miscellaneous crypto updates

This commit is contained in:
koe 2022-12-01 17:53:17 -06:00
parent 9367b432f6
commit b1bce857c9
5 changed files with 18 additions and 6 deletions

View file

@ -38,7 +38,6 @@ DISABLE_VS_WARNINGS(4146 4244)
/* Predeclarations */ /* Predeclarations */
static void fe_mul(fe, const fe, const fe);
static void fe_sq(fe, const fe); static void fe_sq(fe, const fe);
static void ge_madd(ge_p1p1 *, const ge_p3 *, const ge_precomp *); static void ge_madd(ge_p1p1 *, const ge_p3 *, const ge_precomp *);
static void ge_msub(ge_p1p1 *, const ge_p3 *, const ge_precomp *); static void ge_msub(ge_p1p1 *, const ge_p3 *, const ge_precomp *);
@ -72,7 +71,7 @@ uint64_t load_4(const unsigned char *in)
h = 0 h = 0
*/ */
static void fe_0(fe h) { void fe_0(fe h) {
h[0] = 0; h[0] = 0;
h[1] = 0; h[1] = 0;
h[2] = 0; h[2] = 0;
@ -375,7 +374,7 @@ Can get away with 11 carries, but then data flow is much deeper.
With tighter constraints on inputs can squeeze carries into int32. With tighter constraints on inputs can squeeze carries into int32.
*/ */
static void fe_mul(fe h, const fe f, const fe g) { void fe_mul(fe h, const fe f, const fe g) {
int32_t f0 = f[0]; int32_t f0 = f[0];
int32_t f1 = f[1]; int32_t f1 = f[1];
int32_t f2 = f[2]; int32_t f2 = f[2];

View file

@ -30,6 +30,8 @@
#pragma once #pragma once
#include <stdint.h>
/* From fe.h */ /* From fe.h */
typedef int32_t fe[10]; typedef int32_t fe[10];
@ -161,5 +163,7 @@ void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
void fe_add(fe h, const fe f, const fe g); void fe_add(fe h, const fe f, const fe g);
void fe_tobytes(unsigned char *, const fe); void fe_tobytes(unsigned char *, const fe);
void fe_invert(fe out, const fe z); void fe_invert(fe out, const fe z);
void fe_mul(fe out, const fe, const fe);
void fe_0(fe h);
int ge_p3_is_point_at_infinity_vartime(const ge_p3 *p); int ge_p3_is_point_at_infinity_vartime(const ge_p3 *p);

View file

@ -335,8 +335,16 @@ namespace crypto {
inline bool operator<(const public_key &p1, const public_key &p2) { return memcmp(&p1, &p2, sizeof(public_key)) < 0; } inline bool operator<(const public_key &p1, const public_key &p2) { return memcmp(&p1, &p2, sizeof(public_key)) < 0; }
inline bool operator>(const public_key &p1, const public_key &p2) { return p2 < p1; } inline bool operator>(const public_key &p1, const public_key &p2) { return p2 < p1; }
inline bool operator<(const key_image &p1, const key_image &p2) { return memcmp(&p1, &p2, sizeof(key_image)) < 0; }
inline bool operator>(const key_image &p1, const key_image &p2) { return p2 < p1; }
} }
// type conversions for easier calls to sc_add(), sc_sub(), hash functions
inline unsigned char* to_bytes(crypto::ec_scalar &scalar) { return &reinterpret_cast<unsigned char&>(scalar); }
inline const unsigned char* to_bytes(const crypto::ec_scalar &scalar) { return &reinterpret_cast<const unsigned char&>(scalar); }
inline unsigned char* to_bytes(crypto::ec_point &point) { return &reinterpret_cast<unsigned char&>(point); }
inline const unsigned char* to_bytes(const crypto::ec_point &point) { return &reinterpret_cast<const unsigned char&>(point); }
CRYPTO_MAKE_HASHABLE(public_key) CRYPTO_MAKE_HASHABLE(public_key)
CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(secret_key) CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(secret_key)
CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(public_key_memsafe) CRYPTO_MAKE_HASHABLE_CONSTANT_TIME(public_key_memsafe)

View file

@ -671,7 +671,7 @@ namespace rct {
//Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a
// where C= aG + bH // where C= aG + bH
static key ecdhHash(const key &k) key genAmountEncodingFactor(const key &k)
{ {
char data[38]; char data[38];
rct::key hash; rct::key hash;
@ -700,7 +700,7 @@ namespace rct {
if (v2) if (v2)
{ {
unmasked.mask = zero(); unmasked.mask = zero();
xor8(unmasked.amount, ecdhHash(sharedSec)); xor8(unmasked.amount, genAmountEncodingFactor(sharedSec));
} }
else else
{ {
@ -715,7 +715,7 @@ namespace rct {
if (v2) if (v2)
{ {
masked.mask = genCommitmentMask(sharedSec); masked.mask = genCommitmentMask(sharedSec);
xor8(masked.amount, ecdhHash(sharedSec)); xor8(masked.amount, genAmountEncodingFactor(sharedSec));
} }
else else
{ {

View file

@ -184,6 +184,7 @@ namespace rct {
//Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a
// where C= aG + bH // where C= aG + bH
key genAmountEncodingFactor(const key &k);
key genCommitmentMask(const key &sk); key genCommitmentMask(const key &sk);
void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec, bool v2); void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec, bool v2);
void ecdhDecode(ecdhTuple & masked, const key & sharedSec, bool v2); void ecdhDecode(ecdhTuple & masked, const key & sharedSec, bool v2);