aboutsummaryrefslogtreecommitdiff
path: root/src/ext/ed25519/donna/README.tor
diff options
context:
space:
mode:
Diffstat (limited to 'src/ext/ed25519/donna/README.tor')
-rw-r--r--src/ext/ed25519/donna/README.tor32
1 files changed, 32 insertions, 0 deletions
diff --git a/src/ext/ed25519/donna/README.tor b/src/ext/ed25519/donna/README.tor
new file mode 100644
index 0000000000..6053c88f28
--- /dev/null
+++ b/src/ext/ed25519/donna/README.tor
@@ -0,0 +1,32 @@
+
+We've made the following changes to the stock ed25519-donna from
+as of 8757bd4cd209cb032853ece0ce413f122eef212c.
+
+ * Tor uses copies of `ed25519-donna.h` and `ed25519.c`, named
+ `ed25519_donna_tor.h` and `ed25591_tor.c`.
+
+ The main functional differences between the standard ed25519-donna
+ and the Tor specific version are:
+
+ * The external interface has been reworked to match that provided
+ by Tor's copy of the SUPERCOP `ref10` code.
+
+ * The secret (aka private) key is now stored/used in expanded form.
+
+ * The internal math tests from `test-internals.c` have been wrapped
+ in a function and the entire file is included to allow for
+ runtime validation.
+
+ * `ED25519_FN(ed25519_randombytes_unsafe)` is now static.
+
+ * `ed25519-randombytes-custom.h` has the appropriate code to call
+ Tor's `crypto_rand()` routine, instead of directly using OpenSSL's
+ CSPRNG.
+
+ * OSX pollutes the global namespace with an `ALIGN` macro, which is
+ undef-ed right before the donna `ALIGN` macro is defined.
+
+ * If building with Clang's AddressSanitizer, disable inline assembly
+ since the compilation will fail in `ge25519_scalarmult_base_choose_niels`
+ on x86_64 targets due to running out of registers.
+
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion