Lines Matching refs:group
106 int ec_GFp_simple_group_init(EC_GROUP *group)
108 BN_init(&group->field);
109 BN_init(&group->a);
110 BN_init(&group->b);
111 group->a_is_minus3 = 0;
112 group->generator = NULL;
113 BN_init(&group->order);
114 BN_init(&group->cofactor);
119 void ec_GFp_simple_group_finish(EC_GROUP *group)
121 BN_free(&group->field);
122 BN_free(&group->a);
123 BN_free(&group->b);
124 if (group->generator != NULL)
125 EC_POINT_free(group->generator);
126 BN_free(&group->order);
127 BN_free(&group->cofactor);
131 void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
133 BN_clear_free(&group->field);
134 BN_clear_free(&group->a);
135 BN_clear_free(&group->b);
136 if (group->generator != NULL)
138 EC_POINT_clear_free(group->generator);
139 group->generator = NULL;
141 BN_clear_free(&group->order);
142 BN_clear_free(&group->cofactor);
180 int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *group,
205 /* group->field */
206 if (!BN_copy(&group->field, p)) goto err;
207 group->field.neg = 0;
209 /* group->a */
211 if (group->meth->field_encode)
212 { if (!group->meth->field_encode(group, &group->a, tmp_a, ctx)) goto err; }
214 if (!BN_copy(&group->a, tmp_a)) goto err;
216 /* group->b */
217 if (!BN_nnmod(&group->b, b, p, ctx)) goto err;
218 if (group->meth->field_encode)
219 if (!group->meth->field_encode(group, &group->b, &group->b, ctx)) goto err;
221 /* group->a_is_minus3 */
223 group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
235 int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
242 if (!BN_copy(p, &group->field)) return 0;
247 if (group->meth->field_decode)
257 if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err;
261 if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err;
268 if (!BN_copy(a, &group->a)) goto err;
272 if (!BN_copy(b, &group->b)) goto err;
287 int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator,
296 if (group->generator == NULL)
298 group->generator = EC_POINT_new(group);
299 if (group->generator == NULL) return 0;
301 if (!EC_POINT_copy(group->generator, generator)) return 0;
304 { if (!BN_copy(&group->order, order)) return 0; }
306 { if (!BN_zero(&group->order)) return 0; }
309 { if (!BN_copy(&group->cofactor, cofactor)) return 0; }
311 { if (!BN_zero(&group->cofactor)) return 0; }
317 EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group)
319 return group->generator;
323 int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
325 if (!BN_copy(order, &group->order))
328 return !BN_is_zero(&group->order);
332 int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
334 if (!BN_copy(cofactor, &group->cofactor))
337 return !BN_is_zero(&group->cofactor);
380 int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
387 int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
402 if (!BN_nnmod(&point->X, x, &group->field, ctx)) goto err;
403 if (group->meth->field_encode)
405 if (!group->meth->field_encode(group, &point->X, &point->X, ctx)) goto err;
411 if (!BN_nnmod(&point->Y, y, &group->field, ctx)) goto err;
412 if (group->meth->field_encode)
414 if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx)) goto err;
422 if (!BN_nnmod(&point->Z, z, &group->field, ctx)) goto err;
424 if (group->meth->field_encode)
426 if (Z_is_one && (group->meth->field_set_to_one != 0))
428 if (!group->meth->field_set_to_one(group, &point->Z, ctx)) goto err;
432 if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx)) goto err;
447 int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
453 if (group->meth->field_decode != 0)
464 if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err;
468 if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err;
472 if (!group->meth->field_decode(group, z, &point->Z, ctx)) goto err;
500 int ec_GFp_simple_point_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
510 return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y, BN_value_one(), ctx);
514 int ec_GFp_simple_point_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
522 if (EC_POINT_is_at_infinity(group, point))
546 if (group->meth->field_decode)
548 if (!group->meth->field_decode(group, X, &point->X, ctx)) goto err;
549 if (!group->meth->field_decode(group, Y, &point->Y, ctx)) goto err;
550 if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err;
573 if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx))
579 if (group->meth->field_encode == 0)
582 if (!group->meth->field_sqr(group, Z_2, Z_1, ctx)) goto err;
586 if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx)) goto err;
591 if (group->meth->field_encode == 0)
594 if (!group->meth->field_mul(group, x, X_, Z_2, ctx)) goto err;
598 if (!BN_mod_mul(x, X_, Z_2, &group->field, ctx)) goto err;
604 if (group->meth->field_encode == 0)
607 if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx)) goto err;
608 if (!group->meth->field_mul(group, y, Y_, Z_3, ctx)) goto err;
613 if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err;
614 if (!BN_mod_mul(y, Y_, Z_3, &group->field, ctx)) goto err;
629 int ec_GFp_simple_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
658 if (!BN_nnmod(x, x_, &group->field,ctx)) goto err;
659 if (group->meth->field_decode == 0)
662 if (!group->meth->field_sqr(group, tmp2, x_, ctx)) goto err;
663 if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx)) goto err;
667 if (!BN_mod_sqr(tmp2, x_, &group->field, ctx)) goto err;
668 if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) goto err;
672 if (group->a_is_minus3)
674 if (!BN_mod_lshift1_quick(tmp2, x, &group->field)) goto err;
675 if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field)) goto err;
676 if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
680 if (group->meth->field_decode)
682 if (!group->meth->field_decode(group, tmp2, &group->a, ctx)) goto err;
683 if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) goto err;
688 if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) goto err;
691 if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
695 if (group->meth->field_decode)
697 if (!group->meth->field_decode(group, tmp2, &group->b, ctx)) goto err;
698 if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
702 if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) goto err;
705 if (!BN_mod_sqrt(y, tmp1, &group->field, ctx))
727 kron = BN_kronecker(x, &group->field, ctx);
736 if (!BN_usub(y, &group->field, y)) goto err;
744 if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
756 size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
773 if (EC_POINT_is_at_infinity(group, point))
790 field_len = BN_num_bytes(&group->field);
815 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
882 int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
921 return EC_POINT_set_to_infinity(group, point);
924 field_len = BN_num_bytes(&group->field);
946 if (BN_ucmp(x, &group->field) >= 0)
954 if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx)) goto err;
959 if (BN_ucmp(y, &group->field) >= 0)
973 if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
976 if (!EC_POINT_is_on_curve(group, point, ctx)) /* test required by X9.62 */
992 int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
1002 return EC_POINT_dbl(group, r, a, ctx);
1003 if (EC_POINT_is_at_infinity(group, a))
1005 if (EC_POINT_is_at_infinity(group, b))
1008 field_mul = group->meth->field_mul;
1009 field_sqr = group->meth->field_sqr;
1010 p = &group->field;
1044 if (!field_sqr(group, n0, &b->Z, ctx)) goto end;
1045 if (!field_mul(group, n1, &a->X, n0, ctx)) goto end;
1048 if (!field_mul(group, n0, n0, &b->Z, ctx)) goto end;
1049 if (!field_mul(group, n2, &a->Y, n0, ctx)) goto end;
1063 if (!field_sqr(group, n0, &a->Z, ctx)) goto end;
1064 if (!field_mul(group, n3, &b->X, n0, ctx)) goto end;
1067 if (!field_mul(group, n0, n0, &a->Z, ctx)) goto end;
1068 if (!field_mul(group, n4, &b->Y, n0, ctx)) goto end;
1084 ret = EC_POINT_dbl(group, r, a, ctx);
1116 { if (!field_mul(group, n0, &a->Z, &b->Z, ctx)) goto end; }
1117 if (!field_mul(group, &r->Z, n0, n5, ctx)) goto end;
1123 if (!field_sqr(group, n0, n6, ctx)) goto end;
1124 if (!field_sqr(group, n4, n5, ctx)) goto end;
1125 if (!field_mul(group, n3, n1, n4, ctx)) goto end;
1135 if (!field_mul(group, n0, n0, n6, ctx)) goto end;
1136 if (!field_mul(group, n5, n4, n5, ctx)) goto end; /* now n5 is n5^3 */
1137 if (!field_mul(group, n1, n2, n5, ctx)) goto end;
1156 int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
1165 if (EC_POINT_is_at_infinity(group, a))
1172 field_mul = group->meth->field_mul;
1173 field_sqr = group->meth->field_sqr;
1174 p = &group->field;
1198 if (!field_sqr(group, n0, &a->X, ctx)) goto err;
1201 if (!BN_mod_add_quick(n1, n0, &group->a, p)) goto err;
1204 else if (group->a_is_minus3)
1206 if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
1209 if (!field_mul(group, n1, n0, n2, ctx)) goto err;
1217 if (!field_sqr(group, n0, &a->X, ctx)) goto err;
1220 if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
1221 if (!field_sqr(group, n1, n1, ctx)) goto err;
1222 if (!field_mul(group, n1, n1, &group->a, ctx)) goto err;
1234 if (!field_mul(group, n0, &a->Y, &a->Z, ctx)) goto err;
1241 if (!field_sqr(group, n3, &a->Y, ctx)) goto err;
1242 if (!field_mul(group, n2, &a->X, n3, ctx)) goto err;
1248 if (!field_sqr(group, &r->X, n1, ctx)) goto err;
1253 if (!field_sqr(group, n0, n3, ctx)) goto err;
1259 if (!field_mul(group, n0, n1, n0, ctx)) goto err;
1273 int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
1275 if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
1279 return BN_usub(&point->Y, &group->field, &point->Y);
1283 int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
1289 int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
1298 if (EC_POINT_is_at_infinity(group, point))
1301 field_mul = group->meth->field_mul;
1302 field_sqr = group->meth->field_sqr;
1303 p = &group->field;
1330 if (!field_sqr(group, rh, &point->X, ctx)) goto err;
1331 if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
1335 if (!field_sqr(group, tmp1, &point->Z, ctx)) goto err;
1336 if (!field_sqr(group, Z4, tmp1, ctx)) goto err;
1337 if (!field_mul(group, Z6, Z4, tmp1, ctx)) goto err;
1340 if (!field_mul(group, tmp1, &point->X, Z4, ctx)) goto err;
1341 if (group->a_is_minus3)
1349 if (!field_mul(group, tmp2, tmp1, &group->a, ctx)) goto err;
1354 if (!field_mul(group, tmp1, &group->b, Z6, ctx)) goto err;
1362 if (group->a_is_minus3)
1370 if (!field_mul(group, tmp2, &point->X, &group->a, ctx)) goto err;
1375 if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err;
1379 if (!field_sqr(group, tmp1, &point->Y, ctx)) goto err;
1391 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
1406 if (EC_POINT_is_at_infinity(group, a))
1408 return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
1416 field_mul = group->meth->field_mul;
1417 field_sqr = group->meth->field_sqr;
1441 if (!field_sqr(group, Zb23, &b->Z, ctx)) goto end;
1442 if (!field_mul(group, tmp1, &a->X, Zb23, ctx)) goto end;
1449 if (!field_sqr(group, Za23, &a->Z, ctx)) goto end;
1450 if (!field_mul(group, tmp2, &b->X, Za23, ctx)) goto end;
1466 if (!field_mul(group, Zb23, Zb23, &b->Z, ctx)) goto end;
1467 if (!field_mul(group, tmp1, &a->Y, Zb23, ctx)) goto end;
1474 if (!field_mul(group, Za23, Za23, &a->Z, ctx)) goto end;
1475 if (!field_mul(group, tmp2, &b->Y, Za23, ctx)) goto end;
1499 int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
1505 if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
1520 if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
1521 if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
1538 int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
1619 if (!group->meth->field_mul(group, heap[i],
1629 if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx))
1635 if (group->meth->field_encode != 0)
1640 if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
1641 if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
1650 if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err;
1651 if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err;
1670 if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err;
1671 if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err;
1673 if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err;
1674 if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err;
1676 if (group->meth->field_set_to_one != 0)
1678 if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err;
1708 int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
1710 return BN_mod_mul(r, a, b, &group->field, ctx);
1714 int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
1716 return BN_mod_sqr(r, a, &group->field, ctx);