edwards25519

Author	SHA1	Message	Date
Filippo Valsorda	66bf647f60	internal/scalar: replace FromBytes/IsCanonical with FromUniformBytes/FromCanonicalBytes	2019-05-16 15:08:48 -04:00
Filippo Valsorda	024f3f7944	internal/edwards25519,internal/scalar: apply some Go style touches Including unexporting the table types (which are not used in any API) to declutter the godoc page.	2019-05-16 15:08:48 -04:00
Henry de Valence	5e0c5c6902	internal/scalar: add scalar inversion	2019-05-15 14:33:43 -04:00
Henry de Valence	74fd625110	internal/ed25519: rearrange VartimeDoubleBaseMul args This way they line up with aA + bB (except B is implicit).	2019-05-12 02:20:59 -04:00
Henry de Valence	81ae7ea1fb	internal/ed25519: add benchmarks for scalar mul	2019-05-12 02:20:59 -04:00
Henry de Valence	9f1f939efd	internal/ed25519: add variable-time multiscalar mul	2019-05-12 02:20:59 -04:00
Henry de Valence	7a96974663	internal/ed25519: add vartime double-base scmul	2019-05-12 02:20:59 -04:00
Henry de Valence	2bc256c533	internal/ed25519: add precomputed NAF table for basepoint	2019-05-12 02:20:59 -04:00
Henry de Valence	a0f0b96ea7	internal/ed25519: lower quickcheck size for point ops	2019-05-12 02:20:59 -04:00
Henry de Valence	2f385a1eff	internal/ed25519: implement MultiscalarMul	2019-05-12 02:20:59 -04:00
Henry de Valence	8ae211b3d7	internal/ed25519: implement BasepointMul	2019-05-12 02:20:59 -04:00
Henry de Valence	7b4858db95	internal/ed25519: extract common test variables	2019-05-12 02:20:59 -04:00
Henry de Valence	16e7c4836a	internal/ed25519: add a basepoint multiple table. The table is hardcoded, and regenerated in the test code.	2019-05-12 02:20:59 -04:00
Henry de Valence	988e521639	internal/ed25519: add constant-time variable-base scmul. This also adds stub functions for the other scalar mul functionality.	2019-05-12 02:20:59 -04:00
Henry de Valence	b695f6b6f8	internal/ed25519: move basepoint constant & correct it The new values are extracted from the dalek test vectors.	2019-05-12 02:20:59 -04:00
Henry de Valence	ddd014eceb	internal/scalar: fix high bit check This should check that s[31] > 127 to determine whether the high bit is set (instead of s[31] >= 127)	2019-05-12 02:20:59 -04:00
Henry de Valence	c88ea89a6c	internal/scalar: make casts clearer	2019-05-12 02:20:59 -04:00
Henry de Valence	b75f989aea	internal/scalar: add invariant checks on Scalar digits The digit recoding functions require that the scalar has its high bit unset. We should consider making the Scalar type opaque, as in dalek, to avoid this condition, although I don't know if we can make guarantees in Go.	2019-05-12 02:20:59 -04:00
Henry de Valence	36216ca5c0	internal/scalar: use one scMulAdd for Sub	2019-05-12 02:20:59 -04:00
Henry de Valence	8bf40f380b	internal/scalar: fix constant-time signed radix 16 implementation	2019-05-12 02:20:59 -04:00
Filippo Valsorda	e6d9ef6ed1	Update internal/radix51/fe_test.go Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>	2019-05-08 14:54:33 -07:00
Filippo Valsorda	3aa63de332	Update internal/radix51/fe_test.go Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>	2019-05-08 14:54:33 -07:00
Filippo Valsorda	3e66ff0f7c	Update internal/radix51/fe_test.go Co-Authored-By: hdevalence <hdevalence@hdevalence.ca>	2019-05-08 14:54:33 -07:00
Henry de Valence	94e6c1542d	internal/ed25519: add TODO note and doc ref	2019-05-08 14:54:33 -07:00
Henry de Valence	3647548d4b	internal/ed25519: rename twoD to D2	2019-05-08 14:54:33 -07:00
Henry de Valence	1cf853c878	internal/ed25519: add lookup tables for scalar mul.	2019-05-08 14:54:33 -07:00
Henry de Valence	3af304a6be	internal/radix51: add a conditional swap	2019-05-08 14:54:33 -07:00
Henry de Valence	4673217454	ristretto255: use multi-model arithmetic	2019-05-08 14:54:33 -07:00
Henry de Valence	cca757a760	internal/ed25519: remove single-model code	2019-05-08 14:54:33 -07:00
Henry de Valence	d26e77b4f0	internal/ed25519: add addition for Edwards points	2019-05-08 14:54:33 -07:00
Henry de Valence	e0fbb35d40	internal/ed25519: use twoD	2019-05-08 14:54:33 -07:00
Henry de Valence	fd9b37b518	internal/ed25519: add tests for multi-model point types.	2019-05-08 14:54:33 -07:00
Henry de Valence	dacabb0402	internal/ed25519: add multi-model point types.	2019-05-08 14:54:33 -07:00
Henry de Valence	dddc72e66e	internal/scalar: add constant-time signed radix 16 Closes #10	2019-05-08 14:42:51 -07:00
Henry de Valence	92cdb35011	internal/scalar: add non-adjacent form Closes #13 This code is adapted from code I wrote for curve25519-dalek.	2019-05-08 14:42:51 -07:00
George Tankersley	d147963c45	internal/scalar: don't zero memory that is about to be copied over	2019-04-19 17:15:16 -04:00
George Tankersley	8da186c2a7	internal/scalar: add scalar field implementation	2019-04-19 17:15:16 -04:00
Filippo Valsorda	f38e5832ea	internal/radix51: add a "weird" testing/quick generation strategy Aiming to hit edge cases.	2019-04-19 13:14:32 -07:00
Henry de Valence	15009fd533	Merge pull request #19 from gtank/add-ristretto-add-sub implement Add, Sub, Neg for ed25519 and ristretto255 points.	2019-04-19 12:59:09 -07:00
Henry de Valence	6454f61984	Move comment inside function	2019-04-19 12:58:47 -07:00
Henry de Valence	19833654f4	implement Add, Sub, Neg for ed25519 and ristretto255 points.	2019-04-19 11:47:12 -07:00
Filippo Valsorda	9f25562805	internal/group: rename to internal/edwards25519	2019-04-19 12:40:08 -04:00
Filippo Valsorda	48e66d3ff9	internal/group: restore ScalarMult code	2019-04-19 12:40:08 -04:00
Filippo Valsorda	0078d66bcb	internal/radix51: rename lightReduce to carryPropagate and touch up docs	2019-04-19 12:40:08 -04:00
Filippo Valsorda	05f41072ee	internal/radix51: add benchmarks	2019-04-19 12:16:43 -04:00
Filippo Valsorda	fd363342af	internal/radix51: test that operations don't exceed bounds	2019-04-19 12:16:43 -04:00
Filippo Valsorda	703421dbbf	internal/radix51: make Generate produce random light-reduced elements	2019-04-19 12:16:43 -04:00
Filippo Valsorda	f8d82979e1	internal/radix51: simplify lightReduce	2019-04-19 12:16:43 -04:00
Filippo Valsorda	6d3442825d	Merge https://github.com/gtank/ed25519 Drop elliptic.Curve code, update import paths, and adapt to the new FromBytes API. The tests in ed25519_test.go will require rescuing from the git history.	2019-03-30 22:22:42 -04:00
Filippo Valsorda	413120f7d7	internal/radix51: minor tests cleanup	2019-03-30 22:12:39 -04:00

1 2 3 4

200 commits