arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-03 12:00:59 +00:00
Code Issues Releases Wiki Activity

refactor(crypto): use wrapper instead of ge25519_scalarmult_base_niels

Browse Source
This commit is contained in:
Ondřej Vejpustek 2024-09-01 20:52:00 +02:00
parent 3870e9d2a1
commit 5e36f86291
3 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
crypto/ed25519-donna/ed25519.c
View File

@ -63,7 +63,7 @@ ED25519_FN(ed25519_cosi_commit) (ed25519_secret_key nonce, ed25519_public_key co
contract256_modm(nonce, r);
/* R = rB */
ge25519_scalarmult_base_niels(&R, ge25519_niels_base_multiples, r);
ge25519_scalarmult_base_wrapper(&R, r);
memzero(&r, sizeof(r));
ge25519_pack(commitment, &R);
}
@ -118,14 +118,14 @@ ED25519_FN(ed25519_sign_ext) (const unsigned char *m, size_t mlen, const ed25519
memzero(&hashr, sizeof(hashr));
/* R = rB */
ge25519_scalarmult_base_niels(&R, ge25519_niels_base_multiples, r);
ge25519_scalarmult_base_wrapper(&R, r);
ge25519_pack(RS, &R);
/* a = aExt[0..31] */
expand256_modm(a, secret_scalar, 32);
/* A = aB */
ge25519_scalarmult_base_niels(&A, ge25519_niels_base_multiples, a);
ge25519_scalarmult_base_wrapper(&A, a);
ge25519_pack(pk, &A);
/* S = H(R,A,m).. */
@ -213,7 +213,7 @@ ed25519_publickey_ext(const ed25519_secret_key extsk, ed25519_public_key pk) {
expand256_modm(a, extsk, 32);
/* A = aB */
ge25519_scalarmult_base_niels(&A, ge25519_niels_base_multiples, a);
ge25519_scalarmult_base_wrapper(&A, a);
memzero(&a, sizeof(a));
ge25519_pack(pk, &A);
}
@ -284,7 +284,7 @@ curve25519_scalarmult_basepoint(curve25519_key pk, const curve25519_key e) {
memzero(&ec, sizeof(ec));
/* scalar * basepoint */
ge25519_scalarmult_base_niels(&p, ge25519_niels_base_multiples, s);
ge25519_scalarmult_base_wrapper(&p, s);
memzero(&s, sizeof(s));
/* u = (y + z) / (z - y) */

4
crypto/monero/xmr.c
View File

@ -86,7 +86,7 @@ void xmr_derive_public_key(ge25519 *r, const ge25519 *deriv, uint32_t idx,
ge25519 p2 = {0};
xmr_derivation_to_scalar(s, deriv, idx);
ge25519_scalarmult_base_niels(&p2, ge25519_niels_base_multiples, s);
ge25519_scalarmult_base_wrapper(&p2, s);
ge25519_add(r, base, &p2, 0);
}
@ -94,7 +94,7 @@ void xmr_add_keys2(ge25519 *r, const bignum256modm a, const bignum256modm b,
const ge25519 *B) {
// aG + bB, G is basepoint
ge25519 aG = {0}, bB = {0};
ge25519_scalarmult_base_niels(&aG, ge25519_niels_base_multiples, a);
ge25519_scalarmult_base_wrapper(&aG, a);
ge25519_scalarmult(&bB, B, b);
ge25519_add(r, &aG, &bB, 0);
}

4
crypto/tests/test_check_monero.h
View File

@ -522,8 +522,8 @@ START_TEST(test_xmr_ge25519_ops) {
set256_modm(s3, 8);
set256_modm(s4, 2);
ge25519_scalarmult_base_niels(&a, ge25519_niels_base_multiples, s1);
ge25519_scalarmult_base_niels(&b, ge25519_niels_base_multiples, s2);
ge25519_scalarmult_base_wrapper(&a, s1);
ge25519_scalarmult_base_wrapper(&b, s2);
ge25519_scalarmult(&c, &a, s4);
ge25519_scalarmult(&c, &c, s4);
ge25519_scalarmult(&c, &c, s4);