urcrypt_ed_add_scalarmult_scalarmult_base

pkg/urbit/jets/e/ed_add_scalarmult_scalarmult_base.c

@@ -2,61 +2,37 @@
 **
 */
 #include "all.h"
-
+#include <urcrypt.h>
-
-#include <ed25519.h>
-#include <ge.h>
 
 /* functions
 */
-
   u3_noun
   u3qc_add_scalarmult_scalarmult_base(u3_atom a,
-                                      u3_atom a_point,
+                                      u3_atom b,
-                                      u3_atom b)
+                                      u3_atom c)
   {
-    c3_y met_w;
+    c3_w ate_w, bet_w, get_w;
 
-    met_w = u3r_met(3, a);
+    if ( ((ate_w = u3r_met(3, a)) > 32) ||
-    if (met_w > 32) {
+         ((bet_w = u3r_met(3, b)) > 32) ||
-      return u3m_bail(c3__fail);
+         ((get_w = u3r_met(3, c)) > 32) ) {
+      return u3_none;
     }
-    c3_y a_y[32];
+    else {
+      c3_y a_y[32], b_y[32], c_y[32], out_y[32];
+
       memset(a_y, 0, 32);
-    u3r_bytes(0, met_w, a_y, a);
-
-    met_w = u3r_met(3, a_point);
-    if (met_w > 32) {
-      return u3m_bail(c3__fail);
-    }
-    c3_y a_point_y[32];
-    memset(a_point_y, 0, 32);
-    u3r_bytes(0, met_w, a_point_y, a_point);
-
-    met_w = u3r_met(3, b);
-    if (met_w > 32) {
-      return u3m_bail(c3__fail);
-    }
-    c3_y b_y[32];
       memset(b_y, 0, 32);
-    u3r_bytes(0, met_w, b_y, b);
+      memset(c_y, 0, 32);
+      u3r_bytes(0, ate_w, a_y, a);
+      u3r_bytes(0, bet_w, b_y, b);
+      u3r_bytes(0, get_w, c_y, c);
 
-    ge_p3 A;
+      return
-    if (ge_frombytes_negate_vartime(&A, a_point_y) != 0) {
+        ( 0 == urcrypt_ed_add_scalarmult_scalarmult_base(a_y, b_y, c_y, out_y) )
-      return u3m_bail(c3__exit);
+        ? u3i_bytes(32, out_y)
+        : u3_none;
     }
-
-    // Undo the negation from above. See add_scalar.c in the ed25519 distro.
-    fe_neg(A.X, A.X);
-    fe_neg(A.T, A.T);
-
-    ge_p2 r;
-    ge_double_scalarmult_vartime(&r, a_y, &A, b_y);
-
-    c3_y output_y[32];
-    ge_tobytes(output_y, &r);
-
-    return u3i_bytes(32, output_y);
   }
 
   u3_noun

pkg/urcrypt/Makefile

@@ -4,7 +4,7 @@ PREFIX ?= ./out
 
 ################################################################################
 
-.PHONY: all test install clean
+.PHONY: all install clean
 
 CFLAGS := $(CFLAGS) -O3 -Wall -Werror -pedantic -std=gnu99
 SOURCES = urcrypt.c urcrypt.h
@@ -29,4 +29,4 @@ install: all
 	cp urcrypt.h $(PREFIX)/include/
 
 clean:
-	rm -rf ./out
+	rm urcrypt-static.o urcrypt-shared.o liburcrypt.a liburcrypt.so

pkg/urcrypt/urcrypt.c

@@ -57,6 +57,29 @@ urcrypt_ed_scalarmult_base(uint8_t a[32], uint8_t out[32])
   ge_p3_tobytes(out, &R);
 }
 
+int
+urcrypt_ed_add_scalarmult_scalarmult_base(uint8_t a[32],
+                                          uint8_t a_point[32],
+                                          uint8_t b[32],
+                                          uint8_t out[32])
+{
+  ge_p2 r;
+  ge_p3 A;
+
+  if (ge_frombytes_negate_vartime(&A, a_point) != 0) {
+    return -1;
+  }
+
+  // Undo the negation from above. See add_scalar.c in the ed25519 distro.
+  fe_neg(A.X, A.X);
+  fe_neg(A.T, A.T);
+
+  ge_double_scalarmult_vartime(&r, a, &A, b);
+  ge_tobytes(out, &r);
+
+  return 0;
+}
+
 void
 urcrypt_ed_sign(uint8_t *message,
                 size_t length,

pkg/urcrypt/urcrypt.h

@@ -9,6 +9,10 @@
 int urcrypt_ed_point_add(uint8_t a[32], uint8_t b[32], uint8_t out[32]);
 int urcrypt_ed_scalarmult(uint8_t a[32], uint8_t b[32], uint8_t out[32]);
 void urcrypt_ed_scalarmult_base(uint8_t a[32], uint8_t out[32]);
+int urcrypt_ed_add_scalarmult_scalarmult_base(uint8_t a[32],
+                                              uint8_t a_point[32],
+                                              uint8_t b[32],
+                                              uint8_t out[32]);
 void urcrypt_ed_sign(uint8_t *message,
                      size_t length,
                      uint8_t seed[32],