133 int ec_GFp_simple_group_init(EC_GROUP *group) {
134   BN_init(&group->field);
135   BN_init(&group->a);
136   BN_init(&group->b);
137   group->a_is_minus3 = 0;
141 void ec_GFp_simple_group_finish(EC_GROUP *group) {
142   BN_free(&group->field);
143   BN_free(&group->a);
144   BN_free(&group->b);
147 void ec_GFp_simple_group_clear_finish(EC_GROUP *group) {
148   BN_clear_free(&group->field);
149   BN_clear_free(&group->a);
150   BN_clear_free(&group->b);
164 int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p,
188   /* group->field */
189   if (!BN_copy(&group->field, p))
191   BN_set_negative(&group->field, 0);
193   /* group->a */
196   if (group->meth->field_encode) {
197     if (!group->meth->field_encode(group, &group->a, tmp_a, ctx))
199   } else if (!BN_copy(&group->a, tmp_a))
202   /* group->b */
203   if (!BN_nnmod(&group->b, b, p, ctx))
205   if (group->meth->field_encode)
206     if (!group->meth->field_encode(group, &group->b, &group->b, ctx))
209   /* group->a_is_minus3 */
212   group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
223 int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
229     if (!BN_copy(p, &group->field))
234     if (group->meth->field_decode) {
241         if (!group->meth->field_decode(group, a, &group->a, ctx))
245         if (!group->meth->field_decode(group, b, &group->b, ctx))
250         if (!BN_copy(a, &group->a))
254         if (!BN_copy(b, &group->b))
268 int ec_GFp_simple_group_get_degree(const EC_GROUP *group) {
269   return BN_num_bits(&group->field);
272 int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) {
275   const BIGNUM *p = &group->field;
295   if (group->meth->field_decode) {
296     if (!group->meth->field_decode(group, a, &group->a, ctx))
298     if (!group->meth->field_decode(group, b, &group->b, ctx))
301     if (!BN_copy(a, &group->a))
303     if (!BN_copy(b, &group->b))
377 int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
385     const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y,
397     if (!BN_nnmod(&point->X, x, &group->field, ctx))
399     if (group->meth->field_encode) {
400       if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
406     if (!BN_nnmod(&point->Y, y, &group->field, ctx))
408     if (group->meth->field_encode) {
409       if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
417     if (!BN_nnmod(&point->Z, z, &group->field, ctx))
420     if (group->meth->field_encode) {
421       if (Z_is_one && (group->meth->field_set_to_one != 0)) {
422         if (!group->meth->field_set_to_one(group, &point->Z, ctx))
425         if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx))
440 int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
447   if (group->meth->field_decode != 0) {
455       if (!group->meth->field_decode(group, x, &point->X, ctx))
459       if (!group->meth->field_decode(group, y, &point->Y, ctx))
463       if (!group->meth->field_decode(group, z, &point->Z, ctx))
489 int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
499   return ec_point_set_Jprojective_coordinates_GFp(group, point, x, y,
503 int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group,
511   if (EC_POINT_is_at_infinity(group, point)) {
533   if (group->meth->field_decode) {
534     if (!group->meth->field_decode(group, Z, &point->Z, ctx))
542     if (group->meth->field_decode) {
544         if (!group->meth->field_decode(group, x, &point->X, ctx))
548         if (!group->meth->field_decode(group, y, &point->Y, ctx))
562     if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) {
568     if (group->meth->field_encode == 0) {
570       if (!group->meth->field_sqr(group, Z_2, Z_1, ctx))
573       if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx))
580       if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx))
585       if (group->meth->field_encode == 0) {
587         if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx))
590         if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx))
596       if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx))
610 int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
621     return EC_POINT_dbl(group, r, a, ctx);
622   if (EC_POINT_is_at_infinity(group, a))
624   if (EC_POINT_is_at_infinity(group, b))
627   field_mul = group->meth->field_mul;
628   field_sqr = group->meth->field_sqr;
629   p = &group->field;
662     if (!field_sqr(group, n0, &b->Z, ctx))
664     if (!field_mul(group, n1, &a->X, n0, ctx))
668     if (!field_mul(group, n0, n0, &b->Z, ctx))
670     if (!field_mul(group, n2, &a->Y, n0, ctx))
684     if (!field_sqr(group, n0, &a->Z, ctx))
686     if (!field_mul(group, n3, &b->X, n0, ctx))
690     if (!field_mul(group, n0, n0, &a->Z, ctx))
692     if (!field_mul(group, n4, &b->Y, n0, ctx))
709       ret = EC_POINT_dbl(group, r, a, ctx);
741       if (!field_mul(group, n0, &a->Z, &b->Z, ctx))
744     if (!field_mul(group, &r->Z, n0, n5, ctx))
751   if (!field_sqr(group, n0, n6, ctx))
753   if (!field_sqr(group, n4, n5, ctx))
755   if (!field_mul(group, n3, n1, n4, ctx))
769   if (!field_mul(group, n0, n0, n6, ctx))
771   if (!field_mul(group, n5, n4, n5, ctx))
773   if (!field_mul(group, n1, n2, n5, ctx))
795 int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
805   if (EC_POINT_is_at_infinity(group, a)) {
811   field_mul = group->meth->field_mul;
812   field_sqr = group->meth->field_sqr;
813   p = &group->field;
836     if (!field_sqr(group, n0, &a->X, ctx))
842     if (!BN_mod_add_quick(n1, n0, &group->a, p))
845   } else if (group->a_is_minus3) {
846     if (!field_sqr(group, n1, &a->Z, ctx))
852     if (!field_mul(group, n1, n0, n2, ctx))
861     if (!field_sqr(group, n0, &a->X, ctx))
867     if (!field_sqr(group, n1, &a->Z, ctx))
869     if (!field_sqr(group, n1, n1, ctx))
871     if (!field_mul(group, n1, n1, &group->a, ctx))
883     if (!field_mul(group, n0, &a->Y, &a->Z, ctx))
892   if (!field_sqr(group, n3, &a->Y, ctx))
894   if (!field_mul(group, n2, &a->X, n3, ctx))
903   if (!field_sqr(group, &r->X, n1, ctx))
910   if (!field_sqr(group, n0, n3, ctx))
919   if (!field_mul(group, n0, n1, n0, ctx))
934 int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) {
935   if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
939   return BN_usub(&point->Y, &group->field, &point->Y);
942 int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) {
946 int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
956   if (EC_POINT_is_at_infinity(group, point))
959   field_mul = group->meth->field_mul;
960   field_sqr = group->meth->field_sqr;
961   p = &group->field;
988   if (!field_sqr(group, rh, &point->X, ctx))
992     if (!field_sqr(group, tmp, &point->Z, ctx))
994     if (!field_sqr(group, Z4, tmp, ctx))
996     if (!field_mul(group, Z6, Z4, tmp, ctx))
1000     if (group->a_is_minus3) {
1007       if (!field_mul(group, rh, rh, &point->X, ctx))
1010       if (!field_mul(group, tmp, Z4, &group->a, ctx))
1014       if (!field_mul(group, rh, rh, &point->X, ctx))
1019     if (!field_mul(group, tmp, &group->b, Z6, ctx))
1027     if (!BN_mod_add_quick(rh, rh, &group->a, p))
1029     if (!field_mul(group, rh, rh, &point->X, ctx))
1032     if (!BN_mod_add_quick(rh, rh, &group->b, p))
1037   if (!field_sqr(group, tmp, &point->Y, ctx))
1049 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
1065   if (EC_POINT_is_at_infinity(group, a)) {
1066     return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
1069   if (EC_POINT_is_at_infinity(group, b))
1076   field_mul = group->meth->field_mul;
1077   field_sqr = group->meth->field_sqr;
1100     if (!field_sqr(group, Zb23, &b->Z, ctx))
1102     if (!field_mul(group, tmp1, &a->X, Zb23, ctx))
1108     if (!field_sqr(group, Za23, &a->Z, ctx))
1110     if (!field_mul(group, tmp2, &b->X, Za23, ctx))
1124     if (!field_mul(group, Zb23, Zb23, &b->Z, ctx))
1126     if (!field_mul(group, tmp1, &a->Y, Zb23, ctx))
1132     if (!field_mul(group, Za23, Za23, &a->Z, ctx))
1134     if (!field_mul(group, tmp2, &b->Y, Za23, ctx))
1156 int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
1162   if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
1177   if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
1179   if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
1195 int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
1241     if (group->meth->field_set_to_one != 0) {
1242       if (!group->meth->field_set_to_one(group, prod_Z[0], ctx)) {
1254       if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1],
1268   if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) {
1273   if (group->meth->field_encode != NULL) {
1277     if (!group->meth->field_encode(group, tmp, tmp, ctx) ||
1278         !group->meth->field_encode(group, tmp, tmp, ctx)) {
1292     if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx) ||
1294         !group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx) ||
1312       if (!group->meth->field_sqr(group, tmp, &p->Z, ctx) ||
1313           !group->meth->field_mul(group, &p->X, &p->X, tmp, ctx) ||
1314           !group->meth->field_mul(group, tmp, tmp, &p->Z, ctx) ||
1315           !group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) {
1319       if (group->meth->field_set_to_one != NULL) {
1320         if (!group->meth->field_set_to_one(group, &p->Z, ctx)) {
1351 int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
1353   return BN_mod_mul(r, a, b, &group->field, ctx);
1356 int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
1358   return BN_mod_sqr(r, a, &group->field, ctx);

Indexes created Fri Mar 13 02:32:08 CET 2015