ge_operations.h
1 /* ge_operations.h
2  *
3  * Copyright (C) 2006-2020 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
22 
23  /* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */
24 
25 #ifndef WOLF_CRYPT_GE_OPERATIONS_H
26 #define WOLF_CRYPT_GE_OPERATIONS_H
27 
28 #include <wolfssl/wolfcrypt/settings.h>
29 
30 #ifdef HAVE_ED25519
31 
32 #include <wolfssl/wolfcrypt/fe_operations.h>
33 
34 /*
35 ge means group element.
36 
37 Here the group is the set of pairs (x,y) of field elements (see fe.h)
38 satisfying -x^2 + y^2 = 1 + d x^2y^2
39 where d = -121665/121666.
40 
41 Representations:
42  ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z
43  ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT
44  ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T
45  ge_precomp (Duif): (y+x,y-x,2dxy)
46 */
47 
48 #ifdef ED25519_SMALL
49  typedef byte ge[F25519_SIZE];
50 #elif defined(CURVED25519_ASM_64BIT)
51  typedef int64_t ge[4];
52 #elif defined(CURVED25519_ASM_32BIT)
53  typedef int32_t ge[8];
54 #elif defined(CURVED25519_128BIT)
55  typedef int64_t ge[5];
56 #else
57  typedef int32_t ge[10];
58 #endif
59 
60 typedef struct {
61  ge X;
62  ge Y;
63  ge Z;
64 } ge_p2;
65 
66 typedef struct {
67  ge X;
68  ge Y;
69  ge Z;
70  ge T;
71 } ge_p3;
72 
73 
74 WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
75  word32 keySz);
76 WOLFSSL_LOCAL int ge_frombytes_negate_vartime(ge_p3 *,const unsigned char *);
77 
78 WOLFSSL_LOCAL int ge_double_scalarmult_vartime(ge_p2 *,const unsigned char *,
79  const ge_p3 *,const unsigned char *);
80 WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *,const unsigned char *);
81 WOLFSSL_LOCAL void sc_reduce(byte* s);
82 WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
83  const byte* c);
84 WOLFSSL_LOCAL void ge_tobytes(unsigned char *,const ge_p2 *);
85 WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *,const ge_p3 *);
86 
87 
88 #ifndef ED25519_SMALL
89 typedef struct {
90  ge X;
91  ge Y;
92  ge Z;
93  ge T;
94 } ge_p1p1;
95 
96 typedef struct {
97  ge yplusx;
98  ge yminusx;
99  ge xy2d;
100 } ge_precomp;
101 
102 typedef struct {
103  ge YplusX;
104  ge YminusX;
105  ge Z;
106  ge T2d;
107 } ge_cached;
108 
109 #endif /* !ED25519_SMALL */
110 
111 #endif /* HAVE_ED25519 */
112 
113 #endif /* WOLF_CRYPT_GE_OPERATIONS_H */
ge_p1p1
Definition: ge_operations.h:89
ge_p2
Definition: ge_operations.h:60
ge_p3
Definition: ge_operations.h:66
ge_precomp
Definition: ge_operations.h:96
ge_cached
Definition: ge_operations.h:102