Commit Graph
-
0a6e968Revise LICENSE.txt to reflect current state of source. Still MIT licensed, but I think there is no longer any Stanford code. by 2017-06-01 15:40:32 -0700 -
3d5962cfix two warnings pointed out by Sofia Celi by 2017-05-31 18:18:31 -0700 -
4e809c7ok so the cpuid problem was an fPIC issue. Hopefully this fixes it... by 2017-05-28 12:44:15 -0700 -
cdb0ce0avoid warning for uninitialized entropy; change asm cpuid to look more like cpuid.h in the vain hope that this will compile better by 2017-05-28 12:29:43 -0700 -
17a77a5replace default -mavx2 -mbmi2 with -march=native by 2017-05-25 13:51:12 -0700 -
513e646restore declaration of deisogenize which was causing build failure in gcc by 2017-05-24 15:58:43 -0700 -
c6a1cd8better test by 2017-05-23 16:12:01 -0700 -
a4c02ccbetter test by 2017-05-23 16:10:44 -0700 -
72484a0test to make sure bug is gone by 2017-05-23 16:09:36 -0700 -
488e254fix(?! needs testing) a critical bug in SHAKE XOF: the state would never transition to SQUEEZING, resulting in incorrect outputs by 2017-05-23 15:57:00 -0700 -
b86b964decaffeination in with test cases by 2017-05-22 18:12:24 -0700 -
acff03beddsa_to_decaf_opt working by 2017-05-22 17:54:58 -0700 -
7691fb1eddsa_to_decaf_opt working by 2017-05-22 17:53:57 -0700 -
b423ac3working on decaffeinating ed25519 by 2017-05-22 17:36:43 -0700 -
92b2cb4sha3 functions can now return an error (likely to be ignored) if output length is to large. Also add shake###_output by 2017-05-08 13:22:54 -0700 -
aee921ffix a bug in the test scripts, thanks Johan Pascal by 2017-05-05 17:51:18 -0700 -
dd9bcf2remove dynamic throw lists, since theyre deprecated by 2017-05-02 18:11:09 -0700 -
5717005dont look for immintrin on GCC pre-4.4. Also dont build with -maes; need to autoconfig other flags by 2017-05-02 17:57:24 -0700 -
51e3296aligned(32) -> VECTOR_ALIGNED internally; still need (32) in interfaces, at least for now, because the library might have been compiled with eg avx2 but the caller might be compiled without by 2017-05-02 17:22:03 -0700 -
e69e002rename publicly-visible macros to DECAF_ namespace by 2017-05-02 16:56:44 -0700 -
ec4ece0add decaf_edXXX_convert_public_key_to_xXXX; thanks Johan Pascal by 2017-05-02 15:37:10 -0700 -
6e2ce52internal VECTOR_ALIGNED instead of __attribute((aligned(32))), thanks Olivier by 2017-04-26 11:37:48 -0700 -
beba370deprecated macros, thanks Olivier Chéron and Tomi Ollila by 2017-04-26 11:24:25 -0700 -
f22d082fix? register allocation on x86-64 by 2017-04-22 21:35:57 -0700 -
20c37ecMerge branch 'master' into decaf by 2017-04-22 21:02:25 -0700 -
a81ab9bMerge branch 'decaf' into curve25519-work by 2017-04-22 21:01:11 -0700 -
9ca05bcseparate warnflags for c,c++ by 2017-04-22 20:21:01 -0700 -
35f7e2cgen_code now actually generates the code by 2017-04-22 20:16:55 -0700 -
aef9fd8add DEFAULT_SOURCE in word.h by 2017-04-22 19:34:12 -0700 -
bd2a516generator should now be python3 clean by 2017-04-22 19:30:04 -0700 -
42a9692add _DEFAULT_SOURCE for more modern glibc by 2017-04-22 19:09:10 -0700 -
4a13ad4unroll loops in arch_32/f_impl.c except on -Os by 2017-04-22 19:05:14 -0700 -
bb1eef3tear out STROBE. Probably will re-introduce later by 2017-04-22 18:31:12 -0700 -
4caefd3oops also in test_ct by 2017-04-22 17:18:11 -0700 -
af606fbx448 generate_key -> derive_public_key to match ed448 nomenclature by 2017-04-22 17:17:38 -0700 -
c0297e3fix tab/space issue.. by 2017-01-30 12:21:48 -0800 -
065e3eaadd setup.py... this builds the library and copies it over to the build dir so it will get installed... Also update the library finding code to look in the modules install directory. by 2017-01-30 12:11:39 -0800 -
84b7976add an ignore to ignore the *.pyc files.. by 2017-01-30 12:11:18 -0800 -
9a253cbremove id by 2017-01-26 16:43:35 -0800 -
849cbd0add python wrapper for libdecaf for ed448 curves. curve 25519 is not yet supported, but should be simple to add. by 2017-01-26 16:35:49 -0800 -
b8f6e3dchange x86-64 non-BMI2 asm constraints for gcc compat; thanks Olivier Cheron by 2017-01-17 09:55:51 -0800 -
9e3702bfix ticket #1 by 2016-11-07 11:29:44 -0800 -
f102952fix ticket #1 by 2016-11-07 11:17:54 -0800 -
875d2b2ED25519_NO_CONTEXT -> DECAF_ED25519_NO_CONTEXT; DECAF_ED25519_NO_CONTEXT -> DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS by 2016-08-28 15:36:55 -0700 -
638f556make ED*_NO_CONTEXT actually a pointer by 2016-08-28 15:29:48 -0700 -
7ec87d8Use magic constant ED25519_NO_CONTEXT for non-contextual operations. by 2016-08-26 12:29:44 -0400 -
ef6e74bUpdate EdDSA operations to match draft 07 from CFRG. by 2016-08-22 11:06:55 -0600 -
80c0bd5Don't redefine le64toh on modern FreeBSD, NetBSD, and DragonflyBSD. by 2016-06-29 15:28:07 -0600 -
a803bbeFixed sha512 for platforms where sizeof(size_t) != 8 by 2016-05-26 11:51:39 -0300 -
3cb0f2cerror: shifting a negative signed value is undefined by 2016-04-15 13:45:43 -0700 -
149e672update TODO by 2016-04-05 11:55:07 -0700 -
f29b338whoops restore some GENERATED files by 2016-03-10 11:36:12 -0800 -
bc80c74decaf/decaf_[field].h[xx] -> decaf/point_[field].h[xx] by 2016-03-10 11:34:35 -0800 -
205d4e4working on the README by 2016-03-10 10:52:08 -0800 -
a32fd62mark more things at toy by 2016-03-09 11:58:14 -0800 -
a01e875move strobe and crypto to TOY areas by 2016-03-09 11:54:24 -0800 -
2c605eaadd EdDSA C prehash routines by 2016-03-09 11:06:43 -0800 -
28086a9remove python dependency by checking in generated code by 2016-03-09 10:32:54 -0800 -
d1e2bbefix Ed448-prehash and test against newly-corrected cfrg vectors by 2016-03-08 11:27:22 -0800 -
c558c0ex86_64/i386 and illumos/solaris/SunOS compatibility fixes. by 2016-03-02 11:35:29 -0700 -
e22c967change eddsa encoding names to show that they multiply_by_cofactor by 2016-03-02 13:21:45 -0800 -
a673fbftest_ct broke because of renaming; fix it by 2016-03-02 11:43:17 -0800 -
83cfd6cchange x### function names again, this time to decaf_x###, decaf_x###_generate_key by 2016-03-02 11:38:11 -0800 -
714a5dbdecaf_###_x_direct_scalarmul -> decaf_x###_direct_scalarmul by 2016-03-02 11:26:09 -0800 -
f4558c1tidy @todo -> TODO by 2016-03-02 11:02:56 -0800 -
149130fworking through the TODOs. Correct the sign of the to/from EdDSA conversions (but is it correct for future curves?). SHA-3 now throws exceptions on over-long output by 2016-03-02 11:00:46 -0800 -
be39188prevent memcpy(NULL,NULL,0), which is technically illegal as pointed out by make scan by 2016-03-01 17:32:15 -0800 -
1e796b2fix some warns from gcc by 2016-03-01 17:14:39 -0800 -
a3a2906move prehashed enum to common; downside is that including one eddsa.hxx now pulls in all of them by 2016-03-01 17:07:54 -0800 -
c5a9b77ed25519 prehashed test vector. ed448 prehashed test vectors look invalid?? by 2016-03-01 16:26:13 -0800 -
4adb584ed25519 prehashed test vector. ed448 prehashed test vectors look invalid?? by 2016-03-01 16:25:14 -0800 -
3b9ffc4separate Ed25519ph from Ed25519 with awful CRTP hack by 2016-03-01 15:57:51 -0800 -
422cc78fix up overapplication to file names by 2016-03-01 11:58:10 -0800 -
f1df5e4lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring) by 2016-03-01 11:56:14 -0800 -
85fafd2another couple notes by 2016-02-28 22:21:53 -0800 -
595855bmove eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash by 2016-02-28 21:48:01 -0800 -
798b189minor changes; clear a few TODOs by 2016-02-27 18:18:36 -0800 -
6225bfdEdDSA is go! by 2016-02-26 15:15:25 -0800 -
1f71604eddsa provisional pass by 2016-02-26 14:49:13 -0800 -
d9a9bb9eddsa-25519 now using sha512. But problem! We are using IsoEd25519 so we actually need an isogeny anyway to get to Ed25519 proper by 2016-02-26 11:08:14 -0800 -
0fa6874sha512 by 2016-02-26 10:48:12 -0800 -
b06db0cEdDSA now supports multiple hashes as defined in curve_data.py. We still dont have sha512 though. by 2016-02-23 10:57:57 -0800 -
9d0bac6move context arguments to the end of hash functions. Ed25519 doesnt support contexts. by 2016-02-23 10:47:48 -0800 -
870d583whoops add eddsa.tmpl.c by 2016-02-23 09:54:06 -0800 -
b1c6de6EdDSA 448 seems to be working. Needs more testing, code moved around. EdDSA 255 not working yet; needs SHA512 by 2016-02-22 13:39:56 -0800 -
fffb77aeddsa sign seems to work for ed448. needs more testing of course by 2016-02-21 18:00:37 -0800 -
d0e74a5eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place by 2016-02-20 19:44:19 -0800 -
8ee11d4make SQRT_MINUS_ONE not static by 2016-02-07 19:58:02 -0800 -
7e52b5bleave an extra FUTURE MAGIC note by 2016-02-07 19:53:53 -0800 -
650356celligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start by 2016-02-07 19:52:36 -0800 -
2104923fix embarassing arch_ref64 bug; improve code for p25519 arch_32 by 2016-02-05 18:10:12 -0800 -
06075bbundo neon bug by 2016-02-06 02:02:48 +0000 -
013b5a4gcc cleanliness by 2016-02-05 17:12:28 -0800 -
f8dc967add explicit GF_HEADROOM per field+arch for unreduced arith; fortunately unreduced arith is very rare by 2016-02-05 17:11:19 -0800 -
1f54f5cchange __attribute__((nonnull(list of pointers))) to __attribute__((nonnull)) by 2016-02-05 11:28:46 -0800 -
0a043c3remove constant_time_lookup_xx by 2016-01-29 19:42:17 -0800 -
b693b33slight changes to the deisogenize code; hopefully clearer? by 2016-01-29 19:39:45 -0800 -
7e63f23predeclare deisogenize by 2016-01-29 19:22:34 -0800 -
a585d7ffactor out elligator, decaf, scalar code. scalar_halve is now public by 2016-01-29 19:21:56 -0800 -
55766b7homogenize invsqrt code by 2016-01-29 18:44:04 -0800