Permalink
Browse files

supercop-20081207

  • Loading branch information...
1 parent 54dc2fb commit a47d48581766dc1790fb78d36ddffe034b8444b6 Daniel J. Bernstein committed with Dec 7, 2008
Showing with 4,337 additions and 1,230 deletions.
  1. +2 −2 OPERATIONS
  2. +0 −2 crypto_auth1/poly1305/53/api.h
  3. +0 −9 crypto_auth1/poly1305/53/verify.c
  4. +0 −2 crypto_auth1/poly1305/amd64/api.h
  5. +0 −85 crypto_auth1/poly1305/amd64/constants.s
  6. +0 −9 crypto_auth1/poly1305/amd64/verify.c
  7. +0 −2 crypto_auth1/poly1305/ref/api.h
  8. +0 −9 crypto_auth1/poly1305/ref/verify.c
  9. +0 −2 crypto_auth1/poly1305/x86/api.h
  10. +0 −85 crypto_auth1/poly1305/x86/constants.s
  11. +0 −9 crypto_auth1/poly1305/x86/verify.c
  12. +2 −2 crypto_box/curve25519salsa20hmacsha512/ref/before.c
  13. +2 −2 crypto_box/curve25519salsa20hmacsha512/ref/keypair.c
  14. +1 −1 crypto_box/curve25519xsalsa20poly1305/checksum
  15. +5 −4 crypto_box/curve25519xsalsa20poly1305/ref/before.c
  16. +2 −2 crypto_box/curve25519xsalsa20poly1305/ref/keypair.c
  17. +4 −4 crypto_dh/curve25519/ref/usesmult.c
  18. +744 −0 crypto_hash/bmw256/optc/BlueMidnightWish.c
  19. +80 −0 crypto_hash/bmw256/optc/BlueMidnightWish.h
  20. +3 −0 crypto_hash/bmw256/optc/api.h
  21. +8 −0 crypto_hash/bmw256/optc/hash.c
  22. +744 −0 crypto_hash/bmw512/optc/BlueMidnightWish.c
  23. +80 −0 crypto_hash/bmw512/optc/BlueMidnightWish.h
  24. +3 −0 crypto_hash/bmw512/optc/api.h
  25. +8 −0 crypto_hash/bmw512/optc/hash.c
  26. +650 −0 crypto_hash/edonr256/optc/EdonR.c
  27. +57 −0 crypto_hash/edonr256/optc/EdonR.h
  28. +3 −0 crypto_hash/edonr256/optc/api.h
  29. +8 −0 crypto_hash/edonr256/optc/hash.c
  30. +650 −0 crypto_hash/edonr512/optc/EdonR.c
  31. +57 −0 crypto_hash/edonr512/optc/EdonR.h
  32. +3 −0 crypto_hash/edonr512/optc/api.h
  33. +8 −0 crypto_hash/edonr512/optc/hash.c
  34. +10 −10 {crypto_auth1 → crypto_onetimeauth}/measure.c
  35. +2 −0 crypto_onetimeauth/poly1305/53/api.h
  36. +2 −2 {crypto_auth1 → crypto_onetimeauth}/poly1305/53/auth.c
  37. +9 −0 crypto_onetimeauth/poly1305/53/verify.c
  38. +2 −0 crypto_onetimeauth/poly1305/amd64/api.h
  39. +125 −125 {crypto_auth1 → crypto_onetimeauth}/poly1305/amd64/auth.s
  40. +85 −0 crypto_onetimeauth/poly1305/amd64/constants.s
  41. +9 −0 crypto_onetimeauth/poly1305/amd64/verify.c
  42. 0 {crypto_auth1 → crypto_onetimeauth}/poly1305/checksum
  43. +2 −0 crypto_onetimeauth/poly1305/ref/api.h
  44. +2 −2 {crypto_auth1 → crypto_onetimeauth}/poly1305/ref/auth.c
  45. +9 −0 crypto_onetimeauth/poly1305/ref/verify.c
  46. 0 {crypto_auth1 → crypto_onetimeauth}/poly1305/used
  47. +2 −0 crypto_onetimeauth/poly1305/x86/api.h
  48. +126 −126 {crypto_auth1 → crypto_onetimeauth}/poly1305/x86/auth.s
  49. +85 −0 crypto_onetimeauth/poly1305/x86/constants.s
  50. +9 −0 crypto_onetimeauth/poly1305/x86/verify.c
  51. +31 −31 {crypto_auth1 → crypto_onetimeauth}/try.c
  52. +2 −0 crypto_scalarmult/curve25519/athlon/api.h
  53. +8 −0 crypto_scalarmult/curve25519/athlon/base.c
  54. +114 −0 crypto_scalarmult/curve25519/athlon/const.s
  55. +14 −14 {crypto_smult → crypto_scalarmult}/curve25519/athlon/fromdouble.s
  56. +13 −0 crypto_scalarmult/curve25519/athlon/init.s
  57. +320 −320 {crypto_smult → crypto_scalarmult}/curve25519/athlon/mainloop.s
  58. +35 −35 {crypto_smult → crypto_scalarmult}/curve25519/athlon/mult.s
  59. +10 −10 {crypto_smult → crypto_scalarmult}/curve25519/athlon/smult.c
  60. +35 −35 {crypto_smult → crypto_scalarmult}/curve25519/athlon/square.s
  61. +35 −35 {crypto_smult → crypto_scalarmult}/curve25519/athlon/todouble.s
  62. 0 {crypto_smult → crypto_scalarmult}/curve25519/checksum
  63. +2 −0 crypto_scalarmult/curve25519/donna/api.h
  64. +18 −18 {crypto_smult → crypto_scalarmult}/curve25519/donna/asm.s
  65. +8 −0 crypto_scalarmult/curve25519/donna/base.c
  66. +20 −20 {crypto_smult → crypto_scalarmult}/curve25519/donna/smult.c
  67. +2 −0 crypto_scalarmult/curve25519/donna_c64/api.h
  68. +8 −0 crypto_scalarmult/curve25519/donna_c64/base.c
  69. +2 −2 {crypto_smult → crypto_scalarmult}/curve25519/donna_c64/smult.c
  70. +2 −0 crypto_scalarmult/curve25519/ref/api.h
  71. +3 −3 {crypto_smult → crypto_scalarmult}/curve25519/ref/base.c
  72. +2 −2 {crypto_smult → crypto_scalarmult}/curve25519/ref/smult.c
  73. 0 {crypto_smult → crypto_scalarmult}/curve25519/used
  74. +12 −12 {crypto_smult → crypto_scalarmult}/measure.c
  75. +34 −34 {crypto_smult → crypto_scalarmult}/try.c
  76. +3 −3 crypto_secretbox/xsalsa20poly1305/ref/box.c
  77. +0 −2 crypto_smult/curve25519/athlon/api.h
  78. +0 −8 crypto_smult/curve25519/athlon/base.c
  79. +0 −114 crypto_smult/curve25519/athlon/const.s
  80. +0 −13 crypto_smult/curve25519/athlon/init.s
  81. +0 −2 crypto_smult/curve25519/donna/api.h
  82. +0 −8 crypto_smult/curve25519/donna/base.c
  83. +0 −2 crypto_smult/curve25519/donna_c64/api.h
  84. +0 −8 crypto_smult/curve25519/donna_c64/base.c
  85. +0 −2 crypto_smult/curve25519/ref/api.h
  86. +1 −1 do
View
@@ -3,10 +3,10 @@ crypto_core :_OUTPUTBYTES:_INPUTBYTES:_KEYBYTES:_CONSTBYTES (unsigned char *,con
crypto_hashblocks :_STATEBYTES:_BLOCKBYTES (unsigned char *,const unsigned char *,unsigned long long)
crypto_hash :_BYTES (unsigned char *,const unsigned char *,unsigned long long)
crypto_stream :_xor:_KEYBYTES:_NONCEBYTES (unsigned char *,unsigned long long,const unsigned char *,const unsigned char *):_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *)
-crypto_auth1 :_verify:_BYTES:_KEYBYTES (unsigned char *,const unsigned char *,unsigned long long,const unsigned char *):_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *)
+crypto_onetimeauth :_verify:_BYTES:_KEYBYTES (unsigned char *,const unsigned char *,unsigned long long,const unsigned char *):_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *)
crypto_auth :_verify:_BYTES:_KEYBYTES (unsigned char *,const unsigned char *,unsigned long long,const unsigned char *):_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *)
crypto_secretbox :_open:_KEYBYTES:_NONCEBYTES:_ZEROBYTES:_BOXZEROBYTES (unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *):_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *)
-crypto_smult :_base:_BYTES:_SCALARBYTES (unsigned char *,const unsigned char *,const unsigned char *):_base(unsigned char *,const unsigned char *)
+crypto_scalarmult :_base:_BYTES:_SCALARBYTES (unsigned char *,const unsigned char *,const unsigned char *):_base(unsigned char *,const unsigned char *)
crypto_box :_open:_keypair:_beforenm:_afternm:_open_afternm:_PUBLICKEYBYTES:_SECRETKEYBYTES:_BEFORENMBYTES:_NONCEBYTES:_ZEROBYTES:_BOXZEROBYTES (unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *):_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *):_keypair(unsigned char *,unsigned char *):_beforenm(unsigned char *,const unsigned char *,const unsigned char *):_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *):_open_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *)
crypto_dh :_keypair:_BYTES:_SECRETKEYBYTES:_PUBLICKEYBYTES (unsigned char *,const unsigned char *,const unsigned char *):_keypair(unsigned char *,unsigned char *)
crypto_sign :_open:_keypair:_BYTES:_SECRETKEYBYTES:_PUBLICKEYBYTES (unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *):_open(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *):_keypair(unsigned char *,unsigned char *)
@@ -1,2 +0,0 @@
-#define crypto_auth1_poly1305_53_BYTES 16
-#define crypto_auth1_poly1305_53_KEYBYTES 32
@@ -1,9 +0,0 @@
-#include "crypto_verify_16.h"
-#include "crypto_auth1.h"
-
-int crypto_auth1_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
-{
- unsigned char correct[16];
- crypto_auth1(correct,in,inlen,k);
- return crypto_verify_16(h,correct);
-}
@@ -1,2 +0,0 @@
-#define crypto_auth1_poly1305_amd64_BYTES 16
-#define crypto_auth1_poly1305_amd64_KEYBYTES 32
@@ -1,85 +0,0 @@
-# version 20080913
-# D. J. Bernstein
-# Public domain.
-
-.data
-.section .rodata
-.p2align 5
-
-.globl _crypto_auth1_poly1305_amd64_constants
-.globl crypto_auth1_poly1305_amd64_constants
-.globl crypto_auth1_poly1305_amd64_scale
-.globl crypto_auth1_poly1305_amd64_two32
-.globl crypto_auth1_poly1305_amd64_two64
-.globl crypto_auth1_poly1305_amd64_two96
-.globl crypto_auth1_poly1305_amd64_alpha32
-.globl crypto_auth1_poly1305_amd64_alpha64
-.globl crypto_auth1_poly1305_amd64_alpha96
-.globl crypto_auth1_poly1305_amd64_alpha130
-.globl crypto_auth1_poly1305_amd64_doffset0
-.globl crypto_auth1_poly1305_amd64_doffset1
-.globl crypto_auth1_poly1305_amd64_doffset2
-.globl crypto_auth1_poly1305_amd64_doffset3
-.globl crypto_auth1_poly1305_amd64_doffset3minustwo128
-.globl crypto_auth1_poly1305_amd64_hoffset0
-.globl crypto_auth1_poly1305_amd64_hoffset1
-.globl crypto_auth1_poly1305_amd64_hoffset2
-.globl crypto_auth1_poly1305_amd64_hoffset3
-.globl crypto_auth1_poly1305_amd64_rounding
-
-_crypto_auth1_poly1305_amd64_constants:
-crypto_auth1_poly1305_amd64_constants:
-crypto_auth1_poly1305_amd64_scale:
-.long 0x0,0x37f40000
-
-crypto_auth1_poly1305_amd64_two32:
-.long 0x0,0x41f00000
-
-crypto_auth1_poly1305_amd64_two64:
-.long 0x0,0x43f00000
-
-crypto_auth1_poly1305_amd64_two96:
-.long 0x0,0x45f00000
-
-crypto_auth1_poly1305_amd64_alpha32:
-.long 0x0,0x45e80000
-
-crypto_auth1_poly1305_amd64_alpha64:
-.long 0x0,0x47e80000
-
-crypto_auth1_poly1305_amd64_alpha96:
-.long 0x0,0x49e80000
-
-crypto_auth1_poly1305_amd64_alpha130:
-.long 0x0,0x4c080000
-
-crypto_auth1_poly1305_amd64_doffset0:
-.long 0x0,0x43300000
-
-crypto_auth1_poly1305_amd64_doffset1:
-.long 0x0,0x45300000
-
-crypto_auth1_poly1305_amd64_doffset2:
-.long 0x0,0x47300000
-
-crypto_auth1_poly1305_amd64_doffset3:
-.long 0x0,0x49300000
-
-crypto_auth1_poly1305_amd64_doffset3minustwo128:
-.long 0x0,0x492ffffe
-
-crypto_auth1_poly1305_amd64_hoffset0:
-.long 0xfffffffb,0x43300001
-
-crypto_auth1_poly1305_amd64_hoffset1:
-.long 0xfffffffe,0x45300001
-
-crypto_auth1_poly1305_amd64_hoffset2:
-.long 0xfffffffe,0x47300001
-
-crypto_auth1_poly1305_amd64_hoffset3:
-.long 0xfffffffe,0x49300003
-
-crypto_auth1_poly1305_amd64_rounding:
-.byte 0x7f
-.byte 0x13
@@ -1,9 +0,0 @@
-#include "crypto_verify_16.h"
-#include "crypto_auth1.h"
-
-int crypto_auth1_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
-{
- unsigned char correct[16];
- crypto_auth1(correct,in,inlen,k);
- return crypto_verify_16(h,correct);
-}
@@ -1,2 +0,0 @@
-#define crypto_auth1_poly1305_ref_BYTES 16
-#define crypto_auth1_poly1305_ref_KEYBYTES 32
@@ -1,9 +0,0 @@
-#include "crypto_verify_16.h"
-#include "crypto_auth1.h"
-
-int crypto_auth1_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
-{
- unsigned char correct[16];
- crypto_auth1(correct,in,inlen,k);
- return crypto_verify_16(h,correct);
-}
@@ -1,2 +0,0 @@
-#define crypto_auth1_poly1305_x86_BYTES 16
-#define crypto_auth1_poly1305_x86_KEYBYTES 32
@@ -1,85 +0,0 @@
-# version 20080912
-# D. J. Bernstein
-# Public domain.
-
-.data
-.section .rodata
-.p2align 5
-
-.globl _crypto_auth1_poly1305_x86_constants
-.globl crypto_auth1_poly1305_x86_constants
-.globl crypto_auth1_poly1305_x86_scale
-.globl crypto_auth1_poly1305_x86_two32
-.globl crypto_auth1_poly1305_x86_two64
-.globl crypto_auth1_poly1305_x86_two96
-.globl crypto_auth1_poly1305_x86_alpha32
-.globl crypto_auth1_poly1305_x86_alpha64
-.globl crypto_auth1_poly1305_x86_alpha96
-.globl crypto_auth1_poly1305_x86_alpha130
-.globl crypto_auth1_poly1305_x86_doffset0
-.globl crypto_auth1_poly1305_x86_doffset1
-.globl crypto_auth1_poly1305_x86_doffset2
-.globl crypto_auth1_poly1305_x86_doffset3
-.globl crypto_auth1_poly1305_x86_doffset3minustwo128
-.globl crypto_auth1_poly1305_x86_hoffset0
-.globl crypto_auth1_poly1305_x86_hoffset1
-.globl crypto_auth1_poly1305_x86_hoffset2
-.globl crypto_auth1_poly1305_x86_hoffset3
-.globl crypto_auth1_poly1305_x86_rounding
-
-_crypto_auth1_poly1305_x86_constants:
-crypto_auth1_poly1305_x86_constants:
-crypto_auth1_poly1305_x86_scale:
-.long 0x0,0x37f40000
-
-crypto_auth1_poly1305_x86_two32:
-.long 0x0,0x41f00000
-
-crypto_auth1_poly1305_x86_two64:
-.long 0x0,0x43f00000
-
-crypto_auth1_poly1305_x86_two96:
-.long 0x0,0x45f00000
-
-crypto_auth1_poly1305_x86_alpha32:
-.long 0x0,0x45e80000
-
-crypto_auth1_poly1305_x86_alpha64:
-.long 0x0,0x47e80000
-
-crypto_auth1_poly1305_x86_alpha96:
-.long 0x0,0x49e80000
-
-crypto_auth1_poly1305_x86_alpha130:
-.long 0x0,0x4c080000
-
-crypto_auth1_poly1305_x86_doffset0:
-.long 0x0,0x43300000
-
-crypto_auth1_poly1305_x86_doffset1:
-.long 0x0,0x45300000
-
-crypto_auth1_poly1305_x86_doffset2:
-.long 0x0,0x47300000
-
-crypto_auth1_poly1305_x86_doffset3:
-.long 0x0,0x49300000
-
-crypto_auth1_poly1305_x86_doffset3minustwo128:
-.long 0x0,0x492ffffe
-
-crypto_auth1_poly1305_x86_hoffset0:
-.long 0xfffffffb,0x43300001
-
-crypto_auth1_poly1305_x86_hoffset1:
-.long 0xfffffffe,0x45300001
-
-crypto_auth1_poly1305_x86_hoffset2:
-.long 0xfffffffe,0x47300001
-
-crypto_auth1_poly1305_x86_hoffset3:
-.long 0xfffffffe,0x49300003
-
-crypto_auth1_poly1305_x86_rounding:
-.byte 0x7f
-.byte 0x13
@@ -1,9 +0,0 @@
-#include "crypto_verify_16.h"
-#include "crypto_auth1.h"
-
-int crypto_auth1_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
-{
- unsigned char correct[16];
- crypto_auth1(correct,in,inlen,k);
- return crypto_verify_16(h,correct);
-}
@@ -1,5 +1,5 @@
#include "crypto_hash_sha512.h"
-#include "crypto_smult_curve25519.h"
+#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
int crypto_box_beforenm(
@@ -11,7 +11,7 @@ int crypto_box_beforenm(
unsigned char s[32];
unsigned char h[64];
int i;
- crypto_smult_curve25519(s,sk,pk);
+ crypto_scalarmult_curve25519(s,sk,pk);
crypto_hash_sha512(h,s,32);
for (i = 0;i < 32;++i) k[i] = h[i];
return 0;
@@ -1,4 +1,4 @@
-#include "crypto_smult_curve25519.h"
+#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
#include "randombytes.h"
@@ -8,5 +8,5 @@ int crypto_box_keypair(
)
{
randombytes(sk,32);
- return crypto_smult_curve25519_base(pk,sk);
+ return crypto_scalarmult_curve25519_base(pk,sk);
}
@@ -1 +1 @@
-aac3dc7e00efee6b302c38e1688b891d17c96d1b1647cdd6
+5fac7400caabc14a99c5c0bc13fb1df5e468e870382a3a1c
@@ -1,8 +1,9 @@
#include "crypto_core_hsalsa20.h"
-#include "crypto_smult_curve25519.h"
+#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
-static const unsigned char sigma[16] = "Curve25519output";
+static const unsigned char sigma[16] = "expand 32-byte k";
+static const unsigned char n[16] = {0};
int crypto_box_beforenm(
unsigned char *k,
@@ -11,6 +12,6 @@ int crypto_box_beforenm(
)
{
unsigned char s[32];
- crypto_smult_curve25519(s,sk,pk);
- return crypto_core_hsalsa20(k,sigma,s,sigma);
+ crypto_scalarmult_curve25519(s,sk,pk);
+ return crypto_core_hsalsa20(k,n,s,sigma);
}
@@ -1,4 +1,4 @@
-#include "crypto_smult_curve25519.h"
+#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
#include "randombytes.h"
@@ -8,5 +8,5 @@ int crypto_box_keypair(
)
{
randombytes(sk,32);
- return crypto_smult_curve25519_base(pk,sk);
+ return crypto_scalarmult_curve25519_base(pk,sk);
}
@@ -1,16 +1,16 @@
#include "randombytes.h"
-#include "crypto_smult_curve25519.h"
+#include "crypto_scalarmult_curve25519.h"
#include "crypto_dh.h"
int crypto_dh_keypair(unsigned char *pk,unsigned char *sk)
{
- randombytes(sk,crypto_smult_curve25519_SCALARBYTES);
- crypto_smult_curve25519_base(pk,sk);
+ randombytes(sk,crypto_scalarmult_curve25519_SCALARBYTES);
+ crypto_scalarmult_curve25519_base(pk,sk);
return 0;
}
int crypto_dh(unsigned char *s,const unsigned char *pk,const unsigned char *sk)
{
- crypto_smult_curve25519(s,sk,pk);
+ crypto_scalarmult_curve25519(s,sk,pk);
return 0;
}
Oops, something went wrong.

0 comments on commit a47d485

Please sign in to comment.