Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
5 changed files
with
94 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
// Copyright (c) 2021 The Go Authors. All rights reserved. | ||
// Use of this source code is governed by a BSD-style | ||
// license that can be found in the LICENSE file. | ||
|
||
package field | ||
|
||
import "errors" | ||
|
||
// This file contains additional functionality that is not included in the | ||
// upstream crypto/ed25519/internal/edwards25519/field package. | ||
|
||
// SetWideBytes sets v to x, where x is a 64-byte little-endian encoding, which | ||
// is reduced modulo the field order. If x is not of the right length, | ||
// SetWideBytes returns nil and an error, and the receiver is unchanged. | ||
// | ||
// SetWideBytes is not necessary to select a uniformly distributed value, and is | ||
// only provided for compatibility: SetBytes can be used instead as the chance | ||
// of bias is less than 2⁻²⁵⁰. | ||
func (v *Element) SetWideBytes(x []byte) (*Element, error) { | ||
if len(x) != 64 { | ||
return nil, errors.New("edwards25519: invalid SetWideBytes input size") | ||
} | ||
|
||
// Split the 64 bytes into two elements, and extract the most significant | ||
// bit of each, which is ignored by SetBytes. | ||
lo, _ := new(Element).SetBytes(x[:32]) | ||
loMSB := uint64(x[31] >> 7) | ||
hi, _ := new(Element).SetBytes(x[32:]) | ||
hiMSB := uint64(x[63] >> 7) | ||
|
||
// The output we want is | ||
// | ||
// v = lo + loMSB * 2²⁵⁵ + hi * 2²⁵⁶ + hiMSB * 2⁵¹¹ | ||
// | ||
// which applying the reduction identity comes out to | ||
// | ||
// v = lo + loMSB * 19 + hi * 2 * 19 + hiMSB * 2 * 19² | ||
// | ||
// l0 will be the sum of a 52 bits value (lo.l0), plus a 5 bits value | ||
// (loMSB * 19), a 6 bits value (hi.l0 * 2 * 19), and a 10 bits value | ||
// (hiMSB * 2 * 19²), so it fits in a uint64. | ||
|
||
v.l0 = lo.l0 + loMSB*19 + hi.l0*2*19 + hiMSB*2*19*19 | ||
v.l1 = lo.l1 + hi.l1*2*19 | ||
v.l2 = lo.l2 + hi.l2*2*19 | ||
v.l3 = lo.l3 + hi.l3*2*19 | ||
v.l4 = lo.l4 + hi.l4*2*19 | ||
|
||
return v.carryPropagate(), nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
// Copyright (c) 2021 The Go Authors. All rights reserved. | ||
// Use of this source code is governed by a BSD-style | ||
// license that can be found in the LICENSE file. | ||
|
||
package field | ||
|
||
import ( | ||
"math/big" | ||
"testing" | ||
"testing/quick" | ||
) | ||
|
||
var bigP = new(big.Int).Sub(new(big.Int).Lsh(big.NewInt(1), 255), big.NewInt(19)) | ||
|
||
func TestSetWideBytes(t *testing.T) { | ||
f1 := func(in [64]byte, fe Element) bool { | ||
fe1 := new(Element).Set(&fe) | ||
|
||
if out, err := fe.SetWideBytes([]byte{42}); err == nil || out != nil || | ||
fe.Equal(fe1) != 1 { | ||
return false | ||
} | ||
|
||
if out, err := fe.SetWideBytes(in[:]); err != nil || out != &fe { | ||
return false | ||
} | ||
|
||
b := new(big.Int).SetBytes(swapEndianness(in[:])) | ||
fe1.fromBig(b.Mod(b, bigP)) | ||
|
||
return fe.Equal(fe1) == 1 && isInBounds(&fe) && isInBounds(fe1) | ||
} | ||
if err := quick.Check(f1, nil); err != nil { | ||
t.Error(err) | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters