1f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* LibTomCrypt, modular cryptographic library -- Tom St Denis 2f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 3f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * LibTomCrypt is a library that provides various cryptographic 4f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * algorithms in a highly modular and flexible manner. 5f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 6f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * The library is free for all purposes without any express 7f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * guarantee it works. 8f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 9f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com 10f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project */ 11f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 12f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b 13f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 14f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * All curves taken from NIST recommendation paper of July 1999 15f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Available at http://csrc.nist.gov/cryptval/dss.htm 16f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project */ 17f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#include "tomcrypt.h" 18f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 19f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/** 20f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @file ltc_ecc_projective_dbl_point.c 21f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project ECC Crypto, Tom St Denis 22f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project*/ 23f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 24f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(MECC) && (!defined(MECC_ACCEL) || defined(LTM_DESC)) 25f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 26f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/** 27f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project Double an ECC point 28f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @param P The point to double 29f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @param R [out] The destination of the double 30f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @param modulus The modulus of the field the ECC curve is in 31f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @param mp The "b" value from montgomery_setup() 32f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project @return CRYPT_OK on success 33f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project*/ 34f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectint ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp) 35f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project{ 36f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project void *t1, *t2; 37f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project int err; 38f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 39f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project LTC_ARGCHK(P != NULL); 40f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project LTC_ARGCHK(R != NULL); 41f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project LTC_ARGCHK(modulus != NULL); 42f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project LTC_ARGCHK(mp != NULL); 43f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 44f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { 45f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return err; 46f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 47f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 48f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (P != R) { 49f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_copy(P->x, R->x)) != CRYPT_OK) { goto done; } 50f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_copy(P->y, R->y)) != CRYPT_OK) { goto done; } 51f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_copy(P->z, R->z)) != CRYPT_OK) { goto done; } 52f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 53f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 54f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* t1 = Z * Z */ 55f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sqr(R->z, t1)) != CRYPT_OK) { goto done; } 56f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } 57f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Z = Y * Z */ 58f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_mul(R->z, R->y, R->z)) != CRYPT_OK) { goto done; } 59f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(R->z, modulus, mp)) != CRYPT_OK) { goto done; } 60f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Z = 2Z */ 61f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->z, R->z, R->z)) != CRYPT_OK) { goto done; } 62f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp(R->z, modulus) != LTC_MP_LT) { 63f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->z, modulus, R->z)) != CRYPT_OK) { goto done; } 64f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 65f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 66f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T2 = X - T1 */ 67f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->x, t1, t2)) != CRYPT_OK) { goto done; } 68f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp_d(t2, 0) == LTC_MP_LT) { 69f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } 70f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 71f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T1 = X + T1 */ 72f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(t1, R->x, t1)) != CRYPT_OK) { goto done; } 73f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp(t1, modulus) != LTC_MP_LT) { 74f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } 75f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 76f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T2 = T1 * T2 */ 77f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_mul(t1, t2, t2)) != CRYPT_OK) { goto done; } 78f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } 79f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T1 = 2T2 */ 80f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(t2, t2, t1)) != CRYPT_OK) { goto done; } 81f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp(t1, modulus) != LTC_MP_LT) { 82f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } 83f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 84f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T1 = T1 + T2 */ 85f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(t1, t2, t1)) != CRYPT_OK) { goto done; } 86f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp(t1, modulus) != LTC_MP_LT) { 87f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } 88f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 89f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 90f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = 2Y */ 91f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->y, R->y, R->y)) != CRYPT_OK) { goto done; } 92f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp(R->y, modulus) != LTC_MP_LT) { 93f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } 94f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 95f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = Y * Y */ 96f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sqr(R->y, R->y)) != CRYPT_OK) { goto done; } 97f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } 98f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T2 = Y * Y */ 99f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sqr(R->y, t2)) != CRYPT_OK) { goto done; } 100f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } 101f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* T2 = T2/2 */ 102f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_isodd(t2)) { 103f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } 104f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 105f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_div_2(t2, t2)) != CRYPT_OK) { goto done; } 106f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = Y * X */ 107f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_mul(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } 108f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } 109f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 110f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* X = T1 * T1 */ 111f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sqr(t1, R->x)) != CRYPT_OK) { goto done; } 112f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(R->x, modulus, mp)) != CRYPT_OK) { goto done; } 113f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* X = X - Y */ 114f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } 115f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { 116f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } 117f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 118f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* X = X - Y */ 119f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } 120f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { 121f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } 122f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 123f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 124f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = Y - X */ 125f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } 126f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { 127f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } 128f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 129f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = Y * T1 */ 130f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_mul(R->y, t1, R->y)) != CRYPT_OK) { goto done; } 131f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } 132f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project /* Y = Y - T2 */ 133f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_sub(R->y, t2, R->y)) != CRYPT_OK) { goto done; } 134f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { 135f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } 136f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project } 137f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 138f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project err = CRYPT_OK; 139f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectdone: 140f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project mp_clear_multi(t1, t2, NULL); 141f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project return err; 142f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project} 143f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 144f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c,v $ */ 145f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* $Revision: 1.8 $ */ 146f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* $Date: 2006/12/04 05:07:59 $ */ 147f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 148