more merging of curve25519 into ed25519

7 years ago · 4669c3db4c
parent 8cc6539d2d
commit 4669c3db4c
10 changed files with 43 additions and 79 deletions
--- a/2
+++ b/2
@ -41,7 +41,7 @@ SRCS  += ripemd160.c
 SRCS  += sha2.c
 SRCS  += sha3.c
 SRCS  += aescrypt.c aeskey.c aestab.c aes_modes.c
-SRCS  += ed25519-donna/ed25519.c ed25519-donna/curve25519.c
+SRCS  += ed25519-donna/ed25519.c
 SRCS  += blake2b.c blake2s.c

 OBJS   = $(SRCS:.c=.o)
--- a/bip32.c
+++ b/bip32.c
@ -37,7 +37,6 @@
 #include "secp256k1.h"
 #include "nist256p1.h"
 #include "ed25519.h"
-#include "curve25519.h"
 #if USE_ETHEREUM
 #include "sha3.h"
 #endif
--- a/ed25519-donna/curve25519-donna.h
+++ b/ed25519-donna/curve25519-donna.h
@ -1,9 +0,0 @@
-#include "curve25519.h"
-
-#include "ed25519-donna-portable.h"
-
-#include "curve25519-donna-32bit.h"
-
-#include "curve25519-donna-helpers.h"
-
-#include "curve25519-donna-scalarmult-base.h"
--- a/ed25519-donna/curve25519.c
+++ b/ed25519-donna/curve25519.c
@ -1,27 +0,0 @@
-#include "curve25519-donna.h"
-
-#if !defined(CURVE25519_SUFFIX)
-#define CURVE25519_SUFFIX 
-#endif
-
-#define CURVE25519_FN3(fn,suffix) fn##suffix
-#define CURVE25519_FN2(fn,suffix) CURVE25519_FN3(fn,suffix)
-#define CURVE25519_FN(fn)         CURVE25519_FN2(fn,CURVE25519_SUFFIX)
-
-void
-CURVE25519_FN(curve25519_donna) (curve25519_key mypublic, const curve25519_key secret, const curve25519_key basepoint) {
-	curve25519_key e;
-	size_t i;
-
-	for (i = 0;i < 32;++i) e[i] = secret[i];
-	e[0] &= 0xf8;
-	e[31] &= 0x7f;
-	e[31] |= 0x40;
-	curve25519_scalarmult_donna(mypublic, e, basepoint);
-}
-
-void
-CURVE25519_FN(curve25519_donna_basepoint) (curve25519_key mypublic, const curve25519_key secret) {
-	static const curve25519_key basepoint = {9};
-	CURVE25519_FN(curve25519_donna)(mypublic, secret, basepoint);
-}
--- a/ed25519-donna/curve25519.h
+++ b/ed25519-donna/curve25519.h
@ -1,10 +0,0 @@
-#ifndef CURVE25519_H
-#define CURVE25519_H
-
-typedef unsigned char curve25519_key[32];
-
-void curve25519_donna(curve25519_key mypublic, const curve25519_key secret, const curve25519_key basepoint);
-void curve25519_donna_basepoint(curve25519_key mypublic, const curve25519_key secret);
-
-#endif /* CURVE25519_H */
-
--- a/ed25519-donna/ed25519-donna-impl-base.h
+++ b/ed25519-donna/ed25519-donna-impl-base.h
@ -179,7 +179,7 @@ ge25519_pnielsadd(ge25519_pniels *r, const ge25519 *p, const ge25519_pniels *q)
 	pack & unpack
 */

-STATIC void
+static void
 ge25519_pack(unsigned char r[32], const ge25519 *p) {
 	bignum25519 tx, ty, zi;
 	unsigned char parity[32];
@ -191,7 +191,7 @@ ge25519_pack(unsigned char r[32], const ge25519 *p) {
 	r[31] ^= ((parity[0] & 1) << 7);
 }

-STATIC int ge25519_unpack_negative_vartime(ge25519 *r, const unsigned char p[32]) {
+static int ge25519_unpack_negative_vartime(ge25519 *r, const unsigned char p[32]) {
 	static const unsigned char zero[32] = {0};
 	static const bignum25519 one = {1};
 	unsigned char parity = p[31] >> 7;
@ -258,7 +258,7 @@ DONNA_INLINE static void ge25519_set_neutral(ge25519 *r)
 #define S2_TABLE_SIZE (1<<(S2_SWINDOWSIZE-2))

 /* computes [s1]p1 + [s2]base */
-STATIC void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1, const bignum256modm s2) {
+static void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1, const bignum256modm s2) {
 	signed char slide1[256], slide2[256];
 	ge25519_pniels pre1[S1_TABLE_SIZE];
 	ge25519 d1;
@ -298,7 +298,7 @@ STATIC void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, con

 /* computes [s1]p1 */
 #if 0 // UNUSED
-STATIC void ge25519_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
+static void ge25519_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
 	signed char slide1[256];
 	ge25519_pniels pre1[S1_TABLE_SIZE];
 	ge25519 d1;
@ -382,7 +382,7 @@ DONNA_INLINE static void ge25519_cmove_stride4b(long * r, long * p, long * pos,
 #define HAS_CMOVE_STRIDE4B

 #if 0 // UNUSED
-STATIC void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25519_pniels * p, int pos, int n) {
+static void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25519_pniels * p, int pos, int n) {
 #ifdef HAS_CMOVE_STRIDE4B
  size_t i;
  for(i=0; i<sizeof(ge25519_pniels)/sizeof(long); i+=4) {
@ -401,7 +401,7 @@ STATIC void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25
 }
 #endif

-STATIC void ge25519_move_conditional_niels_array(ge25519_niels * r, const uint8_t p[8][96], int pos, int n) {
+static void ge25519_move_conditional_niels_array(ge25519_niels * r, const uint8_t p[8][96], int pos, int n) {
  size_t i;
  for(i=0; i<96/sizeof(long); i+=4) {
    ge25519_cmove_stride4(((long*)r)+i,
@ -414,7 +414,7 @@ STATIC void ge25519_move_conditional_niels_array(ge25519_niels * r, const uint8_

 /* computes [s1]p1, constant time */
 #if 0 // UNUSED
-STATIC void ge25519_scalarmult(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
+static void ge25519_scalarmult(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
 	signed char slide1[64];
 	ge25519_pniels pre1[9];
 	ge25519_pniels pre;
--- a/ed25519-donna/ed25519.c
+++ b/ed25519-donna/ed25519.c
@ -5,20 +5,12 @@
 */


-/* define ED25519_SUFFIX to have it appended to the end of each public function */
-#if !defined(ED25519_SUFFIX)
-#define ED25519_SUFFIX 
-#endif
-
-#define ED25519_FN3(fn,suffix) fn##suffix
-#define ED25519_FN2(fn,suffix) ED25519_FN3(fn,suffix)
-#define ED25519_FN(fn)         ED25519_FN2(fn,ED25519_SUFFIX)
-#define STATIC static
-
 #include "ed25519-donna.h"
 #include "ed25519.h"
 #include "ed25519-hash-custom.h"

+#include "curve25519-donna-scalarmult-base.h"
+
 /*
 	Generates a (extsk[0..31]) and aExt (extsk[32..63])
 */
@ -42,7 +34,7 @@ ed25519_hram(hash_512bits hram, const ed25519_signature RS, const ed25519_public
 }

 void
-ED25519_FN(ed25519_publickey) (const ed25519_secret_key sk, ed25519_public_key pk) {
+ed25519_publickey(const ed25519_secret_key sk, ed25519_public_key pk) {
 	bignum256modm a;
 	ge25519 ALIGN(16) A;
 	hash_512bits extsk;
@ -56,7 +48,7 @@ ED25519_FN(ed25519_publickey) (const ed25519_secret_key sk, ed25519_public_key p


 void
-ED25519_FN(ed25519_sign) (const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_public_key pk, ed25519_signature RS) {
+ed25519_sign(const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_public_key pk, ed25519_signature RS) {
 	ed25519_hash_context ctx;
 	bignum256modm r, S, a;
 	ge25519 ALIGN(16) R;
@ -91,7 +83,7 @@ ED25519_FN(ed25519_sign) (const unsigned char *m, size_t mlen, const ed25519_sec
 }

 int
-ED25519_FN(ed25519_sign_open) (const unsigned char *m, size_t mlen, const ed25519_public_key pk, const ed25519_signature RS) {
+ed25519_sign_open(const unsigned char *m, size_t mlen, const ed25519_public_key pk, const ed25519_signature RS) {
 	ge25519 ALIGN(16) R, A;
 	hash_512bits hash;
 	bignum256modm hram, S;
@ -120,7 +112,7 @@ ED25519_FN(ed25519_sign_open) (const unsigned char *m, size_t mlen, const ed2551
 */

 void
-ED25519_FN(curved25519_scalarmult_basepoint) (curved25519_key pk, const curved25519_key e) {
+curved25519_scalarmult_basepoint(curved25519_key pk, const curved25519_key e) {
 	curved25519_key ec;
 	bignum256modm s;
 	bignum25519 ALIGN(16) yplusz, zminusy;
@ -146,3 +138,20 @@ ED25519_FN(curved25519_scalarmult_basepoint) (curved25519_key pk, const curved25
 	curve25519_contract(pk, yplusz);
 }

+void
+curve25519_donna(curve25519_key mypublic, const curve25519_key secret, const curve25519_key basepoint) {
+	curve25519_key e;
+	size_t i;
+
+	for (i = 0;i < 32;++i) e[i] = secret[i];
+	e[0] &= 0xf8;
+	e[31] &= 0x7f;
+	e[31] |= 0x40;
+	curve25519_scalarmult_donna(mypublic, e, basepoint);
+}
+
+void
+curve25519_donna_basepoint(curve25519_key mypublic, const curve25519_key secret) {
+	static const curve25519_key basepoint = {9};
+	curve25519_donna(mypublic, secret, basepoint);
+}
--- a/ed25519-donna/ed25519.h
+++ b/ed25519-donna/ed25519.h
@ -1,8 +1,6 @@
 #ifndef ED25519_H
 #define ED25519_H

-#include <stdlib.h>
-
 #if defined(__cplusplus)
 extern "C" {
 #endif
@ -11,6 +9,8 @@ typedef unsigned char ed25519_signature[64];
 typedef unsigned char ed25519_public_key[32];
 typedef unsigned char ed25519_secret_key[32];

+typedef unsigned char curve25519_key[32];
+
 typedef unsigned char curved25519_key[32];

 void ed25519_publickey(const ed25519_secret_key sk, ed25519_public_key pk);
@ -21,6 +21,9 @@ int ed25519_sign_open_batch(const unsigned char **m, size_t *mlen, const unsigne

 void curved25519_scalarmult_basepoint(curved25519_key pk, const curved25519_key e);

+void curve25519_donna(curve25519_key mypublic, const curve25519_key secret, const curve25519_key basepoint);
+void curve25519_donna_basepoint(curve25519_key mypublic, const curve25519_key secret);
+
 #if defined(__cplusplus)
 }
 #endif
--- a/ed25519-donna/modm-donna-32bit.h
+++ b/ed25519-donna/modm-donna-32bit.h
@ -140,7 +140,7 @@ barrett_reduce256_modm(bignum256modm r, const bignum256modm q1, const bignum256m
 }

 /* addition modulo m */
-STATIC void add256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
+static void add256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
 	bignum256modm_element_t c;

 	c  = x[0] + y[0]; r[0] = c & 0x3fffffff; c >>= 30;
@ -157,7 +157,7 @@ STATIC void add256_modm(bignum256modm r, const bignum256modm x, const bignum256m
 }

 /* multiplication modulo m */
-STATIC void mul256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
+static void mul256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
 	bignum256modm r1, q1;
 	uint64_t c;
 	bignum256modm_element_t f;
@ -202,7 +202,7 @@ STATIC void mul256_modm(bignum256modm r, const bignum256modm x, const bignum256m
 	barrett_reduce256_modm(r, q1, r1);
 }

-STATIC void expand256_modm(bignum256modm out, const unsigned char *in, size_t len) {
+static void expand256_modm(bignum256modm out, const unsigned char *in, size_t len) {
 	unsigned char work[64] = {0};
 	bignum256modm_element_t x[16];
 	bignum256modm q1;
@ -254,7 +254,7 @@ STATIC void expand256_modm(bignum256modm out, const unsigned char *in, size_t le
 	barrett_reduce256_modm(out, q1, out);
 }

-STATIC void expand_raw256_modm(bignum256modm out, const unsigned char in[32]) {
+static void expand_raw256_modm(bignum256modm out, const unsigned char in[32]) {
 	bignum256modm_element_t x[8];

 	x[0] = U8TO32_LE(in +  0);
@ -277,7 +277,7 @@ STATIC void expand_raw256_modm(bignum256modm out, const unsigned char in[32]) {
 	out[8] = ((x[ 7] >> 16)                ) & 0x0000ffff;
 }

-STATIC void contract256_modm(unsigned char out[32], const bignum256modm in) {
+static void contract256_modm(unsigned char out[32], const bignum256modm in) {
 	U32TO8_LE(out +  0, (in[0]      ) | (in[1] << 30));
 	U32TO8_LE(out +  4, (in[1] >>  2) | (in[2] << 28));
 	U32TO8_LE(out +  8, (in[2] >>  4) | (in[3] << 26));
@ -290,7 +290,7 @@ STATIC void contract256_modm(unsigned char out[32], const bignum256modm in) {



-STATIC void contract256_window4_modm(signed char r[64], const bignum256modm in) {
+static void contract256_window4_modm(signed char r[64], const bignum256modm in) {
 	char carry;
 	signed char *quads = r;
 	bignum256modm_element_t i, j, v;
@ -325,7 +325,7 @@ STATIC void contract256_window4_modm(signed char r[64], const bignum256modm in)
 	r[63] += carry;
 }

-STATIC void contract256_slidingwindow_modm(signed char r[256], const bignum256modm s, int windowsize) {
+static void contract256_slidingwindow_modm(signed char r[256], const bignum256modm s, int windowsize) {
 	int i,j,k,b;
 	int m = (1 << (windowsize - 1)) - 1, soplen = 256;
 	signed char *bits = r;
--- a/test_speed.c
+++ b/test_speed.c
@ -8,7 +8,6 @@
 #include "secp256k1.h"
 #include "nist256p1.h"
 #include "ed25519.h"
-#include "curve25519.h"

 static uint8_t msg[32];