clmul__common__impl_8h_source.html

/**********************************************************************

 * Copyright (c) 2018 Pieter Wuille, Greg Maxwell, Gleb Naumenko      *

 * Distributed under the MIT software license, see the accompanying   *

 * file LICENSE or http://www.opensource.org/licenses/mit-license.php.*

 **********************************************************************/


#ifndef _MINISKETCH_FIELDS_CLMUL_COMMON_IMPL_H_

#define _MINISKETCH_FIELDS_CLMUL_COMMON_IMPL_H_ 1


#include <stdint.h>

#include <immintrin.h>


#include "../int_utils.h"

#include "../lintrans.h"


namespace {


// The memory sanitizer in clang < 11 cannot reason through _mm_clmulepi64_si128 calls.

// Disable memory sanitization in the functions using them for those compilers.

#if defined(__clang__) && (__clang_major__ < 11)

#  if defined(__has_feature)

#    if __has_feature(memory_sanitizer)

#      define NO_SANITIZE_MEMORY __attribute__((no_sanitize("memory")))

#    endif

#  endif

#endif

#ifndef NO_SANITIZE_MEMORY

#  define NO_SANITIZE_MEMORY

#endif


template<typename I, int BITS, I MOD> NO_SANITIZE_MEMORY I MulWithClMulReduce(I a, I b)

{

    static constexpr I MASK = Mask<BITS, I>();


    const __m128i MOD128 = _mm_cvtsi64_si128(MOD);

    __m128i product = _mm_clmulepi64_si128(_mm_cvtsi64_si128((uint64_t)a), _mm_cvtsi64_si128((uint64_t)b), 0x00);

    if (BITS <= 32) {

        __m128i high1 = _mm_srli_epi64(product, BITS);

        __m128i red1 = _mm_clmulepi64_si128(high1, MOD128, 0x00);

        __m128i high2 = _mm_srli_epi64(red1, BITS);

        __m128i red2 = _mm_clmulepi64_si128(high2, MOD128, 0x00);

        return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

    } else if (BITS == 64) {

        __m128i red1 = _mm_clmulepi64_si128(product, MOD128, 0x01);

        __m128i red2 = _mm_clmulepi64_si128(red1, MOD128, 0x01);

        return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2));

    } else if ((BITS % 8) == 0) {

        __m128i high1 = _mm_srli_si128(product, BITS / 8);

        __m128i red1 = _mm_clmulepi64_si128(high1, MOD128, 0x00);

        __m128i high2 = _mm_srli_si128(red1, BITS / 8);

        __m128i red2 = _mm_clmulepi64_si128(high2, MOD128, 0x00);

        return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

    } else {

        __m128i high1 = _mm_or_si128(_mm_srli_epi64(product, BITS), _mm_srli_si128(_mm_slli_epi64(product, 64 - BITS), 8));

        __m128i red1 = _mm_clmulepi64_si128(high1, MOD128, 0x00);

        if ((uint64_t(MOD) >> (66 - BITS)) == 0) {

            __m128i high2 = _mm_srli_epi64(red1, BITS);

            __m128i red2 = _mm_clmulepi64_si128(high2, MOD128, 0x00);

            return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

        } else {

            __m128i high2 = _mm_or_si128(_mm_srli_epi64(red1, BITS), _mm_srli_si128(_mm_slli_epi64(red1, 64 - BITS), 8));

            __m128i red2 = _mm_clmulepi64_si128(high2, MOD128, 0x00);

            return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

        }

    }

}


template<typename I, int BITS, int POS> NO_SANITIZE_MEMORY I MulTrinomial(I a, I b)

{

    static constexpr I MASK = Mask<BITS, I>();


    __m128i product = _mm_clmulepi64_si128(_mm_cvtsi64_si128((uint64_t)a), _mm_cvtsi64_si128((uint64_t)b), 0x00);

    if (BITS <= 32) {

        __m128i high1 = _mm_srli_epi64(product, BITS);

        __m128i red1 = _mm_xor_si128(high1, _mm_slli_epi64(high1, POS));

        if (POS == 1) {

            return _mm_cvtsi128_si64(_mm_xor_si128(product, red1)) & MASK;

        } else {

            __m128i high2 = _mm_srli_epi64(red1, BITS);

            __m128i red2 = _mm_xor_si128(high2, _mm_slli_epi64(high2, POS));

            return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

        }

    } else {

        __m128i high1 = _mm_or_si128(_mm_srli_epi64(product, BITS), _mm_srli_si128(_mm_slli_epi64(product, 64 - BITS), 8));

        if (BITS + POS <= 66) {

            __m128i red1 = _mm_xor_si128(high1, _mm_slli_epi64(high1, POS));

            if (POS == 1) {

                return _mm_cvtsi128_si64(_mm_xor_si128(product, red1)) & MASK;

            } else if (BITS + POS <= 66) {

                __m128i high2 = _mm_srli_epi64(red1, BITS);

                __m128i red2 = _mm_xor_si128(high2, _mm_slli_epi64(high2, POS));

                return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

            }

        } else {

            const __m128i MOD128 = _mm_cvtsi64_si128(1 + (((uint64_t)1) << POS));

            __m128i red1 = _mm_clmulepi64_si128(high1, MOD128, 0x00);

            __m128i high2 = _mm_or_si128(_mm_srli_epi64(red1, BITS), _mm_srli_si128(_mm_slli_epi64(red1, 64 - BITS), 8));

            __m128i red2 = _mm_xor_si128(high2, _mm_slli_epi64(high2, POS));

            return _mm_cvtsi128_si64(_mm_xor_si128(_mm_xor_si128(product, red1), red2)) & MASK;

        }

    }

}


template<typename I, int B, I MOD, I (*MUL)(I, I), typename F, const F* SQR, const F* SQR2, const F* SQR4, const F* SQR8, const F* SQR16, const F* QRT, typename T, const T* LOAD, const T* SAVE> struct GenField

{

    typedef BitsInt<I, B> O;

    typedef LFSR<O, MOD> L;


    static inline constexpr I Sqr1(I a) { return SQR->template Map<O>(a); }

    static inline constexpr I Sqr2(I a) { return SQR2->template Map<O>(a); }

    static inline constexpr I Sqr4(I a) { return SQR4->template Map<O>(a); }

    static inline constexpr I Sqr8(I a) { return SQR8->template Map<O>(a); }

    static inline constexpr I Sqr16(I a) { return SQR16->template Map<O>(a); }


public:

    typedef I Elem;


    inline constexpr int Bits() const { return B; }


    inline constexpr Elem Mul2(Elem val) const { return L::Call(val); }


    inline Elem Mul(Elem a, Elem b) const { return MUL(a, b); }


    class Multiplier

    {

        Elem m_val;

    public:

        inline constexpr explicit Multiplier(const GenField&, Elem a) : m_val(a) {}

        constexpr Elem operator()(Elem a) const { return MUL(m_val, a); }

    };


    inline constexpr Elem Sqr(Elem val) const { return SQR->template Map<O>(val); }


    inline constexpr Elem Qrt(Elem val) const { return QRT->template Map<O>(val); }


    inline Elem Inv(Elem val) const { return InvLadder<I, O, B, MUL, Sqr1, Sqr2, Sqr4, Sqr8, Sqr16>(val); }


    Elem FromSeed(uint64_t seed) const {

        uint64_t k0 = 0x434c4d554c466c64ull; // "CLMULFld"

        uint64_t k1 = seed;

        uint64_t count = ((uint64_t)B) << 32;

        I ret;

        do {

            ret = O::Mask(I(SipHash(k0, k1, count++)));

        } while(ret == 0);

        return LOAD->template Map<O>(ret);

    }


    Elem Deserialize(BitReader& in) const { return LOAD->template Map<O>(in.Read<B, I>()); }


    void Serialize(BitWriter& out, Elem val) const { out.Write<B, I>(SAVE->template Map<O>(val)); }


    constexpr Elem FromUint64(uint64_t x) const { return LOAD->template Map<O>(O::Mask(I(x))); }

    constexpr uint64_t ToUint64(Elem val) const { return uint64_t(SAVE->template Map<O>(val)); }

};


template<typename I, int B, I MOD, typename F, const F* SQR, const F* SQR2, const F* SQR4, const F* SQR8, const F* SQR16, const F* QRT, typename T, const T* LOAD, const T* SAVE>

using Field = GenField<I, B, MOD, MulWithClMulReduce<I, B, MOD>, F, SQR, SQR2, SQR4, SQR8, SQR16, QRT, T, LOAD, SAVE>;


template<typename I, int B, int POS, typename F, const F* SQR, const F* SQR2, const F* SQR4, const F* SQR8, const F* SQR16, const F* QRT, typename T, const T* LOAD, const T* SAVE>

using FieldTri = GenField<I, B, I(1) + (I(1) << POS), MulTrinomial<I, B, POS>, F, SQR, SQR2, SQR4, SQR8, SQR16, QRT, T, LOAD, SAVE>;


}


#endif

ret
int ret
Definition: bitcoin-cli.cpp:1354

BitReader
Definition: int_utils.h:104

BitReader::Read
I Read()
Definition: int_utils.h:113

BitWriter
Definition: int_utils.h:55

BitsInt
Definition: int_utils.h:179

BitsInt::Mask
static constexpr I Mask(I val)
Definition: int_utils.h:198

NO_SANITIZE_MEMORY
#define NO_SANITIZE_MEMORY
Definition: clmul_common_impl.h:28

T
#define T(expected, seed, data)

SipHash
uint64_t SipHash(uint64_t k0, uint64_t k1, uint64_t data)
Definition: int_utils.h:35

tests_wycheproof_generate.out
string out
Definition: tests_wycheproof_generate.py:28

Serialize
void Serialize(Stream &, V)=delete

Sqr
void Sqr(std::vector< typename F::Elem > &poly, const F &field)
Square a polynomial.
Definition: sketch_impl.h:92

LFSR
Class which implements a stateless LFSR for generic moduli.
Definition: int_utils.h:230

LFSR::Call
static constexpr I Call(const I &a)
Shift a value a up once, treating it as an N-bit LFSR, with pattern MOD.
Definition: int_utils.h:233

count
static int count
Definition: tests_exhaustive.c:34

B
#define B
Definition: util_tests.cpp:544