Home Explore Help
Sign In
SMusatov
/
mkp224o
mirror of https://github.com/cathugger/mkp224o.git
1
0
Fork 0
Files
Tree: 5172c0fd71
Branches Tags
mkp224o
/
ed25519
/
amd64-64-24k
/
ge25519_scalarmult_base.c

ge25519_scalarmult_base.c 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. #include "fe25519.h"
    2. 

  2. #include "sc25519.h"
    3. 

  3. #include "ge25519.h"
    4. 

  4. 

  5. /* Multiples of the base point in Niels' representation */
    6. 

  6. static const ge25519_niels ge25519_base_multiples_niels[] = {
    7. 

  7. #ifdef SMALLTABLES
    8. 

  8. #include "ge25519_base_niels_smalltables.data"
    9. 

  9. #else
    10. 

  10. #include "ge25519_base_niels.data"
    11. 

  11. #endif
    12. 

  12. };
    13. 

  13. 

  14. /* d */
    15. 

  15. static const fe25519 ecd = {{0x75EB4DCA135978A3, 0x00700A4D4141D8AB, 0x8CC740797779E898, 0x52036CEE2B6FFE73}};
    16. 

  16. 

  17. void ge25519_scalarmult_base(ge25519_p3 *r, const sc25519 *s)
    18. 

  18. {
    19. 

  19.   signed char b[64];
    20. 

  20.   int i;
    21. 

  21.   ge25519_niels t;
    22. 

  22.   fe25519 d;
    23. 

  23. 

  24.   sc25519_window4(b,s);
    25. 

  25. 

  26. #ifdef SMALLTABLES
    27. 

  27.   ge25519_p1p1 tp1p1;
    28. 

  28.   choose_t((ge25519_niels *)r, 0, (signed long long) b[1], ge25519_base_multiples_niels);
    29. 

  29.   fe25519_sub(&d, &r->y, &r->x);
    30. 

  30.   fe25519_add(&r->y, &r->y, &r->x);
    31. 

  31.   r->x = d;
    32. 

  32.   r->t = r->z;
    33. 

  33.   fe25519_setint(&r->z,2);
    34. 

  34.   for(i=3;i<64;i+=2)
    35. 

  35.   {
    36. 

  36.     choose_t(&t, (unsigned long long) i/2, (signed long long) b[i], ge25519_base_multiples_niels);
    37. 

  37.     ge25519_nielsadd2(r, &t);
    38. 

  38.   }
    39. 

  39.   ge25519_dbl_p1p1(&tp1p1,(ge25519_p2 *)r);
    40. 

  40.   ge25519_p1p1_to_p2((ge25519_p2 *)r, &tp1p1);
    41. 

  41.   ge25519_dbl_p1p1(&tp1p1,(ge25519_p2 *)r);
    42. 

  42.   ge25519_p1p1_to_p2((ge25519_p2 *)r, &tp1p1);
    43. 

  43.   ge25519_dbl_p1p1(&tp1p1,(ge25519_p2 *)r);
    44. 

  44.   ge25519_p1p1_to_p2((ge25519_p2 *)r, &tp1p1);
    45. 

  45.   ge25519_dbl_p1p1(&tp1p1,(ge25519_p2 *)r);
    46. 

  46.   ge25519_p1p1_to_p3(r, &tp1p1);
    47. 

  47.   choose_t(&t, (unsigned long long) 0, (signed long long) b[0], ge25519_base_multiples_niels);
    48. 

  48.   fe25519_mul(&t.t2d, &t.t2d, &ecd);
    49. 

  49.   ge25519_nielsadd2(r, &t);
    50. 

  50.   for(i=2;i<64;i+=2)
    51. 

  51.   {
    52. 

  52.     choose_t(&t, (unsigned long long) i/2, (signed long long) b[i], ge25519_base_multiples_niels);
    53. 

  53.     ge25519_nielsadd2(r, &t);
    54. 

  54.   }
    55. 

  55. #else 
    56. 

  56.   choose_t((ge25519_niels *)r, 0, (signed long long) b[0], ge25519_base_multiples_niels);
    57. 

  57.   fe25519_sub(&d, &r->y, &r->x);
    58. 

  58.   fe25519_add(&r->y, &r->y, &r->x);
    59. 

  59.   r->x = d;
    60. 

  60.   r->t = r->z;
    61. 

  61.   fe25519_setint(&r->z,2);
    62. 

  62.   for(i=1;i<64;i++)
    63. 

  63.   {
    64. 

  64.     choose_t(&t, (unsigned long long) i, (signed long long) b[i], ge25519_base_multiples_niels);
    65. 

  65.     ge25519_nielsadd2(r, &t);
    66. 

  66.   }
    67. 

  67. #endif 
    68. 

  68. }
    69.