GNUnet  0.11.x
Macros | Functions
tweetnacl-gnunet.h File Reference
#include <stdint.h>
Include dependency graph for tweetnacl-gnunet.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES   64
 
#define GNUNET_TWEETNACL_SIGN_PUBLICBYTES   32
 
#define GNUNET_TWEETNACL_SCALARMULT_BYTES   32
 

Functions

int GNUNET_TWEETNACL_scalarmult_curve25519 (uint8_t *, const uint8_t *, const uint8_t *)
 
int GNUNET_TWEETNACL_scalarmult_curve25519_base (uint8_t *, const uint8_t *)
 
void GNUNET_TWEETNACL_sign_pk_from_seed (uint8_t *pk, const uint8_t *seed)
 
void GNUNET_TWEETNACL_sign_sk_from_seed (uint8_t *sk, const uint8_t *seed)
 
int GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 (uint8_t *x25519_pk, const uint8_t *ed25519_pk)
 
int GNUNET_TWEETNACL_sign_detached_verify (const uint8_t *sig, const uint8_t *m, uint64_t n, const uint8_t *pk)
 
int GNUNET_TWEETNACL_sign_detached (uint8_t *sig, const uint8_t *m, uint64_t n, const uint8_t *sk)
 

Macro Definition Documentation

◆ GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES

#define GNUNET_TWEETNACL_SIGN_SECRETKEYBYTES   64

Definition at line 18 of file tweetnacl-gnunet.h.

Referenced by GNUNET_CRYPTO_eddsa_sign().

◆ GNUNET_TWEETNACL_SIGN_PUBLICBYTES

#define GNUNET_TWEETNACL_SIGN_PUBLICBYTES   32

Definition at line 19 of file tweetnacl-gnunet.h.

Referenced by GNUNET_CRYPTO_ecdh_eddsa().

◆ GNUNET_TWEETNACL_SCALARMULT_BYTES

#define GNUNET_TWEETNACL_SCALARMULT_BYTES   32

Function Documentation

◆ GNUNET_TWEETNACL_scalarmult_curve25519()

int GNUNET_TWEETNACL_scalarmult_curve25519 ( uint8_t *  ,
const uint8_t *  ,
const uint8_t *   
)

Definition at line 195 of file tweetnacl-gnunet.c.

References _121665, A(), testconfigure::b, e, removetrailingwhitespace::f, FOR, inv25519(), M(), pack25519(), S(), sel25519(), unpack25519(), and Z().

Referenced by GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_eddsa_ecdh(), and GNUNET_TWEETNACL_scalarmult_curve25519_base().

196 {
197  u8 z[32];
198  i64 x[80],r,i;
199  gf a,b,c,d,e,f;
200  FOR (i,31) z[i] = n[i];
201  z[31] = (n[31] & 127) | 64;
202  z[0] &= 248;
203  unpack25519 (x,p);
204  FOR (i,16) {
205  b[i] = x[i];
206  d[i] = a[i] = c[i] = 0;
207  }
208  a[0] = d[0] = 1;
209  for (i = 254; i>=0; --i) {
210  r = (z[i >> 3] >> (i & 7)) & 1;
211  sel25519 (a,b,r);
212  sel25519 (c,d,r);
213  A (e,a,c);
214  Z (a,a,c);
215  A (c,b,d);
216  Z (b,b,d);
217  S (d,e);
218  S (f,a);
219  M (a,c,a);
220  M (c,b,e);
221  A (e,a,c);
222  Z (a,a,c);
223  S (b,a);
224  Z (c,d,f);
225  M (a,c,_121665);
226  A (a,a,d);
227  M (c,c,a);
228  M (a,d,f);
229  M (d,b,x);
230  S (b,e);
231  sel25519 (a,b,r);
232  sel25519 (c,d,r);
233  }
234  FOR (i,16) {
235  x[i + 16] = a[i];
236  x[i + 32] = c[i];
237  x[i + 48] = b[i];
238  x[i + 64] = d[i];
239  }
240  inv25519 (x + 32,x + 32);
241  M (x + 16,x + 16,x + 32);
242  pack25519 (q,x + 16);
243  return 0;
244 }
uint8_t u8
static void A(gf o, const gf a, const gf b)
static void unpack25519(gf o, const u8 *n)
static struct Experiment * e
static void M(gf o, const gf a, const gf b)
static void sel25519(gf p, gf q, int b)
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
int64_t i64
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
static void pack25519(u8 *o, const gf n)
i64 gf[16]
static void Z(gf o, const gf a, const gf b)
#define FOR(i, n)
static void inv25519(gf o, const gf i)
static const gf _121665
static void S(gf o, const gf a)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_scalarmult_curve25519_base()

int GNUNET_TWEETNACL_scalarmult_curve25519_base ( uint8_t *  ,
const uint8_t *   
)

Definition at line 247 of file tweetnacl-gnunet.c.

References _9, and GNUNET_TWEETNACL_scalarmult_curve25519().

Referenced by GNUNET_CRYPTO_ecdhe_key_get_public().

248 {
250 }
static const u8 _9[32]
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
int GNUNET_TWEETNACL_scalarmult_curve25519(u8 *q, const u8 *n, const u8 *p)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_sign_pk_from_seed()

void GNUNET_TWEETNACL_sign_pk_from_seed ( uint8_t *  pk,
const uint8_t *  seed 
)

Definition at line 417 of file tweetnacl-gnunet.c.

References crypto_hash(), p, pack(), and scalarbase().

Referenced by GNUNET_CRYPTO_eddsa_key_get_public().

418 {
419  u8 d[64];
420  gf p[4];
421 
422  crypto_hash (d, seed, 32);
423  d[0] &= 248;
424  d[31] &= 127;
425  d[31] |= 64;
426 
427  scalarbase (p,d);
428  pack (pk,p);
429 }
uint8_t u8
static struct GNUNET_CRYPTO_EddsaPrivateKey * pk
Private key of this peer.
static void pack(u8 *r, gf p[4])
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
static void scalarbase(gf p[4], const u8 *s)
i64 gf[16]
static int crypto_hash(u8 *out, const u8 *m, u64 n)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_sign_sk_from_seed()

void GNUNET_TWEETNACL_sign_sk_from_seed ( uint8_t *  sk,
const uint8_t *  seed 
)

Definition at line 432 of file tweetnacl-gnunet.c.

References crypto_hash(), FOR, p, pack(), pk, and scalarbase().

Referenced by GNUNET_CRYPTO_eddsa_sign().

433 {
434  u8 d[64];
435  gf p[4];
436  u8 pk[32];
437  int i;
438 
439  crypto_hash (d, seed, 32);
440  d[0] &= 248;
441  d[31] &= 127;
442  d[31] |= 64;
443 
444  scalarbase (p,d);
445  pack (pk,p);
446 
447  FOR (i,32) sk[i] = seed[i];
448  FOR (i,32) sk[32 + i] = pk[i];
449 }
uint8_t u8
static struct GNUNET_CRYPTO_EddsaPrivateKey * pk
Private key of this peer.
static void pack(u8 *r, gf p[4])
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
static void scalarbase(gf p[4], const u8 *s)
i64 gf[16]
#define FOR(i, n)
static int crypto_hash(u8 *out, const u8 *m, u64 n)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519()

int GNUNET_TWEETNACL_sign_ed25519_pk_to_curve25519 ( uint8_t *  x25519_pk,
const uint8_t *  ed25519_pk 
)

Definition at line 452 of file tweetnacl-gnunet.c.

References A(), gf1, inv25519(), M(), pack25519(), set25519(), unpackneg(), and Z().

Referenced by GNUNET_CRYPTO_ecdh_eddsa().

454 {
455  gf ge_a[4];
456  gf x;
457  gf one_minus_y;
458 
459  if (0 != unpackneg (ge_a, ed25519_pk))
460  return -1;
461 
462  set25519 (one_minus_y, gf1);
463  Z (one_minus_y, one_minus_y, ge_a[1]);
464 
465  set25519 (x, gf1);
466  A (x, x, ge_a[1]);
467 
468  inv25519 (one_minus_y, one_minus_y);
469  M (x, x, one_minus_y);
470  pack25519 (x25519_pk, x);
471 
472  return 0;
473 }
static void A(gf o, const gf a, const gf b)
static void M(gf o, const gf a, const gf b)
static void set25519(gf r, const gf a)
static const gf gf1
static void pack25519(u8 *o, const gf n)
static int unpackneg(gf r[4], const u8 p[32])
i64 gf[16]
static void Z(gf o, const gf a, const gf b)
static void inv25519(gf o, const gf i)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_sign_detached_verify()

int GNUNET_TWEETNACL_sign_detached_verify ( const uint8_t *  sig,
const uint8_t *  m,
uint64_t  n,
const uint8_t *  pk 
)

Definition at line 475 of file tweetnacl-gnunet.c.

References add(), crypto_verify_32(), GNUNET_CRYPTO_hash_context_finish(), GNUNET_CRYPTO_hash_context_read(), GNUNET_CRYPTO_hash_context_start(), h, p, pack(), q, reduce(), scalarbase(), scalarmult(), t, and unpackneg().

Referenced by GNUNET_CRYPTO_eddsa_verify().

479 {
480  struct GNUNET_HashContext *hc;
481  u8 t[32],h[64];
482  gf p[4],q[4];
483 
484  if (unpackneg (q,pk))
485  return -1;
486 
488  GNUNET_CRYPTO_hash_context_read (hc, sig, 32);
491  GNUNET_CRYPTO_hash_context_finish (hc, (void *) h);
492 
493  reduce (h);
494  scalarmult (p,q,h);
495 
496  scalarbase (q,sig+32);
497  add (p,q);
498  pack (t,p);
499 
500  if (crypto_verify_32 (sig, t))
501  return -1;
502  return 0;
503 }
uint8_t u8
static struct GNUNET_CRYPTO_EddsaPrivateKey * pk
Private key of this peer.
static void pack(u8 *r, gf p[4])
struct GNUNET_HashContext * GNUNET_CRYPTO_hash_context_start(void)
Start incremental hashing operation.
Definition: crypto_hash.c:466
Context for cummulative hashing.
Definition: crypto_hash.c:451
static struct GNUNET_SCHEDULER_Task * t
Main task.
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:99
static void reduce(u8 *r)
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
Definition: gnunet-arm.c:104
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
static int crypto_verify_32(const u8 *x, const u8 *y)
static void scalarbase(gf p[4], const u8 *s)
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
void GNUNET_CRYPTO_hash_context_read(struct GNUNET_HashContext *hc, const void *buf, size_t size)
Add data to be hashed.
Definition: crypto_hash.c:492
static int unpackneg(gf r[4], const u8 p[32])
i64 gf[16]
static void add(gf p[4], gf q[4])
static void scalarmult(gf p[4], gf q[4], const u8 *s)
void GNUNET_CRYPTO_hash_context_finish(struct GNUNET_HashContext *hc, struct GNUNET_HashCode *r_hash)
Finish the hash computation.
Definition: crypto_hash.c:509
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_TWEETNACL_sign_detached()

int GNUNET_TWEETNACL_sign_detached ( uint8_t *  sig,
const uint8_t *  m,
uint64_t  n,
const uint8_t *  sk 
)

Definition at line 506 of file tweetnacl-gnunet.c.

References crypto_hash(), FOR, GNUNET_CRYPTO_hash_context_finish(), GNUNET_CRYPTO_hash_context_read(), GNUNET_CRYPTO_hash_context_start(), h, modL(), p, pack(), reduce(), and scalarbase().

Referenced by GNUNET_CRYPTO_eddsa_sign().

510 {
511  struct GNUNET_HashContext *hc;
512  u8 d[64],h[64],r[64];
513  i64 i,j,x[64];
514  gf p[4];
515 
516  crypto_hash (d, sk, 32);
517  d[0] &= 248;
518  d[31] &= 127;
519  d[31] |= 64;
520 
522  GNUNET_CRYPTO_hash_context_read (hc, d + 32, 32);
524  GNUNET_CRYPTO_hash_context_finish (hc, (void *) r);
525 
526  reduce (r);
527  scalarbase (p,r);
528  pack (sig,p);
529 
531  GNUNET_CRYPTO_hash_context_read (hc, sig, 32);
532  GNUNET_CRYPTO_hash_context_read (hc, sk + 32, 32);
534  GNUNET_CRYPTO_hash_context_finish (hc, (void *) h);
535 
536  reduce (h);
537 
538  FOR (i,64) x[i] = 0;
539  FOR (i,32) x[i] = (u64) r[i];
540  FOR (i,32) FOR (j,32) x[i + j] += h[i] * (u64) d[j];
541  modL (sig + 32,x);
542 
543  return 0;
544 }
uint8_t u8
static void pack(u8 *r, gf p[4])
struct GNUNET_HashContext * GNUNET_CRYPTO_hash_context_start(void)
Start incremental hashing operation.
Definition: crypto_hash.c:466
Context for cummulative hashing.
Definition: crypto_hash.c:451
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:99
static void reduce(u8 *r)
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
Definition: gnunet-arm.c:104
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
int64_t i64
static void scalarbase(gf p[4], const u8 *s)
static void modL(u8 *r, i64 x[64])
void GNUNET_CRYPTO_hash_context_read(struct GNUNET_HashContext *hc, const void *buf, size_t size)
Add data to be hashed.
Definition: crypto_hash.c:492
i64 gf[16]
#define FOR(i, n)
static int crypto_hash(u8 *out, const u8 *m, u64 n)
uint64_t u64
void GNUNET_CRYPTO_hash_context_finish(struct GNUNET_HashContext *hc, struct GNUNET_HashCode *r_hash)
Finish the hash computation.
Definition: crypto_hash.c:509
Here is the call graph for this function:
Here is the caller graph for this function: