Почетна Преглед Помоћ
Регистрација Пријавите се
MiKee
/
KeePass
2
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Грана: master
Гране Ознаке
KeePass
/
Sources
/
Sodium
/
crypto_scalarmult
/
ed25519
/
ref10
/
scalarmult_ed25519_ref10.c

scalarmult_ed25519_ref10.c 2.7 KB
Пермалинк Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 
  1. 

  2. #include <string.h>
    3. 

  3. 

  4. #include "crypto_scalarmult_ed25519.h"
    5. 

  5. #include "private/ed25519_ref10.h"
    6. 

  6. #include "utils.h"
    7. 

  7. 

  8. static int
    9. 

  9. _crypto_scalarmult_ed25519_is_inf(const unsigned char s[32])
    10. 

  10. {
    11. 

  11.     unsigned char c;
    12. 

  12.     unsigned int  i;
    13. 

  13. 

  14.     c = s[0] ^ 0x01;
    15. 

  15.     for (i = 1; i < 31; i++) {
    16. 

  16.         c |= s[i];
    17. 

  17.     }
    18. 

  18.     c |= s[31] & 0x7f;
    19. 

  19. 

  20.     return ((((unsigned int) c) - 1U) >> 8) & 1;
    21. 

  21. }
    22. 

  22. 

  23. static inline void
    24. 

  24. _crypto_scalarmult_ed25519_clamp(unsigned char k[32])
    25. 

  25. {
    26. 

  26.     k[0] &= 248;
    27. 

  27.     k[31] |= 64;
    28. 

  28. }
    29. 

  29. 

  30. static int
    31. 

  31. _crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
    32. 

  32.                            const unsigned char *p, const int clamp)
    33. 

  33. {
    34. 

  34.     unsigned char *t = q;
    35. 

  35.     ge25519_p3     Q;
    36. 

  36.     ge25519_p3     P;
    37. 

  37.     unsigned int   i;
    38. 

  38. 

  39.     if (ge25519_is_canonical(p) == 0 || ge25519_has_small_order(p) != 0 ||
    40. 

  40.         ge25519_frombytes(&P, p) != 0 || ge25519_is_on_main_subgroup(&P) == 0) {
    41. 

  41.         return -1;
    42. 

  42.     }
    43. 

  43.     for (i = 0; i < 32; ++i) {
    44. 

  44.         t[i] = n[i];
    45. 

  45.     }
    46. 

  46.     if (clamp != 0) {
    47. 

  47.         _crypto_scalarmult_ed25519_clamp(t);
    48. 

  48.     }
    49. 

  49.     t[31] &= 127;
    50. 

  50. 

  51.     ge25519_scalarmult(&Q, t, &P);
    52. 

  52.     ge25519_p3_tobytes(q, &Q);
    53. 

  53.     if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) {
    54. 

  54.         return -1;
    55. 

  55.     }
    56. 

  56.     return 0;
    57. 

  57. }
    58. 

  58. 

  59. int
    60. 

  60. crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n,
    61. 

  61.                           const unsigned char *p)
    62. 

  62. {
    63. 

  63.     return _crypto_scalarmult_ed25519(q, n, p, 1);
    64. 

  64. }
    65. 

  65. 

  66. int
    67. 

  67. crypto_scalarmult_ed25519_noclamp(unsigned char *q, const unsigned char *n,
    68. 

  68.                                   const unsigned char *p)
    69. 

  69. {
    70. 

  70.     return _crypto_scalarmult_ed25519(q, n, p, 0);
    71. 

  71. }
    72. 

  72. 

  73. static int
    74. 

  74. _crypto_scalarmult_ed25519_base(unsigned char *q,
    75. 

  75.                                 const unsigned char *n, const int clamp)
    76. 

  76. {
    77. 

  77.     unsigned char *t = q;
    78. 

  78.     ge25519_p3     Q;
    79. 

  79.     unsigned int   i;
    80. 

  80. 

  81.     for (i = 0; i < 32; ++i) {
    82. 

  82.         t[i] = n[i];
    83. 

  83.     }
    84. 

  84.     if (clamp != 0) {
    85. 

  85.         _crypto_scalarmult_ed25519_clamp(t);
    86. 

  86.     }
    87. 

  87.     t[31] &= 127;
    88. 

  88. 

  89.     ge25519_scalarmult_base(&Q, t);
    90. 

  90.     ge25519_p3_tobytes(q, &Q);
    91. 

  91.     if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) {
    92. 

  92.         return -1;
    93. 

  93.     }
    94. 

  94.     return 0;
    95. 

  95. }
    96. 

  96. 

  97. int
    98. 

  98. crypto_scalarmult_ed25519_base(unsigned char *q,
    99. 

  99.                                const unsigned char *n)
    100. 

  100. {
    101. 

  101.     return _crypto_scalarmult_ed25519_base(q, n, 1);
    102. 

  102. }
    103. 

  103. 

  104. int
    105. 

  105. crypto_scalarmult_ed25519_base_noclamp(unsigned char *q,
    106. 

  106.                                        const unsigned char *n)
    107. 

  107. {
    108. 

  108.     return _crypto_scalarmult_ed25519_base(q, n, 0);
    109. 

  109. }
    110. 

  110. 

  111. size_t
    112. 

  112. crypto_scalarmult_ed25519_bytes(void)
    113. 

  113. {
    114. 

  114.     return crypto_scalarmult_ed25519_BYTES;
    115. 

  115. }
    116. 

  116. 

  117. size_t
    118. 

  118. crypto_scalarmult_ed25519_scalarbytes(void)
    119. 

  119. {
    120. 

  120.     return crypto_scalarmult_ed25519_SCALARBYTES;
    121. 

  121. }
    122.