cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add unclamped versions of scalarmult_ed25519*()

Browse Source
This commit is contained in:
Frank Denis 2018-12-18 22:46:56 +01:00
parent 536ed00d2c
commit b42082d6d2
2 changed files with 58 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
src/libsodium/crypto_scalarmult/ed25519/ref10/scalarmult_ed25519_ref10.c
View File

@ -28,9 +28,9 @@ _crypto_scalarmult_ed25519_clamp(unsigned char k[32])
k[31] |= 64; k[31] |= 64;
} }
int static int
crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n, _crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
const unsigned char *p) const unsigned char *p, const int clamp)
{ {
unsigned char *t = q; unsigned char *t = q;
ge25519_p3 Q; ge25519_p3 Q;
@ -44,7 +44,9 @@ crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
for (i = 0; i < 32; ++i) { for (i = 0; i < 32; ++i) {
t[i] = n[i]; t[i] = n[i];
} }
_crypto_scalarmult_ed25519_clamp(t); if (clamp != 0) {
_crypto_scalarmult_ed25519_clamp(t);
}
ge25519_scalarmult(&Q, t, &P); ge25519_scalarmult(&Q, t, &P);
ge25519_p3_tobytes(q, &Q); ge25519_p3_tobytes(q, &Q);
if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) { if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) {
@ -53,24 +55,54 @@ crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
return 0; return 0;
} }
int
crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
const unsigned char *p)
{
return _crypto_scalarmult_ed25519(q, n, p, 1);
}
int
crypto_scalarmult_ed25519_noclamp(unsigned char *q, const unsigned char *n,
const unsigned char *p)
{
return _crypto_scalarmult_ed25519(q, n, p, 0);
}
static int
_crypto_scalarmult_ed25519_base(unsigned char *q,
const unsigned char *n, const int clamp)
{
unsigned char *t = q;
ge25519_p3 Q;
unsigned int i;
for (i = 0; i < 32; ++i) {
t[i] = n[i];
}
if (clamp != 0) {
_crypto_scalarmult_ed25519_clamp(t);
}
ge25519_scalarmult_base(&Q, t);
ge25519_p3_tobytes(q, &Q);
if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) {
return -1;
}
return 0;
}
int int
crypto_scalarmult_ed25519_base(unsigned char *q, crypto_scalarmult_ed25519_base(unsigned char *q,
const unsigned char *n) const unsigned char *n)
{ {
unsigned char *t = q; return _crypto_scalarmult_ed25519_base(q, n, 1);
ge25519_p3 Q; }
unsigned int i;
for (i = 0; i < 32; ++i) { int
t[i] = n[i]; crypto_scalarmult_ed25519_base_noclamp(unsigned char *q,
} const unsigned char *n)
_crypto_scalarmult_ed25519_clamp(t); {
ge25519_scalarmult_base(&Q, t); return _crypto_scalarmult_ed25519_base(q, n, 0);
ge25519_p3_tobytes(q, &Q);
if (sodium_is_zero(n, 32) != 0) {
return -1;
}
return 0;
} }
size_t size_t

9
src/libsodium/include/sodium/crypto_scalarmult_ed25519.h
View File

@ -31,10 +31,19 @@ int crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
const unsigned char *p) const unsigned char *p)
__attribute__ ((warn_unused_result)) __attribute__ ((nonnull)); __attribute__ ((warn_unused_result)) __attribute__ ((nonnull));
SODIUM_EXPORT
int crypto_scalarmult_ed25519_noclamp(unsigned char *q, const unsigned char *n,
const unsigned char *p)
__attribute__ ((warn_unused_result)) __attribute__ ((nonnull));
SODIUM_EXPORT SODIUM_EXPORT
int crypto_scalarmult_ed25519_base(unsigned char *q, const unsigned char *n) int crypto_scalarmult_ed25519_base(unsigned char *q, const unsigned char *n)
__attribute__ ((nonnull)); __attribute__ ((nonnull));
SODIUM_EXPORT
int crypto_scalarmult_ed25519_base_noclamp(unsigned char *q, const unsigned char *n)
__attribute__ ((nonnull));
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif