diff options
-rw-r--r-- | include/libuecc/ecc.h | 3 | ||||
-rw-r--r-- | src/ec25519.c | 48 |
2 files changed, 28 insertions, 23 deletions
diff --git a/include/libuecc/ecc.h b/include/libuecc/ecc.h index c9ea7d9..4f6b870 100644 --- a/include/libuecc/ecc.h +++ b/include/libuecc/ecc.h @@ -55,6 +55,9 @@ typedef struct _ecc_25519_work { * @{ */ +extern const ecc_25519_work_t ecc_25519_work_identity; +extern const ecc_25519_work_t ecc_25519_work_default_base; + int ecc_25519_load_xy(ecc_25519_work_t *out, const ecc_int256_t *x, const ecc_int256_t *y); void ecc_25519_store_xy(ecc_int256_t *x, ecc_int256_t *y, const ecc_25519_work_t *in); diff --git a/src/ec25519.c b/src/ec25519.c index 53a9910..736b798 100644 --- a/src/ec25519.c +++ b/src/ec25519.c @@ -40,6 +40,28 @@ #include <libuecc/ecc.h> +/** The identity element */ +const ecc_25519_work_t ecc_25519_work_identity = {{0}, {1}, {1}, {0}}; + + +/** The ec25519 default base */ +const ecc_25519_work_t ecc_25519_work_default_base = { + {0xd4, 0x6b, 0xfe, 0x7f, 0x39, 0xfa, 0x8c, 0x22, + 0xe1, 0x96, 0x23, 0xeb, 0x26, 0xb7, 0x8e, 0x6a, + 0x34, 0x74, 0x8b, 0x66, 0xd6, 0xa3, 0x26, 0xdd, + 0x19, 0x5e, 0x9f, 0x21, 0x50, 0x43, 0x7c, 0x54}, + {0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66}, + {1}, + {0x47, 0x56, 0x98, 0x99, 0xc7, 0x61, 0x0a, 0x82, + 0x1a, 0xdf, 0x82, 0x22, 0x1f, 0x2c, 0x72, 0x88, + 0xc3, 0x29, 0x09, 0x52, 0x78, 0xe9, 0x1e, 0xe4, + 0x47, 0x4b, 0x4c, 0x81, 0xa6, 0x02, 0xfd, 0x29} +}; + + static const unsigned int zero[32] = {0}; static const unsigned int one[32] = {1}; @@ -478,9 +500,6 @@ void ecc_25519_store_packed(ecc_int256_t *out, const ecc_25519_work_t *in) { out->p[31] |= (y.p[0] << 7); } -/** The identity element */ -static const ecc_25519_work_t id = {{0}, {1}, {1}, {0}}; - /** Checks if a point is the identity element of the Elliptic Curve group */ int ecc_25519_is_identity(const ecc_25519_work_t *in) { unsigned int Y_Z[32]; @@ -558,7 +577,7 @@ void ecc_25519_add(ecc_25519_work_t *out, const ecc_25519_work_t *in1, const ecc **/ void ecc_25519_scalarmult_bits(ecc_25519_work_t *out, const ecc_int256_t *n, const ecc_25519_work_t *base, unsigned bits) { ecc_25519_work_t Q2, Q2p; - ecc_25519_work_t cur = id; + ecc_25519_work_t cur = ecc_25519_work_identity; int b, pos; if (bits > 256) @@ -585,23 +604,6 @@ void ecc_25519_scalarmult(ecc_25519_work_t *out, const ecc_int256_t *n, const ec ecc_25519_scalarmult_bits(out, n, base, 256); } -/** The ec25519 default base */ -static const ecc_25519_work_t default_base = { - {0xd4, 0x6b, 0xfe, 0x7f, 0x39, 0xfa, 0x8c, 0x22, - 0xe1, 0x96, 0x23, 0xeb, 0x26, 0xb7, 0x8e, 0x6a, - 0x34, 0x74, 0x8b, 0x66, 0xd6, 0xa3, 0x26, 0xdd, - 0x19, 0x5e, 0x9f, 0x21, 0x50, 0x43, 0x7c, 0x54}, - {0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66}, - {1}, - {0x47, 0x56, 0x98, 0x99, 0xc7, 0x61, 0x0a, 0x82, - 0x1a, 0xdf, 0x82, 0x22, 0x1f, 0x2c, 0x72, 0x88, - 0xc3, 0x29, 0x09, 0x52, 0x78, 0xe9, 0x1e, 0xe4, - 0x47, 0x4b, 0x4c, 0x81, 0xa6, 0x02, 0xfd, 0x29} -}; - /** * Does a scalar multiplication of the default base point (generator element) of the Elliptic Curve with an integer of a given bit length * @@ -610,7 +612,7 @@ static const ecc_25519_work_t default_base = { * See the notes about \ref ecc_25519_scalarmult_bits before using this function. */ void ecc_25519_scalarmult_base_bits(ecc_25519_work_t *out, const ecc_int256_t *n, unsigned bits) { - ecc_25519_scalarmult_bits(out, n, &default_base, bits); + ecc_25519_scalarmult_bits(out, n, &ecc_25519_work_default_base, bits); } /** @@ -619,5 +621,5 @@ void ecc_25519_scalarmult_base_bits(ecc_25519_work_t *out, const ecc_int256_t *n * The order of the base point is \f$ 2^{252} + 27742317777372353535851937790883648493 \f$. */ void ecc_25519_scalarmult_base(ecc_25519_work_t *out, const ecc_int256_t *n) { - ecc_25519_scalarmult(out, n, &default_base); + ecc_25519_scalarmult(out, n, &ecc_25519_work_default_base); } |