	t[1] = f[0]*g[1] + f[1]*g[0];
-	t[2] = 6*f[1]*g[1] + (f[0]*g[2] + f[2]*g[0]);
-	t[3] = (f[1]*g[2] + f[2]*g[1])*6 + (f[0]*g[3] + f[3]*g[0]);
-	t[4] = (f[1]*g[3] + f[2]*g[2] + f[3]*g[1])*6 + (f[0]*g[4] + f[4]*g[0]);
-	t[5] = (f[1]*g[4] + f[2]*g[3] + f[3]*g[2] + f[4]*g[1])*6 + (f[0]*g[5] + f[5]*g[0]);
-	t[6] = (f[1]*g[5] + f[2]*g[4] + f[3]*g[3] + f[4]*g[2] + f[5]*g[1])*6 + f[0]*g[6] + f[6]*g[0];
-	t[7] = (f[0]*g[7] + f[1]*g[6] + f[2]*g[5] + f[3]*g[4] + f[4]*g[3] + f[5]*g[2] + f[6]*g[1] + f[7]*g[0]);
-	t[8] = (f[1]*g[7] + f[7]*g[1])*6 + (f[0]*g[8] + f[2]*g[6] + f[3]*g[5] + f[4]*g[4] + f[5]*g[3] + f[6]*g[2] + f[8]*g[0]);
-	t[9] = (f[1]*g[8] + f[2]*g[7] + f[7]*g[2] + f[8]*g[1])*6 + (f[0]*g[9] + f[3]*g[6] + f[4]*g[5] + f[5]*g[4] + f[6]*g[3] + f[9]*g[0]);
-	t[10] = (f[1]*g[9] + f[2]*g[8] + f[3]*g[7] + f[7]*g[3] + f[8]*g[2] + f[9]*g[1])*6 + (f[0]*g[10] + f[4]*g[6] + f[5]*g[5] + f[6]*g[4] + f[10]*g[0]);
-	
-	t[11] = (f[1]*g[10] + f[2]*g[9] + f[3]*g[8] + f[4]*g[7] + f[7]*g[4] + f[8]*g[3] + f[9]*g[2] + f[10]*g[1])*6 + (f[0]*g[11] + f[5]*g[6] + f[6]*g[5] + f[11]*g[0]);
-	t[12] = (f[1]*g[11] + f[2]*g[10] + f[3]*g[9] + f[4]*g[8] + f[5]*g[7] + f[7]*g[5] + f[8]*g[4] + f[9]*g[3] + f[10]*g[2] + f[11]*g[1])*6 + f[6]*g[6];
-	t[13] = (f[2]*g[11] + f[3]*g[10] + f[4]*g[9] + f[5]*g[8] + f[6]*g[7] + f[7]*g[6] + f[8]*g[5] + f[9]*g[4] + f[10]*g[3] + f[11]*g[2]);
-	t[14] = f[7]*g[7]*6 + (f[3]*g[11] + f[4]*g[10] + f[5]*g[9] + f[6]*g[8] + f[8]*g[6] + f[9]*g[5] + f[10]*g[4] + f[11]*g[3]);
-	t[15] = (f[7]*g[8] + f[8]*g[7])*6 + (f[4]*g[11] + f[5]*g[10] + f[6]*g[9] + f[9]*g[6] + f[10]*g[5] + f[11]*g[4]);
-	t[16] = (f[7]*g[9] + f[8]*g[8] + f[9]*g[7])*6 + (f[5]*g[11] + f[6]*g[10] + f[10]*g[6] + f[11]*g[5]);
-	t[17] = (f[7]*g[10] + f[8]*g[9] + f[9]*g[8] + f[10]*g[7])*6 + (f[6]*g[11] + f[11]*g[6]);
-	t[18] = (f[7]*g[11] + f[8]*g[10] + f[9]*g[9] + f[10]*g[8] + f[11]*g[7])*6;
-	t[19] = (f[8]*g[11] + f[9]*g[10] + f[10]*g[9] + f[11]*g[8]);
-	t[20] = (f[9]*g[11] + f[10]*g[10] + f[11]*g[9]);
-	t[21] = (f[10]*g[11] + f[11]*g[10]);
-	t[22] = f[11]*g[11];
-	
-	int i;
-	for(i=0;i<23;i++)
-	h[i]=t[i];
+  mydouble t[24];
+  t[0] = f[0]*g[0];
+  t[1] = f[0]*g[1] + f[1]*g[0];
+  t[2] = 6*f[1]*g[1] + (f[0]*g[2] + f[2]*g[0]);
+  t[3] = (f[1]*g[2] + f[2]*g[1])*6 + (f[0]*g[3] + f[3]*g[0]);
+  t[4] = (f[1]*g[3] + f[2]*g[2] + f[3]*g[1])*6 + (f[0]*g[4] + f[4]*g[0]);
+  t[5] = (f[1]*g[4] + f[2]*g[3] + f[3]*g[2] + f[4]*g[1])*6 + (f[0]*g[5] + f[5]*g[0]);
+  t[6] = (f[1]*g[5] + f[2]*g[4] + f[3]*g[3] + f[4]*g[2] + f[5]*g[1])*6 + f[0]*g[6] + f[6]*g[0];
+  t[7] = (f[0]*g[7] + f[1]*g[6] + f[2]*g[5] + f[3]*g[4] + f[4]*g[3] + f[5]*g[2] + f[6]*g[1] + f[7]*g[0]);
+  t[8] = (f[1]*g[7] + f[7]*g[1])*6 + (f[0]*g[8] + f[2]*g[6] + f[3]*g[5] + f[4]*g[4] + f[5]*g[3] + f[6]*g[2] + f[8]*g[0]);
+  t[9] = (f[1]*g[8] + f[2]*g[7] + f[7]*g[2] + f[8]*g[1])*6 + (f[0]*g[9] + f[3]*g[6] + f[4]*g[5] + f[5]*g[4] + f[6]*g[3] + f[9]*g[0]);
+  t[10] = (f[1]*g[9] + f[2]*g[8] + f[3]*g[7] + f[7]*g[3] + f[8]*g[2] + f[9]*g[1])*6 + (f[0]*g[10] + f[4]*g[6] + f[5]*g[5] + f[6]*g[4] + f[10]*g[0]);
+  t[11] = (f[1]*g[10] + f[2]*g[9] + f[3]*g[8] + f[4]*g[7] + f[7]*g[4] + f[8]*g[3] + f[9]*g[2] + f[10]*g[1])*6 + (f[0]*g[11] + f[5]*g[6] + f[6]*g[5] + f[11]*g[0]);
+  t[12] = (f[1]*g[11] + f[2]*g[10] + f[3]*g[9] + f[4]*g[8] + f[5]*g[7] + f[7]*g[5] + f[8]*g[4] + f[9]*g[3] + f[10]*g[2] + f[11]*g[1])*6 + f[6]*g[6];
+  t[13] = (f[2]*g[11] + f[3]*g[10] + f[4]*g[9] + f[5]*g[8] + f[6]*g[7] + f[7]*g[6] + f[8]*g[5] + f[9]*g[4] + f[10]*g[3] + f[11]*g[2]);
+  t[14] = f[7]*g[7]*6 + (f[3]*g[11] + f[4]*g[10] + f[5]*g[9] + f[6]*g[8] + f[8]*g[6] + f[9]*g[5] + f[10]*g[4] + f[11]*g[3]);
+  t[15] = (f[7]*g[8] + f[8]*g[7])*6 + (f[4]*g[11] + f[5]*g[10] + f[6]*g[9] + f[9]*g[6] + f[10]*g[5] + f[11]*g[4]);
+  t[16] = (f[7]*g[9] + f[8]*g[8] + f[9]*g[7])*6 + (f[5]*g[11] + f[6]*g[10] + f[10]*g[6] + f[11]*g[5]);
+  t[17] = (f[7]*g[10] + f[8]*g[9] + f[9]*g[8] + f[10]*g[7])*6 + (f[6]*g[11] + f[11]*g[6]);
+  t[18] = (f[7]*g[11] + f[8]*g[10] + f[9]*g[9] + f[10]*g[8] + f[11]*g[7])*6;
+  t[19] = (f[8]*g[11] + f[9]*g[10] + f[10]*g[9] + f[11]*g[8]);
+  t[20] = (f[9]*g[11] + f[10]*g[10] + f[11]*g[9]);
+  t[21] = (f[10]*g[11] + f[11]*g[10]);
+  t[22] = f[11]*g[11];
+  int i;
+  for(i=0;i<23;i++)
+    h[i]=t[i];
 }
 
 

third_party/dclxvi-20130329/mydouble.h

@@ -8,13 +8,13 @@
 #define MYDOUBLE_H
 
 #ifdef CHECK
-	#include "checkdouble.h"
-	#define mydouble CheckDouble
+#include "checkdouble.h"
+#define mydouble CheckDouble
 #else
-	#define mydouble double
-	#define setmax(x,y)
-	#define todouble(x) x
-	double remround(double a, double d);
+#define mydouble double
+#define setmax(x,y)
+#define todouble(x) x
+double remround(double a, double d);
 #endif
 
 #endif

third_party/dclxvi-20130329/optate.c

@@ -6,26 +6,14 @@
 
 #include <stdio.h>
 
-
-
-//AVANT
-//#include "fp2e.h"
-//#include "fp6e.h"
-//#include "fp12e.h"
-//APRES
-#include "mul.h"
-extern "C" {	
-#include "fpe.h"
 #include "fp2e.h"
 #include "fp6e.h"
 #include "fp12e.h"
-} 
 #include "curvepoint_fp.h"
 #include "twistpoint_fp2.h"
 #include "linefunction.h"
-#include "optate.h"
 #include "final_expo.h"
-#include "zout.hpp"
+#include "optate.h"
 //#include "parameters.h"
 
 extern const unsigned long bn_naflen_6uplus2;

third_party/dclxvi-20130329/parameters.c

@@ -1,7 +1,3 @@
-//#ifndef NEW_PARAMETERS
-
-
-
 /*
  * File:   dclxvi-20130329/parameters.c
  * Author: Ruben Niederhagen, Peter Schwabe
@@ -15,11 +11,11 @@
 #include "curvepoint_fp.h"
 #include "twistpoint_fp2.h"
 #include "scalar.h"
-//#include "scalar_512.h"
+
 #ifdef __cplusplus
 #define EXTERN extern
 #else
-#define EXTERN 
+#define EXTERN
 #endif
 
 //EXTERN const scalar_t bn_6uplus2 =  {0x1EC817A18A131208ULL,2,0,0};
@@ -78,6 +74,3 @@ EXTERN const fp2e_t bn_ypminus1_squ = {{{1555911, 5331252, -776828, 226463,
                                                                        -291878, 77064, 214666, 415072, -853656, 644193, 622068, 571473 }}}; // (Y^{p-1})^2 i F_{p^2}
 
 #undef EXTERN
-
-
-//#endif

third_party/dclxvi-20130329/scalar.c

@@ -9,8 +9,6 @@
 #include <assert.h>
 #include "scalar.h"
 
-#ifndef NEW_PARAMETERS
-
 void scalar_setrandom(scalar_t rop, const scalar_t bound)
 {
   int i;
@@ -99,13 +97,7 @@ int scalar_lt_vartime(const scalar_t a, const scalar_t b)
 void scalar_print(FILE *fh, const scalar_t t)
 {
   int i;
-  fprintf(fh, "{0x%llx,\t", t[0]);
-  for(i=1;i<=2;i++)
-  {
-	  fprintf(fh, "0x%llx,\t", t[i]);
-  }
-  fprintf(fh, "0x%llx};\n", t[3]);  
-
+  for(i=3;i>=0;i--)
+    fprintf(fh, "%llx", t[i]);
 }
 
-#endif

third_party/dclxvi-20130329/scalar.h

@@ -12,15 +12,12 @@
  extern "C" {
 #endif 
 
-#ifndef NEW_PARAMETERS
-
 typedef unsigned long long scalar_t[4] ;
 
 void scalar_sub_nored(scalar_t r, scalar_t x, scalar_t y);
 
 void scalar_setrandom(scalar_t rop, const scalar_t bound);
 
-
 void scalar_set_lluarray(scalar_t rop, unsigned long long v[4]);
 
 int scalar_getbit(const scalar_t s, unsigned int pos);
@@ -36,8 +33,6 @@ int scalar_lt_vartime(const scalar_t a, const scalar_t b);
 
 void scalar_print(FILE *fh, const scalar_t t);
 
-#endif
-
 #ifdef __cplusplus
  }
 #endif 

third_party/dclxvi-20130329/twistpoint_fp2.c

@@ -6,14 +6,8 @@
 
 #include <stdio.h>
 #include <stdlib.h>
-
-#include "mydouble.h"
-extern "C" {	
 #include "fpe.h"
-#include "fp2e.h"
-} 
 #include "twistpoint_fp2.h"
-//#include "scalar_512.h"
 
 //////////////////////////////////////////////////////////////////////////////////////////////////////////
 //            Point initialization and deletion functions
@@ -69,8 +63,6 @@ void twistpoint_fp2_mixadd(twistpoint_fp2_t rop, const twistpoint_fp2_t op1, con
 }
 */
 
-#ifndef COMPLETE_ADDITION
-
 void twistpoint_fp2_double(twistpoint_fp2_t rop, const twistpoint_fp2_t op)
 {
 	fp2e_t tfpe1, tfpe2, tfpe3, tfpe4; // Temporary variables needed for intermediary results
@@ -98,9 +90,6 @@ void twistpoint_fp2_double(twistpoint_fp2_t rop, const twistpoint_fp2_t op)
   fp2e_short_coeffred(rop->m_y);
 }
 
-
-
-
 void twistpoint_fp2_add_vartime(twistpoint_fp2_t rop, const twistpoint_fp2_t op1, const twistpoint_fp2_t op2)
 {
   if(fp2e_iszero(op1->m_z))
@@ -187,27 +176,6 @@ void twistpoint_fp2_add_vartime(twistpoint_fp2_t rop, const twistpoint_fp2_t op1
 }
 
 
-
-// Transform Jacobian to Affine Coordinates (z=1)
-void twistpoint_fp2_makeaffine(twistpoint_fp2_t point)
-{
-	//signature;
-	if (!fp2e_iszero(point->m_z))
-	{	
-		fp2e_t tfpe1;
-		fp2e_invert(tfpe1, point->m_z);
-		fp2e_mul(point->m_x, point->m_x, tfpe1);
-		fp2e_mul(point->m_x, point->m_x, tfpe1);
-
-		fp2e_mul(point->m_y, point->m_y, tfpe1);
-		fp2e_mul(point->m_y, point->m_y, tfpe1);
-		fp2e_mul(point->m_y, point->m_y, tfpe1);
-
-		fp2e_setone(point->m_z);
-	}
-}
-
-#endif
 static void twistpoint_fp2_add_nocheck(twistpoint_fp2_t rop, const twistpoint_fp2_t op1, const twistpoint_fp2_t op2)
 {
   //See http://www.hyperelliptic.org/EFD/g1p/auto-code/shortw/jacobian-0/addition/add-2007-bl.op3
@@ -308,7 +276,7 @@ static void choose_t(twistpoint_fp2_t t, struct twistpoint_fp2_struct *pre, sign
 
 void twistpoint_fp2_scalarmult_vartime(twistpoint_fp2_t rop, const twistpoint_fp2_t op, const scalar_t scalar)
 {
-  signed char s[65]; 
+  signed char s[65];
   int i; 
   twistpoint_fp2_t t;
   struct twistpoint_fp2_struct pre[8];
@@ -319,16 +287,16 @@ void twistpoint_fp2_scalarmult_vartime(twistpoint_fp2_t rop, const twistpoint_fp
   printf("\n");
   */
   
-  pre[0] = *op;                                          //  P 
+  pre[0] = *op;                                         //  P 
   twistpoint_fp2_double(&pre[1], &pre[0]);               // 2P
-  twistpoint_fp2_add_vartime(&pre[2], &pre[0], &pre[1]); // 3P
+  twistpoint_fp2_add_nocheck(&pre[2], &pre[0], &pre[1]); // 3P
   twistpoint_fp2_double(&pre[3], &pre[1]);               // 4P
-  twistpoint_fp2_add_vartime(&pre[4], &pre[0], &pre[3]); // 5P
+  twistpoint_fp2_add_nocheck(&pre[4], &pre[0], &pre[3]); // 5P
   twistpoint_fp2_double(&pre[5], &pre[2]);               // 6P
-  twistpoint_fp2_add_vartime(&pre[6], &pre[0], &pre[5]); // 7P
+  twistpoint_fp2_add_nocheck(&pre[6], &pre[0], &pre[5]); // 7P
   twistpoint_fp2_double(&pre[7], &pre[3]);               // 8P
 
-  i = 64; 
+  i = 64;
   while(!s[i]&&i>0) i--;
 
   if(!s[i]) 
@@ -346,7 +314,7 @@ void twistpoint_fp2_scalarmult_vartime(twistpoint_fp2_t rop, const twistpoint_fp
       if(s[i])
       {
         choose_t(t,pre,s[i]);
-        twistpoint_fp2_add_vartime(rop,rop,t);
+        twistpoint_fp2_add_nocheck(rop,rop,t);
       }
     }
   }
@@ -355,18 +323,11 @@ void twistpoint_fp2_scalarmult_vartime(twistpoint_fp2_t rop, const twistpoint_fp
 // Negate a point, store in rop:
 void twistpoint_fp2_neg(twistpoint_fp2_t rop, const twistpoint_fp2_t op)
 {
-	if (fp2e_iszero(op->m_z))
-	{
-		    twistpoint_fp2_set(rop,op);
-	}
-	else
-	{
-		fp2e_t tfpe1;
-		fp2e_neg(tfpe1, op->m_y);
-		fp2e_set(rop->m_x, op->m_x);
-		fp2e_set(rop->m_y, tfpe1);
-		fp2e_set(rop->m_z, op->m_z);
-	}
+  fp2e_t tfpe1;
+	fp2e_neg(tfpe1, op->m_y);
+	fp2e_set(rop->m_x, op->m_x);
+	fp2e_set(rop->m_y, tfpe1);
+	fp2e_set(rop->m_z, op->m_z);
 }
 
 void twistpoint_fp2_set_fp2e(twistpoint_fp2_t rop, const fp2e_t x, const fp2e_t y, const fp2e_t z)
@@ -385,17 +346,30 @@ void twistpoint_fp2_affineset_fp2e(twistpoint_fp2_t rop, const fp2e_t x, const f
   fp2e_setzero(rop->m_t);
 }
 
+// Transform to Affine Coordinates (z=1)
+void twistpoint_fp2_makeaffine(twistpoint_fp2_t point)
+{
+  fp2e_t tfpe1;
+  fp2e_invert(tfpe1, point->m_z);
+  fp2e_mul(point->m_x, point->m_x, tfpe1);
+  fp2e_mul(point->m_x, point->m_x, tfpe1);
 
+  fp2e_mul(point->m_y, point->m_y, tfpe1);
+  fp2e_mul(point->m_y, point->m_y, tfpe1);
+  fp2e_mul(point->m_y, point->m_y, tfpe1);
+
+  fp2e_setone(point->m_z);
+}
 
 // Print a point:
 void twistpoint_fp2_print(FILE *outfile, const twistpoint_fp2_t point)
 {
-	fprintf(outfile, "______________Twist______________\n\nX = ");
+	fprintf(outfile, "[");
 	fp2e_print(outfile, point->m_x);
-	fprintf(outfile, "\n\nY = ");
+	fprintf(outfile, ", ");
 	fp2e_print(outfile, point->m_y);
-	fprintf(outfile, "\n\nZ = ");
+	fprintf(outfile, ", ");
 	fp2e_print(outfile, point->m_z);
-	fprintf(outfile, "\n_________________________________\n");
+	fprintf(outfile, "]");
 }
 

third_party/dclxvi-20130329/twistpoint_fp2.h

@@ -8,11 +8,7 @@
 #define TWISTPOINT_FP2_H
 
 #include "fp2e.h"
-#ifdef NEW_PARAMETERS
-#include "scalar_512.h"
-#else
 #include "scalar.h"
-#endif
 
 typedef struct twistpoint_fp2_struct twistpoint_fp2_struct_t;