I just pushed some reorganization of the ecc code. It introduces an internal struct ecc_modulo, which keeps the data and function pointers needed for modulo p (or modulo q) arithmetic.

Immediate benefit was that a couple of wrapper functions could be deleted. E.g, ecc_generic_modp and ecc_generic_modq both called ecc_mod, but with different constants taken from different fields of struct ecc_curve). Now, one can instead call ecc_mod (&ecc->p, ...) and ecc_mod(&ecc->q, ...), respectively.

I also added an invert function pointer, and wrote a specialized modp invert function for curve25519, which gives a nice little speedup. The code can be shared with sqrt, since the main part of the addition chain is the same for p-2 = 2^{255} - 21 (for invert) and (p-5)/8 = 2^{252} - 3 (for sqrt). Similar functions for the secp curves also make sense, at least for the mod p inversion; modq is less structured.

The plan is to expand struct ecc_modulo with add, mul and sqr function pointers, to make it possible to have a different internal representation. In particular, using radix-51 for curve25519 modp arithmetic, on 64-bit machines.

Regards, /Niels