diff --git a/main.c b/main.c index 8db9d42..1fb1e06 100644 --- a/main.c +++ b/main.c @@ -682,11 +682,6 @@ int main(int argc,char **argv) exit(1); } - if (basekeys == 0) { - fprintf(stderr, "This build requires using --basekey.\n"); - exit(1); - } - if (yamlinput && yamloutput) { fprintf(stderr,"both -y and -Y does not make sense\n"); exit(1); diff --git a/worker.c b/worker.c index 3d444e1..cf8f7cf 100644 --- a/worker.c +++ b/worker.c @@ -211,7 +211,7 @@ static void reseedright(u8 sk[SECRET_LEN]) #include "ed25519/ed25519_impl_pre.h" ge_p3 ALIGN(16) PUBKEY_BASE; -int pubkey_base_initialized; +int pubkey_base_initialized = 0; #include "worker_impl.inc.h" // uses those globals @@ -219,14 +219,18 @@ void ed25519_pubkey_addbase(const u8 base_pk[32]) { ge_p3 ALIGN(16) A; u8 tmp_pk[32]; + ge_frombytes_negate_vartime(&A, base_pk); - // dumb hack: unpack flips the point. to get the original point - // back, i just pack and unpack it again + // dumb hack: The only available frombytes function flips the point. + // To get the original point back, I can just pack and unpack it again. ge_p3_tobytes(tmp_pk, &A); ge_frombytes_negate_vartime(&A, tmp_pk); + if (!pubkey_base_initialized) { + // note: PUBKEY_BASE could be initialized to the point at infinity + // to remove the need for pubkey_base_initialized. pubkey_base_initialized = 1; - PUBKEY_BASE = A; // TODO use a proper cpy fn if any + PUBKEY_BASE = A; } else { ge25519_add(&PUBKEY_BASE, &PUBKEY_BASE, &A); } @@ -235,14 +239,11 @@ void ed25519_pubkey_addbase(const u8 base_pk[32]) static int ed25519_pubkey_onbase(u8 *pk,const u8 *sk) { ge_p3 ALIGN(16) A; - - if (unlikely(pubkey_base_initialized == 0)) - abort(); - ge_scalarmult_base(&A, sk); - ge25519_add(&A, &A, &PUBKEY_BASE); + if (pubkey_base_initialized) { + ge25519_add(&A, &A, &PUBKEY_BASE); + } ge_p3_tobytes(pk,&A); - return 0; } @@ -251,7 +252,7 @@ static void sanitycheck(const u8 *sk, const u8 *pk) { u8 testpk[PUBLIC_LEN]; ed25519_pubkey_onbase(testpk, sk); if (memcmp(testpk,pk,PUBLIC_LEN) != 0) { - fprintf(stderr, "Sanity check failed. Either I fucked something up, or you're using an unsupported combination of options. Probably both.\n"); + fprintf(stderr, "Sanity check failed. Please report this on Github, including the command line parameters you've used.\n"); abort(); } } diff --git a/worker_batch.inc.h b/worker_batch.inc.h index f7d5407..a6870e1 100644 --- a/worker_batch.inc.h +++ b/worker_batch.inc.h @@ -25,9 +25,6 @@ void *CRYPTO_NAMESPACE(worker_batch)(void *task) (void) task; #endif - if (unlikely(pubkey_base_initialized == 0)) - abort(); - PREFILTER memcpy(secret,skprefix,SKPREFIX_SIZE); @@ -50,7 +47,9 @@ initseed: ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); - ge25519_add(&ge_public, &ge_public, &PUBKEY_BASE); + if (pubkey_base_initialized) { + ge25519_add(&ge_public, &ge_public, &PUBKEY_BASE); + } for (counter = 0;counter < SIZE_MAX-(8*BATCHNUM);counter += 8*BATCHNUM) { ge_p1p1 ALIGN(16) sum; diff --git a/worker_fast.inc.h b/worker_fast.inc.h index 89608fb..0c23637 100644 --- a/worker_fast.inc.h +++ b/worker_fast.inc.h @@ -42,7 +42,9 @@ initseed: ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); - ge25519_add(&ge_public, &ge_public, &PUBKEY_BASE); + if (pubkey_base_initialized) { + ge25519_add(&ge_public, &ge_public, &PUBKEY_BASE); + } ge_p3_tobytes(pk,&ge_public); for (counter = 0;counter < SIZE_MAX-8;counter += 8) {