|
@@ -3,22 +3,11 @@
|
|
* Author: Ruben Niederhagen, Peter Schwabe
|
|
* Author: Ruben Niederhagen, Peter Schwabe
|
|
* Public Domain
|
|
* Public Domain
|
|
*/
|
|
*/
|
|
|
|
+
|
|
#include <stdio.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <stdlib.h>
|
|
-
|
|
|
|
-
|
|
|
|
-#include "mydouble.h"
|
|
|
|
-extern "C" {
|
|
|
|
#include "fpe.h"
|
|
#include "fpe.h"
|
|
-}
|
|
|
|
-
|
|
|
|
#include "curvepoint_fp.h"
|
|
#include "curvepoint_fp.h"
|
|
-//#include "scalar_512.h"
|
|
|
|
-
|
|
|
|
-#include "zout.hpp"
|
|
|
|
-#include <typeinfo>
|
|
|
|
-#include <cxxabi.h>
|
|
|
|
-
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
//////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
// Point initialization and deletion functions
|
|
// Point initialization and deletion functions
|
|
@@ -74,25 +63,12 @@ void curvepoint_fp_mixadd(curvepoint_fp_t rop, const curvepoint_fp_t op1, const
|
|
}
|
|
}
|
|
*/
|
|
*/
|
|
|
|
|
|
-
|
|
|
|
-#ifndef COMPLETE_ADDITION //UPDATE 512
|
|
|
|
-int number_call=0;
|
|
|
|
-
|
|
|
|
void curvepoint_fp_double(curvepoint_fp_t rop, const curvepoint_fp_t op)
|
|
void curvepoint_fp_double(curvepoint_fp_t rop, const curvepoint_fp_t op)
|
|
{
|
|
{
|
|
- if (number_call == 0)
|
|
|
|
- {
|
|
|
|
- signature;
|
|
|
|
- }
|
|
|
|
- number_call++;
|
|
|
|
fpe_t tfpe1, tfpe2, tfpe3, tfpe4; // Temporary variables needed for intermediary results
|
|
fpe_t tfpe1, tfpe2, tfpe3, tfpe4; // Temporary variables needed for intermediary results
|
|
- //abc;
|
|
|
|
fpe_square(tfpe1, op->m_y);
|
|
fpe_square(tfpe1, op->m_y);
|
|
- //xyz;
|
|
|
|
- //debug(301);
|
|
|
|
fpe_mul(tfpe2, tfpe1, op->m_x);
|
|
fpe_mul(tfpe2, tfpe1, op->m_x);
|
|
fpe_double(tfpe2, tfpe2);
|
|
fpe_double(tfpe2, tfpe2);
|
|
- //printf("\n\n\ntfpe2="); fpe_print(stdout,tfpe2);
|
|
|
|
fpe_double(tfpe2, tfpe2);
|
|
fpe_double(tfpe2, tfpe2);
|
|
fpe_square(tfpe3, tfpe1);
|
|
fpe_square(tfpe3, tfpe1);
|
|
fpe_double(tfpe3, tfpe3);
|
|
fpe_double(tfpe3, tfpe3);
|
|
@@ -112,39 +88,10 @@ void curvepoint_fp_double(curvepoint_fp_t rop, const curvepoint_fp_t op)
|
|
fpe_mul(rop->m_y, tfpe4, tfpe1);
|
|
fpe_mul(rop->m_y, tfpe4, tfpe1);
|
|
fpe_sub(rop->m_y, rop->m_y, tfpe3);
|
|
fpe_sub(rop->m_y, rop->m_y, tfpe3);
|
|
fpe_short_coeffred(rop->m_y);
|
|
fpe_short_coeffred(rop->m_y);
|
|
- //curvepoint_fp_makeaffine(rop);
|
|
|
|
-}
|
|
|
|
-
|
|
|
|
-
|
|
|
|
-
|
|
|
|
-
|
|
|
|
-
|
|
|
|
-// Transform Jacobian to Affine Coordinates (z=1)
|
|
|
|
-void curvepoint_fp_makeaffine(curvepoint_fp_t point)
|
|
|
|
-{
|
|
|
|
- //signature;
|
|
|
|
- if (!fpe_iszero(point->m_z))
|
|
|
|
- {
|
|
|
|
- fpe_t tfpe1;
|
|
|
|
- fpe_invert(tfpe1, point->m_z);
|
|
|
|
- fpe_mul(point->m_x, point->m_x, tfpe1);
|
|
|
|
- fpe_mul(point->m_x, point->m_x, tfpe1);
|
|
|
|
-
|
|
|
|
- fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
- fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
- fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
-
|
|
|
|
- fpe_setone(point->m_z);
|
|
|
|
- }
|
|
|
|
}
|
|
}
|
|
|
|
|
|
-#endif
|
|
|
|
-
|
|
|
|
-#ifndef COMPLETE_ADDITION //UPDATE 512
|
|
|
|
-
|
|
|
|
void curvepoint_fp_add_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
|
|
void curvepoint_fp_add_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
|
|
{
|
|
{
|
|
- //signature;
|
|
|
|
if(fpe_iszero(op1->m_z))
|
|
if(fpe_iszero(op1->m_z))
|
|
curvepoint_fp_set(rop,op2);
|
|
curvepoint_fp_set(rop,op2);
|
|
else if(fpe_iszero(op2->m_z))
|
|
else if(fpe_iszero(op2->m_z))
|
|
@@ -225,12 +172,8 @@ void curvepoint_fp_add_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op1, c
|
|
fpe_mul(rop->m_z,t14,h);
|
|
fpe_mul(rop->m_z,t14,h);
|
|
fpe_short_coeffred(rop->m_z);
|
|
fpe_short_coeffred(rop->m_z);
|
|
}
|
|
}
|
|
- //curvepoint_fp_makeaffine(rop);
|
|
|
|
}
|
|
}
|
|
|
|
|
|
-#endif
|
|
|
|
-
|
|
|
|
-
|
|
|
|
|
|
|
|
static void curvepoint_fp_add_nocheck(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
|
|
static void curvepoint_fp_add_nocheck(curvepoint_fp_t rop, const curvepoint_fp_t op1, const curvepoint_fp_t op2)
|
|
{
|
|
{
|
|
@@ -320,120 +263,94 @@ void curvepoint_fp_scalarmult_vartime_old(curvepoint_fp_t rop, const curvepoint_
|
|
|
|
|
|
static void choose_t(curvepoint_fp_t t, struct curvepoint_fp_struct *pre, signed char b)
|
|
static void choose_t(curvepoint_fp_t t, struct curvepoint_fp_struct *pre, signed char b)
|
|
{
|
|
{
|
|
- //signature;
|
|
|
|
- //zout((int)b);
|
|
|
|
if(b>0)
|
|
if(b>0)
|
|
*t = pre[b-1];
|
|
*t = pre[b-1];
|
|
else
|
|
else
|
|
{
|
|
{
|
|
*t = pre[-b-1];
|
|
*t = pre[-b-1];
|
|
- //printf("avant t = ");
|
|
|
|
- //curvepoint_fp_print(stdout,t);
|
|
|
|
- //printf("\n\n\n");
|
|
|
|
curvepoint_fp_neg(t,t);
|
|
curvepoint_fp_neg(t,t);
|
|
- //printf("apres t = ");
|
|
|
|
- //curvepoint_fp_print(stdout,t);
|
|
|
|
- //printf("\n\n\n");
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
void curvepoint_fp_scalarmult_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op, const scalar_t scalar)
|
|
void curvepoint_fp_scalarmult_vartime(curvepoint_fp_t rop, const curvepoint_fp_t op, const scalar_t scalar)
|
|
{
|
|
{
|
|
- signed char s[65];
|
|
|
|
- int i;
|
|
|
|
- curvepoint_fp_t t;
|
|
|
|
- struct curvepoint_fp_struct pre[8];
|
|
|
|
- //zout(__builtin_return_address(0),__builtin_return_address(1),__func__,__PRETTY_FUNCTION__);
|
|
|
|
- //cout << abi::__cxa_demangle(typeid(__func__).name(), 0, 0, 0);
|
|
|
|
- scalar_window4(s,scalar);
|
|
|
|
- //zout(__builtin_return_address(0),__func__);
|
|
|
|
- //printf("\n");
|
|
|
|
- //ecris(s = );
|
|
|
|
- //for(i=0;i<64;i++)
|
|
|
|
- //printf("%d ",s[i]);
|
|
|
|
- //printf("\n");
|
|
|
|
- pre[0] = *op; // P
|
|
|
|
- curvepoint_fp_double(&pre[1], &pre[0]); // 2P
|
|
|
|
- curvepoint_fp_add_vartime(&pre[2], &pre[0], &pre[1]); // 3P
|
|
|
|
- curvepoint_fp_double(&pre[3], &pre[1]); // 4P
|
|
|
|
- curvepoint_fp_add_vartime(&pre[4], &pre[0], &pre[3]); // 5P
|
|
|
|
- curvepoint_fp_double(&pre[5], &pre[2]); // 6P
|
|
|
|
- curvepoint_fp_add_vartime(&pre[6], &pre[0], &pre[5]); // 7P
|
|
|
|
- curvepoint_fp_double(&pre[7], &pre[3]); // 8P
|
|
|
|
- //printf("\n\n\nP = "); curvepoint_fp_print(stdout,&pre[0]);
|
|
|
|
- //printf("\n\n\n2P = "); curvepoint_fp_print(stdout,&pre[1]);
|
|
|
|
- //printf("\n\n\n3P = "); curvepoint_fp_print(stdout,&pre[2]);
|
|
|
|
- //printf("\n\n\n4P = "); curvepoint_fp_print(stdout,&pre[3]);
|
|
|
|
- //printf("\n\n\n5P = "); curvepoint_fp_print(stdout,&pre[4]);
|
|
|
|
- //printf("\n\n\n6P = "); curvepoint_fp_print(stdout,&pre[5]);
|
|
|
|
- //printf("\n\n\n7P = "); curvepoint_fp_print(stdout,&pre[6]);
|
|
|
|
- //printf("\n\n\n8P = "); curvepoint_fp_print(stdout,&pre[7]);
|
|
|
|
- //printf("\n\n\n");
|
|
|
|
- i = 64;
|
|
|
|
-
|
|
|
|
- while(!s[i]&&i>0) i--;
|
|
|
|
-
|
|
|
|
- if(!s[i])
|
|
|
|
- {
|
|
|
|
- curvepoint_fp_setneutral(rop);
|
|
|
|
- //printf("\n\n\n rop = ");
|
|
|
|
- //curvepoint_fp_print(stdout,rop);
|
|
|
|
- }
|
|
|
|
- else
|
|
|
|
- {
|
|
|
|
- choose_t(rop,pre,s[i]);
|
|
|
|
- i--;
|
|
|
|
- for(;i>=0;i--)
|
|
|
|
- {
|
|
|
|
- //printf("i = %d\n",i);
|
|
|
|
- curvepoint_fp_double(rop, rop);
|
|
|
|
- curvepoint_fp_double(rop, rop);
|
|
|
|
- curvepoint_fp_double(rop, rop);
|
|
|
|
- curvepoint_fp_double(rop, rop);
|
|
|
|
- if(s[i])
|
|
|
|
- {
|
|
|
|
-
|
|
|
|
- //printf("i=%d \t s[i] = %d\n",i,s[i]);
|
|
|
|
- choose_t(t,pre,s[i]);
|
|
|
|
- //printf("rop = ");
|
|
|
|
- //curvepoint_fp_print(stdout,rop);
|
|
|
|
- //printf("\n\n\n");
|
|
|
|
- //printf("t = ");
|
|
|
|
- //curvepoint_fp_print(stdout,t);
|
|
|
|
- //printf("\n\n\n");
|
|
|
|
- curvepoint_fp_add_vartime(rop,rop,t);
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
- }
|
|
|
|
|
|
+ signed char s[65];
|
|
|
|
+ int i;
|
|
|
|
+ curvepoint_fp_t t;
|
|
|
|
+ struct curvepoint_fp_struct pre[8];
|
|
|
|
+ scalar_window4(s,scalar);
|
|
|
|
+ /*
|
|
|
|
+ for(i=0;i<64;i++)
|
|
|
|
+ printf("%d ",s[i]);
|
|
|
|
+ printf("\n");
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+ pre[0] = *op; // P
|
|
|
|
+ curvepoint_fp_double(&pre[1], &pre[0]); // 2P
|
|
|
|
+ curvepoint_fp_add_nocheck(&pre[2], &pre[0], &pre[1]); // 3P
|
|
|
|
+ curvepoint_fp_double(&pre[3], &pre[1]); // 4P
|
|
|
|
+ curvepoint_fp_add_nocheck(&pre[4], &pre[0], &pre[3]); // 5P
|
|
|
|
+ curvepoint_fp_double(&pre[5], &pre[2]); // 6P
|
|
|
|
+ curvepoint_fp_add_nocheck(&pre[6], &pre[0], &pre[5]); // 7P
|
|
|
|
+ curvepoint_fp_double(&pre[7], &pre[3]); // 8P
|
|
|
|
+
|
|
|
|
+ i = 64;
|
|
|
|
+ while(!s[i]&&i>0) i--;
|
|
|
|
+
|
|
|
|
+ if(!s[i])
|
|
|
|
+ curvepoint_fp_setneutral(rop);
|
|
|
|
+ else
|
|
|
|
+ {
|
|
|
|
+ choose_t(rop,pre,s[i]);
|
|
|
|
+ i--;
|
|
|
|
+ for(;i>=0;i--)
|
|
|
|
+ {
|
|
|
|
+ curvepoint_fp_double(rop, rop);
|
|
|
|
+ curvepoint_fp_double(rop, rop);
|
|
|
|
+ curvepoint_fp_double(rop, rop);
|
|
|
|
+ curvepoint_fp_double(rop, rop);
|
|
|
|
+ if(s[i])
|
|
|
|
+ {
|
|
|
|
+ choose_t(t,pre,s[i]);
|
|
|
|
+ curvepoint_fp_add_nocheck(rop,rop,t);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
|
}
|
|
}
|
|
|
|
|
|
// Negate a point, store in rop:
|
|
// Negate a point, store in rop:
|
|
void curvepoint_fp_neg(curvepoint_fp_t rop, const curvepoint_fp_t op)
|
|
void curvepoint_fp_neg(curvepoint_fp_t rop, const curvepoint_fp_t op)
|
|
{
|
|
{
|
|
- if (fpe_iszero(op->m_z))
|
|
|
|
- {
|
|
|
|
- curvepoint_fp_set(rop,op);
|
|
|
|
- }
|
|
|
|
- else
|
|
|
|
- {
|
|
|
|
- fpe_t tfpe1;
|
|
|
|
- fpe_set(rop->m_x, op->m_x);
|
|
|
|
- fpe_neg(rop->m_y, op->m_y);
|
|
|
|
- fpe_set(rop->m_z, op->m_z);
|
|
|
|
- }
|
|
|
|
|
|
+ fpe_t tfpe1;
|
|
|
|
+ fpe_set(rop->m_x, op->m_x);
|
|
|
|
+ fpe_neg(rop->m_y, op->m_y);
|
|
|
|
+ fpe_set(rop->m_z, op->m_z);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+// Transform to Affine Coordinates (z=1)
|
|
|
|
+void curvepoint_fp_makeaffine(curvepoint_fp_t point)
|
|
|
|
+{
|
|
|
|
+ fpe_t tfpe1;
|
|
|
|
+ fpe_invert(tfpe1, point->m_z);
|
|
|
|
+ fpe_mul(point->m_x, point->m_x, tfpe1);
|
|
|
|
+ fpe_mul(point->m_x, point->m_x, tfpe1);
|
|
|
|
|
|
|
|
+ fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
+ fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
+ fpe_mul(point->m_y, point->m_y, tfpe1);
|
|
|
|
+
|
|
|
|
+ fpe_setone(point->m_z);
|
|
|
|
+}
|
|
|
|
|
|
// Print a point:
|
|
// Print a point:
|
|
void curvepoint_fp_print(FILE *outfile, const curvepoint_fp_t point)
|
|
void curvepoint_fp_print(FILE *outfile, const curvepoint_fp_t point)
|
|
{
|
|
{
|
|
- fprintf(outfile, "______________Curve______________\n\nX = ");
|
|
|
|
|
|
+ fprintf(outfile, "[");
|
|
fpe_print(outfile, point->m_x);
|
|
fpe_print(outfile, point->m_x);
|
|
- fprintf(outfile, "\n\nY = ");
|
|
|
|
|
|
+ fprintf(outfile, ", ");
|
|
fpe_print(outfile, point->m_y);
|
|
fpe_print(outfile, point->m_y);
|
|
- fprintf(outfile, "\n\nZ = ");
|
|
|
|
|
|
+ fprintf(outfile, ", ");
|
|
fpe_print(outfile, point->m_z);
|
|
fpe_print(outfile, point->m_z);
|
|
- fprintf(outfile, "\n_________________________________\n");
|
|
|
|
|
|
+ fprintf(outfile, "]");
|
|
}
|
|
}
|
|
|
|
|