diff --git a/src/ed25519.h b/src/ed25519.h index 4fea9ad..906ed82 100644 --- a/src/ed25519.h +++ b/src/ed25519.h @@ -1,8 +1,10 @@ #ifndef ED25519_H #define ED25519_H -int ed25519_sign(unsigned char *signature, const unsigned char *message, unsigned int message_len, const unsigned char *sign_key); -int ed25519_verify(const unsigned char *signature, const unsigned char *message, unsigned int message_len, const unsigned char *verify_key); +#include + +int ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *sign_key); +int ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *verify_key); int ed25519_create_keypair(unsigned char *verify_key, unsigned char *sign_key, unsigned char *seed); #ifndef ED25519_NO_SEED diff --git a/src/fe.c b/src/fe.c index 37f4fc7..f05e8ff 100644 --- a/src/fe.c +++ b/src/fe.c @@ -1,5 +1,4 @@ #include "fixedint.h" - #include "fe.h" diff --git a/src/ge.c b/src/ge.c index 4eed5fc..3c342b1 100644 --- a/src/ge.c +++ b/src/ge.c @@ -1,6 +1,5 @@ #include "ge.h" - -#include "base_precomp_data.h" +#include "precomp_data.h" /* diff --git a/src/ge.h b/src/ge.h index 5c04e17..17fde2d 100644 --- a/src/ge.h +++ b/src/ge.h @@ -1,6 +1,9 @@ #ifndef GE_H #define GE_H +#include "fe.h" + + /* ge means group element. @@ -15,8 +18,6 @@ Representations: ge_precomp (Duif): (y+x,y-x,2dxy) */ -#include "fe.h" - typedef struct { fe X; fe Y; diff --git a/src/base_precomp_data.h b/src/precomp_data.h similarity index 100% rename from src/base_precomp_data.h rename to src/precomp_data.h diff --git a/src/sc.c b/src/sc.c index 3c2c860..bc288a6 100644 --- a/src/sc.c +++ b/src/sc.c @@ -1,5 +1,5 @@ -#include "sc.h" #include "fixedint.h" +#include "sc.h" static uint64_t load_3(const unsigned char *in) { uint64_t result; diff --git a/src/seed.txt b/src/seed.txt index e08137d..d6b84d2 100644 Binary files a/src/seed.txt and b/src/seed.txt differ diff --git a/src/sha512.c b/src/sha512.c index baa859d..b5677a4 100644 --- a/src/sha512.c +++ b/src/sha512.c @@ -9,8 +9,6 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -#include - #include "fixedint.h" #include "sha512.h" @@ -170,7 +168,8 @@ return 0; */ int sha512_update (sha512_context * md, const unsigned char *in, size_t inlen) { - size_t n; + size_t n; + size_t i; int err; if (md == NULL) return 1; if (in == NULL) return 1; @@ -186,8 +185,13 @@ int sha512_update (sha512_context * md, const unsigned char *in, size_t inlen) in += 128; inlen -= 128; } else { - n = MIN(inlen, (128 - md->curlen)); - memcpy(md->buf + md->curlen, in, (size_t)n); + n = MIN(inlen, (128 - md->curlen)); + + for (i = 0; i < n; i++) { + md->buf[i + md->curlen] = in[i]; + } + + md->curlen += n; in += n; inlen -= n; diff --git a/src/sign.c b/src/sign.c index 478ecdd..502e344 100644 --- a/src/sign.c +++ b/src/sign.c @@ -4,29 +4,35 @@ #include "sc.h" -int ed25519_sign(unsigned char *signature, const unsigned char *message, unsigned int message_len, const unsigned char *sign_key) { +int ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *sign_key) { unsigned char az[64]; unsigned char r[64]; unsigned char hram[64]; ge_p3 R; sha512_context hash; + sha512(sign_key, 32, az); az[0] &= 248; az[31] &= 63; az[31] |= 64; + sha512_init(&hash); sha512_update(&hash, az + 32, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, r); + sc_reduce(r); ge_scalarmult_base(&R, r); ge_p3_tobytes(signature, &R); + sha512_init(&hash); sha512_update(&hash, signature, 32); sha512_update(&hash, sign_key + 32, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, hram); + sc_reduce(hram); sc_muladd(signature + 32, hram, az, r); + return 0; } diff --git a/src/verify.c b/src/verify.c index e2853a2..4999b63 100644 --- a/src/verify.c +++ b/src/verify.c @@ -44,7 +44,7 @@ static int consttime_equal(const unsigned char *x, const unsigned char *y) { return !r; } -int ed25519_verify(const unsigned char *signature, const unsigned char *message, unsigned int message_len, const unsigned char *verify_key) { +int ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *verify_key) { unsigned char h[64]; unsigned char checker[32]; sha512_context hash; @@ -64,6 +64,7 @@ int ed25519_verify(const unsigned char *signature, const unsigned char *message, sha512_update(&hash, verify_key, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, h); + sc_reduce(h); ge_double_scalarmult_vartime(&R, h, &A, signature + 32); ge_tobytes(checker, &R);