ed25519-donna.h (3050B)
1 /* 2 Public domain by Andrew M. <liquidsun@gmail.com> 3 Modified from the amd64-51-30k implementation by 4 Daniel J. Bernstein 5 Niels Duif 6 Tanja Lange 7 Peter Schwabe 8 Bo-Yin Yang 9 */ 10 11 12 #include "ed25519-donna-portable.h" 13 #include "orconfig.h" 14 15 #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS 16 /* Some of the ASM here is very long strings. */ 17 #ifdef __clang__ 18 #pragma clang diagnostic ignored "-Woverlength-strings" 19 #else 20 #pragma GCC diagnostic ignored "-Woverlength-strings" 21 #endif 22 #endif 23 24 #if defined(ED25519_SSE2) 25 #else 26 #if defined(HAVE_UINT128) && !defined(ED25519_FORCE_32BIT) 27 #define ED25519_64BIT 28 #else 29 #define ED25519_32BIT 30 #endif 31 #endif 32 33 #if !defined(ED25519_NO_INLINE_ASM) 34 /* detect extra features first so un-needed functions can be disabled throughout */ 35 #if defined(ED25519_SSE2) 36 #if defined(COMPILER_GCC) && defined(CPU_X86) 37 #define ED25519_GCC_32BIT_SSE_CHOOSE 38 #elif defined(COMPILER_GCC) && defined(CPU_X86_64) 39 #define ED25519_GCC_64BIT_SSE_CHOOSE 40 #endif 41 #else 42 #if defined(CPU_X86_64) 43 #if defined(COMPILER_GCC) 44 #if defined(ED25519_64BIT) 45 #define ED25519_GCC_64BIT_X86_CHOOSE 46 #else 47 #define ED25519_GCC_64BIT_32BIT_CHOOSE 48 #endif 49 #endif 50 #endif 51 #endif 52 #endif 53 54 #if defined(ED25519_SSE2) 55 #include "curve25519-donna-sse2.h" 56 #elif defined(ED25519_64BIT) 57 #include "curve25519-donna-64bit.h" 58 #else 59 #include "curve25519-donna-32bit.h" 60 #endif 61 62 #include "curve25519-donna-helpers.h" 63 64 /* separate uint128 check for 64 bit sse2 */ 65 #if defined(HAVE_UINT128) && !defined(ED25519_FORCE_32BIT) 66 #include "modm-donna-64bit.h" 67 #else 68 #include "modm-donna-32bit.h" 69 #endif 70 71 typedef unsigned char hash_512bits[64]; 72 73 /* 74 Timing safe memory compare 75 */ 76 static int 77 ed25519_verify(const unsigned char *x, const unsigned char *y, size_t len) { 78 size_t differentbits = 0; 79 while (len--) 80 differentbits |= (*x++ ^ *y++); 81 /*coverity[overflow]*/ 82 return (int) (1 & ((differentbits - 1) >> 8)); 83 } 84 85 86 /* 87 * Arithmetic on the twisted Edwards curve -x^2 + y^2 = 1 + dx^2y^2 88 * with d = -(121665/121666) = 37095705934669439343138083508754565189542113879843219016388785533085940283555 89 * Base point: (15112221349535400772501151409588531511454012693041857206046113283949847762202,46316835694926478169428394003475163141307993866256225615783033603165251855960); 90 */ 91 92 typedef struct ge25519_t { 93 bignum25519 x, y, z, t; 94 } ge25519; 95 96 typedef struct ge25519_p1p1_t { 97 bignum25519 x, y, z, t; 98 } ge25519_p1p1; 99 100 typedef struct ge25519_niels_t { 101 bignum25519 ysubx, xaddy, t2d; 102 } ge25519_niels; 103 104 typedef struct ge25519_pniels_t { 105 bignum25519 ysubx, xaddy, z, t2d; 106 } ge25519_pniels; 107 108 #include "ed25519-donna-basepoint-table.h" 109 110 #if defined(ED25519_64BIT) 111 #include "ed25519-donna-64bit-tables.h" 112 #include "ed25519-donna-64bit-x86.h" 113 #else 114 #include "ed25519-donna-32bit-tables.h" 115 #include "ed25519-donna-64bit-x86-32bit.h" 116 #endif 117 118 119 #if defined(ED25519_SSE2) 120 #include "ed25519-donna-32bit-sse2.h" 121 #include "ed25519-donna-64bit-sse2.h" 122 #include "ed25519-donna-impl-sse2.h" 123 #else 124 #include "ed25519-donna-impl-base.h" 125 #endif