jdk-sandbox: jdk/src/share/native/sun/security/ec/impl/ecp

9774 50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	1	/*
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	2	* Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	3	* Use is subject to license terms.
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	4	*
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	5	* This library is free software; you can redistribute it and/or
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	6	* modify it under the terms of the GNU Lesser General Public
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	7	* License as published by the Free Software Foundation; either
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	8	* version 2.1 of the License, or (at your option) any later version.
3863 8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	9	*
9774 50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	10	* This library is distributed in the hope that it will be useful,
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	13	* Lesser General Public License for more details.
3863 8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	14	*
9774 50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	15	* You should have received a copy of the GNU Lesser General Public License
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	16	* along with this library; if not, write to the Free Software Foundation,
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	17	* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
3863 8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	18	*
9774 50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	20	* or visit www.oracle.com if you need additional information or have any
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	21	* questions.
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	22	*/
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	23
50a2b28ca54c 7049173: Replace the software license for ECC native code vinnie parents: 9035 diff changeset	24	/* *********************************************************************
3863 8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	25	*
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	26	* The Original Code is the elliptic curve math library for prime field curves.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	27	*
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	28	* The Initial Developer of the Original Code is
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	29	* Sun Microsystems, Inc.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	30	* Portions created by the Initial Developer are Copyright (C) 2003
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	31	* the Initial Developer. All Rights Reserved.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	32	*
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	33	* Contributor(s):
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	34	* Sheueling Chang-Shantz <sheueling.chang@sun.com>,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	35	* Stephen Fung <fungstep@hotmail.com>, and
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	36	* Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	37	* Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	38	* Nils Larsch <nla@trustcenter.de>, and
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	39	* Lenka Fibikova <fibikova@exp-math.uni-essen.de>, the OpenSSL Project
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	40	*
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	41	*********************************************************************** */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	42
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	43	#include "ecp.h"
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	44	#include "mplogic.h"
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	45	#ifndef _KERNEL
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	46	#include <stdlib.h>
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	47	#endif
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	48
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	49	/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	50	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	51	ec_GFp_pt_is_inf_aff(const mp_int px, const mp_int py)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	52	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	53
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	54	if ((mp_cmp_z(px) == 0) && (mp_cmp_z(py) == 0)) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	55	return MP_YES;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	56	} else {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	57	return MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	58	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	59
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	60	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	61
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	62	/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	63	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	64	ec_GFp_pt_set_inf_aff(mp_int px, mp_int py)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	65	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	66	mp_zero(px);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	67	mp_zero(py);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	68	return MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	69	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	70
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	71	/* Computes R = P + Q based on IEEE P1363 A.10.1. Elliptic curve points P,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	72	* Q, and R can all be identical. Uses affine coordinates. Assumes input
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	73	* is already field-encoded using field_enc, and returns output that is
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	74	* still field-encoded. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	75	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	76	ec_GFp_pt_add_aff(const mp_int px, const mp_int py, const mp_int *qx,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	77	const mp_int qy, mp_int rx, mp_int *ry,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	78	const ECGroup *group)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	79	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	80	mp_err res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	81	mp_int lambda, temp, tempx, tempy;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	82
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	83	MP_DIGITS(&lambda) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	84	MP_DIGITS(&temp) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	85	MP_DIGITS(&tempx) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	86	MP_DIGITS(&tempy) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	87	MP_CHECKOK(mp_init(&lambda, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	88	MP_CHECKOK(mp_init(&temp, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	89	MP_CHECKOK(mp_init(&tempx, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	90	MP_CHECKOK(mp_init(&tempy, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	91	/* if P = inf, then R = Q */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	92	if (ec_GFp_pt_is_inf_aff(px, py) == 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	93	MP_CHECKOK(mp_copy(qx, rx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	94	MP_CHECKOK(mp_copy(qy, ry));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	95	res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	96	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	97	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	98	/* if Q = inf, then R = P */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	99	if (ec_GFp_pt_is_inf_aff(qx, qy) == 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	100	MP_CHECKOK(mp_copy(px, rx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	101	MP_CHECKOK(mp_copy(py, ry));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	102	res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	103	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	104	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	105	/* if px != qx, then lambda = (py-qy) / (px-qx) */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	106	if (mp_cmp(px, qx) != 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	107	MP_CHECKOK(group->meth->field_sub(py, qy, &tempy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	108	MP_CHECKOK(group->meth->field_sub(px, qx, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	109	MP_CHECKOK(group->meth->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	110	field_div(&tempy, &tempx, &lambda, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	111	} else {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	112	/* if py != qy or qy = 0, then R = inf */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	113	if (((mp_cmp(py, qy) != 0)) \|\| (mp_cmp_z(qy) == 0)) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	114	mp_zero(rx);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	115	mp_zero(ry);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	116	res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	117	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	118	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	119	/* lambda = (3qx^2+a) / (2qy) */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	120	MP_CHECKOK(group->meth->field_sqr(qx, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	121	MP_CHECKOK(mp_set_int(&temp, 3));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	122	if (group->meth->field_enc) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	123	MP_CHECKOK(group->meth->field_enc(&temp, &temp, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	124	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	125	MP_CHECKOK(group->meth->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	126	field_mul(&tempx, &temp, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	127	MP_CHECKOK(group->meth->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	128	field_add(&tempx, &group->curvea, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	129	MP_CHECKOK(mp_set_int(&temp, 2));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	130	if (group->meth->field_enc) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	131	MP_CHECKOK(group->meth->field_enc(&temp, &temp, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	132	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	133	MP_CHECKOK(group->meth->field_mul(qy, &temp, &tempy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	134	MP_CHECKOK(group->meth->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	135	field_div(&tempx, &tempy, &lambda, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	136	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	137	/* rx = lambda^2 - px - qx */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	138	MP_CHECKOK(group->meth->field_sqr(&lambda, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	139	MP_CHECKOK(group->meth->field_sub(&tempx, px, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	140	MP_CHECKOK(group->meth->field_sub(&tempx, qx, &tempx, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	141	/* ry = (x1-x2) * lambda - y1 */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	142	MP_CHECKOK(group->meth->field_sub(qx, &tempx, &tempy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	143	MP_CHECKOK(group->meth->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	144	field_mul(&tempy, &lambda, &tempy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	145	MP_CHECKOK(group->meth->field_sub(&tempy, qy, &tempy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	146	MP_CHECKOK(mp_copy(&tempx, rx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	147	MP_CHECKOK(mp_copy(&tempy, ry));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	148
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	149	CLEANUP:
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	150	mp_clear(&lambda);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	151	mp_clear(&temp);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	152	mp_clear(&tempx);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	153	mp_clear(&tempy);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	154	return res;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	155	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	156
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	157	/* Computes R = P - Q. Elliptic curve points P, Q, and R can all be
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	158	* identical. Uses affine coordinates. Assumes input is already
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	159	* field-encoded using field_enc, and returns output that is still
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	160	* field-encoded. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	161	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	162	ec_GFp_pt_sub_aff(const mp_int px, const mp_int py, const mp_int *qx,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	163	const mp_int qy, mp_int rx, mp_int *ry,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	164	const ECGroup *group)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	165	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	166	mp_err res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	167	mp_int nqy;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	168
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	169	MP_DIGITS(&nqy) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	170	MP_CHECKOK(mp_init(&nqy, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	171	/* nqy = -qy */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	172	MP_CHECKOK(group->meth->field_neg(qy, &nqy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	173	res = group->point_add(px, py, qx, &nqy, rx, ry, group);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	174	CLEANUP:
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	175	mp_clear(&nqy);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	176	return res;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	177	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	178
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	179	/* Computes R = 2P. Elliptic curve points P and R can be identical. Uses
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	180	* affine coordinates. Assumes input is already field-encoded using
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	181	* field_enc, and returns output that is still field-encoded. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	182	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	183	ec_GFp_pt_dbl_aff(const mp_int px, const mp_int py, mp_int *rx,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	184	mp_int ry, const ECGroup group)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	185	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	186	return ec_GFp_pt_add_aff(px, py, px, py, rx, ry, group);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	187	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	188
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	189	/* by default, this routine is unused and thus doesn't need to be compiled */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	190	#ifdef ECL_ENABLE_GFP_PT_MUL_AFF
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	191	/* Computes R = nP based on IEEE P1363 A.10.3. Elliptic curve points P and
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	192	* R can be identical. Uses affine coordinates. Assumes input is already
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	193	* field-encoded using field_enc, and returns output that is still
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	194	* field-encoded. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	195	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	196	ec_GFp_pt_mul_aff(const mp_int n, const mp_int px, const mp_int *py,
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	197	mp_int rx, mp_int ry, const ECGroup *group)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	198	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	199	mp_err res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	200	mp_int k, k3, qx, qy, sx, sy;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	201	int b1, b3, i, l;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	202
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	203	MP_DIGITS(&k) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	204	MP_DIGITS(&k3) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	205	MP_DIGITS(&qx) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	206	MP_DIGITS(&qy) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	207	MP_DIGITS(&sx) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	208	MP_DIGITS(&sy) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	209	MP_CHECKOK(mp_init(&k));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	210	MP_CHECKOK(mp_init(&k3));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	211	MP_CHECKOK(mp_init(&qx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	212	MP_CHECKOK(mp_init(&qy));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	213	MP_CHECKOK(mp_init(&sx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	214	MP_CHECKOK(mp_init(&sy));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	215
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	216	/* if n = 0 then r = inf */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	217	if (mp_cmp_z(n) == 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	218	mp_zero(rx);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	219	mp_zero(ry);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	220	res = MP_OKAY;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	221	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	222	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	223	/* Q = P, k = n */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	224	MP_CHECKOK(mp_copy(px, &qx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	225	MP_CHECKOK(mp_copy(py, &qy));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	226	MP_CHECKOK(mp_copy(n, &k));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	227	/* if n < 0 then Q = -Q, k = -k */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	228	if (mp_cmp_z(n) < 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	229	MP_CHECKOK(group->meth->field_neg(&qy, &qy, group->meth));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	230	MP_CHECKOK(mp_neg(&k, &k));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	231	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	232	#ifdef ECL_DEBUG /* basic double and add method */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	233	l = mpl_significant_bits(&k) - 1;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	234	MP_CHECKOK(mp_copy(&qx, &sx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	235	MP_CHECKOK(mp_copy(&qy, &sy));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	236	for (i = l - 1; i >= 0; i--) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	237	/* S = 2S */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	238	MP_CHECKOK(group->point_dbl(&sx, &sy, &sx, &sy, group));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	239	/* if k_i = 1, then S = S + Q */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	240	if (mpl_get_bit(&k, i) != 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	241	MP_CHECKOK(group->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	242	point_add(&sx, &sy, &qx, &qy, &sx, &sy, group));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	243	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	244	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	245	#else /* double and add/subtract method from
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	246	* standard */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	247	/* k3 = 3 * k */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	248	MP_CHECKOK(mp_set_int(&k3, 3));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	249	MP_CHECKOK(mp_mul(&k, &k3, &k3));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	250	/* S = Q */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	251	MP_CHECKOK(mp_copy(&qx, &sx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	252	MP_CHECKOK(mp_copy(&qy, &sy));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	253	/* l = index of high order bit in binary representation of 3k /
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	254	l = mpl_significant_bits(&k3) - 1;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	255	/* for i = l-1 downto 1 */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	256	for (i = l - 1; i >= 1; i--) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	257	/* S = 2S */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	258	MP_CHECKOK(group->point_dbl(&sx, &sy, &sx, &sy, group));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	259	b3 = MP_GET_BIT(&k3, i);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	260	b1 = MP_GET_BIT(&k, i);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	261	/* if k3_i = 1 and k_i = 0, then S = S + Q */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	262	if ((b3 == 1) && (b1 == 0)) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	263	MP_CHECKOK(group->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	264	point_add(&sx, &sy, &qx, &qy, &sx, &sy, group));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	265	/* if k3_i = 0 and k_i = 1, then S = S - Q */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	266	} else if ((b3 == 0) && (b1 == 1)) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	267	MP_CHECKOK(group->
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	268	point_sub(&sx, &sy, &qx, &qy, &sx, &sy, group));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	269	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	270	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	271	#endif
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	272	/* output S */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	273	MP_CHECKOK(mp_copy(&sx, rx));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	274	MP_CHECKOK(mp_copy(&sy, ry));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	275
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	276	CLEANUP:
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	277	mp_clear(&k);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	278	mp_clear(&k3);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	279	mp_clear(&qx);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	280	mp_clear(&qy);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	281	mp_clear(&sx);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	282	mp_clear(&sy);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	283	return res;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	284	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	285	#endif
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	286
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	287	/* Validates a point on a GFp curve. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	288	mp_err
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	289	ec_GFp_validate_point(const mp_int px, const mp_int py, const ECGroup *group)
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	290	{
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	291	mp_err res = MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	292	mp_int accl, accr, tmp, pxt, pyt;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	293
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	294	MP_DIGITS(&accl) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	295	MP_DIGITS(&accr) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	296	MP_DIGITS(&tmp) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	297	MP_DIGITS(&pxt) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	298	MP_DIGITS(&pyt) = 0;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	299	MP_CHECKOK(mp_init(&accl, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	300	MP_CHECKOK(mp_init(&accr, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	301	MP_CHECKOK(mp_init(&tmp, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	302	MP_CHECKOK(mp_init(&pxt, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	303	MP_CHECKOK(mp_init(&pyt, FLAG(px)));
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	304
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	305	/* 1: Verify that publicValue is not the point at infinity */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	306	if (ec_GFp_pt_is_inf_aff(px, py) == MP_YES) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	307	res = MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	308	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	309	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	310	/* 2: Verify that the coordinates of publicValue are elements
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	311	* of the field.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	312	*/
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	313	if ((MP_SIGN(px) == MP_NEG) \|\| (mp_cmp(px, &group->meth->irr) >= 0) \|\|
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	314	(MP_SIGN(py) == MP_NEG) \|\| (mp_cmp(py, &group->meth->irr) >= 0)) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	315	res = MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	316	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	317	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	318	/* 3: Verify that publicValue is on the curve. */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	319	if (group->meth->field_enc) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	320	group->meth->field_enc(px, &pxt, group->meth);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	321	group->meth->field_enc(py, &pyt, group->meth);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	322	} else {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	323	mp_copy(px, &pxt);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	324	mp_copy(py, &pyt);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	325	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	326	/* left-hand side: y^2 */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	327	MP_CHECKOK( group->meth->field_sqr(&pyt, &accl, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	328	/* right-hand side: x^3 + ax + b /
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	329	MP_CHECKOK( group->meth->field_sqr(&pxt, &tmp, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	330	MP_CHECKOK( group->meth->field_mul(&pxt, &tmp, &accr, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	331	MP_CHECKOK( group->meth->field_mul(&group->curvea, &pxt, &tmp, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	332	MP_CHECKOK( group->meth->field_add(&tmp, &accr, &accr, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	333	MP_CHECKOK( group->meth->field_add(&accr, &group->curveb, &accr, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	334	/* check LHS - RHS == 0 */
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	335	MP_CHECKOK( group->meth->field_sub(&accl, &accr, &accr, group->meth) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	336	if (mp_cmp_z(&accr) != 0) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	337	res = MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	338	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	339	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	340	/* 4: Verify that the order of the curve times the publicValue
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	341	* is the point at infinity.
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	342	*/
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	343	MP_CHECKOK( ECPoint_mul(group, &group->order, px, py, &pxt, &pyt) );
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	344	if (ec_GFp_pt_is_inf_aff(&pxt, &pyt) != MP_YES) {
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	345	res = MP_NO;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	346	goto CLEANUP;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	347	}
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	348
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	349	res = MP_YES;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	350
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	351	CLEANUP:
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	352	mp_clear(&accl);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	353	mp_clear(&accr);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	354	mp_clear(&tmp);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	355	mp_clear(&pxt);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	356	mp_clear(&pyt);
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	357	return res;
8e0f58b1c072 6884175: CR cleanup for 6840752: Provide out-of-the-box support for ECC algorithms vinnie parents: diff changeset	358	}

author	vinnie
	Mon, 30 May 2011 16:37:42 +0100
changeset 9774	50a2b28ca54c
parent 9035	1255eb81cc2f
permissions	-rw-r--r--