RubyGems - ed25519 - Versions diffs - 0.1.0 → 1.0.0 - Mend

ed25519 0.1.0 → 1.0.0

Files changed (92) hide show

checksums.yaml +4 -4
data/CHANGES.md +13 -0
data/README.md +6 -3
data/Rakefile +4 -4
data/ed25519.gemspec +3 -3
data/ext/{ed25519 → ed25519_java}/org/cryptosphere/ed25519.java +0 -0
data/ext/{ed25519 → ed25519_ref10}/api.h +1 -1
data/ext/ed25519_ref10/base.h +1344 -0
data/ext/ed25519_ref10/base2.h +40 -0
data/ext/ed25519_ref10/d.h +1 -0
data/ext/ed25519_ref10/d2.h +1 -0
data/ext/ed25519_ref10/ed25519_ref10.c +99 -0
data/ext/ed25519_ref10/ed25519_ref10.h +33 -0
data/ext/ed25519_ref10/extconf.rb +9 -0
data/ext/ed25519_ref10/fe.h +56 -0
data/ext/ed25519_ref10/fe_0.c +19 -0
data/ext/ed25519_ref10/fe_1.c +19 -0
data/ext/ed25519_ref10/fe_add.c +57 -0
data/ext/ed25519_ref10/fe_cmov.c +63 -0
data/ext/ed25519_ref10/fe_copy.c +29 -0
data/ext/ed25519_ref10/fe_frombytes.c +71 -0
data/ext/ed25519_ref10/fe_invert.c +14 -0
data/ext/ed25519_ref10/fe_isnegative.c +16 -0
data/ext/ed25519_ref10/fe_isnonzero.c +19 -0
data/ext/ed25519_ref10/fe_mul.c +252 -0
data/ext/ed25519_ref10/fe_neg.c +45 -0
data/ext/ed25519_ref10/fe_pow22523.c +13 -0
data/ext/ed25519_ref10/fe_sq.c +148 -0
data/ext/ed25519_ref10/fe_sq2.c +159 -0
data/ext/ed25519_ref10/fe_sub.c +57 -0
data/ext/ed25519_ref10/fe_tobytes.c +119 -0
data/ext/ed25519_ref10/ge.h +95 -0
data/ext/ed25519_ref10/ge_add.c +11 -0
data/ext/ed25519_ref10/ge_add.h +97 -0
data/ext/ed25519_ref10/ge_double_scalarmult.c +96 -0
data/ext/ed25519_ref10/ge_frombytes.c +50 -0
data/ext/ed25519_ref10/ge_madd.c +11 -0
data/ext/ed25519_ref10/ge_madd.h +88 -0
data/ext/ed25519_ref10/ge_msub.c +11 -0
data/ext/ed25519_ref10/ge_msub.h +88 -0
data/ext/ed25519_ref10/ge_p1p1_to_p2.c +12 -0
data/ext/ed25519_ref10/ge_p1p1_to_p3.c +13 -0
data/ext/ed25519_ref10/ge_p2_0.c +8 -0
data/ext/ed25519_ref10/ge_p2_dbl.c +11 -0
data/ext/ed25519_ref10/ge_p2_dbl.h +73 -0
data/ext/ed25519_ref10/ge_p3_0.c +9 -0
data/ext/ed25519_ref10/ge_p3_dbl.c +12 -0
data/ext/ed25519_ref10/ge_p3_to_cached.c +17 -0
data/ext/ed25519_ref10/ge_p3_to_p2.c +12 -0
data/ext/ed25519_ref10/ge_p3_tobytes.c +14 -0
data/ext/ed25519_ref10/ge_precomp_0.c +8 -0
data/ext/ed25519_ref10/ge_scalarmult_base.c +104 -0
data/ext/ed25519_ref10/ge_sub.c +11 -0
data/ext/ed25519_ref10/ge_sub.h +97 -0
data/ext/ed25519_ref10/ge_tobytes.c +14 -0
data/ext/ed25519_ref10/keypair.c +22 -0
data/ext/ed25519_ref10/open.c +47 -0
data/ext/ed25519_ref10/pow22523.h +160 -0
data/ext/ed25519_ref10/pow225521.h +160 -0
data/ext/ed25519_ref10/sc.h +17 -0
data/ext/ed25519_ref10/sc_muladd.c +366 -0
data/ext/ed25519_ref10/sc_reduce.c +272 -0
data/ext/{ed25519/sha512-blocks.c → ed25519_ref10/sha512.c} +108 -43
data/ext/ed25519_ref10/sha512.h +8 -0
data/ext/ed25519_ref10/sign.c +41 -0
data/ext/ed25519_ref10/sqrtm1.h +1 -0
data/ext/{ed25519 → ed25519_ref10}/verify.c +2 -2
data/lib/ed25519.rb +40 -9
data/lib/ed25519/provider/jruby.rb +39 -0
data/lib/ed25519/signing_key.rb +11 -7
data/lib/ed25519/verify_key.rb +26 -10
data/lib/ed25519/version.rb +1 -1
metadata +66 -26
data/ext/ed25519/crypto_int32.h +0 -6
data/ext/ed25519/crypto_sign.h +0 -13
data/ext/ed25519/crypto_uint32.h +0 -6
data/ext/ed25519/crypto_verify_32.h +0 -7
data/ext/ed25519/ed25519.c +0 -136
data/ext/ed25519/ed25519_engine.c +0 -82
data/ext/ed25519/extconf.rb +0 -6
data/ext/ed25519/fe25519.c +0 -326
data/ext/ed25519/fe25519.h +0 -63
data/ext/ed25519/ge25519.c +0 -311
data/ext/ed25519/ge25519.h +0 -35
data/ext/ed25519/ge25519_base.data +0 -850
data/ext/ed25519/sc25519.c +0 -298
data/ext/ed25519/sc25519.h +0 -73
data/ext/ed25519/sha512-hash.c +0 -72
data/ext/ed25519/sha512.h +0 -4
data/lib/ed25519/jruby_engine.rb +0 -30
data/tasks/extension.rake +0 -14
data/tasks/rspec.rake +0 -9

@@ -1,298 +0,0 @@
-#include "sc25519.h"
-/*Arithmetic modulo the group order m = 2^252 +  27742317777372353535851937790883648493 = 7237005577332262213973186563042994240857116359379907606001950938285454250989 */
-static const crypto_uint32 m[32] = {0xED, 0xD3, 0xF5, 0x5C, 0x1A, 0x63, 0x12, 0x58, 0xD6, 0x9C, 0xF7, 0xA2, 0xDE, 0xF9, 0xDE, 0x14,
-                                    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10};
-static const crypto_uint32 mu[33] = {0x1B, 0x13, 0x2C, 0x0A, 0xA3, 0xE5, 0x9C, 0xED, 0xA7, 0x29, 0x63, 0x08, 0x5D, 0x21, 0x06, 0x21,
-                                     0xEB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0F};
-static crypto_uint32 lt(crypto_uint32 a,crypto_uint32 b) /* 16-bit inputs */
-{
-  unsigned int x = a;
-  x -= (unsigned int) b; /* 0..65535: no; 4294901761..4294967295: yes */
-  x >>= 31; /* 0: no; 1: yes */
-  return x;
-}
-/* Reduce coefficients of r before calling reduce_add_sub */
-static void reduce_add_sub(sc25519 *r)
-{
-  crypto_uint32 pb = 0;
-  crypto_uint32 b;
-  crypto_uint32 mask;
-  int i;
-  unsigned char t[32];
-  for(i=0;i<32;i++)
-  {
-    pb += m[i];
-    b = lt(r->v[i],pb);
-    t[i] = r->v[i]-pb+(b<<8);
-    pb = b;
-  }
-  mask = b - 1;
-  for(i=0;i<32;i++)
-    r->v[i] ^= mask & (r->v[i] ^ t[i]);
-}
-/* Reduce coefficients of x before calling barrett_reduce */
-static void barrett_reduce(sc25519 *r, const crypto_uint32 x[64])
-{
-  /* See HAC, Alg. 14.42 */
-  int i,j;
-  crypto_uint32 q2[66];
-  crypto_uint32 *q3 = q2 + 33;
-  crypto_uint32 r1[33];
-  crypto_uint32 r2[33];
-  crypto_uint32 carry;
-  crypto_uint32 pb = 0;
-  crypto_uint32 b;
-  for (i = 0;i < 66;++i) q2[i] = 0;
-  for (i = 0;i < 33;++i) r2[i] = 0;
-  for(i=0;i<33;i++)
-    for(j=0;j<33;j++)
-      if(i+j >= 31) q2[i+j] += mu[i]*x[j+31];
-  carry = q2[31] >> 8;
-  q2[32] += carry;
-  carry = q2[32] >> 8;
-  q2[33] += carry;
-  for(i=0;i<33;i++)r1[i] = x[i];
-  for(i=0;i<32;i++)
-    for(j=0;j<33;j++)
-      if(i+j < 33) r2[i+j] += m[i]*q3[j];
-  for(i=0;i<32;i++)
-  {
-    carry = r2[i] >> 8;
-    r2[i+1] += carry;
-    r2[i] &= 0xff;
-  }
-  for(i=0;i<32;i++)
-  {
-    pb += r2[i];
-    b = lt(r1[i],pb);
-    r->v[i] = r1[i]-pb+(b<<8);
-    pb = b;
-  }
-  /* XXX: Can it really happen that r<0?, See HAC, Alg 14.42, Step 3
-   * If so: Handle  it here!
-   */
-  reduce_add_sub(r);
-  reduce_add_sub(r);
-}
-void sc25519_from32bytes(sc25519 *r, const unsigned char x[32])
-{
-  int i;
-  crypto_uint32 t[64];
-  for(i=0;i<32;i++) t[i] = x[i];
-  for(i=32;i<64;++i) t[i] = 0;
-  barrett_reduce(r, t);
-}
-void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16])
-{
-  int i;
-  for(i=0;i<16;i++) r->v[i] = x[i];
-}
-void sc25519_from64bytes(sc25519 *r, const unsigned char x[64])
-{
-  int i;
-  crypto_uint32 t[64];
-  for(i=0;i<64;i++) t[i] = x[i];
-  barrett_reduce(r, t);
-}
-void sc25519_from_shortsc(sc25519 *r, const shortsc25519 *x)
-{
-  int i;
-  for(i=0;i<16;i++)
-    r->v[i] = x->v[i];
-  for(i=0;i<16;i++)
-    r->v[16+i] = 0;
-}
-void sc25519_to32bytes(unsigned char r[32], const sc25519 *x)
-{
-  int i;
-  for(i=0;i<32;i++) r[i] = x->v[i];
-}
-int sc25519_iszero_vartime(const sc25519 *x)
-{
-  int i;
-  for(i=0;i<32;i++)
-    if(x->v[i] != 0) return 0;
-  return 1;
-}
-int sc25519_isshort_vartime(const sc25519 *x)
-{
-  int i;
-  for(i=31;i>15;i--)
-    if(x->v[i] != 0) return 0;
-  return 1;
-}
-int sc25519_lt_vartime(const sc25519 *x, const sc25519 *y)
-{
-  int i;
-  for(i=31;i>=0;i--)
-  {
-    if(x->v[i] < y->v[i]) return 1;
-    if(x->v[i] > y->v[i]) return 0;
-  }
-  return 0;
-}
-void sc25519_add(sc25519 *r, const sc25519 *x, const sc25519 *y)
-{
-  int i, carry;
-  for(i=0;i<32;i++) r->v[i] = x->v[i] + y->v[i];
-  for(i=0;i<31;i++)
-  {
-    carry = r->v[i] >> 8;
-    r->v[i+1] += carry;
-    r->v[i] &= 0xff;
-  }
-  reduce_add_sub(r);
-}
-void sc25519_sub_nored(sc25519 *r, const sc25519 *x, const sc25519 *y)
-{
-  crypto_uint32 b = 0;
-  crypto_uint32 t;
-  int i;
-  for(i=0;i<32;i++)
-  {
-    t = x->v[i] - y->v[i] - b;
-    r->v[i] = t & 255;
-    b = (t >> 8) & 1;
-  }
-}
-void sc25519_mul(sc25519 *r, const sc25519 *x, const sc25519 *y)
-{
-  int i,j,carry;
-  crypto_uint32 t[64];
-  for(i=0;i<64;i++)t[i] = 0;
-  for(i=0;i<32;i++)
-    for(j=0;j<32;j++)
-      t[i+j] += x->v[i] * y->v[j];
-  /* Reduce coefficients */
-  for(i=0;i<63;i++)
-  {
-    carry = t[i] >> 8;
-    t[i+1] += carry;
-    t[i] &= 0xff;
-  }
-  barrett_reduce(r, t);
-}
-void sc25519_mul_shortsc(sc25519 *r, const sc25519 *x, const shortsc25519 *y)
-{
-  sc25519 t;
-  sc25519_from_shortsc(&t, y);
-  sc25519_mul(r, x, &t);
-}
-void sc25519_window3(signed char r[85], const sc25519 *s)
-{
-  char carry;
-  int i;
-  for(i=0;i<10;i++)
-  {
-    r[8*i+0]  =  s->v[3*i+0]       & 7;
-    r[8*i+1]  = (s->v[3*i+0] >> 3) & 7;
-    r[8*i+2]  = (s->v[3*i+0] >> 6) & 7;
-    r[8*i+2] ^= (s->v[3*i+1] << 2) & 7;
-    r[8*i+3]  = (s->v[3*i+1] >> 1) & 7;
-    r[8*i+4]  = (s->v[3*i+1] >> 4) & 7;
-    r[8*i+5]  = (s->v[3*i+1] >> 7) & 7;
-    r[8*i+5] ^= (s->v[3*i+2] << 1) & 7;
-    r[8*i+6]  = (s->v[3*i+2] >> 2) & 7;
-    r[8*i+7]  = (s->v[3*i+2] >> 5) & 7;
-  }
-  r[8*i+0]  =  s->v[3*i+0]       & 7;
-  r[8*i+1]  = (s->v[3*i+0] >> 3) & 7;
-  r[8*i+2]  = (s->v[3*i+0] >> 6) & 7;
-  r[8*i+2] ^= (s->v[3*i+1] << 2) & 7;
-  r[8*i+3]  = (s->v[3*i+1] >> 1) & 7;
-  r[8*i+4]  = (s->v[3*i+1] >> 4) & 7;
-  /* Making it signed */
-  carry = 0;
-  for(i=0;i<84;i++)
-  {
-    r[i] += carry;
-    r[i+1] += r[i] >> 3;
-    r[i] &= 7;
-    carry = r[i] >> 2;
-    r[i] -= carry<<3;
-  }
-  r[84] += carry;
-}
-void sc25519_window5(signed char r[51], const sc25519 *s)
-{
-  char carry;
-  int i;
-  for(i=0;i<6;i++)
-  {
-    r[8*i+0]  =  s->v[5*i+0]       & 31;
-    r[8*i+1]  = (s->v[5*i+0] >> 5) & 31;
-    r[8*i+1] ^= (s->v[5*i+1] << 3) & 31;
-    r[8*i+2]  = (s->v[5*i+1] >> 2) & 31;
-    r[8*i+3]  = (s->v[5*i+1] >> 7) & 31;
-    r[8*i+3] ^= (s->v[5*i+2] << 1) & 31;
-    r[8*i+4]  = (s->v[5*i+2] >> 4) & 31;
-    r[8*i+4] ^= (s->v[5*i+3] << 4) & 31;
-    r[8*i+5]  = (s->v[5*i+3] >> 1) & 31;
-    r[8*i+6]  = (s->v[5*i+3] >> 6) & 31;
-    r[8*i+6] ^= (s->v[5*i+4] << 2) & 31;
-    r[8*i+7]  = (s->v[5*i+4] >> 3) & 31;
-  }
-  r[8*i+0]  =  s->v[5*i+0]       & 31;
-  r[8*i+1]  = (s->v[5*i+0] >> 5) & 31;
-  r[8*i+1] ^= (s->v[5*i+1] << 3) & 31;
-  r[8*i+2]  = (s->v[5*i+1] >> 2) & 31;
-  /* Making it signed */
-  carry = 0;
-  for(i=0;i<50;i++)
-  {
-    r[i] += carry;
-    r[i+1] += r[i] >> 5;
-    r[i] &= 31;
-    carry = r[i] >> 4;
-    r[i] -= carry<<5;
-  }
-  r[50] += carry;
-}
-void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2)
-{
-  int i;
-  for(i=0;i<31;i++)
-  {
-    r[4*i]   = ( s1->v[i]       & 3) ^ (( s2->v[i]       & 3) << 2);
-    r[4*i+1] = ((s1->v[i] >> 2) & 3) ^ (((s2->v[i] >> 2) & 3) << 2);
-    r[4*i+2] = ((s1->v[i] >> 4) & 3) ^ (((s2->v[i] >> 4) & 3) << 2);
-    r[4*i+3] = ((s1->v[i] >> 6) & 3) ^ (((s2->v[i] >> 6) & 3) << 2);
-  }
-  r[124] = ( s1->v[31]       & 3) ^ (( s2->v[31]       & 3) << 2);
-  r[125] = ((s1->v[31] >> 2) & 3) ^ (((s2->v[31] >> 2) & 3) << 2);
-  r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2);
-}

data/ext/ed25519/sc25519.h DELETED

@@ -1,73 +0,0 @@
-#ifndef SC25519_H
-#define SC25519_H
-#include "crypto_int32.h"
-#include "crypto_uint32.h"
-#define sc25519                  crypto_sign_ed25519_ref_sc25519
-#define shortsc25519             crypto_sign_ed25519_ref_shortsc25519
-#define sc25519_from32bytes      crypto_sign_ed25519_ref_sc25519_from32bytes
-#define shortsc25519_from16bytes crypto_sign_ed25519_ref_shortsc25519_from16bytes
-#define sc25519_from64bytes      crypto_sign_ed25519_ref_sc25519_from64bytes
-#define sc25519_from_shortsc     crypto_sign_ed25519_ref_sc25519_from_shortsc
-#define sc25519_to32bytes        crypto_sign_ed25519_ref_sc25519_to32bytes
-#define sc25519_iszero_vartime   crypto_sign_ed25519_ref_sc25519_iszero_vartime
-#define sc25519_isshort_vartime  crypto_sign_ed25519_ref_sc25519_isshort_vartime
-#define sc25519_lt_vartime       crypto_sign_ed25519_ref_sc25519_lt_vartime
-#define sc25519_add              crypto_sign_ed25519_ref_sc25519_add
-#define sc25519_sub_nored        crypto_sign_ed25519_ref_sc25519_sub_nored
-#define sc25519_mul              crypto_sign_ed25519_ref_sc25519_mul
-#define sc25519_mul_shortsc      crypto_sign_ed25519_ref_sc25519_mul_shortsc
-#define sc25519_window3          crypto_sign_ed25519_ref_sc25519_window3
-#define sc25519_window5          crypto_sign_ed25519_ref_sc25519_window5
-#define sc25519_2interleave2     crypto_sign_ed25519_ref_sc25519_2interleave2
-typedef struct
-{
-  crypto_uint32 v[32];
-}
-sc25519;
-typedef struct
-{
-  crypto_uint32 v[16];
-}
-shortsc25519;
-void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]);
-void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16]);
-void sc25519_from64bytes(sc25519 *r, const unsigned char x[64]);
-void sc25519_from_shortsc(sc25519 *r, const shortsc25519 *x);
-void sc25519_to32bytes(unsigned char r[32], const sc25519 *x);
-int sc25519_iszero_vartime(const sc25519 *x);
-int sc25519_isshort_vartime(const sc25519 *x);
-int sc25519_lt_vartime(const sc25519 *x, const sc25519 *y);
-void sc25519_add(sc25519 *r, const sc25519 *x, const sc25519 *y);
-void sc25519_sub_nored(sc25519 *r, const sc25519 *x, const sc25519 *y);
-void sc25519_mul(sc25519 *r, const sc25519 *x, const sc25519 *y);
-void sc25519_mul_shortsc(sc25519 *r, const sc25519 *x, const shortsc25519 *y);
-/* Convert s into a representation of the form \sum_{i=0}^{84}r[i]2^3
- * with r[i] in {-4,...,3}
- */
-void sc25519_window3(signed char r[85], const sc25519 *s);
-/* Convert s into a representation of the form \sum_{i=0}^{50}r[i]2^5
- * with r[i] in {-16,...,15}
- */
-void sc25519_window5(signed char r[51], const sc25519 *s);
-void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2);
-#endif

data/ext/ed25519/sha512-hash.c DELETED

@@ -1,72 +0,0 @@
-/*
-20080913
-D. J. Bernstein
-Public domain.
-*/
-#include "sha512.h"
-extern int crypto_hashblocks(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen);
-#define blocks crypto_hashblocks
-static const unsigned char iv[64] = {
-  0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08,
-  0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b,
-  0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b,
-  0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1,
-  0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1,
-  0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f,
-  0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b,
-  0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79
-} ;
-typedef unsigned long long uint64;
-int crypto_hash_sha512(unsigned char *out,const unsigned char *in,unsigned long long inlen)
-{
-  unsigned char h[64];
-  unsigned char padded[256];
-  int i;
-  unsigned long long bytes = inlen;
-  for (i = 0;i < 64;++i) h[i] = iv[i];
-  blocks(h,in,inlen);
-  in += inlen;
-  inlen &= 127;
-  in -= inlen;
-  for (i = 0;i < inlen;++i) padded[i] = in[i];
-  padded[inlen] = 0x80;
-  if (inlen < 112) {
-    for (i = inlen + 1;i < 119;++i) padded[i] = 0;
-    padded[119] = bytes >> 61;
-    padded[120] = bytes >> 53;
-    padded[121] = bytes >> 45;
-    padded[122] = bytes >> 37;
-    padded[123] = bytes >> 29;
-    padded[124] = bytes >> 21;
-    padded[125] = bytes >> 13;
-    padded[126] = bytes >> 5;
-    padded[127] = bytes << 3;
-    blocks(h,padded,128);
-  } else {
-    for (i = inlen + 1;i < 247;++i) padded[i] = 0;
-    padded[247] = bytes >> 61;
-    padded[248] = bytes >> 53;
-    padded[249] = bytes >> 45;
-    padded[250] = bytes >> 37;
-    padded[251] = bytes >> 29;
-    padded[252] = bytes >> 21;
-    padded[253] = bytes >> 13;
-    padded[254] = bytes >> 5;
-    padded[255] = bytes << 3;
-    blocks(h,padded,256);
-  }
-  for (i = 0;i < 64;++i) out[i] = h[i];
-  return 0;
-}

data/ext/ed25519/sha512.h DELETED

@@ -1,4 +0,0 @@
-extern int crypto_hashblocks(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen);
-extern int crypto_hash_sha512(unsigned char *out,const unsigned char *in,unsigned long long inlen);
-#define crypto_hash_sha512_BYTES 64