From 354e777bb73fd07b07054ae4b192566d3212444f Mon Sep 17 00:00:00 2001
From: cathugger <cathugger@cock.li>
Date: Sat, 19 Jan 2019 16:44:35 +0000
Subject: [PATCH] implement batched ref10

---
 main.c | 135 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 133 insertions(+), 2 deletions(-)

diff --git a/main.c b/main.c
index 1ba92a8..b6c94d4 100644
--- a/main.c
+++ b/main.c
@@ -397,7 +397,7 @@ initseed:
 			goto initseed;
 		});
 	next:
-		ge_add(&sum, &ge_public,&ge_eightpoint);
+		ge_add(&sum,&ge_public,&ge_eightpoint);
 		ge_p1p1_to_p3(&ge_public,&sum);
 		ge_p3_tobytes(pk,&ge_public);
 #ifdef STATISTICS
@@ -515,8 +515,128 @@ end:
 	sodium_memzero(seed,sizeof(seed));
 	return 0;
 }
+#endif // PASSPHRASE
+
+#ifdef BATCHKEYGEN
+
+#define BATCHNUM 64
+
+static void *dobatchwork(void *task)
+{
+	union pubonionunion pubonion;
+	u8 * const pk = &pubonion.raw[PKPREFIX_SIZE];
+	u8 secret[SKPREFIX_SIZE + SECRET_LEN];
+	u8 * const sk = &secret[SKPREFIX_SIZE];
+	u8 seed[SEED_LEN];
+	u8 hashsrc[checksumstrlen + PUBLIC_LEN + 1];
+	u8 wpk[PUBLIC_LEN + 1];
+	ge_p3 ge_public;
+
+	ge_p3 ge_batch[BATCHNUM];
+	fe *(batchgez)[BATCHNUM];
+	fe tmp_batch[BATCHNUM];
+	bytes32 pk_batch[BATCHNUM];
+
+	size_t counter;
+	size_t i;
+	char *sname;
+#ifdef STATISTICS
+	struct statstruct *st = (struct statstruct *)task;
 #endif
 
+	for (size_t b = 0;b < BATCHNUM;++b)
+		batchgez[b] = &ge_batch[b].Z;
+
+	PREFILTER
+
+	memcpy(secret,skprefix,SKPREFIX_SIZE);
+	wpk[PUBLIC_LEN] = 0;
+	memset(&pubonion,0,sizeof(pubonion));
+	memcpy(pubonion.raw,pkprefix,PKPREFIX_SIZE);
+	// write version later as it will be overwritten by hash
+	memcpy(hashsrc,checksumstr,checksumstrlen);
+	hashsrc[checksumstrlen + PUBLIC_LEN] = 0x03; // version
+
+	sname = makesname();
+
+initseed:
+#ifdef STATISTICS
+	++st->numrestart.v;
+#endif
+	randombytes(seed,sizeof(seed));
+	ed25519_seckey_expand(sk,seed);
+
+	ge_scalarmult_base(&ge_public,sk);
+
+	for (counter = 0;counter < SIZE_MAX-(8*BATCHNUM);counter += 8*BATCHNUM) {
+		ge_p1p1 sum;
+
+		if (unlikely(endwork))
+			goto end;
+
+		for (size_t b = 0;b < BATCHNUM;++b) {
+			ge_batch[b] = ge_public;
+			ge_add(&sum,&ge_public,&ge_eightpoint);
+			ge_p1p1_to_p3(&ge_public,&sum);
+		}
+		ge_p3_batchtobytes_destructive(pk_batch,ge_batch,batchgez,tmp_batch,BATCHNUM);
+
+#ifdef STATISTICS
+		st->numcalc.v += BATCHNUM;
+#endif
+
+		for (size_t b = 0;b < BATCHNUM;++b) {
+			DOFILTER(i,pk_batch[b],{
+				if (numwords > 1) {
+					shiftpk(wpk,pk_batch[b],filter_len(i));
+					size_t j;
+					for (int w = 1;;) {
+						DOFILTER(j,wpk,goto secondfind);
+						goto next;
+					secondfind:
+						if (++w >= numwords)
+							break;
+						shiftpk(wpk,wpk,filter_len(j));
+					}
+				}
+				// found!
+				// copy public key
+				memcpy(pk,pk_batch[b],PUBLIC_LEN);
+				// update secret key with counter
+				addsztoscalar32(sk,counter + (b * 8));
+				// sanity check
+				if ((sk[0] & 248) != sk[0] || ((sk[31] & 63) | 64) != sk[31])
+					goto initseed;
+
+				ADDNUMSUCCESS;
+
+				// calc checksum
+				memcpy(&hashsrc[checksumstrlen],pk,PUBLIC_LEN);
+				FIPS202_SHA3_256(hashsrc,sizeof(hashsrc),&pk[PUBLIC_LEN]);
+				// version byte
+				pk[PUBLIC_LEN + 2] = 0x03;
+				// full name
+				strcpy(base32_to(&sname[direndpos],pk,PUBONION_LEN),".onion");
+				onionready(sname,secret,pubonion.raw);
+				pk[PUBLIC_LEN] = 0; // what is this for?
+				// don't reuse same seed
+				goto initseed;
+			});
+		next:
+			;
+		}
+	}
+	goto initseed;
+
+end:
+	free(sname);
+	POSTFILTER
+	sodium_memzero(secret,sizeof(secret));
+	sodium_memzero(seed,sizeof(seed));
+	return 0;
+}
+#endif // BATCHKEYGEN
+
 static void printhelp(FILE *out,const char *progname)
 {
 	fprintf(out,
@@ -539,6 +659,9 @@ static void printhelp(FILE *out,const char *progname)
 		"\t-N numwords  - specify number of words per key (default - 1)\n"
 		"\t-z  - use faster key generation method. this is now default\n"
 		"\t-Z  - use slower key generation method\n"
+#ifdef BATCHKEYGEN
+		"\t-B  - use batching key generation\n"
+#endif
 		"\t-s  - print statistics each 10 seconds\n"
 		"\t-S t  - print statistics every specified ammount of seconds\n"
 		"\t-T  - do not reset statistics counters when printing\n"
@@ -605,6 +728,7 @@ int main(int argc,char **argv)
 	int dirnameflag = 0;
 	int numthreads = 0;
 	int fastkeygen = 1;
+	int batchkeygen = 0;
 	int yamlinput = 0;
 #ifdef PASSPHRASE
 	int deterministic = 0;
@@ -733,6 +857,10 @@ int main(int argc,char **argv)
 				fastkeygen = 0;
 			else if (*arg == 'z')
 				fastkeygen = 1;
+#ifdef BATCHKEYGEN
+			else if (*arg == 'B')
+				batchkeygen = 1;
+#endif
 			else if (*arg == 's') {
 #ifdef STATISTICS
 				reportdelay = 10000000;
@@ -929,7 +1057,10 @@ int main(int argc,char **argv)
 #endif
 		tret = pthread_create(&VEC_BUF(threads,i),tattrp,
 #ifdef PASSPHRASE
-				deterministic?dofastworkdeterministic:
+				deterministic ? dofastworkdeterministic :
+#endif
+#ifdef BATCHKEYGEN
+				batchkeygen ? dobatchwork :
 #endif
 				(fastkeygen ? dofastwork : dowork),tp);
 		if (tret) {