From 256e972b36623d24251f5c69d7c40bb5ab9d2a29 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Fri, 16 Oct 2015 23:07:34 +0200
Subject: Add Ed25519-compatible generator point

The old point is renamed, as it isn't the only default point anymore. The
old name and functions using the old point are deprecated now.
---
 include/libuecc/ecc.h | 44 ++++++++++++++++++++++++++++++++++++++++----
 src/ec25519.c         | 37 +++++++++++++++++++++++++++++++++++--
 2 files changed, 75 insertions(+), 6 deletions(-)

diff --git a/include/libuecc/ecc.h b/include/libuecc/ecc.h
index 98d756c..12f1d3e 100644
--- a/include/libuecc/ecc.h
+++ b/include/libuecc/ecc.h
@@ -27,6 +27,11 @@
 #ifndef _LIBUECC_ECC_H_
 #define _LIBUECC_ECC_H_
 
+#ifndef DEPRECATED
+#define DEPRECATED __attribute__((deprecated))
+#endif
+
+
 #include <stdint.h>
 
 
@@ -61,8 +66,35 @@ typedef struct _ecc_25519_work {
 /** The identity element */
 extern const ecc_25519_work_t ecc_25519_work_identity;
 
-/** The ec25519 default base */
-extern const ecc_25519_work_t ecc_25519_work_default_base;
+
+/**
+ * The generator point used by Ed25519
+ *
+ * \ref ecc_25519_work_base_ed25519 is the inverse of \ref ecc_25519_work_base_legacy
+ *
+ * The order of the base point is \f$ 2^{252} + 27742317777372353535851937790883648493 \f$.
+ **/
+extern const ecc_25519_work_t ecc_25519_work_base_ed25519;
+
+/**
+ * The ec25519 legacy generator point ("default base" till libuecc v5)
+ *
+ * In new software that doesn't need compablity with older libuecc releases, you should consider
+ * using \ref ecc_25519_work_base_ed25519 instead.
+ *
+ * \ref ecc_25519_work_base_legacy is the inverse of \ref ecc_25519_work_base_ed25519
+ *
+ * The order of the base point is \f$ 2^{252} + 27742317777372353535851937790883648493 \f$.
+ */
+extern const ecc_25519_work_t ecc_25519_work_base_legacy;
+
+
+/**
+ * The ec25519 legacy generator point (provided for API/ABI compatiblity with older releases of libuecc)
+ *
+ * \deprecated Use \ref ecc_25519_work_base_legacy instead.
+ */
+DEPRECATED extern const ecc_25519_work_t ecc_25519_work_default_base;
 
 
 
@@ -143,15 +175,19 @@ void ecc_25519_scalarmult(ecc_25519_work_t *out, const ecc_int256_t *n, const ec
  * The order of the base point is \f$ 2^{252} + 27742317777372353535851937790883648493 \f$.
  *
  * See the notes about \ref ecc_25519_scalarmult_bits before using this function.
+ *
+ * \deprecated Use \ref ecc_25519_scalarmult_bits and explicitly specify the base point.
  */
-void ecc_25519_scalarmult_base_bits(ecc_25519_work_t *out, const ecc_int256_t *n, unsigned bits);
+DEPRECATED void ecc_25519_scalarmult_base_bits(ecc_25519_work_t *out, const ecc_int256_t *n, unsigned bits);
 
 /**
  * Does a scalar multiplication of the default base point (generator element) of the Elliptic Curve with an integer
  *
  * The order of the base point is \f$ 2^{252} + 27742317777372353535851937790883648493 \f$.
+ *
+ * \deprecated Use \ref ecc_25519_scalarmult and explicitly specify the base point.
  */
-void ecc_25519_scalarmult_base(ecc_25519_work_t *out, const ecc_int256_t *n);
+DEPRECATED void ecc_25519_scalarmult_base(ecc_25519_work_t *out, const ecc_int256_t *n);
 
 /**@}*/
 
diff --git a/src/ec25519.c b/src/ec25519.c
index f2bc288..a9c5748 100644
--- a/src/ec25519.c
+++ b/src/ec25519.c
@@ -48,6 +48,22 @@
 
 const ecc_25519_work_t ecc_25519_work_identity = {{0}, {1}, {1}, {0}};
 
+const ecc_25519_work_t ecc_25519_work_base_legacy = {
+	{0xd4, 0x6b, 0xfe, 0x7f, 0x39, 0xfa, 0x8c, 0x22,
+	 0xe1, 0x96, 0x23, 0xeb, 0x26, 0xb7, 0x8e, 0x6a,
+	 0x34, 0x74, 0x8b, 0x66, 0xd6, 0xa3, 0x26, 0xdd,
+	 0x19, 0x5e, 0x9f, 0x21, 0x50, 0x43, 0x7c, 0x54},
+	{0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66},
+	{1},
+	{0x47, 0x56, 0x98, 0x99, 0xc7, 0x61, 0x0a, 0x82,
+	 0x1a, 0xdf, 0x82, 0x22, 0x1f, 0x2c, 0x72, 0x88,
+	 0xc3, 0x29, 0x09, 0x52, 0x78, 0xe9, 0x1e, 0xe4,
+	 0x47, 0x4b, 0x4c, 0x81, 0xa6, 0x02, 0xfd, 0x29}
+};
+
 const ecc_25519_work_t ecc_25519_work_default_base = {
 	{0xd4, 0x6b, 0xfe, 0x7f, 0x39, 0xfa, 0x8c, 0x22,
 	 0xe1, 0x96, 0x23, 0xeb, 0x26, 0xb7, 0x8e, 0x6a,
@@ -65,6 +81,23 @@ const ecc_25519_work_t ecc_25519_work_default_base = {
 };
 
 
+const ecc_25519_work_t ecc_25519_work_base_ed25519 = {
+	{0x19, 0x94, 0x01, 0x80, 0xc6, 0x05, 0x73, 0xdd,
+	 0x1e, 0x69, 0xdc, 0x14, 0xd9, 0x48, 0x71, 0x95,
+	 0xcb, 0x8b, 0x74, 0x99, 0x29, 0x5c, 0xd9, 0x22,
+	 0xe6, 0xa1, 0x60, 0xde, 0xaf, 0xbc, 0x83, 0x2b},
+	{0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66},
+	{1},
+	{0xa6, 0xa9, 0x67, 0x66, 0x38, 0x9e, 0xf5, 0x7d,
+	 0xe5, 0x20, 0x7d, 0xdd, 0xe0, 0xd3, 0x8d, 0x77,
+	 0x3c, 0xd6, 0xf6, 0xad, 0x87, 0x16, 0xe1, 0x1b,
+	 0xb8, 0xb4, 0xb3, 0x7e, 0x59, 0xfd, 0x02, 0x56},
+};
+
+
 static const uint32_t zero[32] = {0};
 static const uint32_t one[32] = {1};
 
@@ -679,9 +712,9 @@ void ecc_25519_scalarmult(ecc_25519_work_t *out, const ecc_int256_t *n, const ec
 }
 
 void ecc_25519_scalarmult_base_bits(ecc_25519_work_t *out, const ecc_int256_t *n, unsigned bits) {
-	ecc_25519_scalarmult_bits(out, n, &ecc_25519_work_default_base, bits);
+	ecc_25519_scalarmult_bits(out, n, &ecc_25519_work_base_legacy, bits);
 }
 
 void ecc_25519_scalarmult_base(ecc_25519_work_t *out, const ecc_int256_t *n) {
-	ecc_25519_scalarmult(out, n, &ecc_25519_work_default_base);
+	ecc_25519_scalarmult(out, n, &ecc_25519_work_base_legacy);
 }
-- 
cgit v1.2.3