New function curve25519_base.

diff --git a/ChangeLog b/ChangeLog
index 1e9876e99e2dcc9471e653da428b1a804356062b..808f3faece9198b19402dae3456fc309138895d1 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2014-08-06  Niels Möller  <nisse@lysator.liu.se>
 
+       * curve25519-base.c (curve25519_base): New file, new function.
+       Analogous to NaCl's crypto_scalarmult_base.
+       * curve25519.h: New file.
+       * Makefile.in (hogweed_SOURCES): Added curve25519-base.c.
+       (HEADERS): Added curve25519.h.
+
        * gmp-glue.c (mpn_set_base256_le, mpn_get_base256_le): New functions.
        * gmp-glue.h: Declare them.
 

diff --git a/Makefile.in b/Makefile.in
index 1e6cdd8fc0bde8fe10e4286b8e91250eb92312e5..31ca91fd34124f7d3ad34c1383136da46b043ecb 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -174,12 +174,13 @@ hogweed_SOURCES = sexp.c sexp-format.c \
                  ecc-point.c ecc-scalar.c ecc-point-mul.c ecc-point-mul-g.c \
                  ecc-ecdsa-sign.c ecdsa-sign.c \
                  ecc-ecdsa-verify.c ecdsa-verify.c ecdsa-keygen.c \
+                 curve25519-base.c \
                  $(OPT_HOGWEED_SOURCES)
 
 HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h \
          base16.h base64.h buffer.h camellia.h cast128.h \
          cbc.h ccm.h chacha.h chacha-poly1305.h ctr.h \
-         des.h des-compat.h dsa.h dsa-compat.h eax.h \
+         curve25519.h des.h des-compat.h dsa.h dsa-compat.h eax.h \
          ecc-curve.h ecc.h ecdsa.h \
          gcm.h gosthash94.h hmac.h \
          knuth-lfib.h \

diff --git a/curve25519-base.c b/curve25519-base.c
new file mode 100644 (file)
index 0000000..b188d20
--- /dev/null
+++ b/curve25519-base.c
@@ -0,0 +1,71 @@
+/* curve25519-base.c
+
+   Copyright (C) 2014 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "curve25519.h"
+
+#include "ecc.h"
+#include "ecc-internal.h"
+
+/* Intended to be compatible with NaCl's crypto_scalarmult_base. */
+void
+curve25519_base (uint8_t *r, const uint8_t *n)
+{
+  uint8_t t[CURVE25519_SIZE];
+  mp_limb_t *scratch;
+  mp_size_t ecc_size;
+  mp_size_t itch;
+
+#define p scratch
+#define x (scratch + 3*ecc_size)
+#define scratch_out (scratch + 4*ecc_size)
+  
+  memcpy (t, n, sizeof(t));
+  t[0] &= ~7;
+  t[CURVE25519_SIZE-1] = (t[CURVE25519_SIZE-1] & 0x3f) | 0x40;
+
+  ecc_size = nettle_curve25519.size;
+  itch = 4*ecc_size + ECC_MUL_G_EH_ITCH(ecc_size);
+  scratch = gmp_alloc_limbs (itch);
+
+  mpn_set_base256_le (x, ecc_size, t, CURVE25519_SIZE);
+
+  ecc_mul_g_eh (&nettle_curve25519, p, x, scratch_out);
+  ecc_eh_to_a (&nettle_curve25519, 2, x, p, scratch_out);
+
+  mpn_get_base256_le (r, CURVE25519_SIZE, x, ecc_size);
+  gmp_free_limbs (scratch, itch);
+}

diff --git a/curve25519.h b/curve25519.h
new file mode 100644 (file)
index 0000000..66a5c80
--- /dev/null
+++ b/curve25519.h
@@ -0,0 +1,49 @@
+/* curve25519.h
+
+   Copyright (C) 2014 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_CURVE25519_H
+#define NETTLE_CURVE25519_H
+
+#include "nettle-types.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Name mangling */
+#define curve25519_base nettle_curve25519_base
+
+#define CURVE25519_SIZE 32
+
+void
+curve25519_base (uint8_t *q, const uint8_t *n);
+  
+#endif /* NETTLE_CURVE25519_H */