save working state

This commit is contained in:
Christophe Diederichs 2020-07-02 17:19:58 +02:00
parent 3ecb669b6f
commit 8c23d7a3af
6 changed files with 107 additions and 71 deletions

View File

@ -11,7 +11,9 @@ module.exports = {
crypto_scalarmult_BYTES, crypto_scalarmult_BYTES,
crypto_scalarmult_SCALARBYTES crypto_scalarmult_SCALARBYTES
} }
const b = Buffer.alloc(32)
pack25519(b, _9)
console.log(b.toString('hex'))
function crypto_scalarmult (q, n, p) { function crypto_scalarmult (q, n, p) {
check(q, crypto_scalarmult_BYTES) check(q, crypto_scalarmult_BYTES)
check(n, crypto_scalarmult_SCALARBYTES) check(n, crypto_scalarmult_SCALARBYTES)

View File

@ -207,6 +207,7 @@ function crypto_sign(sm, m, sk) {
} }
modL(sm.subarray(32), x); modL(sm.subarray(32), x);
// console.log(Buffer.from(sm).toString('hex'))
return smlen return smlen
} }
@ -270,6 +271,7 @@ function crypto_sign_open(msg, sm, pk) {
if (n < 64) return false; if (n < 64) return false;
if (unpackneg(q, pk)) return false; if (unpackneg(q, pk)) return false;
pack(t, q);
for (i = 0; i < n; i++) m[i] = sm[i]; for (i = 0; i < n; i++) m[i] = sm[i];
for (i = 0; i < 32; i++) m[i+32] = pk[i]; for (i = 0; i < 32; i++) m[i+32] = pk[i];

View File

@ -71,7 +71,9 @@ const p = Buffer.from([
0x27, 0xa6, 0x3e, 0xd2, 0xc8, 0xac, 0xa4, 0xed 0x27, 0xa6, 0x3e, 0xd2, 0xc8, 0xac, 0xa4, 0xed
]) ])
function signedInt (i) { const pk_test = Buffer.from('d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a', 'hex')
function signedInt (i) {
return i < 0 ? 2 ** 32 + i : i return i < 0 ? 2 ** 32 + i : i
} }
@ -100,79 +102,83 @@ const gf = ec.ge3()
/////////////////////////////////////////// ///////////////////////////////////////////
ec.fe25519_frombytes(a, an) ec.fe25519_frombytes(a, an)
ec.fe25519_frombytes(b, bn) ec.fe25519_frombytes(b, bn)
// console.log('\na __________') // // console.log('\na __________')
// for (let i = 0; i < 10; i++) console.log(`a${i}:`, signedInt(a[i]).toString(16).padStart(8, '0')) // // for (let i = 0; i < 10; i++) console.log(`a${i}:`, signedInt(a[i]).toString(16).padStart(8, '0'))
// console.log('\nb __________') // // console.log('\nb __________')
// for (let i = 0; i < 10; i++) console.log(`b${i}:`, signedInt(b[i]).toString(16).padStart(8, '0')) // // for (let i = 0; i < 10; i++) console.log(`b${i}:`, signedInt(b[i]).toString(16).padStart(8, '0'))
ec.fe25519_frombytes(c, bn) // ec.fe25519_frombytes(c, bn)
ec.fe25519_tobytes(res, c) // ec.fe25519_tobytes(res, c)
console.log('tess :', res.toString('hex')) // console.log('tess :', res.toString('hex'))
ec.fe25519_mul(g, a, b) ec.fe25519_mul(g, a, b)
ec.fe25519_tobytes(res, g) ec.fe25519_tobytes(res, g)
console.log('fe_mul:', res.toString('hex')) console.log('fe_mul:', res.toString('hex'))
ec.fe25519_sq(g, a) // ec.fe25519_sq(g, a)
ec.fe25519_tobytes(res, g) // ec.fe25519_tobytes(res, g)
console.log('fe_sq :', res.toString('hex')) // console.log('fe_sq :', res.toString('hex'))
ec.fe25519_reduce(g, c) // ec.fe25519_reduce(g, c)
ec.fe25519_tobytes(res, g) // ec.fe25519_tobytes(res, g)
console.log('fe_red:', res.toString('hex')) // console.log('fe_red:', res.toString('hex'))
ec.fe25519_sqmul(a, 8734, b) // ec.fe25519_sqmul(a, 8734, b)
ec.fe25519_tobytes(res, a) // ec.fe25519_tobytes(res, a)
console.log('fe_sqm:', res.toString('hex')) // console.log('fe_sqm:', res.toString('hex'))
ec.fe25519_invert(a, a) // ec.fe25519_invert(a, a)
ec.fe25519_tobytes(res, a) // ec.fe25519_tobytes(res, a)
console.log('fe_inv:', res.toString('hex')) // console.log('fe_inv:', res.toString('hex'))
ec.fe25519_pow22523(a, a) // ec.fe25519_pow22523(a, a)
ec.fe25519_tobytes(res, a) // ec.fe25519_tobytes(res, a)
console.log('fe_p25:', res.toString('hex')) // console.log('fe_p25:', res.toString('hex'))
ec.fe25519_cneg(a, a, 1) // ec.fe25519_cneg(a, a, 1)
ec.fe25519_tobytes(res, a) // ec.fe25519_tobytes(res, a)
console.log('fe_cng:', res.toString('hex')) // console.log('fe_cng:', res.toString('hex'))
ec.sc25519_mul(res, an, bn) // ec.sc25519_mul(res, an, bn)
console.log('sc_mul:', res.toString('hex')) // console.log('sc_mul:', res.toString('hex'))
ec.sc25519_muladd(res, an, bn, cn) // ec.sc25519_muladd(res, an, bn, cn)
console.log('sc_mad:', res.toString('hex')) // console.log('sc_mad:', res.toString('hex'))
ec.sc25519_reduce(s) // ec.sc25519_reduce(s)
console.log('sc_red:', s.subarray(0, 32).toString('hex')) // console.log('sc_red:', s.subarray(0, 32).toString('hex'))
ec.sc25519_invert(res, cn) // ec.sc25519_invert(res, cn)
console.log('sc_inv:', res.toString('hex')) // console.log('sc_inv:', res.toString('hex'))
ec.ge25519_mont_to_ed(g, c, a, b) // ec.ge25519_mont_to_ed(g, c, a, b)
ec.fe25519_tobytes(res, g) // ec.fe25519_tobytes(res, g)
console.log('g_m2ex:', res.toString('hex')) // console.log('g_m2ex:', res.toString('hex'))
ec.fe25519_tobytes(res, c) // ec.fe25519_tobytes(res, c)
console.log('g_m2ey:', res.toString('hex')) // console.log('g_m2ey:', res.toString('hex'))
ec.ge25519_frombytes(ge, p) // ec.ge25519_frombytes(ge, p)
ec.ge25519_p3_tobytes(res, ge) // ec.ge25519_p3_tobytes(res, ge)
console.log("p :", res.toString('hex')) // console.log("p :", res.toString('hex'))
ec.ge25519_mul_l(gf, ge) // ec.ge25519_mul_l(gf, ge)
ec.ge25519_p3_tobytes(res, gf) // ec.ge25519_p3_tobytes(res, gf)
console.log("mul_l :", res.toString('hex')) // console.log("mul_l :", res.toString('hex'))
ec.ge25519_scalarmult_base(gf, cn) // ec.ge25519_scalarmult_base(gf, cn)
ec.ge25519_p3_tobytes(res, gf) // ec.ge25519_p3_tobytes(res, gf)
console.log("smultb:", res.toString('hex')) // console.log("smultb:", res.toString('hex'))
ec.ge25519_scalarmult(ge, bn, gf) // ec.ge25519_scalarmult(ge, bn, gf)
ec.ge25519_p3_tobytes(res, ge) // ec.ge25519_p3_tobytes(res, ge)
console.log("smult :", res.toString('hex')) // console.log("smult :", res.toString('hex'))
ec.ge25519_double_scalarmult_vartime(gf, an, ge, bn) // ec.ge25519_double_scalarmult_vartime(gf, an, ge, bn)
ec.ge25519_p3_tobytes(res, gf) // ec.ge25519_p3_tobytes(res, gf)
console.log("smdbl :", res.toString('hex')) // console.log("smdbl :", res.toString('hex'))
// ec.ge25519_frombytes_negate_vartime(gf, pk_test)
// ec.ge25519_p3_tobytes(res, gf)
// console.log("smdbl :", res.toString('hex'))
console.log('canon :', ec.sc25519_is_canonical(bn)) console.log('canon :', ec.sc25519_is_canonical(bn))

View File

@ -14,6 +14,7 @@ const wasm = require('./fe25519_25/mult.js')({
} }
}) })
console.log(wasm.buffer.byteLength)
const base = require('./fe25519_25/base.json').map(a => a.map(b => ge2(b))) const base = require('./fe25519_25/base.json').map(a => a.map(b => ge2(b)))
const printbuf =Buffer.alloc(32) const printbuf =Buffer.alloc(32)
@ -726,7 +727,7 @@ function fe25519_mul (h, f, g) {
wasm.memory.set(fbuf) wasm.memory.set(fbuf)
wasm.memory.set(gbuf, 40) wasm.memory.set(gbuf, 40)
wasm.exports.mul(80, 0, 40) wasm.exports.fe255219_mul(0, 40)
buf = Buffer.from(wasm.memory.slice(80, 120)) buf = Buffer.from(wasm.memory.slice(80, 120))
for (let i = 0; i < 10; i++) { for (let i = 0; i < 10; i++) {

File diff suppressed because one or more lines are too long

View File

@ -56,7 +56,24 @@
(get_local $f) (get_local $f)
(i64.or)) (i64.or))
(func $mul (export "mul") (param $h i32) (param $f i32) (param $g i32) (func $store_fe (export "store") (param $ptr i32)
(param $0 i64) (param $1 i64) (param $2 i64) (param $3 i64) (param $4 i64)
(param $5 i64) (param $6 i64) (param $7 i64) (param $8 i64) (param $9 i64)
(i64.store32 offset=0 (get_local $ptr) (get_local $0))
(i64.store32 offset=4 (get_local $ptr) (get_local $1))
(i64.store32 offset=8 (get_local $ptr) (get_local $2))
(i64.store32 offset=12 (get_local $ptr) (get_local $3))
(i64.store32 offset=16 (get_local $ptr) (get_local $4))
(i64.store32 offset=20 (get_local $ptr) (get_local $5))
(i64.store32 offset=24 (get_local $ptr) (get_local $6))
(i64.store32 offset=28 (get_local $ptr) (get_local $7))
(i64.store32 offset=32 (get_local $ptr) (get_local $8))
(i64.store32 offset=36 (get_local $ptr) (get_local $9)))
(func $mul (param $f i32) (param $g i32)
(result i64 i64 i64 i64 i64 i64 i64 i64 i64 i64)
(local $f0 i64) (local $f0 i64)
(local $f1 i64) (local $f1 i64)
(local $f2 i64) (local $f2 i64)
@ -484,17 +501,17 @@
(set_local $h1 (i64.add (get_local $h1) (get_local $carry0))) (set_local $h1 (i64.add (get_local $h1) (get_local $carry0)))
(set_local $h0 (i64.sub (get_local $h0) (i64.mul (get_local $carry0) (i64.shl (i64.const 1) (i64.const 26))))) (set_local $h0 (i64.sub (get_local $h0) (i64.mul (get_local $carry0) (i64.shl (i64.const 1) (i64.const 26)))))
(i64.store32 offset=0 (get_local $h) (get_local $h0)) (get_local $h0)
(i64.store32 offset=4 (get_local $h) (get_local $h1)) (get_local $h1)
(i64.store32 offset=8 (get_local $h) (get_local $h2)) (get_local $h2)
(i64.store32 offset=12 (get_local $h) (get_local $h3)) (get_local $h3)
(i64.store32 offset=16 (get_local $h) (get_local $h4)) (get_local $h4)
(i64.store32 offset=20 (get_local $h) (get_local $h5)) (get_local $h5)
(i64.store32 offset=24 (get_local $h) (get_local $h6)) (get_local $h6)
(i64.store32 offset=28 (get_local $h) (get_local $h7)) (get_local $h7)
(i64.store32 offset=32 (get_local $h) (get_local $h8)) (get_local $h8)
(i64.store32 offset=36 (get_local $h) (get_local $h9))) (get_local $h9))
(func $sq (export "sq") (param $h i32) (param $f i32) (param $double i32) (func $sq (export "sq") (param $h i32) (param $f i32) (param $double i32)
(local $tmp i64) (local $tmp i64)
@ -781,8 +798,7 @@
(i64.store32 offset=24 (get_local $h) (get_local $h6)) (i64.store32 offset=24 (get_local $h) (get_local $h6))
(i64.store32 offset=28 (get_local $h) (get_local $h7)) (i64.store32 offset=28 (get_local $h) (get_local $h7))
(i64.store32 offset=32 (get_local $h) (get_local $h8)) (i64.store32 offset=32 (get_local $h) (get_local $h8))
(i64.store32 offset=36 (get_local $h) (get_local $h9)) (i64.store32 offset=36 (get_local $h) (get_local $h9)))
)
(func $sc25519_mul (export "sc25519_mul") (param $s i32) (param $a i32) (param $b i32) (func $sc25519_mul (export "sc25519_mul") (param $s i32) (param $a i32) (param $b i32)
@ -2742,4 +2758,12 @@
(i64.or) (i64.or)
(i64.store offset=24)) (i64.store offset=24))
(func $fe25519_mul (export "fe25519_mul") (param $h i32) (param $f i32) (param $g i32)
(get_local $h)
(call $mul (get_local $f) (get_local $g))
(call $store_fe))
;; (func $pow22325 (export "pow22325") (param $out i32) (param $z i32)
) )