blob: 0ed49770b6656d19a7d618698010f064bd7d3148 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
/* SPDX-License-Identifier: GPL-2.0
*
* Copyright (C) 2016-2017 INRIA and Microsoft Corporation.
* Copyright (C) 2015-2016 The fiat-crypto Authors.
* Copyright (C) 2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*
* This is a machine-generated formally verified implementation of curve25519 DH from:
* https://github.com/mitls/hacl-star and https://github.com/mit-plv/fiat-crypto
*/
#include "curve25519.h"
#include <stdint.h>
#include <string.h>
#include <endian.h>
typedef uint64_t u64;
typedef uint32_t u32;
typedef uint8_t u8;
typedef int64_t s64;
typedef u64 __le64;
typedef u32 __le32;
#define le64_to_cpup(a) le64toh(*(a));
#define le32_to_cpup(a) le32toh(*(a));
#define cpu_to_le64(a) htole64(a);
#ifndef __always_inline
#define __always_inline __inline __attribute__((__always_inline__))
#endif
#ifndef noinline
#define noinline __attribute__((noinline))
#endif
#ifndef __aligned
#define __aligned(x) __attribute__((aligned(x)))
#endif
#ifndef __force
#define __force
#endif
#define normalize_secret(a) curve25519_normalize_secret(a)
static noinline void memzero_explicit(void *s, size_t count)
{
memset(s, 0, count);
__asm__ __volatile__("": :"r"(s) :"memory");
}
#ifdef __SIZEOF_INT128__
#include "../crypto/curve25519-hacl64.h"
#else
#include "../crypto/curve25519-fiat32.h"
#endif
void curve25519_generate_public(uint8_t pub[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE])
{
static const uint8_t basepoint[CURVE25519_POINT_SIZE] = { 9 };
curve25519(pub, secret, basepoint);
}
void curve25519(uint8_t mypublic[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE], const uint8_t basepoint[static CURVE25519_POINT_SIZE])
{
curve25519_generic(mypublic, secret, basepoint);
}
|
