add jets for luck:ed, sign-raw:ed, sign-raw-octs:ed, scad:ed, scas:ed…

…, scap:ed (#748) - luck:ed and sign-(octs-)raw go together - luck:ed generates a public private keypair where the private keypair is generated from SHA512(seed) and the usual EdDSA clamping procedure is done on the first 32 bytes. - sign-(octs-)raw allows one to sign from a keypair generated with luck (or, from sca(d/s)) - scad, scas, scap allows one to 'tweak' a public/private keypair with a scalar - scad tweaks public and private - scas tweaks private - scap tweaks public
urbit · Dec 16, 2024 · 9b527b6 · 9b527b6
2 parents c54f28d + 42b84a1
commit 9b527b6
Show file tree

Hide file tree

Showing 18 changed files with 642 additions and 76 deletions.
diff --git a/ext/urcrypt/build.zig.zon b/ext/urcrypt/build.zig.zon
@@ -14,8 +14,8 @@
             .hash = "1220bb683a6df744e618f58a008eaae3eb62b70a78334cec676bd82b1b9e8e944eeb",
         },
         .urcrypt = .{
-            .url = "https://github.com/urbit/urcrypt/archive/e77a0998809f7552c455cf7bf8c1b68c141cce18.tar.gz",
-            .hash = "12202efcf40dcfed9a9b59bba4743cfd0c31364a6d7504724bd4d643b474ff69245b",
+            .url = "https://github.com/urbit/urcrypt/archive/465aad6262f2710f76f75adfe74effb5751c5ab3.tar.gz",
+            .hash = "1220c0f7141ab0aeb4164c5c2ae42848035e5b2fdff52c66c57d5744e3e3751e12c8",
         },
     },
     .paths = .{

diff --git a/pkg/noun/build.zig b/pkg/noun/build.zig
@@ -273,7 +273,12 @@ const c_source_files = [_][]const u8{
     "jets/e/ed_add_double_scalarmult.c",
     "jets/e/ed_add_scalarmult_scalarmult_base.c",
     "jets/e/ed_point_add.c",
+    "jets/e/ed_point_neg.c",
+    "jets/e/ed_scad.c",
+    "jets/e/ed_recs.c",
+    "jets/e/ed_smac.c",
     "jets/e/ed_puck.c",
+    "jets/e/ed_luck.c",
     "jets/e/ed_scalarmult.c",
     "jets/e/ed_scalarmult_base.c",
     "jets/e/ed_shar.c",

diff --git a/pkg/noun/jets/137/tree.c b/pkg/noun/jets/137/tree.c
@@ -112,10 +112,29 @@ static u3j_harm _137_hex__crc32_a[] = {{".2", u3we_crc32}, {}};
 static u3j_core _137_hex__crc_d[] = {{"crc32", 7, _137_hex__crc32_a, 0, no_hashes }, {}};
 
 
+static u3j_harm _137_hex_coed__ed_scad_a[] = {{".2", u3wee_scad}, {}};
+static u3j_harm _137_hex_coed__ed_scas_a[] = {{".2", u3wee_scas}, {}};
+static u3j_harm _137_hex_coed__ed_scap_a[] = {{".2", u3wee_scap}, {}};
+
 static u3j_harm _137_hex_coed__ed_puck_a[] = {{".2", u3wee_puck}, {}};
+static u3j_harm _137_hex_coed__ed_luck_a[] = {{".2", u3wee_luck}, {}};
+static u3j_harm _137_hex_coed__ed_sign_a[] = {{".2", u3wee_sign}, {}};
+static u3j_harm _137_hex_coed__ed_sign_raw_a[] = {{".2", u3wee_sign_raw}, {}};
 static u3j_harm _137_hex_coed__ed_sign_octs_a[] = {{".2", u3wee_sign_octs}, {}};
+static u3j_harm _137_hex_coed__ed_sign_octs_raw_a[] = {{".2", u3wee_sign_octs_raw}, {}};
 static u3j_harm _137_hex_coed__ed_veri_octs_a[] = {{".2", u3wee_veri_octs}, {}};
+static u3j_harm _137_hex_coed__ed_veri_a[] = {{".2", u3wee_veri}, {}};
 static u3j_harm _137_hex_coed__ed_shar_a[] = {{".2", u3wee_shar}, {}};
+static u3j_harm _137_hex_coed__ed_slar_a[] = {{".2", u3wee_slar}, {}};
+
+static u3j_harm _137_hex_coed__ed_smac_a[] =
+  {{".2", u3wee_smac}, {}};
+
+static u3j_harm _137_hex_coed__ed_recs_a[] =
+  {{".2", u3wee_recs}, {}};
+
+static u3j_harm _137_hex_coed__ed_point_neg_a[] =
+  {{".2", u3wee_point_neg}, {}};
 
 static u3j_harm _137_hex_coed__ed_point_add_a[] =
   {{".2", u3wee_point_add}, {}};
@@ -133,11 +152,23 @@ static u3j_harm _137_hex_coed__ed_add_double_scalarmult_a[] =
   {{".2", u3wee_add_double_scalarmult}, {}};
 
 static u3j_core _137_hex_coed__ed_d[] =
-  { { "sign-octs", 7, _137_hex_coed__ed_sign_octs_a, 0, no_hashes },
+  { { "sign", 7, _137_hex_coed__ed_sign_a, 0, no_hashes },
+    { "sign-raw", 7, _137_hex_coed__ed_sign_raw_a, 0, no_hashes },
+    { "sign-octs", 7, _137_hex_coed__ed_sign_octs_a, 0, no_hashes },
+    { "sign-octs-raw", 7, _137_hex_coed__ed_sign_octs_raw_a, 0, no_hashes },
     { "puck", 7, _137_hex_coed__ed_puck_a, 0, no_hashes },
+    { "luck", 7, _137_hex_coed__ed_luck_a, 0, no_hashes },
+    { "scad", 7, _137_hex_coed__ed_scad_a, 0, no_hashes },
+    { "scas", 7, _137_hex_coed__ed_scas_a, 0, no_hashes },
+    { "scap", 7, _137_hex_coed__ed_scap_a, 0, no_hashes },
     { "veri-octs", 7, _137_hex_coed__ed_veri_octs_a, 0, no_hashes },
+    { "veri", 7, _137_hex_coed__ed_veri_a, 0, no_hashes },
     { "shar", 7, _137_hex_coed__ed_shar_a, 0, no_hashes },
+    { "slar", 7, _137_hex_coed__ed_slar_a, 0, no_hashes },
     { "point-add", 7, _137_hex_coed__ed_point_add_a, 0, 0 },
+    { "point-neg", 7, _137_hex_coed__ed_point_neg_a, 0, 0 },
+    { "recs", 7, _137_hex_coed__ed_recs_a, 0, 0 },
+    { "smac", 7, _137_hex_coed__ed_smac_a, 0, 0 },
     { "scalarmult", 7, _137_hex_coed__ed_scalarmult_a, 0,
       no_hashes },
     { "scalarmult-base", 7, _137_hex_coed__ed_scalarmult_base_a, 0,

diff --git a/pkg/noun/jets/e/ed_add_double_scalarmult.c b/pkg/noun/jets/e/ed_add_double_scalarmult.c
@@ -8,18 +8,43 @@
 
   static u3_atom
   _cqee_add_double_scalarmult(u3_atom a,
+                             u3_atom a_point,
                              u3_atom b,
-                             u3_atom c,
-                             u3_atom d)
+                             u3_atom b_point)
   {
-    c3_y a_y[32], b_y[32], c_y[32], d_y[32], out_y[32];
-
-    if ( (0 != u3r_bytes_fit(32, a_y, a)) ||
-         (0 != u3r_bytes_fit(32, b_y, b)) ||
-         (0 != u3r_bytes_fit(32, c_y, c)) ||
-         (0 != u3r_bytes_fit(32, d_y, d)) ||
-         (0 != urcrypt_ed_add_double_scalarmult(a_y, b_y, c_y, d_y, out_y)) ) {
-      return u3_none;
+    c3_y a_y[32], a_point_y[32],
+         b_y[32], b_point_y[32],
+         out_y[32];
+    c3_w met_w;
+
+    met_w = u3r_met(3, a);
+    if ( (32 < met_w) ||
+         ( (32 == met_w) &&
+           (127 < u3r_byte(31, a)) )
+        ) {
+      u3_noun a_recs = u3qee_recs(a);
+      u3r_bytes(0, 32, a_y, a_recs);
+      u3z(a_recs);
+    } else {
+      u3r_bytes(0, 32, a_y, a);
+    }
+
+    met_w = u3r_met(3, b);
+    if ( (32 < met_w) ||
+         ( (32 == met_w) &&
+           (127 < u3r_byte(31, b)) )
+        ) {
+      u3_noun b_recs = u3qee_recs(b);
+      u3r_bytes(0, 32, b_y, b_recs);
+      u3z(b_recs);
+    } else {
+      u3r_bytes(0, 32, b_y, b);
+    }
+
+    if ( (0 != u3r_bytes_fit(32, a_point_y, a_point)) ||
+         (0 != u3r_bytes_fit(32, b_point_y, b_point)) ||
+         (0 != urcrypt_ed_add_double_scalarmult(a_y, a_point_y, b_y, b_point_y, out_y)) ) {
+      return u3m_bail(c3__exit);
     }
     else {
       return u3i_bytes(32, out_y);
@@ -37,11 +62,11 @@
                                u3x_sam_15, &d, 0)) ||
          (c3n == u3ud(a)) ||
          (c3n == u3ud(b)) ||
-         (c3n == u3ud(c)) )
+         (c3n == u3ud(c)) ||
+         (c3n == u3ud(d)) )
     {
       return u3m_bail(c3__exit);
     } else {
-      return u3l_punt("add-double-scalarmult",
-                      _cqee_add_double_scalarmult(a, b, c, d));
+      return _cqee_add_double_scalarmult(a, b, c, d);
     }
   }
diff --git a/pkg/noun/jets/e/ed_add_scalarmult_scalarmult_base.c b/pkg/noun/jets/e/ed_add_scalarmult_scalarmult_base.c
@@ -8,16 +8,39 @@
 
   static u3_atom
   _cqee_add_scalarmult_scalarmult_base(u3_atom a,
-                                      u3_atom b,
-                                      u3_atom c)
+                                      u3_atom a_point,
+                                      u3_atom b)
   {
-    c3_y a_y[32], b_y[32], c_y[32], out_y[32];
+    c3_y a_y[32], a_point_y[32], b_y[32], out_y[32];
+    c3_w met_w;
 
-    if ( (0 != u3r_bytes_fit(32, a_y, a)) ||
-         (0 != u3r_bytes_fit(32, b_y, b)) ||
-         (0 != u3r_bytes_fit(32, c_y, c)) ||
-         (0 != urcrypt_ed_add_scalarmult_scalarmult_base(a_y, b_y, c_y, out_y)) ) {
-      return u3_none;
+    met_w = u3r_met(3, a);
+    if ( (32 < met_w) ||
+         ( (32 == met_w) &&
+           (127 < u3r_byte(31, a)) )
+        ) {
+      u3_noun a_recs = u3qee_recs(a);
+      u3r_bytes(0, 32, a_y, a_recs);
+      u3z(a_recs);
+    } else {
+      u3r_bytes(0, 32, a_y, a);
+    }
+
+    met_w = u3r_met(3, b);
+    if ( (32 < met_w) ||
+         ( (32 == met_w) &&
+           (127 < u3r_byte(31, b)) )
+        ) {
+      u3_noun b_recs = u3qee_recs(b);
+      u3r_bytes(0, 32, b_y, b_recs);
+      u3z(b_recs);
+    } else {
+      u3r_bytes(0, 32, b_y, b);
+    }
+
+    if ( (0 != u3r_bytes_fit(32, a_point_y, a_point)) ||
+         (0 != urcrypt_ed_add_scalarmult_scalarmult_base(a_y, a_point_y, b_y, out_y)) ) {
+      return u3m_bail(c3__exit);
     }
     else {
       return u3i_bytes(32, out_y);
@@ -38,7 +61,6 @@
     {
       return u3m_bail(c3__exit);
     } else {
-      return u3l_punt("add-scalarmult-scalarmult-base",
-                      _cqee_add_scalarmult_scalarmult_base(a, b, c));
+      return _cqee_add_scalarmult_scalarmult_base(a, b, c);
     }
   }
diff --git a/pkg/noun/jets/e/ed_luck.c b/pkg/noun/jets/e/ed_luck.c
@@ -0,0 +1,37 @@
+/// @file
+
+#include "jets/q.h"
+#include "jets/w.h"
+
+#include "noun.h"
+#include "urcrypt.h"
+
+  static u3_atom
+  _cqee_luck(u3_atom sed)
+  {
+    c3_y sed_y[32];
+
+    if ( 0 != u3r_bytes_fit(32, sed_y, sed) ) {
+      // hoon explicitly crashes on mis-size
+      return u3m_bail(c3__exit);
+    }
+    else {
+      c3_y pub_y[32];
+      c3_y sec_y[64];
+      urcrypt_ed_luck(sed_y, pub_y, sec_y);
+      return u3nc(u3i_bytes(32, pub_y), u3i_bytes(64, sec_y));
+    }
+  }
+
+  u3_noun
+  u3wee_luck(u3_noun cor)
+  {
+    u3_noun a = u3r_at(u3x_sam, cor);
+
+    if ( (u3_none == a) || (c3n == u3ud(a)) ) {
+      return u3m_bail(c3__exit);
+    }
+    else {
+      return _cqee_luck(a);
+    }
+  }
diff --git a/pkg/noun/jets/e/ed_point_add.c b/pkg/noun/jets/e/ed_point_add.c
@@ -16,7 +16,7 @@
     if ( (0 != u3r_bytes_fit(32, a_y, a)) ||
          (0 != u3r_bytes_fit(32, b_y, b)) ||
          (0 != urcrypt_ed_point_add(a_y, b_y, out_y)) ) {
-      return u3_none;
+      return u3m_bail(c3__exit);
     }
     else {
       return u3i_bytes(32, out_y);
@@ -35,6 +35,6 @@
     {
       return u3m_bail(c3__exit);
     } else {
-      return u3l_punt("point-add", _cqee_point_add(a, b));
+      return _cqee_point_add(a, b);
     }
   }
diff --git a/pkg/noun/jets/e/ed_point_neg.c b/pkg/noun/jets/e/ed_point_neg.c
@@ -0,0 +1,37 @@
+/// @file
+
+#include "jets/q.h"
+#include "jets/w.h"
+
+#include "noun.h"
+#include "urcrypt.h"
+
+
+  static u3_atom
+  _cqee_point_neg(u3_atom a)
+  {
+    c3_y a_y[32];
+
+    if ( (0 != u3r_bytes_fit(32, a_y, a)) ||
+         (0 != urcrypt_ed_point_neg(a_y)) ) {
+      return u3m_bail(c3__exit);
+    }
+    else {
+      return u3i_bytes(32, a_y);
+    }
+  }
+
+  u3_noun
+  u3wee_point_neg(u3_noun cor)
+  {
+
+    u3_noun a;
+
+    if ( (u3_none == (a = u3r_at(u3x_sam, cor))) ||
+         (c3n == u3ud(a)) )
+    {
+      return u3m_bail(c3__exit);
+    } else {
+      return _cqee_point_neg(a);
+    }
+  }
diff --git a/pkg/noun/jets/e/ed_recs.c b/pkg/noun/jets/e/ed_recs.c
@@ -0,0 +1,48 @@
+/// @file
+
+#include "jets/q.h"
+#include "jets/w.h"
+
+#include "noun.h"
+#include "urcrypt.h"
+
+  // `@ux`(rev 3 32 l:ed:crypto)
+  static c3_y _cqee_l_prime[] = {
+    0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
+    0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 
+  };
+
+  u3_atom
+  u3qee_recs(u3_atom a)
+  {
+    c3_w met_w = u3r_met(3, a);
+
+    if ( 64 < met_w ) {
+      u3_atom l_prime = u3i_bytes(32, _cqee_l_prime);
+      u3_atom pro = u3qa_mod(a, l_prime);
+      u3z(l_prime);
+      return pro;
+    }
+
+    c3_y a_y[64];
+
+    u3r_bytes(0, 64, a_y, a);
+    urcrypt_ed_scalar_reduce(a_y);
+    return u3i_bytes(32, a_y);
+  }
+
+  u3_noun
+  u3wee_recs(u3_noun cor)
+  {
+    u3_noun a;
+
+    if ( (u3_none == (a = u3r_at(u3x_sam, cor))) ||
+         (c3n == u3ud(a)) )
+    {
+      return u3m_bail(c3__exit);
+    } else {
+      return u3qee_recs(a);
+    }
+  }