Mercurial > hg > quicktun

annotate src/crypto_scalarmult_curve25519.c @ 12:e4b60d041491

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make sure that the session buffer is zero
author Ivo Smits <Ivo@UCIS.nl>
date Sun, 05 Dec 2010 23:12:04 +0100
parents 65c01f57bdce
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
1 /*
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
2 version 20081011
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
3 Matthew Dempsky
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
4 Public domain.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
5 Derived from public domain code by D. J. Bernstein.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
6 */
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
7
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
8 //#include "crypto_scalarmult.h"
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
9
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
10 static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
11 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
12 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
13 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
14 u = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
15 for (j = 0;j < 31;++j) { u += a[j] + b[j]; out[j] = u & 255; u >>= 8; }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
16 u += a[31] + b[31]; out[31] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
17 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
18
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
19 static void sub(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
20 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
21 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
22 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
23 u = 218;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
24 for (j = 0;j < 31;++j) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
25 u += a[j] + 65280 - b[j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
26 out[j] = u & 255;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
27 u >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
28 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
29 u += a[31] - b[31];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
30 out[31] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
31 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
32
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
33 static void squeeze(unsigned int a[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
34 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
35 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
36 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
37 u = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
38 for (j = 0;j < 31;++j) { u += a[j]; a[j] = u & 255; u >>= 8; }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
39 u += a[31]; a[31] = u & 127;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
40 u = 19 * (u >> 7);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
41 for (j = 0;j < 31;++j) { u += a[j]; a[j] = u & 255; u >>= 8; }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
42 u += a[31]; a[31] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
43 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
44
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
45 static const unsigned int minusp[32] = {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
46 19, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 128
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
47 } ;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
48
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
49 static void freeze(unsigned int a[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
50 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
51 unsigned int aorig[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
52 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
53 unsigned int negative;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
54
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
55 for (j = 0;j < 32;++j) aorig[j] = a[j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
56 add(a,a,minusp);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
57 negative = -((a[31] >> 7) & 1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
58 for (j = 0;j < 32;++j) a[j] ^= negative & (aorig[j] ^ a[j]);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
59 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
60
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
61 static void mult(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
62 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
63 unsigned int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
64 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
65 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
66
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
67 for (i = 0;i < 32;++i) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
68 u = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
69 for (j = 0;j <= i;++j) u += a[j] * b[i - j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
70 for (j = i + 1;j < 32;++j) u += 38 * a[j] * b[i + 32 - j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
71 out[i] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
72 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
73 squeeze(out);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
74 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
75
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
76 static void mult121665(unsigned int out[32],const unsigned int a[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
77 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
78 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
79 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
80
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
81 u = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
82 for (j = 0;j < 31;++j) { u += 121665 * a[j]; out[j] = u & 255; u >>= 8; }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
83 u += 121665 * a[31]; out[31] = u & 127;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
84 u = 19 * (u >> 7);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
85 for (j = 0;j < 31;++j) { u += out[j]; out[j] = u & 255; u >>= 8; }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
86 u += out[j]; out[j] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
87 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
88
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
89 static void square(unsigned int out[32],const unsigned int a[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
90 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
91 unsigned int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
92 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
93 unsigned int u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
94
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
95 for (i = 0;i < 32;++i) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
96 u = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
97 for (j = 0;j < i - j;++j) u += a[j] * a[i - j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
98 for (j = i + 1;j < i + 32 - j;++j) u += 38 * a[j] * a[i + 32 - j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
99 u *= 2;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
100 if ((i & 1) == 0) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
101 u += a[i / 2] * a[i / 2];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
102 u += 38 * a[i / 2 + 16] * a[i / 2 + 16];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
103 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
104 out[i] = u;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
105 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
106 squeeze(out);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
107 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
108
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
109 static void select(unsigned int p[64],unsigned int q[64],const unsigned int r[64],const unsigned int s[64],unsigned int b)
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
110 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
111 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
112 unsigned int t;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
113 unsigned int bminus1;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
114
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
115 bminus1 = b - 1;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
116 for (j = 0;j < 64;++j) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
117 t = bminus1 & (r[j] ^ s[j]);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
118 p[j] = s[j] ^ t;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
119 q[j] = r[j] ^ t;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
120 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
121 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
122
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
123 static void mainloop(unsigned int work[64],const unsigned char e[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
124 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
125 unsigned int xzm1[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
126 unsigned int xzm[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
127 unsigned int xzmb[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
128 unsigned int xzm1b[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
129 unsigned int xznb[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
130 unsigned int xzn1b[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
131 unsigned int a0[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
132 unsigned int a1[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
133 unsigned int b0[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
134 unsigned int b1[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
135 unsigned int c1[64];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
136 unsigned int r[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
137 unsigned int s[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
138 unsigned int t[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
139 unsigned int u[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
140 unsigned int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
141 unsigned int j;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
142 unsigned int b;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
143 int pos;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
144
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
145 for (j = 0;j < 32;++j) xzm1[j] = work[j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
146 xzm1[32] = 1;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
147 for (j = 33;j < 64;++j) xzm1[j] = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
148
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
149 xzm[0] = 1;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
150 for (j = 1;j < 64;++j) xzm[j] = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
151
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
152 for (pos = 254;pos >= 0;--pos) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
153 b = e[pos / 8] >> (pos & 7);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
154 b &= 1;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
155 select(xzmb,xzm1b,xzm,xzm1,b);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
156 add(a0,xzmb,xzmb + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
157 sub(a0 + 32,xzmb,xzmb + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
158 add(a1,xzm1b,xzm1b + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
159 sub(a1 + 32,xzm1b,xzm1b + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
160 square(b0,a0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
161 square(b0 + 32,a0 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
162 mult(b1,a1,a0 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
163 mult(b1 + 32,a1 + 32,a0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
164 add(c1,b1,b1 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
165 sub(c1 + 32,b1,b1 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
166 square(r,c1 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
167 sub(s,b0,b0 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
168 mult121665(t,s);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
169 add(u,t,b0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
170 mult(xznb,b0,b0 + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
171 mult(xznb + 32,s,u);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
172 square(xzn1b,c1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
173 mult(xzn1b + 32,r,work);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
174 select(xzm,xzm1,xznb,xzn1b,b);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
175 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
176
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
177 for (j = 0;j < 64;++j) work[j] = xzm[j];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
178 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
179
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
180 static void recip(unsigned int out[32],const unsigned int z[32])
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
181 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
182 unsigned int z2[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
183 unsigned int z9[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
184 unsigned int z11[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
185 unsigned int z2_5_0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
186 unsigned int z2_10_0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
187 unsigned int z2_20_0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
188 unsigned int z2_50_0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
189 unsigned int z2_100_0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
190 unsigned int t0[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
191 unsigned int t1[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
192 int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
193
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
194 /* 2 */ square(z2,z);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
195 /* 4 */ square(t1,z2);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
196 /* 8 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
197 /* 9 */ mult(z9,t0,z);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
198 /* 11 */ mult(z11,z9,z2);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
199 /* 22 */ square(t0,z11);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
200 /* 2^5 - 2^0 = 31 */ mult(z2_5_0,t0,z9);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
201
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
202 /* 2^6 - 2^1 */ square(t0,z2_5_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
203 /* 2^7 - 2^2 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
204 /* 2^8 - 2^3 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
205 /* 2^9 - 2^4 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
206 /* 2^10 - 2^5 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
207 /* 2^10 - 2^0 */ mult(z2_10_0,t0,z2_5_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
208
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
209 /* 2^11 - 2^1 */ square(t0,z2_10_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
210 /* 2^12 - 2^2 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
211 /* 2^20 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t0,t1); square(t1,t0); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
212 /* 2^20 - 2^0 */ mult(z2_20_0,t1,z2_10_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
213
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
214 /* 2^21 - 2^1 */ square(t0,z2_20_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
215 /* 2^22 - 2^2 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
216 /* 2^40 - 2^20 */ for (i = 2;i < 20;i += 2) { square(t0,t1); square(t1,t0); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
217 /* 2^40 - 2^0 */ mult(t0,t1,z2_20_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
218
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
219 /* 2^41 - 2^1 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
220 /* 2^42 - 2^2 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
221 /* 2^50 - 2^10 */ for (i = 2;i < 10;i += 2) { square(t1,t0); square(t0,t1); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
222 /* 2^50 - 2^0 */ mult(z2_50_0,t0,z2_10_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
223
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
224 /* 2^51 - 2^1 */ square(t0,z2_50_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
225 /* 2^52 - 2^2 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
226 /* 2^100 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
227 /* 2^100 - 2^0 */ mult(z2_100_0,t1,z2_50_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
228
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
229 /* 2^101 - 2^1 */ square(t1,z2_100_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
230 /* 2^102 - 2^2 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
231 /* 2^200 - 2^100 */ for (i = 2;i < 100;i += 2) { square(t1,t0); square(t0,t1); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
232 /* 2^200 - 2^0 */ mult(t1,t0,z2_100_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
233
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
234 /* 2^201 - 2^1 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
235 /* 2^202 - 2^2 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
236 /* 2^250 - 2^50 */ for (i = 2;i < 50;i += 2) { square(t0,t1); square(t1,t0); }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
237 /* 2^250 - 2^0 */ mult(t0,t1,z2_50_0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
238
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
239 /* 2^251 - 2^1 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
240 /* 2^252 - 2^2 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
241 /* 2^253 - 2^3 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
242 /* 2^254 - 2^4 */ square(t0,t1);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
243 /* 2^255 - 2^5 */ square(t1,t0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
244 /* 2^255 - 21 */ mult(out,t1,z11);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
245 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
246
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
247 int crypto_scalarmult(unsigned char *q,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
248 const unsigned char *n,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
249 const unsigned char *p)
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
250 {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
251 unsigned int work[96];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
252 unsigned char e[32];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
253 unsigned int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
254 for (i = 0;i < 32;++i) e[i] = n[i];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
255 e[0] &= 248;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
256 e[31] &= 127;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
257 e[31] |= 64;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
258 for (i = 0;i < 32;++i) work[i] = p[i];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
259 mainloop(work,e);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
260 recip(work + 32,work + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
261 mult(work + 64,work,work + 32);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
262 freeze(work + 64);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
263 for (i = 0;i < 32;++i) q[i] = work[64 + i];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
264 return 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
265 }