curve25519.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  * Copyright (C) 2018-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
   4  */
   5
   6 #include "curve25519.h"
   7
   8 #include <stdint.h>
   9 #include <string.h>
  10 #include "utils.h"
  11
  12 #ifndef __BYTE_ORDER__
  13 #include <sys/param.h>
  14 #if !defined(BYTE_ORDER) || !defined(BIG_ENDIAN) || !defined(LITTLE_ENDIAN)
  15 #error "Unable to determine endianness."
  16 #endif
  17 #define __BYTE_ORDER__ BYTE_ORDER
  18 #define __ORDER_BIG_ENDIAN__ BIG_ENDIAN
  19 #define __ORDER_LITTLE_ENDIAN__ LITTLE_ENDIAN
  20 #endif
  21
  22 #ifdef __linux__
  23 #include <linux/types.h>
  24 typedef __u64 u64;
  25 typedef __u32 u32;
  26 typedef __u8 u8;
  27 typedef __s64 s64;
  28 #else
  29 typedef uint64_t u64, __le64;
  30 typedef uint32_t u32, __le32;
  31 typedef uint8_t u8;
  32 typedef int64_t s64;
  33 #endif
  34 #ifndef __unused
  35 #define __unused  __attribute__((unused))
  36 #endif
  37 #ifndef __always_inline
  38 #define __always_inline __inline __attribute__((__always_inline__))
  39 #endif
  40 #ifndef noinline
  41 #define noinline __attribute__((noinline))
  42 #endif
  43 #ifndef __aligned
  44 #define __aligned(x) __attribute__((aligned(x)))
  45 #endif
  46 #ifndef __force
  47 #define __force
  48 #endif
  49
  50 static __always_inline __unused void put_unaligned_le64(u64 s, u8 *d)
  51 {
  52         __le64 l = cpu_to_le64(s);
  53         __builtin_memcpy(d, &l, sizeof(l));
  54 }
  55
  56 static noinline void memzero_explicit(void *s, size_t count)
  57 {
  58         memset(s, 0, count);
  59         asm volatile("": :"r"(s) : "memory");
  60 }
  61
  62 #ifdef __SIZEOF_INT128__
  63 #include "curve25519-hacl64.h"
  64 #else
  65 #include "curve25519-fiat32.h"
  66 #endif
  67
  68 void curve25519_generate_public(uint8_t pub[static CURVE25519_KEY_SIZE], const uint8_t secret[static CURVE25519_KEY_SIZE])
  69 {
  70         static const uint8_t basepoint[CURVE25519_KEY_SIZE] __aligned(sizeof(uintptr_t)) = { 9 };
  71
  72         curve25519(pub, secret, basepoint);
  73 }
  74
  75 void curve25519(uint8_t mypublic[static CURVE25519_KEY_SIZE], const uint8_t secret[static CURVE25519_KEY_SIZE], const uint8_t basepoint[static CURVE25519_KEY_SIZE])
  76 {
  77         curve25519_generic(mypublic, secret, basepoint);
  78 }