From 28b7678ef6196efb08230c25e604c93d66f91bad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Wed, 6 Aug 2014 22:08:32 +0200
Subject: [PATCH] New function curve25519_base.
---
ChangeLog | 6 ++++
Makefile.in | 3 +-
curve25519-base.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++
curve25519.h | 49 ++++++++++++++++++++++++++++++++
4 files changed, 128 insertions(+), 1 deletion(-)
create mode 100644 curve25519-base.c
create mode 100644 curve25519.h
diff --git a/ChangeLog b/ChangeLog
index 1e9876e9..808f3fae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2014-08-06 Niels Möller <nisse@lysator.liu.se>
+ * curve25519-base.c (curve25519_base): New file, new function.
+ Analogous to NaCl's crypto_scalarmult_base.
+ * curve25519.h: New file.
+ * Makefile.in (hogweed_SOURCES): Added curve25519-base.c.
+ (HEADERS): Added curve25519.h.
+
* gmp-glue.c (mpn_set_base256_le, mpn_get_base256_le): New functions.
* gmp-glue.h: Declare them.
diff --git a/Makefile.in b/Makefile.in
index 1e6cdd8f..31ca91fd 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -174,12 +174,13 @@ hogweed_SOURCES = sexp.c sexp-format.c \
ecc-point.c ecc-scalar.c ecc-point-mul.c ecc-point-mul-g.c \
ecc-ecdsa-sign.c ecdsa-sign.c \
ecc-ecdsa-verify.c ecdsa-verify.c ecdsa-keygen.c \
+ curve25519-base.c \
$(OPT_HOGWEED_SOURCES)
HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h \
base16.h base64.h buffer.h camellia.h cast128.h \
cbc.h ccm.h chacha.h chacha-poly1305.h ctr.h \
- des.h des-compat.h dsa.h dsa-compat.h eax.h \
+ curve25519.h des.h des-compat.h dsa.h dsa-compat.h eax.h \
ecc-curve.h ecc.h ecdsa.h \
gcm.h gosthash94.h hmac.h \
knuth-lfib.h \
diff --git a/curve25519-base.c b/curve25519-base.c
new file mode 100644
index 00000000..b188d205
--- /dev/null
+++ b/curve25519-base.c
@@ -0,0 +1,71 @@
+/* curve25519-base.c
+
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "curve25519.h"
+
+#include "ecc.h"
+#include "ecc-internal.h"
+
+/* Intended to be compatible with NaCl's crypto_scalarmult_base. */
+void
+curve25519_base (uint8_t *r, const uint8_t *n)
+{
+ uint8_t t[CURVE25519_SIZE];
+ mp_limb_t *scratch;
+ mp_size_t ecc_size;
+ mp_size_t itch;
+
+#define p scratch
+#define x (scratch + 3*ecc_size)
+#define scratch_out (scratch + 4*ecc_size)
+
+ memcpy (t, n, sizeof(t));
+ t[0] &= ~7;
+ t[CURVE25519_SIZE-1] = (t[CURVE25519_SIZE-1] & 0x3f) | 0x40;
+
+ ecc_size = nettle_curve25519.size;
+ itch = 4*ecc_size + ECC_MUL_G_EH_ITCH(ecc_size);
+ scratch = gmp_alloc_limbs (itch);
+
+ mpn_set_base256_le (x, ecc_size, t, CURVE25519_SIZE);
+
+ ecc_mul_g_eh (&nettle_curve25519, p, x, scratch_out);
+ ecc_eh_to_a (&nettle_curve25519, 2, x, p, scratch_out);
+
+ mpn_get_base256_le (r, CURVE25519_SIZE, x, ecc_size);
+ gmp_free_limbs (scratch, itch);
+}
diff --git a/curve25519.h b/curve25519.h
new file mode 100644
index 00000000..66a5c80f
--- /dev/null
+++ b/curve25519.h
@@ -0,0 +1,49 @@
+/* curve25519.h
+
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_CURVE25519_H
+#define NETTLE_CURVE25519_H
+
+#include "nettle-types.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Name mangling */
+#define curve25519_base nettle_curve25519_base
+
+#define CURVE25519_SIZE 32
+
+void
+curve25519_base (uint8_t *q, const uint8_t *n);
+
+#endif /* NETTLE_CURVE25519_H */
--
GitLab