moved all stuff to github

author: Antonio Juarez <antonio.maria.juarez@live.com> 2014-03-03 22:07:58 +0000
committer: Antonio Juarez <antonio.maria.juarez@live.com> 2014-03-03 22:07:58 +0000
commit: 296ae46ed8f8f6e5f986f978febad302e3df231a (patch)
tree: 1629164454a239308f33c9e12afb22e7f3cd8eeb /src/crypto/crypto.cpp
parent: changed name (diff)
download: monero-296ae46ed8f8f6e5f986f978febad302e3df231a.tar.xz
1 files changed, 95 insertions, 12 deletions
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp
index 020e413e9..f5f525700 100644
--- a/src/crypto/crypto.cpp
+++ b/src/crypto/crypto.cpp
@@ -1,3 +1,7 @@
+// Copyright (c) 2012-2013 The Cryptonote developers
+// Distributed under the MIT/X11 software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
 #include <alloca.h>
 #include <cassert>
 #include <cstddef>
@@ -5,23 +9,31 @@
 #include <cstdlib>
 #include <cstring>
 #include <memory>
+#include <mutex>
 
+#include "common/varint.h"
+#include "warnings.h"
 #include "crypto.h"
-#include "random.h"
+#include "hash.h"
 
 namespace crypto {
 
   using std::abort;
   using std::int32_t;
   using std::int64_t;
+  using std::lock_guard;
+  using std::mutex;
   using std::size_t;
   using std::uint32_t;
   using std::uint64_t;
 
   extern "C" {
 #include "crypto-ops.h"
+#include "random.h"
   }
 
+  mutex random_lock;
+
   static inline unsigned char *operator &(ec_point &point) {
     return &reinterpret_cast<unsigned char &>(point);
   }
@@ -46,11 +58,12 @@ namespace crypto {
   }
 
   static inline void hash_to_scalar(const void *data, size_t length, ec_scalar &res) {
-    keccak(data, length, reinterpret_cast<hash &>(res));
+    cn_fast_hash(data, length, reinterpret_cast<hash &>(res));
     sc_reduce32(&res);
   }
 
   void crypto_ops::generate_keys(public_key &pub, secret_key &sec) {
+    lock_guard<mutex> lock(random_lock);
     ge_p3 point;
     random_scalar(sec);
     ge_scalarmult_base(&point, &sec);
@@ -62,13 +75,79 @@ namespace crypto {
     return ge_frombytes_vartime(&point, &key) == 0;
   }
 
+  bool crypto_ops::secret_key_to_public_key(const secret_key &sec, public_key &pub) {
+    ge_p3 point;
+    if (sc_check(&sec) != 0) {
+      return false;
+    }
+    ge_scalarmult_base(&point, &sec);
+    ge_p3_tobytes(&pub, &point);
+    return true;
+  }
+
+  bool crypto_ops::generate_key_derivation(const public_key &key1, const secret_key &key2, key_derivation &derivation) {
+    ge_p3 point;
+    ge_p2 point2;
+    ge_p1p1 point3;
+    assert(sc_check(&key2) == 0);
+    if (ge_frombytes_vartime(&point, &key1) != 0) {
+      return false;
+    }
+    ge_scalarmult(&point2, &key2, &point);
+    ge_mul8(&point3, &point2);
+    ge_p1p1_to_p2(&point2, &point3);
+    ge_tobytes(&derivation, &point2);
+    return true;
+  }
+
+  static void derivation_to_scalar(const key_derivation &derivation, size_t output_index, ec_scalar &res) {
+    struct {
+      key_derivation derivation;
+      char output_index[(sizeof(size_t) * 8 + 6) / 7];
+    } buf;
+    char *end = buf.output_index;
+    buf.derivation = derivation;
+    tools::write_varint(end, output_index);
+    assert(end <= buf.output_index + sizeof buf.output_index);
+    hash_to_scalar(&buf, end - reinterpret_cast<char *>(&buf), res);
+  }
+
+  bool crypto_ops::derive_public_key(const key_derivation &derivation, size_t output_index,
+    const public_key &base, public_key &derived_key) {
+    ec_scalar scalar;
+    ge_p3 point1;
+    ge_p3 point2;
+    ge_cached point3;
+    ge_p1p1 point4;
+    ge_p2 point5;
+    if (ge_frombytes_vartime(&point1, &base) != 0) {
+      return false;
+    }
+    derivation_to_scalar(derivation, output_index, scalar);
+    ge_scalarmult_base(&point2, &scalar);
+    ge_p3_to_cached(&point3, &point2);
+    ge_add(&point4, &point1, &point3);
+    ge_p1p1_to_p2(&point5, &point4);
+    ge_tobytes(&derived_key, &point5);
+    return true;
+  }
+
+  void crypto_ops::derive_secret_key(const key_derivation &derivation, size_t output_index,
+    const secret_key &base, secret_key &derived_key) {
+    ec_scalar scalar;
+    assert(sc_check(&base) == 0);
+    derivation_to_scalar(derivation, output_index, scalar);
+    sc_add(&derived_key, &base, &scalar);
+  }
+
   struct s_comm {
     hash h;
     ec_point key;
     ec_point comm;
   };
 
-  void crypto_ops::generate_signature(const hash &message_hash, const public_key &pub, const secret_key &sec, signature &sig) {
+  void crypto_ops::generate_signature(const hash &prefix_hash, const public_key &pub, const secret_key &sec, signature &sig) {
+    lock_guard<mutex> lock(random_lock);
     ge_p3 tmp3;
     ec_scalar k;
     s_comm buf;
@@ -82,7 +161,7 @@ namespace crypto {
       assert(pub == t2);
     }
 #endif
-    buf.h = message_hash;
+    buf.h = prefix_hash;
     buf.key = pub;
     random_scalar(k);
     ge_scalarmult_base(&tmp3, &k);
@@ -91,13 +170,13 @@ namespace crypto {
     sc_mulsub(&sig.r, &sig.c, &sec, &k);
   }
 
-  bool crypto_ops::check_signature(const hash &message_hash, const public_key &pub, const signature &sig) {
+  bool crypto_ops::check_signature(const hash &prefix_hash, const public_key &pub, const signature &sig) {
     ge_p2 tmp2;
     ge_p3 tmp3;
     ec_scalar c;
     s_comm buf;
     assert(check_key(pub));
-    buf.h = message_hash;
+    buf.h = prefix_hash;
     buf.key = pub;
     if (ge_frombytes_vartime(&tmp3, &pub) != 0) {
       abort();
@@ -116,7 +195,7 @@ namespace crypto {
     hash h;
     ge_p2 point;
     ge_p1p1 point2;
-    keccak(std::addressof(key), sizeof(public_key), h);
+    cn_fast_hash(std::addressof(key), sizeof(public_key), h);
     ge_fromfe_frombytes_vartime(&point, reinterpret_cast<const unsigned char *>(&h));
     ge_mul8(&point2, &point);
     ge_p1p1_to_p3(&res, &point2);
@@ -131,21 +210,25 @@ namespace crypto {
     ge_tobytes(&image, &point2);
   }
 
+PUSH_WARNINGS
+DISABLE_VS_WARNINGS(4200)
   struct rs_comm {
     hash h;
     struct {
       ec_point a, b;
     } ab[];
   };
+POP_WARNINGS
 
   static inline size_t rs_comm_size(size_t pubs_count) {
     return sizeof(rs_comm) + pubs_count * sizeof(rs_comm().ab[0]);
   }
 
-  void crypto_ops::generate_ring_signature(const hash &message_hash, const key_image &image,
+  void crypto_ops::generate_ring_signature(const hash &prefix_hash, const key_image &image,
     const public_key *const *pubs, size_t pubs_count,
     const secret_key &sec, size_t sec_index,
     signature *sig) {
+    lock_guard<mutex> lock(random_lock);
     size_t i;
     ge_p3 image_unp;
     ge_dsmp image_pre;
@@ -173,7 +256,7 @@ namespace crypto {
     }
     ge_dsm_precomp(image_pre, &image_unp);
     sc_0(&sum);
-    buf->h = message_hash;
+    buf->h = prefix_hash;
     for (i = 0; i < pubs_count; i++) {
       ge_p2 tmp2;
       ge_p3 tmp3;
@@ -203,7 +286,7 @@ namespace crypto {
     sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &sec, &k);
   }
 
-  bool crypto_ops::check_ring_signature(const hash &message_hash, const key_image &image,
+  bool crypto_ops::check_ring_signature(const hash &prefix_hash, const key_image &image,
     const public_key *const *pubs, size_t pubs_count,
     const signature *sig) {
     size_t i;
@@ -221,7 +304,7 @@ namespace crypto {
     }
     ge_dsm_precomp(image_pre, &image_unp);
     sc_0(&sum);
-    buf->h = message_hash;
+    buf->h = prefix_hash;
     for (i = 0; i < pubs_count; i++) {
       ge_p2 tmp2;
       ge_p3 tmp3;
@@ -242,4 +325,4 @@ namespace crypto {
     sc_sub(&h, &h, &sum);
     return sc_isnonzero(&h) == 0;
   }
-}
-\ No newline at end of file
+}
author	Antonio Juarez <antonio.maria.juarez@live.com>	2014-03-03 22:07:58 +0000
committer	Antonio Juarez <antonio.maria.juarez@live.com>	2014-03-03 22:07:58 +0000
commit	296ae46ed8f8f6e5f986f978febad302e3df231a (patch)
tree	1629164454a239308f33c9e12afb22e7f3cd8eeb /src/crypto/crypto.cpp
parent	changed name (diff)
download	monero-296ae46ed8f8f6e5f986f978febad302e3df231a.tar.xz