update vendor keybase/go-crypto (#10234)

2020-02-11 19:58:23 +01:00 · 2020-02-11 19:58:23 +01:00 · bfd62b6f01
commit bfd62b6f01
parent 86fdba177a
29 changed files with 1062 additions and 769 deletions
--- a/vendor/github.com/keybase/go-crypto/ed25519/internal/edwards25519/edwards25519.go
+++ b/vendor/github.com/keybase/go-crypto/ed25519/internal/edwards25519/edwards25519.go
@ -4,6 +4,8 @@

 package edwards25519

+import "encoding/binary"
+
 // This code is a port of the public domain, “ref10” implementation of ed25519
 // from SUPERCOP.

@ -1769,3 +1771,23 @@ func ScReduce(out *[32]byte, s *[64]byte) {
 	out[30] = byte(s11 >> 9)
 	out[31] = byte(s11 >> 17)
 }
+
+// order is the order of Curve25519 in little-endian form.
+var order = [4]uint64{0x5812631a5cf5d3ed, 0x14def9dea2f79cd6, 0, 0x1000000000000000}
+
+// ScMinimal returns true if the given scalar is less than the order of the
+// curve.
+func ScMinimal(scalar *[32]byte) bool {
+	for i := 3; ; i-- {
+		v := binary.LittleEndian.Uint64(scalar[i*8:])
+		if v > order[i] {
+			return false
+		} else if v < order[i] {
+			break
+		} else if i == 0 {
+			return false
+		}
+	}
+
+	return true
+}