From 9bc52c5fb7dc6e9bf920f08b5faa865ec72c8c86 Mon Sep 17 00:00:00 2001 From: cathugger Date: Fri, 15 Nov 2019 04:58:21 +0000 Subject: [PATCH] implement worker_batch_pass --- Makefile.in | 2 +- main.c | 3 ++- worker.c | 13 +++++++++++-- worker.h | 1 + worker_batch.inc.h | 2 ++ worker_batch.inc.h => worker_batch_pass.inc.h | 25 ++++++++++++++++++------- worker_fast.inc.h | 2 ++ worker_fast_pass.inc.h | 9 +++++---- 8 files changed, 42 insertions(+), 15 deletions(-) copy worker_batch.inc.h => worker_batch_pass.inc.h (82%) diff --git a/Makefile.in b/Makefile.in index ec29317..afeb22a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -452,5 +452,5 @@ worker.c.o: ed25519/ed25519-donna/ed25519-donna-impl-sse2.h worker.c.o: ed25519/ed25519-donna/ed25519-donna-impl-base.h ioutil.h common.h worker.c.o: yaml.h worker.h filters.h filters_worker.inc.h worker.c.o: filters_common.inc.h worker_slow.inc.h worker_fast.inc.h -worker.c.o: worker_fast_pass.inc.h worker_batch.inc.h +worker.c.o: worker_fast_pass.inc.h worker_batch.inc.h worker_batch_pass.inc.h yaml.c.o: types.h yaml.h ioutil.h base32.h base64.h common.h diff --git a/main.c b/main.c index 355f935..fc38b2c 100644 --- a/main.c +++ b/main.c @@ -516,7 +516,8 @@ int main(int argc,char **argv) #endif tret = pthread_create(&VEC_BUF(threads,i),0, #ifdef PASSPHRASE - deterministic ? worker_fast_pass : + deterministic ? ( + batchkeygen ? worker_batch_pass : worker_fast_pass) : #endif batchkeygen ? worker_batch : (fastkeygen ? worker_fast : worker_slow),tp); diff --git a/worker.c b/worker.c index fa1b361..83466f3 100644 --- a/worker.c +++ b/worker.c @@ -210,8 +210,17 @@ static void reseedright(u8 sk[SECRET_LEN]) #include "worker_fast_pass.inc.h" -#ifndef BATCHNUM -#define BATCHNUM 2048 +#if !defined(BATCHNUM) + #define BATCHNUM 2048 +#else + #if BATCHNUM & (BATCHNUM - 1) + #error "BATCHNUM must be power of 2" + #endif + #if (BATCHNUM * 8) > DETERMINISTIC_LOOP_COUNT + #error "BATCHNUM is too large" + #endif #endif #include "worker_batch.inc.h" + +#include "worker_batch_pass.inc.h" diff --git a/worker.h b/worker.h index 289c27e..a06edd4 100644 --- a/worker.h +++ b/worker.h @@ -43,4 +43,5 @@ extern void *worker_fast(void *task); extern void *worker_batch(void *task); #ifdef PASSPHRASE extern void *worker_fast_pass(void *task); +extern void *worker_batch_pass(void *task); #endif diff --git a/worker_batch.inc.h b/worker_batch.inc.h index 69559d7..e544d00 100644 --- a/worker_batch.inc.h +++ b/worker_batch.inc.h @@ -44,7 +44,9 @@ initseed: #ifdef STATISTICS ++st->numrestart.v; #endif + randombytes(seed,sizeof(seed)); + ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); diff --git a/worker_batch.inc.h b/worker_batch_pass.inc.h similarity index 82% copy from worker_batch.inc.h copy to worker_batch_pass.inc.h index 69559d7..3f669f2 100644 --- a/worker_batch.inc.h +++ b/worker_batch_pass.inc.h @@ -1,5 +1,6 @@ -void *worker_batch(void *task) +#ifdef PASSPHRASE +void *worker_batch_pass(void *task) { union pubonionunion pubonion; u8 * const pk = &pubonion.raw[PKPREFIX_SIZE]; @@ -17,7 +18,7 @@ void *worker_batch(void *task) fe tmp_batch[BATCHNUM]; bytes32 pk_batch[BATCHNUM]; - size_t counter; + size_t counter,oldcounter; size_t i; #ifdef STATISTICS @@ -44,12 +45,19 @@ initseed: #ifdef STATISTICS ++st->numrestart.v; #endif - randombytes(seed,sizeof(seed)); + + pthread_mutex_lock(&determseed_mutex); + for (int i = 0; i < SEED_LEN; i++) + if (++determseed[i]) + break; + memcpy(seed, determseed, SEED_LEN); + pthread_mutex_unlock(&determseed_mutex); + ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); - for (counter = 0;counter < SIZE_MAX-(8*BATCHNUM);counter += 8*BATCHNUM) { + for (counter = oldcounter = 0;counter < DETERMINISTIC_LOOP_COUNT;counter += 8*BATCHNUM) { ge_p1p1 sum; if (unlikely(endwork)) @@ -88,11 +96,15 @@ initseed: // copy public key memcpy(pk,pk_batch[b],PUBLIC_LEN); // update secret key with counter - addsztoscalar32(sk,counter + (b * 8)); + addsztoscalar32(sk,counter + (b * 8) - oldcounter); + oldcounter = counter + (b * 8); // sanity check if ((sk[0] & 248) != sk[0] || ((sk[31] & 63) | 64) != sk[31]) goto initseed; + // reseed right half of key to avoid reuse, it won't change public key anyway + reseedright(sk); + ADDNUMSUCCESS; // calc checksum @@ -104,8 +116,6 @@ initseed: strcpy(base32_to(&sname[direndpos],pk,PUBONION_LEN),".onion"); onionready(sname,secret,pubonion.raw); pk[PUBLIC_LEN] = 0; // what is this for? - // don't reuse same seed - goto initseed; }); next: ; @@ -120,3 +130,4 @@ end: sodium_memzero(seed,sizeof(seed)); return 0; } +#endif // PASSPHRASE diff --git a/worker_fast.inc.h b/worker_fast.inc.h index 3172656..db57b0b 100644 --- a/worker_fast.inc.h +++ b/worker_fast.inc.h @@ -36,7 +36,9 @@ initseed: #ifdef STATISTICS ++st->numrestart.v; #endif + randombytes(seed,sizeof(seed)); + ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); diff --git a/worker_fast_pass.inc.h b/worker_fast_pass.inc.h index 0983816..8b698ef 100644 --- a/worker_fast_pass.inc.h +++ b/worker_fast_pass.inc.h @@ -34,17 +34,18 @@ void *worker_fast_pass(void *task) sname = makesname(); initseed: +#ifdef STATISTICS + ++st->numrestart.v; +#endif + pthread_mutex_lock(&determseed_mutex); for (int i = 0; i < SEED_LEN; i++) if (++determseed[i]) break; memcpy(seed, determseed, SEED_LEN); pthread_mutex_unlock(&determseed_mutex); - ed25519_seckey_expand(sk,seed); -#ifdef STATISTICS - ++st->numrestart.v; -#endif + ed25519_seckey_expand(sk,seed); ge_scalarmult_base(&ge_public,sk); ge_p3_tobytes(pk,&ge_public); -- 2.11.4.GIT