diff --git a/core/crypto/_fiat/field_curve25519/field.odin b/core/crypto/_fiat/field_curve25519/field.odin index cf7f694bc..64f9f8a1f 100644 --- a/core/crypto/_fiat/field_curve25519/field.odin +++ b/core/crypto/_fiat/field_curve25519/field.odin @@ -50,7 +50,11 @@ fe_equal_bytes :: proc "contextless" (arg1: ^Tight_Field_Element, arg2: ^[32]byt return ret } -fe_carry_pow2k :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element, arg2: uint) { +fe_carry_pow2k :: proc "contextless" ( + out1: ^Tight_Field_Element, + arg1: ^Loose_Field_Element, + arg2: uint, +) { // Special case: `arg1^(2 * 0) = 1`, though this should never happen. if arg2 == 0 { fe_one(out1) @@ -68,7 +72,10 @@ fe_carry_opp :: #force_inline proc "contextless" (out1, arg1: ^Tight_Field_Eleme fe_carry(out1, fe_relax_cast(out1)) } -fe_carry_invsqrt :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) -> int { +fe_carry_invsqrt :: proc "contextless" ( + out1: ^Tight_Field_Element, + arg1: ^Loose_Field_Element, +) -> int { // Inverse square root taken from Monocypher. tmp1, tmp2, tmp3: Tight_Field_Element = ---, ---, --- @@ -130,7 +137,7 @@ fe_carry_invsqrt :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) return p1 | m1 } -fe_carry_inv :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) { +fe_carry_inv :: proc "contextless" (out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) { tmp1: Tight_Field_Element fe_carry_square(&tmp1, arg1) diff --git a/core/crypto/_fiat/field_curve25519/field51.odin b/core/crypto/_fiat/field_curve25519/field51.odin index 4cda96c81..81dca19e2 100644 --- a/core/crypto/_fiat/field_curve25519/field51.odin +++ b/core/crypto/_fiat/field_curve25519/field51.odin @@ -80,7 +80,7 @@ _subborrowx_u51 :: #force_inline proc "contextless" ( return } -fe_carry_mul :: proc(out1: ^Tight_Field_Element, arg1, arg2: ^Loose_Field_Element) { +fe_carry_mul :: proc "contextless" (out1: ^Tight_Field_Element, arg1, arg2: ^Loose_Field_Element) { x2, x1 := bits.mul_u64(arg1[4], (arg2[4] * 0x13)) x4, x3 := bits.mul_u64(arg1[4], (arg2[3] * 0x13)) x6, x5 := bits.mul_u64(arg1[4], (arg2[2] * 0x13)) @@ -179,7 +179,7 @@ fe_carry_mul :: proc(out1: ^Tight_Field_Element, arg1, arg2: ^Loose_Field_Elemen out1[4] = x152 } -fe_carry_square :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) { +fe_carry_square :: proc "contextless" (out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) { x1 := (arg1[4] * 0x13) x2 := (x1 * 0x2) x3 := (arg1[4] * 0x2) @@ -540,7 +540,10 @@ fe_relax :: proc "contextless" (out1: ^Loose_Field_Element, arg1: ^Tight_Field_E out1[4] = x5 } -fe_carry_scmul_121666 :: proc(out1: ^Tight_Field_Element, arg1: ^Loose_Field_Element) { +fe_carry_scmul_121666 :: proc "contextless" ( + out1: ^Tight_Field_Element, + arg1: ^Loose_Field_Element, +) { x2, x1 := bits.mul_u64(0x1db42, arg1[4]) x4, x3 := bits.mul_u64(0x1db42, arg1[3]) x6, x5 := bits.mul_u64(0x1db42, arg1[2]) diff --git a/core/crypto/x25519/x25519.odin b/core/crypto/x25519/x25519.odin index 285666a32..3cd247cf8 100644 --- a/core/crypto/x25519/x25519.odin +++ b/core/crypto/x25519/x25519.odin @@ -27,7 +27,7 @@ _scalar_bit :: #force_inline proc "contextless" (s: ^[32]byte, i: int) -> u8 { } @(private) -_scalarmult :: proc(out, scalar, point: ^[32]byte) { +_scalarmult :: proc "contextless" (out, scalar, point: ^[32]byte) { // Montgomery pseduo-multiplication taken from Monocypher. // computes the scalar product