static void ed_mul_reg_imp(ed_t r, const ed_t p, const bn_t k) { int l, i, j, n; int8_t reg[RLC_CEIL(RLC_FP_BITS + 1, ED_WIDTH - 1)], *_k; ed_t t[1 << (ED_WIDTH - 2)]; TRY { /* Prepare the precomputation table. */ for (i = 0; i < (1 << (ED_WIDTH - 2)); i++) { ed_null(t[i]); ed_new(t[i]); } /* Compute the precomputation table. */ ed_tab(t, p, ED_WIDTH); /* Compute the w-NAF representation of k. */ l = RLC_CEIL(RLC_FP_BITS + 1, ED_WIDTH - 1); bn_rec_reg(reg, &l, k, RLC_FP_BITS, ED_WIDTH); _k = reg + l - 1; ed_set_infty(r); for (i = l - 1; i >= 0; i--, _k--) { for (j = 0; j < ED_WIDTH - 1; j++) { r->norm = 2; ed_dbl(r, r); } n = *_k; if (n > 0) { ed_add(r, r, t[n / 2]); } if (n < 0) { ed_sub(r, r, t[-n / 2]); } } /* Convert r to affine coordinates. */ ed_norm(r, r); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { /* Free the precomputation table. */ for (i = 0; i < (1 << (ED_WIDTH - 2)); i++) { ed_free(t[i]); } } }
void ed_mul_pre_lwnaf_mixed(ed_t *t, const ed_t p) { ed_tab(t, p, ED_DEPTH); }
static void ed_mul_naf_imp(ed_t r, const ed_t p, const bn_t k) { int l, i, n; int8_t naf[RLC_FP_BITS + 1]; ed_t t[1 << (ED_WIDTH - 2)]; if (bn_is_zero(k)) { ed_set_infty(r); return; } TRY { /* Prepare the precomputation table. */ for (i = 0; i < (1 << (ED_WIDTH - 2)); i++) { ed_null(t[i]); ed_new(t[i]); } /* Compute the precomputation table. */ ed_tab(t, p, ED_WIDTH); /* Compute the w-NAF representation of k. */ l = sizeof(naf); bn_rec_naf(naf, &l, k, EP_WIDTH); ed_set_infty(r); for (i = l - 1; i > 0; i--) { n = naf[i]; if (n == 0) { /* This point will be doubled in the previous iteration. */ r->norm = 2; ed_dbl(r, r); } else { ed_dbl(r, r); if (n > 0) { ed_add(r, r, t[n / 2]); } else if (n < 0) { ed_sub(r, r, t[-n / 2]); } } } /* Last iteration. */ n = naf[0]; ed_dbl(r, r); if (n > 0) { ed_add(r, r, t[n / 2]); } else if (n < 0) { ed_sub(r, r, t[-n / 2]); } /* Convert r to affine coordinates. */ ed_norm(r, r); if (bn_sign(k) == RLC_NEG) { ed_neg(r, r); } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { /* Free the precomputation table. */ for (i = 0; i < (1 << (ED_WIDTH - 2)); i++) { ed_free(t[i]); } } }