ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	a32fd62512	mark more things at toy	8 years ago
Michael Hamburg	a01e875d4a	move strobe and crypto to TOY areas	8 years ago
Michael Hamburg	2c605ea46e	add EdDSA C prehash routines	8 years ago
Michael Hamburg	28086a96d1	remove python dependency by checking in generated code	8 years ago
Michael Hamburg	d1e2bbec15	fix Ed448-prehash and test against newly-corrected cfrg vectors	8 years ago
Andrew Bennett	c558c0ecdb	x86_64/i386 and illumos/solaris/SunOS compatibility fixes. * SunOS linker doesn't support --gc-sections * Add portable_endian.h with __sun version of htole64 and le64toh * Replace portable endian code in shake.c with inclusion of portable_endian.h * Replace portable endian code in word.h with inclusion of portable_endian.h * Add explicit extern reference to word.h for posix_memalign when __sun defined * Replace references to u_int_t with uint_t * rdtsc call in shake.c was only working on 32-bit i386 * rdtsc call in bench_decaf.cxx was inaccurate on 64-bit x86_64 when clang absent * Fix two signed/unsigned comparison errors in test_decaf.cxx	8 years ago
Michael Hamburg	e22c967171	change eddsa encoding names to show that they multiply_by_cofactor	8 years ago
Mike Hamburg	a673fbfc63	test_ct broke because of renaming; fix it	8 years ago
Michael Hamburg	83cfd6cae1	change x### function names again, this time to decaf_x###, decaf_x###_generate_key	8 years ago
Michael Hamburg	714a5db7a0	decaf_###_x_direct_scalarmul -> decaf_x###_direct_scalarmul	8 years ago
Michael Hamburg	f4558c1e13	tidy @todo -> TODO	8 years ago
Michael Hamburg	149130fd94	working through the TODOs. Correct the sign of the to/from EdDSA conversions (but is it correct for future curves?). SHA-3 now throws exceptions on over-long output	8 years ago
Mike Hamburg	be39188da9	prevent memcpy(NULL,NULL,0), which is technically illegal as pointed out by make scan	8 years ago
Mike Hamburg	1e796b2e0e	fix some warns from gcc	8 years ago
Michael Hamburg	a3a2906f81	move prehashed enum to common; downside is that including one eddsa.hxx now pulls in all of them	8 years ago
Michael Hamburg	c5a9b7757b	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	8 years ago
Michael Hamburg	4adb584654	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	8 years ago
Michael Hamburg	3b9ffc4cc7	separate Ed25519ph from Ed25519 with awful CRTP hack	8 years ago
Michael Hamburg	422cc78eb9	fix up overapplication to file names	8 years ago
Michael Hamburg	f1df5e4714	lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring)	8 years ago
Michael Hamburg	85fafd2d52	another couple notes	8 years ago
Michael Hamburg	595855b434	move eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash	8 years ago
Michael Hamburg	798b189a77	minor changes; clear a few TODOs	8 years ago
Michael Hamburg	6225bfd2f4	EdDSA is go!	8 years ago
Michael Hamburg	1f716044ca	eddsa provisional pass	8 years ago
Michael Hamburg	d9a9bb96b5	eddsa-25519 now using sha512. But problem! We are using IsoEd25519 so we actually need an isogeny anyway to get to Ed25519 proper	9 years ago
Michael Hamburg	0fa687437f	sha512	9 years ago
Michael Hamburg	b06db0c78a	EdDSA now supports multiple hashes as defined in curve_data.py. We still dont have sha512 though.	9 years ago
Michael Hamburg	9d0bac672f	move context arguments to the end of hash functions. Ed25519 doesnt support contexts.	9 years ago
Michael Hamburg	870d5839df	whoops add eddsa.tmpl.c	9 years ago
Michael Hamburg	b1c6de6309	EdDSA 448 seems to be working. Needs more testing, code moved around. EdDSA 255 not working yet; needs SHA512	9 years ago
Michael Hamburg	fffb77ac2d	eddsa sign seems to work for ed448. needs more testing of course	9 years ago
Michael Hamburg	d0e74a585a	eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place	9 years ago
Michael Hamburg	8ee11d449e	make SQRT_MINUS_ONE not static	9 years ago
Michael Hamburg	7e52b5b42e	leave an extra FUTURE MAGIC note	9 years ago
Michael Hamburg	650356c5f5	elligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start	9 years ago
Michael Hamburg	2104923b6f	fix embarassing arch_ref64 bug; improve code for p25519 arch_32	9 years ago
Your Name	06075bbc10	undo neon bug	9 years ago
Mike Hamburg	013b5a4a6b	gcc cleanliness	9 years ago
Michael Hamburg	f8dc967ae1	add explicit GF_HEADROOM per field+arch for unreduced arith; fortunately unreduced arith is very rare	9 years ago
Michael Hamburg	1f54f5c8ed	change __attribute__((nonnull(list of pointers))) to __attribute__((nonnull))	9 years ago
Michael Hamburg	0a043c34ec	remove constant_time_lookup_xx	9 years ago
Michael Hamburg	b693b33d0c	slight changes to the deisogenize code; hopefully clearer?	9 years ago
Michael Hamburg	7e63f23958	predeclare deisogenize	9 years ago
Michael Hamburg	a585d7f148	factor out elligator, decaf, scalar code. scalar_halve is now public	9 years ago
Michael Hamburg	55766b76c9	homogenize invsqrt code	9 years ago
Michael Hamburg	08bbb567de	dont go via asm anymore. also reduce the number of templated expressions	9 years ago
Michael Hamburg	d94a147194	move everything over to more-tolerable templating	9 years ago
Michael Hamburg	4e57f49161	move more generation to python	9 years ago
Michael Hamburg	7ee81cf84f	move easy scalar computations to python	9 years ago

1 2 3 4 5 ...

462 Commits (17a77a582060d8d2207e95408c3ff8c9eb3b204d) All Branches Search

462 Commits (17a77a582060d8d2207e95408c3ff8c9eb3b204d)

All Branches