File: sc25519.c

package info (click to toggle)
tinyssh 20230101-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 2,244 kB
  • sloc: ansic: 12,106; sh: 1,168; python: 479; makefile: 42
file content (67 lines) | stat: -rw-r--r-- 1,532 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/*
- based on tweetnacl 20140427 (http://tweetnacl.cr.yp.to/software.html)
*/

#include "crypto_int64.h"
#include "crypto_uint32.h"
#include "crypto_uint64.h"
#include "cleanup.h"
#include "sc25519.h"

#define FOR(i,n) for (i = 0;i < n;++i)

static const crypto_uint64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10};

static void modL(unsigned char *r,crypto_int64 x[64])
{
  crypto_int64 carry,i,j;
  for (i = 63;i >= 32;--i) {
    carry = 0;
    for (j = i - 32;j < i - 12;++j) {
      x[j] += carry - 16 * x[i] * L[j - (i - 32)];
      carry = (x[j] + 128) >> 8;
      x[j] -= carry << 8;
    }
    x[j] += carry;
    x[i] = 0;
  }
  carry = 0;
  FOR(j,32) {
    x[j] += carry - (x[31] >> 4) * L[j];
    carry = x[j] >> 8;
    x[j] &= 255;
  }
  FOR(j,32) x[j] -= carry * L[j];
  FOR(i,32) {
    x[i+1] += x[i] >> 8;
    r[i] = x[i] & 255;
  }
}

void sc25519_reduce(unsigned char *s) {

    crypto_int64 t[64], i;

    for (i = 0; i < 64; ++i) t[i] = s[i];
    for (i = 0; i < 64; ++i) s[i] = 0;
    modL(s, t);

    cleanup(t);
}

void sc25519_muladd(unsigned char *s, const unsigned char *a, const unsigned char *b, const unsigned char *c) {

    crypto_int64 t[64], i, j;


    for (i = 0; i < 64; ++i) t[i] = 0;

    for (i = 0; i < 32; ++i) for (j = 0; j < 32; ++j) {
        t[i + j] += (crypto_int64)a[i] * (crypto_int64)b[j];
    }

    for (i = 0; i < 32; ++i) t[i] += c[i];
    modL(s, t);

    cleanup(t);
}