/* Line function */ static void PAIR_line(FP12 *v,ECP2 *A,ECP2 *B,BIG Qx,BIG Qy) { ECP2 P; FP2 Z3,X,Y,ZZ,T,NY; FP4 a,b,c; int D; ECP2_copy(&P,A); if (A==B) D=ECP2_dbl(A); // check these return numbers... else D=ECP2_add(A,B); if (D<0) { /* Infinity */ FP12_one(v); return; } FP2_copy(&Z3,&(A->z)); FP4_zero(&c); FP2_sqr(&ZZ,&(P.z)); /* ZZ=Z^2 */ if (D==0) { /* addition */ ECP2_get(&X,&Y,B); FP2_mul(&T,&(P.z),&Y); /* T=Z*Y2 */ FP2_mul(&ZZ,&ZZ,&T); FP2_neg(&NY,&(P.y)); FP2_add(&ZZ,&ZZ,&NY); /* ZZ=Z^3*Y2-Y (slope numerator) */ FP2_pmul(&Z3,&Z3,Qy); /* Z3*Qy */ FP2_mul(&T,&T,&(P.x)); FP2_mul(&X,&X,&NY); FP2_add(&T,&T,&X); /* Z*Y2*X-X2*Y */ FP4_from_FP2s(&a,&Z3,&T); /* a=[Z3*Qy,Z*Y2*X-X2*Y] */ FP2_neg(&ZZ,&ZZ); FP2_pmul(&ZZ,&ZZ,Qx); FP4_from_FP2(&b,&ZZ); /* b=-slope*Qx */ } else { /* doubling */ FP2_sqr(&T,&(P.x)); FP2_imul(&T,&T,3); /* T=3X^2 (slope numerator) */ FP2_sqr(&Y,&(P.y)); FP2_add(&Y,&Y,&Y); /* Y=2Y^2 */ FP2_mul(&Z3,&Z3,&ZZ); /* Z3=Z3*ZZ */ FP2_pmul(&Z3,&Z3,Qy); /* Z3=Z3*ZZ*Qy */ FP2_mul(&X,&(P.x),&T); FP2_sub(&X,&X,&Y); /* X=X*slope-2Y^2 */ FP4_from_FP2s(&a,&Z3,&X); /* a=[Z3*ZZ*Qy , X*slope-2Y^2] */ FP2_neg(&T,&T); FP2_mul(&ZZ,&ZZ,&T); FP2_pmul(&ZZ,&ZZ,Qx); FP4_from_FP2(&b,&ZZ); /* b=-slope*ZZ*Qx */ } FP12_from_FP4s(v,&a,&b,&c); }
/* r=x^n using XTR method on traces of FP12s */ void FP4_xtr_pow(FP4 *r,FP4 *x,BIG n) { int i,par,nb; BIG v; FP2 w; FP4 t,a,b,c; BIG_zero(v); BIG_inc(v,3); FP2_from_BIG(&w,v); FP4_from_FP2(&a,&w); FP4_copy(&b,x); FP4_xtr_D(&c,x); BIG_norm(n); par=BIG_parity(n); BIG_copy(v,n); BIG_shr(v,1); if (par==0) {BIG_dec(v,1); BIG_norm(v);} nb=BIG_nbits(v); for (i=nb-1;i>=0;i--) { if (!BIG_bit(v,i)) { FP4_copy(&t,&b); FP4_conj(x,x); FP4_conj(&c,&c); FP4_xtr_A(&b,&a,&b,x,&c); FP4_conj(x,x); FP4_xtr_D(&c,&t); FP4_xtr_D(&a,&a); } else { FP4_conj(&t,&a); FP4_xtr_D(&a,&b); FP4_xtr_A(&b,&c,&b,x,&t); FP4_xtr_D(&c,&c); } } if (par==0) FP4_copy(r,&c); else FP4_copy(r,&b); FP4_reduce(r); }