Back to index

lightning-sunbird  0.9+nobinonly
Functions
ec2.h File Reference
#include "ecl-priv.h"
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

mp_err ec_GF2m_pt_is_inf_aff (const mp_int *px, const mp_int *py)
mp_err ec_GF2m_pt_set_inf_aff (mp_int *px, mp_int *py)
mp_err ec_GF2m_pt_add_aff (const mp_int *px, const mp_int *py, const mp_int *qx, const mp_int *qy, mp_int *rx, mp_int *ry, const ECGroup *group)
mp_err ec_GF2m_pt_sub_aff (const mp_int *px, const mp_int *py, const mp_int *qx, const mp_int *qy, mp_int *rx, mp_int *ry, const ECGroup *group)
mp_err ec_GF2m_pt_dbl_aff (const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, const ECGroup *group)
mp_err ec_GF2m_validate_point (const mp_int *px, const mp_int *py, const ECGroup *group)
mp_err ec_GF2m_pt_mul_mont (const mp_int *n, const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry, const ECGroup *group)

Function Documentation

mp_err ec_GF2m_pt_add_aff ( const mp_int px,
const mp_int py,
const mp_int qx,
const mp_int qy,
mp_int rx,
mp_int ry,
const ECGroup *  group 
)

Definition at line 69 of file ec2_aff.c.

{
       mp_err res = MP_OKAY;
       mp_int lambda, tempx, tempy;

       MP_DIGITS(&lambda) = 0;
       MP_DIGITS(&tempx) = 0;
       MP_DIGITS(&tempy) = 0;
       MP_CHECKOK(mp_init(&lambda));
       MP_CHECKOK(mp_init(&tempx));
       MP_CHECKOK(mp_init(&tempy));
       /* if P = inf, then R = Q */
       if (ec_GF2m_pt_is_inf_aff(px, py) == 0) {
              MP_CHECKOK(mp_copy(qx, rx));
              MP_CHECKOK(mp_copy(qy, ry));
              res = MP_OKAY;
              goto CLEANUP;
       }
       /* if Q = inf, then R = P */
       if (ec_GF2m_pt_is_inf_aff(qx, qy) == 0) {
              MP_CHECKOK(mp_copy(px, rx));
              MP_CHECKOK(mp_copy(py, ry));
              res = MP_OKAY;
              goto CLEANUP;
       }
       /* if px != qx, then lambda = (py+qy) / (px+qx), tempx = a + lambda^2
        * + lambda + px + qx */
       if (mp_cmp(px, qx) != 0) {
              MP_CHECKOK(group->meth->field_add(py, qy, &tempy, group->meth));
              MP_CHECKOK(group->meth->field_add(px, qx, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_div(&tempy, &tempx, &lambda, group->meth));
              MP_CHECKOK(group->meth->field_sqr(&lambda, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, &lambda, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, &group->curvea, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, px, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, qx, &tempx, group->meth));
       } else {
              /* if py != qy or qx = 0, then R = inf */
              if (((mp_cmp(py, qy) != 0)) || (mp_cmp_z(qx) == 0)) {
                     mp_zero(rx);
                     mp_zero(ry);
                     res = MP_OKAY;
                     goto CLEANUP;
              }
              /* lambda = qx + qy / qx */
              MP_CHECKOK(group->meth->field_div(qy, qx, &lambda, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&lambda, qx, &lambda, group->meth));
              /* tempx = a + lambda^2 + lambda */
              MP_CHECKOK(group->meth->field_sqr(&lambda, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, &lambda, &tempx, group->meth));
              MP_CHECKOK(group->meth->
                               field_add(&tempx, &group->curvea, &tempx, group->meth));
       }
       /* ry = (qx + tempx) * lambda + tempx + qy */
       MP_CHECKOK(group->meth->field_add(qx, &tempx, &tempy, group->meth));
       MP_CHECKOK(group->meth->
                        field_mul(&tempy, &lambda, &tempy, group->meth));
       MP_CHECKOK(group->meth->
                        field_add(&tempy, &tempx, &tempy, group->meth));
       MP_CHECKOK(group->meth->field_add(&tempy, qy, ry, group->meth));
       /* rx = tempx */
       MP_CHECKOK(mp_copy(&tempx, rx));

  CLEANUP:
       mp_clear(&lambda);
       mp_clear(&tempx);
       mp_clear(&tempy);
       return res;
}

Here is the call graph for this function:

mp_err ec_GF2m_pt_dbl_aff ( const mp_int px,
const mp_int py,
mp_int rx,
mp_int ry,
const ECGroup *  group 
)

Definition at line 171 of file ec2_aff.c.

{
       return group->point_add(px, py, px, py, rx, ry, group);
}

Definition at line 46 of file ec2_aff.c.

{

       if ((mp_cmp_z(px) == 0) && (mp_cmp_z(py) == 0)) {
              return MP_YES;
       } else {
              return MP_NO;
       }

}

Here is the call graph for this function:

mp_err ec_GF2m_pt_mul_mont ( const mp_int n,
const mp_int px,
const mp_int py,
mp_int rx,
mp_int ry,
const ECGroup *  group 
)

Definition at line 185 of file ec2_mont.c.

{
       mp_err res = MP_OKAY;
       mp_int x1, x2, z1, z2;
       int i, j;
       mp_digit top_bit, mask;

       MP_DIGITS(&x1) = 0;
       MP_DIGITS(&x2) = 0;
       MP_DIGITS(&z1) = 0;
       MP_DIGITS(&z2) = 0;
       MP_CHECKOK(mp_init(&x1));
       MP_CHECKOK(mp_init(&x2));
       MP_CHECKOK(mp_init(&z1));
       MP_CHECKOK(mp_init(&z2));

       /* if result should be point at infinity */
       if ((mp_cmp_z(n) == 0) || (ec_GF2m_pt_is_inf_aff(px, py) == MP_YES)) {
              MP_CHECKOK(ec_GF2m_pt_set_inf_aff(rx, ry));
              goto CLEANUP;
       }

       MP_CHECKOK(mp_copy(rx, &x2));      /* x2 = rx */
       MP_CHECKOK(mp_copy(ry, &z2));      /* z2 = ry */

       MP_CHECKOK(mp_copy(px, &x1));      /* x1 = px */
       MP_CHECKOK(mp_set_int(&z1, 1));    /* z1 = 1 */
       MP_CHECKOK(group->meth->field_sqr(&x1, &z2, group->meth));     /* z2 =
                                                                                                                 * x1^2 =
                                                                                                                 * x2^2 */
       MP_CHECKOK(group->meth->field_sqr(&z2, &x2, group->meth));
       MP_CHECKOK(group->meth->field_add(&x2, &group->curveb, &x2, group->meth));   /* x2 
                                                                                                                                             * = 
                                                                                                                                             * px^4 
                                                                                                                                             * + 
                                                                                                                                             * b 
                                                                                                                                             */

       /* find top-most bit and go one past it */
       i = MP_USED(n) - 1;
       j = MP_DIGIT_BIT - 1;
       top_bit = 1;
       top_bit <<= MP_DIGIT_BIT - 1;
       mask = top_bit;
       while (!(MP_DIGITS(n)[i] & mask)) {
              mask >>= 1;
              j--;
       }
       mask >>= 1;
       j--;

       /* if top most bit was at word break, go to next word */
       if (!mask) {
              i--;
              j = MP_DIGIT_BIT - 1;
              mask = top_bit;
       }

       for (; i >= 0; i--) {
              for (; j >= 0; j--) {
                     if (MP_DIGITS(n)[i] & mask) {
                            MP_CHECKOK(gf2m_Madd(px, &x1, &z1, &x2, &z2, group));
                            MP_CHECKOK(gf2m_Mdouble(&x2, &z2, group));
                     } else {
                            MP_CHECKOK(gf2m_Madd(px, &x2, &z2, &x1, &z1, group));
                            MP_CHECKOK(gf2m_Mdouble(&x1, &z1, group));
                     }
                     mask >>= 1;
              }
              j = MP_DIGIT_BIT - 1;
              mask = top_bit;
       }

       /* convert out of "projective" coordinates */
       i = gf2m_Mxy(px, py, &x1, &z1, &x2, &z2, group);
       if (i == 0) {
              res = MP_BADARG;
              goto CLEANUP;
       } else if (i == 1) {
              MP_CHECKOK(ec_GF2m_pt_set_inf_aff(rx, ry));
       } else {
              MP_CHECKOK(mp_copy(&x2, rx));
              MP_CHECKOK(mp_copy(&z2, ry));
       }

  CLEANUP:
       mp_clear(&x1);
       mp_clear(&x2);
       mp_clear(&z1);
       mp_clear(&z2);
       return res;
}

Here is the call graph for this function:

Definition at line 59 of file ec2_aff.c.

{
       mp_zero(px);
       mp_zero(py);
       return MP_OKAY;
}

Here is the call graph for this function:

mp_err ec_GF2m_pt_sub_aff ( const mp_int px,
const mp_int py,
const mp_int qx,
const mp_int qy,
mp_int rx,
mp_int ry,
const ECGroup *  group 
)

Definition at line 151 of file ec2_aff.c.

{
       mp_err res = MP_OKAY;
       mp_int nqy;

       MP_DIGITS(&nqy) = 0;
       MP_CHECKOK(mp_init(&nqy));
       /* nqy = qx+qy */
       MP_CHECKOK(group->meth->field_add(qx, qy, &nqy, group->meth));
       MP_CHECKOK(group->point_add(px, py, qx, &nqy, rx, ry, group));
  CLEANUP:
       mp_clear(&nqy);
       return res;
}

Here is the call graph for this function:

mp_err ec_GF2m_validate_point ( const mp_int px,
const mp_int py,
const ECGroup *  group 
)

Definition at line 275 of file ec2_aff.c.

{
       mp_err res = MP_NO;
       mp_int accl, accr, tmp, pxt, pyt;

       MP_DIGITS(&accl) = 0;
       MP_DIGITS(&accr) = 0;
       MP_DIGITS(&tmp) = 0;
       MP_DIGITS(&pxt) = 0;
       MP_DIGITS(&pyt) = 0;
       MP_CHECKOK(mp_init(&accl));
       MP_CHECKOK(mp_init(&accr));
       MP_CHECKOK(mp_init(&tmp));
       MP_CHECKOK(mp_init(&pxt));
       MP_CHECKOK(mp_init(&pyt));

    /* 1: Verify that publicValue is not the point at infinity */
       if (ec_GF2m_pt_is_inf_aff(px, py) == MP_YES) {
              res = MP_NO;
              goto CLEANUP;
       }
    /* 2: Verify that the coordinates of publicValue are elements 
     *    of the field.
     */
       if ((MP_SIGN(px) == MP_NEG) || (mp_cmp(px, &group->meth->irr) >= 0) || 
              (MP_SIGN(py) == MP_NEG) || (mp_cmp(py, &group->meth->irr) >= 0)) {
              res = MP_NO;
              goto CLEANUP;
       }
    /* 3: Verify that publicValue is on the curve. */
       if (group->meth->field_enc) {
              group->meth->field_enc(px, &pxt, group->meth);
              group->meth->field_enc(py, &pyt, group->meth);
       } else {
              mp_copy(px, &pxt);
              mp_copy(py, &pyt);
       }
       /* left-hand side: y^2 + x*y  */
       MP_CHECKOK( group->meth->field_sqr(&pyt, &accl, group->meth) );
       MP_CHECKOK( group->meth->field_mul(&pxt, &pyt, &tmp, group->meth) );
       MP_CHECKOK( group->meth->field_add(&accl, &tmp, &accl, group->meth) );
       /* right-hand side: x^3 + a*x^2 + b */
       MP_CHECKOK( group->meth->field_sqr(&pxt, &tmp, group->meth) );
       MP_CHECKOK( group->meth->field_mul(&pxt, &tmp, &accr, group->meth) );
       MP_CHECKOK( group->meth->field_mul(&group->curvea, &tmp, &tmp, group->meth) );
       MP_CHECKOK( group->meth->field_add(&tmp, &accr, &accr, group->meth) );
       MP_CHECKOK( group->meth->field_add(&accr, &group->curveb, &accr, group->meth) );
       /* check LHS - RHS == 0 */
       MP_CHECKOK( group->meth->field_add(&accl, &accr, &accr, group->meth) );
       if (mp_cmp_z(&accr) != 0) {
              res = MP_NO;
              goto CLEANUP;
       }
    /* 4: Verify that the order of the curve times the publicValue
     *    is the point at infinity.
     */
       MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt) );
       if (ec_GF2m_pt_is_inf_aff(&pxt, &pyt) != MP_YES) {
              res = MP_NO;
              goto CLEANUP;
       }

       res = MP_YES;

CLEANUP:
       mp_clear(&accl);
       mp_clear(&accr);
       mp_clear(&tmp);
       mp_clear(&pxt);
       mp_clear(&pyt);
       return res;
}

Here is the call graph for this function: