tmgurtler
/
BGN2


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323
							#include "PrivateKey.hpp"

extern const curvepoint_fp_t bn_curvegen;

PrivateKey::PrivateKey(const Fp& a, const Fp& b, const Fp& c, const Fp& d, const Fp& e, const Fp& f, const Fp& g, const Fp& h)
{
    set(a, b, c, d, e, f, g, h);
}

void PrivateKey::set(const Fp& a, const Fp& b, const Fp& c, const Fp& d, const Fp& e, const Fp& f, const Fp& g, const Fp& h)
{
    i1 = a;
    j1 = b;
    k1 = c;
    l1 = d;

    i2 = e;
    j2 = f;
    k2 = g;
    l2 = h;
}

void PrivateKey::set(string which, const Fp& input);
{
    if (which.length() != 2)
        return;

    bool var_is_1 = false;
    switch (which[1])
    {
        case '1':
            var_is_1 = true;
            break;

        case '2':
            break;

        default:
            return;
    }

    switch (which[0])
    {
        case 'i':
            if (var_is_1)
                i1 = input;
            else i2 = input;
            break;

        case 'j':
            if (var_is_1)
                j1 = input;
            else j2 = input;
            break;

        case 'k':
            if (var_is_1)
                k1 = input;
            else k2 = input;
            break;

        case 'l':
            if (var_is_1)
                l1 = input;
            else l2 = input;
            break;

        default:
            break;
    } 
}

Fp PrivateKey::get(string which) const
{
    if (which.length() != 2)
        return Fp();

    bool var_is_1 = false;
    switch (which[1])
    {
        case '1':
            var_is_1 = true;
            break;

        case '2':
            break;

        default:
            return Fp();
    }

    switch (which[0])
    {
        case 'i':
            return var_is_1 ? i1 : i2;

        case 'j':
            return var_is_1 ? j1 : j2;

        case 'k':
            return var_is_1 ? k1 : k2;

        case 'l':
            return var_is_1 ? l1 : l2;

        default:
            return Fp();
    } 
}

Bipoint<curvepoint_fp_t> PrivateKey::pi_1(const Bipoint<curvepoint_fp_t>& input) const
{
    Bipoint<curvepoint_fp_t> retval;
    curvepoint_fp_t temp1, temp2;
    
    const scalar_t i1_s = i1.to_scalar();
    const scalar_t j1_s = j1.to_scalar();
    const scalar_t k1_s = k1.to_scalar();
    const scalar_t l1_s = l1.to_scalar();


    curvepoint_fp_scalarmult_vartime(temp1, input[0], j1_s);
    curvepoint_fp_scalarmult_vartime(temp1, temp1, k1_s);
    curvepoint_fp_neg(temp1, temp1);
    curvepoint_fp_makeaffine(temp1);

    curvepoint_fp_scalarmult_vartime(temp2, input[1], i1_s);
    curvepoint_fp_scalarmult_vartime(temp2, temp2, k1_s);
    curvepoint_fp_makeaffine(temp2);

    curvepoint_fp_add_vartime(temp1, temp1, temp2);
    curvepoint_fp_makeaffine(temp1);
    curvepoint_fp_set(retval[0], temp1);
    

    curvepoint_fp_scalarmult_vartime(temp1, input[0], j1_s);
    curvepoint_fp_scalarmult_vartime(temp1, temp1, l1_s);
    curvepoint_fp_neg(temp1, temp1);
    curvepoint_fp_makeaffine(temp1);
    
    curvepoint_fp_scalarmult_vartime(temp2, input[1], i1_s);
    curvepoint_fp_scalarmult_vartime(temp2, temp2, l1_s);
    curvepoint_fp_makeaffine(temp2);
    
    curvepoint_fp_add_vartime(temp1, temp1, temp2);
    curvepoint_fp_makeaffine(temp1);
    curvepoint_fp_set(retval[1], temp1); 


    return retval;
}

Bipoint<twistpoint_fp2_t> PrivateKey::pi_2(const Bipoint<twistpoint_fp2_t>& input) const
{
    Bipoint<twistpoint_fp2_t> retval;
    twistpoint_fp2_t temp1, temp2;

    const scalar_t i2_s = i2.to_scalar();
    const scalar_t j2_s = j2.to_scalar();
    const scalar_t k2_s = k2.to_scalar();
    const scalar_t l2_s = l2.to_scalar();
    

    twistpoint_fp2_scalarmult_vartime(temp1, input[0], j2_s);
    twistpoint_fp2_scalarmult_vartime(temp1, temp1, k2_s);
    twistpoint_fp2_neg(temp1,temp1);
    twistpoint_fp2_makeaffine(temp1);
    
    twistpoint_fp2_scalarmult_vartime(temp2, input[1], i2_s);
    twistpoint_fp2_scalarmult_vartime(temp2, temp2, k2_s);
    twistpoint_fp2_makeaffine(temp2);

    twistpoint_fp2_add_vartime(temp1, temp1, temp2);
    twistpoint_fp2_makeaffine(temp1);
    twistpoint_fp2_set(retval[0], temp1);
    

    twistpoint_fp2_scalarmult_vartime(temp1, input[0], j2_s);
    twistpoint_fp2_scalarmult_vartime(temp1, temp1, l2_s);
    twistpoint_fp2_neg(temp1, temp1);      
    twistpoint_fp2_makeaffine(temp1);
    
    twistpoint_fp2_scalarmult_vartime(temp2, input[1], i2_s);
    twistpoint_fp2_scalarmult_vartime(temp2, temp2, l2_s);
    twistpoint_fp2_makeaffine(temp2);

    twistpoint_fp2_add_vartime(temp1, temp1, temp2);
    twistpoint_fp2_makeaffine(temp1);
    twistpoint_fp2_set(retval[1], temp1);


    return retval;     
}

Quadripoint PrivateKey::pi_T(const Quadripoint& input) const
{
    Quadripoint retval;
    fp12e_t temp1, temp2, temp3, temp4;

    const scalar_t i1_s = i1.to_scalar();
    const scalar_t j1_s = j1.to_scalar();
    const scalar_t k1_s = k1.to_scalar();
    const scalar_t l1_s = l1.to_scalar();
    const scalar_t i2_s = i2.to_scalar();
    const scalar_t j2_s = j2.to_scalar();
    const scalar_t k2_s = k2.to_scalar();
    const scalar_t l2_s = l2.to_scalar();


    fp12e_pow_vartime(temp1, input[0], j1_s);
    fp12e_pow_vartime(temp1, temp1, k1_s);
    fp12e_pow_vartime(temp1, temp1, j2_s); 
    fp12e_pow_vartime(temp1, temp1, k2_s);
    
    fp12e_invert(temp2, input[1]);
    fp12e_pow_vartime(temp2, temp2, j1_s);
    fp12e_pow_vartime(temp2, temp2, k1_s);
    fp12e_pow_vartime(temp2, temp2, i2_s);
    fp12e_pow_vartime(temp2, temp2, k2_s);

    fp12e_invert(temp3, input[2]);
    fp12e_pow_vartime(temp3, temp3, i1_s);
    fp12e_pow_vartime(temp3, temp3, k1_s);
    fp12e_pow_vartime(temp3, temp3, j2_s);
    fp12e_pow_vartime(temp3, temp3, k2_s);

    fp12e_pow_vartime(temp4, input[3], i1_s);
    fp12e_pow_vartime(temp4, temp4, k1_s);
    fp12e_pow_vartime(temp4, temp4, i2_s);
    fp12e_pow_vartime(temp4, temp4, k2_s);

    fp12e_mul(temp1, temp1, temp2);
    fp12e_mul(temp2, temp3, temp4);
    fp12e_mul(temp1, temp1, temp2);
    retval.set(temp1, 0);


    fp12e_pow_vartime(temp1, input[0], j1_s);
    fp12e_pow_vartime(temp1, temp1, k1_s);
    fp12e_pow_vartime(temp1, temp1, j2_s);
    fp12e_pow_vartime(temp1, temp1, l2_s);

    fp12e_pow_vartime(temp2, input[1], j1_s);
    fp12e_invert(temp2, temp2);
    fp12e_pow_vartime(temp2, temp2, k1_s);
    fp12e_pow_vartime(temp2, temp2, i2_s);
    fp12e_pow_vartime(temp2, temp2, l2_s);

    fp12e_pow_vartime(temp3, input[2], i1_s);
    fp12e_pow_vartime(temp3, temp3, k1_s);
    fp12e_pow_vartime(temp3, temp3, j2_s);
    fp12e_invert(temp3, temp3);
    fp12e_pow_vartime(temp3, temp3, l2_s);

    fp12e_pow_vartime(temp4, input[3], i1_s);
    fp12e_pow_vartime(temp4, temp4, k1_s);
    fp12e_pow_vartime(temp4, temp4, i2_s);
    fp12e_pow_vartime(temp4, temp4, l2_s);

    fp12e_mul(temp1, temp1, temp2);
    fp12e_mul(temp2, temp3, temp4);
    fp12e_mul(temp1, temp1, temp2);
    retval.set(temp1, 1);
    

    fp12e_pow_vartime(temp1, input[0], j1_s);
    fp12e_pow_vartime(temp1, temp1, l1_s);
    fp12e_pow_vartime(temp1, temp1, j2_s);
    fp12e_pow_vartime(temp1, temp1, k2_s);

    fp12e_pow_vartime(temp2, input[1], j1_s);
    fp12e_invert(temp2, temp2);
    fp12e_pow_vartime(temp2, temp2, l1_s);
    fp12e_pow_vartime(temp2, temp2, i2_s);
    fp12e_pow_vartime(temp2, temp2, k2_s);

    fp12e_pow_vartime(temp3, input[2], i1_s);
    fp12e_pow_vartime(temp3, temp3, l1_s);
    fp12e_pow_vartime(temp3, temp3, j2_s);
    fp12e_invert(temp3, temp3);
    fp12e_pow_vartime(temp3, temp3, k2_s);

    fp12e_pow_vartime(temp4, input[3], i1_s);
    fp12e_pow_vartime(temp4, temp4, l1_s);
    fp12e_pow_vartime(temp4, temp4, i2_s);
    fp12e_pow_vartime(temp4, temp4, k2_s);
    
    fp12e_mul(temp1, temp1, temp2);
    fp12e_mul(temp2, temp3, temp4);
    fp12e_mul(temp1, temp1, temp2);
    retval.set(temp1, 2);
    

    fp12e_pow_vartime(temp1, input[0], j1_s);
    fp12e_pow_vartime(temp1, temp1, l1_s);
    fp12e_pow_vartime(temp1, temp1, j2_s);
    fp12e_pow_vartime(temp1, temp1, l2_s);

    fp12e_pow_vartime(temp2, input[1], j1_s);
    fp12e_invert(temp2, temp2);
    fp12e_pow_vartime(temp2, temp2, l1_s);
    fp12e_pow_vartime(temp2, temp2, i2_s);
    fp12e_pow_vartime(temp2, temp2, l2_s);

    fp12e_pow_vartime(temp3, input[2], i1_s);
    fp12e_pow_vartime(temp3, temp3, l1_s);
    fp12e_pow_vartime(temp3, temp3, j2_s);
    fp12e_invert(temp3, temp3);
    fp12e_pow_vartime(temp3, temp3, l2_s);

    fp12e_pow_vartime(temp4, input[3], i1_s);
    fp12e_pow_vartime(temp4, temp4, l1_s);
    fp12e_pow_vartime(temp4, temp4, i2_s);
    fp12e_pow_vartime(temp4, temp4, l2_s);

    fp12e_mul(temp1, temp1, temp2);
    fp12e_mul(temp2, temp3, temp4);
    fp12e_mul(temp1, temp1, temp2);
    retval.set(temp1, 3);
    

    return retval;
}