Sunny Aggarwal
f33454717c
internal/radix51: fix !amd64 build (lightReduce -> carryPropagate) ( #29 )
2019-11-25 22:11:09 -05:00
Filippo Valsorda
21e4845510
internal/scalar: fix FromUniformBytes
2019-05-16 15:08:48 -04:00
Filippo Valsorda
013999a2d0
internal/scalar: address review comments
2019-05-16 15:08:48 -04:00
Filippo Valsorda
644c28a2d3
all: apply suggestions from code review
...
Co-Authored-By: Henry de Valence <hdevalence@hdevalence.ca>
2019-05-16 15:08:48 -04:00
Filippo Valsorda
0e06c64ad7
ristretto255: expose scalar multiplication APIs
...
The names of the ScalarMults were picked to match elliptic.Curve.
The Scalar type is re-exposed as an opaque type, with an API that
matches the Element one.
2019-05-16 15:08:48 -04:00
Filippo Valsorda
97912109c3
internal/edwards25519: fix shadowing of B in TestAddSubNegOnBasePoint
2019-05-16 15:08:48 -04:00
Filippo Valsorda
116bee5e3d
internal/scalar: replace FromBytes/IsCanonical with FromUniformBytes/FromCanonicalBytes
2019-05-16 15:08:48 -04:00
Filippo Valsorda
4baac9a766
internal/edwards25519,internal/scalar: apply some Go style touches
...
Including unexporting the table types (which are not used in any API) to
declutter the godoc page.
2019-05-16 15:08:48 -04:00
Henry de Valence
24394cb387
internal/scalar: add scalar inversion
2019-05-15 14:33:43 -04:00
Henry de Valence
2d09ffd636
internal/ed25519: rearrange VartimeDoubleBaseMul args
...
This way they line up with a*A + b*B (except B is implicit).
2019-05-12 02:20:59 -04:00
Henry de Valence
1e66180e96
internal/ed25519: add benchmarks for scalar mul
2019-05-12 02:20:59 -04:00
Henry de Valence
8186dbd6e1
internal/ed25519: add variable-time multiscalar mul
2019-05-12 02:20:59 -04:00
Henry de Valence
4ba8cc9326
internal/ed25519: add vartime double-base scmul
2019-05-12 02:20:59 -04:00
Henry de Valence
7b8b390b63
internal/ed25519: add precomputed NAF table for basepoint
2019-05-12 02:20:59 -04:00
Henry de Valence
0da0c530f4
internal/ed25519: lower quickcheck size for point ops
2019-05-12 02:20:59 -04:00
Henry de Valence
f0e9a21a6d
internal/ed25519: implement MultiscalarMul
2019-05-12 02:20:59 -04:00
Henry de Valence
23073b0135
internal/ed25519: implement BasepointMul
2019-05-12 02:20:59 -04:00
Henry de Valence
e69072e96b
internal/ed25519: extract common test variables
2019-05-12 02:20:59 -04:00
Henry de Valence
b9eebc0ea7
internal/ed25519: add a basepoint multiple table.
...
The table is hardcoded, and regenerated in the test code.
2019-05-12 02:20:59 -04:00
Henry de Valence
95e035b5e5
internal/ed25519: add constant-time variable-base scmul.
...
This also adds stub functions for the other scalar mul functionality.
2019-05-12 02:20:59 -04:00
Henry de Valence
af6c23d070
internal/ed25519: move basepoint constant & correct it
...
The new values are extracted from the dalek test vectors.
2019-05-12 02:20:59 -04:00
Henry de Valence
4642a7ca28
internal/scalar: fix high bit check
...
This should check that s[31] > 127 to determine whether the high bit is set
(instead of s[31] >= 127)
2019-05-12 02:20:59 -04:00
Henry de Valence
de058a3840
internal/scalar: make casts clearer
2019-05-12 02:20:59 -04:00
Henry de Valence
70675843d7
internal/scalar: add invariant checks on Scalar digits
...
The digit recoding functions require that the scalar has its high bit unset.
We should consider making the Scalar type opaque, as in dalek, to avoid this
condition, although I don't know if we can make guarantees in Go.
2019-05-12 02:20:59 -04:00
Henry de Valence
8059980336
internal/scalar: use one scMulAdd for Sub
2019-05-12 02:20:59 -04:00
Henry de Valence
9bf3c72dab
internal/scalar: fix constant-time signed radix 16 implementation
2019-05-12 02:20:59 -04:00
Filippo Valsorda
4ea68891fd
Update internal/radix51/fe_test.go
...
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
2019-05-08 14:54:33 -07:00
Filippo Valsorda
4c8c35e919
Update internal/radix51/fe_test.go
...
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
2019-05-08 14:54:33 -07:00
Filippo Valsorda
4765eee22a
Update internal/radix51/fe_test.go
...
Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>
2019-05-08 14:54:33 -07:00
Henry de Valence
ce204aaa9d
internal/ed25519: add TODO note and doc ref
2019-05-08 14:54:33 -07:00
Henry de Valence
9353104792
internal/ed25519: rename twoD to D2
2019-05-08 14:54:33 -07:00
Henry de Valence
26af03f7b3
internal/ed25519: add lookup tables for scalar mul.
2019-05-08 14:54:33 -07:00
Henry de Valence
2312dea95d
internal/radix51: add a conditional swap
2019-05-08 14:54:33 -07:00
Henry de Valence
0b5e1eb054
ristretto255: use multi-model arithmetic
2019-05-08 14:54:33 -07:00
Henry de Valence
a360a6556f
internal/ed25519: remove single-model code
2019-05-08 14:54:33 -07:00
Henry de Valence
bdc420be66
internal/ed25519: add addition for Edwards points
2019-05-08 14:54:33 -07:00
Henry de Valence
596a79126e
internal/ed25519: use twoD
2019-05-08 14:54:33 -07:00
Henry de Valence
c56a898ecf
internal/ed25519: add tests for multi-model point types.
2019-05-08 14:54:33 -07:00
Henry de Valence
158f91f02f
internal/ed25519: add multi-model point types.
2019-05-08 14:54:33 -07:00
Henry de Valence
070fa146ec
internal/scalar: add constant-time signed radix 16
...
Closes #10
2019-05-08 14:42:51 -07:00
Henry de Valence
f2b1a09ecb
internal/scalar: add non-adjacent form
...
Closes #13
This code is adapted from code I wrote for curve25519-dalek.
2019-05-08 14:42:51 -07:00
George Tankersley
94a47ae390
internal/scalar: don't zero memory that is about to be copied over
2019-04-19 17:15:16 -04:00
George Tankersley
7803101170
internal/scalar: add scalar field implementation
2019-04-19 17:15:16 -04:00
Filippo Valsorda
8cd2a841fc
internal/radix51: add a "weird" testing/quick generation strategy
...
Aiming to hit edge cases.
2019-04-19 13:14:32 -07:00
Henry de Valence
2691d4b60c
Move comment inside function
2019-04-19 12:58:47 -07:00
Henry de Valence
cc27ee0ee3
implement Add, Sub, Neg for ed25519 and ristretto255 points.
2019-04-19 11:47:12 -07:00
Filippo Valsorda
88aa823cd0
internal/group: rename to internal/edwards25519
2019-04-19 12:40:08 -04:00
Filippo Valsorda
7f2b08f212
internal/group: restore ScalarMult code
2019-04-19 12:40:08 -04:00
Filippo Valsorda
1071cc55d9
internal/radix51: rename lightReduce to carryPropagate and touch up docs
2019-04-19 12:40:08 -04:00
Filippo Valsorda
294e169e12
internal/radix51: add benchmarks
2019-04-19 12:16:43 -04:00