ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	d0e74a585a	eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place	9 years ago
Michael Hamburg	8ee11d449e	make SQRT_MINUS_ONE not static	9 years ago
Michael Hamburg	7e52b5b42e	leave an extra FUTURE MAGIC note	9 years ago
Michael Hamburg	650356c5f5	elligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start	9 years ago
Michael Hamburg	2104923b6f	fix embarassing arch_ref64 bug; improve code for p25519 arch_32	9 years ago
Your Name	06075bbc10	undo neon bug	9 years ago
Mike Hamburg	013b5a4a6b	gcc cleanliness	9 years ago
Michael Hamburg	f8dc967ae1	add explicit GF_HEADROOM per field+arch for unreduced arith; fortunately unreduced arith is very rare	9 years ago
Michael Hamburg	1f54f5c8ed	change __attribute__((nonnull(list of pointers))) to __attribute__((nonnull))	9 years ago
Michael Hamburg	0a043c34ec	remove constant_time_lookup_xx	9 years ago
Michael Hamburg	b693b33d0c	slight changes to the deisogenize code; hopefully clearer?	9 years ago
Michael Hamburg	7e63f23958	predeclare deisogenize	9 years ago
Michael Hamburg	a585d7f148	factor out elligator, decaf, scalar code. scalar_halve is now public	9 years ago
Michael Hamburg	55766b76c9	homogenize invsqrt code	9 years ago
Michael Hamburg	08bbb567de	dont go via asm anymore. also reduce the number of templated expressions	9 years ago
Michael Hamburg	d94a147194	move everything over to more-tolerable templating	9 years ago
Michael Hamburg	4e57f49161	move more generation to python	9 years ago
Michael Hamburg	7ee81cf84f	move easy scalar computations to python	9 years ago
Michael Hamburg	2e9512292e	template curve_data	9 years ago
Michael Hamburg	3a5ba3e075	no more API_NS2.	9 years ago
Michael Hamburg	f6ec8b2fc8	moving to a much simpler templating system	9 years ago
Michael Hamburg	8b906e1d44	remove unused PRIXWORD macros	9 years ago
Michael Hamburg	1dc3961837	add sign_strobe and verify_strobe to crypto.hxx	9 years ago
Michael Hamburg	86e44e69c6	fixed the mixed-arch bug, but it comes from a long-standing todo	9 years ago
Mike Hamburg	8d9c810136	make position unsigned so that the assertion means something (thx gcc)	9 years ago
Michael Hamburg	790745e2b3	set mulw to <32 bits instead of <64 bits (but actually less than that: 1 limb instead of 2). also there is a bug if you compile ed448 for arch_32 on a 64-bit machine... tracing	9 years ago
Michael Hamburg	a9e2e08bf2	real WNAF	9 years ago
Michael Hamburg	5311dd5863	auto-gen more field arithmetic data	9 years ago
Michael Hamburg	6aea0961ac	reduce required curve data	9 years ago
Michael Hamburg	050dcc186f	test/bench now uses run_for_all_curves<>	9 years ago
Michael Hamburg	c0310ba553	whoops, actually save the change the removes the todo comment	9 years ago
Mike Hamburg	de547aa5e7	fix a gcc Werror	9 years ago
Michael Hamburg	c9abcef055	add some pathological test cases, clearing a few TODO items. Also scalar_set_unsigned now takes a uint64_t instead of a word_t	9 years ago
Michael Hamburg	1f57b70289	move p480 and p521 to attic	9 years ago
Michael Hamburg	e8561eb0fb	pniels_t is now aligned to sizeof(big_register_t), clearing a MAGIC	9 years ago
Michael Hamburg	af89593807	harmonize deisogenize with paper, clearing a TODO	9 years ago
Michael Hamburg	a69002875c	reverse convention for constant_time_select, resolving a TODO	9 years ago
Michael Hamburg	30436f6ae4	remove vtable in buffer	9 years ago
Michael Hamburg	2ea89d9f06	remove one variable from elligator	9 years ago
Michael Hamburg	37e0886300	simplify elligator, in a way that shouldnt change its output. I think it uses the opposite convention from the paper for sign(s) though.	9 years ago
Michael Hamburg	c7a3efd496	fix typo in 32-bit code	9 years ago
Michael Hamburg	9b6fbecc1c	warning that base point might change for release version, to better integrate with x25510/448 or ed	9 years ago
Mike Hamburg	5f38747a15	Montgomery ladder now uses non-reduced arith for speed. Also, it is tested to be CT	9 years ago
Michael Hamburg	2eacff6ad6	rfc7748 implementation, but their names will probably change	9 years ago
Michael Hamburg	4de70b837c	separate out strobe and spongerng from shake. strobe is experimental. spongerng is experimental internally but the interface should be pretty good (except for any camelCase vs snake_case issues). shake should be stable	9 years ago
Mike Hamburg	24e33a2f86	reasonable suite of ct tests now. also change scalar randomizer to generate +128 bits	9 years ago
Mike Hamburg	9f1cc0e2af	some more ct tests; serializeInto -> serialize_into. still need more ct tests, unification of snake vs camel case	9 years ago
Mike Hamburg	3d0c6a6c28	typedef Wrapped is no longer private for scalar and point	9 years ago
Mike Hamburg	51ac192b79	ct tests are in; succeed if -DNDEBUG is passed. Should carefully audit assertions.	9 years ago
Michael Hamburg	d81592ba71	make test_ct, except it probably doesnt work; definitely not on a mac with no memcheck.h installed	9 years ago

1 2 3 4 5 ...

414 Commits (c0297e395e3c3e4e74a6091a48d33c1dda50ad43) All Branches Search

414 Commits (c0297e395e3c3e4e74a6091a48d33c1dda50ad43)

All Branches