1234567891011121314151617181920212223242526272829303132333435363738394041 |
- #include <string.h>
- #include "crypto_sign.h"
- #include "crypto_hash_sha512.h"
- #include "ge.h"
- #include "sc.h"
- int crypto_sign(
- unsigned char *sm,uint64_t *smlen,
- const unsigned char *m,uint64_t mlen,
- const unsigned char *sk
- )
- {
- unsigned char pk[32];
- unsigned char az[64];
- unsigned char nonce[64];
- unsigned char hram[64];
- ge_p3 R;
- memmove(pk,sk + 32,32);
- crypto_hash_sha512(az,sk,32);
- az[0] &= 248;
- az[31] &= 63;
- az[31] |= 64;
- *smlen = mlen + 64;
- memmove(sm + 64,m,mlen);
- memmove(sm + 32,az + 32,32);
- crypto_hash_sha512(nonce,sm + 32,mlen + 32);
- memmove(sm + 32,pk,32);
- sc_reduce(nonce);
- ge_scalarmult_base(&R,nonce);
- ge_p3_tobytes(sm,&R);
- crypto_hash_sha512(hram,sm,mlen + 64);
- sc_reduce(hram);
- sc_muladd(sm + 32,hram,az,nonce);
- return 0;
- }
|