Got stuck with Ed25519

Wed Sep 11 02:44:10 CEST 2013

On 2013-09-11 at 09:30 +0900, NIIBE Yutaka wrote:
> Here is the change over your patch.  It works fine for me.

Besides, it seems for me that mpi-pow.c has a bug when it is called
with negative base and expo is even (result is positive).  I don't
test it though.

diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c
index 85d6fd8..ff7a462 100644
--- a/mpi/mpi-pow.c
+++ b/mpi/mpi-pow.c
@@ -169,7 +169,7 @@ gcry_mpi_powm (gcry_mpi_t res,
     }
   MPN_COPY ( rp, bp, bsize );
   rsize = bsize;
-  rsign = bsign;
+  rsign = 0;
 
   /* Main processing.  */
   {


Anther thing I am not sure is about the definition of Ed25519.
I only read a paper of twisted-20080313.pdf, by DJB et al.
I'm a newbie in this area, but I thought that it's something like:

I'm sure that it's me who is wrong.  Please let me know a
reference.

diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index aa32794..e8d5c87 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -96,10 +96,10 @@ static const ecc_domain_parms_t domain_parms[] =
       "Ed25519", 256, 0,
       MPI_EC_TWISTEDEDWARDS,
       "0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED",
-      "-0x01",
-      "-0x98412DFC9311D490018C7338BF8688861767FF8FF5B2BEBE27548A14B235EC8FEDA4",
+      "0x1db42",
+      "0x1db41",
       "0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED",
-      "0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A",
+      "0x5707795FBCC143CC45B2B85332E917972AE291B229B8D23DBAE60B8D00032832",
       "0x6666666666666666666666666666666666666666666666666666666666666658"
     },
     {
-- 




