ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	83cfd6cae1	change x### function names again, this time to decaf_x###, decaf_x###_generate_key	9 years ago
Michael Hamburg	714a5db7a0	decaf_###_x_direct_scalarmul -> decaf_x###_direct_scalarmul	9 years ago
Michael Hamburg	f4558c1e13	tidy @todo -> TODO	9 years ago
Michael Hamburg	149130fd94	working through the TODOs. Correct the sign of the to/from EdDSA conversions (but is it correct for future curves?). SHA-3 now throws exceptions on over-long output	9 years ago
Mike Hamburg	be39188da9	prevent memcpy(NULL,NULL,0), which is technically illegal as pointed out by make scan	9 years ago
Mike Hamburg	1e796b2e0e	fix some warns from gcc	9 years ago
Michael Hamburg	a3a2906f81	move prehashed enum to common; downside is that including one eddsa.hxx now pulls in all of them	9 years ago
Michael Hamburg	c5a9b7757b	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	9 years ago
Michael Hamburg	4adb584654	ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??	9 years ago
Michael Hamburg	3b9ffc4cc7	separate Ed25519ph from Ed25519 with awful CRTP hack	9 years ago
Michael Hamburg	422cc78eb9	fix up overapplication to file names	9 years ago
Michael Hamburg	f1df5e4714	lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring)	9 years ago
Michael Hamburg	85fafd2d52	another couple notes	9 years ago
Michael Hamburg	595855b434	move eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash	9 years ago
Michael Hamburg	798b189a77	minor changes; clear a few TODOs	9 years ago
Michael Hamburg	6225bfd2f4	EdDSA is go!	9 years ago
Michael Hamburg	1f716044ca	eddsa provisional pass	9 years ago
Michael Hamburg	d9a9bb96b5	eddsa-25519 now using sha512. But problem! We are using IsoEd25519 so we actually need an isogeny anyway to get to Ed25519 proper	9 years ago
Michael Hamburg	0fa687437f	sha512	9 years ago
Michael Hamburg	b06db0c78a	EdDSA now supports multiple hashes as defined in curve_data.py. We still dont have sha512 though.	9 years ago
Michael Hamburg	9d0bac672f	move context arguments to the end of hash functions. Ed25519 doesnt support contexts.	9 years ago
Michael Hamburg	870d5839df	whoops add eddsa.tmpl.c	9 years ago
Michael Hamburg	b1c6de6309	EdDSA 448 seems to be working. Needs more testing, code moved around. EdDSA 255 not working yet; needs SHA512	9 years ago
Michael Hamburg	fffb77ac2d	eddsa sign seems to work for ed448. needs more testing of course	9 years ago
Michael Hamburg	d0e74a585a	eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place	9 years ago
Michael Hamburg	8ee11d449e	make SQRT_MINUS_ONE not static	9 years ago
Michael Hamburg	7e52b5b42e	leave an extra FUTURE MAGIC note	9 years ago
Michael Hamburg	650356c5f5	elligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start	9 years ago
Michael Hamburg	2104923b6f	fix embarassing arch_ref64 bug; improve code for p25519 arch_32	9 years ago
Your Name	06075bbc10	undo neon bug	9 years ago
Mike Hamburg	013b5a4a6b	gcc cleanliness	9 years ago
Michael Hamburg	f8dc967ae1	add explicit GF_HEADROOM per field+arch for unreduced arith; fortunately unreduced arith is very rare	9 years ago
Michael Hamburg	1f54f5c8ed	change __attribute__((nonnull(list of pointers))) to __attribute__((nonnull))	9 years ago
Michael Hamburg	0a043c34ec	remove constant_time_lookup_xx	9 years ago
Michael Hamburg	b693b33d0c	slight changes to the deisogenize code; hopefully clearer?	9 years ago
Michael Hamburg	7e63f23958	predeclare deisogenize	9 years ago
Michael Hamburg	a585d7f148	factor out elligator, decaf, scalar code. scalar_halve is now public	9 years ago
Michael Hamburg	55766b76c9	homogenize invsqrt code	9 years ago
Michael Hamburg	08bbb567de	dont go via asm anymore. also reduce the number of templated expressions	9 years ago
Michael Hamburg	d94a147194	move everything over to more-tolerable templating	9 years ago
Michael Hamburg	4e57f49161	move more generation to python	9 years ago
Michael Hamburg	7ee81cf84f	move easy scalar computations to python	9 years ago
Michael Hamburg	2e9512292e	template curve_data	9 years ago
Michael Hamburg	3a5ba3e075	no more API_NS2.	9 years ago
Michael Hamburg	f6ec8b2fc8	moving to a much simpler templating system	9 years ago
Michael Hamburg	8b906e1d44	remove unused PRIXWORD macros	9 years ago
Michael Hamburg	1dc3961837	add sign_strobe and verify_strobe to crypto.hxx	9 years ago
Michael Hamburg	86e44e69c6	fixed the mixed-arch bug, but it comes from a long-standing todo	9 years ago
Mike Hamburg	8d9c810136	make position unsigned so that the assertion means something (thx gcc)	9 years ago
Michael Hamburg	790745e2b3	set mulw to <32 bits instead of <64 bits (but actually less than that: 1 limb instead of 2). also there is a bug if you compile ed448 for arch_32 on a 64-bit machine... tracing	9 years ago

1 2 3 4 5 ...

388 Commits (83cfd6cae1a3e85c2060bcced5a40b8a7f058720) All Branches Search

388 Commits (83cfd6cae1a3e85c2060bcced5a40b8a7f058720)

All Branches