ср, 25 дек. 2019 г. в 14:01, Niels Möller nisse@lysator.liu.se:
I've now merged Daiki's implementation of curve448, and I've done some followup cleanups: Moving and renaming edwards/twisted edwards functions, and using a shared ecc_mul_m function for both curve25519_mul and curve448_mul.
Great, thank you!
Pending work: 3. I'm considering changing the struct ecc_point representation to use montgomery representation of the for the individual coordinates, for primes where we use that. Then ecc_a_to_* will (almost?) be redundant. This is inline with also adding other coordinate changes here, if that will be needed for new curves. For the inverse functions, ecc_*_to_a, they're currently repsonsible both for inverting and eliminating the redundant z coordinate, and converting individual coordinates back from montgomery representation, when needed.
Great! This can also be a base for Weierstrass-with-Edwards-form curves.
- Adding support for compact representation (patches from Wim Lewis). I have some of the preparations merged on a branch, but I think it will be simpler if (3) is done first.
5. GOST DSA (RFC 5832, RFC 7091)
Code was tested in GnuTLS tree. Patches for Nettle are ready to be posted after patchset 2 (renames) is merged.
6. secp256k1
Code requires support for properly handling of a coefficient in eccdata.c. I have an implementation handling small values fitting into `int` variables. Also this will allow us to merge twisted and untwisted cases in eccdata.c removing code duplication. I have old patches ready which have to be rebased on top of master.
Regards, /Niels
-- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance.
nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
-- With best wishes Dmitry