1
2 #include "crypto_core_ed25519.h"
3 #include "private/common.h"
4 #include "private/ed25519_ref10.h"
5
6 int
crypto_core_ed25519_is_valid_point(const unsigned char * p)7 crypto_core_ed25519_is_valid_point(const unsigned char *p)
8 {
9 ge25519_p3 p_p3;
10
11 if (ge25519_is_canonical(p) == 0 ||
12 ge25519_has_small_order(p) != 0 ||
13 ge25519_frombytes(&p_p3, p) != 0 ||
14 ge25519_is_on_curve(&p_p3) == 0 ||
15 ge25519_is_on_main_subgroup(&p_p3) == 0) {
16 return 0;
17 }
18 return 1;
19 }
20
21 int
crypto_core_ed25519_add(unsigned char * r,const unsigned char * p,const unsigned char * q)22 crypto_core_ed25519_add(unsigned char *r,
23 const unsigned char *p, const unsigned char *q)
24 {
25 ge25519_p3 p_p3, q_p3, r_p3;
26 ge25519_p1p1 r_p1p1;
27 ge25519_cached q_cached;
28
29 if (ge25519_frombytes(&p_p3, p) != 0 || ge25519_is_on_curve(&p_p3) == 0 ||
30 ge25519_frombytes(&q_p3, q) != 0 || ge25519_is_on_curve(&q_p3) == 0) {
31 return -1;
32 }
33 ge25519_p3_to_cached(&q_cached, &q_p3);
34 ge25519_add(&r_p1p1, &p_p3, &q_cached);
35 ge25519_p1p1_to_p3(&r_p3, &r_p1p1);
36 ge25519_p3_tobytes(r, &r_p3);
37
38 return 0;
39 }
40
41 int
crypto_core_ed25519_sub(unsigned char * r,const unsigned char * p,const unsigned char * q)42 crypto_core_ed25519_sub(unsigned char *r,
43 const unsigned char *p, const unsigned char *q)
44 {
45 ge25519_p3 p_p3, q_p3, r_p3;
46 ge25519_p1p1 r_p1p1;
47 ge25519_cached q_cached;
48
49 if (ge25519_frombytes(&p_p3, p) != 0 || ge25519_is_on_curve(&p_p3) == 0 ||
50 ge25519_frombytes(&q_p3, q) != 0 || ge25519_is_on_curve(&q_p3) == 0) {
51 return -1;
52 }
53 ge25519_p3_to_cached(&q_cached, &q_p3);
54 ge25519_sub(&r_p1p1, &p_p3, &q_cached);
55 ge25519_p1p1_to_p3(&r_p3, &r_p1p1);
56 ge25519_p3_tobytes(r, &r_p3);
57
58 return 0;
59 }
60
61 int
crypto_core_ed25519_from_uniform(unsigned char * p,const unsigned char * r)62 crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r)
63 {
64 ge25519_from_uniform(p, r);
65
66 return - ge25519_has_small_order(p);
67 }
68
69 size_t
crypto_core_ed25519_bytes(void)70 crypto_core_ed25519_bytes(void)
71 {
72 return crypto_core_ed25519_BYTES;
73 }
74
75 size_t
crypto_core_ed25519_uniformbytes(void)76 crypto_core_ed25519_uniformbytes(void)
77 {
78 return crypto_core_ed25519_UNIFORMBYTES;
79 }
80