int main()
{
FILE *fp;
char ifname[50],ofname[50];
big a,b,p,q,x,y,d,r,s,k,hash;
epoint *g;
long seed;
int bits;
miracl instance;
miracl *mip=&instance;
char mem[MR_BIG_RESERVE(11)]; /* reserve space on the stack for 11 bigs */
char mem1[MR_ECP_RESERVE(1)]; /* and one elliptic curve points */
memset(mem,0,MR_BIG_RESERVE(11));
memset(mem1,0,MR_ECP_RESERVE(1));
/* get public data */
#ifndef MR_EDWARDS
fp=fopen("common.ecs","rt");
if (fp==NULL)
{
printf("file common.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#else
fp=fopen("edwards.ecs","rt");
if (fp==NULL)
{
printf("file edwards.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#endif
mirsys(mip,bits/4,16); /* Use Hex internally */
a=mirvar_mem(mip,mem,0);
b=mirvar_mem(mip,mem,1);
p=mirvar_mem(mip,mem,2);
q=mirvar_mem(mip,mem,3);
x=mirvar_mem(mip,mem,4);
y=mirvar_mem(mip,mem,5);
d=mirvar_mem(mip,mem,6);
r=mirvar_mem(mip,mem,7);
s=mirvar_mem(mip,mem,8);
k=mirvar_mem(mip,mem,9);
hash=mirvar_mem(mip,mem,10);
innum(mip,p,fp); /* modulus */
innum(mip,a,fp); /* curve parameters */
innum(mip,b,fp);
innum(mip,q,fp); /* order of (x,y) */
innum(mip,x,fp); /* (x,y) point on curve of order q */
innum(mip,y,fp);
fclose(fp);
/* randomise */
printf("Enter 9 digit random number seed = ");
scanf("%ld",&seed);
getchar();
irand(mip,seed);
ecurve_init(mip,a,b,p,MR_PROJECTIVE); /* initialise curve */
g=epoint_init_mem(mip,mem1,0);
epoint_set(mip,x,y,0,g); /* initialise point of order q */
/* calculate r - this can be done offline,
and hence amortized to almost nothing */
bigrand(mip,q,k);
ecurve_mult(mip,k,g,g); /* see ebrick.c for method to speed this up */
epoint_get(mip,g,r,r);
divide(mip,r,q,q);
/* get private key of signer */
fp=fopen("private.ecs","rt");
if (fp==NULL)
{
printf("file private.ecs does not exist\n");
return 0;
}
innum(mip,d,fp);
fclose(fp);
/* calculate message digest */
printf("file to be signed = ");
gets(ifname);
strcpy(ofname,ifname);
strip(ofname);
strcat(ofname,".ecs");
if ((fp=fopen(ifname,"rb"))==NULL)
{
printf("Unable to open file %s\n",ifname);
return 0;
}
hashing(mip,fp,hash);
fclose(fp);
/* calculate s */
xgcd(mip,k,q,k,k,k);
mad(mip,d,r,hash,q,q,s);
mad(mip,s,k,k,q,q,s);
fp=fopen(ofname,"wt");
otnum(mip,r,fp);
otnum(mip,s,fp);
fclose(fp);
memset(mem,0,MR_BIG_RESERVE(11));
memset(mem1,0,MR_ECP_RESERVE(1));
return 0;
}
int main()
{
FILE *fp;
int ep,bits;
epoint *g,*w;
big a,b,p,q,x,y,d;
long seed;
miracl instance;
miracl *mip=&instance;
char mem[MR_BIG_RESERVE(7)]; /* reserve space on the stack for 7 bigs */
char mem1[MR_ECP_RESERVE(2)]; /* and two elliptic curve points */
memset(mem,0,MR_BIG_RESERVE(7));
memset(mem1,0,MR_ECP_RESERVE(2));
#ifndef MR_EDWARDS
fp=fopen("common.ecs","rt");
if (fp==NULL)
{
printf("file common.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#else
fp=fopen("edwards.ecs","rt");
if (fp==NULL)
{
printf("file edwards.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#endif
mirsys(mip,bits/4,16); /* Use Hex internally */
a=mirvar_mem(mip,mem,0);
b=mirvar_mem(mip,mem,1);
p=mirvar_mem(mip,mem,2);
q=mirvar_mem(mip,mem,3);
x=mirvar_mem(mip,mem,4);
y=mirvar_mem(mip,mem,5);
d=mirvar_mem(mip,mem,6);
innum(mip,p,fp);
innum(mip,a,fp);
innum(mip,b,fp);
innum(mip,q,fp);
innum(mip,x,fp);
innum(mip,y,fp);
fclose(fp);
/* randomise */
printf("Enter 9 digit random number seed = ");
scanf("%ld",&seed);
getchar();
irand(mip,seed);
ecurve_init(mip,a,b,p,MR_PROJECTIVE); /* initialise curve */
g=epoint_init_mem(mip,mem1,0);
w=epoint_init_mem(mip,mem1,1);
if (!epoint_set(mip,x,y,0,g)) /* initialise point of order q */
{
printf("Problem - point (x,y) is not on the curve\n");
exit(0);
}
ecurve_mult(mip,q,g,w);
if (!point_at_infinity(w))
{
printf("Problem - point (x,y) is not of order q\n");
exit(0);
}
/* generate public/private keys */
bigrand(mip,q,d);
ecurve_mult(mip,d,g,g);
ep=epoint_get(mip,g,x,x); /* compress point */
printf("public key = %d ",ep);
otnum(mip,x,stdout);
fp=fopen("public.ecs","wt");
fprintf(fp,"%d ",ep);
otnum(mip,x,fp);
fclose(fp);
fp=fopen("private.ecs","wt");
otnum(mip,d,fp);
fclose(fp);
/* clear all memory used */
memset(mem,0,MR_BIG_RESERVE(7));
memset(mem1,0,MR_ECP_RESERVE(2));
return 0;
}
int main()
{
#ifdef MR_GENERIC_MT
miracl instance;
#endif
big p,A,B,fr,q,delta,t,T;
zzn2 res,Qx,Qy;
epoint *P;
int i,romptr;
#ifndef MR_STATIC
#ifdef MR_GENERIC_MT
miracl *mr_mip=mirsys(&instance,WORDS*NPW,16);
#else
miracl *mr_mip=mirsys(WORDS*NPW,16);
#endif
char *mem=memalloc(_MIPP_ 14);
char *mem1=ecp_memalloc(_MIPP_ 1);
#else
#ifdef MR_GENERIC_MT
miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16);
#else
miracl *mr_mip=mirsys(MR_STATIC*NPW,16);
#endif
char mem[MR_BIG_RESERVE(14)]; /* reserve space on the stack for 14 bigs */
char mem1[MR_ECP_RESERVE(1)]; /* reserve space on stack for 1 curve points */
memset(mem,0,MR_BIG_RESERVE(14)); /* clear this memory */
memset(mem1,0,MR_ECP_RESERVE(1));
#endif
p=mirvar_mem(_MIPP_ mem,0);
A=mirvar_mem(_MIPP_ mem,1);
B=mirvar_mem(_MIPP_ mem,2);
T=mirvar_mem(_MIPP_ mem,3);
q=mirvar_mem(_MIPP_ mem,4);
fr=mirvar_mem(_MIPP_ mem,5);
delta=mirvar_mem(_MIPP_ mem,6);
res.a=mirvar_mem(_MIPP_ mem,7);
res.b=mirvar_mem(_MIPP_ mem,8);
t=mirvar_mem(_MIPP_ mem,9);
Qx.a=mirvar_mem(_MIPP_ mem,10);
Qx.b=mirvar_mem(_MIPP_ mem,11);
Qy.a=mirvar_mem(_MIPP_ mem,12);
Qy.b=mirvar_mem(_MIPP_ mem,13);
P=epoint_init_mem(_MIPP_ mem1,0);
convert(_MIPP_ -3,A);
romptr=0;
init_big_from_rom(p,WORDS,romp,ROMSZ,&romptr);
init_big_from_rom(B,WORDS,romp,ROMSZ,&romptr);
init_big_from_rom(q,WORDS,romp,ROMSZ,&romptr);
init_big_from_rom(delta,WORDS,romp,ROMSZ,&romptr);
init_big_from_rom(fr,WORDS,romp,ROMSZ,&romptr);
init_big_from_rom(T,WORDS,romp,ROMSZ,&romptr);
#ifndef MR_NO_STANDARD_IO
printf("ROM size= %d\n",sizeof(romp)+sizeof(Prom));
printf("sizeof(miracl)= %d\n",sizeof(miracl));
#endif
ecurve_init(_MIPP_ A,B,p,MR_PROJECTIVE);
romptr=0;
init_point_from_rom(P,WORDS,Prom,PROMSZ,&romptr);
init_big_from_rom(Qx.a,WORDS,Prom,PROMSZ,&romptr);
init_big_from_rom(Qx.b,WORDS,Prom,PROMSZ,&romptr);
init_big_from_rom(Qy.a,WORDS,Prom,PROMSZ,&romptr);
init_big_from_rom(Qy.b,WORDS,Prom,PROMSZ,&romptr);
#ifdef MR_COUNT_OPS
fpa=fpc=fpx=0;
#endif
ecap(_MIPP_ &Qx,&Qy,P,T,fr,delta,&res);
/*
#ifdef MR_COUNT_OPS
printf("fpc= %d\n",fpc);
printf("fpa= %d\n",fpa);
printf("fpx= %d\n",fpx);
fpa=fpc=fpx=0;
#endif
*/
bigbits(_MIPP_ 160,t);
zzn2_powl(_MIPP_ &res,t,&res);
#ifndef MR_NO_STANDARD_IO
zzn2_out(_MIPP_ "res= ",&res);
#endif
ecurve_mult(_MIPP_ t,P,P);
ecap(_MIPP_ &Qx,&Qy,P,T,fr,delta,&res);
#ifndef MR_NO_STANDARD_IO
zzn2_out(_MIPP_ "res= ",&res);
#endif
#ifndef MR_STATIC
memkill(_MIPP_ mem,14);
ecp_memkill(_MIPP_ mem1,1);
#else
memset(mem,0,MR_BIG_RESERVE(14)); /* clear this stack memory */
memset(mem1,0,MR_ECP_RESERVE(1));
#endif
return 0;
}
int main()
{
int ia,ib,promptr;
epoint *PA,*PB;
big A,B,a,b,q,pa,pb,key,x,y;
ebrick2 binst;
miracl instance; /* create miracl workspace on the stack */
/* Specify base 16 here so that HEX can be read in directly without a base-change */
miracl *mip=mirsys(&instance,WORDS*HEXDIGS,16); /* size of bigs is fixed */
char mem_big[MR_BIG_RESERVE(10)]; /* we need 10 bigs... */
char mem_ecp[MR_ECP_RESERVE(2)]; /* ..and two elliptic curve points */
memset(mem_big, 0, MR_BIG_RESERVE(10)); /* clear the memory */
memset(mem_ecp, 0, MR_ECP_RESERVE(2));
A=mirvar_mem(mip, mem_big, 0); /* Initialise big numbers */
B=mirvar_mem(mip, mem_big, 1);
pa=mirvar_mem(mip, mem_big, 2);
pb=mirvar_mem(mip, mem_big, 3);
key=mirvar_mem(mip, mem_big, 4);
x=mirvar_mem(mip, mem_big, 5);
y=mirvar_mem(mip, mem_big, 6);
q=mirvar_mem(mip,mem_big,7);
a=mirvar_mem(mip, mem_big, 8);
b=mirvar_mem(mip, mem_big, 9);
PA=epoint_init_mem(mip, mem_ecp, 0); /* initialise Elliptic Curve points */
PB=epoint_init_mem(mip, mem_ecp, 1);
irand(mip, 3L); /* change parameter for different random numbers */
promptr=0;
init_big_from_rom(B,WORDS,rom,WORDS*4,&promptr); /* Read in curve parameter B from ROM */
/* don't need q or G(x,y) (we have precomputed table from it) */
init_big_from_rom(q,WORDS,rom,WORDS*4,&promptr);
init_big_from_rom(x,WORDS,rom,WORDS*4,&promptr);
init_big_from_rom(y,WORDS,rom,WORDS*4,&promptr);
convert(mip,1,A); /* set A=1 */
/* Create precomputation instance from precomputed table in ROM */
ebrick2_init(&binst,prom,A,B,CURVE_M,CURVE_A,CURVE_B,CURVE_C,WINDOW,CURVE_M);
/* offline calculations */
bigbits(mip,CURVE_M,a); /* A's random number */
ia=mul2_brick(mip,&binst,a,pa,pa); /* a*G =(pa,ya), ia is sign of ya */
bigbits(mip,CURVE_M,b); /* B's random number */
ib=mul2_brick(mip,&binst,b,pb,pb); /* b*G =(pb,yb), ib is sign of yb */
/* online calculations */
ecurve2_init(mip,CURVE_M,CURVE_A,CURVE_B,CURVE_C,A,B,FALSE,MR_PROJECTIVE);
epoint2_set(mip,pb,pb,ib,PB); /* decompress PB */
ecurve2_mult(mip,a,PB,PB);
epoint2_get(mip,PB,key,key);
/* since internal base is HEX, can use otnum instead of cotnum - avoiding a base change */
printf("Alice's Key= ");
otnum(mip,key,stdout);
epoint2_set(mip,pa,pa,ia,PB); /* decompress PA */
ecurve2_mult(mip,b,PB,PB);
epoint2_get(mip,PB,key,key);
printf("Bob's Key= ");
otnum(mip,key,stdout);
/* clear the memory */
memset(mem_big, 0, MR_BIG_RESERVE(10));
memset(mem_ecp, 0, MR_ECP_RESERVE(2));
return 0;
}
int main()
{
big a2,a6,bx,r;
big res[4];
epoint *P,*Q;
int i,romptr;
miracl instance; /* sizeof(miracl)= 2000 bytes from the stack */
#ifndef MR_STATIC
#ifdef MR_GENERIC_MT
miracl *mr_mip=mirsys(WORDS*NPW,16);
#else
miracl *mr_mip=mirsys(WORDS*NPW,16);
#endif
char *mem=(char *)memalloc(_MIPP_ 8);
char *mem1=(char *)ecp_memalloc(_MIPP_ 2);
#else
#ifdef MR_GENERIC_MT
miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16); /* size of bigs is fixed */
#else
miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16);
#endif
char mem[MR_BIG_RESERVE(8)]; /* reserve space on the stack for 8 bigs */
char mem1[MR_ECP_RESERVE(2)]; /* reserve space on stack for 2 curve points */
memset(mem,0,MR_BIG_RESERVE(8)); /* clear this memory */
memset(mem1,0,MR_ECP_RESERVE(2)); /* ~668 bytes in all */
#endif
/* Initialise bigs */
a2=mirvar_mem(_MIPP_ mem,0);
a6=mirvar_mem(_MIPP_ mem,1);
bx=mirvar_mem(_MIPP_ mem,2);
for (i=0;i<4;i++)
res[i]=mirvar_mem(_MIPP_ mem,3+i);
r=mirvar_mem(_MIPP_ mem,7);
/* printf("ROM size= %d\n",sizeof(rom)+sizeof(prom)); */
#ifndef MR_NO_STANDARD_IO
#ifdef MR_STATIC
printf("n Bigs require n*%d+%d bytes\n",MR_SIZE,MR_SL);
printf("n Points require n*%d+%d bytes\n",MR_ESIZE,MR_SL);
printf("sizeof(miracl)= %d\n",sizeof(miracl));
#endif
#endif
/* Initialise Elliptic curve points */
P=epoint_init_mem(_MIPP_ mem1,0);
Q=epoint_init_mem(_MIPP_ mem1,1);
/* Initialise supersingular curve */
convert(_MIPP_ 1,a2);
convert(_MIPP_ B,a6);
/* The -M tells MIRACL that this is a supersingular curve */
if (!ecurve2_init(_MIPP_ -M,T,U,V,a2,a6,FALSE,MR_PROJECTIVE))
{
#ifndef MR_NO_STANDARD_IO
printf("Problem with the curve\n");
#endif
return 0;
}
/* Get P and Q from ROM */
/* These should have been multiplied by the cofactor 487805 = 5*97561 */
/* 487805 is a cofactor of the group order 2^271+2^136+1 */
romptr=0;
init_point_from_rom(P,WORDS,rom,ROMSZ,&romptr);
init_point_from_rom(Q,WORDS,rom,ROMSZ,&romptr);
#ifndef MR_NO_STANDARD_IO
printf( "P= \n");
otnum(_MIPP_ P->X,stdout);
otnum(_MIPP_ P->Y,stdout);
printf( "Q= \n");
otnum(_MIPP_ Q->X,stdout);
otnum(_MIPP_ Q->Y,stdout);
#endif
bigbits(_MIPP_ 160,r);
/* Simple bilinearity test */
tate(_MIPP_ P,Q,res);
/* this could break the 4k stack, 2060+668+2996 >4K */
/* so we cannot afford much precomputation in power4 */
power4(_MIPP_ res,r,res); /* res=res^{sr} */
#ifndef MR_NO_STANDARD_IO
printf( "\ne(P,Q)^r= \n");
for (i=0;i<4;i++)
{
otnum(_MIPP_ res[i],stdout);
zero(res[i]);
}
#endif
ecurve2_mult(_MIPP_ r,Q,Q); /* Q=rQ */
epoint2_norm(_MIPP_ Q);
tate(_MIPP_ P,Q,res); /* Now invert is taken out of Tate, and the stack should be OK */
#ifndef MR_NO_STANDARD_IO
printf( "\ne(P,rQ)= \n");
for (i=0;i<4;i++)
otnum(_MIPP_ res[i],stdout);
#endif
/* all done */
#ifndef MR_STATIC
memkill(_MIPP_ mem,8);
ecp_memkill(_MIPP_ mem1,2);
#else
memset(mem,0,MR_BIG_RESERVE(8)); /* clear this stack memory */
memset(mem1,0,MR_ECP_RESERVE(2));
#endif
mirexit(_MIPPO_ ); /* clears workspace memory */
return 0;
}
int main()
{
FILE *fp;
int ep,m,a,b,c;
epoint *g,*public;
char ifname[50],ofname[50];
big a2,a6,q,x,y,v,u1,u2,r,s,hash;
miracl instance;
miracl *mip=&instance;
char mem[MR_BIG_RESERVE(11)]; /* reserve space on the stack for 11 bigs */
char mem1[MR_ECP_RESERVE(2)]; /* and two elliptic curve points */
memset(mem,0,MR_BIG_RESERVE(11));
memset(mem1,0,MR_ECP_RESERVE(2));
/* get public data */
fp=fopen("common2.ecs","rt");
if (fp==NULL)
{
printf("file common2.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&m);
mip=mirsys(mip,MR_ROUNDUP(abs(m),4),16);
a2=mirvar_mem(mip,mem,0);
a6=mirvar_mem(mip,mem,1);
q=mirvar_mem(mip,mem,2);
x=mirvar_mem(mip,mem,3);
y=mirvar_mem(mip,mem,4);
v=mirvar_mem(mip,mem,5);
u1=mirvar_mem(mip,mem,6);
u2=mirvar_mem(mip,mem,7);
s=mirvar_mem(mip,mem,8);
r=mirvar_mem(mip,mem,9);
hash=mirvar_mem(mip,mem,10);
innum(mip,a2,fp);
innum(mip,a6,fp);
innum(mip,q,fp);
innum(mip,x,fp);
innum(mip,y,fp);
fscanf(fp,"%d\n",&a);
fscanf(fp,"%d\n",&b);
fscanf(fp,"%d\n",&c);
fclose(fp);
ecurve2_init(mip,m,a,b,c,a2,a6,FALSE,MR_PROJECTIVE); /* initialise curve */
g=epoint_init_mem(mip,mem1,0);
epoint2_set(mip,x,y,0,g); /* initialise point of order q */
/* get public key of signer */
fp=fopen("public.ecs","rt");
if (fp==NULL)
{
printf("file public.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d",&ep);
innum(mip,x,fp);
fclose(fp);
public=epoint_init_mem(mip,mem1,1);
int main()
{
FILE *fp;
int bits,ep;
epoint *g,*public;
char ifname[50],ofname[50];
big a,b,p,q,x,y,v,u1,u2,r,s,hash;
miracl instance;
miracl *mip=&instance;
char mem[MR_BIG_RESERVE(12)]; /* reserve space on the stack for 12 bigs */
char mem1[MR_ECP_RESERVE(2)]; /* and two elliptic curve points */
memset(mem,0,MR_BIG_RESERVE(12));
memset(mem1,0,MR_ECP_RESERVE(2));
/* get public data */
#ifndef MR_EDWARDS
fp=fopen("common.ecs","rt");
if (fp==NULL)
{
printf("file common.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#else
fp=fopen("edwards.ecs","rt");
if (fp==NULL)
{
printf("file edwards.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d\n",&bits);
#endif
mirsys(mip,bits/4,16); /* Use Hex Internally */
a=mirvar_mem(mip,mem,0);
b=mirvar_mem(mip,mem,1);
p=mirvar_mem(mip,mem,2);
q=mirvar_mem(mip,mem,3);
x=mirvar_mem(mip,mem,4);
y=mirvar_mem(mip,mem,5);
v=mirvar_mem(mip,mem,6);
u1=mirvar_mem(mip,mem,7);
u2=mirvar_mem(mip,mem,8);
s=mirvar_mem(mip,mem,9);
r=mirvar_mem(mip,mem,10);
hash=mirvar_mem(mip,mem,11);
innum(mip,p,fp);
innum(mip,a,fp);
innum(mip,b,fp);
innum(mip,q,fp);
innum(mip,x,fp);
innum(mip,y,fp);
fclose(fp);
ecurve_init(mip,a,b,p,MR_PROJECTIVE); /* initialise curve */
g=epoint_init_mem(mip,mem1,0);
epoint_set(mip,x,y,0,g); /* initialise point of order q */
/* get public key of signer */
fp=fopen("public.ecs","rt");
if (fp==NULL)
{
printf("file public.ecs does not exist\n");
return 0;
}
fscanf(fp,"%d",&ep);
innum(mip,x,fp);
fclose(fp);
public=epoint_init_mem(mip,mem1,1);
void fast_tate_pairing(_MIPD_ epoint *P,zzn3 *Qx,zzn3 *Qy,big q,big cf,zzn6 *w,zzn6* res)
{
int i,j,n,nb,nbw,nzs;
epoint *t[4],*A,*P2;
zzn6 zn[4];
big work[4];
#ifndef MR_STATIC
char *mem=memalloc(_MIPP_ 28);
char *mem1=ecp_memalloc(_MIPP_ 6);
#else
char mem[MR_BIG_RESERVE(28)];
char mem1[MR_ECP_RESERVE(6)];
memset(mem,0,MR_BIG_RESERVE(28));
memset(mem1,0,MR_ECP_RESERVE(6));
#endif
for (i=0;i<4;i++)
t[i]=epoint_init_mem(_MIPP_ mem1,i);
A=epoint_init_mem(_MIPP_ mem1,4);
P2=epoint_init_mem(_MIPP_ mem1,5);
for (j=i=0;i<4;i++)
{
work[i]=mirvar_mem(_MIPP_ mem,j++);
zn[i].x.a=mirvar_mem(_MIPP_ mem,j++);
zn[i].x.b=mirvar_mem(_MIPP_ mem,j++);
zn[i].x.c=mirvar_mem(_MIPP_ mem,j++);
zn[i].y.a=mirvar_mem(_MIPP_ mem,j++);
zn[i].y.b=mirvar_mem(_MIPP_ mem,j++);
zn[i].y.c=mirvar_mem(_MIPP_ mem,j++);
zn[i].unitary=FALSE;
}
zzn6_from_int(_MIPP_ 1,&zn[0]);
epoint_copy(P,A);
epoint_copy(P,P2);
epoint_copy(P,t[0]);
g(_MIPP_ P2,P2,Qx,Qy,res);
epoint_norm(_MIPP_ P2);
for (i=1;i<4;i++)
{
g(_MIPP_ A,P2,Qx,Qy,w);
epoint_copy(A,t[i]);
zzn6_mul(_MIPP_ &zn[i-1],w,&zn[i]);
zzn6_mul(_MIPP_ &zn[i],res,&zn[i]);
}
epoint_multi_norm(_MIPP_ 4,work,t);
epoint_copy(P,A);
zzn6_from_int(_MIPP_ 1,res);
nb=logb2(_MIPP_ q);
for (i=nb-2;i>=0;i-=(nbw+nzs))
{
n=mr_window(_MIPP_ q,i,&nbw,&nzs,3);
for (j=0;j<nbw;j++)
{
zzn6_mul(_MIPP_ res,res,res);
g(_MIPP_ A,A,Qx,Qy,w);
zzn6_mul(_MIPP_ res,w,res);
}
if (n>0)
{
zzn6_mul(_MIPP_ res,&zn[n/2],res);
g(_MIPP_ A,t[n/2],Qx,Qy,w);
zzn6_mul(_MIPP_ res,w,res);
}
for (j=0;j<nzs;j++)
{
zzn6_mul(_MIPP_ res,res,res);
g(_MIPP_ A,A,Qx,Qy,w);
zzn6_mul(_MIPP_ res,w,res);
}
}
zzn6_copy(res,w);
zzn6_powq(_MIPP_ w);
zzn6_mul(_MIPP_ res,w,res);
zzn6_copy(res,w);
zzn6_powq(_MIPP_ w);
zzn6_powq(_MIPP_ w);
zzn6_powq(_MIPP_ w);
zzn6_inv(_MIPP_ res);
zzn6_mul(_MIPP_ res,w,res);
res->unitary=TRUE;
#ifndef MR_STATIC
memkill(_MIPP_ mem,28);
ecp_memkill(_MIPP_ mem1,6);
#else
memset(mem,0,MR_BIG_RESERVE(28));
memset(mem1,0,MR_ECP_RESERVE(6));
#endif
}
int main()
{
int promptr;
epoint *PB;
big A,B,p,a,b,pa,pb,key;
ebrick binst;
miracl instance; /* create miracl workspace on the stack */
/* Specify base 16 here so that HEX can be read in directly without a base-change */
miracl *mip=mirsys(&instance,WORDS*HEXDIGS,16); /* size of bigs is fixed */
char mem_big[MR_BIG_RESERVE(8)]; /* we need 8 bigs... */
char mem_ecp[MR_ECP_RESERVE(1)]; /* ..and 1 elliptic curve points */
memset(mem_big, 0, MR_BIG_RESERVE(8)); /* clear the memory */
memset(mem_ecp, 0, MR_ECP_RESERVE(1));
A=mirvar_mem(mip, mem_big, 0); /* Initialise big numbers */
B=mirvar_mem(mip, mem_big, 1);
pa=mirvar_mem(mip, mem_big, 2);
pb=mirvar_mem(mip, mem_big, 3);
key=mirvar_mem(mip, mem_big, 4);
a=mirvar_mem(mip, mem_big, 5);
b=mirvar_mem(mip, mem_big, 6);
p=mirvar_mem(mip, mem_big, 7);
PB=epoint_init_mem(mip, mem_ecp, 0); /* initialise Elliptic Curve points */
irand(mip, 3L); /* change parameter for different random numbers */
promptr=0;
init_big_from_rom(p,WORDS,rom,WORDS*5,&promptr); /* Read in prime modulus p from ROM */
init_big_from_rom(B,WORDS,rom,WORDS*5,&promptr); /* Read in curve parameter B from ROM */
/* don't need q or G(x,y) (we have precomputed table from it) */
convert(mip,-3,A); /* set A=-3 */
/* Create precomputation instance from precomputed table in ROM */
ebrick_init(&binst,prom,A,B,p,WINDOW,CURVE_BITS);
/* offline calculations */
bigbits(mip,CURVE_BITS,a); /* A's random number */
mul_brick(mip,&binst,a,pa,pa); /* a*G =(pa,ya) */
bigbits(mip,CURVE_BITS,b); /* B's random number */
mul_brick(mip,&binst,b,pb,pb); /* b*G =(pb,yb) */
/* swap X values of point */
/* online calculations */
ecurve_init(mip,A,B,p,MR_PROJECTIVE);
epoint_set(mip,pb,pb,0,PB); /* decompress PB */
ecurve_mult(mip,a,PB,PB);
epoint_get(mip,PB,key,key);
/* since internal base is HEX, can use otnum instead of cotnum - avoiding a base change */
#ifndef MR_NO_STANDARD_IO
printf("Alice's Key= ");
otnum(mip,key,stdout);
#endif
epoint_set(mip,pa,pa,0,PB); /* decompress PA */
ecurve_mult(mip,b,PB,PB);
epoint_get(mip,PB,key,key);
#ifndef MR_NO_STANDARD_IO
printf("Bob's Key= ");
otnum(mip,key,stdout);
#endif
/* clear the memory */
memset(mem_big, 0, MR_BIG_RESERVE(8));
memset(mem_ecp, 0, MR_ECP_RESERVE(1));
return 0;
}
