mirror of
synced 2025-03-26 23:44:34 +00:00
Initial stab at migrating to HSQLDB for Qora gen2
Most SQL tables defined but only payment transactions actually implemented. Maven support added. Some code imported from 'old' Qora: RIPEMD160 renamed as BrokenMD160 and deprecated. whispersystem's Ed25519 implementation (to be replaced with bouncycastle). Basic Account/PublicKeyAccount/PrivateKeyAccount code. Some utils like Base58 and Pair. To use: Use maven to fetch dependencies. Build project. Fire up an old-gen Qora node. Run src/test/update.java as a JUnit test to build DB structure. Run src/test/migrate.java as a JUnit test to migrate old Qora blocks to DB. You should now be able to run src/test/load.java and src/test/save.java as JUnit tests demonstrating loading/saving Transactions from/to database. This commit done while halfway through adding Block support!
This commit is contained in:
Normal file
Normal file
@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpathentry kind="src" output="target/classes" path="src">
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attribute name="maven.pomderived" value="true"/>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attribute name="maven.pomderived" value="true"/>
<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/4"/>
<classpathentry kind="output" path="target/classes"/>
Normal file
Normal file
@ -0,0 +1,3 @@
Normal file
Normal file
@ -0,0 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
Normal file
Normal file
@ -0,0 +1,12 @@
Normal file
Normal file
@ -0,0 +1,4 @@
Normal file
Normal file
@ -0,0 +1,46 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
Normal file
Normal file
@ -0,0 +1,129 @@
package database;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigDecimal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Arrays;
import com.google.common.primitives.Bytes;
public class DB {
public static void startTransaction(Connection c) throws SQLException {
c.prepareStatement("START TRANSACTION").execute();
public static void commit(Connection c) throws SQLException {
public static void rollback(Connection c) throws SQLException {
public static byte[] getResultSetBytes(InputStream inputStream, int length) {
if (inputStream == null)
return null;
byte[] result = new byte[length];
try {
if (inputStream.read(result) == length)
return result;
} catch (IOException e) {
// Fall-through to return null
return null;
public static byte[] getResultSetBytes(InputStream inputStream) {
final int BYTE_BUFFER_LENGTH = 1024;
if (inputStream == null)
return null;
byte[] result = new byte[0];
while (true) {
try {
byte[] buffer = new byte[BYTE_BUFFER_LENGTH];
int length = inputStream.read(buffer);
result = Bytes.concat(result, Arrays.copyOf(buffer, length));
} catch (IOException e) {
// No more bytes
return result;
public static String formatInsertWithPlaceholders(String table, String... columns) {
String[] placeholders = new String[columns.length];
Arrays.setAll(placeholders, (int i) -> "?");
StringBuilder output = new StringBuilder();
output.append("INSERT INTO ");
output.append(" (");
output.append(String.join(", ", columns));
output.append(") VALUES (");
output.append(String.join(", ", placeholders));
output.append(") ON DUPLICATE KEY UPDATE ");
output.append(String.join("=?, ", columns));
return output.toString();
public static void bindInsertPlaceholders(PreparedStatement preparedStatement, Object... objects) throws SQLException {
// We need to bind two sets of placeholders based on this syntax:
// INSERT INTO table (column, ... ) VALUES (?, ...) ON DUPLICATE KEY UPDATE SET column=?, ...
for (int i = 0; i < objects.length; ++i) {
Object object = objects[i];
if (object instanceof BigDecimal) {
preparedStatement.setBigDecimal(i + 1, (BigDecimal) object);
preparedStatement.setBigDecimal(i + objects.length + 1, (BigDecimal) object);
} else {
preparedStatement.setObject(i + 1, object);
preparedStatement.setObject(i + objects.length + 1, object);
* Execute SQL using byte[] as 1st placeholder
* <p>
* Typically used to fetch Blocks or Transactions using signature or reference.
* <p>
* @param connection
* @param sql
* @param bytes
* @return ResultSet, or null if no matching rows found
* @throws SQLException
public static ResultSet executeUsingBytes(Connection connection, String sql, byte[] bytes) throws SQLException {
PreparedStatement preparedStatement = connection.prepareStatement(sql);
preparedStatement.setBinaryStream(1, new ByteArrayInputStream(bytes));
if (!preparedStatement.execute())
throw new SQLException("Fetching from database produced no results");
ResultSet rs = preparedStatement.getResultSet();
if (rs == null)
throw new SQLException("Fetching results from database produced no ResultSet");
if (!rs.next())
return null;
return rs;
Normal file
Normal file
@ -0,0 +1,11 @@
package database;
import java.sql.SQLException;
public class NoDataFoundException extends SQLException {
public NoDataFoundException() {
Normal file
Normal file
@ -0,0 +1,16 @@
package org.whispersystems.curve25519.java;
public class Arrays {
* Assigns the specified byte value to each element of the specified array
* of bytes.
* @param a the array to be filled
* @param val the value to be stored in all elements of the array
public static void fill(byte[] a, byte val) {
for (int i = 0, len = a.length; i < len; i++)
a[i] = val;
Normal file
Normal file
@ -0,0 +1,7 @@
package org.whispersystems.curve25519.java;
public interface Sha512 {
public void calculateDigest(byte[] out, byte[] in, long length);
Normal file
Normal file
@ -0,0 +1,13 @@
package org.whispersystems.curve25519.java;
public class crypto_verify_32 {
public static int crypto_verify_32(byte[] x, byte[] y) {
int differentbits = 0;
for (int count = 0; count < 32; count++) {
differentbits |= (x[count] ^ y[count]);
return differentbits;
Normal file
Normal file
@ -0,0 +1,114 @@
package org.whispersystems.curve25519.java;
public class curve_sigs {
public static void curve25519_keygen(byte[] curve25519_pubkey_out,
byte[] curve25519_privkey_in)
ge_p3 ed = new ge_p3(); /* Ed25519 pubkey point */
//int[] ed_y = new int[10];
int[] ed_y_plus_one = new int[10];
int[] one_minus_ed_y = new int[10];
int[] inv_one_minus_ed_y = new int[10];
int[] mont_x = new int[10];
/* Perform a fixed-base multiplication of the Edwards base point,
(which is efficient due to precalculated tables), then convert
to the Curve25519 montgomery-format public key. In particular,
convert Curve25519's "montgomery" x-coordinate into an Ed25519
"edwards" y-coordinate:
mont_x = (ed_y + 1) / (1 - ed_y)
with projective coordinates:
mont_x = (ed_y + ed_z) / (ed_z - ed_y)
NOTE: ed_y=1 is converted to mont_x=0 since fe_invert is mod-exp
ge_scalarmult_base.ge_scalarmult_base(ed, curve25519_privkey_in);
fe_add.fe_add(ed_y_plus_one, ed.Y, ed.Z);
fe_sub.fe_sub(one_minus_ed_y, ed.Z, ed.Y);
fe_invert.fe_invert(inv_one_minus_ed_y, one_minus_ed_y);
fe_mul.fe_mul(mont_x, ed_y_plus_one, inv_one_minus_ed_y);
fe_tobytes.fe_tobytes(curve25519_pubkey_out, mont_x);
public static int curve25519_sign(Sha512 sha512provider, byte[] signature_out,
byte[] curve25519_privkey,
byte[] msg, int msg_len,
byte[] random)
ge_p3 ed_pubkey_point = new ge_p3(); /* Ed25519 pubkey point */
byte[] ed_pubkey = new byte[32]; /* Ed25519 encoded pubkey */
byte[] sigbuf = new byte[msg_len + 128]; /* working buffer */
byte sign_bit = 0;
/* Convert the Curve25519 privkey to an Ed25519 public key */
ge_scalarmult_base.ge_scalarmult_base(ed_pubkey_point, curve25519_privkey);
ge_p3_tobytes.ge_p3_tobytes(ed_pubkey, ed_pubkey_point);
sign_bit = (byte)(ed_pubkey[31] & 0x80);
/* Perform an Ed25519 signature with explicit private key */
sign_modified.crypto_sign_modified(sha512provider, sigbuf, msg, msg_len, curve25519_privkey,
ed_pubkey, random);
System.arraycopy(sigbuf, 0, signature_out, 0, 64);
/* Encode the sign bit into signature (in unused high bit of S) */
signature_out[63] &= 0x7F; /* bit should be zero already, but just in case */
signature_out[63] |= sign_bit;
return 0;
public static int curve25519_verify(Sha512 sha512provider, byte[] signature,
byte[] curve25519_pubkey,
byte[] msg, int msg_len)
int[] mont_x = new int[10];
int[] mont_x_minus_one = new int[10];
int[] mont_x_plus_one = new int[10];
int[] inv_mont_x_plus_one = new int[10];
int[] one = new int[10];
int[] ed_y = new int[10];
byte[] ed_pubkey = new byte[32];
long some_retval = 0;
byte[] verifybuf = new byte[msg_len + 64]; /* working buffer */
byte[] verifybuf2 = new byte[msg_len + 64]; /* working buffer #2 */
/* Convert the Curve25519 public key into an Ed25519 public key. In
particular, convert Curve25519's "montgomery" x-coordinate into an
Ed25519 "edwards" y-coordinate:
ed_y = (mont_x - 1) / (mont_x + 1)
NOTE: mont_x=-1 is converted to ed_y=0 since fe_invert is mod-exp
Then move the sign bit into the pubkey from the signature.
fe_frombytes.fe_frombytes(mont_x, curve25519_pubkey);
fe_sub.fe_sub(mont_x_minus_one, mont_x, one);
fe_add.fe_add(mont_x_plus_one, mont_x, one);
fe_invert.fe_invert(inv_mont_x_plus_one, mont_x_plus_one);
fe_mul.fe_mul(ed_y, mont_x_minus_one, inv_mont_x_plus_one);
fe_tobytes.fe_tobytes(ed_pubkey, ed_y);
/* Copy the sign bit, and remove it from signature */
ed_pubkey[31] &= 0x7F; /* bit should be zero already, but just in case */
ed_pubkey[31] |= (signature[63] & 0x80);
System.arraycopy(signature, 0, verifybuf, 0, 64);
verifybuf[63] &= 0x7F;
System.arraycopy(msg, 0, verifybuf, 64, (int)msg_len);
/* Then perform a normal Ed25519 verification, return 0 on success */
/* The below call has a strange API: */
/* verifybuf = R || S || message */
/* verifybuf2 = java to next call gets a copy of verifybuf, S gets
replaced with pubkey for hashing, then the whole thing gets zeroized
(if bad sig), or contains a copy of msg (good sig) */
return open.crypto_sign_open(sha512provider, verifybuf2, some_retval, verifybuf, 64 + msg_len, ed_pubkey);
Normal file
Normal file
@ -0,0 +1,27 @@
package org.whispersystems.curve25519.java;
public class fe_0 {
//CONVERT #include "fe.h"
h = 0
public static void fe_0(int[] h)
h[0] = 0;
h[1] = 0;
h[2] = 0;
h[3] = 0;
h[4] = 0;
h[5] = 0;
h[6] = 0;
h[7] = 0;
h[8] = 0;
h[9] = 0;
Normal file
Normal file
@ -0,0 +1,27 @@
package org.whispersystems.curve25519.java;
public class fe_1 {
//CONVERT #include "fe.h"
h = 1
public static void fe_1(int[] h)
h[0] = 1;
h[1] = 0;
h[2] = 0;
h[3] = 0;
h[4] = 0;
h[5] = 0;
h[6] = 0;
h[7] = 0;
h[8] = 0;
h[9] = 0;
Normal file
Normal file
@ -0,0 +1,65 @@
package org.whispersystems.curve25519.java;
public class fe_add {
//CONVERT #include "fe.h"
h = f + g
Can overlap h with f or g.
|f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
|g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
|h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
public static void fe_add(int[] h,int[] f,int[] g)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int g0 = g[0];
int g1 = g[1];
int g2 = g[2];
int g3 = g[3];
int g4 = g[4];
int g5 = g[5];
int g6 = g[6];
int g7 = g[7];
int g8 = g[8];
int g9 = g[9];
int h0 = f0 + g0;
int h1 = f1 + g1;
int h2 = f2 + g2;
int h3 = f3 + g3;
int h4 = f4 + g4;
int h5 = f5 + g5;
int h6 = f6 + g6;
int h7 = f7 + g7;
int h8 = f8 + g8;
int h9 = f9 + g9;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,71 @@
package org.whispersystems.curve25519.java;
public class fe_cmov {
//CONVERT #include "fe.h"
Replace (f,g) with (g,g) if b == 1;
replace (f,g) with (f,g) if b == 0.
Preconditions: b in {0,1}.
public static void fe_cmov(int[] f,int[] g,int b)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int g0 = g[0];
int g1 = g[1];
int g2 = g[2];
int g3 = g[3];
int g4 = g[4];
int g5 = g[5];
int g6 = g[6];
int g7 = g[7];
int g8 = g[8];
int g9 = g[9];
int x0 = f0 ^ g0;
int x1 = f1 ^ g1;
int x2 = f2 ^ g2;
int x3 = f3 ^ g3;
int x4 = f4 ^ g4;
int x5 = f5 ^ g5;
int x6 = f6 ^ g6;
int x7 = f7 ^ g7;
int x8 = f8 ^ g8;
int x9 = f9 ^ g9;
b = -b;
x0 &= b;
x1 &= b;
x2 &= b;
x3 &= b;
x4 &= b;
x5 &= b;
x6 &= b;
x7 &= b;
x8 &= b;
x9 &= b;
f[0] = f0 ^ x0;
f[1] = f1 ^ x1;
f[2] = f2 ^ x2;
f[3] = f3 ^ x3;
f[4] = f4 ^ x4;
f[5] = f5 ^ x5;
f[6] = f6 ^ x6;
f[7] = f7 ^ x7;
f[8] = f8 ^ x8;
f[9] = f9 ^ x9;
Normal file
Normal file
@ -0,0 +1,37 @@
package org.whispersystems.curve25519.java;
public class fe_copy {
//CONVERT #include "fe.h"
h = f
public static void fe_copy(int[] h,int[] f)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
h[0] = f0;
h[1] = f1;
h[2] = f2;
h[3] = f3;
h[4] = f4;
h[5] = f5;
h[6] = f6;
h[7] = f7;
h[8] = f8;
h[9] = f9;
Normal file
Normal file
@ -0,0 +1,83 @@
package org.whispersystems.curve25519.java;
public class fe_cswap {
//CONVERT #include <stdio.h>
//CONVERT #include "fe.h"
Replace (f,g) with (g,f) if b == 1;
replace (f,g) with (f,g) if b == 0.
Preconditions: b in {0,1}.
public static void fe_cswap(int[] f,int[] g,int b)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int g0 = g[0];
int g1 = g[1];
int g2 = g[2];
int g3 = g[3];
int g4 = g[4];
int g5 = g[5];
int g6 = g[6];
int g7 = g[7];
int g8 = g[8];
int g9 = g[9];
int x0 = f0 ^ g0;
int x1 = f1 ^ g1;
int x2 = f2 ^ g2;
int x3 = f3 ^ g3;
int x4 = f4 ^ g4;
int x5 = f5 ^ g5;
int x6 = f6 ^ g6;
int x7 = f7 ^ g7;
int x8 = f8 ^ g8;
int x9 = f9 ^ g9;
b = -b;
x0 &= b;
x1 &= b;
x2 &= b;
x3 &= b;
x4 &= b;
x5 &= b;
x6 &= b;
x7 &= b;
x8 &= b;
x9 &= b;
f[0] = f0 ^ x0;
f[1] = f1 ^ x1;
f[2] = f2 ^ x2;
f[3] = f3 ^ x3;
f[4] = f4 ^ x4;
f[5] = f5 ^ x5;
f[6] = f6 ^ x6;
f[7] = f7 ^ x7;
f[8] = f8 ^ x8;
f[9] = f9 ^ x9;
g[0] = g0 ^ x0;
g[1] = g1 ^ x1;
g[2] = g2 ^ x2;
g[3] = g3 ^ x3;
g[4] = g4 ^ x4;
g[5] = g5 ^ x5;
g[6] = g6 ^ x6;
g[7] = g7 ^ x7;
g[8] = g8 ^ x8;
g[9] = g9 ^ x9;
Normal file
Normal file
@ -0,0 +1,81 @@
package org.whispersystems.curve25519.java;
public class fe_frombytes {
//CONVERT #include "fe.h"
//CONVERT #include "long.h"
//CONVERT #include "long.h"
public static long load_3(byte[] in, int index)
long result;
result = ((long) in[index + 0]) & 0xFF;
result |= (((long) in[index + 1]) << 8) & 0xFF00;
result |= (((long) in[index + 2]) << 16) & 0xFF0000;
return result;
public static long load_4(byte[] in, int index)
long result;
result = (((long) in[index + 0]) & 0xFF);
result |= ((((long) in[index + 1]) << 8) & 0xFF00);
result |= ((((long) in[index + 2]) << 16) & 0xFF0000);
result |= ((((long) in[index + 3]) << 24) & 0xFF000000L);
return result;
Ignores top bit of h.
public static void fe_frombytes(int[] h,byte[] s)
long h0 = load_4(s, 0);
long h1 = load_3(s, 4) << 6;
long h2 = load_3(s, 7) << 5;
long h3 = load_3(s, 10) << 3;
long h4 = load_3(s, 13) << 2;
long h5 = load_4(s, 16);
long h6 = load_3(s, 20) << 7;
long h7 = load_3(s, 23) << 5;
long h8 = load_3(s, 26) << 4;
long h9 = (load_3(s, 29) & 8388607) << 2;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
carry9 = (h9 + (long) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
carry1 = (h1 + (long) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
carry3 = (h3 + (long) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
carry5 = (h5 + (long) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
carry7 = (h7 + (long) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
carry2 = (h2 + (long) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry6 = (h6 + (long) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
carry8 = (h8 + (long) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,182 @@
package org.whispersystems.curve25519.java;
public class fe_invert {
//CONVERT #include "fe.h"
public static void fe_invert(int[] out,int[] z)
int[] t0 = new int[10];
int[] t1 = new int[10];
int[] t2 = new int[10];
int[] t3 = new int[10];
int i;
//CONVERT #include "pow225521.h"
/* qhasm: fe z1 */
/* qhasm: fe z2 */
/* qhasm: fe z8 */
/* qhasm: fe z9 */
/* qhasm: fe z11 */
/* qhasm: fe z22 */
/* qhasm: fe z_5_0 */
/* qhasm: fe z_10_5 */
/* qhasm: fe z_10_0 */
/* qhasm: fe z_20_10 */
/* qhasm: fe z_20_0 */
/* qhasm: fe z_40_20 */
/* qhasm: fe z_40_0 */
/* qhasm: fe z_50_10 */
/* qhasm: fe z_50_0 */
/* qhasm: fe z_100_50 */
/* qhasm: fe z_100_0 */
/* qhasm: fe z_200_100 */
/* qhasm: fe z_200_0 */
/* qhasm: fe z_250_50 */
/* qhasm: fe z_250_0 */
/* qhasm: fe z_255_5 */
/* qhasm: fe z_255_21 */
/* qhasm: enter pow225521 */
/* qhasm: z2 = z1^2^1 */
/* asm 1: fe_sq.fe_sq(>z2=fe#1,<z1=fe#11); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z2=fe#1,>z2=fe#1); */
/* asm 2: fe_sq.fe_sq(>z2=t0,<z1=z); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z2=t0,>z2=t0); */
fe_sq.fe_sq(t0,z); for (i = 1;i < 1;++i) fe_sq.fe_sq(t0,t0);
/* qhasm: z8 = z2^2^2 */
/* asm 1: fe_sq.fe_sq(>z8=fe#2,<z2=fe#1); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z8=fe#2,>z8=fe#2); */
/* asm 2: fe_sq.fe_sq(>z8=t1,<z2=t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z8=t1,>z8=t1); */
fe_sq.fe_sq(t1,t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z9 = z1*z8 */
/* asm 1: fe_mul.fe_mul(>z9=fe#2,<z1=fe#11,<z8=fe#2); */
/* asm 2: fe_mul.fe_mul(>z9=t1,<z1=z,<z8=t1); */
/* qhasm: z11 = z2*z9 */
/* asm 1: fe_mul.fe_mul(>z11=fe#1,<z2=fe#1,<z9=fe#2); */
/* asm 2: fe_mul.fe_mul(>z11=t0,<z2=t0,<z9=t1); */
/* qhasm: z22 = z11^2^1 */
/* asm 1: fe_sq.fe_sq(>z22=fe#3,<z11=fe#1); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z22=fe#3,>z22=fe#3); */
/* asm 2: fe_sq.fe_sq(>z22=t2,<z11=t0); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z22=t2,>z22=t2); */
fe_sq.fe_sq(t2,t0); for (i = 1;i < 1;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_5_0 = z9*z22 */
/* asm 1: fe_mul.fe_mul(>z_5_0=fe#2,<z9=fe#2,<z22=fe#3); */
/* asm 2: fe_mul.fe_mul(>z_5_0=t1,<z9=t1,<z22=t2); */
/* qhasm: z_10_5 = z_5_0^2^5 */
/* asm 1: fe_sq.fe_sq(>z_10_5=fe#3,<z_5_0=fe#2); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_10_5=fe#3,>z_10_5=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_10_5=t2,<z_5_0=t1); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_10_5=t2,>z_10_5=t2); */
fe_sq.fe_sq(t2,t1); for (i = 1;i < 5;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_10_0 = z_10_5*z_5_0 */
/* asm 1: fe_mul.fe_mul(>z_10_0=fe#2,<z_10_5=fe#3,<z_5_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_10_0=t1,<z_10_5=t2,<z_5_0=t1); */
/* qhasm: z_20_10 = z_10_0^2^10 */
/* asm 1: fe_sq.fe_sq(>z_20_10=fe#3,<z_10_0=fe#2); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_20_10=fe#3,>z_20_10=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_20_10=t2,<z_10_0=t1); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_20_10=t2,>z_20_10=t2); */
fe_sq.fe_sq(t2,t1); for (i = 1;i < 10;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_20_0 = z_20_10*z_10_0 */
/* asm 1: fe_mul.fe_mul(>z_20_0=fe#3,<z_20_10=fe#3,<z_10_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_20_0=t2,<z_20_10=t2,<z_10_0=t1); */
/* qhasm: z_40_20 = z_20_0^2^20 */
/* asm 1: fe_sq.fe_sq(>z_40_20=fe#4,<z_20_0=fe#3); for (i = 1;i < 20;++i) fe_sq.fe_sq(>z_40_20=fe#4,>z_40_20=fe#4); */
/* asm 2: fe_sq.fe_sq(>z_40_20=t3,<z_20_0=t2); for (i = 1;i < 20;++i) fe_sq.fe_sq(>z_40_20=t3,>z_40_20=t3); */
fe_sq.fe_sq(t3,t2); for (i = 1;i < 20;++i) fe_sq.fe_sq(t3,t3);
/* qhasm: z_40_0 = z_40_20*z_20_0 */
/* asm 1: fe_mul.fe_mul(>z_40_0=fe#3,<z_40_20=fe#4,<z_20_0=fe#3); */
/* asm 2: fe_mul.fe_mul(>z_40_0=t2,<z_40_20=t3,<z_20_0=t2); */
/* qhasm: z_50_10 = z_40_0^2^10 */
/* asm 1: fe_sq.fe_sq(>z_50_10=fe#3,<z_40_0=fe#3); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_50_10=fe#3,>z_50_10=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_50_10=t2,<z_40_0=t2); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_50_10=t2,>z_50_10=t2); */
fe_sq.fe_sq(t2,t2); for (i = 1;i < 10;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_50_0 = z_50_10*z_10_0 */
/* asm 1: fe_mul.fe_mul(>z_50_0=fe#2,<z_50_10=fe#3,<z_10_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_50_0=t1,<z_50_10=t2,<z_10_0=t1); */
/* qhasm: z_100_50 = z_50_0^2^50 */
/* asm 1: fe_sq.fe_sq(>z_100_50=fe#3,<z_50_0=fe#2); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_100_50=fe#3,>z_100_50=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_100_50=t2,<z_50_0=t1); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_100_50=t2,>z_100_50=t2); */
fe_sq.fe_sq(t2,t1); for (i = 1;i < 50;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_100_0 = z_100_50*z_50_0 */
/* asm 1: fe_mul.fe_mul(>z_100_0=fe#3,<z_100_50=fe#3,<z_50_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_100_0=t2,<z_100_50=t2,<z_50_0=t1); */
/* qhasm: z_200_100 = z_100_0^2^100 */
/* asm 1: fe_sq.fe_sq(>z_200_100=fe#4,<z_100_0=fe#3); for (i = 1;i < 100;++i) fe_sq.fe_sq(>z_200_100=fe#4,>z_200_100=fe#4); */
/* asm 2: fe_sq.fe_sq(>z_200_100=t3,<z_100_0=t2); for (i = 1;i < 100;++i) fe_sq.fe_sq(>z_200_100=t3,>z_200_100=t3); */
fe_sq.fe_sq(t3,t2); for (i = 1;i < 100;++i) fe_sq.fe_sq(t3,t3);
/* qhasm: z_200_0 = z_200_100*z_100_0 */
/* asm 1: fe_mul.fe_mul(>z_200_0=fe#3,<z_200_100=fe#4,<z_100_0=fe#3); */
/* asm 2: fe_mul.fe_mul(>z_200_0=t2,<z_200_100=t3,<z_100_0=t2); */
/* qhasm: z_250_50 = z_200_0^2^50 */
/* asm 1: fe_sq.fe_sq(>z_250_50=fe#3,<z_200_0=fe#3); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_250_50=fe#3,>z_250_50=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_250_50=t2,<z_200_0=t2); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_250_50=t2,>z_250_50=t2); */
fe_sq.fe_sq(t2,t2); for (i = 1;i < 50;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_250_0 = z_250_50*z_50_0 */
/* asm 1: fe_mul.fe_mul(>z_250_0=fe#2,<z_250_50=fe#3,<z_50_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_250_0=t1,<z_250_50=t2,<z_50_0=t1); */
/* qhasm: z_255_5 = z_250_0^2^5 */
/* asm 1: fe_sq.fe_sq(>z_255_5=fe#2,<z_250_0=fe#2); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_255_5=fe#2,>z_255_5=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_255_5=t1,<z_250_0=t1); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_255_5=t1,>z_255_5=t1); */
fe_sq.fe_sq(t1,t1); for (i = 1;i < 5;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_255_21 = z_255_5*z11 */
/* asm 1: fe_mul.fe_mul(>z_255_21=fe#12,<z_255_5=fe#2,<z11=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_255_21=out,<z_255_5=t1,<z11=t0); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,24 @@
package org.whispersystems.curve25519.java;
public class fe_isnegative {
//CONVERT #include "fe.h"
return 1 if f is in {1,3,5,...,q-2}
return 0 if f is in {0,2,4,...,q-1}
|f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
public static int fe_isnegative(int[] f)
byte[] s = new byte[32];
return s[0] & 1;
Normal file
Normal file
@ -0,0 +1,27 @@
package org.whispersystems.curve25519.java;
public class fe_isnonzero {
//CONVERT #include "fe.h"
//CONVERT #include "crypto_verify_32.crypto_verify_32.h"
return 1 if f == 0
return 0 if f != 0
|f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
static final byte[] zero = new byte[32];
public static int fe_isnonzero(int[] f)
byte[] s = new byte[32];
return crypto_verify_32.crypto_verify_32(s,zero);
Normal file
Normal file
@ -0,0 +1,261 @@
package org.whispersystems.curve25519.java;
public class fe_mul {
//CONVERT #include "fe.h"
//CONVERT #include "long.h"
h = f * g
Can overlap h with f or g.
|f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc.
|g| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc.
|h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc.
Notes on implementation strategy:
Using schoolbook multiplication.
Karatsuba would save a little in some cost models.
Most multiplications by 2 and 19 are 32-bit precomputations;
cheaper than 64-bit postcomputations.
There is one remaining multiplication by 19 in the carry chain;
one *19 precomputation can be merged into this,
but the resulting data flow is considerably less clean.
There are 12 carries below.
10 of them are 2-way parallelizable and vectorizable.
Can get away with 11 carries, but then data flow is much deeper.
With tighter constraints on inputs can squeeze carries into int32.
public static void fe_mul(int[] h,int[] f,int[] g)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int g0 = g[0];
int g1 = g[1];
int g2 = g[2];
int g3 = g[3];
int g4 = g[4];
int g5 = g[5];
int g6 = g[6];
int g7 = g[7];
int g8 = g[8];
int g9 = g[9];
int g1_19 = 19 * g1; /* 1.959375*2^29 */
int g2_19 = 19 * g2; /* 1.959375*2^30; still ok */
int g3_19 = 19 * g3;
int g4_19 = 19 * g4;
int g5_19 = 19 * g5;
int g6_19 = 19 * g6;
int g7_19 = 19 * g7;
int g8_19 = 19 * g8;
int g9_19 = 19 * g9;
int f1_2 = 2 * f1;
int f3_2 = 2 * f3;
int f5_2 = 2 * f5;
int f7_2 = 2 * f7;
int f9_2 = 2 * f9;
long f0g0 = f0 * (long) g0;
long f0g1 = f0 * (long) g1;
long f0g2 = f0 * (long) g2;
long f0g3 = f0 * (long) g3;
long f0g4 = f0 * (long) g4;
long f0g5 = f0 * (long) g5;
long f0g6 = f0 * (long) g6;
long f0g7 = f0 * (long) g7;
long f0g8 = f0 * (long) g8;
long f0g9 = f0 * (long) g9;
long f1g0 = f1 * (long) g0;
long f1g1_2 = f1_2 * (long) g1;
long f1g2 = f1 * (long) g2;
long f1g3_2 = f1_2 * (long) g3;
long f1g4 = f1 * (long) g4;
long f1g5_2 = f1_2 * (long) g5;
long f1g6 = f1 * (long) g6;
long f1g7_2 = f1_2 * (long) g7;
long f1g8 = f1 * (long) g8;
long f1g9_38 = f1_2 * (long) g9_19;
long f2g0 = f2 * (long) g0;
long f2g1 = f2 * (long) g1;
long f2g2 = f2 * (long) g2;
long f2g3 = f2 * (long) g3;
long f2g4 = f2 * (long) g4;
long f2g5 = f2 * (long) g5;
long f2g6 = f2 * (long) g6;
long f2g7 = f2 * (long) g7;
long f2g8_19 = f2 * (long) g8_19;
long f2g9_19 = f2 * (long) g9_19;
long f3g0 = f3 * (long) g0;
long f3g1_2 = f3_2 * (long) g1;
long f3g2 = f3 * (long) g2;
long f3g3_2 = f3_2 * (long) g3;
long f3g4 = f3 * (long) g4;
long f3g5_2 = f3_2 * (long) g5;
long f3g6 = f3 * (long) g6;
long f3g7_38 = f3_2 * (long) g7_19;
long f3g8_19 = f3 * (long) g8_19;
long f3g9_38 = f3_2 * (long) g9_19;
long f4g0 = f4 * (long) g0;
long f4g1 = f4 * (long) g1;
long f4g2 = f4 * (long) g2;
long f4g3 = f4 * (long) g3;
long f4g4 = f4 * (long) g4;
long f4g5 = f4 * (long) g5;
long f4g6_19 = f4 * (long) g6_19;
long f4g7_19 = f4 * (long) g7_19;
long f4g8_19 = f4 * (long) g8_19;
long f4g9_19 = f4 * (long) g9_19;
long f5g0 = f5 * (long) g0;
long f5g1_2 = f5_2 * (long) g1;
long f5g2 = f5 * (long) g2;
long f5g3_2 = f5_2 * (long) g3;
long f5g4 = f5 * (long) g4;
long f5g5_38 = f5_2 * (long) g5_19;
long f5g6_19 = f5 * (long) g6_19;
long f5g7_38 = f5_2 * (long) g7_19;
long f5g8_19 = f5 * (long) g8_19;
long f5g9_38 = f5_2 * (long) g9_19;
long f6g0 = f6 * (long) g0;
long f6g1 = f6 * (long) g1;
long f6g2 = f6 * (long) g2;
long f6g3 = f6 * (long) g3;
long f6g4_19 = f6 * (long) g4_19;
long f6g5_19 = f6 * (long) g5_19;
long f6g6_19 = f6 * (long) g6_19;
long f6g7_19 = f6 * (long) g7_19;
long f6g8_19 = f6 * (long) g8_19;
long f6g9_19 = f6 * (long) g9_19;
long f7g0 = f7 * (long) g0;
long f7g1_2 = f7_2 * (long) g1;
long f7g2 = f7 * (long) g2;
long f7g3_38 = f7_2 * (long) g3_19;
long f7g4_19 = f7 * (long) g4_19;
long f7g5_38 = f7_2 * (long) g5_19;
long f7g6_19 = f7 * (long) g6_19;
long f7g7_38 = f7_2 * (long) g7_19;
long f7g8_19 = f7 * (long) g8_19;
long f7g9_38 = f7_2 * (long) g9_19;
long f8g0 = f8 * (long) g0;
long f8g1 = f8 * (long) g1;
long f8g2_19 = f8 * (long) g2_19;
long f8g3_19 = f8 * (long) g3_19;
long f8g4_19 = f8 * (long) g4_19;
long f8g5_19 = f8 * (long) g5_19;
long f8g6_19 = f8 * (long) g6_19;
long f8g7_19 = f8 * (long) g7_19;
long f8g8_19 = f8 * (long) g8_19;
long f8g9_19 = f8 * (long) g9_19;
long f9g0 = f9 * (long) g0;
long f9g1_38 = f9_2 * (long) g1_19;
long f9g2_19 = f9 * (long) g2_19;
long f9g3_38 = f9_2 * (long) g3_19;
long f9g4_19 = f9 * (long) g4_19;
long f9g5_38 = f9_2 * (long) g5_19;
long f9g6_19 = f9 * (long) g6_19;
long f9g7_38 = f9_2 * (long) g7_19;
long f9g8_19 = f9 * (long) g8_19;
long f9g9_38 = f9_2 * (long) g9_19;
long h0 = f0g0+f1g9_38+f2g8_19+f3g7_38+f4g6_19+f5g5_38+f6g4_19+f7g3_38+f8g2_19+f9g1_38;
long h1 = f0g1+f1g0 +f2g9_19+f3g8_19+f4g7_19+f5g6_19+f6g5_19+f7g4_19+f8g3_19+f9g2_19;
long h2 = f0g2+f1g1_2 +f2g0 +f3g9_38+f4g8_19+f5g7_38+f6g6_19+f7g5_38+f8g4_19+f9g3_38;
long h3 = f0g3+f1g2 +f2g1 +f3g0 +f4g9_19+f5g8_19+f6g7_19+f7g6_19+f8g5_19+f9g4_19;
long h4 = f0g4+f1g3_2 +f2g2 +f3g1_2 +f4g0 +f5g9_38+f6g8_19+f7g7_38+f8g6_19+f9g5_38;
long h5 = f0g5+f1g4 +f2g3 +f3g2 +f4g1 +f5g0 +f6g9_19+f7g8_19+f8g7_19+f9g6_19;
long h6 = f0g6+f1g5_2 +f2g4 +f3g3_2 +f4g2 +f5g1_2 +f6g0 +f7g9_38+f8g8_19+f9g7_38;
long h7 = f0g7+f1g6 +f2g5 +f3g4 +f4g3 +f5g2 +f6g1 +f7g0 +f8g9_19+f9g8_19;
long h8 = f0g8+f1g7_2 +f2g6 +f3g5_2 +f4g4 +f5g3_2 +f6g2 +f7g1_2 +f8g0 +f9g9_38;
long h9 = f0g9+f1g8 +f2g7 +f3g6 +f4g5 +f5g4 +f6g3 +f7g2 +f8g1 +f9g0 ;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
|h0| <= (1.65*1.65*2^52*(1+19+19+19+19)+1.65*1.65*2^50*(38+38+38+38+38))
i.e. |h0| <= 1.4*2^60; narrower ranges for h2, h4, h6, h8
|h1| <= (1.65*1.65*2^51*(1+1+19+19+19+19+19+19+19+19))
i.e. |h1| <= 1.7*2^59; narrower ranges for h3, h5, h7, h9
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
/* |h0| <= 2^25 */
/* |h4| <= 2^25 */
/* |h1| <= 1.71*2^59 */
/* |h5| <= 1.71*2^59 */
carry1 = (h1 + (long) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
carry5 = (h5 + (long) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
/* |h1| <= 2^24; from now on fits into int32 */
/* |h5| <= 2^24; from now on fits into int32 */
/* |h2| <= 1.41*2^60 */
/* |h6| <= 1.41*2^60 */
carry2 = (h2 + (long) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
carry6 = (h6 + (long) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
/* |h2| <= 2^25; from now on fits into int32 unchanged */
/* |h6| <= 2^25; from now on fits into int32 unchanged */
/* |h3| <= 1.71*2^59 */
/* |h7| <= 1.71*2^59 */
carry3 = (h3 + (long) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
carry7 = (h7 + (long) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
/* |h3| <= 2^24; from now on fits into int32 unchanged */
/* |h7| <= 2^24; from now on fits into int32 unchanged */
/* |h4| <= 1.72*2^34 */
/* |h8| <= 1.41*2^60 */
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry8 = (h8 + (long) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
/* |h4| <= 2^25; from now on fits into int32 unchanged */
/* |h8| <= 2^25; from now on fits into int32 unchanged */
/* |h5| <= 1.01*2^24 */
/* |h9| <= 1.71*2^59 */
carry9 = (h9 + (long) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
/* |h9| <= 2^24; from now on fits into int32 unchanged */
/* |h0| <= 1.1*2^39 */
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
/* |h0| <= 2^25; from now on fits into int32 unchanged */
/* |h1| <= 1.01*2^24 */
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,78 @@
package org.whispersystems.curve25519.java;
public class fe_mul121666 {
//CONVERT #include "fe.h"
//CONVERT #include "long.h"
h = f * 121666
Can overlap h with f.
|f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
|h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
public static void fe_mul121666(int[] h,int[] f)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
long h0 = f0 * (long) 121666;
long h1 = f1 * (long) 121666;
long h2 = f2 * (long) 121666;
long h3 = f3 * (long) 121666;
long h4 = f4 * (long) 121666;
long h5 = f5 * (long) 121666;
long h6 = f6 * (long) 121666;
long h7 = f7 * (long) 121666;
long h8 = f8 * (long) 121666;
long h9 = f9 * (long) 121666;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
carry9 = (h9 + (long) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
carry1 = (h1 + (long) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
carry3 = (h3 + (long) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
carry5 = (h5 + (long) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
carry7 = (h7 + (long) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
carry2 = (h2 + (long) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry6 = (h6 + (long) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
carry8 = (h8 + (long) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,53 @@
package org.whispersystems.curve25519.java;
public class fe_neg {
//CONVERT #include "fe.h"
h = -f
|f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
|h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
public static void fe_neg(int[] h,int[] f)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int h0 = -f0;
int h1 = -f1;
int h2 = -f2;
int h3 = -f3;
int h4 = -f4;
int h5 = -f5;
int h6 = -f6;
int h7 = -f7;
int h8 = -f8;
int h9 = -f9;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,181 @@
package org.whispersystems.curve25519.java;
public class fe_pow22523 {
//CONVERT #include "fe.h"
public static void fe_pow22523(int[] out,int[] z)
int[] t0 = new int[10];
int[] t1 = new int[10];
int[] t2 = new int[10];
int i;
//CONVERT #include "pow22523.h"
/* qhasm: fe z1 */
/* qhasm: fe z2 */
/* qhasm: fe z8 */
/* qhasm: fe z9 */
/* qhasm: fe z11 */
/* qhasm: fe z22 */
/* qhasm: fe z_5_0 */
/* qhasm: fe z_10_5 */
/* qhasm: fe z_10_0 */
/* qhasm: fe z_20_10 */
/* qhasm: fe z_20_0 */
/* qhasm: fe z_40_20 */
/* qhasm: fe z_40_0 */
/* qhasm: fe z_50_10 */
/* qhasm: fe z_50_0 */
/* qhasm: fe z_100_50 */
/* qhasm: fe z_100_0 */
/* qhasm: fe z_200_100 */
/* qhasm: fe z_200_0 */
/* qhasm: fe z_250_50 */
/* qhasm: fe z_250_0 */
/* qhasm: fe z_252_2 */
/* qhasm: fe z_252_3 */
/* qhasm: enter pow22523 */
/* qhasm: z2 = z1^2^1 */
/* asm 1: fe_sq.fe_sq(>z2=fe#1,<z1=fe#11); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z2=fe#1,>z2=fe#1); */
/* asm 2: fe_sq.fe_sq(>z2=t0,<z1=z); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z2=t0,>z2=t0); */
fe_sq.fe_sq(t0,z); for (i = 1;i < 1;++i) fe_sq.fe_sq(t0,t0);
/* qhasm: z8 = z2^2^2 */
/* asm 1: fe_sq.fe_sq(>z8=fe#2,<z2=fe#1); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z8=fe#2,>z8=fe#2); */
/* asm 2: fe_sq.fe_sq(>z8=t1,<z2=t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z8=t1,>z8=t1); */
fe_sq.fe_sq(t1,t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z9 = z1*z8 */
/* asm 1: fe_mul.fe_mul(>z9=fe#2,<z1=fe#11,<z8=fe#2); */
/* asm 2: fe_mul.fe_mul(>z9=t1,<z1=z,<z8=t1); */
/* qhasm: z11 = z2*z9 */
/* asm 1: fe_mul.fe_mul(>z11=fe#1,<z2=fe#1,<z9=fe#2); */
/* asm 2: fe_mul.fe_mul(>z11=t0,<z2=t0,<z9=t1); */
/* qhasm: z22 = z11^2^1 */
/* asm 1: fe_sq.fe_sq(>z22=fe#1,<z11=fe#1); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z22=fe#1,>z22=fe#1); */
/* asm 2: fe_sq.fe_sq(>z22=t0,<z11=t0); for (i = 1;i < 1;++i) fe_sq.fe_sq(>z22=t0,>z22=t0); */
fe_sq.fe_sq(t0,t0); for (i = 1;i < 1;++i) fe_sq.fe_sq(t0,t0);
/* qhasm: z_5_0 = z9*z22 */
/* asm 1: fe_mul.fe_mul(>z_5_0=fe#1,<z9=fe#2,<z22=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_5_0=t0,<z9=t1,<z22=t0); */
/* qhasm: z_10_5 = z_5_0^2^5 */
/* asm 1: fe_sq.fe_sq(>z_10_5=fe#2,<z_5_0=fe#1); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_10_5=fe#2,>z_10_5=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_10_5=t1,<z_5_0=t0); for (i = 1;i < 5;++i) fe_sq.fe_sq(>z_10_5=t1,>z_10_5=t1); */
fe_sq.fe_sq(t1,t0); for (i = 1;i < 5;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_10_0 = z_10_5*z_5_0 */
/* asm 1: fe_mul.fe_mul(>z_10_0=fe#1,<z_10_5=fe#2,<z_5_0=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_10_0=t0,<z_10_5=t1,<z_5_0=t0); */
/* qhasm: z_20_10 = z_10_0^2^10 */
/* asm 1: fe_sq.fe_sq(>z_20_10=fe#2,<z_10_0=fe#1); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_20_10=fe#2,>z_20_10=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_20_10=t1,<z_10_0=t0); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_20_10=t1,>z_20_10=t1); */
fe_sq.fe_sq(t1,t0); for (i = 1;i < 10;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_20_0 = z_20_10*z_10_0 */
/* asm 1: fe_mul.fe_mul(>z_20_0=fe#2,<z_20_10=fe#2,<z_10_0=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_20_0=t1,<z_20_10=t1,<z_10_0=t0); */
/* qhasm: z_40_20 = z_20_0^2^20 */
/* asm 1: fe_sq.fe_sq(>z_40_20=fe#3,<z_20_0=fe#2); for (i = 1;i < 20;++i) fe_sq.fe_sq(>z_40_20=fe#3,>z_40_20=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_40_20=t2,<z_20_0=t1); for (i = 1;i < 20;++i) fe_sq.fe_sq(>z_40_20=t2,>z_40_20=t2); */
fe_sq.fe_sq(t2,t1); for (i = 1;i < 20;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_40_0 = z_40_20*z_20_0 */
/* asm 1: fe_mul.fe_mul(>z_40_0=fe#2,<z_40_20=fe#3,<z_20_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_40_0=t1,<z_40_20=t2,<z_20_0=t1); */
/* qhasm: z_50_10 = z_40_0^2^10 */
/* asm 1: fe_sq.fe_sq(>z_50_10=fe#2,<z_40_0=fe#2); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_50_10=fe#2,>z_50_10=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_50_10=t1,<z_40_0=t1); for (i = 1;i < 10;++i) fe_sq.fe_sq(>z_50_10=t1,>z_50_10=t1); */
fe_sq.fe_sq(t1,t1); for (i = 1;i < 10;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_50_0 = z_50_10*z_10_0 */
/* asm 1: fe_mul.fe_mul(>z_50_0=fe#1,<z_50_10=fe#2,<z_10_0=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_50_0=t0,<z_50_10=t1,<z_10_0=t0); */
/* qhasm: z_100_50 = z_50_0^2^50 */
/* asm 1: fe_sq.fe_sq(>z_100_50=fe#2,<z_50_0=fe#1); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_100_50=fe#2,>z_100_50=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_100_50=t1,<z_50_0=t0); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_100_50=t1,>z_100_50=t1); */
fe_sq.fe_sq(t1,t0); for (i = 1;i < 50;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_100_0 = z_100_50*z_50_0 */
/* asm 1: fe_mul.fe_mul(>z_100_0=fe#2,<z_100_50=fe#2,<z_50_0=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_100_0=t1,<z_100_50=t1,<z_50_0=t0); */
/* qhasm: z_200_100 = z_100_0^2^100 */
/* asm 1: fe_sq.fe_sq(>z_200_100=fe#3,<z_100_0=fe#2); for (i = 1;i < 100;++i) fe_sq.fe_sq(>z_200_100=fe#3,>z_200_100=fe#3); */
/* asm 2: fe_sq.fe_sq(>z_200_100=t2,<z_100_0=t1); for (i = 1;i < 100;++i) fe_sq.fe_sq(>z_200_100=t2,>z_200_100=t2); */
fe_sq.fe_sq(t2,t1); for (i = 1;i < 100;++i) fe_sq.fe_sq(t2,t2);
/* qhasm: z_200_0 = z_200_100*z_100_0 */
/* asm 1: fe_mul.fe_mul(>z_200_0=fe#2,<z_200_100=fe#3,<z_100_0=fe#2); */
/* asm 2: fe_mul.fe_mul(>z_200_0=t1,<z_200_100=t2,<z_100_0=t1); */
/* qhasm: z_250_50 = z_200_0^2^50 */
/* asm 1: fe_sq.fe_sq(>z_250_50=fe#2,<z_200_0=fe#2); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_250_50=fe#2,>z_250_50=fe#2); */
/* asm 2: fe_sq.fe_sq(>z_250_50=t1,<z_200_0=t1); for (i = 1;i < 50;++i) fe_sq.fe_sq(>z_250_50=t1,>z_250_50=t1); */
fe_sq.fe_sq(t1,t1); for (i = 1;i < 50;++i) fe_sq.fe_sq(t1,t1);
/* qhasm: z_250_0 = z_250_50*z_50_0 */
/* asm 1: fe_mul.fe_mul(>z_250_0=fe#1,<z_250_50=fe#2,<z_50_0=fe#1); */
/* asm 2: fe_mul.fe_mul(>z_250_0=t0,<z_250_50=t1,<z_50_0=t0); */
/* qhasm: z_252_2 = z_250_0^2^2 */
/* asm 1: fe_sq.fe_sq(>z_252_2=fe#1,<z_250_0=fe#1); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z_252_2=fe#1,>z_252_2=fe#1); */
/* asm 2: fe_sq.fe_sq(>z_252_2=t0,<z_250_0=t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(>z_252_2=t0,>z_252_2=t0); */
fe_sq.fe_sq(t0,t0); for (i = 1;i < 2;++i) fe_sq.fe_sq(t0,t0);
/* qhasm: z_252_3 = z_252_2*z1 */
/* asm 1: fe_mul.fe_mul(>z_252_3=fe#12,<z_252_2=fe#1,<z1=fe#11); */
/* asm 2: fe_mul.fe_mul(>z_252_3=out,<z_252_2=t0,<z1=z); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,157 @@
package org.whispersystems.curve25519.java;
public class fe_sq {
//CONVERT #include "fe.h"
//CONVERT #include "long.h"
h = f * f
Can overlap h with f.
|f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc.
|h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc.
See fe_mul.c for discussion of implementation strategy.
public static void fe_sq(int[] h,int[] f)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int f0_2 = 2 * f0;
int f1_2 = 2 * f1;
int f2_2 = 2 * f2;
int f3_2 = 2 * f3;
int f4_2 = 2 * f4;
int f5_2 = 2 * f5;
int f6_2 = 2 * f6;
int f7_2 = 2 * f7;
int f5_38 = 38 * f5; /* 1.959375*2^30 */
int f6_19 = 19 * f6; /* 1.959375*2^30 */
int f7_38 = 38 * f7; /* 1.959375*2^30 */
int f8_19 = 19 * f8; /* 1.959375*2^30 */
int f9_38 = 38 * f9; /* 1.959375*2^30 */
long f0f0 = f0 * (long) f0;
long f0f1_2 = f0_2 * (long) f1;
long f0f2_2 = f0_2 * (long) f2;
long f0f3_2 = f0_2 * (long) f3;
long f0f4_2 = f0_2 * (long) f4;
long f0f5_2 = f0_2 * (long) f5;
long f0f6_2 = f0_2 * (long) f6;
long f0f7_2 = f0_2 * (long) f7;
long f0f8_2 = f0_2 * (long) f8;
long f0f9_2 = f0_2 * (long) f9;
long f1f1_2 = f1_2 * (long) f1;
long f1f2_2 = f1_2 * (long) f2;
long f1f3_4 = f1_2 * (long) f3_2;
long f1f4_2 = f1_2 * (long) f4;
long f1f5_4 = f1_2 * (long) f5_2;
long f1f6_2 = f1_2 * (long) f6;
long f1f7_4 = f1_2 * (long) f7_2;
long f1f8_2 = f1_2 * (long) f8;
long f1f9_76 = f1_2 * (long) f9_38;
long f2f2 = f2 * (long) f2;
long f2f3_2 = f2_2 * (long) f3;
long f2f4_2 = f2_2 * (long) f4;
long f2f5_2 = f2_2 * (long) f5;
long f2f6_2 = f2_2 * (long) f6;
long f2f7_2 = f2_2 * (long) f7;
long f2f8_38 = f2_2 * (long) f8_19;
long f2f9_38 = f2 * (long) f9_38;
long f3f3_2 = f3_2 * (long) f3;
long f3f4_2 = f3_2 * (long) f4;
long f3f5_4 = f3_2 * (long) f5_2;
long f3f6_2 = f3_2 * (long) f6;
long f3f7_76 = f3_2 * (long) f7_38;
long f3f8_38 = f3_2 * (long) f8_19;
long f3f9_76 = f3_2 * (long) f9_38;
long f4f4 = f4 * (long) f4;
long f4f5_2 = f4_2 * (long) f5;
long f4f6_38 = f4_2 * (long) f6_19;
long f4f7_38 = f4 * (long) f7_38;
long f4f8_38 = f4_2 * (long) f8_19;
long f4f9_38 = f4 * (long) f9_38;
long f5f5_38 = f5 * (long) f5_38;
long f5f6_38 = f5_2 * (long) f6_19;
long f5f7_76 = f5_2 * (long) f7_38;
long f5f8_38 = f5_2 * (long) f8_19;
long f5f9_76 = f5_2 * (long) f9_38;
long f6f6_19 = f6 * (long) f6_19;
long f6f7_38 = f6 * (long) f7_38;
long f6f8_38 = f6_2 * (long) f8_19;
long f6f9_38 = f6 * (long) f9_38;
long f7f7_38 = f7 * (long) f7_38;
long f7f8_38 = f7_2 * (long) f8_19;
long f7f9_76 = f7_2 * (long) f9_38;
long f8f8_19 = f8 * (long) f8_19;
long f8f9_38 = f8 * (long) f9_38;
long f9f9_38 = f9 * (long) f9_38;
long h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38;
long h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38;
long h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19;
long h3 = f0f3_2+f1f2_2 +f4f9_38+f5f8_38+f6f7_38;
long h4 = f0f4_2+f1f3_4 +f2f2 +f5f9_76+f6f8_38+f7f7_38;
long h5 = f0f5_2+f1f4_2 +f2f3_2 +f6f9_38+f7f8_38;
long h6 = f0f6_2+f1f5_4 +f2f4_2 +f3f3_2 +f7f9_76+f8f8_19;
long h7 = f0f7_2+f1f6_2 +f2f5_2 +f3f4_2 +f8f9_38;
long h8 = f0f8_2+f1f7_4 +f2f6_2 +f3f5_4 +f4f4 +f9f9_38;
long h9 = f0f9_2+f1f8_2 +f2f7_2 +f3f6_2 +f4f5_2;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry1 = (h1 + (long) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
carry5 = (h5 + (long) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
carry2 = (h2 + (long) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
carry6 = (h6 + (long) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
carry3 = (h3 + (long) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
carry7 = (h7 + (long) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry8 = (h8 + (long) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
carry9 = (h9 + (long) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,168 @@
package org.whispersystems.curve25519.java;
public class fe_sq2 {
//CONVERT #include "fe.h"
//CONVERT #include "long.h"
h = 2 * f * f
Can overlap h with f.
|f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc.
|h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc.
See fe_mul.c for discussion of implementation strategy.
public static void fe_sq2(int[] h,int[] f)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int f0_2 = 2 * f0;
int f1_2 = 2 * f1;
int f2_2 = 2 * f2;
int f3_2 = 2 * f3;
int f4_2 = 2 * f4;
int f5_2 = 2 * f5;
int f6_2 = 2 * f6;
int f7_2 = 2 * f7;
int f5_38 = 38 * f5; /* 1.959375*2^30 */
int f6_19 = 19 * f6; /* 1.959375*2^30 */
int f7_38 = 38 * f7; /* 1.959375*2^30 */
int f8_19 = 19 * f8; /* 1.959375*2^30 */
int f9_38 = 38 * f9; /* 1.959375*2^30 */
long f0f0 = f0 * (long) f0;
long f0f1_2 = f0_2 * (long) f1;
long f0f2_2 = f0_2 * (long) f2;
long f0f3_2 = f0_2 * (long) f3;
long f0f4_2 = f0_2 * (long) f4;
long f0f5_2 = f0_2 * (long) f5;
long f0f6_2 = f0_2 * (long) f6;
long f0f7_2 = f0_2 * (long) f7;
long f0f8_2 = f0_2 * (long) f8;
long f0f9_2 = f0_2 * (long) f9;
long f1f1_2 = f1_2 * (long) f1;
long f1f2_2 = f1_2 * (long) f2;
long f1f3_4 = f1_2 * (long) f3_2;
long f1f4_2 = f1_2 * (long) f4;
long f1f5_4 = f1_2 * (long) f5_2;
long f1f6_2 = f1_2 * (long) f6;
long f1f7_4 = f1_2 * (long) f7_2;
long f1f8_2 = f1_2 * (long) f8;
long f1f9_76 = f1_2 * (long) f9_38;
long f2f2 = f2 * (long) f2;
long f2f3_2 = f2_2 * (long) f3;
long f2f4_2 = f2_2 * (long) f4;
long f2f5_2 = f2_2 * (long) f5;
long f2f6_2 = f2_2 * (long) f6;
long f2f7_2 = f2_2 * (long) f7;
long f2f8_38 = f2_2 * (long) f8_19;
long f2f9_38 = f2 * (long) f9_38;
long f3f3_2 = f3_2 * (long) f3;
long f3f4_2 = f3_2 * (long) f4;
long f3f5_4 = f3_2 * (long) f5_2;
long f3f6_2 = f3_2 * (long) f6;
long f3f7_76 = f3_2 * (long) f7_38;
long f3f8_38 = f3_2 * (long) f8_19;
long f3f9_76 = f3_2 * (long) f9_38;
long f4f4 = f4 * (long) f4;
long f4f5_2 = f4_2 * (long) f5;
long f4f6_38 = f4_2 * (long) f6_19;
long f4f7_38 = f4 * (long) f7_38;
long f4f8_38 = f4_2 * (long) f8_19;
long f4f9_38 = f4 * (long) f9_38;
long f5f5_38 = f5 * (long) f5_38;
long f5f6_38 = f5_2 * (long) f6_19;
long f5f7_76 = f5_2 * (long) f7_38;
long f5f8_38 = f5_2 * (long) f8_19;
long f5f9_76 = f5_2 * (long) f9_38;
long f6f6_19 = f6 * (long) f6_19;
long f6f7_38 = f6 * (long) f7_38;
long f6f8_38 = f6_2 * (long) f8_19;
long f6f9_38 = f6 * (long) f9_38;
long f7f7_38 = f7 * (long) f7_38;
long f7f8_38 = f7_2 * (long) f8_19;
long f7f9_76 = f7_2 * (long) f9_38;
long f8f8_19 = f8 * (long) f8_19;
long f8f9_38 = f8 * (long) f9_38;
long f9f9_38 = f9 * (long) f9_38;
long h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38;
long h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38;
long h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19;
long h3 = f0f3_2+f1f2_2 +f4f9_38+f5f8_38+f6f7_38;
long h4 = f0f4_2+f1f3_4 +f2f2 +f5f9_76+f6f8_38+f7f7_38;
long h5 = f0f5_2+f1f4_2 +f2f3_2 +f6f9_38+f7f8_38;
long h6 = f0f6_2+f1f5_4 +f2f4_2 +f3f3_2 +f7f9_76+f8f8_19;
long h7 = f0f7_2+f1f6_2 +f2f5_2 +f3f4_2 +f8f9_38;
long h8 = f0f8_2+f1f7_4 +f2f6_2 +f3f5_4 +f4f4 +f9f9_38;
long h9 = f0f9_2+f1f8_2 +f2f7_2 +f3f6_2 +f4f5_2;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
h0 += h0;
h1 += h1;
h2 += h2;
h3 += h3;
h4 += h4;
h5 += h5;
h6 += h6;
h7 += h7;
h8 += h8;
h9 += h9;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry1 = (h1 + (long) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
carry5 = (h5 + (long) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
carry2 = (h2 + (long) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
carry6 = (h6 + (long) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
carry3 = (h3 + (long) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
carry7 = (h7 + (long) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
carry4 = (h4 + (long) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
carry8 = (h8 + (long) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
carry9 = (h9 + (long) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
carry0 = (h0 + (long) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,65 @@
package org.whispersystems.curve25519.java;
public class fe_sub {
//CONVERT #include "fe.h"
h = f - g
Can overlap h with f or g.
|f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
|g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
|h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
public static void fe_sub(int[] h,int[] f,int[] g)
int f0 = f[0];
int f1 = f[1];
int f2 = f[2];
int f3 = f[3];
int f4 = f[4];
int f5 = f[5];
int f6 = f[6];
int f7 = f[7];
int f8 = f[8];
int f9 = f[9];
int g0 = g[0];
int g1 = g[1];
int g2 = g[2];
int g3 = g[3];
int g4 = g[4];
int g5 = g[5];
int g6 = g[6];
int g7 = g[7];
int g8 = g[8];
int g9 = g[9];
int h0 = f0 - g0;
int h1 = f1 - g1;
int h2 = f2 - g2;
int h3 = f3 - g3;
int h4 = f4 - g4;
int h5 = f5 - g5;
int h6 = f6 - g6;
int h7 = f7 - g7;
int h8 = f8 - g8;
int h9 = f9 - g9;
h[0] = (int)h0;
h[1] = (int)h1;
h[2] = (int)h2;
h[3] = (int)h3;
h[4] = (int)h4;
h[5] = (int)h5;
h[6] = (int)h6;
h[7] = (int)h7;
h[8] = (int)h8;
h[9] = (int)h9;
Normal file
Normal file
@ -0,0 +1,127 @@
package org.whispersystems.curve25519.java;
public class fe_tobytes {
//CONVERT #include "fe.h"
|h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
Write p=2^255-19; q=floor(h/p).
Basic claim: q = floor(2^(-255)(h + 19 2^(-25)h9 + 2^(-1))).
Have |h|<=p so |q|<=1 so |19^2 2^(-255) q|<1/4.
Also have |h-2^230 h9|<2^231 so |19 2^(-255)(h-2^230 h9)|<1/4.
Write y=2^(-1)-19^2 2^(-255)q-19 2^(-255)(h-2^230 h9).
Then 0<y<1.
Write r=h-pq.
Have 0<=r<=p-1=2^255-20.
Thus 0<=r+19(2^-255)r<r+19(2^-255)2^255<=2^255-1.
Write x=r+19(2^-255)r+y.
Then 0<x<2^255 so floor(2^(-255)x) = 0 so floor(q+2^(-255)x) = q.
Have q+2^(-255)x = 2^(-255)(h + 19 2^(-25) h9 + 2^(-1))
so floor(2^(-255)(h + 19 2^(-25) h9 + 2^(-1))) = q.
public static void fe_tobytes(byte[] s,int[] h)
int h0 = h[0];
int h1 = h[1];
int h2 = h[2];
int h3 = h[3];
int h4 = h[4];
int h5 = h[5];
int h6 = h[6];
int h7 = h[7];
int h8 = h[8];
int h9 = h[9];
int q;
int carry0;
int carry1;
int carry2;
int carry3;
int carry4;
int carry5;
int carry6;
int carry7;
int carry8;
int carry9;
q = (19 * h9 + (((int) 1) << 24)) >> 25;
q = (h0 + q) >> 26;
q = (h1 + q) >> 25;
q = (h2 + q) >> 26;
q = (h3 + q) >> 25;
q = (h4 + q) >> 26;
q = (h5 + q) >> 25;
q = (h6 + q) >> 26;
q = (h7 + q) >> 25;
q = (h8 + q) >> 26;
q = (h9 + q) >> 25;
/* Goal: Output h-(2^255-19)q, which is between 0 and 2^255-20. */
h0 += 19 * q;
/* Goal: Output h-2^255 q, which is between 0 and 2^255-20. */
carry0 = h0 >> 26; h1 += carry0; h0 -= carry0 << 26;
carry1 = h1 >> 25; h2 += carry1; h1 -= carry1 << 25;
carry2 = h2 >> 26; h3 += carry2; h2 -= carry2 << 26;
carry3 = h3 >> 25; h4 += carry3; h3 -= carry3 << 25;
carry4 = h4 >> 26; h5 += carry4; h4 -= carry4 << 26;
carry5 = h5 >> 25; h6 += carry5; h5 -= carry5 << 25;
carry6 = h6 >> 26; h7 += carry6; h6 -= carry6 << 26;
carry7 = h7 >> 25; h8 += carry7; h7 -= carry7 << 25;
carry8 = h8 >> 26; h9 += carry8; h8 -= carry8 << 26;
carry9 = h9 >> 25; h9 -= carry9 << 25;
/* h10 = carry9 */
Goal: Output h0+...+2^255 h10-2^255 q, which is between 0 and 2^255-20.
Have h0+...+2^230 h9 between 0 and 2^255-1;
evidently 2^255 h10-2^255 q = 0.
Goal: Output h0+...+2^230 h9.
s[0] = (byte)(h0 >> 0);
s[1] = (byte)(h0 >> 8);
s[2] = (byte)(h0 >> 16);
s[3] = (byte)((h0 >> 24) | (h1 << 2));
s[4] = (byte)(h1 >> 6);
s[5] = (byte)(h1 >> 14);
s[6] = (byte)((h1 >> 22) | (h2 << 3));
s[7] = (byte)(h2 >> 5);
s[8] = (byte)(h2 >> 13);
s[9] = (byte)((h2 >> 21) | (h3 << 5));
s[10] = (byte)(h3 >> 3);
s[11] = (byte)(h3 >> 11);
s[12] = (byte)((h3 >> 19) | (h4 << 6));
s[13] = (byte)(h4 >> 2);
s[14] = (byte)(h4 >> 10);
s[15] = (byte)(h4 >> 18);
s[16] = (byte)(h5 >> 0);
s[17] = (byte)(h5 >> 8);
s[18] = (byte)(h5 >> 16);
s[19] = (byte)((h5 >> 24) | (h6 << 1));
s[20] = (byte)(h6 >> 7);
s[21] = (byte)(h6 >> 15);
s[22] = (byte)((h6 >> 23) | (h7 << 3));
s[23] = (byte)(h7 >> 5);
s[24] = (byte)(h7 >> 13);
s[25] = (byte)((h7 >> 21) | (h8 << 4));
s[26] = (byte)(h8 >> 4);
s[27] = (byte)(h8 >> 12);
s[28] = (byte)((h8 >> 20) | (h9 << 6));
s[29] = (byte)(h9 >> 2);
s[30] = (byte)(h9 >> 10);
s[31] = (byte)(h9 >> 18);
Normal file
Normal file
@ -0,0 +1,116 @@
package org.whispersystems.curve25519.java;
public class ge_add {
//CONVERT #include "ge.h"
r = p + q
public static void ge_add(ge_p1p1 r,ge_p3 p,ge_cached q)
int[] t0 = new int[10];
//CONVERT #include "ge_add.h"
/* qhasm: enter ge_add */
/* qhasm: fe X1 */
/* qhasm: fe Y1 */
/* qhasm: fe Z1 */
/* qhasm: fe Z2 */
/* qhasm: fe T1 */
/* qhasm: fe ZZ */
/* qhasm: fe YpX2 */
/* qhasm: fe YmX2 */
/* qhasm: fe T2d2 */
/* qhasm: fe X3 */
/* qhasm: fe Y3 */
/* qhasm: fe Z3 */
/* qhasm: fe T3 */
/* qhasm: fe YpX1 */
/* qhasm: fe YmX1 */
/* qhasm: fe A */
/* qhasm: fe B */
/* qhasm: fe C */
/* qhasm: fe D */
/* qhasm: YpX1 = Y1+X1 */
/* asm 1: fe_add.fe_add(>YpX1=fe#1,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_add.fe_add(>YpX1=r.X,<Y1=p.Y,<X1=p.X); */
/* qhasm: YmX1 = Y1-X1 */
/* asm 1: fe_sub.fe_sub(>YmX1=fe#2,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_sub.fe_sub(>YmX1=r.Y,<Y1=p.Y,<X1=p.X); */
/* qhasm: A = YpX1*YpX2 */
/* asm 1: fe_mul.fe_mul(>A=fe#3,<YpX1=fe#1,<YpX2=fe#15); */
/* asm 2: fe_mul.fe_mul(>A=r.Z,<YpX1=r.X,<YpX2=q.YplusX); */
/* qhasm: B = YmX1*YmX2 */
/* asm 1: fe_mul.fe_mul(>B=fe#2,<YmX1=fe#2,<YmX2=fe#16); */
/* asm 2: fe_mul.fe_mul(>B=r.Y,<YmX1=r.Y,<YmX2=q.YminusX); */
/* qhasm: C = T2d2*T1 */
/* asm 1: fe_mul.fe_mul(>C=fe#4,<T2d2=fe#18,<T1=fe#14); */
/* asm 2: fe_mul.fe_mul(>C=r.T,<T2d2=q.T2d,<T1=p.T); */
/* qhasm: ZZ = Z1*Z2 */
/* asm 1: fe_mul.fe_mul(>ZZ=fe#1,<Z1=fe#13,<Z2=fe#17); */
/* asm 2: fe_mul.fe_mul(>ZZ=r.X,<Z1=p.Z,<Z2=q.Z); */
/* qhasm: D = 2*ZZ */
/* asm 1: fe_add.fe_add(>D=fe#5,<ZZ=fe#1,<ZZ=fe#1); */
/* asm 2: fe_add.fe_add(>D=t0,<ZZ=r.X,<ZZ=r.X); */
/* qhasm: X3 = A-B */
/* asm 1: fe_sub.fe_sub(>X3=fe#1,<A=fe#3,<B=fe#2); */
/* asm 2: fe_sub.fe_sub(>X3=r.X,<A=r.Z,<B=r.Y); */
/* qhasm: Y3 = A+B */
/* asm 1: fe_add.fe_add(>Y3=fe#2,<A=fe#3,<B=fe#2); */
/* asm 2: fe_add.fe_add(>Y3=r.Y,<A=r.Z,<B=r.Y); */
/* qhasm: Z3 = D+C */
/* asm 1: fe_add.fe_add(>Z3=fe#3,<D=fe#5,<C=fe#4); */
/* asm 2: fe_add.fe_add(>Z3=r.Z,<D=t0,<C=r.T); */
/* qhasm: T3 = D-C */
/* asm 1: fe_sub.fe_sub(>T3=fe#4,<D=fe#5,<C=fe#4); */
/* asm 2: fe_sub.fe_sub(>T3=r.T,<D=t0,<C=r.T); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,18 @@
package org.whispersystems.curve25519.java;
public class ge_cached {
public int[] YplusX;
public int[] YminusX;
public int[] Z;
public int[] T2d;
public ge_cached() {
YplusX = new int[10];
YminusX = new int[10];
Z = new int[10];
T2d = new int[10];
Normal file
Normal file
@ -0,0 +1,149 @@
package org.whispersystems.curve25519.java;
public class ge_double_scalarmult {
//CONVERT #include "ge.h"
static public void slide(byte[] r,byte[] a)
int i;
int b;
int k;
for (i = 0;i < 256;++i) {
//CONVERT r[i] = 1 & (a[i >> 3] >> (i & 7));
r[i] = (byte)(1 & (a[i >> 3] >>> (i & 7)));
for (i = 0;i < 256;++i)
if (r[i] != 0) {
for (b = 1;b <= 6 && i + b < 256;++b) {
if (r[i + b] != 0) {
if (r[i] + (r[i + b] << b) <= 15) {
r[i] += r[i + b] << b; r[i + b] = 0;
} else if (r[i] - (r[i + b] << b) >= -15) {
r[i] -= r[i + b] << b;
for (k = i + b;k < 256;++k) {
if (r[k] == 0) {
r[k] = 1;
r[k] = 0;
} else
static ge_precomp Bi[];
static {
Bi = new ge_precomp[8];
Bi[0] = new ge_precomp(
new int[]{ 25967493,-14356035,29566456,3660896,-12694345,4014787,27544626,-11754271,-6079156,2047605 },
new int[]{ -12545711,934262,-2722910,3049990,-727428,9406986,12720692,5043384,19500929,-15469378 },
new int[]{ -8738181,4489570,9688441,-14785194,10184609,-12363380,29287919,11864899,-24514362,-4438546 }
Bi[1] = new ge_precomp(
new int[]{ 15636291,-9688557,24204773,-7912398,616977,-16685262,27787600,-14772189,28944400,-1550024 },
new int[]{ 16568933,4717097,-11556148,-1102322,15682896,-11807043,16354577,-11775962,7689662,11199574 },
new int[]{ 30464156,-5976125,-11779434,-15670865,23220365,15915852,7512774,10017326,-17749093,-9920357 }
Bi[2] = new ge_precomp(
new int[]{ 10861363,11473154,27284546,1981175,-30064349,12577861,32867885,14515107,-15438304,10819380 },
new int[]{ 4708026,6336745,20377586,9066809,-11272109,6594696,-25653668,12483688,-12668491,5581306 },
new int[]{ 19563160,16186464,-29386857,4097519,10237984,-4348115,28542350,13850243,-23678021,-15815942 }
Bi[3] = new ge_precomp(
new int[]{ 5153746,9909285,1723747,-2777874,30523605,5516873,19480852,5230134,-23952439,-15175766 },
new int[]{ -30269007,-3463509,7665486,10083793,28475525,1649722,20654025,16520125,30598449,7715701 },
new int[]{ 28881845,14381568,9657904,3680757,-20181635,7843316,-31400660,1370708,29794553,-1409300 }
Bi[4] = new ge_precomp(
new int[]{ -22518993,-6692182,14201702,-8745502,-23510406,8844726,18474211,-1361450,-13062696,13821877 },
new int[]{ -6455177,-7839871,3374702,-4740862,-27098617,-10571707,31655028,-7212327,18853322,-14220951 },
new int[]{ 4566830,-12963868,-28974889,-12240689,-7602672,-2830569,-8514358,-10431137,2207753,-3209784 }
Bi[5] = new ge_precomp(
new int[]{ -25154831,-4185821,29681144,7868801,-6854661,-9423865,-12437364,-663000,-31111463,-16132436 },
new int[]{ 25576264,-2703214,7349804,-11814844,16472782,9300885,3844789,15725684,171356,6466918 },
new int[]{ 23103977,13316479,9739013,-16149481,817875,-15038942,8965339,-14088058,-30714912,16193877 }
Bi[6] = new ge_precomp(
new int[]{ -33521811,3180713,-2394130,14003687,-16903474,-16270840,17238398,4729455,-18074513,9256800 },
new int[]{ -25182317,-4174131,32336398,5036987,-21236817,11360617,22616405,9761698,-19827198,630305 },
new int[]{ -13720693,2639453,-24237460,-7406481,9494427,-5774029,-6554551,-15960994,-2449256,-14291300 }
Bi[7] = new ge_precomp(
new int[]{ -3151181,-5046075,9282714,6866145,-31907062,-863023,-18940575,15033784,25105118,-7894876 },
new int[]{ -24326370,15950226,-31801215,-14592823,-11662737,-5090925,1573892,-2625887,2198790,-15804619 },
new int[]{ -3099351,10324967,-2241613,7453183,-5446979,-2735503,-13812022,-16236442,-32461234,-12290683 }
r = a * A + b * B
where a = a[0]+256*a[1]+...+256^31 a[31].
and b = b[0]+256*b[1]+...+256^31 b[31].
B is the Ed25519 base point (x,4/5) with x positive.
public static void ge_double_scalarmult_vartime(ge_p2 r,byte[] a,ge_p3 A,byte[] b)
byte[] aslide = new byte[256];
byte[] bslide = new byte[256];
ge_cached Ai[] = new ge_cached[8]; /* A,3A,5A,7A,9A,11A,13A,15A */
for (int count=0; count < 8; count++)
Ai[count] = new ge_cached();
ge_p1p1 t = new ge_p1p1();
ge_p3 u = new ge_p3();
ge_p3 A2 = new ge_p3();
int i;
ge_p3_dbl.ge_p3_dbl(t,A); ge_p1p1_to_p3.ge_p1p1_to_p3(A2,t);
ge_add.ge_add(t,A2,Ai[0]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[1],u);
ge_add.ge_add(t,A2,Ai[1]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[2],u);
ge_add.ge_add(t,A2,Ai[2]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[3],u);
ge_add.ge_add(t,A2,Ai[3]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[4],u);
ge_add.ge_add(t,A2,Ai[4]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[5],u);
ge_add.ge_add(t,A2,Ai[5]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[6],u);
ge_add.ge_add(t,A2,Ai[6]); ge_p1p1_to_p3.ge_p1p1_to_p3(u,t); ge_p3_to_cached.ge_p3_to_cached(Ai[7],u);
for (i = 255;i >= 0;--i) {
if (aslide[i] !=0 || bslide[i] != 0) break;
for (;i >= 0;--i) {
if (aslide[i] > 0) {
} else if (aslide[i] < 0) {
if (bslide[i] > 0) {
} else if (bslide[i] < 0) {
Normal file
Normal file
@ -0,0 +1,60 @@
package org.whispersystems.curve25519.java;
public class ge_frombytes {
//CONVERT #include "ge.h"
static int[] d = {
//CONVERT #include "d.h"
} ;
static int[] sqrtm1 = {
//CONVERT #include "sqrtm1.h"
} ;
public static int ge_frombytes_negate_vartime(ge_p3 h,byte[] s)
int[] u = new int[10];
int[] v = new int[10];
int[] v3 = new int[10];
int[] vxx = new int[10];
int[] check = new int[10];
fe_sub.fe_sub(u,u,h.Z); /* u = y^2-1 */
fe_add.fe_add(v,v,h.Z); /* v = dy^2+1 */
fe_mul.fe_mul(v3,v3,v); /* v3 = v^3 */
fe_mul.fe_mul(h.X,h.X,u); /* x = uv^7 */
fe_pow22523.fe_pow22523(h.X,h.X); /* x = (uv^7)^((q-5)/8) */
fe_mul.fe_mul(h.X,h.X,u); /* x = uv^3(uv^7)^((q-5)/8) */
fe_sub.fe_sub(check,vxx,u); /* vx^2-u */
if (fe_isnonzero.fe_isnonzero(check) != 0) {
fe_add.fe_add(check,vxx,u); /* vx^2+u */
if (fe_isnonzero.fe_isnonzero(check) != 0) return -1;
if (fe_isnegative.fe_isnegative(h.X) == ((s[31] >>> 7) & 0x01)) {
return 0;
Normal file
Normal file
@ -0,0 +1,107 @@
package org.whispersystems.curve25519.java;
public class ge_madd {
//CONVERT #include "ge.h"
r = p + q
public static void ge_madd(ge_p1p1 r,ge_p3 p,ge_precomp q)
int[] t0 = new int[10];
//CONVERT #include "ge_madd.h"
/* qhasm: enter ge_madd */
/* qhasm: fe X1 */
/* qhasm: fe Y1 */
/* qhasm: fe Z1 */
/* qhasm: fe T1 */
/* qhasm: fe ypx2 */
/* qhasm: fe ymx2 */
/* qhasm: fe xy2d2 */
/* qhasm: fe X3 */
/* qhasm: fe Y3 */
/* qhasm: fe Z3 */
/* qhasm: fe T3 */
/* qhasm: fe YpX1 */
/* qhasm: fe YmX1 */
/* qhasm: fe A */
/* qhasm: fe B */
/* qhasm: fe C */
/* qhasm: fe D */
/* qhasm: YpX1 = Y1+X1 */
/* asm 1: fe_add.fe_add(>YpX1=fe#1,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_add.fe_add(>YpX1=r.X,<Y1=p.Y,<X1=p.X); */
/* qhasm: YmX1 = Y1-X1 */
/* asm 1: fe_sub.fe_sub(>YmX1=fe#2,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_sub.fe_sub(>YmX1=r.Y,<Y1=p.Y,<X1=p.X); */
/* qhasm: A = YpX1*ypx2 */
/* asm 1: fe_mul.fe_mul(>A=fe#3,<YpX1=fe#1,<ypx2=fe#15); */
/* asm 2: fe_mul.fe_mul(>A=r.Z,<YpX1=r.X,<ypx2=q.yplusx); */
/* qhasm: B = YmX1*ymx2 */
/* asm 1: fe_mul.fe_mul(>B=fe#2,<YmX1=fe#2,<ymx2=fe#16); */
/* asm 2: fe_mul.fe_mul(>B=r.Y,<YmX1=r.Y,<ymx2=q.yminusx); */
/* qhasm: C = xy2d2*T1 */
/* asm 1: fe_mul.fe_mul(>C=fe#4,<xy2d2=fe#17,<T1=fe#14); */
/* asm 2: fe_mul.fe_mul(>C=r.T,<xy2d2=q.xy2d,<T1=p.T); */
/* qhasm: D = 2*Z1 */
/* asm 1: fe_add.fe_add(>D=fe#5,<Z1=fe#13,<Z1=fe#13); */
/* asm 2: fe_add.fe_add(>D=t0,<Z1=p.Z,<Z1=p.Z); */
/* qhasm: X3 = A-B */
/* asm 1: fe_sub.fe_sub(>X3=fe#1,<A=fe#3,<B=fe#2); */
/* asm 2: fe_sub.fe_sub(>X3=r.X,<A=r.Z,<B=r.Y); */
/* qhasm: Y3 = A+B */
/* asm 1: fe_add.fe_add(>Y3=fe#2,<A=fe#3,<B=fe#2); */
/* asm 2: fe_add.fe_add(>Y3=r.Y,<A=r.Z,<B=r.Y); */
/* qhasm: Z3 = D+C */
/* asm 1: fe_add.fe_add(>Z3=fe#3,<D=fe#5,<C=fe#4); */
/* asm 2: fe_add.fe_add(>Z3=r.Z,<D=t0,<C=r.T); */
/* qhasm: T3 = D-C */
/* asm 1: fe_sub.fe_sub(>T3=fe#4,<D=fe#5,<C=fe#4); */
/* asm 2: fe_sub.fe_sub(>T3=r.T,<D=t0,<C=r.T); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,107 @@
package org.whispersystems.curve25519.java;
public class ge_msub {
//CONVERT #include "ge.h"
r = p - q
public static void ge_msub(ge_p1p1 r,ge_p3 p,ge_precomp q)
int[] t0 = new int[10];
//CONVERT #include "ge_msub.h"
/* qhasm: enter ge_msub */
/* qhasm: fe X1 */
/* qhasm: fe Y1 */
/* qhasm: fe Z1 */
/* qhasm: fe T1 */
/* qhasm: fe ypx2 */
/* qhasm: fe ymx2 */
/* qhasm: fe xy2d2 */
/* qhasm: fe X3 */
/* qhasm: fe Y3 */
/* qhasm: fe Z3 */
/* qhasm: fe T3 */
/* qhasm: fe YpX1 */
/* qhasm: fe YmX1 */
/* qhasm: fe A */
/* qhasm: fe B */
/* qhasm: fe C */
/* qhasm: fe D */
/* qhasm: YpX1 = Y1+X1 */
/* asm 1: fe_add.fe_add(>YpX1=fe#1,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_add.fe_add(>YpX1=r.X,<Y1=p.Y,<X1=p.X); */
/* qhasm: YmX1 = Y1-X1 */
/* asm 1: fe_sub.fe_sub(>YmX1=fe#2,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_sub.fe_sub(>YmX1=r.Y,<Y1=p.Y,<X1=p.X); */
/* qhasm: A = YpX1*ymx2 */
/* asm 1: fe_mul.fe_mul(>A=fe#3,<YpX1=fe#1,<ymx2=fe#16); */
/* asm 2: fe_mul.fe_mul(>A=r.Z,<YpX1=r.X,<ymx2=q.yminusx); */
/* qhasm: B = YmX1*ypx2 */
/* asm 1: fe_mul.fe_mul(>B=fe#2,<YmX1=fe#2,<ypx2=fe#15); */
/* asm 2: fe_mul.fe_mul(>B=r.Y,<YmX1=r.Y,<ypx2=q.yplusx); */
/* qhasm: C = xy2d2*T1 */
/* asm 1: fe_mul.fe_mul(>C=fe#4,<xy2d2=fe#17,<T1=fe#14); */
/* asm 2: fe_mul.fe_mul(>C=r.T,<xy2d2=q.xy2d,<T1=p.T); */
/* qhasm: D = 2*Z1 */
/* asm 1: fe_add.fe_add(>D=fe#5,<Z1=fe#13,<Z1=fe#13); */
/* asm 2: fe_add.fe_add(>D=t0,<Z1=p.Z,<Z1=p.Z); */
/* qhasm: X3 = A-B */
/* asm 1: fe_sub.fe_sub(>X3=fe#1,<A=fe#3,<B=fe#2); */
/* asm 2: fe_sub.fe_sub(>X3=r.X,<A=r.Z,<B=r.Y); */
/* qhasm: Y3 = A+B */
/* asm 1: fe_add.fe_add(>Y3=fe#2,<A=fe#3,<B=fe#2); */
/* asm 2: fe_add.fe_add(>Y3=r.Y,<A=r.Z,<B=r.Y); */
/* qhasm: Z3 = D-C */
/* asm 1: fe_sub.fe_sub(>Z3=fe#3,<D=fe#5,<C=fe#4); */
/* asm 2: fe_sub.fe_sub(>Z3=r.Z,<D=t0,<C=r.T); */
/* qhasm: T3 = D+C */
/* asm 1: fe_add.fe_add(>T3=fe#4,<D=fe#5,<C=fe#4); */
/* asm 2: fe_add.fe_add(>T3=r.T,<D=t0,<C=r.T); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,18 @@
package org.whispersystems.curve25519.java;
public class ge_p1p1 {
public int[] X;
public int[] Y;
public int[] Z;
public int[] T;
public ge_p1p1() {
X = new int[10];
Y = new int[10];
Z = new int[10];
T = new int[10];
Normal file
Normal file
@ -0,0 +1,20 @@
package org.whispersystems.curve25519.java;
public class ge_p1p1_to_p2 {
//CONVERT #include "ge.h"
r = p
public static void ge_p1p1_to_p2(ge_p2 r,ge_p1p1 p)
Normal file
Normal file
@ -0,0 +1,21 @@
package org.whispersystems.curve25519.java;
public class ge_p1p1_to_p3 {
//CONVERT #include "ge.h"
r = p
public static void ge_p1p1_to_p3(ge_p3 r,ge_p1p1 p)
Normal file
Normal file
@ -0,0 +1,16 @@
package org.whispersystems.curve25519.java;
public class ge_p2 {
public int[] X;
public int[] Y;
public int[] Z;
public ge_p2() {
X = new int[10];
Y = new int[10];
Z = new int[10];
Normal file
Normal file
@ -0,0 +1,16 @@
package org.whispersystems.curve25519.java;
public class ge_p2_0 {
//CONVERT #include "ge.h"
public static void ge_p2_0(ge_p2 h)
Normal file
Normal file
@ -0,0 +1,92 @@
package org.whispersystems.curve25519.java;
public class ge_p2_dbl {
//CONVERT #include "ge.h"
r = 2 * p
public static void ge_p2_dbl(ge_p1p1 r,ge_p2 p)
int[] t0 = new int[10];
//CONVERT #include "ge_p2_dbl.h"
/* qhasm: enter ge_p2_dbl */
/* qhasm: fe X1 */
/* qhasm: fe Y1 */
/* qhasm: fe Z1 */
/* qhasm: fe A */
/* qhasm: fe AA */
/* qhasm: fe XX */
/* qhasm: fe YY */
/* qhasm: fe B */
/* qhasm: fe X3 */
/* qhasm: fe Y3 */
/* qhasm: fe Z3 */
/* qhasm: fe T3 */
/* qhasm: XX=X1^2 */
/* asm 1: fe_sq.fe_sq(>XX=fe#1,<X1=fe#11); */
/* asm 2: fe_sq.fe_sq(>XX=r.X,<X1=p.X); */
/* qhasm: YY=Y1^2 */
/* asm 1: fe_sq.fe_sq(>YY=fe#3,<Y1=fe#12); */
/* asm 2: fe_sq.fe_sq(>YY=r.Z,<Y1=p.Y); */
/* qhasm: B=2*Z1^2 */
/* asm 1: fe_sq2.fe_sq2(>B=fe#4,<Z1=fe#13); */
/* asm 2: fe_sq2.fe_sq2(>B=r.T,<Z1=p.Z); */
/* qhasm: A=X1+Y1 */
/* asm 1: fe_add.fe_add(>A=fe#2,<X1=fe#11,<Y1=fe#12); */
/* asm 2: fe_add.fe_add(>A=r.Y,<X1=p.X,<Y1=p.Y); */
/* qhasm: AA=A^2 */
/* asm 1: fe_sq.fe_sq(>AA=fe#5,<A=fe#2); */
/* asm 2: fe_sq.fe_sq(>AA=t0,<A=r.Y); */
/* qhasm: Y3=YY+XX */
/* asm 1: fe_add.fe_add(>Y3=fe#2,<YY=fe#3,<XX=fe#1); */
/* asm 2: fe_add.fe_add(>Y3=r.Y,<YY=r.Z,<XX=r.X); */
/* qhasm: Z3=YY-XX */
/* asm 1: fe_sub.fe_sub(>Z3=fe#3,<YY=fe#3,<XX=fe#1); */
/* asm 2: fe_sub.fe_sub(>Z3=r.Z,<YY=r.Z,<XX=r.X); */
/* qhasm: X3=AA-Y3 */
/* asm 1: fe_sub.fe_sub(>X3=fe#1,<AA=fe#5,<Y3=fe#2); */
/* asm 2: fe_sub.fe_sub(>X3=r.X,<AA=t0,<Y3=r.Y); */
/* qhasm: T3=B-Z3 */
/* asm 1: fe_sub.fe_sub(>T3=fe#4,<B=fe#4,<Z3=fe#3); */
/* asm 2: fe_sub.fe_sub(>T3=r.T,<B=r.T,<Z3=r.Z); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,18 @@
package org.whispersystems.curve25519.java;
public class ge_p3 {
public int[] X;
public int[] Y;
public int[] Z;
public int[] T;
public ge_p3() {
X = new int[10];
Y = new int[10];
Z = new int[10];
T = new int[10];
Normal file
Normal file
@ -0,0 +1,17 @@
package org.whispersystems.curve25519.java;
public class ge_p3_0 {
//CONVERT #include "ge.h"
public static void ge_p3_0(ge_p3 h)
Normal file
Normal file
@ -0,0 +1,20 @@
package org.whispersystems.curve25519.java;
public class ge_p3_dbl {
//CONVERT #include "ge.h"
r = 2 * p
public static void ge_p3_dbl(ge_p1p1 r,ge_p3 p)
ge_p2 q = new ge_p2();
Normal file
Normal file
@ -0,0 +1,26 @@
package org.whispersystems.curve25519.java;
public class ge_p3_to_cached {
//CONVERT #include "ge.h"
r = p
static int[] d2 = {
//CONVERT #include "d2.h"
} ;
public static void ge_p3_to_cached(ge_cached r,ge_p3 p)
Normal file
Normal file
@ -0,0 +1,20 @@
package org.whispersystems.curve25519.java;
public class ge_p3_to_p2 {
//CONVERT #include "ge.h"
r = p
public static void ge_p3_to_p2(ge_p2 r,ge_p3 p)
Normal file
Normal file
@ -0,0 +1,22 @@
package org.whispersystems.curve25519.java;
public class ge_p3_tobytes {
//CONVERT #include "ge.h"
public static void ge_p3_tobytes(byte[] s,ge_p3 h)
int[] recip = new int[10];
int[] x = new int[10];
int[] y = new int[10];
s[31] ^= fe_isnegative.fe_isnegative(x) << 7;
Normal file
Normal file
@ -0,0 +1,23 @@
package org.whispersystems.curve25519.java;
public class ge_precomp {
public int[] yplusx;
public int[] yminusx;
public int[] xy2d;
public ge_precomp() {
yplusx = new int[10];
yminusx = new int[10];
xy2d = new int[10];
public ge_precomp(int[] new_yplusx, int[] new_yminusx,
int[] new_xy2d) {
yplusx = new_yplusx;
yminusx = new_yminusx;
xy2d = new_xy2d;
Normal file
Normal file
@ -0,0 +1,16 @@
package org.whispersystems.curve25519.java;
public class ge_precomp_0 {
//CONVERT #include "ge.h"
public static void ge_precomp_0(ge_precomp h)
Normal file
Normal file
@ -0,0 +1,332 @@
package org.whispersystems.curve25519.java;
public class ge_precomp_base_0_7 {
/* base[i][j] = (j+1)*256^i*B */
static ge_precomp base[][];
static {
//CONVERT #include "base.h"
base = new ge_precomp[32][8];
base[0][0] = new ge_precomp(
new int[] { 25967493,-14356035,29566456,3660896,-12694345,4014787,27544626,-11754271,-6079156,2047605 },
new int[] { -12545711,934262,-2722910,3049990,-727428,9406986,12720692,5043384,19500929,-15469378 },
new int[] { -8738181,4489570,9688441,-14785194,10184609,-12363380,29287919,11864899,-24514362,-4438546 }
base[0][1] = new ge_precomp(
new int[] { -12815894,-12976347,-21581243,11784320,-25355658,-2750717,-11717903,-3814571,-358445,-10211303 },
new int[] { -21703237,6903825,27185491,6451973,-29577724,-9554005,-15616551,11189268,-26829678,-5319081 },
new int[] { 26966642,11152617,32442495,15396054,14353839,-12752335,-3128826,-9541118,-15472047,-4166697 }
base[0][2] = new ge_precomp(
new int[] { 15636291,-9688557,24204773,-7912398,616977,-16685262,27787600,-14772189,28944400,-1550024 },
new int[] { 16568933,4717097,-11556148,-1102322,15682896,-11807043,16354577,-11775962,7689662,11199574 },
new int[] { 30464156,-5976125,-11779434,-15670865,23220365,15915852,7512774,10017326,-17749093,-9920357 }
base[0][3] = new ge_precomp(
new int[] { -17036878,13921892,10945806,-6033431,27105052,-16084379,-28926210,15006023,3284568,-6276540 },
new int[] { 23599295,-8306047,-11193664,-7687416,13236774,10506355,7464579,9656445,13059162,10374397 },
new int[] { 7798556,16710257,3033922,2874086,28997861,2835604,32406664,-3839045,-641708,-101325 }
base[0][4] = new ge_precomp(
new int[] { 10861363,11473154,27284546,1981175,-30064349,12577861,32867885,14515107,-15438304,10819380 },
new int[] { 4708026,6336745,20377586,9066809,-11272109,6594696,-25653668,12483688,-12668491,5581306 },
new int[] { 19563160,16186464,-29386857,4097519,10237984,-4348115,28542350,13850243,-23678021,-15815942 }
base[0][5] = new ge_precomp(
new int[] { -15371964,-12862754,32573250,4720197,-26436522,5875511,-19188627,-15224819,-9818940,-12085777 },
new int[] { -8549212,109983,15149363,2178705,22900618,4543417,3044240,-15689887,1762328,14866737 },
new int[] { -18199695,-15951423,-10473290,1707278,-17185920,3916101,-28236412,3959421,27914454,4383652 }
base[0][6] = new ge_precomp(
new int[] { 5153746,9909285,1723747,-2777874,30523605,5516873,19480852,5230134,-23952439,-15175766 },
new int[] { -30269007,-3463509,7665486,10083793,28475525,1649722,20654025,16520125,30598449,7715701 },
new int[] { 28881845,14381568,9657904,3680757,-20181635,7843316,-31400660,1370708,29794553,-1409300 }
base[0][7] = new ge_precomp(
new int[] { 14499471,-2729599,-33191113,-4254652,28494862,14271267,30290735,10876454,-33154098,2381726 },
new int[] { -7195431,-2655363,-14730155,462251,-27724326,3941372,-6236617,3696005,-32300832,15351955 },
new int[] { 27431194,8222322,16448760,-3907995,-18707002,11938355,-32961401,-2970515,29551813,10109425 }
base[1][0] = new ge_precomp(
new int[] { -13657040,-13155431,-31283750,11777098,21447386,6519384,-2378284,-1627556,10092783,-4764171 },
new int[] { 27939166,14210322,4677035,16277044,-22964462,-12398139,-32508754,12005538,-17810127,12803510 },
new int[] { 17228999,-15661624,-1233527,300140,-1224870,-11714777,30364213,-9038194,18016357,4397660 }
base[1][1] = new ge_precomp(
new int[] { -10958843,-7690207,4776341,-14954238,27850028,-15602212,-26619106,14544525,-17477504,982639 },
new int[] { 29253598,15796703,-2863982,-9908884,10057023,3163536,7332899,-4120128,-21047696,9934963 },
new int[] { 5793303,16271923,-24131614,-10116404,29188560,1206517,-14747930,4559895,-30123922,-10897950 }
base[1][2] = new ge_precomp(
new int[] { -27643952,-11493006,16282657,-11036493,28414021,-15012264,24191034,4541697,-13338309,5500568 },
new int[] { 12650548,-1497113,9052871,11355358,-17680037,-8400164,-17430592,12264343,10874051,13524335 },
new int[] { 25556948,-3045990,714651,2510400,23394682,-10415330,33119038,5080568,-22528059,5376628 }
base[1][3] = new ge_precomp(
new int[] { -26088264,-4011052,-17013699,-3537628,-6726793,1920897,-22321305,-9447443,4535768,1569007 },
new int[] { -2255422,14606630,-21692440,-8039818,28430649,8775819,-30494562,3044290,31848280,12543772 },
new int[] { -22028579,2943893,-31857513,6777306,13784462,-4292203,-27377195,-2062731,7718482,14474653 }
base[1][4] = new ge_precomp(
new int[] { 2385315,2454213,-22631320,46603,-4437935,-15680415,656965,-7236665,24316168,-5253567 },
new int[] { 13741529,10911568,-33233417,-8603737,-20177830,-1033297,33040651,-13424532,-20729456,8321686 },
new int[] { 21060490,-2212744,15712757,-4336099,1639040,10656336,23845965,-11874838,-9984458,608372 }
base[1][5] = new ge_precomp(
new int[] { -13672732,-15087586,-10889693,-7557059,-6036909,11305547,1123968,-6780577,27229399,23887 },
new int[] { -23244140,-294205,-11744728,14712571,-29465699,-2029617,12797024,-6440308,-1633405,16678954 },
new int[] { -29500620,4770662,-16054387,14001338,7830047,9564805,-1508144,-4795045,-17169265,4904953 }
base[1][6] = new ge_precomp(
new int[] { 24059557,14617003,19037157,-15039908,19766093,-14906429,5169211,16191880,2128236,-4326833 },
new int[] { -16981152,4124966,-8540610,-10653797,30336522,-14105247,-29806336,916033,-6882542,-2986532 },
new int[] { -22630907,12419372,-7134229,-7473371,-16478904,16739175,285431,2763829,15736322,4143876 }
base[1][7] = new ge_precomp(
new int[] { 2379352,11839345,-4110402,-5988665,11274298,794957,212801,-14594663,23527084,-16458268 },
new int[] { 33431127,-11130478,-17838966,-15626900,8909499,8376530,-32625340,4087881,-15188911,-14416214 },
new int[] { 1767683,7197987,-13205226,-2022635,-13091350,448826,5799055,4357868,-4774191,-16323038 }
base[2][0] = new ge_precomp(
new int[] { 6721966,13833823,-23523388,-1551314,26354293,-11863321,23365147,-3949732,7390890,2759800 },
new int[] { 4409041,2052381,23373853,10530217,7676779,-12885954,21302353,-4264057,1244380,-12919645 },
new int[] { -4421239,7169619,4982368,-2957590,30256825,-2777540,14086413,9208236,15886429,16489664 }
base[2][1] = new ge_precomp(
new int[] { 1996075,10375649,14346367,13311202,-6874135,-16438411,-13693198,398369,-30606455,-712933 },
new int[] { -25307465,9795880,-2777414,14878809,-33531835,14780363,13348553,12076947,-30836462,5113182 },
new int[] { -17770784,11797796,31950843,13929123,-25888302,12288344,-30341101,-7336386,13847711,5387222 }
base[2][2] = new ge_precomp(
new int[] { -18582163,-3416217,17824843,-2340966,22744343,-10442611,8763061,3617786,-19600662,10370991 },
new int[] { 20246567,-14369378,22358229,-543712,18507283,-10413996,14554437,-8746092,32232924,16763880 },
new int[] { 9648505,10094563,26416693,14745928,-30374318,-6472621,11094161,15689506,3140038,-16510092 }
base[2][3] = new ge_precomp(
new int[] { -16160072,5472695,31895588,4744994,8823515,10365685,-27224800,9448613,-28774454,366295 },
new int[] { 19153450,11523972,-11096490,-6503142,-24647631,5420647,28344573,8041113,719605,11671788 },
new int[] { 8678025,2694440,-6808014,2517372,4964326,11152271,-15432916,-15266516,27000813,-10195553 }
base[2][4] = new ge_precomp(
new int[] { -15157904,7134312,8639287,-2814877,-7235688,10421742,564065,5336097,6750977,-14521026 },
new int[] { 11836410,-3979488,26297894,16080799,23455045,15735944,1695823,-8819122,8169720,16220347 },
new int[] { -18115838,8653647,17578566,-6092619,-8025777,-16012763,-11144307,-2627664,-5990708,-14166033 }
base[2][5] = new ge_precomp(
new int[] { -23308498,-10968312,15213228,-10081214,-30853605,-11050004,27884329,2847284,2655861,1738395 },
new int[] { -27537433,-14253021,-25336301,-8002780,-9370762,8129821,21651608,-3239336,-19087449,-11005278 },
new int[] { 1533110,3437855,23735889,459276,29970501,11335377,26030092,5821408,10478196,8544890 }
base[2][6] = new ge_precomp(
new int[] { 32173121,-16129311,24896207,3921497,22579056,-3410854,19270449,12217473,17789017,-3395995 },
new int[] { -30552961,-2228401,-15578829,-10147201,13243889,517024,15479401,-3853233,30460520,1052596 },
new int[] { -11614875,13323618,32618793,8175907,-15230173,12596687,27491595,-4612359,3179268,-9478891 }
base[2][7] = new ge_precomp(
new int[] { 31947069,-14366651,-4640583,-15339921,-15125977,-6039709,-14756777,-16411740,19072640,-9511060 },
new int[] { 11685058,11822410,3158003,-13952594,33402194,-4165066,5977896,-5215017,473099,5040608 },
new int[] { -20290863,8198642,-27410132,11602123,1290375,-2799760,28326862,1721092,-19558642,-3131606 }
base[3][0] = new ge_precomp(
new int[] { 7881532,10687937,7578723,7738378,-18951012,-2553952,21820786,8076149,-27868496,11538389 },
new int[] { -19935666,3899861,18283497,-6801568,-15728660,-11249211,8754525,7446702,-5676054,5797016 },
new int[] { -11295600,-3793569,-15782110,-7964573,12708869,-8456199,2014099,-9050574,-2369172,-5877341 }
base[3][1] = new ge_precomp(
new int[] { -22472376,-11568741,-27682020,1146375,18956691,16640559,1192730,-3714199,15123619,10811505 },
new int[] { 14352098,-3419715,-18942044,10822655,32750596,4699007,-70363,15776356,-28886779,-11974553 },
new int[] { -28241164,-8072475,-4978962,-5315317,29416931,1847569,-20654173,-16484855,4714547,-9600655 }
base[3][2] = new ge_precomp(
new int[] { 15200332,8368572,19679101,15970074,-31872674,1959451,24611599,-4543832,-11745876,12340220 },
new int[] { 12876937,-10480056,33134381,6590940,-6307776,14872440,9613953,8241152,15370987,9608631 },
new int[] { -4143277,-12014408,8446281,-391603,4407738,13629032,-7724868,15866074,-28210621,-8814099 }
base[3][3] = new ge_precomp(
new int[] { 26660628,-15677655,8393734,358047,-7401291,992988,-23904233,858697,20571223,8420556 },
new int[] { 14620715,13067227,-15447274,8264467,14106269,15080814,33531827,12516406,-21574435,-12476749 },
new int[] { 236881,10476226,57258,-14677024,6472998,2466984,17258519,7256740,8791136,15069930 }
base[3][4] = new ge_precomp(
new int[] { 1276410,-9371918,22949635,-16322807,-23493039,-5702186,14711875,4874229,-30663140,-2331391 },
new int[] { 5855666,4990204,-13711848,7294284,-7804282,1924647,-1423175,-7912378,-33069337,9234253 },
new int[] { 20590503,-9018988,31529744,-7352666,-2706834,10650548,31559055,-11609587,18979186,13396066 }
base[3][5] = new ge_precomp(
new int[] { 24474287,4968103,22267082,4407354,24063882,-8325180,-18816887,13594782,33514650,7021958 },
new int[] { -11566906,-6565505,-21365085,15928892,-26158305,4315421,-25948728,-3916677,-21480480,12868082 },
new int[] { -28635013,13504661,19988037,-2132761,21078225,6443208,-21446107,2244500,-12455797,-8089383 }
base[3][6] = new ge_precomp(
new int[] { -30595528,13793479,-5852820,319136,-25723172,-6263899,33086546,8957937,-15233648,5540521 },
new int[] { -11630176,-11503902,-8119500,-7643073,2620056,1022908,-23710744,-1568984,-16128528,-14962807 },
new int[] { 23152971,775386,27395463,14006635,-9701118,4649512,1689819,892185,-11513277,-15205948 }
base[3][7] = new ge_precomp(
new int[] { 9770129,9586738,26496094,4324120,1556511,-3550024,27453819,4763127,-19179614,5867134 },
new int[] { -32765025,1927590,31726409,-4753295,23962434,-16019500,27846559,5931263,-29749703,-16108455 },
new int[] { 27461885,-2977536,22380810,1815854,-23033753,-3031938,7283490,-15148073,-19526700,7734629 }
base[4][0] = new ge_precomp(
new int[] { -8010264,-9590817,-11120403,6196038,29344158,-13430885,7585295,-3176626,18549497,15302069 },
new int[] { -32658337,-6171222,-7672793,-11051681,6258878,13504381,10458790,-6418461,-8872242,8424746 },
new int[] { 24687205,8613276,-30667046,-3233545,1863892,-1830544,19206234,7134917,-11284482,-828919 }
base[4][1] = new ge_precomp(
new int[] { 11334899,-9218022,8025293,12707519,17523892,-10476071,10243738,-14685461,-5066034,16498837 },
new int[] { 8911542,6887158,-9584260,-6958590,11145641,-9543680,17303925,-14124238,6536641,10543906 },
new int[] { -28946384,15479763,-17466835,568876,-1497683,11223454,-2669190,-16625574,-27235709,8876771 }
base[4][2] = new ge_precomp(
new int[] { -25742899,-12566864,-15649966,-846607,-33026686,-796288,-33481822,15824474,-604426,-9039817 },
new int[] { 10330056,70051,7957388,-9002667,9764902,15609756,27698697,-4890037,1657394,3084098 },
new int[] { 10477963,-7470260,12119566,-13250805,29016247,-5365589,31280319,14396151,-30233575,15272409 }
base[4][3] = new ge_precomp(
new int[] { -12288309,3169463,28813183,16658753,25116432,-5630466,-25173957,-12636138,-25014757,1950504 },
new int[] { -26180358,9489187,11053416,-14746161,-31053720,5825630,-8384306,-8767532,15341279,8373727 },
new int[] { 28685821,7759505,-14378516,-12002860,-31971820,4079242,298136,-10232602,-2878207,15190420 }
base[4][4] = new ge_precomp(
new int[] { -32932876,13806336,-14337485,-15794431,-24004620,10940928,8669718,2742393,-26033313,-6875003 },
new int[] { -1580388,-11729417,-25979658,-11445023,-17411874,-10912854,9291594,-16247779,-12154742,6048605 },
new int[] { -30305315,14843444,1539301,11864366,20201677,1900163,13934231,5128323,11213262,9168384 }
base[4][5] = new ge_precomp(
new int[] { -26280513,11007847,19408960,-940758,-18592965,-4328580,-5088060,-11105150,20470157,-16398701 },
new int[] { -23136053,9282192,14855179,-15390078,-7362815,-14408560,-22783952,14461608,14042978,5230683 },
new int[] { 29969567,-2741594,-16711867,-8552442,9175486,-2468974,21556951,3506042,-5933891,-12449708 }
base[4][6] = new ge_precomp(
new int[] { -3144746,8744661,19704003,4581278,-20430686,6830683,-21284170,8971513,-28539189,15326563 },
new int[] { -19464629,10110288,-17262528,-3503892,-23500387,1355669,-15523050,15300988,-20514118,9168260 },
new int[] { -5353335,4488613,-23803248,16314347,7780487,-15638939,-28948358,9601605,33087103,-9011387 }
base[4][7] = new ge_precomp(
new int[] { -19443170,-15512900,-20797467,-12445323,-29824447,10229461,-27444329,-15000531,-5996870,15664672 },
new int[] { 23294591,-16632613,-22650781,-8470978,27844204,11461195,13099750,-2460356,18151676,13417686 },
new int[] { -24722913,-4176517,-31150679,5988919,-26858785,6685065,1661597,-12551441,15271676,-15452665 }
base[5][0] = new ge_precomp(
new int[] { 11433042,-13228665,8239631,-5279517,-1985436,-725718,-18698764,2167544,-6921301,-13440182 },
new int[] { -31436171,15575146,30436815,12192228,-22463353,9395379,-9917708,-8638997,12215110,12028277 },
new int[] { 14098400,6555944,23007258,5757252,-15427832,-12950502,30123440,4617780,-16900089,-655628 }
base[5][1] = new ge_precomp(
new int[] { -4026201,-15240835,11893168,13718664,-14809462,1847385,-15819999,10154009,23973261,-12684474 },
new int[] { -26531820,-3695990,-1908898,2534301,-31870557,-16550355,18341390,-11419951,32013174,-10103539 },
new int[] { -25479301,10876443,-11771086,-14625140,-12369567,1838104,21911214,6354752,4425632,-837822 }
base[5][2] = new ge_precomp(
new int[] { -10433389,-14612966,22229858,-3091047,-13191166,776729,-17415375,-12020462,4725005,14044970 },
new int[] { 19268650,-7304421,1555349,8692754,-21474059,-9910664,6347390,-1411784,-19522291,-16109756 },
new int[] { -24864089,12986008,-10898878,-5558584,-11312371,-148526,19541418,8180106,9282262,10282508 }
base[5][3] = new ge_precomp(
new int[] { -26205082,4428547,-8661196,-13194263,4098402,-14165257,15522535,8372215,5542595,-10702683 },
new int[] { -10562541,14895633,26814552,-16673850,-17480754,-2489360,-2781891,6993761,-18093885,10114655 },
new int[] { -20107055,-929418,31422704,10427861,-7110749,6150669,-29091755,-11529146,25953725,-106158 }
base[5][4] = new ge_precomp(
new int[] { -4234397,-8039292,-9119125,3046000,2101609,-12607294,19390020,6094296,-3315279,12831125 },
new int[] { -15998678,7578152,5310217,14408357,-33548620,-224739,31575954,6326196,7381791,-2421839 },
new int[] { -20902779,3296811,24736065,-16328389,18374254,7318640,6295303,8082724,-15362489,12339664 }
base[5][5] = new ge_precomp(
new int[] { 27724736,2291157,6088201,-14184798,1792727,5857634,13848414,15768922,25091167,14856294 },
new int[] { -18866652,8331043,24373479,8541013,-701998,-9269457,12927300,-12695493,-22182473,-9012899 },
new int[] { -11423429,-5421590,11632845,3405020,30536730,-11674039,-27260765,13866390,30146206,9142070 }
base[5][6] = new ge_precomp(
new int[] { 3924129,-15307516,-13817122,-10054960,12291820,-668366,-27702774,9326384,-8237858,4171294 },
new int[] { -15921940,16037937,6713787,16606682,-21612135,2790944,26396185,3731949,345228,-5462949 },
new int[] { -21327538,13448259,25284571,1143661,20614966,-8849387,2031539,-12391231,-16253183,-13582083 }
base[5][7] = new ge_precomp(
new int[] { 31016211,-16722429,26371392,-14451233,-5027349,14854137,17477601,3842657,28012650,-16405420 },
new int[] { -5075835,9368966,-8562079,-4600902,-15249953,6970560,-9189873,16292057,-8867157,3507940 },
new int[] { 29439664,3537914,23333589,6997794,-17555561,-11018068,-15209202,-15051267,-9164929,6580396 }
base[6][0] = new ge_precomp(
new int[] { -12185861,-7679788,16438269,10826160,-8696817,-6235611,17860444,-9273846,-2095802,9304567 },
new int[] { 20714564,-4336911,29088195,7406487,11426967,-5095705,14792667,-14608617,5289421,-477127 },
new int[] { -16665533,-10650790,-6160345,-13305760,9192020,-1802462,17271490,12349094,26939669,-3752294 }
base[6][1] = new ge_precomp(
new int[] { -12889898,9373458,31595848,16374215,21471720,13221525,-27283495,-12348559,-3698806,117887 },
new int[] { 22263325,-6560050,3984570,-11174646,-15114008,-566785,28311253,5358056,-23319780,541964 },
new int[] { 16259219,3261970,2309254,-15534474,-16885711,-4581916,24134070,-16705829,-13337066,-13552195 }
base[6][2] = new ge_precomp(
new int[] { 9378160,-13140186,-22845982,-12745264,28198281,-7244098,-2399684,-717351,690426,14876244 },
new int[] { 24977353,-314384,-8223969,-13465086,28432343,-1176353,-13068804,-12297348,-22380984,6618999 },
new int[] { -1538174,11685646,12944378,13682314,-24389511,-14413193,8044829,-13817328,32239829,-5652762 }
base[6][3] = new ge_precomp(
new int[] { -18603066,4762990,-926250,8885304,-28412480,-3187315,9781647,-10350059,32779359,5095274 },
new int[] { -33008130,-5214506,-32264887,-3685216,9460461,-9327423,-24601656,14506724,21639561,-2630236 },
new int[] { -16400943,-13112215,25239338,15531969,3987758,-4499318,-1289502,-6863535,17874574,558605 }
base[6][4] = new ge_precomp(
new int[] { -13600129,10240081,9171883,16131053,-20869254,9599700,33499487,5080151,2085892,5119761 },
new int[] { -22205145,-2519528,-16381601,414691,-25019550,2170430,30634760,-8363614,-31999993,-5759884 },
new int[] { -6845704,15791202,8550074,-1312654,29928809,-12092256,27534430,-7192145,-22351378,12961482 }
base[6][5] = new ge_precomp(
new int[] { -24492060,-9570771,10368194,11582341,-23397293,-2245287,16533930,8206996,-30194652,-5159638 },
new int[] { -11121496,-3382234,2307366,6362031,-135455,8868177,-16835630,7031275,7589640,8945490 },
new int[] { -32152748,8917967,6661220,-11677616,-1192060,-15793393,7251489,-11182180,24099109,-14456170 }
base[6][6] = new ge_precomp(
new int[] { 5019558,-7907470,4244127,-14714356,-26933272,6453165,-19118182,-13289025,-6231896,-10280736 },
new int[] { 10853594,10721687,26480089,5861829,-22995819,1972175,-1866647,-10557898,-3363451,-6441124 },
new int[] { -17002408,5906790,221599,-6563147,7828208,-13248918,24362661,-2008168,-13866408,7421392 }
base[6][7] = new ge_precomp(
new int[] { 8139927,-6546497,32257646,-5890546,30375719,1886181,-21175108,15441252,28826358,-4123029 },
new int[] { 6267086,9695052,7709135,-16603597,-32869068,-1886135,14795160,-7840124,13746021,-1742048 },
new int[] { 28584902,7787108,-6732942,-15050729,22846041,-7571236,-3181936,-363524,4771362,-8419958 }
base[7][0] = new ge_precomp(
new int[] { 24949256,6376279,-27466481,-8174608,-18646154,-9930606,33543569,-12141695,3569627,11342593 },
new int[] { 26514989,4740088,27912651,3697550,19331575,-11472339,6809886,4608608,7325975,-14801071 },
new int[] { -11618399,-14554430,-24321212,7655128,-1369274,5214312,-27400540,10258390,-17646694,-8186692 }
base[7][1] = new ge_precomp(
new int[] { 11431204,15823007,26570245,14329124,18029990,4796082,-31446179,15580664,9280358,-3973687 },
new int[] { -160783,-10326257,-22855316,-4304997,-20861367,-13621002,-32810901,-11181622,-15545091,4387441 },
new int[] { -20799378,12194512,3937617,-5805892,-27154820,9340370,-24513992,8548137,20617071,-7482001 }
base[7][2] = new ge_precomp(
new int[] { -938825,-3930586,-8714311,16124718,24603125,-6225393,-13775352,-11875822,24345683,10325460 },
new int[] { -19855277,-1568885,-22202708,8714034,14007766,6928528,16318175,-1010689,4766743,3552007 },
new int[] { -21751364,-16730916,1351763,-803421,-4009670,3950935,3217514,14481909,10988822,-3994762 }
base[7][3] = new ge_precomp(
new int[] { 15564307,-14311570,3101243,5684148,30446780,-8051356,12677127,-6505343,-8295852,13296005 },
new int[] { -9442290,6624296,-30298964,-11913677,-4670981,-2057379,31521204,9614054,-30000824,12074674 },
new int[] { 4771191,-135239,14290749,-13089852,27992298,14998318,-1413936,-1556716,29832613,-16391035 }
base[7][4] = new ge_precomp(
new int[] { 7064884,-7541174,-19161962,-5067537,-18891269,-2912736,25825242,5293297,-27122660,13101590 },
new int[] { -2298563,2439670,-7466610,1719965,-27267541,-16328445,32512469,-5317593,-30356070,-4190957 },
new int[] { -30006540,10162316,-33180176,3981723,-16482138,-13070044,14413974,9515896,19568978,9628812 }
base[7][5] = new ge_precomp(
new int[] { 33053803,199357,15894591,1583059,27380243,-4580435,-17838894,-6106839,-6291786,3437740 },
new int[] { -18978877,3884493,19469877,12726490,15913552,13614290,-22961733,70104,7463304,4176122 },
new int[] { -27124001,10659917,11482427,-16070381,12771467,-6635117,-32719404,-5322751,24216882,5944158 }
base[7][6] = new ge_precomp(
new int[] { 8894125,7450974,-2664149,-9765752,-28080517,-12389115,19345746,14680796,11632993,5847885 },
new int[] { 26942781,-2315317,9129564,-4906607,26024105,11769399,-11518837,6367194,-9727230,4782140 },
new int[] { 19916461,-4828410,-22910704,-11414391,25606324,-5972441,33253853,8220911,6358847,-1873857 }
base[7][7] = new ge_precomp(
new int[] { 801428,-2081702,16569428,11065167,29875704,96627,7908388,-4480480,-13538503,1387155 },
new int[] { 19646058,5720633,-11416706,12814209,11607948,12749789,14147075,15156355,-21866831,11835260 },
new int[] { 19299512,1155910,28703737,14890794,2925026,7269399,26121523,15467869,-26560550,5052483 }
@ -0,0 +1,332 @@
package org.whispersystems.curve25519.java;
public class ge_precomp_base_16_23 {
/* base[i][j] = (j+1)*256^i*B */
static ge_precomp base[][];
static {
//CONVERT #include "base.h"
base = new ge_precomp[32][8];
base[16][0] = new ge_precomp(
new int[] { 11374242,12660715,17861383,-12540833,10935568,1099227,-13886076,-9091740,-27727044,11358504 },
new int[] { -12730809,10311867,1510375,10778093,-2119455,-9145702,32676003,11149336,-26123651,4985768 },
new int[] { -19096303,341147,-6197485,-239033,15756973,-8796662,-983043,13794114,-19414307,-15621255 }
base[16][1] = new ge_precomp(
new int[] { 6490081,11940286,25495923,-7726360,8668373,-8751316,3367603,6970005,-1691065,-9004790 },
new int[] { 1656497,13457317,15370807,6364910,13605745,8362338,-19174622,-5475723,-16796596,-5031438 },
new int[] { -22273315,-13524424,-64685,-4334223,-18605636,-10921968,-20571065,-7007978,-99853,-10237333 }
base[16][2] = new ge_precomp(
new int[] { 17747465,10039260,19368299,-4050591,-20630635,-16041286,31992683,-15857976,-29260363,-5511971 },
new int[] { 31932027,-4986141,-19612382,16366580,22023614,88450,11371999,-3744247,4882242,-10626905 },
new int[] { 29796507,37186,19818052,10115756,-11829032,3352736,18551198,3272828,-5190932,-4162409 }
base[16][3] = new ge_precomp(
new int[] { 12501286,4044383,-8612957,-13392385,-32430052,5136599,-19230378,-3529697,330070,-3659409 },
new int[] { 6384877,2899513,17807477,7663917,-2358888,12363165,25366522,-8573892,-271295,12071499 },
new int[] { -8365515,-4042521,25133448,-4517355,-6211027,2265927,-32769618,1936675,-5159697,3829363 }
base[16][4] = new ge_precomp(
new int[] { 28425966,-5835433,-577090,-4697198,-14217555,6870930,7921550,-6567787,26333140,14267664 },
new int[] { -11067219,11871231,27385719,-10559544,-4585914,-11189312,10004786,-8709488,-21761224,8930324 },
new int[] { -21197785,-16396035,25654216,-1725397,12282012,11008919,1541940,4757911,-26491501,-16408940 }
base[16][5] = new ge_precomp(
new int[] { 13537262,-7759490,-20604840,10961927,-5922820,-13218065,-13156584,6217254,-15943699,13814990 },
new int[] { -17422573,15157790,18705543,29619,24409717,-260476,27361681,9257833,-1956526,-1776914 },
new int[] { -25045300,-10191966,15366585,15166509,-13105086,8423556,-29171540,12361135,-18685978,4578290 }
base[16][6] = new ge_precomp(
new int[] { 24579768,3711570,1342322,-11180126,-27005135,14124956,-22544529,14074919,21964432,8235257 },
new int[] { -6528613,-2411497,9442966,-5925588,12025640,-1487420,-2981514,-1669206,13006806,2355433 },
new int[] { -16304899,-13605259,-6632427,-5142349,16974359,-10911083,27202044,1719366,1141648,-12796236 }
base[16][7] = new ge_precomp(
new int[] { -12863944,-13219986,-8318266,-11018091,-6810145,-4843894,13475066,-3133972,32674895,13715045 },
new int[] { 11423335,-5468059,32344216,8962751,24989809,9241752,-13265253,16086212,-28740881,-15642093 },
new int[] { -1409668,12530728,-6368726,10847387,19531186,-14132160,-11709148,7791794,-27245943,4383347 }
base[17][0] = new ge_precomp(
new int[] { -28970898,5271447,-1266009,-9736989,-12455236,16732599,-4862407,-4906449,27193557,6245191 },
new int[] { -15193956,5362278,-1783893,2695834,4960227,12840725,23061898,3260492,22510453,8577507 },
new int[] { -12632451,11257346,-32692994,13548177,-721004,10879011,31168030,13952092,-29571492,-3635906 }
base[17][1] = new ge_precomp(
new int[] { 3877321,-9572739,32416692,5405324,-11004407,-13656635,3759769,11935320,5611860,8164018 },
new int[] { -16275802,14667797,15906460,12155291,-22111149,-9039718,32003002,-8832289,5773085,-8422109 },
new int[] { -23788118,-8254300,1950875,8937633,18686727,16459170,-905725,12376320,31632953,190926 }
base[17][2] = new ge_precomp(
new int[] { -24593607,-16138885,-8423991,13378746,14162407,6901328,-8288749,4508564,-25341555,-3627528 },
new int[] { 8884438,-5884009,6023974,10104341,-6881569,-4941533,18722941,-14786005,-1672488,827625 },
new int[] { -32720583,-16289296,-32503547,7101210,13354605,2659080,-1800575,-14108036,-24878478,1541286 }
base[17][3] = new ge_precomp(
new int[] { 2901347,-1117687,3880376,-10059388,-17620940,-3612781,-21802117,-3567481,20456845,-1885033 },
new int[] { 27019610,12299467,-13658288,-1603234,-12861660,-4861471,-19540150,-5016058,29439641,15138866 },
new int[] { 21536104,-6626420,-32447818,-10690208,-22408077,5175814,-5420040,-16361163,7779328,109896 }
base[17][4] = new ge_precomp(
new int[] { 30279744,14648750,-8044871,6425558,13639621,-743509,28698390,12180118,23177719,-554075 },
new int[] { 26572847,3405927,-31701700,12890905,-19265668,5335866,-6493768,2378492,4439158,-13279347 },
new int[] { -22716706,3489070,-9225266,-332753,18875722,-1140095,14819434,-12731527,-17717757,-5461437 }
base[17][5] = new ge_precomp(
new int[] { -5056483,16566551,15953661,3767752,-10436499,15627060,-820954,2177225,8550082,-15114165 },
new int[] { -18473302,16596775,-381660,15663611,22860960,15585581,-27844109,-3582739,-23260460,-8428588 },
new int[] { -32480551,15707275,-8205912,-5652081,29464558,2713815,-22725137,15860482,-21902570,1494193 }
base[17][6] = new ge_precomp(
new int[] { -19562091,-14087393,-25583872,-9299552,13127842,759709,21923482,16529112,8742704,12967017 },
new int[] { -28464899,1553205,32536856,-10473729,-24691605,-406174,-8914625,-2933896,-29903758,15553883 },
new int[] { 21877909,3230008,9881174,10539357,-4797115,2841332,11543572,14513274,19375923,-12647961 }
base[17][7] = new ge_precomp(
new int[] { 8832269,-14495485,13253511,5137575,5037871,4078777,24880818,-6222716,2862653,9455043 },
new int[] { 29306751,5123106,20245049,-14149889,9592566,8447059,-2077124,-2990080,15511449,4789663 },
new int[] { -20679756,7004547,8824831,-9434977,-4045704,-3750736,-5754762,108893,23513200,16652362 }
base[18][0] = new ge_precomp(
new int[] { -33256173,4144782,-4476029,-6579123,10770039,-7155542,-6650416,-12936300,-18319198,10212860 },
new int[] { 2756081,8598110,7383731,-6859892,22312759,-1105012,21179801,2600940,-9988298,-12506466 },
new int[] { -24645692,13317462,-30449259,-15653928,21365574,-10869657,11344424,864440,-2499677,-16710063 }
base[18][1] = new ge_precomp(
new int[] { -26432803,6148329,-17184412,-14474154,18782929,-275997,-22561534,211300,2719757,4940997 },
new int[] { -1323882,3911313,-6948744,14759765,-30027150,7851207,21690126,8518463,26699843,5276295 },
new int[] { -13149873,-6429067,9396249,365013,24703301,-10488939,1321586,149635,-15452774,7159369 }
base[18][2] = new ge_precomp(
new int[] { 9987780,-3404759,17507962,9505530,9731535,-2165514,22356009,8312176,22477218,-8403385 },
new int[] { 18155857,-16504990,19744716,9006923,15154154,-10538976,24256460,-4864995,-22548173,9334109 },
new int[] { 2986088,-4911893,10776628,-3473844,10620590,-7083203,-21413845,14253545,-22587149,536906 }
base[18][3] = new ge_precomp(
new int[] { 4377756,8115836,24567078,15495314,11625074,13064599,7390551,10589625,10838060,-15420424 },
new int[] { -19342404,867880,9277171,-3218459,-14431572,-1986443,19295826,-15796950,6378260,699185 },
new int[] { 7895026,4057113,-7081772,-13077756,-17886831,-323126,-716039,15693155,-5045064,-13373962 }
base[18][4] = new ge_precomp(
new int[] { -7737563,-5869402,-14566319,-7406919,11385654,13201616,31730678,-10962840,-3918636,-9669325 },
new int[] { 10188286,-15770834,-7336361,13427543,22223443,14896287,30743455,7116568,-21786507,5427593 },
new int[] { 696102,13206899,27047647,-10632082,15285305,-9853179,10798490,-4578720,19236243,12477404 }
base[18][5] = new ge_precomp(
new int[] { -11229439,11243796,-17054270,-8040865,-788228,-8167967,-3897669,11180504,-23169516,7733644 },
new int[] { 17800790,-14036179,-27000429,-11766671,23887827,3149671,23466177,-10538171,10322027,15313801 },
new int[] { 26246234,11968874,32263343,-5468728,6830755,-13323031,-15794704,-101982,-24449242,10890804 }
base[18][6] = new ge_precomp(
new int[] { -31365647,10271363,-12660625,-6267268,16690207,-13062544,-14982212,16484931,25180797,-5334884 },
new int[] { -586574,10376444,-32586414,-11286356,19801893,10997610,2276632,9482883,316878,13820577 },
new int[] { -9882808,-4510367,-2115506,16457136,-11100081,11674996,30756178,-7515054,30696930,-3712849 }
base[18][7] = new ge_precomp(
new int[] { 32988917,-9603412,12499366,7910787,-10617257,-11931514,-7342816,-9985397,-32349517,7392473 },
new int[] { -8855661,15927861,9866406,-3649411,-2396914,-16655781,-30409476,-9134995,25112947,-2926644 },
new int[] { -2504044,-436966,25621774,-5678772,15085042,-5479877,-24884878,-13526194,5537438,-13914319 }
base[19][0] = new ge_precomp(
new int[] { -11225584,2320285,-9584280,10149187,-33444663,5808648,-14876251,-1729667,31234590,6090599 },
new int[] { -9633316,116426,26083934,2897444,-6364437,-2688086,609721,15878753,-6970405,-9034768 },
new int[] { -27757857,247744,-15194774,-9002551,23288161,-10011936,-23869595,6503646,20650474,1804084 }
base[19][1] = new ge_precomp(
new int[] { -27589786,15456424,8972517,8469608,15640622,4439847,3121995,-10329713,27842616,-202328 },
new int[] { -15306973,2839644,22530074,10026331,4602058,5048462,28248656,5031932,-11375082,12714369 },
new int[] { 20807691,-7270825,29286141,11421711,-27876523,-13868230,-21227475,1035546,-19733229,12796920 }
base[19][2] = new ge_precomp(
new int[] { 12076899,-14301286,-8785001,-11848922,-25012791,16400684,-17591495,-12899438,3480665,-15182815 },
new int[] { -32361549,5457597,28548107,7833186,7303070,-11953545,-24363064,-15921875,-33374054,2771025 },
new int[] { -21389266,421932,26597266,6860826,22486084,-6737172,-17137485,-4210226,-24552282,15673397 }
base[19][3] = new ge_precomp(
new int[] { -20184622,2338216,19788685,-9620956,-4001265,-8740893,-20271184,4733254,3727144,-12934448 },
new int[] { 6120119,814863,-11794402,-622716,6812205,-15747771,2019594,7975683,31123697,-10958981 },
new int[] { 30069250,-11435332,30434654,2958439,18399564,-976289,12296869,9204260,-16432438,9648165 }
base[19][4] = new ge_precomp(
new int[] { 32705432,-1550977,30705658,7451065,-11805606,9631813,3305266,5248604,-26008332,-11377501 },
new int[] { 17219865,2375039,-31570947,-5575615,-19459679,9219903,294711,15298639,2662509,-16297073 },
new int[] { -1172927,-7558695,-4366770,-4287744,-21346413,-8434326,32087529,-1222777,32247248,-14389861 }
base[19][5] = new ge_precomp(
new int[] { 14312628,1221556,17395390,-8700143,-4945741,-8684635,-28197744,-9637817,-16027623,-13378845 },
new int[] { -1428825,-9678990,-9235681,6549687,-7383069,-468664,23046502,9803137,17597934,2346211 },
new int[] { 18510800,15337574,26171504,981392,-22241552,7827556,-23491134,-11323352,3059833,-11782870 }
base[19][6] = new ge_precomp(
new int[] { 10141598,6082907,17829293,-1947643,9830092,13613136,-25556636,-5544586,-33502212,3592096 },
new int[] { 33114168,-15889352,-26525686,-13343397,33076705,8716171,1151462,1521897,-982665,-6837803 },
new int[] { -32939165,-4255815,23947181,-324178,-33072974,-12305637,-16637686,3891704,26353178,693168 }
base[19][7] = new ge_precomp(
new int[] { 30374239,1595580,-16884039,13186931,4600344,406904,9585294,-400668,31375464,14369965 },
new int[] { -14370654,-7772529,1510301,6434173,-18784789,-6262728,32732230,-13108839,17901441,16011505 },
new int[] { 18171223,-11934626,-12500402,15197122,-11038147,-15230035,-19172240,-16046376,8764035,12309598 }
base[20][0] = new ge_precomp(
new int[] { 5975908,-5243188,-19459362,-9681747,-11541277,14015782,-23665757,1228319,17544096,-10593782 },
new int[] { 5811932,-1715293,3442887,-2269310,-18367348,-8359541,-18044043,-15410127,-5565381,12348900 },
new int[] { -31399660,11407555,25755363,6891399,-3256938,14872274,-24849353,8141295,-10632534,-585479 }
base[20][1] = new ge_precomp(
new int[] { -12675304,694026,-5076145,13300344,14015258,-14451394,-9698672,-11329050,30944593,1130208 },
new int[] { 8247766,-6710942,-26562381,-7709309,-14401939,-14648910,4652152,2488540,23550156,-271232 },
new int[] { 17294316,-3788438,7026748,15626851,22990044,113481,2267737,-5908146,-408818,-137719 }
base[20][2] = new ge_precomp(
new int[] { 16091085,-16253926,18599252,7340678,2137637,-1221657,-3364161,14550936,3260525,-7166271 },
new int[] { -4910104,-13332887,18550887,10864893,-16459325,-7291596,-23028869,-13204905,-12748722,2701326 },
new int[] { -8574695,16099415,4629974,-16340524,-20786213,-6005432,-10018363,9276971,11329923,1862132 }
base[20][3] = new ge_precomp(
new int[] { 14763076,-15903608,-30918270,3689867,3511892,10313526,-21951088,12219231,-9037963,-940300 },
new int[] { 8894987,-3446094,6150753,3013931,301220,15693451,-31981216,-2909717,-15438168,11595570 },
new int[] { 15214962,3537601,-26238722,-14058872,4418657,-15230761,13947276,10730794,-13489462,-4363670 }
base[20][4] = new ge_precomp(
new int[] { -2538306,7682793,32759013,263109,-29984731,-7955452,-22332124,-10188635,977108,699994 },
new int[] { -12466472,4195084,-9211532,550904,-15565337,12917920,19118110,-439841,-30534533,-14337913 },
new int[] { 31788461,-14507657,4799989,7372237,8808585,-14747943,9408237,-10051775,12493932,-5409317 }
base[20][5] = new ge_precomp(
new int[] { -25680606,5260744,-19235809,-6284470,-3695942,16566087,27218280,2607121,29375955,6024730 },
new int[] { 842132,-2794693,-4763381,-8722815,26332018,-12405641,11831880,6985184,-9940361,2854096 },
new int[] { -4847262,-7969331,2516242,-5847713,9695691,-7221186,16512645,960770,12121869,16648078 }
base[20][6] = new ge_precomp(
new int[] { -15218652,14667096,-13336229,2013717,30598287,-464137,-31504922,-7882064,20237806,2838411 },
new int[] { -19288047,4453152,15298546,-16178388,22115043,-15972604,12544294,-13470457,1068881,-12499905 },
new int[] { -9558883,-16518835,33238498,13506958,30505848,-1114596,-8486907,-2630053,12521378,4845654 }
base[20][7] = new ge_precomp(
new int[] { -28198521,10744108,-2958380,10199664,7759311,-13088600,3409348,-873400,-6482306,-12885870 },
new int[] { -23561822,6230156,-20382013,10655314,-24040585,-11621172,10477734,-1240216,-3113227,13974498 },
new int[] { 12966261,15550616,-32038948,-1615346,21025980,-629444,5642325,7188737,18895762,12629579 }
base[21][0] = new ge_precomp(
new int[] { 14741879,-14946887,22177208,-11721237,1279741,8058600,11758140,789443,32195181,3895677 },
new int[] { 10758205,15755439,-4509950,9243698,-4879422,6879879,-2204575,-3566119,-8982069,4429647 },
new int[] { -2453894,15725973,-20436342,-10410672,-5803908,-11040220,-7135870,-11642895,18047436,-15281743 }
base[21][1] = new ge_precomp(
new int[] { -25173001,-11307165,29759956,11776784,-22262383,-15820455,10993114,-12850837,-17620701,-9408468 },
new int[] { 21987233,700364,-24505048,14972008,-7774265,-5718395,32155026,2581431,-29958985,8773375 },
new int[] { -25568350,454463,-13211935,16126715,25240068,8594567,20656846,12017935,-7874389,-13920155 }
base[21][2] = new ge_precomp(
new int[] { 6028182,6263078,-31011806,-11301710,-818919,2461772,-31841174,-5468042,-1721788,-2776725 },
new int[] { -12278994,16624277,987579,-5922598,32908203,1248608,7719845,-4166698,28408820,6816612 },
new int[] { -10358094,-8237829,19549651,-12169222,22082623,16147817,20613181,13982702,-10339570,5067943 }
base[21][3] = new ge_precomp(
new int[] { -30505967,-3821767,12074681,13582412,-19877972,2443951,-19719286,12746132,5331210,-10105944 },
new int[] { 30528811,3601899,-1957090,4619785,-27361822,-15436388,24180793,-12570394,27679908,-1648928 },
new int[] { 9402404,-13957065,32834043,10838634,-26580150,-13237195,26653274,-8685565,22611444,-12715406 }
base[21][4] = new ge_precomp(
new int[] { 22190590,1118029,22736441,15130463,-30460692,-5991321,19189625,-4648942,4854859,6622139 },
new int[] { -8310738,-2953450,-8262579,-3388049,-10401731,-271929,13424426,-3567227,26404409,13001963 },
new int[] { -31241838,-15415700,-2994250,8939346,11562230,-12840670,-26064365,-11621720,-15405155,11020693 }
base[21][5] = new ge_precomp(
new int[] { 1866042,-7949489,-7898649,-10301010,12483315,13477547,3175636,-12424163,28761762,1406734 },
new int[] { -448555,-1777666,13018551,3194501,-9580420,-11161737,24760585,-4347088,25577411,-13378680 },
new int[] { -24290378,4759345,-690653,-1852816,2066747,10693769,-29595790,9884936,-9368926,4745410 }
base[21][6] = new ge_precomp(
new int[] { -9141284,6049714,-19531061,-4341411,-31260798,9944276,-15462008,-11311852,10931924,-11931931 },
new int[] { -16561513,14112680,-8012645,4817318,-8040464,-11414606,-22853429,10856641,-20470770,13434654 },
new int[] { 22759489,-10073434,-16766264,-1871422,13637442,-10168091,1765144,-12654326,28445307,-5364710 }
base[21][7] = new ge_precomp(
new int[] { 29875063,12493613,2795536,-3786330,1710620,15181182,-10195717,-8788675,9074234,1167180 },
new int[] { -26205683,11014233,-9842651,-2635485,-26908120,7532294,-18716888,-9535498,3843903,9367684 },
new int[] { -10969595,-6403711,9591134,9582310,11349256,108879,16235123,8601684,-139197,4242895 }
base[22][0] = new ge_precomp(
new int[] { 22092954,-13191123,-2042793,-11968512,32186753,-11517388,-6574341,2470660,-27417366,16625501 },
new int[] { -11057722,3042016,13770083,-9257922,584236,-544855,-7770857,2602725,-27351616,14247413 },
new int[] { 6314175,-10264892,-32772502,15957557,-10157730,168750,-8618807,14290061,27108877,-1180880 }
base[22][1] = new ge_precomp(
new int[] { -8586597,-7170966,13241782,10960156,-32991015,-13794596,33547976,-11058889,-27148451,981874 },
new int[] { 22833440,9293594,-32649448,-13618667,-9136966,14756819,-22928859,-13970780,-10479804,-16197962 },
new int[] { -7768587,3326786,-28111797,10783824,19178761,14905060,22680049,13906969,-15933690,3797899 }
base[22][2] = new ge_precomp(
new int[] { 21721356,-4212746,-12206123,9310182,-3882239,-13653110,23740224,-2709232,20491983,-8042152 },
new int[] { 9209270,-15135055,-13256557,-6167798,-731016,15289673,25947805,15286587,30997318,-6703063 },
new int[] { 7392032,16618386,23946583,-8039892,-13265164,-1533858,-14197445,-2321576,17649998,-250080 }
base[22][3] = new ge_precomp(
new int[] { -9301088,-14193827,30609526,-3049543,-25175069,-1283752,-15241566,-9525724,-2233253,7662146 },
new int[] { -17558673,1763594,-33114336,15908610,-30040870,-12174295,7335080,-8472199,-3174674,3440183 },
new int[] { -19889700,-5977008,-24111293,-9688870,10799743,-16571957,40450,-4431835,4862400,1133 }
base[22][4] = new ge_precomp(
new int[] { -32856209,-7873957,-5422389,14860950,-16319031,7956142,7258061,311861,-30594991,-7379421 },
new int[] { -3773428,-1565936,28985340,7499440,24445838,9325937,29727763,16527196,18278453,15405622 },
new int[] { -4381906,8508652,-19898366,-3674424,-5984453,15149970,-13313598,843523,-21875062,13626197 }
base[22][5] = new ge_precomp(
new int[] { 2281448,-13487055,-10915418,-2609910,1879358,16164207,-10783882,3953792,13340839,15928663 },
new int[] { 31727126,-7179855,-18437503,-8283652,2875793,-16390330,-25269894,-7014826,-23452306,5964753 },
new int[] { 4100420,-5959452,-17179337,6017714,-18705837,12227141,-26684835,11344144,2538215,-7570755 }
base[22][6] = new ge_precomp(
new int[] { -9433605,6123113,11159803,-2156608,30016280,14966241,-20474983,1485421,-629256,-15958862 },
new int[] { -26804558,4260919,11851389,9658551,-32017107,16367492,-20205425,-13191288,11659922,-11115118 },
new int[] { 26180396,10015009,-30844224,-8581293,5418197,9480663,2231568,-10170080,33100372,-1306171 }
base[22][7] = new ge_precomp(
new int[] { 15121113,-5201871,-10389905,15427821,-27509937,-15992507,21670947,4486675,-5931810,-14466380 },
new int[] { 16166486,-9483733,-11104130,6023908,-31926798,-1364923,2340060,-16254968,-10735770,-10039824 },
new int[] { 28042865,-3557089,-12126526,12259706,-3717498,-6945899,6766453,-8689599,18036436,5803270 }
base[23][0] = new ge_precomp(
new int[] { -817581,6763912,11803561,1585585,10958447,-2671165,23855391,4598332,-6159431,-14117438 },
new int[] { -31031306,-14256194,17332029,-2383520,31312682,-5967183,696309,50292,-20095739,11763584 },
new int[] { -594563,-2514283,-32234153,12643980,12650761,14811489,665117,-12613632,-19773211,-10713562 }
base[23][1] = new ge_precomp(
new int[] { 30464590,-11262872,-4127476,-12734478,19835327,-7105613,-24396175,2075773,-17020157,992471 },
new int[] { 18357185,-6994433,7766382,16342475,-29324918,411174,14578841,8080033,-11574335,-10601610 },
new int[] { 19598397,10334610,12555054,2555664,18821899,-10339780,21873263,16014234,26224780,16452269 }
base[23][2] = new ge_precomp(
new int[] { -30223925,5145196,5944548,16385966,3976735,2009897,-11377804,-7618186,-20533829,3698650 },
new int[] { 14187449,3448569,-10636236,-10810935,-22663880,-3433596,7268410,-10890444,27394301,12015369 },
new int[] { 19695761,16087646,28032085,12999827,6817792,11427614,20244189,-1312777,-13259127,-3402461 }
base[23][3] = new ge_precomp(
new int[] { 30860103,12735208,-1888245,-4699734,-16974906,2256940,-8166013,12298312,-8550524,-10393462 },
new int[] { -5719826,-11245325,-1910649,15569035,26642876,-7587760,-5789354,-15118654,-4976164,12651793 },
new int[] { -2848395,9953421,11531313,-5282879,26895123,-12697089,-13118820,-16517902,9768698,-2533218 }
base[23][4] = new ge_precomp(
new int[] { -24719459,1894651,-287698,-4704085,15348719,-8156530,32767513,12765450,4940095,10678226 },
new int[] { 18860224,15980149,-18987240,-1562570,-26233012,-11071856,-7843882,13944024,-24372348,16582019 },
new int[] { -15504260,4970268,-29893044,4175593,-20993212,-2199756,-11704054,15444560,-11003761,7989037 }
base[23][5] = new ge_precomp(
new int[] { 31490452,5568061,-2412803,2182383,-32336847,4531686,-32078269,6200206,-19686113,-14800171 },
new int[] { -17308668,-15879940,-31522777,-2831,-32887382,16375549,8680158,-16371713,28550068,-6857132 },
new int[] { -28126887,-5688091,16837845,-1820458,-6850681,12700016,-30039981,4364038,1155602,5988841 }
base[23][6] = new ge_precomp(
new int[] { 21890435,-13272907,-12624011,12154349,-7831873,15300496,23148983,-4470481,24618407,8283181 },
new int[] { -33136107,-10512751,9975416,6841041,-31559793,16356536,3070187,-7025928,1466169,10740210 },
new int[] { -1509399,-15488185,-13503385,-10655916,32799044,909394,-13938903,-5779719,-32164649,-15327040 }
base[23][7] = new ge_precomp(
new int[] { 3960823,-14267803,-28026090,-15918051,-19404858,13146868,15567327,951507,-3260321,-573935 },
new int[] { 24740841,5052253,-30094131,8961361,25877428,6165135,-24368180,14397372,-7380369,-6144105 },
new int[] { -28888365,3510803,-28103278,-1158478,-11238128,-10631454,-15441463,-14453128,-1625486,-6494814 }
@ -0,0 +1,332 @@
package org.whispersystems.curve25519.java;
public class ge_precomp_base_24_31 {
/* base[i][j] = (j+1)*256^i*B */
static ge_precomp base[][];
static {
//CONVERT #include "base.h"
base = new ge_precomp[32][8];
base[24][0] = new ge_precomp(
new int[] { 793299,-9230478,8836302,-6235707,-27360908,-2369593,33152843,-4885251,-9906200,-621852 },
new int[] { 5666233,525582,20782575,-8038419,-24538499,14657740,16099374,1468826,-6171428,-15186581 },
new int[] { -4859255,-3779343,-2917758,-6748019,7778750,11688288,-30404353,-9871238,-1558923,-9863646 }
base[24][1] = new ge_precomp(
new int[] { 10896332,-7719704,824275,472601,-19460308,3009587,25248958,14783338,-30581476,-15757844 },
new int[] { 10566929,12612572,-31944212,11118703,-12633376,12362879,21752402,8822496,24003793,14264025 },
new int[] { 27713862,-7355973,-11008240,9227530,27050101,2504721,23886875,-13117525,13958495,-5732453 }
base[24][2] = new ge_precomp(
new int[] { -23481610,4867226,-27247128,3900521,29838369,-8212291,-31889399,-10041781,7340521,-15410068 },
new int[] { 4646514,-8011124,-22766023,-11532654,23184553,8566613,31366726,-1381061,-15066784,-10375192 },
new int[] { -17270517,12723032,-16993061,14878794,21619651,-6197576,27584817,3093888,-8843694,3849921 }
base[24][3] = new ge_precomp(
new int[] { -9064912,2103172,25561640,-15125738,-5239824,9582958,32477045,-9017955,5002294,-15550259 },
new int[] { -12057553,-11177906,21115585,-13365155,8808712,-12030708,16489530,13378448,-25845716,12741426 },
new int[] { -5946367,10645103,-30911586,15390284,-3286982,-7118677,24306472,15852464,28834118,-7646072 }
base[24][4] = new ge_precomp(
new int[] { -17335748,-9107057,-24531279,9434953,-8472084,-583362,-13090771,455841,20461858,5491305 },
new int[] { 13669248,-16095482,-12481974,-10203039,-14569770,-11893198,-24995986,11293807,-28588204,-9421832 },
new int[] { 28497928,6272777,-33022994,14470570,8906179,-1225630,18504674,-14165166,29867745,-8795943 }
base[24][5] = new ge_precomp(
new int[] { -16207023,13517196,-27799630,-13697798,24009064,-6373891,-6367600,-13175392,22853429,-4012011 },
new int[] { 24191378,16712145,-13931797,15217831,14542237,1646131,18603514,-11037887,12876623,-2112447 },
new int[] { 17902668,4518229,-411702,-2829247,26878217,5258055,-12860753,608397,16031844,3723494 }
base[24][6] = new ge_precomp(
new int[] { -28632773,12763728,-20446446,7577504,33001348,-13017745,17558842,-7872890,23896954,-4314245 },
new int[] { -20005381,-12011952,31520464,605201,2543521,5991821,-2945064,7229064,-9919646,-8826859 },
new int[] { 28816045,298879,-28165016,-15920938,19000928,-1665890,-12680833,-2949325,-18051778,-2082915 }
base[24][7] = new ge_precomp(
new int[] { 16000882,-344896,3493092,-11447198,-29504595,-13159789,12577740,16041268,-19715240,7847707 },
new int[] { 10151868,10572098,27312476,7922682,14825339,4723128,-32855931,-6519018,-10020567,3852848 },
new int[] { -11430470,15697596,-21121557,-4420647,5386314,15063598,16514493,-15932110,29330899,-15076224 }
base[25][0] = new ge_precomp(
new int[] { -25499735,-4378794,-15222908,-6901211,16615731,2051784,3303702,15490,-27548796,12314391 },
new int[] { 15683520,-6003043,18109120,-9980648,15337968,-5997823,-16717435,15921866,16103996,-3731215 },
new int[] { -23169824,-10781249,13588192,-1628807,-3798557,-1074929,-19273607,5402699,-29815713,-9841101 }
base[25][1] = new ge_precomp(
new int[] { 23190676,2384583,-32714340,3462154,-29903655,-1529132,-11266856,8911517,-25205859,2739713 },
new int[] { 21374101,-3554250,-33524649,9874411,15377179,11831242,-33529904,6134907,4931255,11987849 },
new int[] { -7732,-2978858,-16223486,7277597,105524,-322051,-31480539,13861388,-30076310,10117930 }
base[25][2] = new ge_precomp(
new int[] { -29501170,-10744872,-26163768,13051539,-25625564,5089643,-6325503,6704079,12890019,15728940 },
new int[] { -21972360,-11771379,-951059,-4418840,14704840,2695116,903376,-10428139,12885167,8311031 },
new int[] { -17516482,5352194,10384213,-13811658,7506451,13453191,26423267,4384730,1888765,-5435404 }
base[25][3] = new ge_precomp(
new int[] { -25817338,-3107312,-13494599,-3182506,30896459,-13921729,-32251644,-12707869,-19464434,-3340243 },
new int[] { -23607977,-2665774,-526091,4651136,5765089,4618330,6092245,14845197,17151279,-9854116 },
new int[] { -24830458,-12733720,-15165978,10367250,-29530908,-265356,22825805,-7087279,-16866484,16176525 }
base[25][4] = new ge_precomp(
new int[] { -23583256,6564961,20063689,3798228,-4740178,7359225,2006182,-10363426,-28746253,-10197509 },
new int[] { -10626600,-4486402,-13320562,-5125317,3432136,-6393229,23632037,-1940610,32808310,1099883 },
new int[] { 15030977,5768825,-27451236,-2887299,-6427378,-15361371,-15277896,-6809350,2051441,-15225865 }
base[25][5] = new ge_precomp(
new int[] { -3362323,-7239372,7517890,9824992,23555850,295369,5148398,-14154188,-22686354,16633660 },
new int[] { 4577086,-16752288,13249841,-15304328,19958763,-14537274,18559670,-10759549,8402478,-9864273 },
new int[] { -28406330,-1051581,-26790155,-907698,-17212414,-11030789,9453451,-14980072,17983010,9967138 }
base[25][6] = new ge_precomp(
new int[] { -25762494,6524722,26585488,9969270,24709298,1220360,-1677990,7806337,17507396,3651560 },
new int[] { -10420457,-4118111,14584639,15971087,-15768321,8861010,26556809,-5574557,-18553322,-11357135 },
new int[] { 2839101,14284142,4029895,3472686,14402957,12689363,-26642121,8459447,-5605463,-7621941 }
base[25][7] = new ge_precomp(
new int[] { -4839289,-3535444,9744961,2871048,25113978,3187018,-25110813,-849066,17258084,-7977739 },
new int[] { 18164541,-10595176,-17154882,-1542417,19237078,-9745295,23357533,-15217008,26908270,12150756 },
new int[] { -30264870,-7647865,5112249,-7036672,-1499807,-6974257,43168,-5537701,-32302074,16215819 }
base[26][0] = new ge_precomp(
new int[] { -6898905,9824394,-12304779,-4401089,-31397141,-6276835,32574489,12532905,-7503072,-8675347 },
new int[] { -27343522,-16515468,-27151524,-10722951,946346,16291093,254968,7168080,21676107,-1943028 },
new int[] { 21260961,-8424752,-16831886,-11920822,-23677961,3968121,-3651949,-6215466,-3556191,-7913075 }
base[26][1] = new ge_precomp(
new int[] { 16544754,13250366,-16804428,15546242,-4583003,12757258,-2462308,-8680336,-18907032,-9662799 },
new int[] { -2415239,-15577728,18312303,4964443,-15272530,-12653564,26820651,16690659,25459437,-4564609 },
new int[] { -25144690,11425020,28423002,-11020557,-6144921,-15826224,9142795,-2391602,-6432418,-1644817 }
base[26][2] = new ge_precomp(
new int[] { -23104652,6253476,16964147,-3768872,-25113972,-12296437,-27457225,-16344658,6335692,7249989 },
new int[] { -30333227,13979675,7503222,-12368314,-11956721,-4621693,-30272269,2682242,25993170,-12478523 },
new int[] { 4364628,5930691,32304656,-10044554,-8054781,15091131,22857016,-10598955,31820368,15075278 }
base[26][3] = new ge_precomp(
new int[] { 31879134,-8918693,17258761,90626,-8041836,-4917709,24162788,-9650886,-17970238,12833045 },
new int[] { 19073683,14851414,-24403169,-11860168,7625278,11091125,-19619190,2074449,-9413939,14905377 },
new int[] { 24483667,-11935567,-2518866,-11547418,-1553130,15355506,-25282080,9253129,27628530,-7555480 }
base[26][4] = new ge_precomp(
new int[] { 17597607,8340603,19355617,552187,26198470,-3176583,4593324,-9157582,-14110875,15297016 },
new int[] { 510886,14337390,-31785257,16638632,6328095,2713355,-20217417,-11864220,8683221,2921426 },
new int[] { 18606791,11874196,27155355,-5281482,-24031742,6265446,-25178240,-1278924,4674690,13890525 }
base[26][5] = new ge_precomp(
new int[] { 13609624,13069022,-27372361,-13055908,24360586,9592974,14977157,9835105,4389687,288396 },
new int[] { 9922506,-519394,13613107,5883594,-18758345,-434263,-12304062,8317628,23388070,16052080 },
new int[] { 12720016,11937594,-31970060,-5028689,26900120,8561328,-20155687,-11632979,-14754271,-10812892 }
base[26][6] = new ge_precomp(
new int[] { 15961858,14150409,26716931,-665832,-22794328,13603569,11829573,7467844,-28822128,929275 },
new int[] { 11038231,-11582396,-27310482,-7316562,-10498527,-16307831,-23479533,-9371869,-21393143,2465074 },
new int[] { 20017163,-4323226,27915242,1529148,12396362,15675764,13817261,-9658066,2463391,-4622140 }
base[26][7] = new ge_precomp(
new int[] { -16358878,-12663911,-12065183,4996454,-1256422,1073572,9583558,12851107,4003896,12673717 },
new int[] { -1731589,-15155870,-3262930,16143082,19294135,13385325,14741514,-9103726,7903886,2348101 },
new int[] { 24536016,-16515207,12715592,-3862155,1511293,10047386,-3842346,-7129159,-28377538,10048127 }
base[27][0] = new ge_precomp(
new int[] { -12622226,-6204820,30718825,2591312,-10617028,12192840,18873298,-7297090,-32297756,15221632 },
new int[] { -26478122,-11103864,11546244,-1852483,9180880,7656409,-21343950,2095755,29769758,6593415 },
new int[] { -31994208,-2907461,4176912,3264766,12538965,-868111,26312345,-6118678,30958054,8292160 }
base[27][1] = new ge_precomp(
new int[] { 31429822,-13959116,29173532,15632448,12174511,-2760094,32808831,3977186,26143136,-3148876 },
new int[] { 22648901,1402143,-22799984,13746059,7936347,365344,-8668633,-1674433,-3758243,-2304625 },
new int[] { -15491917,8012313,-2514730,-12702462,-23965846,-10254029,-1612713,-1535569,-16664475,8194478 }
base[27][2] = new ge_precomp(
new int[] { 27338066,-7507420,-7414224,10140405,-19026427,-6589889,27277191,8855376,28572286,3005164 },
new int[] { 26287124,4821776,25476601,-4145903,-3764513,-15788984,-18008582,1182479,-26094821,-13079595 },
new int[] { -7171154,3178080,23970071,6201893,-17195577,-4489192,-21876275,-13982627,32208683,-1198248 }
base[27][3] = new ge_precomp(
new int[] { -16657702,2817643,-10286362,14811298,6024667,13349505,-27315504,-10497842,-27672585,-11539858 },
new int[] { 15941029,-9405932,-21367050,8062055,31876073,-238629,-15278393,-1444429,15397331,-4130193 },
new int[] { 8934485,-13485467,-23286397,-13423241,-32446090,14047986,31170398,-1441021,-27505566,15087184 }
base[27][4] = new ge_precomp(
new int[] { -18357243,-2156491,24524913,-16677868,15520427,-6360776,-15502406,11461896,16788528,-5868942 },
new int[] { -1947386,16013773,21750665,3714552,-17401782,-16055433,-3770287,-10323320,31322514,-11615635 },
new int[] { 21426655,-5650218,-13648287,-5347537,-28812189,-4920970,-18275391,-14621414,13040862,-12112948 }
base[27][5] = new ge_precomp(
new int[] { 11293895,12478086,-27136401,15083750,-29307421,14748872,14555558,-13417103,1613711,4896935 },
new int[] { -25894883,15323294,-8489791,-8057900,25967126,-13425460,2825960,-4897045,-23971776,-11267415 },
new int[] { -15924766,-5229880,-17443532,6410664,3622847,10243618,20615400,12405433,-23753030,-8436416 }
base[27][6] = new ge_precomp(
new int[] { -7091295,12556208,-20191352,9025187,-17072479,4333801,4378436,2432030,23097949,-566018 },
new int[] { 4565804,-16025654,20084412,-7842817,1724999,189254,24767264,10103221,-18512313,2424778 },
new int[] { 366633,-11976806,8173090,-6890119,30788634,5745705,-7168678,1344109,-3642553,12412659 }
base[27][7] = new ge_precomp(
new int[] { -24001791,7690286,14929416,-168257,-32210835,-13412986,24162697,-15326504,-3141501,11179385 },
new int[] { 18289522,-14724954,8056945,16430056,-21729724,7842514,-6001441,-1486897,-18684645,-11443503 },
new int[] { 476239,6601091,-6152790,-9723375,17503545,-4863900,27672959,13403813,11052904,5219329 }
base[28][0] = new ge_precomp(
new int[] { 20678546,-8375738,-32671898,8849123,-5009758,14574752,31186971,-3973730,9014762,-8579056 },
new int[] { -13644050,-10350239,-15962508,5075808,-1514661,-11534600,-33102500,9160280,8473550,-3256838 },
new int[] { 24900749,14435722,17209120,-15292541,-22592275,9878983,-7689309,-16335821,-24568481,11788948 }
base[28][1] = new ge_precomp(
new int[] { -3118155,-11395194,-13802089,14797441,9652448,-6845904,-20037437,10410733,-24568470,-1458691 },
new int[] { -15659161,16736706,-22467150,10215878,-9097177,7563911,11871841,-12505194,-18513325,8464118 },
new int[] { -23400612,8348507,-14585951,-861714,-3950205,-6373419,14325289,8628612,33313881,-8370517 }
base[28][2] = new ge_precomp(
new int[] { -20186973,-4967935,22367356,5271547,-1097117,-4788838,-24805667,-10236854,-8940735,-5818269 },
new int[] { -6948785,-1795212,-32625683,-16021179,32635414,-7374245,15989197,-12838188,28358192,-4253904 },
new int[] { -23561781,-2799059,-32351682,-1661963,-9147719,10429267,-16637684,4072016,-5351664,5596589 }
base[28][3] = new ge_precomp(
new int[] { -28236598,-3390048,12312896,6213178,3117142,16078565,29266239,2557221,1768301,15373193 },
new int[] { -7243358,-3246960,-4593467,-7553353,-127927,-912245,-1090902,-4504991,-24660491,3442910 },
new int[] { -30210571,5124043,14181784,8197961,18964734,-11939093,22597931,7176455,-18585478,13365930 }
base[28][4] = new ge_precomp(
new int[] { -7877390,-1499958,8324673,4690079,6261860,890446,24538107,-8570186,-9689599,-3031667 },
new int[] { 25008904,-10771599,-4305031,-9638010,16265036,15721635,683793,-11823784,15723479,-15163481 },
new int[] { -9660625,12374379,-27006999,-7026148,-7724114,-12314514,11879682,5400171,519526,-1235876 }
base[28][5] = new ge_precomp(
new int[] { 22258397,-16332233,-7869817,14613016,-22520255,-2950923,-20353881,7315967,16648397,7605640 },
new int[] { -8081308,-8464597,-8223311,9719710,19259459,-15348212,23994942,-5281555,-9468848,4763278 },
new int[] { -21699244,9220969,-15730624,1084137,-25476107,-2852390,31088447,-7764523,-11356529,728112 }
base[28][6] = new ge_precomp(
new int[] { 26047220,-11751471,-6900323,-16521798,24092068,9158119,-4273545,-12555558,-29365436,-5498272 },
new int[] { 17510331,-322857,5854289,8403524,17133918,-3112612,-28111007,12327945,10750447,10014012 },
new int[] { -10312768,3936952,9156313,-8897683,16498692,-994647,-27481051,-666732,3424691,7540221 }
base[28][7] = new ge_precomp(
new int[] { 30322361,-6964110,11361005,-4143317,7433304,4989748,-7071422,-16317219,-9244265,15258046 },
new int[] { 13054562,-2779497,19155474,469045,-12482797,4566042,5631406,2711395,1062915,-5136345 },
new int[] { -19240248,-11254599,-29509029,-7499965,-5835763,13005411,-6066489,12194497,32960380,1459310 }
base[29][0] = new ge_precomp(
new int[] { 19852034,7027924,23669353,10020366,8586503,-6657907,394197,-6101885,18638003,-11174937 },
new int[] { 31395534,15098109,26581030,8030562,-16527914,-5007134,9012486,-7584354,-6643087,-5442636 },
new int[] { -9192165,-2347377,-1997099,4529534,25766844,607986,-13222,9677543,-32294889,-6456008 }
base[29][1] = new ge_precomp(
new int[] { -2444496,-149937,29348902,8186665,1873760,12489863,-30934579,-7839692,-7852844,-8138429 },
new int[] { -15236356,-15433509,7766470,746860,26346930,-10221762,-27333451,10754588,-9431476,5203576 },
new int[] { 31834314,14135496,-770007,5159118,20917671,-16768096,-7467973,-7337524,31809243,7347066 }
base[29][2] = new ge_precomp(
new int[] { -9606723,-11874240,20414459,13033986,13716524,-11691881,19797970,-12211255,15192876,-2087490 },
new int[] { -12663563,-2181719,1168162,-3804809,26747877,-14138091,10609330,12694420,33473243,-13382104 },
new int[] { 33184999,11180355,15832085,-11385430,-1633671,225884,15089336,-11023903,-6135662,14480053 }
base[29][3] = new ge_precomp(
new int[] { 31308717,-5619998,31030840,-1897099,15674547,-6582883,5496208,13685227,27595050,8737275 },
new int[] { -20318852,-15150239,10933843,-16178022,8335352,-7546022,-31008351,-12610604,26498114,66511 },
new int[] { 22644454,-8761729,-16671776,4884562,-3105614,-13559366,30540766,-4286747,-13327787,-7515095 }
base[29][4] = new ge_precomp(
new int[] { -28017847,9834845,18617207,-2681312,-3401956,-13307506,8205540,13585437,-17127465,15115439 },
new int[] { 23711543,-672915,31206561,-8362711,6164647,-9709987,-33535882,-1426096,8236921,16492939 },
new int[] { -23910559,-13515526,-26299483,-4503841,25005590,-7687270,19574902,10071562,6708380,-6222424 }
base[29][5] = new ge_precomp(
new int[] { 2101391,-4930054,19702731,2367575,-15427167,1047675,5301017,9328700,29955601,-11678310 },
new int[] { 3096359,9271816,-21620864,-15521844,-14847996,-7592937,-25892142,-12635595,-9917575,6216608 },
new int[] { -32615849,338663,-25195611,2510422,-29213566,-13820213,24822830,-6146567,-26767480,7525079 }
base[29][6] = new ge_precomp(
new int[] { -23066649,-13985623,16133487,-7896178,-3389565,778788,-910336,-2782495,-19386633,11994101 },
new int[] { 21691500,-13624626,-641331,-14367021,3285881,-3483596,-25064666,9718258,-7477437,13381418 },
new int[] { 18445390,-4202236,14979846,11622458,-1727110,-3582980,23111648,-6375247,28535282,15779576 }
base[29][7] = new ge_precomp(
new int[] { 30098053,3089662,-9234387,16662135,-21306940,11308411,-14068454,12021730,9955285,-16303356 },
new int[] { 9734894,-14576830,-7473633,-9138735,2060392,11313496,-18426029,9924399,20194861,13380996 },
new int[] { -26378102,-7965207,-22167821,15789297,-18055342,-6168792,-1984914,15707771,26342023,10146099 }
base[30][0] = new ge_precomp(
new int[] { -26016874,-219943,21339191,-41388,19745256,-2878700,-29637280,2227040,21612326,-545728 },
new int[] { -13077387,1184228,23562814,-5970442,-20351244,-6348714,25764461,12243797,-20856566,11649658 },
new int[] { -10031494,11262626,27384172,2271902,26947504,-15997771,39944,6114064,33514190,2333242 }
base[30][1] = new ge_precomp(
new int[] { -21433588,-12421821,8119782,7219913,-21830522,-9016134,-6679750,-12670638,24350578,-13450001 },
new int[] { -4116307,-11271533,-23886186,4843615,-30088339,690623,-31536088,-10406836,8317860,12352766 },
new int[] { 18200138,-14475911,-33087759,-2696619,-23702521,-9102511,-23552096,-2287550,20712163,6719373 }
base[30][2] = new ge_precomp(
new int[] { 26656208,6075253,-7858556,1886072,-28344043,4262326,11117530,-3763210,26224235,-3297458 },
new int[] { -17168938,-14854097,-3395676,-16369877,-19954045,14050420,21728352,9493610,18620611,-16428628 },
new int[] { -13323321,13325349,11432106,5964811,18609221,6062965,-5269471,-9725556,-30701573,-16479657 }
base[30][3] = new ge_precomp(
new int[] { -23860538,-11233159,26961357,1640861,-32413112,-16737940,12248509,-5240639,13735342,1934062 },
new int[] { 25089769,6742589,17081145,-13406266,21909293,-16067981,-15136294,-3765346,-21277997,5473616 },
new int[] { 31883677,-7961101,1083432,-11572403,22828471,13290673,-7125085,12469656,29111212,-5451014 }
base[30][4] = new ge_precomp(
new int[] { 24244947,-15050407,-26262976,2791540,-14997599,16666678,24367466,6388839,-10295587,452383 },
new int[] { -25640782,-3417841,5217916,16224624,19987036,-4082269,-24236251,-5915248,15766062,8407814 },
new int[] { -20406999,13990231,15495425,16395525,5377168,15166495,-8917023,-4388953,-8067909,2276718 }
base[30][5] = new ge_precomp(
new int[] { 30157918,12924066,-17712050,9245753,19895028,3368142,-23827587,5096219,22740376,-7303417 },
new int[] { 2041139,-14256350,7783687,13876377,-25946985,-13352459,24051124,13742383,-15637599,13295222 },
new int[] { 33338237,-8505733,12532113,7977527,9106186,-1715251,-17720195,-4612972,-4451357,-14669444 }
base[30][6] = new ge_precomp(
new int[] { -20045281,5454097,-14346548,6447146,28862071,1883651,-2469266,-4141880,7770569,9620597 },
new int[] { 23208068,7979712,33071466,8149229,1758231,-10834995,30945528,-1694323,-33502340,-14767970 },
new int[] { 1439958,-16270480,-1079989,-793782,4625402,10647766,-5043801,1220118,30494170,-11440799 }
base[30][7] = new ge_precomp(
new int[] { -5037580,-13028295,-2970559,-3061767,15640974,-6701666,-26739026,926050,-1684339,-13333647 },
new int[] { 13908495,-3549272,30919928,-6273825,-21521863,7989039,9021034,9078865,3353509,4033511 },
new int[] { -29663431,-15113610,32259991,-344482,24295849,-12912123,23161163,8839127,27485041,7356032 }
base[31][0] = new ge_precomp(
new int[] { 9661027,705443,11980065,-5370154,-1628543,14661173,-6346142,2625015,28431036,-16771834 },
new int[] { -23839233,-8311415,-25945511,7480958,-17681669,-8354183,-22545972,14150565,15970762,4099461 },
new int[] { 29262576,16756590,26350592,-8793563,8529671,-11208050,13617293,-9937143,11465739,8317062 }
base[31][1] = new ge_precomp(
new int[] { -25493081,-6962928,32500200,-9419051,-23038724,-2302222,14898637,3848455,20969334,-5157516 },
new int[] { -20384450,-14347713,-18336405,13884722,-33039454,2842114,-21610826,-3649888,11177095,14989547 },
new int[] { -24496721,-11716016,16959896,2278463,12066309,10137771,13515641,2581286,-28487508,9930240 }
base[31][2] = new ge_precomp(
new int[] { -17751622,-2097826,16544300,-13009300,-15914807,-14949081,18345767,-13403753,16291481,-5314038 },
new int[] { -33229194,2553288,32678213,9875984,8534129,6889387,-9676774,6957617,4368891,9788741 },
new int[] { 16660756,7281060,-10830758,12911820,20108584,-8101676,-21722536,-8613148,16250552,-11111103 }
base[31][3] = new ge_precomp(
new int[] { -19765507,2390526,-16551031,14161980,1905286,6414907,4689584,10604807,-30190403,4782747 },
new int[] { -1354539,14736941,-7367442,-13292886,7710542,-14155590,-9981571,4383045,22546403,437323 },
new int[] { 31665577,-12180464,-16186830,1491339,-18368625,3294682,27343084,2786261,-30633590,-14097016 }
base[31][4] = new ge_precomp(
new int[] { -14467279,-683715,-33374107,7448552,19294360,14334329,-19690631,2355319,-19284671,-6114373 },
new int[] { 15121312,-15796162,6377020,-6031361,-10798111,-12957845,18952177,15496498,-29380133,11754228 },
new int[] { -2637277,-13483075,8488727,-14303896,12728761,-1622493,7141596,11724556,22761615,-10134141 }
base[31][5] = new ge_precomp(
new int[] { 16918416,11729663,-18083579,3022987,-31015732,-13339659,-28741185,-12227393,32851222,11717399 },
new int[] { 11166634,7338049,-6722523,4531520,-29468672,-7302055,31474879,3483633,-1193175,-4030831 },
new int[] { -185635,9921305,31456609,-13536438,-12013818,13348923,33142652,6546660,-19985279,-3948376 }
base[31][6] = new ge_precomp(
new int[] { -32460596,11266712,-11197107,-7899103,31703694,3855903,-8537131,-12833048,-30772034,-15486313 },
new int[] { -18006477,12709068,3991746,-6479188,-21491523,-10550425,-31135347,-16049879,10928917,3011958 },
new int[] { -6957757,-15594337,31696059,334240,29576716,14796075,-30831056,-12805180,18008031,10258577 }
base[31][7] = new ge_precomp(
new int[] { -22448644,15655569,7018479,-4410003,-30314266,-1201591,-1853465,1367120,25127874,6671743 },
new int[] { 29701166,-14373934,-10878120,9279288,-17568,13127210,21382910,11042292,25838796,4642684 },
new int[] { -20430234,14955537,-24126347,8124619,-5369288,-5990470,30468147,-13900640,18423289,4177476 }
Normal file
Normal file
@ -0,0 +1,333 @@
package org.whispersystems.curve25519.java;
public class ge_precomp_base_8_15 {
/* base[i][j] = (j+1)*256^i*B */
static ge_precomp base[][];
static {
//CONVERT #include "base.h"
base = new ge_precomp[32][8];
base[8][0] = new ge_precomp(
new int[] { -3017432,10058206,1980837,3964243,22160966,12322533,-6431123,-12618185,12228557,-7003677 },
new int[] { 32944382,14922211,-22844894,5188528,21913450,-8719943,4001465,13238564,-6114803,8653815 },
new int[] { 22865569,-4652735,27603668,-12545395,14348958,8234005,24808405,5719875,28483275,2841751 }
base[8][1] = new ge_precomp(
new int[] { -16420968,-1113305,-327719,-12107856,21886282,-15552774,-1887966,-315658,19932058,-12739203 },
new int[] { -11656086,10087521,-8864888,-5536143,-19278573,-3055912,3999228,13239134,-4777469,-13910208 },
new int[] { 1382174,-11694719,17266790,9194690,-13324356,9720081,20403944,11284705,-14013818,3093230 }
base[8][2] = new ge_precomp(
new int[] { 16650921,-11037932,-1064178,1570629,-8329746,7352753,-302424,16271225,-24049421,-6691850 },
new int[] { -21911077,-5927941,-4611316,-5560156,-31744103,-10785293,24123614,15193618,-21652117,-16739389 },
new int[] { -9935934,-4289447,-25279823,4372842,2087473,10399484,31870908,14690798,17361620,11864968 }
base[8][3] = new ge_precomp(
new int[] { -11307610,6210372,13206574,5806320,-29017692,-13967200,-12331205,-7486601,-25578460,-16240689 },
new int[] { 14668462,-12270235,26039039,15305210,25515617,4542480,10453892,6577524,9145645,-6443880 },
new int[] { 5974874,3053895,-9433049,-10385191,-31865124,3225009,-7972642,3936128,-5652273,-3050304 }
base[8][4] = new ge_precomp(
new int[] { 30625386,-4729400,-25555961,-12792866,-20484575,7695099,17097188,-16303496,-27999779,1803632 },
new int[] { -3553091,9865099,-5228566,4272701,-5673832,-16689700,14911344,12196514,-21405489,7047412 },
new int[] { 20093277,9920966,-11138194,-5343857,13161587,12044805,-32856851,4124601,-32343828,-10257566 }
base[8][5] = new ge_precomp(
new int[] { -20788824,14084654,-13531713,7842147,19119038,-13822605,4752377,-8714640,-21679658,2288038 },
new int[] { -26819236,-3283715,29965059,3039786,-14473765,2540457,29457502,14625692,-24819617,12570232 },
new int[] { -1063558,-11551823,16920318,12494842,1278292,-5869109,-21159943,-3498680,-11974704,4724943 }
base[8][6] = new ge_precomp(
new int[] { 17960970,-11775534,-4140968,-9702530,-8876562,-1410617,-12907383,-8659932,-29576300,1903856 },
new int[] { 23134274,-14279132,-10681997,-1611936,20684485,15770816,-12989750,3190296,26955097,14109738 },
new int[] { 15308788,5320727,-30113809,-14318877,22902008,7767164,29425325,-11277562,31960942,11934971 }
base[8][7] = new ge_precomp(
new int[] { -27395711,8435796,4109644,12222639,-24627868,14818669,20638173,4875028,10491392,1379718 },
new int[] { -13159415,9197841,3875503,-8936108,-1383712,-5879801,33518459,16176658,21432314,12180697 },
new int[] { -11787308,11500838,13787581,-13832590,-22430679,10140205,1465425,12689540,-10301319,-13872883 }
base[9][0] = new ge_precomp(
new int[] { 5414091,-15386041,-21007664,9643570,12834970,1186149,-2622916,-1342231,26128231,6032912 },
new int[] { -26337395,-13766162,32496025,-13653919,17847801,-12669156,3604025,8316894,-25875034,-10437358 },
new int[] { 3296484,6223048,24680646,-12246460,-23052020,5903205,-8862297,-4639164,12376617,3188849 }
base[9][1] = new ge_precomp(
new int[] { 29190488,-14659046,27549113,-1183516,3520066,-10697301,32049515,-7309113,-16109234,-9852307 },
new int[] { -14744486,-9309156,735818,-598978,-20407687,-5057904,25246078,-15795669,18640741,-960977 },
new int[] { -6928835,-16430795,10361374,5642961,4910474,12345252,-31638386,-494430,10530747,1053335 }
base[9][2] = new ge_precomp(
new int[] { -29265967,-14186805,-13538216,-12117373,-19457059,-10655384,-31462369,-2948985,24018831,15026644 },
new int[] { -22592535,-3145277,-2289276,5953843,-13440189,9425631,25310643,13003497,-2314791,-15145616 },
new int[] { -27419985,-603321,-8043984,-1669117,-26092265,13987819,-27297622,187899,-23166419,-2531735 }
base[9][3] = new ge_precomp(
new int[] { -21744398,-13810475,1844840,5021428,-10434399,-15911473,9716667,16266922,-5070217,726099 },
new int[] { 29370922,-6053998,7334071,-15342259,9385287,2247707,-13661962,-4839461,30007388,-15823341 },
new int[] { -936379,16086691,23751945,-543318,-1167538,-5189036,9137109,730663,9835848,4555336 }
base[9][4] = new ge_precomp(
new int[] { -23376435,1410446,-22253753,-12899614,30867635,15826977,17693930,544696,-11985298,12422646 },
new int[] { 31117226,-12215734,-13502838,6561947,-9876867,-12757670,-5118685,-4096706,29120153,13924425 },
new int[] { -17400879,-14233209,19675799,-2734756,-11006962,-5858820,-9383939,-11317700,7240931,-237388 }
base[9][5] = new ge_precomp(
new int[] { -31361739,-11346780,-15007447,-5856218,-22453340,-12152771,1222336,4389483,3293637,-15551743 },
new int[] { -16684801,-14444245,11038544,11054958,-13801175,-3338533,-24319580,7733547,12796905,-6335822 },
new int[] { -8759414,-10817836,-25418864,10783769,-30615557,-9746811,-28253339,3647836,3222231,-11160462 }
base[9][6] = new ge_precomp(
new int[] { 18606113,1693100,-25448386,-15170272,4112353,10045021,23603893,-2048234,-7550776,2484985 },
new int[] { 9255317,-3131197,-12156162,-1004256,13098013,-9214866,16377220,-2102812,-19802075,-3034702 },
new int[] { -22729289,7496160,-5742199,11329249,19991973,-3347502,-31718148,9936966,-30097688,-10618797 }
base[9][7] = new ge_precomp(
new int[] { 21878590,-5001297,4338336,13643897,-3036865,13160960,19708896,5415497,-7360503,-4109293 },
new int[] { 27736861,10103576,12500508,8502413,-3413016,-9633558,10436918,-1550276,-23659143,-8132100 },
new int[] { 19492550,-12104365,-29681976,-852630,-3208171,12403437,30066266,8367329,13243957,8709688 }
base[10][0] = new ge_precomp(
new int[] { 12015105,2801261,28198131,10151021,24818120,-4743133,-11194191,-5645734,5150968,7274186 },
new int[] { 2831366,-12492146,1478975,6122054,23825128,-12733586,31097299,6083058,31021603,-9793610 },
new int[] { -2529932,-2229646,445613,10720828,-13849527,-11505937,-23507731,16354465,15067285,-14147707 }
base[10][1] = new ge_precomp(
new int[] { 7840942,14037873,-33364863,15934016,-728213,-3642706,21403988,1057586,-19379462,-12403220 },
new int[] { 915865,-16469274,15608285,-8789130,-24357026,6060030,-17371319,8410997,-7220461,16527025 },
new int[] { 32922597,-556987,20336074,-16184568,10903705,-5384487,16957574,52992,23834301,6588044 }
base[10][2] = new ge_precomp(
new int[] { 32752030,11232950,3381995,-8714866,22652988,-10744103,17159699,16689107,-20314580,-1305992 },
new int[] { -4689649,9166776,-25710296,-10847306,11576752,12733943,7924251,-2752281,1976123,-7249027 },
new int[] { 21251222,16309901,-2983015,-6783122,30810597,12967303,156041,-3371252,12331345,-8237197 }
base[10][3] = new ge_precomp(
new int[] { 8651614,-4477032,-16085636,-4996994,13002507,2950805,29054427,-5106970,10008136,-4667901 },
new int[] { 31486080,15114593,-14261250,12951354,14369431,-7387845,16347321,-13662089,8684155,-10532952 },
new int[] { 19443825,11385320,24468943,-9659068,-23919258,2187569,-26263207,-6086921,31316348,14219878 }
base[10][4] = new ge_precomp(
new int[] { -28594490,1193785,32245219,11392485,31092169,15722801,27146014,6992409,29126555,9207390 },
new int[] { 32382935,1110093,18477781,11028262,-27411763,-7548111,-4980517,10843782,-7957600,-14435730 },
new int[] { 2814918,7836403,27519878,-7868156,-20894015,-11553689,-21494559,8550130,28346258,1994730 }
base[10][5] = new ge_precomp(
new int[] { -19578299,8085545,-14000519,-3948622,2785838,-16231307,-19516951,7174894,22628102,8115180 },
new int[] { -30405132,955511,-11133838,-15078069,-32447087,-13278079,-25651578,3317160,-9943017,930272 },
new int[] { -15303681,-6833769,28856490,1357446,23421993,1057177,24091212,-1388970,-22765376,-10650715 }
base[10][6] = new ge_precomp(
new int[] { -22751231,-5303997,-12907607,-12768866,-15811511,-7797053,-14839018,-16554220,-1867018,8398970 },
new int[] { -31969310,2106403,-4736360,1362501,12813763,16200670,22981545,-6291273,18009408,-15772772 },
new int[] { -17220923,-9545221,-27784654,14166835,29815394,7444469,29551787,-3727419,19288549,1325865 }
base[10][7] = new ge_precomp(
new int[] { 15100157,-15835752,-23923978,-1005098,-26450192,15509408,12376730,-3479146,33166107,-8042750 },
new int[] { 20909231,13023121,-9209752,16251778,-5778415,-8094914,12412151,10018715,2213263,-13878373 },
new int[] { 32529814,-11074689,30361439,-16689753,-9135940,1513226,22922121,6382134,-5766928,8371348 }
base[11][0] = new ge_precomp(
new int[] { 9923462,11271500,12616794,3544722,-29998368,-1721626,12891687,-8193132,-26442943,10486144 },
new int[] { -22597207,-7012665,8587003,-8257861,4084309,-12970062,361726,2610596,-23921530,-11455195 },
new int[] { 5408411,-1136691,-4969122,10561668,24145918,14240566,31319731,-4235541,19985175,-3436086 }
base[11][1] = new ge_precomp(
new int[] { -13994457,16616821,14549246,3341099,32155958,13648976,-17577068,8849297,65030,8370684 },
new int[] { -8320926,-12049626,31204563,5839400,-20627288,-1057277,-19442942,6922164,12743482,-9800518 },
new int[] { -2361371,12678785,28815050,4759974,-23893047,4884717,23783145,11038569,18800704,255233 }
base[11][2] = new ge_precomp(
new int[] { -5269658,-1773886,13957886,7990715,23132995,728773,13393847,9066957,19258688,-14753793 },
new int[] { -2936654,-10827535,-10432089,14516793,-3640786,4372541,-31934921,2209390,-1524053,2055794 },
new int[] { 580882,16705327,5468415,-2683018,-30926419,-14696000,-7203346,-8994389,-30021019,7394435 }
base[11][3] = new ge_precomp(
new int[] { 23838809,1822728,-15738443,15242727,8318092,-3733104,-21672180,-3492205,-4821741,14799921 },
new int[] { 13345610,9759151,3371034,-16137791,16353039,8577942,31129804,13496856,-9056018,7402518 },
new int[] { 2286874,-4435931,-20042458,-2008336,-13696227,5038122,11006906,-15760352,8205061,1607563 }
base[11][4] = new ge_precomp(
new int[] { 14414086,-8002132,3331830,-3208217,22249151,-5594188,18364661,-2906958,30019587,-9029278 },
new int[] { -27688051,1585953,-10775053,931069,-29120221,-11002319,-14410829,12029093,9944378,8024 },
new int[] { 4368715,-3709630,29874200,-15022983,-20230386,-11410704,-16114594,-999085,-8142388,5640030 }
base[11][5] = new ge_precomp(
new int[] { 10299610,13746483,11661824,16234854,7630238,5998374,9809887,-16694564,15219798,-14327783 },
new int[] { 27425505,-5719081,3055006,10660664,23458024,595578,-15398605,-1173195,-18342183,9742717 },
new int[] { 6744077,2427284,26042789,2720740,-847906,1118974,32324614,7406442,12420155,1994844 }
base[11][6] = new ge_precomp(
new int[] { 14012521,-5024720,-18384453,-9578469,-26485342,-3936439,-13033478,-10909803,24319929,-6446333 },
new int[] { 16412690,-4507367,10772641,15929391,-17068788,-4658621,10555945,-10484049,-30102368,-4739048 },
new int[] { 22397382,-7767684,-9293161,-12792868,17166287,-9755136,-27333065,6199366,21880021,-12250760 }
base[11][7] = new ge_precomp(
new int[] { -4283307,5368523,-31117018,8163389,-30323063,3209128,16557151,8890729,8840445,4957760 },
new int[] { -15447727,709327,-6919446,-10870178,-29777922,6522332,-21720181,12130072,-14796503,5005757 },
new int[] { -2114751,-14308128,23019042,15765735,-25269683,6002752,10183197,-13239326,-16395286,-2176112 }
base[12][0] = new ge_precomp(
new int[] { -19025756,1632005,13466291,-7995100,-23640451,16573537,-32013908,-3057104,22208662,2000468 },
new int[] { 3065073,-1412761,-25598674,-361432,-17683065,-5703415,-8164212,11248527,-3691214,-7414184 },
new int[] { 10379208,-6045554,8877319,1473647,-29291284,-12507580,16690915,2553332,-3132688,16400289 }
base[12][1] = new ge_precomp(
new int[] { 15716668,1254266,-18472690,7446274,-8448918,6344164,-22097271,-7285580,26894937,9132066 },
new int[] { 24158887,12938817,11085297,-8177598,-28063478,-4457083,-30576463,64452,-6817084,-2692882 },
new int[] { 13488534,7794716,22236231,5989356,25426474,-12578208,2350710,-3418511,-4688006,2364226 }
base[12][2] = new ge_precomp(
new int[] { 16335052,9132434,25640582,6678888,1725628,8517937,-11807024,-11697457,15445875,-7798101 },
new int[] { 29004207,-7867081,28661402,-640412,-12794003,-7943086,31863255,-4135540,-278050,-15759279 },
new int[] { -6122061,-14866665,-28614905,14569919,-10857999,-3591829,10343412,-6976290,-29828287,-10815811 }
base[12][3] = new ge_precomp(
new int[] { 27081650,3463984,14099042,-4517604,1616303,-6205604,29542636,15372179,17293797,960709 },
new int[] { 20263915,11434237,-5765435,11236810,13505955,-10857102,-16111345,6493122,-19384511,7639714 },
new int[] { -2830798,-14839232,25403038,-8215196,-8317012,-16173699,18006287,-16043750,29994677,-15808121 }
base[12][4] = new ge_precomp(
new int[] { 9769828,5202651,-24157398,-13631392,-28051003,-11561624,-24613141,-13860782,-31184575,709464 },
new int[] { 12286395,13076066,-21775189,-1176622,-25003198,4057652,-32018128,-8890874,16102007,13205847 },
new int[] { 13733362,5599946,10557076,3195751,-5557991,8536970,-25540170,8525972,10151379,10394400 }
base[12][5] = new ge_precomp(
new int[] { 4024660,-16137551,22436262,12276534,-9099015,-2686099,19698229,11743039,-33302334,8934414 },
new int[] { -15879800,-4525240,-8580747,-2934061,14634845,-698278,-9449077,3137094,-11536886,11721158 },
new int[] { 17555939,-5013938,8268606,2331751,-22738815,9761013,9319229,8835153,-9205489,-1280045 }
base[12][6] = new ge_precomp(
new int[] { -461409,-7830014,20614118,16688288,-7514766,-4807119,22300304,505429,6108462,-6183415 },
new int[] { -5070281,12367917,-30663534,3234473,32617080,-8422642,29880583,-13483331,-26898490,-7867459 },
new int[] { -31975283,5726539,26934134,10237677,-3173717,-605053,24199304,3795095,7592688,-14992079 }
base[12][7] = new ge_precomp(
new int[] { 21594432,-14964228,17466408,-4077222,32537084,2739898,6407723,12018833,-28256052,4298412 },
new int[] { -20650503,-11961496,-27236275,570498,3767144,-1717540,13891942,-1569194,13717174,10805743 },
new int[] { -14676630,-15644296,15287174,11927123,24177847,-8175568,-796431,14860609,-26938930,-5863836 }
base[13][0] = new ge_precomp(
new int[] { 12962541,5311799,-10060768,11658280,18855286,-7954201,13286263,-12808704,-4381056,9882022 },
new int[] { 18512079,11319350,-20123124,15090309,18818594,5271736,-22727904,3666879,-23967430,-3299429 },
new int[] { -6789020,-3146043,16192429,13241070,15898607,-14206114,-10084880,-6661110,-2403099,5276065 }
base[13][1] = new ge_precomp(
new int[] { 30169808,-5317648,26306206,-11750859,27814964,7069267,7152851,3684982,1449224,13082861 },
new int[] { 10342826,3098505,2119311,193222,25702612,12233820,23697382,15056736,-21016438,-8202000 },
new int[] { -33150110,3261608,22745853,7948688,19370557,-15177665,-26171976,6482814,-10300080,-11060101 }
base[13][2] = new ge_precomp(
new int[] { 32869458,-5408545,25609743,15678670,-10687769,-15471071,26112421,2521008,-22664288,6904815 },
new int[] { 29506923,4457497,3377935,-9796444,-30510046,12935080,1561737,3841096,-29003639,-6657642 },
new int[] { 10340844,-6630377,-18656632,-2278430,12621151,-13339055,30878497,-11824370,-25584551,5181966 }
base[13][3] = new ge_precomp(
new int[] { 25940115,-12658025,17324188,-10307374,-8671468,15029094,24396252,-16450922,-2322852,-12388574 },
new int[] { -21765684,9916823,-1300409,4079498,-1028346,11909559,1782390,12641087,20603771,-6561742 },
new int[] { -18882287,-11673380,24849422,11501709,13161720,-4768874,1925523,11914390,4662781,7820689 }
base[13][4] = new ge_precomp(
new int[] { 12241050,-425982,8132691,9393934,32846760,-1599620,29749456,12172924,16136752,15264020 },
new int[] { -10349955,-14680563,-8211979,2330220,-17662549,-14545780,10658213,6671822,19012087,3772772 },
new int[] { 3753511,-3421066,10617074,2028709,14841030,-6721664,28718732,-15762884,20527771,12988982 }
base[13][5] = new ge_precomp(
new int[] { -14822485,-5797269,-3707987,12689773,-898983,-10914866,-24183046,-10564943,3299665,-12424953 },
new int[] { -16777703,-15253301,-9642417,4978983,3308785,8755439,6943197,6461331,-25583147,8991218 },
new int[] { -17226263,1816362,-1673288,-6086439,31783888,-8175991,-32948145,7417950,-30242287,1507265 }
base[13][6] = new ge_precomp(
new int[] { 29692663,6829891,-10498800,4334896,20945975,-11906496,-28887608,8209391,14606362,-10647073 },
new int[] { -3481570,8707081,32188102,5672294,22096700,1711240,-33020695,9761487,4170404,-2085325 },
new int[] { -11587470,14855945,-4127778,-1531857,-26649089,15084046,22186522,16002000,-14276837,-8400798 }
base[13][7] = new ge_precomp(
new int[] { -4811456,13761029,-31703877,-2483919,-3312471,7869047,-7113572,-9620092,13240845,10965870 },
new int[] { -7742563,-8256762,-14768334,-13656260,-23232383,12387166,4498947,14147411,29514390,4302863 },
new int[] { -13413405,-12407859,20757302,-13801832,14785143,8976368,-5061276,-2144373,17846988,-13971927 }
base[14][0] = new ge_precomp(
new int[] { -2244452,-754728,-4597030,-1066309,-6247172,1455299,-21647728,-9214789,-5222701,12650267 },
new int[] { -9906797,-16070310,21134160,12198166,-27064575,708126,387813,13770293,-19134326,10958663 },
new int[] { 22470984,12369526,23446014,-5441109,-21520802,-9698723,-11772496,-11574455,-25083830,4271862 }
base[14][1] = new ge_precomp(
new int[] { -25169565,-10053642,-19909332,15361595,-5984358,2159192,75375,-4278529,-32526221,8469673 },
new int[] { 15854970,4148314,-8893890,7259002,11666551,13824734,-30531198,2697372,24154791,-9460943 },
new int[] { 15446137,-15806644,29759747,14019369,30811221,-9610191,-31582008,12840104,24913809,9815020 }
base[14][2] = new ge_precomp(
new int[] { -4709286,-5614269,-31841498,-12288893,-14443537,10799414,-9103676,13438769,18735128,9466238 },
new int[] { 11933045,9281483,5081055,-5183824,-2628162,-4905629,-7727821,-10896103,-22728655,16199064 },
new int[] { 14576810,379472,-26786533,-8317236,-29426508,-10812974,-102766,1876699,30801119,2164795 }
base[14][3] = new ge_precomp(
new int[] { 15995086,3199873,13672555,13712240,-19378835,-4647646,-13081610,-15496269,-13492807,1268052 },
new int[] { -10290614,-3659039,-3286592,10948818,23037027,3794475,-3470338,-12600221,-17055369,3565904 },
new int[] { 29210088,-9419337,-5919792,-4952785,10834811,-13327726,-16512102,-10820713,-27162222,-14030531 }
base[14][4] = new ge_precomp(
new int[] { -13161890,15508588,16663704,-8156150,-28349942,9019123,-29183421,-3769423,2244111,-14001979 },
new int[] { -5152875,-3800936,-9306475,-6071583,16243069,14684434,-25673088,-16180800,13491506,4641841 },
new int[] { 10813417,643330,-19188515,-728916,30292062,-16600078,27548447,-7721242,14476989,-12767431 }
base[14][5] = new ge_precomp(
new int[] { 10292079,9984945,6481436,8279905,-7251514,7032743,27282937,-1644259,-27912810,12651324 },
new int[] { -31185513,-813383,22271204,11835308,10201545,15351028,17099662,3988035,21721536,-3148940 },
new int[] { 10202177,-6545839,-31373232,-9574638,-32150642,-8119683,-12906320,3852694,13216206,14842320 }
base[14][6] = new ge_precomp(
new int[] { -15815640,-10601066,-6538952,-7258995,-6984659,-6581778,-31500847,13765824,-27434397,9900184 },
new int[] { 14465505,-13833331,-32133984,-14738873,-27443187,12990492,33046193,15796406,-7051866,-8040114 },
new int[] { 30924417,-8279620,6359016,-12816335,16508377,9071735,-25488601,15413635,9524356,-7018878 }
base[14][7] = new ge_precomp(
new int[] { 12274201,-13175547,32627641,-1785326,6736625,13267305,5237659,-5109483,15663516,4035784 },
new int[] { -2951309,8903985,17349946,601635,-16432815,-4612556,-13732739,-15889334,-22258478,4659091 },
new int[] { -16916263,-4952973,-30393711,-15158821,20774812,15897498,5736189,15026997,-2178256,-13455585 }
base[15][0] = new ge_precomp(
new int[] { -8858980,-2219056,28571666,-10155518,-474467,-10105698,-3801496,278095,23440562,-290208 },
new int[] { 10226241,-5928702,15139956,120818,-14867693,5218603,32937275,11551483,-16571960,-7442864 },
new int[] { 17932739,-12437276,-24039557,10749060,11316803,7535897,22503767,5561594,-3646624,3898661 }
base[15][1] = new ge_precomp(
new int[] { 7749907,-969567,-16339731,-16464,-25018111,15122143,-1573531,7152530,21831162,1245233 },
new int[] { 26958459,-14658026,4314586,8346991,-5677764,11960072,-32589295,-620035,-30402091,-16716212 },
new int[] { -12165896,9166947,33491384,13673479,29787085,13096535,6280834,14587357,-22338025,13987525 }
base[15][2] = new ge_precomp(
new int[] { -24349909,7778775,21116000,15572597,-4833266,-5357778,-4300898,-5124639,-7469781,-2858068 },
new int[] { 9681908,-6737123,-31951644,13591838,-6883821,386950,31622781,6439245,-14581012,4091397 },
new int[] { -8426427,1470727,-28109679,-1596990,3978627,-5123623,-19622683,12092163,29077877,-14741988 }
base[15][3] = new ge_precomp(
new int[] { 5269168,-6859726,-13230211,-8020715,25932563,1763552,-5606110,-5505881,-20017847,2357889 },
new int[] { 32264008,-15407652,-5387735,-1160093,-2091322,-3946900,23104804,-12869908,5727338,189038 },
new int[] { 14609123,-8954470,-6000566,-16622781,-14577387,-7743898,-26745169,10942115,-25888931,-14884697 }
base[15][4] = new ge_precomp(
new int[] { 20513500,5557931,-15604613,7829531,26413943,-2019404,-21378968,7471781,13913677,-5137875 },
new int[] { -25574376,11967826,29233242,12948236,-6754465,4713227,-8940970,14059180,12878652,8511905 },
new int[] { -25656801,3393631,-2955415,-7075526,-2250709,9366908,-30223418,6812974,5568676,-3127656 }
base[15][5] = new ge_precomp(
new int[] { 11630004,12144454,2116339,13606037,27378885,15676917,-17408753,-13504373,-14395196,8070818 },
new int[] { 27117696,-10007378,-31282771,-5570088,1127282,12772488,-29845906,10483306,-11552749,-1028714 },
new int[] { 10637467,-5688064,5674781,1072708,-26343588,-6982302,-1683975,9177853,-27493162,15431203 }
base[15][6] = new ge_precomp(
new int[] { 20525145,10892566,-12742472,12779443,-29493034,16150075,-28240519,14943142,-15056790,-7935931 },
new int[] { -30024462,5626926,-551567,-9981087,753598,11981191,25244767,-3239766,-3356550,9594024 },
new int[] { -23752644,2636870,-5163910,-10103818,585134,7877383,11345683,-6492290,13352335,-10977084 }
base[15][7] = new ge_precomp(
new int[] { -1931799,-5407458,3304649,-12884869,17015806,-4877091,-29783850,-7752482,-13215537,-319204 },
new int[] { 20239939,6607058,6203985,3483793,-18386976,-779229,-20723742,15077870,-22750759,14523817 },
new int[] { 27406042,-6041657,27423596,-4497394,4996214,10002360,-28842031,-4545494,-30172742,-4805667 }
Normal file
Normal file
@ -0,0 +1,111 @@
package org.whispersystems.curve25519.java;
public class ge_scalarmult_base {
//CONVERT #include "ge.h"
//CONVERT #include "crypto_uint32.h"
static int equal(byte b,byte c)
int ub = b;
int uc = c;
int x = ub ^ uc; /* 0: yes; 1..255: no */
int y = x; /* 0: yes; 1..255: no */
y -= 1; /* 4294967295: yes; 0..254: no */
y >>>= 31; /* 1: yes; 0: no */
return y;
static int negative(byte b)
long x = b; /* 18446744073709551361..18446744073709551615: yes; 0..255: no */
x >>>= 63; /* 1: yes; 0: no */
return (int)x;
static void cmov(ge_precomp t,ge_precomp u,int b)
static void select(ge_precomp t,int pos,byte b)
ge_precomp base[][] = (pos <= 7 ? ge_precomp_base_0_7.base :
(pos <= 15 ? ge_precomp_base_8_15.base :
(pos <= 23 ? ge_precomp_base_16_23.base : ge_precomp_base_24_31.base)));
ge_precomp minust = new ge_precomp();
int bnegative = negative(b);
int babs = b - (((-bnegative) & b) << 1);
h = a * B
where a = a[0]+256*a[1]+...+256^31 a[31]
B is the Ed25519 base point (x,4/5) with x positive.
a[31] <= 127
public static void ge_scalarmult_base(ge_p3 h,byte[] a)
byte[] e = new byte[64];
byte carry;
ge_p1p1 r = new ge_p1p1();
ge_p2 s = new ge_p2();
ge_precomp t = new ge_precomp();
int i;
for (i = 0;i < 32;++i) {
e[2 * i + 0] = (byte)((a[i] >>> 0) & 15);
e[2 * i + 1] = (byte)((a[i] >>> 4) & 15);
/* each e[i] is between 0 and 15 */
/* e[63] is between 0 and 7 */
carry = 0;
for (i = 0;i < 63;++i) {
e[i] += carry;
carry = (byte)(e[i] + 8);
carry >>= 4;
e[i] -= carry << 4;
e[63] += carry;
/* each e[i] is between -8 and 8 */
for (i = 1;i < 64;i += 2) {
select(t,i / 2,e[i]);
ge_madd.ge_madd(r,h,t); ge_p1p1_to_p3.ge_p1p1_to_p3(h,r);
ge_p3_dbl.ge_p3_dbl(r,h); ge_p1p1_to_p2.ge_p1p1_to_p2(s,r);
ge_p2_dbl.ge_p2_dbl(r,s); ge_p1p1_to_p2.ge_p1p1_to_p2(s,r);
ge_p2_dbl.ge_p2_dbl(r,s); ge_p1p1_to_p2.ge_p1p1_to_p2(s,r);
ge_p2_dbl.ge_p2_dbl(r,s); ge_p1p1_to_p3.ge_p1p1_to_p3(h,r);
for (i = 0;i < 64;i += 2) {
select(t,i / 2,e[i]);
ge_madd.ge_madd(r,h,t); ge_p1p1_to_p3.ge_p1p1_to_p3(h,r);
Normal file
Normal file
@ -0,0 +1,116 @@
package org.whispersystems.curve25519.java;
public class ge_sub {
//CONVERT #include "ge.h"
r = p - q
public static void ge_sub(ge_p1p1 r,ge_p3 p,ge_cached q)
int[] t0 = new int[10];
//CONVERT #include "ge_sub.h"
/* qhasm: enter ge_sub */
/* qhasm: fe X1 */
/* qhasm: fe Y1 */
/* qhasm: fe Z1 */
/* qhasm: fe Z2 */
/* qhasm: fe T1 */
/* qhasm: fe ZZ */
/* qhasm: fe YpX2 */
/* qhasm: fe YmX2 */
/* qhasm: fe T2d2 */
/* qhasm: fe X3 */
/* qhasm: fe Y3 */
/* qhasm: fe Z3 */
/* qhasm: fe T3 */
/* qhasm: fe YpX1 */
/* qhasm: fe YmX1 */
/* qhasm: fe A */
/* qhasm: fe B */
/* qhasm: fe C */
/* qhasm: fe D */
/* qhasm: YpX1 = Y1+X1 */
/* asm 1: fe_add.fe_add(>YpX1=fe#1,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_add.fe_add(>YpX1=r.X,<Y1=p.Y,<X1=p.X); */
/* qhasm: YmX1 = Y1-X1 */
/* asm 1: fe_sub.fe_sub(>YmX1=fe#2,<Y1=fe#12,<X1=fe#11); */
/* asm 2: fe_sub.fe_sub(>YmX1=r.Y,<Y1=p.Y,<X1=p.X); */
/* qhasm: A = YpX1*YmX2 */
/* asm 1: fe_mul.fe_mul(>A=fe#3,<YpX1=fe#1,<YmX2=fe#16); */
/* asm 2: fe_mul.fe_mul(>A=r.Z,<YpX1=r.X,<YmX2=q.YminusX); */
/* qhasm: B = YmX1*YpX2 */
/* asm 1: fe_mul.fe_mul(>B=fe#2,<YmX1=fe#2,<YpX2=fe#15); */
/* asm 2: fe_mul.fe_mul(>B=r.Y,<YmX1=r.Y,<YpX2=q.YplusX); */
/* qhasm: C = T2d2*T1 */
/* asm 1: fe_mul.fe_mul(>C=fe#4,<T2d2=fe#18,<T1=fe#14); */
/* asm 2: fe_mul.fe_mul(>C=r.T,<T2d2=q.T2d,<T1=p.T); */
/* qhasm: ZZ = Z1*Z2 */
/* asm 1: fe_mul.fe_mul(>ZZ=fe#1,<Z1=fe#13,<Z2=fe#17); */
/* asm 2: fe_mul.fe_mul(>ZZ=r.X,<Z1=p.Z,<Z2=q.Z); */
/* qhasm: D = 2*ZZ */
/* asm 1: fe_add.fe_add(>D=fe#5,<ZZ=fe#1,<ZZ=fe#1); */
/* asm 2: fe_add.fe_add(>D=t0,<ZZ=r.X,<ZZ=r.X); */
/* qhasm: X3 = A-B */
/* asm 1: fe_sub.fe_sub(>X3=fe#1,<A=fe#3,<B=fe#2); */
/* asm 2: fe_sub.fe_sub(>X3=r.X,<A=r.Z,<B=r.Y); */
/* qhasm: Y3 = A+B */
/* asm 1: fe_add.fe_add(>Y3=fe#2,<A=fe#3,<B=fe#2); */
/* asm 2: fe_add.fe_add(>Y3=r.Y,<A=r.Z,<B=r.Y); */
/* qhasm: Z3 = D-C */
/* asm 1: fe_sub.fe_sub(>Z3=fe#3,<D=fe#5,<C=fe#4); */
/* asm 2: fe_sub.fe_sub(>Z3=r.Z,<D=t0,<C=r.T); */
/* qhasm: T3 = D+C */
/* asm 1: fe_add.fe_add(>T3=fe#4,<D=fe#5,<C=fe#4); */
/* asm 2: fe_add.fe_add(>T3=r.T,<D=t0,<C=r.T); */
/* qhasm: return */
Normal file
Normal file
@ -0,0 +1,22 @@
package org.whispersystems.curve25519.java;
public class ge_tobytes {
//CONVERT #include "ge.h"
public static void ge_tobytes(byte[] s,ge_p2 h)
int[] recip = new int[10];
int[] x = new int[10];
int[] y = new int[10];
s[31] ^= fe_isnegative.fe_isnegative(x) << 7;
Normal file
Normal file
@ -0,0 +1,57 @@
package org.whispersystems.curve25519.java;
public class open {
//CONVERT #include <string.h>
//CONVERT #include "crypto_sign.h"
//CONVERT #include "crypto_hash_sha512.h"
//CONVERT #include "crypto_verify_32.h"
//CONVERT #include "ge.h"
//CONVERT #include "sc.h"
public static int crypto_sign_open(
Sha512 sha512provider,
byte[] m, long mlen,
byte[] sm, long smlen,
byte[] pk
byte[] pkcopy = new byte[32];
byte[] rcopy = new byte[32];
byte[] scopy = new byte[32];
byte[] h = new byte[64];
byte[] rcheck = new byte[32];
ge_p3 A = new ge_p3();
ge_p2 R = new ge_p2();
if (smlen < 64) return -1;
if ((sm[63] & 224) != 0) return -1;
if (ge_frombytes.ge_frombytes_negate_vartime(A,pk) != 0) return -1;
byte[] pubkeyhash = new byte[64];
System.arraycopy(pk, 0, pkcopy, 0, 32);
System.arraycopy(sm, 0, rcopy, 0, 32);
System.arraycopy(sm, 32, scopy, 0, 32);
System.arraycopy(sm, 0, m, 0, (int)smlen);
System.arraycopy(pkcopy, 0, m, 32, 32);
if (crypto_verify_32.crypto_verify_32(rcheck,rcopy) == 0) {
System.arraycopy(m, 64, m, 0, (int)(smlen - 64));
//memset(m + smlen - 64,0,64);
return 0;
return -1;
Normal file
Normal file
@ -0,0 +1,376 @@
package org.whispersystems.curve25519.java;
public class sc_muladd {
//CONVERT #include "sc.h"
//CONVERT #include "long.h"
//CONVERT #include "crypto_uint32.h"
//CONVERT #include "long.h"
public static long load_3(byte[] in, int index)
long result;
result = ((long) in[index + 0]) & 0xFF;
result |= (((long) in[index + 1]) << 8) & 0xFF00;
result |= (((long) in[index + 2]) << 16) & 0xFF0000;
return result;
public static long load_4(byte[] in, int index)
long result;
result = (((long) in[index + 0]) & 0xFF);
result |= ((((long) in[index + 1]) << 8) & 0xFF00);
result |= ((((long) in[index + 2]) << 16) & 0xFF0000);
result |= ((((long) in[index + 3]) << 24) & 0xFF000000L);
return result;
a[0]+256*a[1]+...+256^31*a[31] = a
b[0]+256*b[1]+...+256^31*b[31] = b
c[0]+256*c[1]+...+256^31*c[31] = c
s[0]+256*s[1]+...+256^31*s[31] = (ab+c) mod l
where l = 2^252 + 27742317777372353535851937790883648493.
public static void sc_muladd(byte[] s,byte[] a,byte[] b,byte[] c)
long a0 = 2097151 & load_3(a, 0);
long a1 = 2097151 & (load_4(a, 2) >>> 5);
long a2 = 2097151 & (load_3(a, 5) >>> 2);
long a3 = 2097151 & (load_4(a, 7) >>> 7);
long a4 = 2097151 & (load_4(a, 10) >>> 4);
long a5 = 2097151 & (load_3(a, 13) >>> 1);
long a6 = 2097151 & (load_4(a, 15) >>> 6);
long a7 = 2097151 & (load_3(a, 18) >>> 3);
long a8 = 2097151 & load_3(a, 21);
long a9 = 2097151 & (load_4(a, 23) >>> 5);
long a10 = 2097151 & (load_3(a, 26) >>> 2);
long a11 = (load_4(a, 28) >>> 7);
long b0 = 2097151 & load_3(b, 0);
long b1 = 2097151 & (load_4(b, 2) >>> 5);
long b2 = 2097151 & (load_3(b, 5) >>> 2);
long b3 = 2097151 & (load_4(b, 7) >>> 7);
long b4 = 2097151 & (load_4(b, 10) >>> 4);
long b5 = 2097151 & (load_3(b, 13) >>> 1);
long b6 = 2097151 & (load_4(b, 15) >>> 6);
long b7 = 2097151 & (load_3(b, 18) >>> 3);
long b8 = 2097151 & load_3(b, 21);
long b9 = 2097151 & (load_4(b, 23) >>> 5);
long b10 = 2097151 & (load_3(b, 26) >>> 2);
long b11 = (load_4(b, 28) >>> 7);
long c0 = 2097151 & load_3(c, 0);
long c1 = 2097151 & (load_4(c, 2) >>> 5);
long c2 = 2097151 & (load_3(c, 5) >>> 2);
long c3 = 2097151 & (load_4(c, 7) >>> 7);
long c4 = 2097151 & (load_4(c, 10) >>> 4);
long c5 = 2097151 & (load_3(c, 13) >>> 1);
long c6 = 2097151 & (load_4(c, 15) >>> 6);
long c7 = 2097151 & (load_3(c, 18) >>> 3);
long c8 = 2097151 & load_3(c, 21);
long c9 = 2097151 & (load_4(c, 23) >>> 5);
long c10 = 2097151 & (load_3(c, 26) >>> 2);
long c11 = (load_4(c, 28) >>> 7);
long s0;
long s1;
long s2;
long s3;
long s4;
long s5;
long s6;
long s7;
long s8;
long s9;
long s10;
long s11;
long s12;
long s13;
long s14;
long s15;
long s16;
long s17;
long s18;
long s19;
long s20;
long s21;
long s22;
long s23;
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
long carry10;
long carry11;
long carry12;
long carry13;
long carry14;
long carry15;
long carry16;
long carry17;
long carry18;
long carry19;
long carry20;
long carry21;
long carry22;
s0 = c0 + a0*b0;
s1 = c1 + a0*b1 + a1*b0;
s2 = c2 + a0*b2 + a1*b1 + a2*b0;
s3 = c3 + a0*b3 + a1*b2 + a2*b1 + a3*b0;
s4 = c4 + a0*b4 + a1*b3 + a2*b2 + a3*b1 + a4*b0;
s5 = c5 + a0*b5 + a1*b4 + a2*b3 + a3*b2 + a4*b1 + a5*b0;
s6 = c6 + a0*b6 + a1*b5 + a2*b4 + a3*b3 + a4*b2 + a5*b1 + a6*b0;
s7 = c7 + a0*b7 + a1*b6 + a2*b5 + a3*b4 + a4*b3 + a5*b2 + a6*b1 + a7*b0;
s8 = c8 + a0*b8 + a1*b7 + a2*b6 + a3*b5 + a4*b4 + a5*b3 + a6*b2 + a7*b1 + a8*b0;
s9 = c9 + a0*b9 + a1*b8 + a2*b7 + a3*b6 + a4*b5 + a5*b4 + a6*b3 + a7*b2 + a8*b1 + a9*b0;
s10 = c10 + a0*b10 + a1*b9 + a2*b8 + a3*b7 + a4*b6 + a5*b5 + a6*b4 + a7*b3 + a8*b2 + a9*b1 + a10*b0;
s11 = c11 + a0*b11 + a1*b10 + a2*b9 + a3*b8 + a4*b7 + a5*b6 + a6*b5 + a7*b4 + a8*b3 + a9*b2 + a10*b1 + a11*b0;
s12 = a1*b11 + a2*b10 + a3*b9 + a4*b8 + a5*b7 + a6*b6 + a7*b5 + a8*b4 + a9*b3 + a10*b2 + a11*b1;
s13 = a2*b11 + a3*b10 + a4*b9 + a5*b8 + a6*b7 + a7*b6 + a8*b5 + a9*b4 + a10*b3 + a11*b2;
s14 = a3*b11 + a4*b10 + a5*b9 + a6*b8 + a7*b7 + a8*b6 + a9*b5 + a10*b4 + a11*b3;
s15 = a4*b11 + a5*b10 + a6*b9 + a7*b8 + a8*b7 + a9*b6 + a10*b5 + a11*b4;
s16 = a5*b11 + a6*b10 + a7*b9 + a8*b8 + a9*b7 + a10*b6 + a11*b5;
s17 = a6*b11 + a7*b10 + a8*b9 + a9*b8 + a10*b7 + a11*b6;
s18 = a7*b11 + a8*b10 + a9*b9 + a10*b8 + a11*b7;
s19 = a8*b11 + a9*b10 + a10*b9 + a11*b8;
s20 = a9*b11 + a10*b10 + a11*b9;
s21 = a10*b11 + a11*b10;
s22 = a11*b11;
s23 = 0;
carry0 = (s0 + (1<<20)) >> 21; s1 += carry0; s0 -= carry0 << 21;
carry2 = (s2 + (1<<20)) >> 21; s3 += carry2; s2 -= carry2 << 21;
carry4 = (s4 + (1<<20)) >> 21; s5 += carry4; s4 -= carry4 << 21;
carry6 = (s6 + (1<<20)) >> 21; s7 += carry6; s6 -= carry6 << 21;
carry8 = (s8 + (1<<20)) >> 21; s9 += carry8; s8 -= carry8 << 21;
carry10 = (s10 + (1<<20)) >> 21; s11 += carry10; s10 -= carry10 << 21;
carry12 = (s12 + (1<<20)) >> 21; s13 += carry12; s12 -= carry12 << 21;
carry14 = (s14 + (1<<20)) >> 21; s15 += carry14; s14 -= carry14 << 21;
carry16 = (s16 + (1<<20)) >> 21; s17 += carry16; s16 -= carry16 << 21;
carry18 = (s18 + (1<<20)) >> 21; s19 += carry18; s18 -= carry18 << 21;
carry20 = (s20 + (1<<20)) >> 21; s21 += carry20; s20 -= carry20 << 21;
carry22 = (s22 + (1<<20)) >> 21; s23 += carry22; s22 -= carry22 << 21;
carry1 = (s1 + (1<<20)) >> 21; s2 += carry1; s1 -= carry1 << 21;
carry3 = (s3 + (1<<20)) >> 21; s4 += carry3; s3 -= carry3 << 21;
carry5 = (s5 + (1<<20)) >> 21; s6 += carry5; s5 -= carry5 << 21;
carry7 = (s7 + (1<<20)) >> 21; s8 += carry7; s7 -= carry7 << 21;
carry9 = (s9 + (1<<20)) >> 21; s10 += carry9; s9 -= carry9 << 21;
carry11 = (s11 + (1<<20)) >> 21; s12 += carry11; s11 -= carry11 << 21;
carry13 = (s13 + (1<<20)) >> 21; s14 += carry13; s13 -= carry13 << 21;
carry15 = (s15 + (1<<20)) >> 21; s16 += carry15; s15 -= carry15 << 21;
carry17 = (s17 + (1<<20)) >> 21; s18 += carry17; s17 -= carry17 << 21;
carry19 = (s19 + (1<<20)) >> 21; s20 += carry19; s19 -= carry19 << 21;
carry21 = (s21 + (1<<20)) >> 21; s22 += carry21; s21 -= carry21 << 21;
s11 += s23 * 666643;
s12 += s23 * 470296;
s13 += s23 * 654183;
s14 -= s23 * 997805;
s15 += s23 * 136657;
s16 -= s23 * 683901;
s23 = 0;
s10 += s22 * 666643;
s11 += s22 * 470296;
s12 += s22 * 654183;
s13 -= s22 * 997805;
s14 += s22 * 136657;
s15 -= s22 * 683901;
s22 = 0;
s9 += s21 * 666643;
s10 += s21 * 470296;
s11 += s21 * 654183;
s12 -= s21 * 997805;
s13 += s21 * 136657;
s14 -= s21 * 683901;
s21 = 0;
s8 += s20 * 666643;
s9 += s20 * 470296;
s10 += s20 * 654183;
s11 -= s20 * 997805;
s12 += s20 * 136657;
s13 -= s20 * 683901;
s20 = 0;
s7 += s19 * 666643;
s8 += s19 * 470296;
s9 += s19 * 654183;
s10 -= s19 * 997805;
s11 += s19 * 136657;
s12 -= s19 * 683901;
s19 = 0;
s6 += s18 * 666643;
s7 += s18 * 470296;
s8 += s18 * 654183;
s9 -= s18 * 997805;
s10 += s18 * 136657;
s11 -= s18 * 683901;
s18 = 0;
carry6 = (s6 + (1<<20)) >> 21; s7 += carry6; s6 -= carry6 << 21;
carry8 = (s8 + (1<<20)) >> 21; s9 += carry8; s8 -= carry8 << 21;
carry10 = (s10 + (1<<20)) >> 21; s11 += carry10; s10 -= carry10 << 21;
carry12 = (s12 + (1<<20)) >> 21; s13 += carry12; s12 -= carry12 << 21;
carry14 = (s14 + (1<<20)) >> 21; s15 += carry14; s14 -= carry14 << 21;
carry16 = (s16 + (1<<20)) >> 21; s17 += carry16; s16 -= carry16 << 21;
carry7 = (s7 + (1<<20)) >> 21; s8 += carry7; s7 -= carry7 << 21;
carry9 = (s9 + (1<<20)) >> 21; s10 += carry9; s9 -= carry9 << 21;
carry11 = (s11 + (1<<20)) >> 21; s12 += carry11; s11 -= carry11 << 21;
carry13 = (s13 + (1<<20)) >> 21; s14 += carry13; s13 -= carry13 << 21;
carry15 = (s15 + (1<<20)) >> 21; s16 += carry15; s15 -= carry15 << 21;
s5 += s17 * 666643;
s6 += s17 * 470296;
s7 += s17 * 654183;
s8 -= s17 * 997805;
s9 += s17 * 136657;
s10 -= s17 * 683901;
s17 = 0;
s4 += s16 * 666643;
s5 += s16 * 470296;
s6 += s16 * 654183;
s7 -= s16 * 997805;
s8 += s16 * 136657;
s9 -= s16 * 683901;
s16 = 0;
s3 += s15 * 666643;
s4 += s15 * 470296;
s5 += s15 * 654183;
s6 -= s15 * 997805;
s7 += s15 * 136657;
s8 -= s15 * 683901;
s15 = 0;
s2 += s14 * 666643;
s3 += s14 * 470296;
s4 += s14 * 654183;
s5 -= s14 * 997805;
s6 += s14 * 136657;
s7 -= s14 * 683901;
s14 = 0;
s1 += s13 * 666643;
s2 += s13 * 470296;
s3 += s13 * 654183;
s4 -= s13 * 997805;
s5 += s13 * 136657;
s6 -= s13 * 683901;
s13 = 0;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = (s0 + (1<<20)) >> 21; s1 += carry0; s0 -= carry0 << 21;
carry2 = (s2 + (1<<20)) >> 21; s3 += carry2; s2 -= carry2 << 21;
carry4 = (s4 + (1<<20)) >> 21; s5 += carry4; s4 -= carry4 << 21;
carry6 = (s6 + (1<<20)) >> 21; s7 += carry6; s6 -= carry6 << 21;
carry8 = (s8 + (1<<20)) >> 21; s9 += carry8; s8 -= carry8 << 21;
carry10 = (s10 + (1<<20)) >> 21; s11 += carry10; s10 -= carry10 << 21;
carry1 = (s1 + (1<<20)) >> 21; s2 += carry1; s1 -= carry1 << 21;
carry3 = (s3 + (1<<20)) >> 21; s4 += carry3; s3 -= carry3 << 21;
carry5 = (s5 + (1<<20)) >> 21; s6 += carry5; s5 -= carry5 << 21;
carry7 = (s7 + (1<<20)) >> 21; s8 += carry7; s7 -= carry7 << 21;
carry9 = (s9 + (1<<20)) >> 21; s10 += carry9; s9 -= carry9 << 21;
carry11 = (s11 + (1<<20)) >> 21; s12 += carry11; s11 -= carry11 << 21;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = s0 >> 21; s1 += carry0; s0 -= carry0 << 21;
carry1 = s1 >> 21; s2 += carry1; s1 -= carry1 << 21;
carry2 = s2 >> 21; s3 += carry2; s2 -= carry2 << 21;
carry3 = s3 >> 21; s4 += carry3; s3 -= carry3 << 21;
carry4 = s4 >> 21; s5 += carry4; s4 -= carry4 << 21;
carry5 = s5 >> 21; s6 += carry5; s5 -= carry5 << 21;
carry6 = s6 >> 21; s7 += carry6; s6 -= carry6 << 21;
carry7 = s7 >> 21; s8 += carry7; s7 -= carry7 << 21;
carry8 = s8 >> 21; s9 += carry8; s8 -= carry8 << 21;
carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21;
carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21;
carry11 = s11 >> 21; s12 += carry11; s11 -= carry11 << 21;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = s0 >> 21; s1 += carry0; s0 -= carry0 << 21;
carry1 = s1 >> 21; s2 += carry1; s1 -= carry1 << 21;
carry2 = s2 >> 21; s3 += carry2; s2 -= carry2 << 21;
carry3 = s3 >> 21; s4 += carry3; s3 -= carry3 << 21;
carry4 = s4 >> 21; s5 += carry4; s4 -= carry4 << 21;
carry5 = s5 >> 21; s6 += carry5; s5 -= carry5 << 21;
carry6 = s6 >> 21; s7 += carry6; s6 -= carry6 << 21;
carry7 = s7 >> 21; s8 += carry7; s7 -= carry7 << 21;
carry8 = s8 >> 21; s9 += carry8; s8 -= carry8 << 21;
carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21;
carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21;
s[0] = (byte)(s0 >> 0);
s[1] = (byte)(s0 >> 8);
s[2] = (byte)((s0 >> 16) | (s1 << 5));
s[3] = (byte)(s1 >> 3);
s[4] = (byte)(s1 >> 11);
s[5] = (byte)((s1 >> 19) | (s2 << 2));
s[6] = (byte)(s2 >> 6);
s[7] = (byte)((s2 >> 14) | (s3 << 7));
s[8] = (byte)(s3 >> 1);
s[9] = (byte)(s3 >> 9);
s[10] = (byte)((s3 >> 17) | (s4 << 4));
s[11] = (byte)(s4 >> 4);
s[12] = (byte)(s4 >> 12);
s[13] = (byte)((s4 >> 20) | (s5 << 1));
s[14] = (byte)(s5 >> 7);
s[15] = (byte)((s5 >> 15) | (s6 << 6));
s[16] = (byte)(s6 >> 2);
s[17] = (byte)(s6 >> 10);
s[18] = (byte)((s6 >> 18) | (s7 << 3));
s[19] = (byte)(s7 >> 5);
s[20] = (byte)(s7 >> 13);
s[21] = (byte)(s8 >> 0);
s[22] = (byte)(s8 >> 8);
s[23] = (byte)((s8 >> 16) | (s9 << 5));
s[24] = (byte)(s9 >> 3);
s[25] = (byte)(s9 >> 11);
s[26] = (byte)((s9 >> 19) | (s10 << 2));
s[27] = (byte)(s10 >> 6);
s[28] = (byte)((s10 >> 14) | (s11 << 7));
s[29] = (byte)(s11 >> 1);
s[30] = (byte)(s11 >> 9);
s[31] = (byte)(s11 >> 17);
Normal file
Normal file
@ -0,0 +1,282 @@
package org.whispersystems.curve25519.java;
public class sc_reduce {
//CONVERT #include "sc.h"
//CONVERT #include "long.h"
//CONVERT #include "crypto_uint32.h"
//CONVERT #include "long.h"
public static long load_3(byte[] in, int index)
long result;
result = ((long) in[index + 0]) & 0xFF;
result |= (((long) in[index + 1]) << 8) & 0xFF00;
result |= (((long) in[index + 2]) << 16) & 0xFF0000;
return result;
public static long load_4(byte[] in, int index)
long result;
result = (((long) in[index + 0]) & 0xFF);
result |= ((((long) in[index + 1]) << 8) & 0xFF00);
result |= ((((long) in[index + 2]) << 16) & 0xFF0000);
result |= ((((long) in[index + 3]) << 24) & 0xFF000000L);
return result;
s[0]+256*s[1]+...+256^63*s[63] = s
s[0]+256*s[1]+...+256^31*s[31] = s mod l
where l = 2^252 + 27742317777372353535851937790883648493.
Overwrites s in place.
public static void sc_reduce(byte[] s)
long s0 = 2097151 & load_3(s, 0);
long s1 = 2097151 & (load_4(s, 2) >>> 5);
long s2 = 2097151 & (load_3(s, 5) >>> 2);
long s3 = 2097151 & (load_4(s, 7) >>> 7);
long s4 = 2097151 & (load_4(s, 10) >>> 4);
long s5 = 2097151 & (load_3(s, 13) >>> 1);
long s6 = 2097151 & (load_4(s, 15) >>> 6);
long s7 = 2097151 & (load_3(s, 18) >>> 3);
long s8 = 2097151 & load_3(s, 21);
long s9 = 2097151 & (load_4(s, 23) >>> 5);
long s10 = 2097151 & (load_3(s, 26) >>> 2);
long s11 = 2097151 & (load_4(s, 28) >>> 7);
long s12 = 2097151 & (load_4(s, 31) >>> 4);
long s13 = 2097151 & (load_3(s, 34) >>> 1);
long s14 = 2097151 & (load_4(s, 36) >>> 6);
long s15 = 2097151 & (load_3(s, 39) >>> 3);
long s16 = 2097151 & load_3(s, 42);
long s17 = 2097151 & (load_4(s, 44) >>> 5);
long s18 = 2097151 & (load_3(s, 47) >>> 2);
long s19 = 2097151 & (load_4(s, 49) >>> 7);
long s20 = 2097151 & (load_4(s, 52) >>> 4);
long s21 = 2097151 & (load_3(s, 55) >>> 1);
long s22 = 2097151 & (load_4(s, 57) >>> 6);
long s23 = (load_4(s, 60) >>> 3);
long carry0;
long carry1;
long carry2;
long carry3;
long carry4;
long carry5;
long carry6;
long carry7;
long carry8;
long carry9;
long carry10;
long carry11;
long carry12;
long carry13;
long carry14;
long carry15;
long carry16;
s11 += s23 * 666643;
s12 += s23 * 470296;
s13 += s23 * 654183;
s14 -= s23 * 997805;
s15 += s23 * 136657;
s16 -= s23 * 683901;
s23 = 0;
s10 += s22 * 666643;
s11 += s22 * 470296;
s12 += s22 * 654183;
s13 -= s22 * 997805;
s14 += s22 * 136657;
s15 -= s22 * 683901;
s22 = 0;
s9 += s21 * 666643;
s10 += s21 * 470296;
s11 += s21 * 654183;
s12 -= s21 * 997805;
s13 += s21 * 136657;
s14 -= s21 * 683901;
s21 = 0;
s8 += s20 * 666643;
s9 += s20 * 470296;
s10 += s20 * 654183;
s11 -= s20 * 997805;
s12 += s20 * 136657;
s13 -= s20 * 683901;
s20 = 0;
s7 += s19 * 666643;
s8 += s19 * 470296;
s9 += s19 * 654183;
s10 -= s19 * 997805;
s11 += s19 * 136657;
s12 -= s19 * 683901;
s19 = 0;
s6 += s18 * 666643;
s7 += s18 * 470296;
s8 += s18 * 654183;
s9 -= s18 * 997805;
s10 += s18 * 136657;
s11 -= s18 * 683901;
s18 = 0;
carry6 = (s6 + (1<<20)) >> 21; s7 += carry6; s6 -= carry6 << 21;
carry8 = (s8 + (1<<20)) >> 21; s9 += carry8; s8 -= carry8 << 21;
carry10 = (s10 + (1<<20)) >> 21; s11 += carry10; s10 -= carry10 << 21;
carry12 = (s12 + (1<<20)) >> 21; s13 += carry12; s12 -= carry12 << 21;
carry14 = (s14 + (1<<20)) >> 21; s15 += carry14; s14 -= carry14 << 21;
carry16 = (s16 + (1<<20)) >> 21; s17 += carry16; s16 -= carry16 << 21;
carry7 = (s7 + (1<<20)) >> 21; s8 += carry7; s7 -= carry7 << 21;
carry9 = (s9 + (1<<20)) >> 21; s10 += carry9; s9 -= carry9 << 21;
carry11 = (s11 + (1<<20)) >> 21; s12 += carry11; s11 -= carry11 << 21;
carry13 = (s13 + (1<<20)) >> 21; s14 += carry13; s13 -= carry13 << 21;
carry15 = (s15 + (1<<20)) >> 21; s16 += carry15; s15 -= carry15 << 21;
s5 += s17 * 666643;
s6 += s17 * 470296;
s7 += s17 * 654183;
s8 -= s17 * 997805;
s9 += s17 * 136657;
s10 -= s17 * 683901;
s17 = 0;
s4 += s16 * 666643;
s5 += s16 * 470296;
s6 += s16 * 654183;
s7 -= s16 * 997805;
s8 += s16 * 136657;
s9 -= s16 * 683901;
s16 = 0;
s3 += s15 * 666643;
s4 += s15 * 470296;
s5 += s15 * 654183;
s6 -= s15 * 997805;
s7 += s15 * 136657;
s8 -= s15 * 683901;
s15 = 0;
s2 += s14 * 666643;
s3 += s14 * 470296;
s4 += s14 * 654183;
s5 -= s14 * 997805;
s6 += s14 * 136657;
s7 -= s14 * 683901;
s14 = 0;
s1 += s13 * 666643;
s2 += s13 * 470296;
s3 += s13 * 654183;
s4 -= s13 * 997805;
s5 += s13 * 136657;
s6 -= s13 * 683901;
s13 = 0;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = (s0 + (1<<20)) >> 21; s1 += carry0; s0 -= carry0 << 21;
carry2 = (s2 + (1<<20)) >> 21; s3 += carry2; s2 -= carry2 << 21;
carry4 = (s4 + (1<<20)) >> 21; s5 += carry4; s4 -= carry4 << 21;
carry6 = (s6 + (1<<20)) >> 21; s7 += carry6; s6 -= carry6 << 21;
carry8 = (s8 + (1<<20)) >> 21; s9 += carry8; s8 -= carry8 << 21;
carry10 = (s10 + (1<<20)) >> 21; s11 += carry10; s10 -= carry10 << 21;
carry1 = (s1 + (1<<20)) >> 21; s2 += carry1; s1 -= carry1 << 21;
carry3 = (s3 + (1<<20)) >> 21; s4 += carry3; s3 -= carry3 << 21;
carry5 = (s5 + (1<<20)) >> 21; s6 += carry5; s5 -= carry5 << 21;
carry7 = (s7 + (1<<20)) >> 21; s8 += carry7; s7 -= carry7 << 21;
carry9 = (s9 + (1<<20)) >> 21; s10 += carry9; s9 -= carry9 << 21;
carry11 = (s11 + (1<<20)) >> 21; s12 += carry11; s11 -= carry11 << 21;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = s0 >> 21; s1 += carry0; s0 -= carry0 << 21;
carry1 = s1 >> 21; s2 += carry1; s1 -= carry1 << 21;
carry2 = s2 >> 21; s3 += carry2; s2 -= carry2 << 21;
carry3 = s3 >> 21; s4 += carry3; s3 -= carry3 << 21;
carry4 = s4 >> 21; s5 += carry4; s4 -= carry4 << 21;
carry5 = s5 >> 21; s6 += carry5; s5 -= carry5 << 21;
carry6 = s6 >> 21; s7 += carry6; s6 -= carry6 << 21;
carry7 = s7 >> 21; s8 += carry7; s7 -= carry7 << 21;
carry8 = s8 >> 21; s9 += carry8; s8 -= carry8 << 21;
carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21;
carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21;
carry11 = s11 >> 21; s12 += carry11; s11 -= carry11 << 21;
s0 += s12 * 666643;
s1 += s12 * 470296;
s2 += s12 * 654183;
s3 -= s12 * 997805;
s4 += s12 * 136657;
s5 -= s12 * 683901;
s12 = 0;
carry0 = s0 >> 21; s1 += carry0; s0 -= carry0 << 21;
carry1 = s1 >> 21; s2 += carry1; s1 -= carry1 << 21;
carry2 = s2 >> 21; s3 += carry2; s2 -= carry2 << 21;
carry3 = s3 >> 21; s4 += carry3; s3 -= carry3 << 21;
carry4 = s4 >> 21; s5 += carry4; s4 -= carry4 << 21;
carry5 = s5 >> 21; s6 += carry5; s5 -= carry5 << 21;
carry6 = s6 >> 21; s7 += carry6; s6 -= carry6 << 21;
carry7 = s7 >> 21; s8 += carry7; s7 -= carry7 << 21;
carry8 = s8 >> 21; s9 += carry8; s8 -= carry8 << 21;
carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21;
carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21;
s[0] = (byte)(s0 >> 0);
s[1] = (byte)(s0 >> 8);
s[2] = (byte)((s0 >> 16) | (s1 << 5));
s[3] = (byte)(s1 >> 3);
s[4] = (byte)(s1 >> 11);
s[5] = (byte)((s1 >> 19) | (s2 << 2));
s[6] = (byte)(s2 >> 6);
s[7] = (byte)((s2 >> 14) | (s3 << 7));
s[8] = (byte)(s3 >> 1);
s[9] = (byte)(s3 >> 9);
s[10] = (byte)((s3 >> 17) | (s4 << 4));
s[11] = (byte)(s4 >> 4);
s[12] = (byte)(s4 >> 12);
s[13] = (byte)((s4 >> 20) | (s5 << 1));
s[14] = (byte)(s5 >> 7);
s[15] = (byte)((s5 >> 15) | (s6 << 6));
s[16] = (byte)(s6 >> 2);
s[17] = (byte)(s6 >> 10);
s[18] = (byte)((s6 >> 18) | (s7 << 3));
s[19] = (byte)(s7 >> 5);
s[20] = (byte)(s7 >> 13);
s[21] = (byte)(s8 >> 0);
s[22] = (byte)(s8 >> 8);
s[23] = (byte)((s8 >> 16) | (s9 << 5));
s[24] = (byte)(s9 >> 3);
s[25] = (byte)(s9 >> 11);
s[26] = (byte)((s9 >> 19) | (s10 << 2));
s[27] = (byte)(s10 >> 6);
s[28] = (byte)((s10 >> 14) | (s11 << 7));
s[29] = (byte)(s11 >> 1);
s[30] = (byte)(s11 >> 9);
s[31] = (byte)(s11 >> 17);
Normal file
Normal file
@ -0,0 +1,195 @@
package org.whispersystems.curve25519.java;
public class scalarmult {
//CONVERT #include "crypto_scalarmult.h"
//CONVERT #include "fe.h"
public static int crypto_scalarmult(byte[] q,
byte[] n,
byte[] p)
byte[] e = new byte[32];
int i;
int[] x1 = new int[10];
int[] x2 = new int[10];
int[] z2 = new int[10];
int[] x3 = new int[10];
int[] z3 = new int[10];
int[] tmp0 = new int[10];
int[] tmp1 = new int[10];
int pos;
int swap;
int b;
for (i = 0;i < 32;++i) e[i] = n[i];
// e[0] &= 248;
// e[31] &= 127;
// e[31] |= 64;
swap = 0;
for (pos = 254;pos >= 0;--pos) {
b = e[pos / 8] >>> (pos & 7);
b &= 1;
swap ^= b;
swap = b;
//CONVERT #include "montgomery.h"
/* qhasm: fe X2 */
/* qhasm: fe Z2 */
/* qhasm: fe X3 */
/* qhasm: fe Z3 */
/* qhasm: fe X4 */
/* qhasm: fe Z4 */
/* qhasm: fe X5 */
/* qhasm: fe Z5 */
/* qhasm: fe A */
/* qhasm: fe B */
/* qhasm: fe C */
/* qhasm: fe D */
/* qhasm: fe E */
/* qhasm: fe AA */
/* qhasm: fe BB */
/* qhasm: fe DA */
/* qhasm: fe CB */
/* qhasm: fe t0 */
/* qhasm: fe t1 */
/* qhasm: fe t2 */
/* qhasm: fe t3 */
/* qhasm: fe t4 */
/* qhasm: enter ladder */
/* qhasm: D = X3-Z3 */
/* asm 1: fe_sub.fe_sub(>D=fe#5,<X3=fe#3,<Z3=fe#4); */
/* asm 2: fe_sub.fe_sub(>D=tmp0,<X3=x3,<Z3=z3); */
/* qhasm: B = X2-Z2 */
/* asm 1: fe_sub.fe_sub(>B=fe#6,<X2=fe#1,<Z2=fe#2); */
/* asm 2: fe_sub.fe_sub(>B=tmp1,<X2=x2,<Z2=z2); */
/* qhasm: A = X2+Z2 */
/* asm 1: fe_add.fe_add(>A=fe#1,<X2=fe#1,<Z2=fe#2); */
/* asm 2: fe_add.fe_add(>A=x2,<X2=x2,<Z2=z2); */
/* qhasm: C = X3+Z3 */
/* asm 1: fe_add.fe_add(>C=fe#2,<X3=fe#3,<Z3=fe#4); */
/* asm 2: fe_add.fe_add(>C=z2,<X3=x3,<Z3=z3); */
/* qhasm: DA = D*A */
/* asm 1: fe_mul.fe_mul(>DA=fe#4,<D=fe#5,<A=fe#1); */
/* asm 2: fe_mul.fe_mul(>DA=z3,<D=tmp0,<A=x2); */
/* qhasm: CB = C*B */
/* asm 1: fe_mul.fe_mul(>CB=fe#2,<C=fe#2,<B=fe#6); */
/* asm 2: fe_mul.fe_mul(>CB=z2,<C=z2,<B=tmp1); */
/* qhasm: BB = B^2 */
/* asm 1: fe_sq.fe_sq(>BB=fe#5,<B=fe#6); */
/* asm 2: fe_sq.fe_sq(>BB=tmp0,<B=tmp1); */
/* qhasm: AA = A^2 */
/* asm 1: fe_sq.fe_sq(>AA=fe#6,<A=fe#1); */
/* asm 2: fe_sq.fe_sq(>AA=tmp1,<A=x2); */
/* qhasm: t0 = DA+CB */
/* asm 1: fe_add.fe_add(>t0=fe#3,<DA=fe#4,<CB=fe#2); */
/* asm 2: fe_add.fe_add(>t0=x3,<DA=z3,<CB=z2); */
/* qhasm: assign x3 to t0 */
/* qhasm: t1 = DA-CB */
/* asm 1: fe_sub.fe_sub(>t1=fe#2,<DA=fe#4,<CB=fe#2); */
/* asm 2: fe_sub.fe_sub(>t1=z2,<DA=z3,<CB=z2); */
/* qhasm: X4 = AA*BB */
/* asm 1: fe_mul.fe_mul(>X4=fe#1,<AA=fe#6,<BB=fe#5); */
/* asm 2: fe_mul.fe_mul(>X4=x2,<AA=tmp1,<BB=tmp0); */
/* qhasm: E = AA-BB */
/* asm 1: fe_sub.fe_sub(>E=fe#6,<AA=fe#6,<BB=fe#5); */
/* asm 2: fe_sub.fe_sub(>E=tmp1,<AA=tmp1,<BB=tmp0); */
/* qhasm: t2 = t1^2 */
/* asm 1: fe_sq.fe_sq(>t2=fe#2,<t1=fe#2); */
/* asm 2: fe_sq.fe_sq(>t2=z2,<t1=z2); */
/* qhasm: t3 = a24*E */
/* asm 1: fe_mul121666(>t3=fe#4,<E=fe#6); */
/* asm 2: fe_mul121666(>t3=z3,<E=tmp1); */
/* qhasm: X5 = t0^2 */
/* asm 1: fe_sq.fe_sq(>X5=fe#3,<t0=fe#3); */
/* asm 2: fe_sq.fe_sq(>X5=x3,<t0=x3); */
/* qhasm: t4 = BB+t3 */
/* asm 1: fe_add.fe_add(>t4=fe#5,<BB=fe#5,<t3=fe#4); */
/* asm 2: fe_add.fe_add(>t4=tmp0,<BB=tmp0,<t3=z3); */
/* qhasm: Z5 = X1*t2 */
/* asm 1: fe_mul.fe_mul(>Z5=fe#4,x1,<t2=fe#2); */
/* asm 2: fe_mul.fe_mul(>Z5=z3,x1,<t2=z2); */
/* qhasm: Z4 = E*t4 */
/* asm 1: fe_mul.fe_mul(>Z4=fe#2,<E=fe#6,<t4=fe#5); */
/* asm 2: fe_mul.fe_mul(>Z4=z2,<E=tmp1,<t4=tmp0); */
/* qhasm: return */
return 0;
Normal file
Normal file
@ -0,0 +1,57 @@
package org.whispersystems.curve25519.java;
public class sign_modified {
//CONVERT #include <string.h>
//CONVERT #include "crypto_sign.h"
//CONVERT #include "crypto_hash_sha512.h"
//CONVERT #include "ge.h"
//CONVERT #include "sc.h"
//CONVERT #include "zeroize.h"
/* NEW: Compare to pristine crypto_sign()
Uses explicit private key for nonce derivation and as scalar,
instead of deriving both from a master key.
static int crypto_sign_modified (
Sha512 sha512provider,
byte[] sm,
byte[] m, long mlen,
byte[] sk, byte[] pk,
byte[] random
byte[] nonce = new byte[64];
byte[] hram = new byte[64];
ge_p3 R = new ge_p3();
int count=0;
System.arraycopy(m, 0, sm, 64, (int)mlen);
System.arraycopy(sk, 0, sm, 32, 32);
/* NEW : add prefix to separate hash uses - see .h */
sm[0] = (byte)0xFE;
for (count = 1; count < 32; count++)
sm[count] = (byte)0xFF;
/* NEW: add suffix of random data */
System.arraycopy(random, 0, sm, (int)(mlen + 64), 64);
sha512provider.calculateDigest(nonce,sm,mlen + 128);
System.arraycopy(pk, 0, sm, 32, 32);
sha512provider.calculateDigest(hram,sm,mlen + 64);
byte[] S = new byte[32];
sc_muladd.sc_muladd(S,hram,sk,nonce); /* NEW: Use privkey directly */
System.arraycopy(S, 0, sm, 32, 32);
return 0;
Normal file
Normal file
@ -0,0 +1,35 @@
package qora.account;
public class Account {
public static final int ADDRESS_LENGTH = 25;
protected String address;
protected Account() {
public Account(String address) {
this.address = address;
public String getAddress() {
return address;
public int hashCode() {
return this.getAddress().hashCode();
public boolean equals(Object b) {
if (!(b instanceof Account))
return false;
return this.getAddress().equals(((Account) b).getAddress());
Normal file
Normal file
@ -0,0 +1,9 @@
package qora.account;
public final class GenesisAccount extends PublicKeyAccount {
public GenesisAccount() {
super(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1 });
Normal file
Normal file
@ -0,0 +1,30 @@
package qora.account;
import qora.crypto.Crypto;
import utils.Pair;
public class PrivateKeyAccount extends PublicKeyAccount {
private byte[] seed;
private Pair<byte[], byte[]> keyPair;
public PrivateKeyAccount(byte[] seed) {
this.seed = seed;
this.keyPair = Crypto.createKeyPair(seed);
this.publicKey = keyPair.getB();
this.address = Crypto.toAddress(this.publicKey);
public byte[] getSeed() {
return this.seed;
public byte[] getPrivateKey() {
return this.keyPair.getA();
public Pair<byte[], byte[]> getKeyPair() {
return this.keyPair;
Normal file
Normal file
@ -0,0 +1,21 @@
package qora.account;
import qora.crypto.Crypto;
public class PublicKeyAccount extends Account {
protected byte[] publicKey;
public PublicKeyAccount(byte[] publicKey) {
this.publicKey = publicKey;
this.address = Crypto.toAddress(this.publicKey);
protected PublicKeyAccount() {
public byte[] getPublicKey() {
return publicKey;
Normal file
Normal file
@ -0,0 +1,234 @@
package qora.block;
import java.math.BigDecimal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.json.simple.JSONObject;
import com.google.common.primitives.Bytes;
import database.DB;
import qora.account.PrivateKeyAccount;
import qora.account.PublicKeyAccount;
import qora.crypto.Crypto;
import qora.transaction.Transaction;
* Typical use-case scenarios:
* 1. Loading a Block from the database using height, signature, reference, etc.
* 2. Generating a new block, adding unconfirmed transactions
* 3. Receiving a block from another node
* Transaction count, transactions signature and total fees need to be maintained by Block.
* In scenario (1) these can be found in database.
* In scenarios (2) and (3) Transactions are added to the Block via addTransaction() method.
* Also in scenarios (2) and (3), Block is responsible for saving Transactions to DB.
* When is height set?
* In scenario (1) this can be found in database.
* In scenarios (2) and (3) this will need to be set after successful processing,
* but before Block is saved into database.
* GenerationSignature's data is: reference + generationTarget + generator's public key
* TransactionSignature's data is: generationSignature + transaction signatures
* Block signature is: generationSignature + transactionsSignature
public class Block {
// Validation results
public static final int VALIDATE_OK = 1;
// Database properties shared with all block types
protected int version;
protected byte[] reference;
protected int transactionCount;
protected BigDecimal totalFees;
protected byte[] transactionsSignature;
protected int height;
protected long timestamp;
protected BigDecimal generationTarget;
protected String generator;
protected byte[] generationSignature;
protected byte[] atBytes;
protected BigDecimal atFees;
// Property lengths for serialisation
protected static final int VERSION_LENGTH = 4;
protected static final int REFERENCE_LENGTH = 64;
protected static final int TIMESTAMP_LENGTH = 8;
protected static final int GENERATION_TARGET_LENGTH = 8;
protected static final int GENERATOR_LENGTH = 32;
protected static final int TRANSACTIONS_SIGNATURE_LENGTH = 64;
protected static final int GENERATION_SIGNATURE_LENGTH = 64;
protected static final int TRANSACTION_COUNT_LENGTH = 8;
// Other length constants
public static final int MAX_BLOCK_BYTES = 1048576;
protected static final int TRANSACTION_SIZE_LENGTH = 4;
protected static final int AT_BYTES_LENGTH = 4;
protected static final int AT_FEES_LENGTH = 8;
protected static final int AT_LENGTH = AT_FEES_LENGTH + AT_BYTES_LENGTH;
// Constructors
protected Block(int version, byte[] reference, long timestamp, BigDecimal generationTarget, String generator, byte[] generationSignature, byte[] atBytes,
BigDecimal atFees) {
this.version = version;
this.reference = reference;
this.timestamp = timestamp;
this.generationTarget = generationTarget;
this.generator = generator;
this.generationSignature = generationSignature;
this.transactionCount = 0;
this.transactionsSignature = null;
this.totalFees = null;
this.atBytes = atBytes;
this.atFees = atFees;
// Getters/setters
public int getVersion() {
return this.version;
public byte[] getReference() {
return this.reference;
public long getTimestamp() {
return this.timestamp;
public BigDecimal getGenerationTarget() {
return this.generationTarget;
public String getGenerator() {
return this.generator;
public byte[] getGenerationSignature() {
return this.generationSignature;
public byte[] getTransactionsSignature() {
return this.transactionsSignature;
public BigDecimal getTotalFees() {
return null;
public int getTransactionCount() {
return this.transactionCount;
public byte[] getATBytes() {
return this.atBytes;
public BigDecimal getATFees() {
return this.atFees;
// More information
public byte[] getSignature() {
if (this.generationSignature == null || this.transactionsSignature == null)
return null;
return Bytes.concat(this.generationSignature, this.transactionsSignature);
public int getDataLength() {
return 0;
// Load/Save
protected Block(Connection connection, byte[] signature) throws SQLException {
ResultSet rs = DB.executeUsingBytes(connection,
"SELECT version, reference, transaction_count, total_fees, "
+ "transactions_signature, height, generation, generation_target, generator, generation_signature, "
+ "AT_data, AT_fees FROM Blocks WHERE signature = ?",
this.version = rs.getInt(1);
this.reference = DB.getResultSetBytes(rs.getBinaryStream(2), REFERENCE_LENGTH);
this.transactionCount = rs.getInt(3);
this.totalFees = rs.getBigDecimal(4);
this.transactionsSignature = DB.getResultSetBytes(rs.getBinaryStream(5), TRANSACTIONS_SIGNATURE_LENGTH);
this.height = rs.getInt(6);
this.timestamp = rs.getTimestamp(7).getTime();
this.generationTarget = rs.getBigDecimal(8);
this.generator = rs.getString(9);
this.generationSignature = DB.getResultSetBytes(rs.getBinaryStream(10), GENERATION_SIGNATURE_LENGTH);
this.atBytes = DB.getResultSetBytes(rs.getBinaryStream(11));
this.atFees = rs.getBigDecimal(12);
protected void save(Connection connection) throws SQLException {
String sql = DB.formatInsertWithPlaceholders("Blocks", "version", "reference", "transaction_count", "total_fees", "transactions_signature", "height",
"generation", "generation_target", "generator", "generation_signature", "AT_data", "AT_fees");
PreparedStatement preparedStatement = connection.prepareStatement(sql);
DB.bindInsertPlaceholders(preparedStatement, this.version, this.reference, this.transactionCount, this.totalFees, this.transactionsSignature,
this.height, this.timestamp, this.generationTarget, this.generator, this.generationSignature, this.atBytes, this.atFees);
// Save transactions
// Save transaction-block mappings
// Navigation
// Converters
public JSONObject toJSON() {
return null;
public byte[] toBytes() {
return null;
// Processing
public boolean addTransaction(Transaction transaction) {
// Check there is space in block
// Add to block
// Update transaction count
// Update transactions signature
return false; // no room
public byte[] calcSignature(PrivateKeyAccount signer) {
byte[] bytes = this.toBytes();
return Crypto.sign(signer, bytes);
public boolean isSignatureValid(PublicKeyAccount signer) {
return false;
public int isValid() {
public void process() {
public void orphan() {
Normal file
Normal file
@ -0,0 +1,329 @@
package qora.crypto;
* <p>
* DO NOT USE in future code as this implementation is BROKEN and returns incorrect digests for some inputs.
* <p>
* It is only "grand-fathered" here to produce correct QORA addresses.
public class BrokenMD160 {
private static final int[][] ArgArray = {
{ 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8, 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12, 11, 13, 6, 7, 14, 9, 13, 15, 14,
8, 13, 6, 5, 12, 7, 5, 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12, 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 },
{ 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6, 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11, 9, 7, 15, 11, 8, 6, 6, 14, 12, 13,
5, 14, 13, 13, 7, 5, 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8, 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 } };
private static final int[][] IndexArray = {
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8, 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6,
13, 11, 5, 12, 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2, 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 },
{ 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2, 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12,
2, 10, 0, 4, 13, 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14, 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 } };
private int[] MDbuf;
public BrokenMD160() {
MDbuf = new int[5];
MDbuf[0] = 0x67452301;
MDbuf[1] = 0xefcdab89;
MDbuf[2] = 0x98badcfe;
MDbuf[3] = 0x10325476;
MDbuf[4] = 0xc3d2e1f0;
working = new int[16];
working_ptr = 0;
msglen = 0;
public void reset() {
MDbuf = new int[5];
MDbuf[0] = 0x67452301;
MDbuf[1] = 0xefcdab89;
MDbuf[2] = 0x98badcfe;
MDbuf[3] = 0x10325476;
MDbuf[4] = 0xc3d2e1f0;
working = new int[16];
working_ptr = 0;
msglen = 0;
private void compress(int[] X) {
int index = 0;
int a, b, c, d, e;
int A, B, C, D, E;
int temp, s;
A = a = MDbuf[0];
B = b = MDbuf[1];
C = c = MDbuf[2];
D = d = MDbuf[3];
E = e = MDbuf[4];
for (; index < 16; index++) {
// The 16 FF functions - round 1 */
temp = a + (b ^ c ^ d) + X[IndexArray[0][index]];
a = e;
e = d;
d = (c << 10) | (c >>> 22);
c = b;
s = ArgArray[0][index];
b = ((temp << s) | (temp >>> (32 - s))) + a;
// The 16 JJJ functions - parallel round 1 */
temp = A + (B ^ (C | ~D)) + X[IndexArray[1][index]] + 0x50a28be6;
A = E;
E = D;
D = (C << 10) | (C >>> 22);
C = B;
s = ArgArray[1][index];
B = ((temp << s) | (temp >>> (32 - s))) + A;
for (; index < 32; index++) {
// The 16 GG functions - round 2 */
temp = a + ((b & c) | (~b & d)) + X[IndexArray[0][index]] + 0x5a827999;
a = e;
e = d;
d = (c << 10) | (c >>> 22);
c = b;
s = ArgArray[0][index];
b = ((temp << s) | (temp >>> (32 - s))) + a;
// The 16 III functions - parallel round 2 */
temp = A + ((B & D) | (C & ~D)) + X[IndexArray[1][index]] + 0x5c4dd124;
A = E;
E = D;
D = (C << 10) | (C >>> 22);
C = B;
s = ArgArray[1][index];
B = ((temp << s) | (temp >>> (32 - s))) + A;
for (; index < 48; index++) {
// The 16 HH functions - round 3 */
temp = a + ((b | ~c) ^ d) + X[IndexArray[0][index]] + 0x6ed9eba1;
a = e;
e = d;
d = (c << 10) | (c >>> 22);
c = b;
s = ArgArray[0][index];
b = ((temp << s) | (temp >>> (32 - s))) + a;
// The 16 HHH functions - parallel round 3 */
temp = A + ((B | ~C) ^ D) + X[IndexArray[1][index]] + 0x6d703ef3;
A = E;
E = D;
D = (C << 10) | (C >>> 22);
C = B;
s = ArgArray[1][index];
B = ((temp << s) | (temp >>> (32 - s))) + A;
for (; index < 64; index++) {
// The 16 II functions - round 4 */
temp = a + ((b & d) | (c & ~d)) + X[IndexArray[0][index]] + 0x8f1bbcdc;
a = e;
e = d;
d = (c << 10) | (c >>> 22);
c = b;
s = ArgArray[0][index];
b = ((temp << s) | (temp >>> (32 - s))) + a;
// The 16 GGG functions - parallel round 4 */
temp = A + ((B & C) | (~B & D)) + X[IndexArray[1][index]] + 0x7a6d76e9;
A = E;
E = D;
D = (C << 10) | (C >>> 22);
C = B;
s = ArgArray[1][index];
B = ((temp << s) | (temp >>> (32 - s))) + A;
for (; index < 80; index++) {
// The 16 JJ functions - round 5 */
temp = a + (b ^ (c | ~d)) + X[IndexArray[0][index]] + 0xa953fd4e;
a = e;
e = d;
d = (c << 10) | (c >>> 22);
c = b;
s = ArgArray[0][index];
b = ((temp << s) | (temp >>> (32 - s))) + a;
// The 16 FFF functions - parallel round 5 */
temp = A + (B ^ C ^ D) + X[IndexArray[1][index]];
A = E;
E = D;
D = (C << 10) | (C >>> 22);
C = B;
s = ArgArray[1][index];
B = ((temp << s) | (temp >>> (32 - s))) + A;
/* combine results */
D += c + MDbuf[1]; /* final result for MDbuf[0] */
MDbuf[1] = MDbuf[2] + d + E;
MDbuf[2] = MDbuf[3] + e + A;
MDbuf[3] = MDbuf[4] + a + B;
MDbuf[4] = MDbuf[0] + b + C;
MDbuf[0] = D;
private void MDfinish(int[] array, int lswlen, int mswlen) {
int[] X = array; /* message words */
/* append the bit m_n == 1 */
X[(lswlen >> 2) & 15] ^= 1 << (((lswlen & 3) << 3) + 7);
if ((lswlen & 63) > 55) {
/* length goes to next block */
for (int i = 0; i < 14; i++) {
X[i] = 0;
/* append length in bits */
X[14] = lswlen << 3;
X[15] = (lswlen >> 29) | (mswlen << 3);
private int[] working;
private int working_ptr;
private int msglen;
public void update(byte input) {
working[working_ptr >> 2] ^= ((int) input) << ((working_ptr & 3) << 3);
if (working_ptr == 64) {
for (int j = 0; j < 16; j++) {
working[j] = 0;
working_ptr = 0;
public void update(byte[] input) {
for (int i = 0; i < input.length; i++) {
working[working_ptr >> 2] ^= ((int) input[i]) << ((working_ptr & 3) << 3);
if (working_ptr == 64) {
for (int j = 0; j < 16; j++) {
working[j] = 0;
working_ptr = 0;
msglen += input.length;
public void update(byte[] input, int offset, int len) {
if (offset + len >= input.length) {
for (int i = offset; i < input.length; i++) {
working[working_ptr >> 2] ^= ((int) input[i]) << ((working_ptr & 3) << 3);
if (working_ptr == 64) {
for (int j = 0; j < 16; j++) {
working[j] = 0;
working_ptr = 0;
msglen += input.length - offset;
} else {
for (int i = offset; i < offset + len; i++) {
working[working_ptr >> 2] ^= ((int) input[i]) << ((working_ptr & 3) << 3);
if (working_ptr == 64) {
for (int j = 0; j < 16; j++) {
working[j] = 0;
working_ptr = 0;
msglen += len;
public void update(String s) {
byte[] bytearray = new byte[s.length()];
for (int i = 0; i < bytearray.length; i++) {
bytearray[i] = (byte) s.charAt(i);
public byte[] digestBin() {
MDfinish(working, msglen, 0);
byte[] res = new byte[20];
for (int i = 0; i < 20; i++) {
res[i] = (byte) ((MDbuf[i >> 2] >>> ((i & 3) << 3)) & 0x000000FF);
return res;
public byte[] digest(byte[] input) {
return digestBin();
public String digest() {
MDfinish(working, msglen, 0);
byte[] res = new byte[20];
for (int i = 0; i < 20; i++) {
res[i] = (byte) ((MDbuf[i >> 2] >>> ((i & 3) << 3)) & 0x000000FF);
String hex = "";
for (int i = 0; i < res.length; i++) {
hex += byteToHex(res[i]);
return hex;
public byte[] digest(byte[] input, int offset, int len) {
update(input, offset, len);
return digestBin();
public int[] intdigest() {
int[] res = new int[5];
for (int i = 0; i < 5; i++) {
res[i] = MDbuf[i];
return res;
public static String byteToHex(byte b) {
byte top = (byte) (((256 + b) / 16) & 15);
byte bottom = (byte) ((256 + b) & 15);
String res;
if (top > 9) {
res = "" + (char) ('a' + (top - 10));
} else {
res = "" + (char) ('0' + top);
if (bottom > 9) {
res += (char) ('a' + (bottom - 10));
} else {
res += (char) ('0' + bottom);
return res;
public static String RIPEMD160String(String txt) {
BrokenMD160 r = new BrokenMD160();
return r.digest();
Normal file
Normal file
@ -0,0 +1,130 @@
package qora.crypto;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import qora.account.Account;
import qora.account.PrivateKeyAccount;
import utils.Base58;
import utils.Pair;
public class Crypto {
private static final Logger LOGGER = LogManager.getLogger(Crypto.class);
public static final byte ADDRESS_VERSION = 58;
public static final byte AT_ADDRESS_VERSION = 23;
public static byte[] digest(byte[] input) {
try {
// SHA2-256
MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
return sha256.digest(input);
} catch (NoSuchAlgorithmException e) {
return null;
public static byte[] doubleDigest(byte[] input) {
// Two rounds of SHA2-256
return digest(digest(input));
public static Pair<byte[], byte[]> createKeyPair(byte[] seed) {
try {
// Generate private and public key pair
return Ed25519.createKeyPair(seed);
} catch (Exception e) {
LOGGER.error(e.getMessage(), e);
return null;
private static String toAddress(byte addressVersion, byte[] input) {
// SHA2-256 input to create new data and of known size
byte[] inputHash = digest(input);
// Use BROKEN RIPEMD160 to create shorter address
BrokenMD160 brokenMD160 = new BrokenMD160();
inputHash = brokenMD160.digest(inputHash);
// Create address data using above hash and addressVersion (prepended)
byte[] addressBytes = new byte[inputHash.length + 1];
System.arraycopy(inputHash, 0, addressBytes, 1, inputHash.length);
addressBytes[0] = addressVersion;
// Generate checksum
byte[] checksum = doubleDigest(addressBytes);
// Append checksum
byte[] addressWithChecksum = new byte[addressBytes.length + 4];
System.arraycopy(addressBytes, 0, addressWithChecksum, 0, addressBytes.length);
System.arraycopy(checksum, 0, addressWithChecksum, addressBytes.length, 4);
// Return Base58-encoded
return Base58.encode(addressWithChecksum);
public static String toAddress(byte[] publicKey) {
return toAddress(ADDRESS_VERSION, publicKey);
public static String toATAddress(byte[] signature) {
return toAddress(AT_ADDRESS_VERSION, signature);
public static boolean isValidAddress(String address) {
byte[] addressBytes;
try {
// Attempt Base58 decoding
addressBytes = Base58.decode(address);
} catch (NumberFormatException e) {
return false;
// Check address length
if (addressBytes.length != Account.ADDRESS_LENGTH)
return false;
// Check by address type
switch (addressBytes[0]) {
byte[] addressWithoutChecksum = Arrays.copyOf(addressBytes, addressBytes.length - 4);
byte[] passedChecksum = Arrays.copyOfRange(addressWithoutChecksum, addressBytes.length - 4, addressBytes.length);
byte[] generatedChecksum = doubleDigest(addressWithoutChecksum);
return Arrays.equals(passedChecksum, generatedChecksum);
return false;
public static byte[] sign(PrivateKeyAccount account, byte[] message) {
try {
return Ed25519.sign(account.getKeyPair(), message);
} catch (Exception e) {
return new byte[64];
public static boolean verify(byte[] publicKey, byte[] signature, byte[] message) {
try {
return Ed25519.verify(signature, message, publicKey);
} catch (Exception e) {
return false;
Normal file
Normal file
@ -0,0 +1,36 @@
package qora.crypto;
public class CryptoBytes
public static Boolean ConstantTimeEquals(byte[] x, int xOffset, byte[] y, int yOffset, int length) throws Exception
if (x == null) throw new Exception("x");
if (xOffset < 0) throw new Exception("xOffset" + "xOffset < 0");
if (y == null) throw new Exception("y");
if (yOffset < 0) throw new Exception("yOffset" + "yOffset < 0");
if (length < 0) throw new Exception("length" + "length < 0");
if (x.length - xOffset < length) throw new Exception("xOffset + length > x.Length");
if (y.length - yOffset < length) throw new Exception("yOffset + length > y.Length");
return InternalConstantTimeEquals(x, xOffset, y, yOffset, length);
public static boolean InternalConstantTimeEquals(byte[] x, int xOffset, byte[] y, int yOffset, int length)
int result = 0;
for (int i = 0; i < length; i++)
result |= x[xOffset + i] ^ y[yOffset + i];
return result == 0; // Check const time
public static void Wipe(byte[] data)
for (int i = 0; i < data.length; i++)
data[i] = 0;
Normal file
Normal file
@ -0,0 +1,196 @@
package qora.crypto;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.whispersystems.curve25519.java.*;
import utils.Pair;
public class Ed25519 {
public static byte[] getSharedSecret(byte[] public_key, byte[] private_key)
byte[] shared_secret = new byte[32];
byte[] e = new byte[32];
int i;
int[] x1 = new int[10];
int[] x2 = new int[10];
int[] z2 = new int[10];
int[] x3 = new int[10];
int[] z3 = new int[10];
int[] tmp0 = new int[10];
int[] tmp1 = new int[10];
int pos;
int swap;
int b;
/* copy the private key and make sure it's valid */
for (i = 0; i < 32; ++i) {
e[i] = private_key[i];
e[0] &= 248;
e[31] &= 63;
e[31] |= 64;
/* unpack the public key and convert edwards to montgomery */
/* due to CodesInChaos: montgomeryX = (edwardsY + 1)*inverse(1 - edwardsY) mod p */
fe_frombytes.fe_frombytes(x1, public_key);
fe_add.fe_add(tmp0, x1, tmp1);
fe_sub.fe_sub(tmp1, tmp1, x1);
fe_invert.fe_invert(tmp1, tmp1);
fe_mul.fe_mul(x1, tmp0, tmp1);
fe_copy.fe_copy(x3, x1);
swap = 0;
for (pos = 254; pos >= 0; --pos) {
b = e[pos / 8] >> (pos & 7);
b &= 1;
swap ^= b;
fe_cswap.fe_cswap(x2, x3, swap);
fe_cswap.fe_cswap(z2, z3, swap);
swap = b;
/* from montgomery.h */
fe_sub.fe_sub(tmp0, x3, z3);
fe_sub.fe_sub(tmp1, x2, z2);
fe_add.fe_add(x2, x2, z2);
fe_add.fe_add(z2, x3, z3);
fe_mul.fe_mul(z3, tmp0, x2);
fe_mul.fe_mul(z2, z2, tmp1);
fe_sq.fe_sq(tmp0, tmp1);
fe_sq.fe_sq(tmp1, x2);
fe_add.fe_add(x3, z3, z2);
fe_sub.fe_sub(z2, z3, z2);
fe_mul.fe_mul(x2, tmp1, tmp0);
fe_sub.fe_sub(tmp1, tmp1, tmp0);
fe_sq.fe_sq(z2, z2);
fe_mul121666.fe_mul121666(z3, tmp1);
fe_sq.fe_sq(x3, x3);
fe_add.fe_add(tmp0, tmp0, z3);
fe_mul.fe_mul(z3, x1, z2);
fe_mul.fe_mul(z2, tmp1, tmp0);
fe_cswap.fe_cswap(x2, x3, swap);
fe_cswap.fe_cswap(z2, z3, swap);
fe_invert.fe_invert(z2, z2);
fe_mul.fe_mul(x2, x2, z2);
fe_tobytes.fe_tobytes(shared_secret, x2);
return shared_secret;
public static boolean verify(byte[] signature, byte[] message, byte[] publicKey) throws Exception
byte[] h = new byte[64];
byte[] checker = new byte[32];
ge_p3 A = new ge_p3();
ge_p2 R = new ge_p2();
if ((signature[63] & 224) != 0) {
return false;
if (ge_frombytes.ge_frombytes_negate_vartime(A, publicKey) != 0) {
return false;
MessageDigest sha512 = MessageDigest.getInstance("SHA-512");
sha512.update(signature, 0, 32);
sha512.update(publicKey, 0, 32);
sha512.update(message, 0, message.length);
h = sha512.digest();
byte[] sm32 = new byte[32];
System.arraycopy(signature, 32, sm32, 0, 32);
ge_double_scalarmult.ge_double_scalarmult_vartime(R, h, A, sm32);
ge_tobytes.ge_tobytes(checker, R);
Boolean result = CryptoBytes.ConstantTimeEquals(checker, 0, signature, 0, 32);
return result;
public static byte[] sign(Pair<byte[],byte[]> keyPair, byte[] message) throws NoSuchAlgorithmException
byte[] private_key = keyPair.getA();
byte[] public_key = keyPair.getB();
byte[] signature = new byte[64];
byte[] hram = new byte[64];
byte[] r = new byte[64];
ge_p3 R = new ge_p3();
MessageDigest sha512 = MessageDigest.getInstance("SHA-512");
sha512.update(private_key, 32, 32);
sha512.update(message, 0, message.length);
r = sha512.digest();
ge_scalarmult_base.ge_scalarmult_base(R, r);
ge_p3_tobytes.ge_p3_tobytes(signature, R);
sha512 = MessageDigest.getInstance("SHA-512");
sha512.update(signature, 0, 32);
sha512.update(public_key, 0, 32);
sha512.update(message, 0, message.length);
hram = sha512.digest();
byte[] sm32 = new byte[32];
sc_muladd.sc_muladd(sm32, hram, private_key, r);
System.arraycopy(sm32, 0, signature, 32, 32);
return signature;
public static Pair<byte[], byte[]> createKeyPair(byte[] seed)
byte[] private_key = new byte[64];
byte[] public_key = new byte[32];
ge_p3 A = new ge_p3();
sha512(seed, 32, private_key);
private_key[0] &= 248;
private_key[31] &= 63;
private_key[31] |= 64;
ge_scalarmult_base.ge_scalarmult_base(A, private_key);
ge_p3_tobytes.ge_p3_tobytes(public_key, A);
return new Pair<byte[], byte[]>(private_key, public_key);
public static void sha512(byte[] in, long length, byte[] out) {
try {
MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
messageDigest.update(in, 0, (int)length);
byte[] digest = messageDigest.digest();
System.arraycopy(digest, 0, out, 0, digest.length);
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
Normal file
Normal file
@ -0,0 +1,117 @@
package qora.transaction;
import java.math.BigDecimal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.json.simple.JSONObject;
import database.DB;
import database.NoDataFoundException;
public class PaymentTransaction extends Transaction {
// Properties
// private PublicKeyAccount sender;
private String sender;
private String recipient;
private BigDecimal amount;
// Property lengths
private static final int SENDER_LENGTH = 32;
private static final int RECIPIENT_LENGTH = 32;
private static final int AMOUNT_LENGTH = 8;
// Constructors
public PaymentTransaction(String sender, String recipient, BigDecimal amount, BigDecimal fee, long timestamp, byte[] reference, byte[] signature) {
super(TransactionType.Payment, fee, sender, timestamp, reference, signature);
this.sender = sender;
this.recipient = recipient;
this.amount = amount;
public PaymentTransaction(String sender, String recipient, BigDecimal amount, BigDecimal fee, long timestamp, byte[] reference) {
this(sender, recipient, amount, fee, timestamp, reference, null);
// Getters/Setters
public String getSender() {
return this.sender;
public String getRecipient() {
return this.recipient;
public BigDecimal getAmount() {
return this.amount;
// More information
public int getDataLength() {
// Load/Save
public PaymentTransaction(Connection connection, byte[] signature) throws SQLException {
super(connection, TransactionType.Payment, signature);
ResultSet rs = DB.executeUsingBytes(connection, "SELECT sender, recipient, amount FROM PaymentTransactions WHERE signature = ?", signature);
if (rs == null)
throw new NoDataFoundException();
this.sender = rs.getString(1);
this.recipient = rs.getString(2);
this.amount = rs.getBigDecimal(3).setScale(8);
public void save(Connection connection) throws SQLException {
String sql = DB.formatInsertWithPlaceholders("PaymentTransactions", "signature", "sender", "recipient", "amount");
PreparedStatement preparedStatement = connection.prepareStatement(sql);
DB.bindInsertPlaceholders(preparedStatement, this.signature, this.sender, this.recipient, this.amount);
// Converters
public static Transaction parse(byte[] data) throws Exception {
return null;
public JSONObject toJSON() {
return null;
public byte[] toBytes() {
return new byte[0];
// Processing
public int isValid() {
public void process() {
public void orphan() {
Normal file
Normal file
@ -0,0 +1,222 @@
package qora.transaction;
import java.math.BigDecimal;
import java.math.MathContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.time.Instant;
import java.util.Map;
import static java.util.Arrays.stream;
import static java.util.stream.Collectors.toMap;
import org.json.simple.JSONObject;
import database.DB;
import database.NoDataFoundException;
import qora.account.PrivateKeyAccount;
import qora.account.PublicKeyAccount;
import qora.crypto.Crypto;
import settings.Settings;
public abstract class Transaction {
// Transaction types
public enum TransactionType {
Genesis(1), Payment(2);
public final int value;
private final static Map<Integer, TransactionType> map = stream(TransactionType.values()).collect(toMap(type -> type.value, type -> type));
TransactionType(int value) {
this.value = value;
public static TransactionType valueOf(int value) {
return map.get(value);
// Validation results
public static final int VALIDATE_OK = 1;
// Minimum fee
public static final BigDecimal MINIMUM_FEE = BigDecimal.ONE;
// Cached info to make transaction processing faster
protected static final BigDecimal maxBytePerFee = BigDecimal.valueOf(Settings.getInstance().getMaxBytePerFee());
protected static final BigDecimal minFeePerByte = BigDecimal.ONE.divide(maxBytePerFee, MathContext.DECIMAL32);
// Database properties shared with all transaction types
protected TransactionType type;
protected String creator;
protected long timestamp;
protected byte[] reference;
protected BigDecimal fee;
protected byte[] signature;
// Derived/cached properties
// maybe: protected PublicKeyAccount creatorAccount;
// Property lengths
protected static final int TYPE_LENGTH = 4;
protected static final int TIMESTAMP_LENGTH = 8;
protected static final int REFERENCE_LENGTH = 64;
protected static final int FEE_LENGTH = 8;
protected static final int SIGNATURE_LENGTH = 64;
// Constructors
protected Transaction(TransactionType type, BigDecimal fee, String creator, long timestamp, byte[] reference, byte[] signature) {
this.fee = fee;
this.type = type;
this.creator = creator;
this.timestamp = timestamp;
this.reference = reference;
this.signature = signature;
protected Transaction(TransactionType type, BigDecimal fee, String creator, long timestamp, byte[] reference) {
this(type, fee, creator, timestamp, reference, null);
// Getters/setters
public TransactionType getType() {
return this.type;
public String getCreator() {
return this.creator;
public long getTimestamp() {
return this.timestamp;
public byte[] getReference() {
return this.reference;
public BigDecimal getFee() {
return this.fee;
public byte[] getSignature() {
return this.signature;
// More information
public long getDeadline() {
// 24 hour deadline to include transaction in a block
return this.timestamp + (24 * 60 * 60 * 1000);
public abstract int getDataLength();
public boolean hasMinimumFee() {
return this.fee.compareTo(MINIMUM_FEE) >= 0;
public BigDecimal feePerByte() {
return this.fee.divide(new BigDecimal(this.getDataLength()), MathContext.DECIMAL32);
public boolean hasMinimumFeePerByte() {
return this.feePerByte().compareTo(minFeePerByte) >= 0;
public BigDecimal calcRecommendedFee() {
BigDecimal recommendedFee = BigDecimal.valueOf(this.getDataLength()).divide(maxBytePerFee, MathContext.DECIMAL32).setScale(8);
// security margin
recommendedFee = recommendedFee.add(new BigDecimal("0.0000001"));
if (recommendedFee.compareTo(MINIMUM_FEE) <= 0) {
recommendedFee = MINIMUM_FEE;
} else {
recommendedFee = recommendedFee.setScale(0, BigDecimal.ROUND_UP);
return recommendedFee.setScale(8);
// Load/Save
protected Transaction(Connection connection, TransactionType type, byte[] signature) throws SQLException {
ResultSet rs = DB.executeUsingBytes(connection, "SELECT reference, creator, creation, fee FROM Transactions WHERE signature = ?", signature);
if (rs == null)
throw new NoDataFoundException();
this.type = type;
this.reference = DB.getResultSetBytes(rs.getBinaryStream(1), REFERENCE_LENGTH);
this.creator = rs.getString(2);
this.timestamp = rs.getTimestamp(3).getTime();
this.fee = rs.getBigDecimal(4).setScale(8);
this.signature = signature;
protected void save(Connection connection) throws SQLException {
String sql = DB.formatInsertWithPlaceholders("Transactions", "signature", "reference", "type", "creator", "creation", "fee", "milestone_block");
PreparedStatement preparedStatement = connection.prepareStatement(sql);
DB.bindInsertPlaceholders(preparedStatement, this.signature, this.reference, this.type.value, this.creator,
Timestamp.from(Instant.ofEpochSecond(this.timestamp)), this.fee, null);
// Navigation
* public Block getBlock() { BlockTransaction blockTx = BlockTransaction.fromTransactionSignature(this.signature); if (blockTx == null) return null;
* return Block.fromSignature(blockTx.getSignature()); }
public Transaction getParent(Connection connection) throws SQLException {
if (this.reference == null)
return null;
return TransactionFactory.fromSignature(connection, this.reference);
public Transaction getChild(Connection connection) throws SQLException {
if (this.signature == null)
return null;
return TransactionFactory.fromReference(connection, this.signature);
// Converters
public abstract JSONObject toJSON();
public abstract byte[] toBytes();
// Processing
public byte[] calcSignature(PrivateKeyAccount signer) {
byte[] bytes = this.toBytes();
return Crypto.sign(signer, bytes);
public boolean isSignatureValid(PublicKeyAccount signer) {
if (this.signature == null)
return false;
return Crypto.verify(signer.getPublicKey(), this.signature, this.toBytes());
public abstract int isValid();
public abstract void process();
public abstract void orphan();
Normal file
Normal file
@ -0,0 +1,45 @@
package qora.transaction;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import database.DB;
import qora.transaction.Transaction.TransactionType;
public class TransactionFactory {
public static Transaction fromSignature(Connection connection, byte[] signature) throws SQLException {
ResultSet resultSet = DB.executeUsingBytes(connection, "SELECT type, signature FROM Transactions WHERE signature = ?", signature);
return fromResultSet(connection, resultSet);
public static Transaction fromReference(Connection connection, byte[] reference) throws SQLException {
ResultSet resultSet = DB.executeUsingBytes(connection, "SELECT type, signature FROM Transactions WHERE reference = ?", reference);
return fromResultSet(connection, resultSet);
private static Transaction fromResultSet(Connection connection, ResultSet resultSet) throws SQLException {
if (resultSet == null)
return null;
TransactionType type = TransactionType.valueOf(resultSet.getInt(1));
if (type == null)
return null;
byte[] signature = DB.getResultSetBytes(resultSet.getBinaryStream(2), Transaction.SIGNATURE_LENGTH);
switch (type) {
case Genesis:
// return new GenesisTransaction(connection, signature);
return null;
case Payment:
return new PaymentTransaction(connection, signature);
return null;
Normal file
Normal file
@ -0,0 +1,13 @@
package settings;
public class Settings {
public static Settings getInstance() {
return new Settings();
public int getMaxBytePerFee() {
return 1024;
Normal file
Normal file
@ -0,0 +1,21 @@
package test;
import static org.junit.Assert.fail;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
public class common {
public static Connection getConnection() {
try {
return DriverManager.getConnection("jdbc:hsqldb:file:db/test;create=true;close_result=true;sql.strict_exec=true;sql.enforce_names=true;sql.syntax_mys=true", "SA", "");
} catch (SQLException e) {
return null;
Normal file
Normal file
@ -0,0 +1,76 @@
package test;
import static org.junit.Assert.*;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import org.junit.Test;
public class connections {
public void testConnection() {
try {
Connection c = DriverManager.getConnection("jdbc:hsqldb:file:db/test", "SA", "");
} catch (SQLException e) {
public void testSimultaneousConnections() {
try {
Connection c1 = DriverManager.getConnection("jdbc:hsqldb:file:db/test", "SA", "");
Connection c2 = DriverManager.getConnection("jdbc:hsqldb:file:db/test", "SA", "");
} catch (SQLException e) {
public void testExistOnlyConnection() {
try {
Connection c = DriverManager.getConnection("jdbc:hsqldb:file:db/test;ifexists=true", "SA", "");
} catch (SQLException e) {
public void testConnectionAfterShutdown() {
try {
Connection c = DriverManager.getConnection("jdbc:hsqldb:file:db/test", "SA", "");
Statement s = c.createStatement();
s.execute("SHUTDOWN COMPACT");
c = DriverManager.getConnection("jdbc:hsqldb:file:db/test", "SA", "");
} catch (SQLException e) {
public void testComplexConnection() {
try {
Connection c = DriverManager.getConnection("jdbc:hsqldb:file:db/test;create=false;close_result=true;sql.strict_exec=true;sql.enforce_names=true", "SA", "");
} catch (SQLException e) {
Normal file
Normal file
@ -0,0 +1,39 @@
package test;
import static org.junit.Assert.*;
import org.junit.Test;
import com.google.common.hash.HashCode;
import qora.crypto.Crypto;
public class crypto {
public void testCryptoDigest() {
byte[] input = HashCode.fromString("00").asBytes();
byte[] digest = Crypto.digest(input);
byte[] expected = HashCode.fromString("6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d").asBytes();
assertArrayEquals(digest, expected);
public void testCryptoDoubleDigest() {
byte[] input = HashCode.fromString("00").asBytes();
byte[] digest = Crypto.doubleDigest(input);
byte[] expected = HashCode.fromString("1406e05881e299367766d313e26c05564ec91bf721d31726bd6e46e60689539a").asBytes();
assertArrayEquals(digest, expected);
public void testCryptoQoraAddress() {
byte[] publicKey = HashCode.fromString("775ada64a48a30b3bfc4f1db16bca512d4088704975a62bde78781ce0cba90d6").asBytes();
String expected = "QUD9y7NZqTtNwvSAUfewd7zKUGoVivVnTW";
assertEquals(expected, Crypto.toAddress(publicKey));
Normal file
Normal file
@ -0,0 +1,82 @@
package test;
import static org.junit.Assert.*;
import java.sql.Connection;
import java.sql.SQLException;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import qora.transaction.PaymentTransaction;
import qora.transaction.Transaction;
import qora.transaction.TransactionFactory;
import utils.Base58;
public class load {
private static Connection connection;
public void connect() throws SQLException {
connection = common.getConnection();
public void disconnect() {
try {
} catch (SQLException e) {
public void testLoadPaymentTransaction() throws SQLException {
String signature58 = "1211ZPwG3hk5evWzXCZi9hMDRpwumWmkENjwWkeTCik9xA5uoYnxzF7rwR5hmHH3kG2RXo7ToCAaRc7dvnynByJt";
byte[] signature = Base58.decode(signature58);
PaymentTransaction paymentTransaction = new PaymentTransaction(connection, signature);
assertEquals(paymentTransaction.getSender(), "QXwu8924WdgPoRmtiWQBUMF6eedmp1Hu2E");
assertEquals(paymentTransaction.getCreator(), "QXwu8924WdgPoRmtiWQBUMF6eedmp1Hu2E");
assertEquals(paymentTransaction.getRecipient(), "QZsv8vbJ6QfrBNba4LMp5UtHhAzhrxvVUU");
assertEquals(paymentTransaction.getTimestamp(), 1416209264000L);
assertEquals(Base58.encode(paymentTransaction.getReference()), "31dC6kHHBeG5vYb8LMaZDjLEmhc9kQB2VUApVd8xWncSRiXu7yMejdprjYFMP2rUnzZxWd4KJhkq6LsV7rQvU1kY");
public void testLoadFactory() throws SQLException {
String signature58 = "1211ZPwG3hk5evWzXCZi9hMDRpwumWmkENjwWkeTCik9xA5uoYnxzF7rwR5hmHH3kG2RXo7ToCAaRc7dvnynByJt";
byte[] signature = Base58.decode(signature58);
while (true) {
Transaction transaction = TransactionFactory.fromSignature(connection, signature);
if (transaction == null)
PaymentTransaction payment = (PaymentTransaction) transaction;
System.out.println("Transaction " + Base58.encode(payment.getSignature()) + ": " + payment.getAmount().toString() + " QORA from " + payment.getSender() + " to " + payment.getRecipient());
signature = payment.getReference();
public void testLoadNonexistentTransaction() throws SQLException {
String signature58 = "1111222233334444";
byte[] signature = Base58.decode(signature58);
try {
PaymentTransaction payment = new PaymentTransaction(connection, signature);
System.out.println("Transaction " + Base58.encode(payment.getSignature()) + ": " + payment.getAmount().toString() + " QORA from " + payment.getSender() + " to " + payment.getRecipient());
} catch (SQLException e) {
Normal file
Normal file
@ -0,0 +1,596 @@
package test;
import static org.junit.Assert.*;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.math.BigDecimal;
import java.net.URL;
import java.nio.charset.Charset;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.sql.Statement;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;
import org.json.simple.parser.ParseException;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import com.google.common.hash.HashCode;
import utils.Base58;
public class migrate {
private static Connection c;
private static PreparedStatement startTransactionPStmt;
private static PreparedStatement commitPStmt;
public void connect() throws SQLException {
c = common.getConnection();
startTransactionPStmt = c.prepareStatement("START TRANSACTION");
commitPStmt = c.prepareStatement("COMMIT");
public void disconnect() {
try {
} catch (SQLException e) {
public Object fetchBlockJSON(int height) {
InputStream is;
try {
is = new URL("http://localhost:9085/blocks/byheight/" + height).openStream();
} catch (IOException e) {
return null;
try {
BufferedReader reader = new BufferedReader(new InputStreamReader(is, Charset.forName("UTF-8")));
return JSONValue.parseWithException(reader);
} catch (IOException | ParseException e) {
return null;
} finally {
try {
} catch (IOException e) {
public String formatWithPlaceholders(String... columns) {
String[] placeholders = new String[columns.length];
Arrays.setAll(placeholders, (int i) -> "?");
StringBuilder output = new StringBuilder();
output.append(String.join(", ", columns));
output.append(") VALUES (");
output.append(String.join(", ", placeholders));
return output.toString();
public void startTransaction() throws SQLException {
public void commit() throws SQLException {
public void testMigration() throws SQLException, UnsupportedEncodingException {
Statement stmt = c.createStatement();
stmt.execute("DELETE FROM Blocks");
PreparedStatement blocksPStmt = c
.prepareStatement("INSERT INTO Blocks " + formatWithPlaceholders("signature", "version", "reference", "transaction_count", "total_fees",
"transactions_signature", "height", "generation", "generation_target", "generator", "generation_signature", "AT_data", "AT_fees"));
PreparedStatement txPStmt = c.prepareStatement(
"INSERT INTO Transactions " + formatWithPlaceholders("signature", "reference", "type", "creator", "creation", "fee", "milestone_block"));
PreparedStatement recipientPStmt = c.prepareStatement("INSERT INTO TransactionRecipients " + formatWithPlaceholders("signature", "recipient"));
PreparedStatement genesisPStmt = c.prepareStatement("INSERT INTO GenesisTransactions " + formatWithPlaceholders("signature", "recipient", "amount"));
PreparedStatement paymentPStmt = c
.prepareStatement("INSERT INTO PaymentTransactions " + formatWithPlaceholders("signature", "sender", "recipient", "amount"));
PreparedStatement registerNamePStmt = c
.prepareStatement("INSERT INTO RegisterNameTransactions " + formatWithPlaceholders("signature", "registrant", "name", "owner", "data"));
PreparedStatement updateNamePStmt = c
.prepareStatement("INSERT INTO UpdateNameTransactions " + formatWithPlaceholders("signature", "owner", "name", "new_owner", "new_data"));
PreparedStatement sellNamePStmt = c
.prepareStatement("INSERT INTO SellNameTransactions " + formatWithPlaceholders("signature", "owner", "name", "amount"));
PreparedStatement cancelSellNamePStmt = c
.prepareStatement("INSERT INTO CancelSellNameTransactions " + formatWithPlaceholders("signature", "owner", "name"));
PreparedStatement buyNamePStmt = c
.prepareStatement("INSERT INTO BuyNameTransactions " + formatWithPlaceholders("signature", "buyer", "name", "seller", "amount"));
PreparedStatement createPollPStmt = c
.prepareStatement("INSERT INTO CreatePollTransactions " + formatWithPlaceholders("signature", "creator", "poll", "description"));
PreparedStatement createPollOptionPStmt = c
.prepareStatement("INSERT INTO CreatePollTransactionOptions " + formatWithPlaceholders("signature", "option"));
PreparedStatement voteOnPollPStmt = c
.prepareStatement("INSERT INTO VoteOnPollTransactions " + formatWithPlaceholders("signature", "voter", "poll", "option_index"));
PreparedStatement arbitraryPStmt = c
.prepareStatement("INSERT INTO ArbitraryTransactions " + formatWithPlaceholders("signature", "creator", "service", "data_hash"));
PreparedStatement issueAssetPStmt = c.prepareStatement("INSERT INTO IssueAssetTransactions "
+ formatWithPlaceholders("signature", "creator", "asset_name", "description", "quantity", "is_divisible"));
PreparedStatement transferAssetPStmt = c
.prepareStatement("INSERT INTO TransferAssetTransactions " + formatWithPlaceholders("signature", "sender", "recipient", "asset", "amount"));
PreparedStatement createAssetOrderPStmt = c.prepareStatement("INSERT INTO CreateAssetOrderTransactions "
+ formatWithPlaceholders("signature", "creator", "have_asset", "have_amount", "want_asset", "want_amount"));
PreparedStatement cancelAssetOrderPStmt = c
.prepareStatement("INSERT INTO CancelAssetOrderTransactions " + formatWithPlaceholders("signature", "creator", "asset_order"));
PreparedStatement multiPaymentPStmt = c.prepareStatement("INSERT INTO MultiPaymentTransactions " + formatWithPlaceholders("signature", "sender"));
PreparedStatement deployATPStmt = c.prepareStatement("INSERT INTO DeployATTransactions "
+ formatWithPlaceholders("signature", "creator", "AT_name", "description", "AT_type", "AT_tags", "creation_bytes", "amount"));
PreparedStatement messagePStmt = c.prepareStatement("INSERT INTO MessageTransactions "
+ formatWithPlaceholders("signature", "sender", "recipient", "is_text", "is_encrypted", "amount", "asset", "data"));
PreparedStatement sharedPaymentPStmt = c
.prepareStatement("INSERT INTO SharedTransactionPayments " + formatWithPlaceholders("signature", "recipient", "amount", "asset"));
PreparedStatement blockTxPStmt = c.prepareStatement("INSERT INTO BlockTransactions " + formatWithPlaceholders("block", "sequence", "signature"));
int height = 1;
byte[] milestone_block = null;
while (true) {
JSONObject json = (JSONObject) fetchBlockJSON(height);
if (json == null)
if (height % 1000 == 0)
System.out.println("Height: " + height);
JSONArray transactions = (JSONArray) json.get("transactions");
// Blocks:
// signature, version, reference, transaction_count, total_fees, transactions_signature, height, generation, generation_target, generator,
// generation_signature
// varchar, tinyint, varchar, int, decimal, varchar, int, timestamp, decimal, varchar, varchar
byte[] blockSignature = Base58.decode((String) json.get("signature"));
byte[] blockReference = Base58.decode((String) json.get("reference"));
byte[] blockTransactionsSignature = Base58.decode((String) json.get("transactionsSignature"));
byte[] blockGeneratorSignature = Base58.decode((String) json.get("generatorSignature"));
blocksPStmt.setBinaryStream(1, new ByteArrayInputStream(blockSignature));
blocksPStmt.setInt(2, ((Long) json.get("version")).intValue());
blocksPStmt.setBinaryStream(3, new ByteArrayInputStream(blockReference));
blocksPStmt.setInt(4, transactions.size());
blocksPStmt.setBigDecimal(5, BigDecimal.valueOf(Double.valueOf((String) json.get("fee")).doubleValue()));
blocksPStmt.setBinaryStream(6, new ByteArrayInputStream(blockTransactionsSignature));
blocksPStmt.setInt(7, height);
blocksPStmt.setTimestamp(8, new Timestamp((Long) json.get("timestamp")));
blocksPStmt.setBigDecimal(9, BigDecimal.valueOf((Long) json.get("generatingBalance")));
blocksPStmt.setString(10, (String) json.get("generator"));
blocksPStmt.setBinaryStream(11, new ByteArrayInputStream(blockGeneratorSignature));
String blockATs = (String) json.get("blockATs");
if (blockATs != null && blockATs.length() > 0) {
HashCode atBytes = HashCode.fromString(blockATs);
blocksPStmt.setBinaryStream(12, new ByteArrayInputStream(atBytes.asBytes()));
blocksPStmt.setBigDecimal(13, BigDecimal.valueOf(((Long) json.get("atFees")).longValue(), 8));
} else {
blocksPStmt.setNull(12, java.sql.Types.VARBINARY);
blocksPStmt.setNull(13, java.sql.Types.DECIMAL);
// Transactions:
// signature, reference, type, creator, creation, fee, milestone_block
// varchar, varchar, int, varchar, timestamp, decimal, varchar
for (int txIndex = 0; txIndex < transactions.size(); ++txIndex) {
JSONObject transaction = (JSONObject) transactions.get(txIndex);
byte[] txSignature = Base58.decode((String) transaction.get("signature"));
txPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
String txReference58 = (String) transaction.get("reference");
byte[] txReference = txReference58.isEmpty() ? null : Base58.decode(txReference58);
int type = ((Long) transaction.get("type")).intValue();
if (txReference != null)
txPStmt.setBinaryStream(2, new ByteArrayInputStream(txReference));
else if (height == 1 && type == 1)
txPStmt.setNull(2, java.sql.Types.VARCHAR); // genesis transactions only
txPStmt.setInt(3, type);
switch (type) {
case 1: // genesis
txPStmt.setNull(4, java.sql.Types.VARCHAR); // genesis transactions only
case 2: // payment
case 12: // transfer asset
case 15: // multi-payment
txPStmt.setString(4, (String) transaction.get("sender"));
case 3: // register name
txPStmt.setString(4, (String) transaction.get("registrant"));
case 4: // update name
case 5: // sell name
case 6: // cancel sell name
txPStmt.setString(4, (String) transaction.get("owner"));
case 7: // buy name
txPStmt.setString(4, (String) transaction.get("buyer"));
case 8: // create poll
case 9: // vote on poll
case 10: // arbitrary transaction
case 11: // issue asset
case 13: // create asset order
case 14: // cancel asset order
case 16: // deploy CIYAM AT
case 17: // message
txPStmt.setString(4, (String) transaction.get("creator"));
txPStmt.setTimestamp(5, new Timestamp((Long) transaction.get("timestamp")));
txPStmt.setBigDecimal(6, BigDecimal.valueOf(Double.valueOf((String) transaction.get("fee")).doubleValue()));
if (milestone_block != null)
txPStmt.setBinaryStream(7, new ByteArrayInputStream(milestone_block));
else if (height == 1 && type == 1)
txPStmt.setNull(7, java.sql.Types.VARCHAR); // genesis transactions only
JSONArray multiPayments = null;
if (type == 15)
multiPayments = (JSONArray) transaction.get("payments");
List<String> recipients = new ArrayList<String>();
switch (type) {
case 1: // genesis
case 2: // payment
case 12: // transfer asset
case 17: // message
recipients.add((String) transaction.get("recipient"));
case 3: // register name
case 4: // update name
// parse Name data for "owner"
case 5: // sell name
case 6: // cancel sell name
case 8: // create poll
case 9: // vote on poll
case 10: // arbitrary transaction
case 13: // create asset order
case 14: // cancel asset order
case 16: // deploy CIYAM AT
// no recipients
case 7: // buy name
recipients.add((String) transaction.get("seller"));
case 11: // issue asset
recipients.add((String) transaction.get("creator"));
case 15: // multi-payment
for (Object payment : multiPayments) {
String recipient = (String) ((JSONObject) payment).get("recipient");
for (String recipient : recipients) {
recipientPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
recipientPStmt.setString(2, recipient);
// Transaction-type-specific processing
switch (type) {
case 1: // genesis
genesisPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
genesisPStmt.setString(2, recipients.get(0));
genesisPStmt.setBigDecimal(3, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 2: // payment
paymentPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
paymentPStmt.setString(2, (String) transaction.get("sender"));
paymentPStmt.setString(3, recipients.get(0));
paymentPStmt.setBigDecimal(4, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 3: // register name
registerNamePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
registerNamePStmt.setString(2, (String) transaction.get("registrant"));
registerNamePStmt.setString(3, (String) transaction.get("name"));
registerNamePStmt.setString(4, (String) transaction.get("owner"));
registerNamePStmt.setString(5, (String) transaction.get("value"));
case 4: // update name
updateNamePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
updateNamePStmt.setString(2, (String) transaction.get("owner"));
updateNamePStmt.setString(3, (String) transaction.get("name"));
updateNamePStmt.setString(4, (String) transaction.get("newOwner"));
updateNamePStmt.setString(5, (String) transaction.get("newValue"));
case 5: // sell name
sellNamePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
sellNamePStmt.setString(2, (String) transaction.get("owner"));
sellNamePStmt.setString(3, (String) transaction.get("name"));
sellNamePStmt.setBigDecimal(4, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 6: // cancel sell name
cancelSellNamePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
cancelSellNamePStmt.setString(2, (String) transaction.get("owner"));
cancelSellNamePStmt.setString(3, (String) transaction.get("name"));
case 7: // buy name
buyNamePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
buyNamePStmt.setString(2, (String) transaction.get("buyer"));
buyNamePStmt.setString(3, (String) transaction.get("name"));
buyNamePStmt.setString(4, (String) transaction.get("seller"));
buyNamePStmt.setBigDecimal(5, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 8: // create poll
createPollPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
createPollPStmt.setString(2, (String) transaction.get("creator"));
createPollPStmt.setString(3, (String) transaction.get("name"));
createPollPStmt.setString(4, (String) transaction.get("description"));
// options
JSONArray options = (JSONArray) transaction.get("options");
for (Object option : options) {
createPollOptionPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
createPollOptionPStmt.setString(2, (String) option);
case 9: // vote on poll
voteOnPollPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
voteOnPollPStmt.setString(2, (String) transaction.get("creator"));
voteOnPollPStmt.setString(3, (String) transaction.get("poll"));
voteOnPollPStmt.setInt(4, ((Long) transaction.get("option")).intValue());
case 10: // arbitrary transactions
arbitraryPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
arbitraryPStmt.setString(2, (String) transaction.get("creator"));
arbitraryPStmt.setInt(3, ((Long) transaction.get("service")).intValue());
arbitraryPStmt.setString(4, "TODO");
if (multiPayments != null)
for (Object paymentObj : multiPayments) {
JSONObject payment = (JSONObject) paymentObj;
sharedPaymentPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
sharedPaymentPStmt.setString(2, (String) payment.get("recipient"));
sharedPaymentPStmt.setBigDecimal(3, BigDecimal.valueOf(Double.valueOf((String) payment.get("amount")).doubleValue()));
sharedPaymentPStmt.setLong(4, ((Long) payment.get("asset")).longValue());
case 11: // issue asset
issueAssetPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
issueAssetPStmt.setString(2, (String) transaction.get("creator"));
issueAssetPStmt.setString(3, (String) transaction.get("name"));
issueAssetPStmt.setString(4, (String) transaction.get("description"));
issueAssetPStmt.setBigDecimal(5, BigDecimal.valueOf(((Long) transaction.get("quantity")).longValue()));
issueAssetPStmt.setBoolean(6, (Boolean) transaction.get("divisible"));
case 12: // transfer asset
transferAssetPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
transferAssetPStmt.setString(2, (String) transaction.get("sender"));
transferAssetPStmt.setString(3, (String) transaction.get("recipient"));
transferAssetPStmt.setLong(4, ((Long) transaction.get("asset")).longValue());
transferAssetPStmt.setBigDecimal(5, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 13: // create asset order
createAssetOrderPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
createAssetOrderPStmt.setString(2, (String) transaction.get("creator"));
JSONObject assetOrder = (JSONObject) transaction.get("order");
createAssetOrderPStmt.setLong(3, ((Long) assetOrder.get("have")).longValue());
createAssetOrderPStmt.setBigDecimal(4, BigDecimal.valueOf(Double.valueOf((String) assetOrder.get("amount")).doubleValue()));
createAssetOrderPStmt.setLong(5, ((Long) assetOrder.get("want")).longValue());
createAssetOrderPStmt.setBigDecimal(6, BigDecimal.valueOf(Double.valueOf((String) assetOrder.get("price")).doubleValue()));
case 14: // cancel asset order
cancelAssetOrderPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
cancelAssetOrderPStmt.setString(2, (String) transaction.get("creator"));
cancelAssetOrderPStmt.setString(3, (String) transaction.get("order"));
case 15: // multi-payment
multiPaymentPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
multiPaymentPStmt.setString(2, (String) transaction.get("sender"));
for (Object paymentObj : multiPayments) {
JSONObject payment = (JSONObject) paymentObj;
sharedPaymentPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
sharedPaymentPStmt.setString(2, (String) payment.get("recipient"));
sharedPaymentPStmt.setBigDecimal(3, BigDecimal.valueOf(Double.valueOf((String) payment.get("amount")).doubleValue()));
sharedPaymentPStmt.setLong(4, ((Long) payment.get("asset")).longValue());
case 16: // deploy AT
HashCode creationBytes = HashCode.fromString((String) transaction.get("creationBytes"));
InputStream creationBytesStream = new ByteArrayInputStream(creationBytes.asBytes());
deployATPStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
deployATPStmt.setString(2, (String) transaction.get("creator"));
deployATPStmt.setString(3, (String) transaction.get("name"));
deployATPStmt.setString(4, (String) transaction.get("description"));
deployATPStmt.setString(5, (String) transaction.get("atType"));
deployATPStmt.setString(6, (String) transaction.get("tags"));
deployATPStmt.setBinaryStream(7, creationBytesStream);
deployATPStmt.setBigDecimal(8, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
case 17: // message
boolean isText = (Boolean) transaction.get("isText");
boolean isEncrypted = (Boolean) transaction.get("encrypted");
String messageData = (String) transaction.get("data");
InputStream messageDataStream;
if (isText && !isEncrypted) {
messageDataStream = new ByteArrayInputStream(messageData.getBytes("UTF-8"));
} else {
HashCode messageBytes = HashCode.fromString(messageData);
messageDataStream = new ByteArrayInputStream(messageBytes.asBytes());
messagePStmt.setBinaryStream(1, new ByteArrayInputStream(txSignature));
messagePStmt.setString(2, (String) transaction.get("creator"));
messagePStmt.setString(3, (String) transaction.get("recipient"));
messagePStmt.setBoolean(4, isText);
messagePStmt.setBoolean(5, isEncrypted);
messagePStmt.setBigDecimal(6, BigDecimal.valueOf(Double.valueOf((String) transaction.get("amount")).doubleValue()));
if (transaction.containsKey("asset"))
messagePStmt.setLong(7, ((Long) transaction.get("asset")).longValue());
messagePStmt.setLong(7, 0L); // QORA simulated asset
messagePStmt.setBinaryStream(8, messageDataStream);
// fail();
blockTxPStmt.setBinaryStream(1, new ByteArrayInputStream(blockSignature));
blockTxPStmt.setInt(2, txIndex);
blockTxPStmt.setBinaryStream(3, new ByteArrayInputStream(txSignature));
// new milestone block every 500 blocks?
if (milestone_block == null || (height % 500) == 0)
milestone_block = blockSignature;
Normal file
Normal file
@ -0,0 +1,51 @@
package test;
import static org.junit.Assert.*;
import java.math.BigDecimal;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import java.time.Instant;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import qora.transaction.PaymentTransaction;
import utils.Base58;
public class save {
private static Connection connection;
public void connect() throws SQLException {
connection = common.getConnection();
Statement stmt = connection.createStatement();
public void disconnect() {
try {
} catch (SQLException e) {
public void testSavePaymentTransaction() throws SQLException {
String reference58 = "rrrr";
byte[] reference = Base58.decode(reference58);
String signature58 = "ssss";
byte[] signature = Base58.decode(signature58);
PaymentTransaction paymentTransaction = new PaymentTransaction("Qsender", "Qrecipient", BigDecimal.valueOf(12345L), BigDecimal.ONE,
Instant.now().getEpochSecond(), reference, signature);
Normal file
Normal file
@ -0,0 +1,269 @@
package test;
import static org.junit.Assert.*;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
public class updates {
private static Connection c;
public void connect() throws SQLException {
c = common.getConnection();
Statement stmt = c.createStatement();
public void disconnect() {
try {
} catch (SQLException e) {
public boolean databaseUpdating() throws SQLException {
int databaseVersion = fetchDatabaseVersion();
Statement stmt = c.createStatement();
// Try not to add too many constraints as much of these checks will be performed during transaction validation
// Also some constraints might be too harsh on competing unconfirmed transactions
switch (databaseVersion) {
case 0:
// create from new
stmt.execute("CREATE TABLE DatabaseInfo ( version INTEGER NOT NULL )");
stmt.execute("INSERT INTO DatabaseInfo VALUES ( 0 )");
stmt.execute("CREATE DOMAIN BlockSignature AS VARBINARY(128)");
stmt.execute("CREATE DOMAIN Signature AS VARBINARY(64)");
stmt.execute("CREATE DOMAIN QoraAddress AS VARCHAR(36)");
stmt.execute("CREATE DOMAIN QoraAmount AS DECIMAL(19, 8)");
stmt.execute("CREATE DOMAIN RegisteredName AS VARCHAR(400) COLLATE SQL_TEXT_UCC");
stmt.execute("CREATE DOMAIN NameData AS VARCHAR(4000)");
stmt.execute("CREATE DOMAIN DataHash AS VARCHAR(100)");
stmt.execute("CREATE DOMAIN AssetID AS BIGINT");
stmt.execute("CREATE DOMAIN AssetOrderID AS VARCHAR(100)");
case 1:
// Blocks
stmt.execute("CREATE TABLE Blocks (signature BlockSignature PRIMARY KEY, version TINYINT NOT NULL, reference BlockSignature, "
+ "transaction_count INTEGER NOT NULL, total_fees QoraAmount NOT NULL, transactions_signature Signature NOT NULL, "
+ "height INTEGER NOT NULL, generation TIMESTAMP NOT NULL, generation_target QoraAmount NOT NULL, "
+ "generator QoraAddress NOT NULL, generation_signature Signature NOT NULL, AT_data VARBINARY(20000), AT_fees QoraAmount)");
stmt.execute("CREATE INDEX BlockHeightIndex ON Blocks (height)");
stmt.execute("CREATE INDEX BlockGeneratorIndex ON Blocks (generator)");
case 2:
// Generic transactions (null reference, creator and milestone_block for genesis transactions)
stmt.execute("CREATE TABLE Transactions (signature Signature PRIMARY KEY, reference Signature, type TINYINT NOT NULL, "
+ "creator QoraAddress, creation TIMESTAMP NOT NULL, fee QoraAmount NOT NULL, milestone_block BlockSignature)");
stmt.execute("CREATE INDEX TransactionTypeIndex ON Transactions (type)");
stmt.execute("CREATE INDEX TransactionCreationIndex ON Transactions (creation)");
// Transaction-Block mapping ("signature" is unique as a transaction cannot be included in more than one block)
stmt.execute("CREATE TABLE BlockTransactions (block BlockSignature, sequence INTEGER, signature Signature, "
+ "PRIMARY KEY (block, sequence), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE, "
+ "FOREIGN KEY (block) REFERENCES Blocks (signature) ON DELETE CASCADE)");
// Unconfirmed transactions
// Do we need this? If a transaction doesn't have a corresponding BlockTransactions record then it's unconfirmed?
stmt.execute("CREATE TABLE UnconfirmedTransactions (signature Signature PRIMARY KEY, expiry TIMESTAMP NOT NULL)");
stmt.execute("CREATE INDEX UnconfirmedTransactionExpiryIndex ON UnconfirmedTransactions (expiry)");
// Transaction recipients
stmt.execute("CREATE TABLE TransactionRecipients (signature Signature, recipient QoraAddress NOT NULL, "
+ "FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 3:
// Genesis Transactions
stmt.execute("CREATE TABLE GenesisTransactions (signature Signature, recipient QoraAddress NOT NULL, "
+ "amount QoraAmount NOT NULL, PRIMARY KEY (signature), "
+ "FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 4:
// Payment Transactions
stmt.execute("CREATE TABLE PaymentTransactions (signature Signature, sender QoraAddress NOT NULL, recipient QoraAddress NOT NULL, "
+ "amount QoraAmount NOT NULL, PRIMARY KEY (signature), "
+ "FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 5:
// Register Name Transactions
stmt.execute("CREATE TABLE RegisterNameTransactions (signature Signature, registrant QoraAddress NOT NULL, name RegisteredName NOT NULL, "
+ "owner QoraAddress NOT NULL, data NameData NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 6:
// Update Name Transactions
stmt.execute("CREATE TABLE UpdateNameTransactions (signature Signature, owner QoraAddress NOT NULL, name RegisteredName NOT NULL, "
+ "new_owner QoraAddress NOT NULL, new_data NameData NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 7:
// Sell Name Transactions
stmt.execute("CREATE TABLE SellNameTransactions (signature Signature, owner QoraAddress NOT NULL, name RegisteredName NOT NULL, "
+ "amount QoraAmount NOT NULL, PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 8:
// Cancel Sell Name Transactions
stmt.execute("CREATE TABLE CancelSellNameTransactions (signature Signature, owner QoraAddress NOT NULL, name RegisteredName NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 9:
// Buy Name Transactions
stmt.execute("CREATE TABLE BuyNameTransactions (signature Signature, buyer QoraAddress NOT NULL, name RegisteredName NOT NULL, "
+ "seller QoraAddress NOT NULL, amount QoraAmount NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 10:
// Create Poll Transactions
stmt.execute("CREATE TABLE CreatePollTransactions (signature Signature, creator QoraAddress NOT NULL, poll PollName NOT NULL, "
+ "description VARCHAR(4000) NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
// Poll options. NB: option is implicitly NON NULL and UNIQUE due to being part of compound primary key
stmt.execute("CREATE TABLE CreatePollTransactionOptions (signature Signature, option PollOption, "
+ "PRIMARY KEY (signature, option), FOREIGN KEY (signature) REFERENCES CreatePollTransactions (signature) ON DELETE CASCADE)");
// For the future: add flag to polls to allow one or multiple votes per voter
case 11:
// Vote On Poll Transactions
stmt.execute("CREATE TABLE VoteOnPollTransactions (signature Signature, voter QoraAddress NOT NULL, poll PollName NOT NULL, "
+ "option_index INTEGER NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 12:
// Arbitrary/Multi-payment Transaction Payments
stmt.execute("CREATE TABLE SharedTransactionPayments (signature Signature, recipient QoraAddress NOT NULL, "
+ "amount QoraAmount NOT NULL, asset AssetID NOT NULL, "
+ "PRIMARY KEY (signature, recipient, asset), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 13:
// Arbitrary Transactions
stmt.execute("CREATE TABLE ArbitraryTransactions (signature Signature, creator QoraAddress NOT NULL, service TINYINT NOT NULL, "
+ "data_hash DataHash NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
// NB: Actual data payload stored elsewhere
// For the future: data payload should be encrypted, at the very least with transaction's reference as the seed for the encryption key
case 14:
// Issue Asset Transactions
stmt.execute("CREATE TABLE IssueAssetTransactions (signature Signature, creator QoraAddress NOT NULL, asset_name AssetName NOT NULL, "
+ "description VARCHAR(4000) NOT NULL, quantity BIGINT NOT NULL, is_divisible BOOLEAN NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
// For the future: maybe convert quantity from BIGINT to QoraAmount, regardless of divisibility
case 15:
// Transfer Asset Transactions
stmt.execute("CREATE TABLE TransferAssetTransactions (signature Signature, sender QoraAddress NOT NULL, recipient QoraAddress NOT NULL, "
+ "asset AssetID NOT NULL, amount QoraAmount NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 16:
// Create Asset Order Transactions
stmt.execute("CREATE TABLE CreateAssetOrderTransactions (signature Signature, creator QoraAddress NOT NULL, "
+ "have_asset AssetID NOT NULL, have_amount QoraAmount NOT NULL, "
+ "want_asset AssetID NOT NULL, want_amount QoraAmount NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 17:
// Cancel Asset Order Transactions
stmt.execute("CREATE TABLE CancelAssetOrderTransactions (signature Signature, creator QoraAddress NOT NULL, "
+ "asset_order AssetOrderID NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 18:
// Multi-payment Transactions
stmt.execute("CREATE TABLE MultiPaymentTransactions (signature Signature, sender QoraAddress NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 19:
// Deploy CIYAM AT Transactions
stmt.execute("CREATE TABLE DeployATTransactions (signature Signature, creator QoraAddress NOT NULL, AT_name ATName NOT NULL, "
+ "description VARCHAR(2000) NOT NULL, AT_type ATType NOT NULL, AT_tags VARCHAR(200) NOT NULL, "
+ "creation_bytes VARBINARY(100000) NOT NULL, amount QoraAmount NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
case 20:
// Message Transactions
stmt.execute("CREATE TABLE MessageTransactions (signature Signature, sender QoraAddress NOT NULL, recipient QoraAddress NOT NULL, "
+ "is_text BOOLEAN NOT NULL, is_encrypted BOOLEAN NOT NULL, amount QoraAmount NOT NULL, asset AssetID NOT NULL, data VARBINARY(4000) NOT NULL, "
+ "PRIMARY KEY (signature), FOREIGN KEY (signature) REFERENCES Transactions (signature) ON DELETE CASCADE)");
// nothing to do
return false;
// database was updated
return true;
public int fetchDatabaseVersion() throws SQLException {
int databaseVersion = 0;
try {
Statement stmt = c.createStatement();
if (stmt.execute("SELECT version FROM DatabaseInfo")) {
ResultSet rs = stmt.getResultSet();
databaseVersion = rs.getInt(1);
} catch (SQLException e) {
// empty database?
return databaseVersion;
public void incrementDatabaseVersion() throws SQLException {
Statement stmt = c.createStatement();
assertFalse(stmt.execute("UPDATE DatabaseInfo SET version = version + 1"));
public void testUpdates() {
try {
while (databaseUpdating())
} catch (SQLException e) {
Normal file
Normal file
@ -0,0 +1,218 @@
* Copyright 2011 Google Inc.
* Copyright 2013-2014 Ronald W Hoffman
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* See the License for the specific language governing permissions and
* limitations under the License.
package utils;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.util.Arrays;
* Provides Base-58 encoding and decoding
public class Base58 {
/** Alphabet used for encoding and decoding */
private static final String ALPHABET_STR = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
private static final char[] ALPHABET =
/** Lookup index for US-ASCII characters (code points 0-127) */
private static final int[] INDEXES = new int[128];
static {
for (int i=0; i<INDEXES.length; i++)
INDEXES[i] = -1;
for (int i=0; i<ALPHABET.length; i++)
* Encodes a byte array as a Base58 string
* @param bytes Array to be encoded
* @return Encoded string
public static String encode(byte[] bytes) {
// Nothing to do for an empty array
if (bytes.length == 0)
return "";
// Make a copy of the input since we will be modifying it as we go along
byte[] input = Arrays.copyOf(bytes, bytes.length);
// Count the number of leading zeroes (we will need to prefix the encoded result
// with this many zero characters)
int zeroCount = 0;
while (zeroCount < input.length && input[zeroCount] == 0)
// Encode the input starting with the first non-zero byte
int offset = zeroCount;
byte[] encoded = new byte[input.length*2];
int encodedOffset = encoded.length;
while (offset < input.length) {
byte mod = divMod58(input, offset);
if (input[offset] == 0)
encoded[--encodedOffset] = (byte)ALPHABET[mod];
// Strip any leading zero values in the encoded result
while (encodedOffset < encoded.length && encoded[encodedOffset] == (byte)ALPHABET[0])
// Now add the number of leading zeroes that we found in the input array
for (int i=0; i<zeroCount; i++)
encoded[--encodedOffset] = (byte)ALPHABET[0];
// Create the return string from the encoded bytes
String encodedResult;
try {
byte[] stringBytes = Arrays.copyOfRange(encoded, encodedOffset, encoded.length);
encodedResult = new String(stringBytes, "US-ASCII");
} catch (UnsupportedEncodingException exc) {
encodedResult = ""; // Should never happen
return encodedResult;
* Decodes a Base58 string
* @param string Encoded string
* @return Decoded bytes
* @throws NumberFormatException Invalid Base-58 encoded string
public static byte[] decode(String string) {
// Nothing to do if we have an empty string
if (string.length() == 0)
return null;
// Convert the input string to a byte sequence
byte[] input = new byte[string.length()];
for (int i=0; i<string.length(); i++) {
int codePoint = string.codePointAt(i);
int digit = -1;
if (codePoint>=0 && codePoint<INDEXES.length)
digit = INDEXES[codePoint];
if (digit < 0)
throw new NumberFormatException(
String.format("Illegal character %c at index %d",
string.charAt(i), i));
input[i] = (byte)digit;
// Count the number of leading zero characters
int zeroCount = 0;
while (zeroCount < input.length && input[zeroCount] == 0)
// Convert from Base58 encoding starting with the first non-zero character
byte[] decoded = new byte[input.length];
int decodedOffset = decoded.length;
int offset = zeroCount;
while (offset < input.length) {
byte mod = divMod256(input, offset);
if (input[offset] == 0)
decoded[--decodedOffset] = mod;
// Strip leading zeroes from the decoded result
while (decodedOffset < decoded.length && decoded[decodedOffset] == 0)
// Return the decoded result prefixed with the number of leading zeroes
// that were in the original string
byte[] output = Arrays.copyOfRange(decoded, decodedOffset-zeroCount, decoded.length);
return output;
* Divide the current number by 58 and return the remainder. The input array
* is updated for the next round.
* @param number Number array
* @param offset Offset within the array
* @return The remainder
private static byte divMod58(byte[] number, int offset) {
int remainder = 0;
for (int i=offset; i<number.length; i++) {
int digit = (int)number[i]&0xff;
int temp = remainder*256 + digit;
number[i] = (byte)(temp/58);
remainder = temp%58;
return (byte)remainder;
* Divide the current number by 256 and return the remainder. The input array
* is updated for the next round.
* @param number Number array
* @param offset Offset within the array
* @return The remainder
private static byte divMod256(byte[] number, int offset) {
int remainder = 0;
for (int i=offset; i<number.length; i++) {
int digit = (int)number[i]&0xff;
int temp = remainder*58 + digit;
number[i] = (byte)(temp/256);
remainder = temp%256;
return (byte)remainder;
public static String encode(BigInteger id) {
byte[] array = id.toByteArray();
return encode(array);
public static BigInteger decodeBI(String input) {
return new BigInteger(decode(input));
public static String clean(String str)
return str.replaceAll("[^"+ALPHABET_STR+"]", "");
public static boolean isExtraSymbols(String str)
return !clean(str).equals(str);
Normal file
Normal file
@ -0,0 +1,32 @@
package utils;
public class Pair<T, U> {
private T a;
private U b;
public Pair() {
public Pair(T a, U b) {
this.a = a;
this.b = b;
public void setA(T a) {
this.a = a;
public T getA() {
return a;
public void setB(U b) {
this.b = b;
public U getB() {
return b;
Reference in New Issue
Block a user