Andres Erbsen

Do I understand correctly that the code at golang.org/cl/314889 now works, and the change that made the test vectors pass was taking the `base` input mod `2^255` first, and this...

At least when I designed this, I intended it to print risc-v binaries.

I think the most obvious test would be to replace field arithmetic in https://github.com/golang/crypto/blob/master/curve25519/curve25519_generic.go with ours and then run https://github.com/golang/crypto/blob/master/curve25519/curve25519_test.go#L14-L32 I remember it being easier, though, but perhaps I just...

The issue with pointer types is rather fundamental, bedrock2 does not have a notion of pointers at all. I don't have a satisfying plan for it. Given that bottleneck, I...

If we want to support compilation with strict aliasing enabled (probably a requirement for BoringSSL?), we can't do this: > `uint64_t out1[5];` > `out0 = (uintptr_t) (&out1[0]);` Hopefully we can...

> Or, perhaps more generally, what's the argument against? I believe not needlessly passing information through the heap when it can be passed directly makes generating and verifying functions much...

We discussed this in the fiat-crypto meeting today. I think we said - Jade change the argument order (or I will later) - we will not make bedrock2-backend code to...

I guess another strategy would be to use inferred C types where they are available, and fall back to bytewise access when not... I think this would be legal wrt...

https://builds.sr.ht/~andres/job/59012

`The job exceeded the maximum time limit for jobs, and has been terminated.` `The job exceeded the maximum time limit for jobs, and has been terminated.` `Fatal error: out of...