void ecMultiply (ecPoint *p, const vlPoint k)
/* sets p := k*p */
{
vlPoint h;
int z, hi, ki;
word16 i;
ecPoint r;
gfCopy (r.x, p->x); p->x[0] = 0;
gfCopy (r.y, p->y); p->y[0] = 0;
vlShortMultiply (h, k, 3);
z = vlNumBits (h) - 1; /* so vlTakeBit (h, z) == 1 */
i = 1;
for (;;) {
hi = vlTakeBit (h, i);
ki = vlTakeBit (k, i);
if (hi == 1 && ki == 0) {
ecAdd (p, &r);
}
if (hi == 0 && ki == 1) {
ecSub (p, &r);
}
if (i >= z) {
break;
}
i++;
ecDouble (&r);
}
} /* ecMultiply */
void ecSub (ecPoint *p, const ecPoint *r)
/* sets p := p - r */
{
ecPoint t;
gfCopy (t.x, r->x);
gfAdd (t.y, r->x, r->y);
ecAdd (p, &t);
} /* ecSub */
int cpVerify(const vlPoint vlPublicKey, const vlPoint vlMac, cpPair * sig) {
ecPoint t1, t2;
vlPoint t3, t4;
ecCopy(&t1, &curve_point);
ecMultiply(&t1, sig->s);
ecUnpack(&t2, vlPublicKey);
ecMultiply(&t2, sig->r);
ecAdd(&t1, &t2);
gfPack(t1.x, t4);
vlRemainder(t4, prime_order);
vlCopy(t3, sig->r);
if (vlGreater(t4, t3)) vlAdd(t3, prime_order);
vlSubtract(t3, t4);
return vlEqual(t3, vlMac);
} /* cpVerify */
error_t ecFullAdd(const EcDomainParameters *params, EcPoint *r, const EcPoint *s, const EcPoint *t)
{
error_t error;
//Check whether Sz == 0
if(!mpiCompInt(&s->z, 0))
{
//Set R = T
MPI_CHECK(mpiCopy(&r->x, &t->x));
MPI_CHECK(mpiCopy(&r->y, &t->y));
MPI_CHECK(mpiCopy(&r->z, &t->z));
}
//Check whether Tz == 0
else if(!mpiCompInt(&t->z, 0))
{
//Set R = S
MPI_CHECK(mpiCopy(&r->x, &s->x));
MPI_CHECK(mpiCopy(&r->y, &s->y));
MPI_CHECK(mpiCopy(&r->z, &s->z));
}
else
{
//Compute R = S + T
EC_CHECK(ecAdd(params, r, s, t));
//Check whether R == (0, 0, 0)
if(!mpiCompInt(&r->x, 0) && !mpiCompInt(&r->y, 0) && !mpiCompInt(&r->z, 0))
{
//Compute R = 2 * S
EC_CHECK(ecDouble(params, r, s));
}
}
end:
//Return status code
return error;
}
int ecSelfTest (int test_count)
/* perform test_count self tests */
{
int i, yb, nfail = 0, afail = 0, sfail = 0, cfail = 0, qfail = 0, pfail = 0, yfail = 0;
ecPoint f, g, x, y;
vlPoint m, n, p;
clock_t elapsed = 0L;
srand ((unsigned)(time(NULL) % 65521U));
printf ("Executing %d curve self tests...", test_count);
for (i = 0; i < test_count; i++) {
ecRandom (&f);
ecRandom (&g);
vlRandom (m);
vlRandom (n);
/* negation test: -(-f) = f */
ecCopy (&x, &f);
ecNegate (&x);
ecNegate (&x);
if (!ecEqual (&x, &f)) {
nfail++;
/* printf ("Addition test #%d failed!\n", i); */
}
/* addition test: f+g = g+f */
ecCopy (&x, &f); ecAdd (&x, &g);
ecCopy (&y, &g); ecAdd (&y, &f);
if (!ecEqual (&x, &y)) {
afail++;
/* printf ("Addition test #%d failed!\n", i); */
}
/* subtraction test: f-g = f+(-g) */
ecCopy (&x, &f); ecSub (&x, &g);
ecCopy (&y, &g); ecNegate (&y); ecAdd (&y, &f);
if (!ecEqual (&x, &y)) {
sfail++;
/* printf ("Subtraction test #%d failed!\n", i); */
}
/* quadruplication test: 2*(2*f) = f + f + f + f */
ecCopy (&x, &f); ecDouble (&x); ecDouble (&x);
ecClear (&y); ecAdd (&y, &f); ecAdd (&y, &f); ecAdd (&y, &f); ecAdd (&y, &f);
if (!ecEqual (&x, &y)) {
qfail++;
/* printf ("Quadruplication test #%d failed!\n", i); */
}
/* scalar multiplication commutativity test: m*(n*f) = n*(m*f) */
ecCopy (&x, &f);
ecCopy (&y, &f);
elapsed -= clock ();
ecMultiply (&x, n); ecMultiply (&x, m);
ecMultiply (&y, m); ecMultiply (&y, n);
elapsed += clock ();
if (!ecEqual (&x, &y)) {
cfail++;
/* printf ("Commutativity test #%d failed!\n", i); */
}
/* y calculation test: */
yb = ecYbit (&f);
ecClear (&x);
gfCopy (x.x, f.x);
ecCalcY (&x, yb);
if (!ecEqual (&f, &x)) {
yfail++;
/* printf ("Y calculation test #%d failed!\n", i); */
}
/* packing test: unpack (pack (f)) = f */
ecPack (&f, p);
ecUnpack (&x, p);
if (!ecEqual (&f, &x)) {
pfail++;
/* printf ("Packing test #%d failed!\n", i); */
}
}
printf (" done, scalar multiplication time: %.3f s/op.\n",
(float)elapsed/CLOCKS_PER_SEC/(test_count?4*test_count:4));
if (nfail) printf ("---> %d negations failed <---\n", nfail);
if (afail) printf ("---> %d additions failed <---\n", afail);
if (sfail) printf ("---> %d subtractions failed <---\n", sfail);
if (qfail) printf ("---> %d quadruplications failed <---\n", qfail);
if (cfail) printf ("---> %d commutativities failed <---\n", cfail);
if (yfail) printf ("---> %d y calculations failed <---\n", yfail);
if (pfail) printf ("---> %d packings failed <---\n", pfail);
return nfail || afail || sfail || qfail || cfail || yfail || pfail;
} /* ecSelfTest */