From 98bfcb01965787e11739cff9c0d4fbe82d40e2a5 Mon Sep 17 00:00:00 2001 From: Michael Hamburg Date: Fri, 13 Oct 2017 17:22:08 -0700 Subject: [PATCH] IsoE25519 is now better known as Ristretto --- src/GENERATED/include/decaf.hxx | 2 +- src/GENERATED/include/decaf/ed255.hxx | 10 ++++---- src/GENERATED/include/decaf/point_255.hxx | 21 +++++++++------- src/GENERATED/include/decaf/point_448.hxx | 2 ++ src/generator/curve_data.py | 4 ++- src/per_curve/point.tmpl.hxx | 2 ++ test/ristretto_vectors.inc.cxx | 22 ++++++++--------- test/vectors.inc.cxx | 30 +++++++++++------------ 8 files changed, 51 insertions(+), 42 deletions(-) diff --git a/src/GENERATED/include/decaf.hxx b/src/GENERATED/include/decaf.hxx index f83dfbf..2712aa8 100644 --- a/src/GENERATED/include/decaf.hxx +++ b/src/GENERATED/include/decaf.hxx @@ -21,7 +21,7 @@ namespace decaf { template class Run> void run_for_all_curves() { - Run::run(); + Run::run(); Run::run(); } } diff --git a/src/GENERATED/include/decaf/ed255.hxx b/src/GENERATED/include/decaf/ed255.hxx index 615fb54..07099cb 100644 --- a/src/GENERATED/include/decaf/ed255.hxx +++ b/src/GENERATED/include/decaf/ed255.hxx @@ -43,8 +43,8 @@ namespace decaf { /** A public key for crypto over some Group */ template struct EdDSA; -/** A public key for crypto over Iso-Ed25519 */ -template<> struct EdDSA { +/** A public key for crypto over Ristretto */ +template<> struct EdDSA { /** @cond internal */ template class Signing; @@ -190,7 +190,7 @@ private: public: /** Underlying group */ - typedef IsoEd25519 Group; + typedef Ristretto Group; /** Signature size. */ static const size_t SIG_BYTES = DECAF_EDDSA_25519_SIGNATURE_BYTES; @@ -364,7 +364,7 @@ public: /* PERF FUTURE: Pre-cached decoding? Precomputed table?? */ /** Underlying group */ - typedef IsoEd25519 Group; + typedef Ristretto Group; /** Signature size. */ static const size_t SIG_BYTES = DECAF_EDDSA_25519_SIGNATURE_BYTES; @@ -417,7 +417,7 @@ public: } }; /* class PublicKey */ -}; /* template<> struct EdDSA */ +}; /* template<> struct EdDSA */ #undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/src/GENERATED/include/decaf/point_255.hxx b/src/GENERATED/include/decaf/point_255.hxx index f3af7bc..a2376c7 100644 --- a/src/GENERATED/include/decaf/point_255.hxx +++ b/src/GENERATED/include/decaf/point_255.hxx @@ -53,10 +53,10 @@ namespace decaf { /** * Curve25519/Decaf instantiation of group. */ -struct IsoEd25519 { +struct Ristretto { /** The name of the curve */ -static inline const char *name() { return "Iso-Ed25519"; } +static inline const char *name() { return "Ristretto"; } /** The name of the curve */ static inline int bits() { return 255; } @@ -756,15 +756,15 @@ public: } }; -}; /* struct IsoEd25519 */ +}; /* struct Ristretto */ /** @cond internal */ -inline SecureBuffer IsoEd25519::Scalar::direct_scalarmul ( - const FixedBlock &in, +inline SecureBuffer Ristretto::Scalar::direct_scalarmul ( + const FixedBlock &in, decaf_bool_t allow_identity, decaf_bool_t short_circuit ) const /*throw(CryptoException)*/ { - SecureBuffer out(IsoEd25519::Point::SER_BYTES); + SecureBuffer out(Ristretto::Point::SER_BYTES); if (DECAF_SUCCESS != decaf_255_direct_scalarmul(out.data(), in.data(), s, allow_identity, short_circuit) ) { @@ -773,9 +773,9 @@ inline SecureBuffer IsoEd25519::Scalar::direct_scalarmul ( return out; } -inline decaf_error_t IsoEd25519::Scalar::direct_scalarmul_noexcept ( - FixedBuffer &out, - const FixedBlock &in, +inline decaf_error_t Ristretto::Scalar::direct_scalarmul_noexcept ( + FixedBuffer &out, + const FixedBlock &in, decaf_bool_t allow_identity, decaf_bool_t short_circuit ) const DECAF_NOEXCEPT { @@ -783,6 +783,9 @@ inline decaf_error_t IsoEd25519::Scalar::direct_scalarmul_noexcept ( } /** @endcond */ +typedef Ristretto IsoEd25519; + + #undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/src/GENERATED/include/decaf/point_448.hxx b/src/GENERATED/include/decaf/point_448.hxx index 22716f8..adcb6ae 100644 --- a/src/GENERATED/include/decaf/point_448.hxx +++ b/src/GENERATED/include/decaf/point_448.hxx @@ -783,6 +783,8 @@ inline decaf_error_t Ed448Goldilocks::Scalar::direct_scalarmul_noexcept ( } /** @endcond */ + + #undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/src/generator/curve_data.py b/src/generator/curve_data.py index bcfdeb4..2e4148c 100644 --- a/src/generator/curve_data.py +++ b/src/generator/curve_data.py @@ -23,8 +23,9 @@ field_data = { curve_data = { "curve25519" : { + "altname" : "IsoEd25519", "iso_to" : "Curve25519", - "name" : "Iso-Ed25519", + "name" : "Ristretto", "cofactor" : 8, "field" : "p25519", "scalar_bits" : 253, @@ -43,6 +44,7 @@ curve_data = { "eddsa_sigma_iso": 1 }, "ed448goldilocks" : { + "altname": None, "name" : "Ed448-Goldilocks", "cofactor" : 4, "field" : "p448", diff --git a/src/per_curve/point.tmpl.hxx b/src/per_curve/point.tmpl.hxx index 0489e8c..022ec40 100644 --- a/src/per_curve/point.tmpl.hxx +++ b/src/per_curve/point.tmpl.hxx @@ -770,5 +770,7 @@ inline decaf_error_t $(cxx_ns)::Scalar::direct_scalarmul_noexcept ( } /** @endcond */ +$("typedef %s %s;\n" % (cxx_ns,altname) if altname else "") + #undef DECAF_NOEXCEPT } /* namespace decaf */ diff --git a/test/ristretto_vectors.inc.cxx b/test/ristretto_vectors.inc.cxx index b547b52..3095f10 100644 --- a/test/ristretto_vectors.inc.cxx +++ b/test/ristretto_vectors.inc.cxx @@ -1,12 +1,12 @@ template struct base_multiples; /* Examples for multiples of base point */ -template <> struct base_multiples { +template <> struct base_multiples { static const int count = 16; - static const uint8_t values[count][IsoEd25519::Point::SER_BYTES]; + static const uint8_t values[count][Ristretto::Point::SER_BYTES]; }; -const uint8_t base_multiples::values - [base_multiples::count][IsoEd25519::Point::SER_BYTES] = { +const uint8_t base_multiples::values + [base_multiples::count][Ristretto::Point::SER_BYTES] = { /* Copy-pasted from Dalek, thanks Isis Lovecruft and Henry de Valence */ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, {226, 242, 174, 10, 106, 188, 78, 113, 168, 132, 169, 97, 197, 0, 81, 95, 88, 227, 11, 106, 165, 130, 221, 141, 182, 166, 89, 69, 224, 141, 45, 118}, @@ -101,13 +101,13 @@ const uint8_t base_multiples::values[][Ed448Goldilocks::Point:: template struct elligator_examples; /* Examples for Elligator */ -template <> struct elligator_examples { +template <> struct elligator_examples { static const int count = 16; - static const uint8_t inputs[count][IsoEd25519::Point::HASH_BYTES]; - static const uint8_t outputs[count][IsoEd25519::Point::SER_BYTES]; + static const uint8_t inputs[count][Ristretto::Point::HASH_BYTES]; + static const uint8_t outputs[count][Ristretto::Point::SER_BYTES]; }; -const uint8_t elligator_examples::inputs - [elligator_examples::count][IsoEd25519::Point::HASH_BYTES] = { +const uint8_t elligator_examples::inputs + [elligator_examples::count][Ristretto::Point::HASH_BYTES] = { /* Copy-pasted from Dalek, thanks Isis Lovecruft and Henry de Valence */ {184, 249, 135, 49, 253, 123, 89, 113, 67, 160, 6, 239, 7, 105, 211, 41, 192, 249, 185, 57, 9, 102, 70, 198, 15, 127, 7, 26, 160, 102, 134, 71}, {229, 14, 241, 227, 75, 9, 118, 60, 128, 153, 226, 21, 183, 217, 91, 136, 98, 0, 231, 156, 124, 77, 82, 139, 142, 134, 164, 169, 169, 62, 250, 52}, @@ -126,8 +126,8 @@ const uint8_t elligator_examples::inputs {210, 207, 228, 56, 155, 116, 207, 54, 84, 195, 251, 215, 249, 199, 116, 75, 109, 239, 196, 251, 194, 246, 252, 228, 70, 146, 156, 35, 25, 39, 241, 4}, {34, 116, 123, 9, 8, 40, 93, 189, 9, 103, 57, 103, 66, 227, 3, 2, 157, 107, 134, 219, 202, 74, 230, 154, 78, 107, 219, 195, 214, 14, 84, 80} }; -const uint8_t elligator_examples::outputs - [elligator_examples::count][IsoEd25519::Point::SER_BYTES] = { +const uint8_t elligator_examples::outputs + [elligator_examples::count][Ristretto::Point::SER_BYTES] = { /* Copy-pasted from Dalek, thanks Isis Lovecruft and Henry de Valence */ {176, 157, 237, 97, 66, 29, 140, 166, 168, 94, 26, 157, 212, 216, 229, 160, 195, 246, 232, 239, 169, 112, 63, 193, 64, 32, 152, 69, 11, 190, 246, 86}, {234, 141, 77, 203, 181, 225, 250, 74, 171, 62, 15, 118, 78, 212, 150, 19, 131, 14, 188, 238, 194, 244, 141, 138, 166, 162, 83, 122, 228, 201, 19, 26}, diff --git a/test/vectors.inc.cxx b/test/vectors.inc.cxx index 766e694..c6c682b 100644 --- a/test/vectors.inc.cxx +++ b/test/vectors.inc.cxx @@ -1,18 +1,18 @@ /* X25519, X448 test vectors */ -template<> const uint8_t Tests::rfc7748_1[32] = { +template<> const uint8_t Tests::rfc7748_1[32] = { 0x42,0x2c,0x8e,0x7a,0x62,0x27,0xd7,0xbc, 0xa1,0x35,0x0b,0x3e,0x2b,0xb7,0x27,0x9f, 0x78,0x97,0xb8,0x7b,0xb6,0x85,0x4b,0x78, 0x3c,0x60,0xe8,0x03,0x11,0xae,0x30,0x79 }; -template<> const uint8_t Tests::rfc7748_1000[32] = { +template<> const uint8_t Tests::rfc7748_1000[32] = { 0x68,0x4c,0xf5,0x9b,0xa8,0x33,0x09,0x55, 0x28,0x00,0xef,0x56,0x6f,0x2f,0x4d,0x3c, 0x1c,0x38,0x87,0xc4,0x93,0x60,0xe3,0x87, 0x5f,0x2e,0xb9,0x4d,0x99,0x53,0x2c,0x51 }; -template<> const uint8_t Tests::rfc7748_1000000[32] = { +template<> const uint8_t Tests::rfc7748_1000000[32] = { 0x7c,0x39,0x11,0xe0,0xab,0x25,0x86,0xfd, 0x86,0x44,0x97,0x29,0x7e,0x57,0x5e,0x6f, 0x3b,0xc6,0x01,0xc0,0x88,0x3c,0x30,0xdf, @@ -53,7 +53,7 @@ const uint8_t sm1_25519[32] = { 0xa7,0xd7,0xfb,0x3d,0x99,0x00,0x4d,0x2b, 0x0b,0xdf,0xc1,0x4f,0x80,0x24,0x83,0x2b }; -template<> const Block Tests::sqrt_minus_one(sm1_25519,32); +template<> const Block Tests::sqrt_minus_one(sm1_25519,32); template<> const Block Tests::minus_sqrt_minus_one(NULL,0); const uint8_t msm1_25519[32] = { @@ -62,7 +62,7 @@ const uint8_t msm1_25519[32] = { 0x58,0x28,0x04,0xc2,0x66,0xff,0xb2,0xd4, 0xf4,0x20,0x3e,0xb0,0x7f,0xdb,0x7c,0x54 }; -template<> const Block Tests::minus_sqrt_minus_one(msm1_25519,32); +template<> const Block Tests::minus_sqrt_minus_one(msm1_25519,32); const uint8_t elli_patho_448[56] = { 0x14,0xf0,0x70,0x58,0x41,0xc7,0xf9,0xa5, @@ -74,7 +74,7 @@ const uint8_t elli_patho_448[56] = { 0x86,0xa9,0x2e,0xc9,0x17,0x68,0x9b,0x20 }; template<> const Block Tests::elli_patho(elli_patho_448,56); -template<> const Block Tests::elli_patho(NULL,0); +template<> const Block Tests::elli_patho(NULL,0); /* EdDSA test vectors */ const uint8_t ed448_eddsa_sk[][57] = {{ @@ -481,7 +481,7 @@ const uint8_t ed25519_eddsa_sig[][64] = {{ 0x91,0xc2,0x04,0x3d,0x4e,0xb3,0xe9,0x0d }}; -template<> const bool Tests::eddsa_prehashed[] = { +template<> const bool Tests::eddsa_prehashed[] = { false, false, false, @@ -489,7 +489,7 @@ template<> const bool Tests::eddsa_prehashed[] = { false, false }; -template<> const Block Tests::eddsa_sk[] = { +template<> const Block Tests::eddsa_sk[] = { Block(ed25519_eddsa_sk[0],32), Block(ed25519_eddsa_sk[1],32), Block(ed25519_eddsa_sk[2],32), @@ -498,7 +498,7 @@ template<> const Block Tests::eddsa_sk[] = { Block(ed25519_eddsa_sk[4],32), Block(NULL,0) }; -template<> const Block Tests::eddsa_pk[] = { +template<> const Block Tests::eddsa_pk[] = { Block(ed25519_eddsa_pk[0],32), Block(ed25519_eddsa_pk[1],32), Block(ed25519_eddsa_pk[2],32), @@ -506,15 +506,15 @@ template<> const Block Tests::eddsa_pk[] = { Block(ed25519_eddsa_pk[4],32), Block(ed25519_eddsa_pk[4],32) }; -template<> const Block Tests::eddsa_context[] = { - EdDSA::NO_CONTEXT(), - EdDSA::NO_CONTEXT(), - EdDSA::NO_CONTEXT(), +template<> const Block Tests::eddsa_context[] = { + EdDSA::NO_CONTEXT(), + EdDSA::NO_CONTEXT(), + EdDSA::NO_CONTEXT(), Block(NULL,0), Block(ed25519_eddsa_context[0],3), Block(ed25519_eddsa_context[1],3) }; -template<> const Block Tests::eddsa_message[] = { +template<> const Block Tests::eddsa_message[] = { Block(ed25519_eddsa_message[0],0), Block(ed25519_eddsa_message[1],1), Block(ed25519_eddsa_message[2],2), @@ -522,7 +522,7 @@ template<> const Block Tests::eddsa_message[] = { Block(ed25519_eddsa_message[4],16), Block(ed25519_eddsa_message[4],16) }; -template<> const Block Tests::eddsa_sig[] = { +template<> const Block Tests::eddsa_sig[] = { Block(ed25519_eddsa_sig[0],64), Block(ed25519_eddsa_sig[1],64), Block(ed25519_eddsa_sig[2],64),