diff options
| author |   Michael Hamburg <mike@shiftleft.org> | 2017-10-15 16:54:30 -0700 |
|---|---|---|
| committer | Michael Hamburg <mike@shiftleft.org> | 2017-10-15 16:54:30 -0700 |
| commit | 45eb0e14d35b738225f32da9d407b741b7f1c4bb (patch) | |
| tree | a44a36d15f2257ba62cf30806db0ceba15830a4a /src/per_curve/point.tmpl.hxx | |
| parent | change HISTORY.txt (diff) | |
| download | goldilocks-45eb0e14d35b738225f32da9d407b741b7f1c4bb.tar.xz goldilocks-45eb0e14d35b738225f32da9d407b741b7f1c4bb.zip | |
change the misleading mul_by_cofactor functions to mul_by_ratio, and create ENCODE_RATIO and DECODE_ratio constants to represent this
Diffstat (limited to 'src/per_curve/point.tmpl.hxx')
| -rw-r--r-- | src/per_curve/point.tmpl.hxx | 59 |
1 files changed, 35 insertions, 24 deletions
diff --git a/src/per_curve/point.tmpl.hxx b/src/per_curve/point.tmpl.hxx index 022ec40..5405871 100644 --- a/src/per_curve/point.tmpl.hxx +++ b/src/per_curve/point.tmpl.hxx @@ -51,9 +51,6 @@ static inline int bits() { return $(gf_bits); } /** The curve's cofactor (removed, but useful for testing) */ static const int REMOVED_COFACTOR = $(cofactor); -/** The curve's cofactor (removed, but useful for testing) */ -static const int EDDSA_RATIO = $(cofactor/2 if eddsa_sigma_iso else cofactor); - /** Residue class of field modulus: p == this mod 2*(this-1) */ static const int FIELD_MODULUS_TYPE = $(modulus &~ (modulus-3)); @@ -250,6 +247,15 @@ public: /** Bytes required for EdDSA encoding */ static const size_t LADDER_BYTES = DECAF_X$(gf_shortname)_PUBLIC_BYTES; + + /** Ratio due to EdDSA encoding */ + static const int EDDSA_ENCODE_RATIO = $(C_NS)_EDDSA_ENCODE_RATIO; + + /** Ratio due to EdDSA decoding */ + static const int EDDSA_DECODE_RATIO = $(C_NS)_EDDSA_DECODE_RATIO; + + /** Ratio due to ladder decoding */ + static const int LADDER_ENCODE_RATIO = DECAF_X$(gf_shortname)_ENCODE_RATIO; /** * Size of a stegged element. @@ -335,44 +341,49 @@ public: * @return DECAF_FAILURE the string was the wrong length, or wasn't the encoding of a point. * Contents of the point are undefined. */ - inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_ignore_cofactor_noexcept ( + inline decaf_error_t DECAF_WARN_UNUSED decode_like_eddsa_and_mul_by_ratio_noexcept ( const FixedBlock<DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES> &buffer ) DECAF_NOEXCEPT { - return $(c_ns)_point_decode_like_eddsa_and_ignore_cofactor(p,buffer.data()); + return $(c_ns)_point_decode_like_eddsa_and_mul_by_ratio(p,buffer.data()); } - - inline void decode_like_eddsa_and_ignore_cofactor ( + + /** + * Decode from EDDSA, multiply by EDDSA_DECODE_RATIO, and ignore any + * remaining cofactor information. + * @throw CryptoException if the input point was invalid. + */ + inline void decode_like_eddsa_and_mul_by_ratio( const FixedBlock<DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES> &buffer ) /*throw(CryptoException)*/ { - if (DECAF_SUCCESS != decode_like_eddsa_and_ignore_cofactor_noexcept(buffer)) throw(CryptoException()); + if (DECAF_SUCCESS != decode_like_eddsa_and_mul_by_ratio_noexcept(buffer)) throw(CryptoException()); } - /** Multiply out cofactor and encode like EdDSA. */ - inline SecureBuffer mul_by_cofactor_and_encode_like_eddsa() const { + /** Multiply by EDDSA_ENCODE_RATIO and encode like EdDSA. */ + inline SecureBuffer mul_by_ratio_and_encode_like_eddsa() const { SecureBuffer ret(DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES); - $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa(ret.data(),p); + $(c_ns)_point_mul_by_ratio_and_encode_like_eddsa(ret.data(),p); return ret; } - /** Multiply out cofactor and encode like X25519/X448. */ - inline SecureBuffer mul_by_cofactor_and_encode_like_ladder() const { - SecureBuffer ret(LADDER_BYTES); - $(c_ns)_point_mul_by_cofactor_and_encode_like_x$(gf_shortname)(ret.data(),p); - return ret; - } - - /** Multiply out cofactor and encode like EdDSA. */ - inline void mul_by_cofactor_and_encode_like_eddsa( + /** Multiply by EDDSA_ENCODE_RATIO and encode like EdDSA. */ + inline void mul_by_ratio_and_encode_like_eddsa( FixedBuffer<DECAF_EDDSA_$(gf_shortname)_PUBLIC_BYTES> &out ) const { - $(c_ns)_point_mul_by_cofactor_and_encode_like_eddsa(out.data(),p); + $(c_ns)_point_mul_by_ratio_and_encode_like_eddsa(out.data(),p); + } + + /** Multiply by LADDER_ENCODE_RATIO and encode like X25519/X448. */ + inline SecureBuffer mul_by_ratio_and_encode_like_ladder() const { + SecureBuffer ret(LADDER_BYTES); + $(c_ns)_point_mul_by_ratio_and_encode_like_x$(gf_shortname)(ret.data(),p); + return ret; } - /** Multiply out cofactor and encode like X25519/X448. */ - inline void mul_by_cofactor_and_encode_like_ladder( + /** Multiply by LADDER_ENCODE_RATIO and encode like X25519/X448. */ + inline void mul_by_ratio_and_encode_like_ladder( FixedBuffer<LADDER_BYTES> &out ) const { - $(c_ns)_point_mul_by_cofactor_and_encode_like_x$(gf_shortname)(out.data(),p); + $(c_ns)_point_mul_by_ratio_and_encode_like_x$(gf_shortname)(out.data(),p); } /** |