diff --git a/ChangeLog b/ChangeLog index aa84ffb..f4bb894 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2014-01-21 Niibe Yutaka + + * src/bn.h (bn256, bn512): words -> word. + * src/ec_p256.h (naf4_257): Likewise. + 2014-01-20 Niibe Yutaka * src/fe25519.h, src/fe25519.c: New. diff --git a/src/bn.c b/src/bn.c index 7bc1628..4b40ab9 100644 --- a/src/bn.c +++ b/src/bn.c @@ -34,9 +34,9 @@ bn256_add (bn256 *X, const bn256 *A, const bn256 *B) uint32_t *px; const uint32_t *pa, *pb; - px = X->words; - pa = A->words; - pb = B->words; + px = X->word; + pa = A->word; + pb = B->word; for (i = 0; i < BN256_WORDS; i++) { @@ -60,9 +60,9 @@ bn256_sub (bn256 *X, const bn256 *A, const bn256 *B) uint32_t *px; const uint32_t *pa, *pb; - px = X->words; - pa = A->words; - pb = B->words; + px = X->word; + pa = A->word; + pb = B->word; for (i = 0; i < BN256_WORDS; i++) { @@ -87,8 +87,8 @@ bn256_add_uint (bn256 *X, const bn256 *A, uint32_t w) uint32_t *px; const uint32_t *pa; - px = X->words; - pa = A->words; + px = X->word; + pa = A->word; for (i = 0; i < BN256_WORDS; i++) { @@ -115,8 +115,8 @@ bn256_sub_uint (bn256 *X, const bn256 *A, uint32_t w) uint32_t *px; const uint32_t *pa; - px = X->words; - pa = A->words; + px = X->word; + pa = A->word; for (i = 0; i < BN256_WORDS; i++) { @@ -167,7 +167,7 @@ bn256_mul (bn512 *X, const bn256 *A, const bn256 *B) j = k - i; - uv = ((uint64_t )A->words[i])*((uint64_t )B->words[j]); + uv = ((uint64_t )A->word[i])*((uint64_t )B->word[j]); v = uv; u = (uv >> 32); r0 += v; @@ -179,13 +179,13 @@ bn256_mul (bn512 *X, const bn256 *A, const bn256 *B) r2 += carry; } - X->words[k] = r0; + X->word[k] = r0; r0 = r1; r1 = r2; r2 = 0; } - X->words[k] = r0; + X->word[k] = r0; } void @@ -217,7 +217,7 @@ bn256_sqr (bn512 *X, const bn256 *A) j = k - i; - uv = ((uint64_t )A->words[i])*((uint64_t )A->words[j]); + uv = ((uint64_t )A->word[i])*((uint64_t )A->word[j]); if (i < j) { if ((uv >> 63) != 0) @@ -235,13 +235,13 @@ bn256_sqr (bn512 *X, const bn256 *A) r2 += carry; } - X->words[k] = r0; + X->word[k] = r0; r0 = r1; r1 = r2; r2 = 0; } - X->words[k] = r0; + X->word[k] = r0; } uint32_t @@ -254,8 +254,8 @@ bn256_shift (bn256 *X, const bn256 *A, int shift) { for (i = 0; i < BN256_WORDS; i++) { - next_carry = A->words[i] >> (32 - shift); - X->words[i] = (A->words[i] << shift) | carry; + next_carry = A->word[i] >> (32 - shift); + X->word[i] = (A->word[i] << shift) | carry; carry = next_carry; } } @@ -265,8 +265,8 @@ bn256_shift (bn256 *X, const bn256 *A, int shift) for (i = BN256_WORDS - 1; i >= 0; i--) { - next_carry = A->words[i] & ((1 << shift) - 1); - X->words[i] = (A->words[i] >> shift) | (carry << (32 - shift)); + next_carry = A->word[i] & ((1 << shift) - 1); + X->word[i] = (A->word[i] >> shift) | (carry << (32 - shift)); carry = next_carry; } } @@ -281,7 +281,7 @@ bn256_is_zero (const bn256 *X) int r = 1; for (i = 0; i < BN256_WORDS; i++) - r &= (X->words[i] == 0); + r &= (X->word[i] == 0); return r; } @@ -289,7 +289,7 @@ bn256_is_zero (const bn256 *X) int bn256_is_even (const bn256 *X) { - return !(X->words[0] & 1); + return !(X->word[0] & 1); } int @@ -321,14 +321,14 @@ bn256_random (bn256 *X) { const uint8_t *rand = random_bytes_get (); - X->words[7] = ((uint32_t *)rand)[7]; - X->words[6] = ((uint32_t *)rand)[6]; - X->words[5] = ((uint32_t *)rand)[5]; - X->words[4] = ((uint32_t *)rand)[4]; - X->words[3] = ((uint32_t *)rand)[3]; - X->words[2] = ((uint32_t *)rand)[2]; - X->words[1] = ((uint32_t *)rand)[1]; - X->words[0] = ((uint32_t *)rand)[0]; + X->word[7] = ((uint32_t *)rand)[7]; + X->word[6] = ((uint32_t *)rand)[6]; + X->word[5] = ((uint32_t *)rand)[5]; + X->word[4] = ((uint32_t *)rand)[4]; + X->word[3] = ((uint32_t *)rand)[3]; + X->word[2] = ((uint32_t *)rand)[2]; + X->word[1] = ((uint32_t *)rand)[1]; + X->word[0] = ((uint32_t *)rand)[0]; random_bytes_free (rand); } diff --git a/src/bn.h b/src/bn.h index 19ecf19..d22eea0 100644 --- a/src/bn.h +++ b/src/bn.h @@ -1,11 +1,11 @@ #define BN256_WORDS 8 typedef struct bn256 { - uint32_t words[ BN256_WORDS ]; /* Little endian */ + uint32_t word[ BN256_WORDS ]; /* Little endian */ } bn256; #define BN512_WORDS 16 typedef struct bn512 { - uint32_t words[ BN512_WORDS ]; /* Little endian */ + uint32_t word[ BN512_WORDS ]; /* Little endian */ } bn512; uint32_t bn256_add (bn256 *X, const bn256 *A, const bn256 *B); diff --git a/src/ec_p256.c b/src/ec_p256.c index a091630..0253314 100644 --- a/src/ec_p256.c +++ b/src/ec_p256.c @@ -259,14 +259,14 @@ compute_kG (ac *X, const bn256 *K) if (!q_is_infinite) jpc_double (Q, Q); - k_i = (((K->words[6] >> i) & 1) << 3) - | (((K->words[4] >> i) & 1) << 2) - | (((K->words[2] >> i) & 1) << 1) - | ((K->words[0] >> i) & 1); - k_i_e = (((K->words[7] >> i) & 1) << 3) - | (((K->words[5] >> i) & 1) << 2) - | (((K->words[3] >> i) & 1) << 1) - | ((K->words[1] >> i) & 1); + k_i = (((K->word[6] >> i) & 1) << 3) + | (((K->word[4] >> i) & 1) << 2) + | (((K->word[2] >> i) & 1) << 1) + | ((K->word[0] >> i) & 1); + k_i_e = (((K->word[7] >> i) & 1) << 3) + | (((K->word[5] >> i) & 1) << 2) + | (((K->word[3] >> i) & 1) << 1) + | ((K->word[1] >> i) & 1); if (k_i) { @@ -274,10 +274,10 @@ compute_kG (ac *X, const bn256 *K) { memcpy (Q->x, (&precomputed_KG[k_i - 1])->x, sizeof (bn256)); memcpy (Q->y, (&precomputed_KG[k_i - 1])->y, sizeof (bn256)); - Q->z->words[0] = 1; - Q->z->words[1] = Q->z->words[2] = Q->z->words[3] - = Q->z->words[4] = Q->z->words[5] = Q->z->words[6] - = Q->z->words[7] = 0; + Q->z->word[0] = 1; + Q->z->word[1] = Q->z->word[2] = Q->z->word[3] + = Q->z->word[4] = Q->z->word[5] = Q->z->word[6] + = Q->z->word[7] = 0; q_is_infinite = 0; } else @@ -290,7 +290,7 @@ compute_kG (ac *X, const bn256 *K) memcpy (Q->x, (&precomputed_2E_KG[k_i_e - 1])->x, sizeof (bn256)); memcpy (Q->y, (&precomputed_2E_KG[k_i_e - 1])->y, sizeof (bn256)); memset (Q->z, 0, sizeof (bn256)); - Q->z->words[0] = 1; + Q->z->word[0] = 1; q_is_infinite = 0; } else @@ -320,8 +320,8 @@ naf4_257_set (naf4_257 *NAF_K, int i, int ki) NAF_K->last_nibble = ki; else { - NAF_K->words[i/8] &= ~(0x0f << ((i & 0x07)*4)); - NAF_K->words[i/8] |= (ki << ((i & 0x07)*4)); + NAF_K->word[i/8] &= ~(0x0f << ((i & 0x07)*4)); + NAF_K->word[i/8] |= (ki << ((i & 0x07)*4)); } } @@ -334,7 +334,7 @@ naf4_257_get (const naf4_257 *NAF_K, int i) ki = NAF_K->last_nibble; else { - ki = NAF_K->words[i/8] >> ((i & 0x07)*4); + ki = NAF_K->word[i/8] >> ((i & 0x07)*4); ki &= 0x0f; } @@ -361,7 +361,7 @@ compute_naf4_257 (naf4_257 *NAF_K, const bn256 *K) naf4_257_set (NAF_K, i, 0); else { - int ki = (K_tmp->words[0]) & 0x0f; + int ki = (K_tmp->word[0]) & 0x0f; if ((ki & 0x08)) { @@ -369,7 +369,7 @@ compute_naf4_257 (naf4_257 *NAF_K, const bn256 *K) ki = ki - 16; } else - K_tmp->words[0] &= 0xfffffff0; + K_tmp->word[0] &= 0xfffffff0; naf4_257_set (NAF_K, i, ki); } @@ -377,7 +377,7 @@ compute_naf4_257 (naf4_257 *NAF_K, const bn256 *K) bn256_shift (K_tmp, K_tmp, -1); if (carry) { - K_tmp->words[7] |= 0x80000000; + K_tmp->word[7] |= 0x80000000; carry = 0; } i++; @@ -451,7 +451,7 @@ compute_kP (ac *X, const naf4_257 *NAF_K, const ac *P) memcpy (Q->x, P->x, sizeof (bn256)); memcpy (Q->y, P->y, sizeof (bn256)); memset (Q->z, 0, sizeof (bn256)); - Q->z->words[0] = 1; + Q->z->word[0] = 1; jpc_double (Q, Q); jpc_add_ac (Q1, Q, P); @@ -465,7 +465,7 @@ compute_kP (ac *X, const naf4_257 *NAF_K, const ac *P) memcpy (Q->x, P3->x, sizeof (bn256)); memcpy (Q->y, P3->y, sizeof (bn256)); memset (Q->z, 0, sizeof (bn256)); - Q->z->words[0] = 1; + Q->z->word[0] = 1; jpc_double (Q, Q); jpc_add_ac (Q1, Q, P); if (jpc_to_ac (P7, Q1) < 0) /* Never occurs, except coding errors. */ @@ -490,7 +490,7 @@ compute_kP (ac *X, const naf4_257 *NAF_K, const ac *P) else memcpy (Q->y, p_Pi[NAF_K_INDEX(k_i)]->y, sizeof (bn256)); memset (Q->z, 0, sizeof (bn256)); - Q->z->words[0] = 1; + Q->z->word[0] = 1; q_is_infinite = 0; } else diff --git a/src/ec_p256.h b/src/ec_p256.h index 66afe88..83963a5 100644 --- a/src/ec_p256.h +++ b/src/ec_p256.h @@ -1,6 +1,6 @@ /* Non-adjacent form */ typedef struct naf4_257 { - uint32_t words[ BN256_WORDS*4 ]; /* Little endian */ + uint32_t word[ BN256_WORDS*4 ]; /* Little endian */ uint8_t last_nibble; /* most significant nibble */ } naf4_257; diff --git a/src/jpc.c b/src/jpc.c index 2142f06..0fe1bac 100644 --- a/src/jpc.c +++ b/src/jpc.c @@ -96,7 +96,7 @@ jpc_add_ac_signed (jpc *X, const jpc *A, const ac *B, int minus) else memcpy (X->y, B->y, sizeof (bn256)); memset (X->z, 0, sizeof (bn256)); - X->z->words[0] = 1; + X->z->word[0] = 1; return; } diff --git a/src/mod.c b/src/mod.c index 018f6a3..40a83b6 100644 --- a/src/mod.c +++ b/src/mod.c @@ -39,84 +39,84 @@ mod_reduce (bn256 *X, const bn512 *A, const bn256 *B, const bn256 *MU_lower) uint32_t borrow_next; memset (q, 0, sizeof (bn256)); - q->words[0] = A->words[15]; + q->word[0] = A->word[15]; bn256_mul (tmp, q, MU_lower); - tmp->words[8] += A->words[15]; - carry = (tmp->words[8] < A->words[15]); - tmp->words[9] += carry; + tmp->word[8] += A->word[15]; + carry = (tmp->word[8] < A->word[15]); + tmp->word[9] += carry; - q->words[7] = A->words[14]; - q->words[6] = A->words[13]; - q->words[5] = A->words[12]; - q->words[4] = A->words[11]; - q->words[3] = A->words[10]; - q->words[2] = A->words[9]; - q->words[1] = A->words[8]; - q->words[0] = A->words[7]; + q->word[7] = A->word[14]; + q->word[6] = A->word[13]; + q->word[5] = A->word[12]; + q->word[4] = A->word[11]; + q->word[3] = A->word[10]; + q->word[2] = A->word[9]; + q->word[1] = A->word[8]; + q->word[0] = A->word[7]; bn256_mul (q_big, q, MU_lower); - bn256_add ((bn256 *)&q_big->words[8], (bn256 *)&q_big->words[8], q); + bn256_add ((bn256 *)&q_big->word[8], (bn256 *)&q_big->word[8], q); - q->words[0] = q_big->words[9] + tmp->words[1]; - carry = (q->words[0] < tmp->words[1]); + q->word[0] = q_big->word[9] + tmp->word[1]; + carry = (q->word[0] < tmp->word[1]); - q->words[1] = q_big->words[10] + carry; - carry = (q->words[1] < carry); - q->words[1] += tmp->words[2]; - carry += (q->words[1] < tmp->words[2]); + q->word[1] = q_big->word[10] + carry; + carry = (q->word[1] < carry); + q->word[1] += tmp->word[2]; + carry += (q->word[1] < tmp->word[2]); - q->words[2] = q_big->words[11] + carry; - carry = (q->words[2] < carry); - q->words[2] += tmp->words[3]; - carry += (q->words[2] < tmp->words[3]); + q->word[2] = q_big->word[11] + carry; + carry = (q->word[2] < carry); + q->word[2] += tmp->word[3]; + carry += (q->word[2] < tmp->word[3]); - q->words[3] = q_big->words[12] + carry; - carry = (q->words[3] < carry); - q->words[3] += tmp->words[4]; - carry += (q->words[3] < tmp->words[4]); + q->word[3] = q_big->word[12] + carry; + carry = (q->word[3] < carry); + q->word[3] += tmp->word[4]; + carry += (q->word[3] < tmp->word[4]); - q->words[4] = q_big->words[13] + carry; - carry = (q->words[4] < carry); - q->words[4] += tmp->words[5]; - carry += (q->words[4] < tmp->words[5]); + q->word[4] = q_big->word[13] + carry; + carry = (q->word[4] < carry); + q->word[4] += tmp->word[5]; + carry += (q->word[4] < tmp->word[5]); - q->words[5] = q_big->words[14] + carry; - carry = (q->words[5] < carry); - q->words[5] += tmp->words[6]; - carry += (q->words[5] < tmp->words[6]); + q->word[5] = q_big->word[14] + carry; + carry = (q->word[5] < carry); + q->word[5] += tmp->word[6]; + carry += (q->word[5] < tmp->word[6]); - q->words[6] = q_big->words[15] + carry; - carry = (q->words[6] < carry); - q->words[6] += tmp->words[7]; - carry += (q->words[6] < tmp->words[7]); + q->word[6] = q_big->word[15] + carry; + carry = (q->word[6] < carry); + q->word[6] += tmp->word[7]; + carry += (q->word[6] < tmp->word[7]); - q->words[7] = carry; - q->words[7] += tmp->words[8]; - carry = (q->words[7] < tmp->words[8]); + q->word[7] = carry; + q->word[7] += tmp->word[8]; + carry = (q->word[7] < tmp->word[8]); memset (q_big, 0, sizeof (bn512)); - q_big->words[8] = A->words[8]; - q_big->words[7] = A->words[7]; - q_big->words[6] = A->words[6]; - q_big->words[5] = A->words[5]; - q_big->words[4] = A->words[4]; - q_big->words[3] = A->words[3]; - q_big->words[2] = A->words[2]; - q_big->words[1] = A->words[1]; - q_big->words[0] = A->words[0]; + q_big->word[8] = A->word[8]; + q_big->word[7] = A->word[7]; + q_big->word[6] = A->word[6]; + q_big->word[5] = A->word[5]; + q_big->word[4] = A->word[4]; + q_big->word[3] = A->word[3]; + q_big->word[2] = A->word[2]; + q_big->word[1] = A->word[1]; + q_big->word[0] = A->word[0]; bn256_mul (tmp, q, B); if (carry) - tmp->words[8] += B->words[0]; - tmp->words[15] = tmp->words[14] = tmp->words[13] = tmp->words[12] - = tmp->words[11] = tmp->words[10] = tmp->words[9] = 0; + tmp->word[8] += B->word[0]; + tmp->word[15] = tmp->word[14] = tmp->word[13] = tmp->word[12] + = tmp->word[11] = tmp->word[10] = tmp->word[9] = 0; - borrow = bn256_sub (X, (bn256 *)&q_big->words[0], (bn256 *)&tmp->words[0]); - borrow_next = (q_big->words[8] < borrow); - q_big->words[8] -= borrow; - borrow_next += (q_big->words[8] < tmp->words[8]); - q_big->words[8] -= tmp->words[8]; + borrow = bn256_sub (X, (bn256 *)&q_big->word[0], (bn256 *)&tmp->word[0]); + borrow_next = (q_big->word[8] < borrow); + q_big->word[8] -= borrow; + borrow_next += (q_big->word[8] < tmp->word[8]); + q_big->word[8] -= tmp->word[8]; - carry = q_big->words[8]; + carry = q_big->word[8]; while (carry) { borrow_next = bn256_sub (X, X, B); @@ -154,7 +154,7 @@ mod_inv (bn256 *C, const bn256 *X, const bn256 *N) bn256_shift (A, A, -1); if (carry) - A->words[7] |= 0x80000000; + A->word[7] |= 0x80000000; } } @@ -169,7 +169,7 @@ mod_inv (bn256 *C, const bn256 *X, const bn256 *N) bn256_shift (C, C, -1); if (carry) - C->words[7] |= 0x80000000; + C->word[7] |= 0x80000000; } } diff --git a/src/modp256.c b/src/modp256.c index 7230c67..eb960b1 100644 --- a/src/modp256.c +++ b/src/modp256.c @@ -90,94 +90,94 @@ modp256_reduce (bn256 *X, const bn512 *A) #define S8 tmp #define S9 tmp - S1->words[7] = A->words[7]; - S1->words[6] = A->words[6]; - S1->words[5] = A->words[5]; - S1->words[4] = A->words[4]; - S1->words[3] = A->words[3]; - S1->words[2] = A->words[2]; - S1->words[1] = A->words[1]; - S1->words[0] = A->words[0]; + S1->word[7] = A->word[7]; + S1->word[6] = A->word[6]; + S1->word[5] = A->word[5]; + S1->word[4] = A->word[4]; + S1->word[3] = A->word[3]; + S1->word[2] = A->word[2]; + S1->word[1] = A->word[1]; + S1->word[0] = A->word[0]; /* X = S1 */ - S2->words[7] = A->words[15]; - S2->words[6] = A->words[14]; - S2->words[5] = A->words[13]; - S2->words[4] = A->words[12]; - S2->words[3] = A->words[11]; - S2->words[2] = S2->words[1] = S2->words[0] = 0; + S2->word[7] = A->word[15]; + S2->word[6] = A->word[14]; + S2->word[5] = A->word[13]; + S2->word[4] = A->word[12]; + S2->word[3] = A->word[11]; + S2->word[2] = S2->word[1] = S2->word[0] = 0; /* X += 2 * S2 */ modp256_add (X, X, S2); modp256_add (X, X, S2); - S3->words[7] = 0; - S3->words[6] = A->words[15]; - S3->words[5] = A->words[14]; - S3->words[4] = A->words[13]; - S3->words[3] = A->words[12]; - S3->words[2] = S3->words[1] = S3->words[0] = 0; + S3->word[7] = 0; + S3->word[6] = A->word[15]; + S3->word[5] = A->word[14]; + S3->word[4] = A->word[13]; + S3->word[3] = A->word[12]; + S3->word[2] = S3->word[1] = S3->word[0] = 0; /* X += 2 * S3 */ modp256_add (X, X, S3); modp256_add (X, X, S3); - S4->words[7] = A->words[15]; - S4->words[6] = A->words[14]; - S4->words[5] = S4->words[4] = S4->words[3] = 0; - S4->words[2] = A->words[10]; - S4->words[1] = A->words[9]; - S4->words[0] = A->words[8]; + S4->word[7] = A->word[15]; + S4->word[6] = A->word[14]; + S4->word[5] = S4->word[4] = S4->word[3] = 0; + S4->word[2] = A->word[10]; + S4->word[1] = A->word[9]; + S4->word[0] = A->word[8]; /* X += S4 */ modp256_add (X, X, S4); - S5->words[7] = A->words[8]; - S5->words[6] = A->words[13]; - S5->words[5] = A->words[15]; - S5->words[4] = A->words[14]; - S5->words[3] = A->words[13]; - S5->words[2] = A->words[11]; - S5->words[1] = A->words[10]; - S5->words[0] = A->words[9]; + S5->word[7] = A->word[8]; + S5->word[6] = A->word[13]; + S5->word[5] = A->word[15]; + S5->word[4] = A->word[14]; + S5->word[3] = A->word[13]; + S5->word[2] = A->word[11]; + S5->word[1] = A->word[10]; + S5->word[0] = A->word[9]; /* X += S5 */ modp256_add (X, X, S5); - S6->words[7] = A->words[10]; - S6->words[6] = A->words[8]; - S6->words[5] = S6->words[4] = S6->words[3] = 0; - S6->words[2] = A->words[13]; - S6->words[1] = A->words[12]; - S6->words[0] = A->words[11]; + S6->word[7] = A->word[10]; + S6->word[6] = A->word[8]; + S6->word[5] = S6->word[4] = S6->word[3] = 0; + S6->word[2] = A->word[13]; + S6->word[1] = A->word[12]; + S6->word[0] = A->word[11]; /* X -= S6 */ modp256_sub (X, X, S6); - S7->words[7] = A->words[11]; - S7->words[6] = A->words[9]; - S7->words[5] = S7->words[4] = 0; - S7->words[3] = A->words[15]; - S7->words[2] = A->words[14]; - S7->words[1] = A->words[13]; - S7->words[0] = A->words[12]; + S7->word[7] = A->word[11]; + S7->word[6] = A->word[9]; + S7->word[5] = S7->word[4] = 0; + S7->word[3] = A->word[15]; + S7->word[2] = A->word[14]; + S7->word[1] = A->word[13]; + S7->word[0] = A->word[12]; /* X -= S7 */ modp256_sub (X, X, S7); - S8->words[7] = A->words[12]; - S8->words[6] = 0; - S8->words[5] = A->words[10]; - S8->words[4] = A->words[9]; - S8->words[3] = A->words[8]; - S8->words[2] = A->words[15]; - S8->words[1] = A->words[14]; - S8->words[0] = A->words[13]; + S8->word[7] = A->word[12]; + S8->word[6] = 0; + S8->word[5] = A->word[10]; + S8->word[4] = A->word[9]; + S8->word[3] = A->word[8]; + S8->word[2] = A->word[15]; + S8->word[1] = A->word[14]; + S8->word[0] = A->word[13]; /* X -= S8 */ modp256_sub (X, X, S8); - S9->words[7] = A->words[13]; - S9->words[6] = 0; - S9->words[5] = A->words[11]; - S9->words[4] = A->words[10]; - S9->words[3] = A->words[9]; - S9->words[2] = 0; - S9->words[1] = A->words[15]; - S9->words[0] = A->words[14]; + S9->word[7] = A->word[13]; + S9->word[6] = 0; + S9->word[5] = A->word[11]; + S9->word[4] = A->word[10]; + S9->word[3] = A->word[9]; + S9->word[2] = 0; + S9->word[1] = A->word[15]; + S9->word[0] = A->word[14]; /* X -= S9 */ modp256_sub (X, X, S9); @@ -241,7 +241,7 @@ modp256_inv (bn256 *C, const bn256 *a) bn256_shift (A, A, -1); if (carry) - A->words[7] |= 0x80000000; + A->word[7] |= 0x80000000; } } @@ -256,7 +256,7 @@ modp256_inv (bn256 *C, const bn256 *a) bn256_shift (C, C, -1); if (carry) - C->words[7] |= 0x80000000; + C->word[7] |= 0x80000000; } } @@ -290,14 +290,14 @@ modp256_shift (bn256 *X, const bn256 *A, int shift) return; memset (tmp, 0, sizeof (bn256)); - tmp->words[7] = carry; - tmp->words[0] = carry; + tmp->word[7] = carry; + tmp->word[0] = carry; modp256_add (X, X, tmp); - tmp->words[7] = 0; - tmp->words[0] = 0; - tmp->words[6] = carry; - tmp->words[3] = carry; + tmp->word[7] = 0; + tmp->word[0] = 0; + tmp->word[6] = carry; + tmp->word[3] = carry; modp256_sub (X, X, tmp); if (bn256_is_ge (X, P256))