mirror of
https://github.com/swc-project/swc.git
synced 2024-12-20 20:22:26 +03:00
113 lines
2.5 KiB
TypeScript
113 lines
2.5 KiB
TypeScript
// Loaded from https://raw.githubusercontent.com/aricart/tweetnacl-deno/import-type-fixes/src/scalarmult.ts
|
|
|
|
|
|
import { ByteArray, NumArray } from './array.ts';
|
|
import { gf, _9, _121665, A, Z, M, S } from './core.ts';
|
|
import { sel25519, inv25519, pack25519, unpack25519 } from './curve25519.ts';
|
|
import { checkArrayTypes } from './check.ts';
|
|
|
|
export const enum ScalarLength {
|
|
Scalar = 32, // scalar bytes
|
|
GroupElement = 32, // bytes
|
|
}
|
|
|
|
export function scalarMult(n: ByteArray, p: ByteArray) {
|
|
checkArrayTypes(n, p);
|
|
|
|
if (n.length !== ScalarLength.Scalar) throw new Error('bad n size');
|
|
if (p.length !== ScalarLength.GroupElement) throw new Error('bad p size');
|
|
|
|
const q = ByteArray(ScalarLength.GroupElement);
|
|
|
|
_scalarMult(q, n, p);
|
|
|
|
return q;
|
|
}
|
|
|
|
export function scalarMult_base(n: ByteArray) {
|
|
checkArrayTypes(n);
|
|
|
|
if (n.length !== ScalarLength.Scalar) throw new Error('bad n size');
|
|
|
|
const q = ByteArray(ScalarLength.GroupElement);
|
|
|
|
_scalarMult_base(q, n);
|
|
|
|
return q;
|
|
}
|
|
|
|
// low level
|
|
|
|
export function _scalarMult(q: ByteArray, n: ByteArray, p: ByteArray): 0 {
|
|
const z: ByteArray = ByteArray(32);
|
|
const x: NumArray = NumArray(80);
|
|
const a: NumArray = gf();
|
|
const b: NumArray = gf();
|
|
const c: NumArray = gf();
|
|
const d: NumArray = gf();
|
|
const e: NumArray = gf();
|
|
const f: NumArray = gf();
|
|
|
|
let r, i;
|
|
|
|
for (i = 0; i < 31; i++) z[i] = n[i];
|
|
|
|
z[31] = (n[31] & 127) | 64;
|
|
z[0] &= 248;
|
|
|
|
unpack25519(x, p);
|
|
|
|
for (i = 0; i < 16; i++) {
|
|
b[i] = x[i];
|
|
d[i] = a[i] = c[i] = 0;
|
|
}
|
|
|
|
a[0] = d[0] = 1;
|
|
|
|
for (i = 254; i >= 0; --i) {
|
|
r = (z[i >>> 3] >>> (i & 7)) & 1;
|
|
sel25519(a, b, r);
|
|
sel25519(c, d, r);
|
|
A(e, a, c);
|
|
Z(a, a, c);
|
|
A(c, b, d);
|
|
Z(b, b, d);
|
|
S(d, e);
|
|
S(f, a);
|
|
M(a, c, a);
|
|
M(c, b, e);
|
|
A(e, a, c);
|
|
Z(a, a, c);
|
|
S(b, a);
|
|
Z(c, d, f);
|
|
M(a, c, _121665);
|
|
A(a, a, d);
|
|
M(c, c, a);
|
|
M(a, d, f);
|
|
M(d, b, x);
|
|
S(b, e);
|
|
sel25519(a, b, r);
|
|
sel25519(c, d, r);
|
|
}
|
|
|
|
for (i = 0; i < 16; i++) {
|
|
x[i + 16] = a[i];
|
|
x[i + 32] = c[i];
|
|
x[i + 48] = b[i];
|
|
x[i + 64] = d[i];
|
|
}
|
|
|
|
const x32 = x.subarray(32);
|
|
const x16 = x.subarray(16);
|
|
|
|
inv25519(x32, x32);
|
|
M(x16, x16, x32);
|
|
pack25519(q, x16);
|
|
|
|
return 0;
|
|
}
|
|
|
|
export function _scalarMult_base(q: ByteArray, n: ByteArray): 0 {
|
|
return _scalarMult(q, n, _9);
|
|
}
|