void ep2_map(ep2_t p, uint8_t *msg, int len) { bn_t x; fp2_t t0; uint8_t digest[MD_LEN]; bn_null(x); fp2_null(t0); TRY { bn_new(x); fp2_new(t0); md_map(digest, msg, len); bn_read_bin(x, digest, MIN(FP_BYTES, MD_LEN)); fp_prime_conv(p->x[0], x); fp_zero(p->x[1]); fp_set_dig(p->z[0], 1); fp_zero(p->z[1]); while (1) { ep2_rhs(t0, p); if (fp2_srt(p->y, t0)) { p->norm = 1; break; } fp_add_dig(p->x[0], p->x[0], 1); } switch (ep_param_get()) { case BN_P158: case BN_P254: case BN_P256: case BN_P638: ep2_mul_cof_bn(p, p); break; case B12_P638: ep2_mul_cof_b12(p, p); break; default: /* Now, multiply by cofactor to get the correct group. */ ep2_curve_get_cof(x); if (bn_bits(x) < BN_DIGIT) { ep2_mul_dig(p, p, x->dp[0]); } else { ep2_mul(p, p, x); } break; } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { bn_free(x); fp2_free(t0); } }
int ep2_is_valid(ep2_t p) { ep2_t t; int r = 0; ep2_null(t); TRY { ep2_new(t); ep2_norm(t, p); ep2_rhs(t->x, t); fp2_sqr(t->y, t->y); r = (fp2_cmp(t->x, t->y) == CMP_EQ) || ep2_is_infty(p); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { ep2_free(t); } return r; }