jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
491 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: 733e67e80d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '733e67e80d'
${ noResults }
ed448goldilocks/test/ristretto.cxx

162 lines
5.3 KiB
Raw Blame History 

  1. /**

  2.  * @file ristretto.cxx

  3.  * @author Mike Hamburg

  4.  *

  5.  * @copyright

  6.  *   Copyright (c) 2015 Cryptography Research, Inc.  \n

  7.  *   Released under the MIT License.  See LICENSE.txt for license information.

  8.  *

  9.  * @brief Ristretto implementation widget

  10.  */

  11. 

  12. #include <decaf.hxx>

  13. #include <stdio.h>

  14. using namespace decaf;

  15. 

  16. inline int hexi(char c) {

  17.     if (c >= '0' && c <= '9') return c-'0';

  18.     if (c >= 'a' && c <= 'f') return c-'a'+0xa;

  19.     if (c >= 'A' && c <= 'F') return c-'A'+0xa;

  20.     return -1;

  21. }

  22. 

  23. int parsehex(uint8_t *out, size_t sizeof_out, const char *hex) {

  24.     size_t l = strlen(hex);

  25.     if (l%2 != 0) {

  26.         fprintf(stderr,"String should be hex, but has odd length\n: %s\n", hex);

  27.         return -1;

  28.     } else if (l/2 > sizeof_out) {

  29.         fprintf(stderr,"Argument is too long: %s\n", hex);

  30.         return -1;

  31.     }

  32.     

  33.     memset(out,0,sizeof_out);

  34.     int ret1,ret2;

  35.     for (size_t i=0; i<l/2; i++) {

  36.         if (   (ret1 = hexi(hex[2*i  ])) < 0

  37.         || (ret2 = hexi(hex[2*i+1])) < 0) {

  38.             fprintf(stderr,"Invalid hex %s\n",hex);

  39.             return -1;

  40.         }

  41.         out[i] = ret1*16+ret2;

  42.     }

  43.     return 0;

  44. }

  45. 

  46. void printhex(const uint8_t *in, size_t sizeof_in) {

  47.     for (; sizeof_in > 0; in++,sizeof_in--) {

  48.         printf("%02x",*in);

  49.     }

  50. }

  51. 

  52. 

  53. static int g_argc = 0;

  54. static char **g_argv = NULL;

  55. static int error = 0;

  56. static int done = 0;

  57. 

  58. void usage() {

  59.     const char *me=g_argv[0];

  60.     if (!me) me = "ristretto";

  61.     for (unsigned i=0; g_argv[0][i]; i++) {

  62.         if (g_argv[0][i] == '/' && g_argv[0][i+1] != 0 && g_argv[0][i+1] != '/') {

  63.             me = &g_argv[0][i];

  64.         }

  65.     }

  66.     

  67.     fprintf(stderr,"Usage: %s [points] [operations] ...\n", me);

  68.     fprintf(stderr,"  -b 255|448: Set which group to use (sometimes inferred from lengths)\n");

  69.     fprintf(stderr,"\n");

  70.     fprintf(stderr,"  Ways to create points:\n");

  71.     fprintf(stderr,"    [hex]: Point from point data as hex\n");

  72.     fprintf(stderr,"    -e [hex]: Create point by hashing to curve using elligator\n");

  73.     fprintf(stderr,"    base: Base point of curve\n");

  74.     fprintf(stderr,"\n");

  75.     fprintf(stderr,"  Operations:\n");

  76.     fprintf(stderr,"    -n [point]: negative of point\n");

  77.     fprintf(stderr,"    -s [scalar] * [point]: Hash to curve using elligator\n");

  78.     fprintf(stderr,"    [point] + [point]: Add two poitns\n");

  79.     fprintf(stderr,"\n");

  80.     fprintf(stderr,"  NB: this is a debugging widget.  It doesn't yet have order of operations.\n");

  81.     fprintf(stderr,"  *** DON'T USE THIS UTILITY FOR ACTUAL CRYPTO! ***\n");

  82.     fprintf(stderr,"  It's only for debugging!\n");

  83.     fprintf(stderr,"\n");

  84.     

  85.     exit(-2);

  86. }

  87. 

  88. template<typename Group> class Run {

  89. public:

  90.     static void run() {

  91.         uint8_t tmp[Group::Point::SER_BYTES];

  92.         typename Group::Point a,b;

  93.         typename Group::Scalar s;

  94.         bool plus=false, empty=true, elligator=false, mul=false, scalar=false, scalarempty=true, neg=false;

  95.         if (done || error) return;

  96.         for (int i=1; i<g_argc && !error; i++) {

  97.             bool point = false;

  98.             

  99.             if (!strcmp(g_argv[i],"-b") && ++i<g_argc) {

  100.                 if (atoi(g_argv[i]) == Group::bits()) continue;

  101.                 else return;

  102.             } else if (!strcmp(g_argv[i],"+")) {

  103.                 if (elligator || scalar || empty) usage();

  104.                 plus = true;

  105.             } else if (!strcmp(g_argv[i],"-n")) {

  106.                 neg = !neg;

  107.             } else if (!strcmp(g_argv[i],"*")) {

  108.                 if (elligator || scalar || scalarempty) usage();

  109.                 mul = true;

  110.             } else if (!strcmp(g_argv[i],"-s")) {

  111.                 if (elligator || scalar || !scalarempty) usage();

  112.                 scalar = true;

  113.             } else if (!strcmp(g_argv[i],"-e")) {

  114.                 if (elligator || scalar) usage();

  115.                 elligator = true;

  116.             } else if (!strcmp(g_argv[i],"base")) {

  117.                 if (elligator || scalar) usage();

  118.                 b = b.base();

  119.                 point = true;

  120.             } else if ((strlen(g_argv[i]) == 2*sizeof(tmp)

  121.                     || ((scalar || elligator) && strlen(g_argv[i]) <= 2*sizeof(tmp)))

  122.                         && !(error=parsehex(tmp,sizeof(tmp),g_argv[i]))) {

  123.                 if (scalar) {

  124.                     s = Block(tmp,sizeof(tmp)); scalar=false; scalarempty=false;

  125.                 } else if (elligator) {

  126.                     point = true;

  127.                     b.set_to_hash(Block(tmp,sizeof(tmp))); elligator=false;

  128.                 } else if (DECAF_SUCCESS != b.decode(Block(tmp,sizeof(tmp)))) {

  129.                     fprintf(stderr,"Error: %s isn't in the group\n",g_argv[i]);

  130.                     error = -1;

  131.                 } else {

  132.                     point = true;

  133.                 }

  134.             } else if (error || !empty) usage();

  135. 

  136.             if (point) {

  137.                 if (neg) { b = -b; neg = false; }

  138.                 if (mul) { b *= s; mul=false; }

  139.                 if (empty) { a = b; empty=false; }

  140.                 else if (plus) { a += b; plus=false; }

  141.                 else usage();

  142.             }

  143.         }

  144.         

  145.         if (!error && !empty) {

  146.             a.serialize_into(tmp);

  147.             printhex(tmp,sizeof(tmp));

  148.             printf("\n");

  149.             done = true;

  150.         }

  151.         

  152.     }

  153. };

  154. 

  155. int main(int argc, char **argv) {

  156.     g_argc = argc;

  157.     g_argv = argv;

  158.     run_for_all_curves<Run>();

  159.     if (!done) usage();

  160.     return (error<0) ? -error : error;

  161. }