From e808d405a1f5b308dd3abd306e9ee34f6a82693e Mon Sep 17 00:00:00 2001
From: Saleem Rashid <trezor@saleemrashid.com>
Date: Tue, 16 May 2017 19:22:24 +0100
Subject: [PATCH] ed25519-donna: Add ed25519-sha3

---
 CMakeLists.txt                           |  2 +-
 Makefile                                 |  2 +-
 ed25519-donna/ed25519-hash-custom-sha3.h | 23 +++++++++++++++++++++++
 ed25519-donna/ed25519-hash-custom.h      |  5 +++++
 ed25519-donna/ed25519-sha3.c             |  8 ++++++++
 ed25519-donna/ed25519-sha3.h             | 19 +++++++++++++++++++
 6 files changed, 57 insertions(+), 2 deletions(-)
 create mode 100644 ed25519-donna/ed25519-hash-custom-sha3.h
 create mode 100644 ed25519-donna/ed25519-sha3.c
 create mode 100644 ed25519-donna/ed25519-sha3.h

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1d2d3830c..fd5978767 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,6 +1,6 @@
 cmake_minimum_required(VERSION 2.8)
 
-set(SOURCES address.c aes/aescrypt.c aes/aeskey.c aes/aes_modes.c aes/aestab.c base32.c base58.c bignum.c bip32.c bip39.c ecdsa.c hmac.c nist256p1.c pbkdf2.c rand.c ripemd160.c secp256k1.c sha2.c ed25519-donna/ed25519.c sha3.c)
+set(SOURCES address.c aes/aescrypt.c aes/aeskey.c aes/aes_modes.c aes/aestab.c base32.c base58.c bignum.c bip32.c bip39.c ecdsa.c hmac.c nist256p1.c pbkdf2.c rand.c ripemd160.c secp256k1.c sha2.c ed25519-donna/ed25519.c sha3.c ed25519-donna/ed25519-sha3.c)
 
 add_library(TrezorCrypto STATIC ${SOURCES})
 
diff --git a/Makefile b/Makefile
index 9cbf9f93a..2afcee75d 100644
--- a/Makefile
+++ b/Makefile
@@ -44,7 +44,7 @@ SRCS  += ripemd160.c
 SRCS  += sha2.c
 SRCS  += sha3.c
 SRCS  += aes/aescrypt.c aes/aeskey.c aes/aestab.c aes/aes_modes.c
-SRCS  += ed25519-donna/ed25519.c
+SRCS  += ed25519-donna/ed25519.c ed25519-donna/ed25519-sha3.c
 SRCS  += blake2b.c blake2s.c
 SRCS  += chacha20poly1305/chacha20poly1305.c chacha20poly1305/chacha_merged.c chacha20poly1305/poly1305-donna.c chacha20poly1305/rfc7539.c
 
diff --git a/ed25519-donna/ed25519-hash-custom-sha3.h b/ed25519-donna/ed25519-hash-custom-sha3.h
new file mode 100644
index 000000000..6d0bd8f23
--- /dev/null
+++ b/ed25519-donna/ed25519-hash-custom-sha3.h
@@ -0,0 +1,23 @@
+/*
+	a custom hash must have a 512bit digest and implement:
+
+	struct ed25519_hash_context;
+
+	void ed25519_hash_init(ed25519_hash_context *ctx);
+	void ed25519_hash_update(ed25519_hash_context *ctx, const uint8_t *in, size_t inlen);
+	void ed25519_hash_final(ed25519_hash_context *ctx, uint8_t *hash);
+	void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen);
+*/
+
+#ifndef ED25519_HASH_CUSTOM
+#define ED25519_HASH_CUSTOM
+
+#include "sha3.h"
+
+#define ed25519_hash_context SHA3_CTX
+#define ed25519_hash_init(ctx) sha3_512_Init(ctx)
+#define ed25519_hash_update(ctx, in, inlen) sha3_Update((ctx), (in), (inlen))
+#define ed25519_hash_final(ctx, hash) sha3_Final((ctx), (hash))
+#define ed25519_hash(hash, in, inlen) sha3_512((in), (inlen), (hash))
+
+#endif // ED25519_HASH_CUSTOM
diff --git a/ed25519-donna/ed25519-hash-custom.h b/ed25519-donna/ed25519-hash-custom.h
index 67e00e295..5d8236ee0 100644
--- a/ed25519-donna/ed25519-hash-custom.h
+++ b/ed25519-donna/ed25519-hash-custom.h
@@ -9,6 +9,9 @@
 	void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen);
 */
 
+#ifndef ED25519_HASH_CUSTOM
+#define ED25519_HASH_CUSTOM
+
 #include "sha2.h"
 
 #define ed25519_hash_context SHA512_CTX
@@ -16,3 +19,5 @@
 #define ed25519_hash_update(ctx, in, inlen) sha512_Update((ctx), (in), (inlen))
 #define ed25519_hash_final(ctx, hash) sha512_Final((ctx), (hash))
 #define ed25519_hash(hash, in, inlen) sha512_Raw((in), (inlen), (hash))
+
+#endif // ED25519_HASH_CUSTOM
diff --git a/ed25519-donna/ed25519-sha3.c b/ed25519-donna/ed25519-sha3.c
new file mode 100644
index 000000000..6a7687d0d
--- /dev/null
+++ b/ed25519-donna/ed25519-sha3.c
@@ -0,0 +1,8 @@
+#include <stddef.h>
+
+#include "ed25519-sha3.h"
+#include "ed25519-hash-custom-sha3.h"
+
+#define ED25519_SUFFIX _sha3
+
+#include "ed25519.c"
diff --git a/ed25519-donna/ed25519-sha3.h b/ed25519-donna/ed25519-sha3.h
new file mode 100644
index 000000000..0779c5559
--- /dev/null
+++ b/ed25519-donna/ed25519-sha3.h
@@ -0,0 +1,19 @@
+#ifndef ED25519_SHA3_H
+#define ED25519_SHA3_H
+
+#include "ed25519.h"
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+void ed25519_publickey_sha3(const ed25519_secret_key sk, ed25519_public_key pk);
+
+int ed25519_sign_open_sha3(const unsigned char *m, size_t mlen, const ed25519_public_key pk, const ed25519_signature RS);
+void ed25519_sign_sha3(const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_public_key pk, ed25519_signature RS);
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif // ED25519_SHA3_H