telackey/sodium-javascript
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

module: crypto_scalarmult

Browse Source
This commit is contained in:
Christophe Diederichs 2020-05-04 20:49:21 +02:00
parent 03fb607709
commit ff28f5a888
2 changed files with 83 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
crypto_scalarmult.js Normal file
View File

@ -0,0 +1,82 @@
module.exports = {
crypto_scalarmult,
crypto_scalarmult_base,
crypto_scalarmult_BYTES,
crypto_scalarmult_SCALARBYTES
}
function crypto_scalarmult(q, n, p) {
check(q, crypto_scalarmult_BYTES)
check(n, crypto_scalarmult_SCALARBYTES)
check(p, crypto_scalarmult_BYTES)
var z = new Uint8Array(32);
var x = new Float64Array(80), r, i;
var a = gf(), b = gf(), c = gf(),
d = gf(), e = gf(), f = gf();
for (i = 0; i < 31; i++) z[i] = n[i];
z[31]=(n[31]&127)|64;
z[0]&=248;
unpack25519(x,p);
for (i = 0; i < 16; i++) {
b[i]=x[i];
d[i]=a[i]=c[i]=0;
}
a[0]=d[0]=1;
for (i=254; i>=0; --i) {
r=(z[i>>>3]>>>(i&7))&1;
sel25519(a,b,r);
sel25519(c,d,r);
A(e,a,c);
Z(a,a,c);
A(c,b,d);
Z(b,b,d);
S(d,e);
S(f,a);
M(a,c,a);
M(c,b,e);
A(e,a,c);
Z(a,a,c);
S(b,a);
Z(c,d,f);
M(a,c,_121665);
A(a,a,d);
M(c,c,a);
M(a,d,f);
M(d,b,x);
S(b,e);
sel25519(a,b,r);
sel25519(c,d,r);
}
for (i = 0; i < 16; i++) {
x[i+16]=a[i];
x[i+32]=c[i];
x[i+48]=b[i];
x[i+64]=d[i];
}
var x32 = x.subarray(32);
var x16 = x.subarray(16);
inv25519(x32,x32);
M(x16,x16,x32);
pack25519(q,x16);
return 0;
}
module.exports = {
crypto_scalarmult_base,
crypto_scalarmult_base,
crypto_scalarmult_BYTES,
crypto_scalarmult_SCALARBYTES
}
function crypto_scalarmult_base(q, n) {
return crypto_scalarmult(q, n, _9);
}
function check (buf, len) {
if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : ''))
}
var crypto_scalarmult_BYTES,
crypto_scalarmult_SCALARBYTES = 32,
crypto_scalarmult_BYTES,
crypto_scalarmult_SCALARBYTES = 32

66
index.js
View File

@ -75,65 +75,6 @@ function pow2523(o, i) {
for (a = 0; a < 16; a++) o[a] = c[a]; for (a = 0; a < 16; a++) o[a] = c[a];
} }
function crypto_scalarmult(q, n, p) {
check(q, crypto_scalarmult_BYTES)
check(n, crypto_scalarmult_SCALARBYTES)
check(p, crypto_scalarmult_BYTES)
var z = new Uint8Array(32);
var x = new Float64Array(80), r, i;
var a = gf(), b = gf(), c = gf(),
d = gf(), e = gf(), f = gf();
for (i = 0; i < 31; i++) z[i] = n[i];
z[31]=(n[31]&127)|64;
z[0]&=248;
unpack25519(x,p);
for (i = 0; i < 16; i++) {
b[i]=x[i];
d[i]=a[i]=c[i]=0;
}
a[0]=d[0]=1;
for (i=254; i>=0; --i) {
r=(z[i>>>3]>>>(i&7))&1;
sel25519(a,b,r);
sel25519(c,d,r);
A(e,a,c);
Z(a,a,c);
A(c,b,d);
Z(b,b,d);
S(d,e);
S(f,a);
M(a,c,a);
M(c,b,e);
A(e,a,c);
Z(a,a,c);
S(b,a);
Z(c,d,f);
M(a,c,_121665);
A(a,a,d);
M(c,c,a);
M(a,d,f);
M(d,b,x);
S(b,e);
sel25519(a,b,r);
sel25519(c,d,r);
}
for (i = 0; i < 16; i++) {
x[i+16]=a[i];
x[i+32]=c[i];
x[i+48]=b[i];
x[i+64]=d[i];
}
var x32 = x.subarray(32);
var x16 = x.subarray(16);
inv25519(x32,x32);
M(x16,x16,x32);
pack25519(q,x16);
return 0;
}
function crypto_scalarmult_base(q, n) {
return crypto_scalarmult(q, n, _9);
}
var K = [ var K = [
0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd, 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
@ -939,8 +880,6 @@ var crypto_secretbox_KEYBYTES = 32,
crypto_secretbox_NONCEBYTES = 24, crypto_secretbox_NONCEBYTES = 24,
crypto_secretbox_ZEROBYTES = 32, crypto_secretbox_ZEROBYTES = 32,
crypto_secretbox_BOXZEROBYTES = 16, crypto_secretbox_BOXZEROBYTES = 16,
crypto_scalarmult_BYTES = 32,
crypto_scalarmult_SCALARBYTES = 32,
crypto_box_PUBLICKEYBYTES = 32, crypto_box_PUBLICKEYBYTES = 32,
crypto_box_SECRETKEYBYTES = 32, crypto_box_SECRETKEYBYTES = 32,
crypto_box_BEFORENMBYTES = 32, crypto_box_BEFORENMBYTES = 32,
@ -976,10 +915,6 @@ forward(require('./crypto_shorthash'))
forward(require('./randombytes')) forward(require('./randombytes'))
forward(require('./crypto_stream')) forward(require('./crypto_stream'))
sodium.crypto_scalarmult_BYTES = crypto_scalarmult_BYTES
sodium.crypto_scalarmult_SCALARBYTES = crypto_scalarmult_SCALARBYTES
sodium.crypto_scalarmult_base = crypto_scalarmult_base
sodium.crypto_scalarmult = crypto_scalarmult
sodium.crypto_secretbox_KEYBYTES = crypto_secretbox_KEYBYTES, sodium.crypto_secretbox_KEYBYTES = crypto_secretbox_KEYBYTES,
sodium.crypto_secretbox_NONCEBYTES = crypto_secretbox_NONCEBYTES, sodium.crypto_secretbox_NONCEBYTES = crypto_secretbox_NONCEBYTES,
@ -1005,6 +940,7 @@ function cleanup(arr) {
for (var i = 0; i < arr.length; i++) arr[i] = 0; for (var i = 0; i < arr.length; i++) arr[i] = 0;
} }
forward(require('./crypto_scalarmult'))
forward(require('./crypto_stream')) forward(require('./crypto_stream'))
function forward (submodule) { function forward (submodule) {