1 /*
2 * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
3 * Use is subject to license terms.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public License
16 * along with this library; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /* *********************************************************************
25 *
26 * The Original Code is the elliptic curve math library.
27 *
28 * The Initial Developer of the Original Code is
29 * Sun Microsystems, Inc.
30 * Portions created by the Initial Developer are Copyright (C) 2003
31 * the Initial Developer. All Rights Reserved.
32 *
33 * Contributor(s):
34 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
35 *
36 *********************************************************************** */
37
38 #include "mpi.h"
39 #include "mplogic.h"
40 #include "ecl.h"
41 #include "ecl-priv.h"
42 #ifndef _KERNEL
43 #include <stdlib.h>
44 #endif
45
46 /* Elliptic curve scalar-point multiplication. Computes R(x, y) = k * P(x,
47 * y). If x, y = NULL, then P is assumed to be the generator (base point)
48 * of the group of points on the elliptic curve. Input and output values
49 * are assumed to be NOT field-encoded. */
50 mp_err
51 ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px,
52 const mp_int *py, mp_int *rx, mp_int *ry)
53 {
54 mp_err res = MP_OKAY;
55 mp_int kt;
56
57 ARGCHK((k != NULL) && (group != NULL), MP_BADARG);
58 MP_DIGITS(&kt) = 0;
59
60 /* want scalar to be less than or equal to group order */
61 if (mp_cmp(k, &group->order) > 0) {
62 MP_CHECKOK(mp_init(&kt, FLAG(k)));
63 MP_CHECKOK(mp_mod(k, &group->order, &kt));
64 } else {
65 MP_SIGN(&kt) = MP_ZPOS;
66 MP_USED(&kt) = MP_USED(k);
67 MP_ALLOC(&kt) = MP_ALLOC(k);
68 MP_DIGITS(&kt) = MP_DIGITS(k);
69 }
70
71 if ((px == NULL) || (py == NULL)) {
72 if (group->base_point_mul) {
73 MP_CHECKOK(group->base_point_mul(&kt, rx, ry, group));
74 } else {
75 MP_CHECKOK(group->
76 point_mul(&kt, &group->genx, &group->geny, rx, ry,
77 group));
78 }
79 } else {
80 if (group->meth->field_enc) {
81 MP_CHECKOK(group->meth->field_enc(px, rx, group->meth));
82 MP_CHECKOK(group->meth->field_enc(py, ry, group->meth));
83 MP_CHECKOK(group->point_mul(&kt, rx, ry, rx, ry, group));
84 } else {
85 MP_CHECKOK(group->point_mul(&kt, px, py, rx, ry, group));
86 }
87 }
88 if (group->meth->field_dec) {
89 MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
90 MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
91 }
92
93 CLEANUP:
94 if (MP_DIGITS(&kt) != MP_DIGITS(k)) {
95 mp_clear(&kt);
96 }
97 return res;
98 }
99
100 /* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
101 * k2 * P(x, y), where G is the generator (base point) of the group of
102 * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
103 * Input and output values are assumed to be NOT field-encoded. */
104 mp_err
|
1 /*
2 * Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved.
3 * Use is subject to license terms.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public License
16 * along with this library; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /* *********************************************************************
25 *
26 * The Original Code is the elliptic curve math library.
27 *
28 * The Initial Developer of the Original Code is
29 * Sun Microsystems, Inc.
30 * Portions created by the Initial Developer are Copyright (C) 2003
31 * the Initial Developer. All Rights Reserved.
32 *
33 * Contributor(s):
34 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
35 *
36 * Last Modified Date from the Original Code: Nov 2016
37 *********************************************************************** */
38
39 #include "mpi.h"
40 #include "mplogic.h"
41 #include "ecl.h"
42 #include "ecl-priv.h"
43 #ifndef _KERNEL
44 #include <stdlib.h>
45 #endif
46
47 /* Elliptic curve scalar-point multiplication. Computes R(x, y) = k * P(x,
48 * y). If x, y = NULL, then P is assumed to be the generator (base point)
49 * of the group of points on the elliptic curve. Input and output values
50 * are assumed to be NOT field-encoded. */
51 mp_err
52 ECPoint_mul(const ECGroup *group, const mp_int *k, const mp_int *px,
53 const mp_int *py, mp_int *rx, mp_int *ry)
54 {
55 mp_err res = MP_OKAY;
56 mp_int kt;
57
58 ARGCHK((k != NULL) && (group != NULL), MP_BADARG);
59 MP_DIGITS(&kt) = 0;
60
61 /* want scalar to be less than or equal to group order */
62 if (mp_cmp(k, &group->order) > 0) {
63 MP_CHECKOK(mp_init(&kt, FLAG(k)));
64 MP_CHECKOK(mp_mod(k, &group->order, &kt));
65 } else {
66 MP_SIGN(&kt) = MP_ZPOS;
67 MP_USED(&kt) = MP_USED(k);
68 MP_ALLOC(&kt) = MP_ALLOC(k);
69 MP_DIGITS(&kt) = MP_DIGITS(k);
70 }
71
72 if ((px == NULL) || (py == NULL)) {
73 if (group->base_point_mul) {
74 MP_CHECKOK(group->base_point_mul(&kt, rx, ry, group));
75 } else {
76 kt.flag = (mp_sign)0;
77 MP_CHECKOK(group->
78 point_mul(&kt, &group->genx, &group->geny, rx, ry,
79 group));
80 }
81 } else {
82 if (group->meth->field_enc) {
83 MP_CHECKOK(group->meth->field_enc(px, rx, group->meth));
84 MP_CHECKOK(group->meth->field_enc(py, ry, group->meth));
85 MP_CHECKOK(group->point_mul(&kt, rx, ry, rx, ry, group));
86 } else {
87 kt.flag = (mp_sign)0;
88 MP_CHECKOK(group->point_mul(&kt, px, py, rx, ry, group));
89 }
90 }
91 if (group->meth->field_dec) {
92 MP_CHECKOK(group->meth->field_dec(rx, rx, group->meth));
93 MP_CHECKOK(group->meth->field_dec(ry, ry, group->meth));
94 }
95
96 CLEANUP:
97 if (MP_DIGITS(&kt) != MP_DIGITS(k)) {
98 mp_clear(&kt);
99 }
100 return res;
101 }
102
103 /* Elliptic curve scalar-point multiplication. Computes R(x, y) = k1 * G +
104 * k2 * P(x, y), where G is the generator (base point) of the group of
105 * points on the elliptic curve. Allows k1 = NULL or { k2, P } = NULL.
106 * Input and output values are assumed to be NOT field-encoded. */
107 mp_err
|