void ep2_add_slp_basic(ep2_t r, fp2_t s, ep2_t p, ep2_t q) { if (ep2_is_infty(p)) { ep2_copy(r, q); return; } if (ep2_is_infty(q)) { ep2_copy(r, p); return; } ep2_add_basic_imp(r, s, p, q); }
int ep2_size_bin(ep2_t a, int pack) { ep2_t t; int size = 0; ep2_null(t); if (ep2_is_infty(a)) { return 1; } TRY { ep2_new(t); ep2_norm(t, a); size = 1 + 2 * FP_BYTES; if (!pack) { size += 2 * FP_BYTES; } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep2_free(t); } return size; }
void ep2_dbl_projc(ep2_t r, ep2_t p) { if (ep2_is_infty(p)) { ep2_set_infty(r); return; } ep2_dbl_projc_imp(r, p); }
void ep2_dbl_slp_basic(ep2_t r, fp2_t s, ep2_t p) { if (ep2_is_infty(p)) { ep2_set_infty(r); return; } ep2_dbl_basic_imp(r, s, p); }
void ep2_dbl_basic(ep2_t r, ep2_t p) { if (ep2_is_infty(p)) { ep2_set_infty(r); return; } ep2_dbl_basic_imp(r, NULL, p); }
void ep2_add_projc(ep2_t r, ep2_t p, ep2_t q) { if (ep2_is_infty(p)) { ep2_copy(r, q); return; } if (ep2_is_infty(q)) { ep2_copy(r, p); return; } if (p == q) { /* TODO: This is a quick hack. Should we fix this? */ ep2_dbl(r, p); return; } ep2_add_projc_imp(r, p, q); }
void pp_map_weilp_k12(fp12_t r, ep_t p, ep2_t q) { ep_t _p[1], t0[1]; ep2_t _q[1], t1[1]; fp12_t r0, r1; bn_t n; ep_null(_p[0]); ep_null(t0[1]); ep2_null(_q[0]); ep2_null(t1[1]); fp12_null(r0); fp12_null(r1); bn_null(n); TRY { ep_new(_p[0]); ep_new(t0[0]); ep2_new(_q[0]); ep2_new(t1[0]); fp12_new(r0); fp12_new(r1); bn_new(n); ep_norm(_p[0], p); ep2_norm(_q[0], q); ep_curve_get_ord(n); bn_sub_dig(n, n, 1); fp12_set_dig(r0, 1); fp12_set_dig(r1, 1); if (!ep_is_infty(_p[0]) && !ep2_is_infty(_q[0])) { pp_mil_lit_k12(r0, t0, _p, _q, 1, n); pp_mil_k12(r1, t1, _q, _p, 1, n); fp12_inv(r1, r1); fp12_mul(r0, r0, r1); fp12_inv(r1, r0); fp12_inv_uni(r0, r0); } fp12_mul(r, r0, r1); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep_free(_p[0]); ep_free(t0[0]); ep2_free(_q[0]); ep2_free(t1[0]); fp12_free(r0); fp12_free(r1); bn_free(n); } }
void pp_norm_k12(ep2_t r, ep2_t p) { if (ep2_is_infty(p)) { ep2_set_infty(r); return; } if (p->norm) { /* If the point is represented in affine coordinates, we just copy it. */ ep2_copy(r, p); } #if EP_ADD == PROJC || !defined(STRIP) pp_norm_imp(r, p); #endif }
void ep2_neg_projc(ep2_t r, ep2_t p) { if (ep2_is_infty(p)) { ep2_set_infty(r); return; } if (r != p) { fp2_copy(r->x, p->x); fp2_copy(r->z, p->z); } fp2_neg(r->y, p->y); r->norm = p->norm; }
void pp_map_sim_tatep_k12(fp12_t r, ep_t *p, ep2_t *q, int m) { ep_t _p[m], t[m]; ep2_t _q[m]; bn_t n; int i, j; bn_null(n); TRY { bn_new(n); for (i = 0; i < m; i++) { ep_null(_p[i]); ep_null(t[i]); ep2_null(_q[i]); ep_new(_p[i]); ep_new(t[i]); ep2_new(_q[i]); } j = 0; for (i = 0; i < m; i++) { if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) { ep_norm(_p[j], p[i]); ep2_norm(_q[j++], q[i]); } } ep_curve_get_ord(n); fp12_set_dig(r, 1); if (j > 0) { pp_mil_lit_k12(r, t, _p, _q, j, n); pp_exp_k12(r, r); } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { bn_free(n); for (i = 0; i < m; i++) { ep_free(_p[i]); ep_free(t[i]); ep2_free(_q[i]); } } }
void ep2_write_bin(uint8_t *bin, int len, ep2_t a, int pack) { ep2_t t; ep2_null(t); if (ep2_is_infty(a)) { if (len != 1) { THROW(ERR_NO_BUFFER); } else { bin[0] = 0; return; } } TRY { ep2_new(t); ep2_norm(t, a); if (pack) { if (len < 2 * FP_BYTES + 1) { THROW(ERR_NO_BUFFER); } else { ep2_pck(t, t); bin[0] = 2 | fp_get_bit(t->y[0], 0); fp2_write_bin(bin + 1, 2 * FP_BYTES, t->x, 0); } } else { if (len < 4 * FP_BYTES + 1) { THROW(ERR_NO_BUFFER); } else { bin[0] = 4; fp2_write_bin(bin + 1, 2 * FP_BYTES, t->x, 0); fp2_write_bin(bin + 2 * FP_BYTES + 1, 2 * FP_BYTES, t->y, 0); } } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep2_free(t); } }
int ep2_is_valid(ep2_t p) { ep2_t t; int r = 0; ep2_null(t); TRY { ep2_new(t); ep2_norm(t, p); ep2_rhs(t->x, t); fp2_sqr(t->y, t->y); r = (fp2_cmp(t->x, t->y) == CMP_EQ) || ep2_is_infty(p); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep2_free(t); } return r; }
void pp_map_tatep_k12(fp12_t r, ep_t p, ep2_t q) { ep_t _p[1], t[1]; ep2_t _q[1]; bn_t n; ep_null(_p[0]); ep_null(t[0]); ep2_null(_q[0]); bn_null(n); TRY { ep_new(_p[0]); ep_new(t[0]); ep2_new(_q[0]); bn_new(n); ep_norm(_p[0], p); ep2_norm(_q[0], q); ep_curve_get_ord(n); fp12_set_dig(r, 1); if (!ep_is_infty(p) && !ep2_is_infty(q)) { pp_mil_lit_k12(r, t, _p, _q, 1, n); pp_exp_k12(r, r); } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep_free(_p[0]); ep_free(t[0]); ep2_free(_q[0]); bn_free(n); } }
void pp_map_sim_oatep_k12(fp12_t r, ep_t *p, ep2_t *q, int m) { ep_t _p[m]; ep2_t t[m], _q[m]; bn_t a; int i, j, len = FP_BITS, s[FP_BITS]; TRY { bn_null(a); bn_new(a); for (i = 0; i < m; i++) { ep_null(_p[i]); ep2_null(_q[i]); ep2_null(t[i]); ep_new(_p[i]); ep2_new(_q[i]); ep2_new(t[i]); } j = 0; for (i = 0; i < m; i++) { if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) { ep_norm(_p[j], p[i]); ep2_norm(_q[j++], q[i]); } } fp12_set_dig(r, 1); fp_param_get_var(a); bn_mul_dig(a, a, 6); bn_add_dig(a, a, 2); fp_param_get_map(s, &len); if (j > 0) { switch (ep_param_get()) { case BN_P158: case BN_P254: case BN_P256: case BN_P638: /* r = f_{|a|,Q}(P). */ pp_mil_sps_k12(r, t, _q, _p, j, s, len); if (bn_sign(a) == BN_NEG) { /* f_{-a,Q}(P) = 1/f_{a,Q}(P). */ fp12_inv_uni(r, r); } for (i = 0; i < j; i++) { if (bn_sign(a) == BN_NEG) { ep2_neg(t[i], t[i]); } pp_fin_k12_oatep(r, t[i], _q[i], _p[i]); } pp_exp_k12(r, r); break; case B12_P638: /* r = f_{|a|,Q}(P). */ pp_mil_sps_k12(r, t, _q, _p, j, s, len); if (bn_sign(a) == BN_NEG) { fp12_inv_uni(r, r); } pp_exp_k12(r, r); break; } } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { bn_free(a); for (i = 0; i < m; i++) { ep_free(_p[i]); ep2_free(_q[i]); ep2_free(t[i]); } } }
void pp_map_oatep_k12(fp12_t r, ep_t p, ep2_t q) { ep_t _p[1]; ep2_t t[1], _q[1]; bn_t a; int len = FP_BITS, s[FP_BITS]; ep_null(_p[0]); ep2_null(_q[0]); ep2_null(t[0]); bn_null(a); TRY { ep_new(_p[0]); ep2_new(_q[0]); ep2_new(t[0]); bn_new(a); fp_param_get_var(a); bn_mul_dig(a, a, 6); bn_add_dig(a, a, 2); fp_param_get_map(s, &len); fp12_set_dig(r, 1); ep_norm(_p[0], p); ep2_norm(_q[0], q); if (!ep_is_infty(_p[0]) && !ep2_is_infty(_q[0])) { switch (ep_param_get()) { case BN_P158: case BN_P254: case BN_P256: case BN_P638: /* r = f_{|a|,Q}(P). */ pp_mil_sps_k12(r, t, _q, _p, 1, s, len); if (bn_sign(a) == BN_NEG) { /* f_{-a,Q}(P) = 1/f_{a,Q}(P). */ fp12_inv_uni(r, r); ep2_neg(t[0], t[0]); } pp_fin_k12_oatep(r, t[0], _q[0], _p[0]); pp_exp_k12(r, r); break; case B12_P638: /* r = f_{|a|,Q}(P). */ pp_mil_sps_k12(r, t, _q, _p, 1, s, len); if (bn_sign(a) == BN_NEG) { fp12_inv_uni(r, r); ep2_neg(t[0], t[0]); } pp_exp_k12(r, r); break; } } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep_free(_p[0]); ep2_free(_q[0]); ep2_free(t[0]); bn_free(a); } }
void pp_map_sim_weilp_k12(fp12_t r, ep_t *p, ep2_t *q, int m) { ep_t _p[m], t0[m]; ep2_t _q[m], t1[m]; fp12_t r0, r1; bn_t n; int i, j; fp12_null(r0); fp12_null(r1); bn_null(r); TRY { fp12_new(r0); fp12_new(r1); bn_new(n); for (i = 0; i < m; i++) { ep_null(_p[i]); ep_null(t0[i]); ep2_null(_q[i]); ep2_null(t1[i]); ep_new(_p[i]); ep_new(t0[i]); ep2_new(_q[i]); ep2_new(t1[i]); } j = 0; for (i = 0; i < m; i++) { if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) { ep_norm(_p[j], p[i]); ep2_norm(_q[j++], q[i]); } } ep_curve_get_ord(n); bn_sub_dig(n, n, 1); fp12_set_dig(r0, 1); fp12_set_dig(r1, 1); if (j > 0) { pp_mil_lit_k12(r0, t0, _p, _q, j, n); pp_mil_k12(r1, t1, _q, _p, j, n); fp12_inv(r1, r1); fp12_mul(r0, r0, r1); fp12_inv(r1, r0); fp12_inv_uni(r0, r0); } fp12_mul(r, r0, r1); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { fp12_free(r0); fp12_free(r1); bn_free(n); for (i = 0; i < m; i++) { ep_free(_p[i]); ep_free(t0[i]); ep2_free(_q[i]); ep2_free(t1[i]); } } }