ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	c227424384	make doc now mostly works	8 years ago
Michael Hamburg	b295ef7669	rename decaf_sponge_* apis to decaf_sha3_. Also reverse order on decaf_sponge_hash to make it the same as decaf_shake_hash and decaf_sha3*_hash	8 years ago
Michael Hamburg	488e2548bd	fix(?! needs testing) a critical bug in SHAKE XOF: the state would never transition to SQUEEZING, resulting in incorrect outputs	8 years ago
Michael Hamburg	92b2cb464a	sha3 functions can now return an error (likely to be ignored) if output length is to large. Also add shake###_output	8 years ago
Michael Hamburg	dd9bcf2355	remove dynamic throw lists, since theyre deprecated	8 years ago
Michael Hamburg	e69e00269f	rename publicly-visible macros to DECAF_ namespace	8 years ago
Michael Hamburg	beba37006a	deprecated macros, thanks Olivier Chéron and Tomi Ollila	8 years ago
Michael Hamburg	bd2a516210	generator should now be python3 clean	8 years ago
Michael Hamburg	bc80c744bf	decaf/decaf_[field].h[xx] -> decaf/point_[field].h[xx]	9 years ago
Michael Hamburg	a01e875d4a	move strobe and crypto to TOY areas	9 years ago
Michael Hamburg	2c605ea46e	add EdDSA C prehash routines	9 years ago
Michael Hamburg	83cfd6cae1	change x### function names again, this time to decaf_x###, decaf_x###_generate_key	9 years ago
Michael Hamburg	f4558c1e13	tidy @todo -> TODO	9 years ago
Michael Hamburg	149130fd94	working through the TODOs. Correct the sign of the to/from EdDSA conversions (but is it correct for future curves?). SHA-3 now throws exceptions on over-long output	9 years ago
Michael Hamburg	a3a2906f81	move prehashed enum to common; downside is that including one eddsa.hxx now pulls in all of them	9 years ago
Michael Hamburg	422cc78eb9	fix up overapplication to file names	9 years ago
Michael Hamburg	f1df5e4714	lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring)	9 years ago
Michael Hamburg	595855b434	move eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash	9 years ago
Michael Hamburg	0fa687437f	sha512	9 years ago
Michael Hamburg	1f54f5c8ed	change __attribute__((nonnull(list of pointers))) to __attribute__((nonnull))	9 years ago
Michael Hamburg	d94a147194	move everything over to more-tolerable templating	9 years ago
Michael Hamburg	1dc3961837	add sign_strobe and verify_strobe to crypto.hxx	9 years ago
Michael Hamburg	86e44e69c6	fixed the mixed-arch bug, but it comes from a long-standing todo	9 years ago
Michael Hamburg	30436f6ae4	remove vtable in buffer	9 years ago
Michael Hamburg	c7a3efd496	fix typo in 32-bit code	9 years ago
Michael Hamburg	2eacff6ad6	rfc7748 implementation, but their names will probably change	9 years ago
Michael Hamburg	4de70b837c	separate out strobe and spongerng from shake. strobe is experimental. spongerng is experimental internally but the interface should be pretty good (except for any camelCase vs snake_case issues). shake should be stable	9 years ago
Mike Hamburg	9f1cc0e2af	some more ct tests; serializeInto -> serialize_into. still need more ct tests, unification of snake vs camel case	9 years ago
Mike Hamburg	51ac192b79	ct tests are in; succeed if -DNDEBUG is passed. Should carefully audit assertions.	9 years ago
Michael Hamburg	d81592ba71	make test_ct, except it probably doesnt work; definitely not on a mac with no memcheck.h installed	9 years ago
Mike Hamburg	8d6c51ee28	Separate API word size from arch word size. This enables compiling a 32-bit arch on a 64-bit platform, eg NEON on AARCH64. It's probably more useful for cross-platform testing, though. The breakdown is as follows: * decaf_bool_t, decaf_word_t and decaf_error_t are as defined in the API. * DECAF_WORD_BITS is the size of a decaf_word_t. * decaf_word_t is used for scalars, so on every curve the scalar impls are the same (i.e. they follow the API's word size). * SC_LIMB macro always takes a 64-bit word. * non-prefixed word_t, mask_t, etc are as defined by the per-curve arch. * ARCH_WORD_BITS is the size of a word_t. * word_t is used for gf elements, so the curves may have different guts.	9 years ago
Michael Hamburg	55126adc06	separate c wrapper struct for strobe and spongerng	9 years ago
Michael Hamburg	81403de10c	knock out a couple TODOs	9 years ago
Michael Hamburg	1a14abb4dd	Separate .h files for SHA/SHAKE, STROBE and sponge RNG. TODO: .hxx. Also add a lot of docs	9 years ago
Michael Hamburg	f92d14e08a	crypto.hxx is now a thin wrapper around crypto.h	9 years ago
Michael Hamburg	ca68bb3689	autogenerate decaf/crypto.h	9 years ago
Michael Hamburg	a9dcd153df	auto-generate metaheaders	9 years ago
Michael Hamburg	c1306c75dc	actually generate some headers	9 years ago
Michael Hamburg	98be9a0820	now generating some headers for real	9 years ago
Michael Hamburg	55450fa852	respace	9 years ago
Michael Hamburg	6e95e69368	trying to make C++ headers the same, for future unified generation	9 years ago
Michael Hamburg	a3b094eb99	trying to make headers the same, for future unified generation	9 years ago
Michael Hamburg	facad6c2ac	unify decaf_crypto c versions, still need to unify with c++	9 years ago
Michael Hamburg	21c1fe75a0	going to branch here	10 years ago
Michael Hamburg	b5a2757f21	clear a couple fixmes	10 years ago
Michael Hamburg	ff463c8b9b	keyed tracker is added	10 years ago
Michael Hamburg	64adbd1082	split c crypto routines for now (a bit of a hack :-/)	10 years ago
Mike Hamburg	27f1b4f697	gcc is sad about my control word code	10 years ago
Michael Hamburg	565522ffdf	trying to update to the latest version of strobe. lots of stuff in flux though	10 years ago
Mike Hamburg	704b424982	dual scalarmul because of TLS discussion	10 years ago

1 2

72 Commits (c2274243840d7235445efa22856caa5f7d9b4e9c)