haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Ed25519.pointsMulVarTime

Browse Source
This commit is contained in:
Olivier Chéron 2017-11-09 08:42:28 +01:00
parent 416fc649e1
commit 5778909761
3 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
Crypto/ECC/Ed25519.hs
View File

@ -26,6 +26,7 @@ module Crypto.ECC.Ed25519
, pointAdd , pointAdd
, pointDouble , pointDouble
, pointMul , pointMul
, pointsMulVarTime
) where ) where
import Data.Bits import Data.Bits
@ -204,6 +205,21 @@ pointMul (Scalar scalar) (Point base) =
withByteArray base $ \pbase -> withByteArray base $ \pbase ->
ed25519_point_scalarmul out pbase pscalar ed25519_point_scalarmul out pbase pscalar
-- | Multiply the point @p@ with @s2@ and add a lifted to curve value @s1@.
--
-- @
-- pointsMulVarTime s1 s2 p = 'pointAdd' ('toPoint' s1) ('pointMul' s2 p)
-- @
--
-- /WARNING:/ variable time
pointsMulVarTime :: Scalar -> Scalar -> Point -> Point
pointsMulVarTime (Scalar s1) (Scalar s2) (Point p) =
Point $ B.allocAndFreeze pointArraySize $ \out ->
withByteArray s1 $ \ps1 ->
withByteArray s2 $ \ps2 ->
withByteArray p $ \pp ->
ed25519_base_double_scalarmul_vartime out ps1 pp ps2
foreign import ccall "cryptonite_ed25519_scalar_eq" foreign import ccall "cryptonite_ed25519_scalar_eq"
ed25519_scalar_eq :: Ptr Scalar ed25519_scalar_eq :: Ptr Scalar
-> Ptr Scalar -> Ptr Scalar
@ -273,3 +289,10 @@ foreign import ccall "cryptonite_ed25519_point_scalarmul"
-> Ptr Point -- base -> Ptr Point -- base
-> Ptr Scalar -- scalar -> Ptr Scalar -- scalar
-> IO () -> IO ()
foreign import ccall "cryptonite_ed25519_base_double_scalarmul_vartime"
ed25519_base_double_scalarmul_vartime :: Ptr Point -- combo
-> Ptr Scalar -- scalar1
-> Ptr Point -- base2
-> Ptr Scalar -- scalar2
-> IO ()

6
cbits/ed25519/ed25519-cryptonite-exts.h
View File

@ -138,3 +138,9 @@ ED25519_FN(ed25519_point_scalarmul) (ge25519 *r, const ge25519 *p, const bignum2
} }
} }
} }
void
ED25519_FN(ed25519_base_double_scalarmul_vartime) (ge25519 *r, const bignum256modm s1, const ge25519 *p2, const bignum256modm s2) {
// computes [s1]basepoint + [s2]p2
ge25519_double_scalarmult_vartime(r, p2, s2, s1);
}

3
tests/ECC/Ed25519.hs
View File

@ -87,6 +87,9 @@ tests = testGroup "ECC.Ed25519"
, testProperty "scalarmult distributive" $ \x y p -> , testProperty "scalarmult distributive" $ \x y p ->
let pR = Ed25519.pointMul x p `Ed25519.pointAdd` Ed25519.pointMul y p let pR = Ed25519.pointMul x p `Ed25519.pointAdd` Ed25519.pointMul y p
in pR `propertyEq` Ed25519.pointMul (x `Ed25519.scalarAdd` y) p in pR `propertyEq` Ed25519.pointMul (x `Ed25519.scalarAdd` y) p
, testProperty "double scalarmult" $ \n1 n2 p ->
let pR = Ed25519.pointAdd (Ed25519.toPoint n1) (Ed25519.pointMul n2 p)
in pR `propertyEq` Ed25519.pointsMulVarTime n1 n2 p
] ]
] ]
where where