ed448goldilocks

Commit Graph

Author	SHA1	Message	Date
Michael Hamburg	af606fb195	x448 generate_key -> derive_public_key to match ed448 nomenclature	8 years ago
Michael Hamburg	bc80c744bf	decaf/decaf_[field].h[xx] -> decaf/point_[field].h[xx]	9 years ago
Michael Hamburg	e22c967171	change eddsa encoding names to show that they multiply_by_cofactor	9 years ago
Michael Hamburg	83cfd6cae1	change x### function names again, this time to decaf_x###, decaf_x###_generate_key	9 years ago
Michael Hamburg	714a5db7a0	decaf_###_x_direct_scalarmul -> decaf_x###_direct_scalarmul	9 years ago
Michael Hamburg	f1df5e4714	lowerCamelCase -> snake_case. Put decaf_ in front of all (most?) identifiers, except for SHAKE which is being removed before 1.0 release (for future refactoring)	9 years ago
Michael Hamburg	595855b434	move eddsa.hxx to its own header. sha512.hxx; rework shake.hxx header; create prehash object. TODO: test prehash	9 years ago
Michael Hamburg	798b189a77	minor changes; clear a few TODOs	9 years ago
Michael Hamburg	9d0bac672f	move context arguments to the end of hash functions. Ed25519 doesnt support contexts.	9 years ago
Michael Hamburg	b1c6de6309	EdDSA 448 seems to be working. Needs more testing, code moved around. EdDSA 255 not working yet; needs SHA512	9 years ago
Michael Hamburg	fffb77ac2d	eddsa sign seems to work for ed448. needs more testing of course	9 years ago
Michael Hamburg	d0e74a585a	eddsa key generation, at least for goldilocks. needs parameterized hash function; sign/verify; rename; put in right place	9 years ago
Michael Hamburg	650356c5f5	elligator overflow bits. Before, invert_elligator would invert to a gf, which wouldnt be a uniformly random string because, eg, curve25519 gfs only have 255 bits out of 256. Now add a random multiple of p. This still wont work for future curves that have a field size of 1 mod 8, because those curves use elligator with no high bit set, but its a start	9 years ago
Michael Hamburg	a585d7f148	factor out elligator, decaf, scalar code. scalar_halve is now public	9 years ago
Michael Hamburg	08bbb567de	dont go via asm anymore. also reduce the number of templated expressions	9 years ago
Michael Hamburg	d94a147194	move everything over to more-tolerable templating	9 years ago
Michael Hamburg	3a5ba3e075	no more API_NS2.	9 years ago
Michael Hamburg	c9abcef055	add some pathological test cases, clearing a few TODO items. Also scalar_set_unsigned now takes a uint64_t instead of a word_t	9 years ago
Michael Hamburg	2eacff6ad6	rfc7748 implementation, but their names will probably change	9 years ago
Mike Hamburg	24e33a2f86	reasonable suite of ct tests now. also change scalar randomizer to generate +128 bits	9 years ago
Mike Hamburg	9f1cc0e2af	some more ct tests; serializeInto -> serialize_into. still need more ct tests, unification of snake vs camel case	9 years ago
Mike Hamburg	3d0c6a6c28	typedef Wrapped is no longer private for scalar and point	9 years ago
Michael Hamburg	294eabaec7	generate f_field.h	9 years ago
Michael Hamburg	1a14abb4dd	Separate .h files for SHA/SHAKE, STROBE and sponge RNG. TODO: .hxx. Also add a lot of docs	9 years ago
Michael Hamburg	47d4b080e9	generator is almost ready to drop in	9 years ago
Michael Hamburg	72399d53d7	working on python generation	9 years ago
Michael Hamburg	a0b4bc5099	beginning of header generation technology	9 years ago
Michael Hamburg	55450fa852	respace	9 years ago
Michael Hamburg	6e95e69368	trying to make C++ headers the same, for future unified generation	9 years ago
Mike Hamburg	704b424982	dual scalarmul because of TLS discussion	9 years ago
Michael Hamburg	a1f5348e18	beginning to separate errors from bools. not there yet though	9 years ago
Michael Hamburg	88a60a294d	add Group::FIELD_MODULUS_TYPE for testing purposes	9 years ago
Michael Hamburg	e95b7c7f0e	made scalar inverse WARN_UNUSED and made it throw. Small fix to sagetest. Changed some places that assumed that success is true, in case I want to adopt the proposal that success is 0	9 years ago
Michael Hamburg	0f78ec28fc	fix bug in tagforget	10 years ago
Michael Hamburg	b35f966cf4	add serializable class, though i might repent of this because i dont want a vtable	10 years ago
Michael Hamburg	4dd77e0149	switch SecureBuffer to vector	10 years ago
Mike Hamburg	b849d2cd91	working on securebuffer problems, might just switch things to vector	10 years ago
Mike Hamburg	1bda5ed34a	XOPEN_SOURCE defines fixed	10 years ago
Michael Hamburg	cdab495338	Cross-curve compilation working! Still a bunch of FIXMEs though	10 years ago
Mike Hamburg	60b14fb0f1	add FixedBuffer	10 years ago
Mike Hamburg	538fe68866	OwnedOrUnowned as base for Precomputed	10 years ago
Mike Hamburg	6bc7a3db3b	rework build hierarchy to prepare for generated headers	10 years ago
Michael Hamburg	d501753648	factor common routines and data decls out into decaf_common.h. Now leaking NONNULL etc	10 years ago
Michael Hamburg	02449ed54b	encoding is no longer EXPLICIT_CON	10 years ago
Michael Hamburg	db0a12de2a	working on breaking up include files	10 years ago
Michael Hamburg	89dfab34a8	remove hinting from forward elligator, at least in 25519. leaving test in broken state because, well, it is broken	10 years ago
Michael Hamburg	5a3fe27c03	more rigorous tests. elligator still fails. problem: extracting xy is quite technical	10 years ago
Michael Hamburg	202ed7fea2	change 2torque to torque, which is 4torque in ed25519 case	10 years ago
Michael Hamburg	e4cb764842	inverting elligator now mostly works, except for identity and overflow issues	10 years ago
Mike Hamburg	40b1f8b85e	initial replace 448->255; doesnt compile yet	10 years ago

2 Commits (af606fb195be084c5f308ee7d0edc9089de01ac8)