aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGravatar Andres Erbsen <andreser@google.com>2017-10-20 10:07:10 -0400
committerGravatar Andres Erbsen <andreser@google.com>2017-10-20 10:09:41 -0400
commit9bd7d8e4a2ef9ac5944162ae8b3ba46f530980ce (patch)
tree981b45f8dd53ee21bfa7d1c9247aceba97de5484 /src
parentd90bcfa0c4969908d3fa2fb8cb4a2bef74d6f111 (diff)
gmpsec.c: generic constant-time montgomery ladder implementation using mpn_sec_* functions
Diffstat (limited to 'src')
-rw-r--r--src/Specific/X25519/C64/scalarmult.c6
-rw-r--r--src/Specific/X25519/x25519_test.c1
2 files changed, 7 insertions, 0 deletions
diff --git a/src/Specific/X25519/C64/scalarmult.c b/src/Specific/X25519/C64/scalarmult.c
index ffe015012..bde9a9b22 100644
--- a/src/Specific/X25519/C64/scalarmult.c
+++ b/src/Specific/X25519/C64/scalarmult.c
@@ -41,6 +41,7 @@ typedef unsigned int uint128_t __attribute__((mode(TI)));
typedef uint8_t u8;
typedef uint64_t limb;
typedef limb felem[5];
+//static void crecip(felem out, const felem z);
static void force_inline
fmul(felem output, const felem in2, const felem in) {
@@ -200,6 +201,7 @@ swap_conditional(limb a[5], limb b[5], limb iswap) {
}
}
+
/* Calculates nQ where Q is the x-coordinate of a point on the curve
*
* resultx/resultz: the x coordinate of the resulting curve point (short form)
@@ -221,6 +223,7 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) {
u8 byte = n[31 - i];
for (j = 0; j < 8; ++j) {
const limb bit = byte >> 7;
+ // printf("%01d ", bit);
swap_conditional(nqx, nqpqx, bit);
swap_conditional(nqz, nqpqz, bit);
@@ -246,6 +249,9 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) {
nqpqz2 = t;
byte <<= 1;
+
+ // { felem pr; crecip(pr, nqz); fmul(pr, pr, nqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf(" "); }
+ // { felem pr; crecip(pr, nqpqz); fmul(pr, pr, nqpqx); uint8_t s[32]; fcontract(s, pr); printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", s[i]); }; printf("\n"); }
}
}
diff --git a/src/Specific/X25519/x25519_test.c b/src/Specific/X25519/x25519_test.c
index 1a4334932..11bdb7acb 100644
--- a/src/Specific/X25519/x25519_test.c
+++ b/src/Specific/X25519/x25519_test.c
@@ -13,6 +13,7 @@ int main() {
a[0] = 1;
for (int i = 0; i < 200; i++) {
+ // printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", in[i]); }; printf("\n");
crypto_scalarmult(out, in, basepoint);
uint8_t* t = out;
out = in;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-20 06:26:51 +0000