3 * $Id: ec-exp.c,v 1.1 2004/04/01 12:50:09 mdw Exp $
5 * Point multiplication for elliptic curves
7 * (c) 2004 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Revision history --------------------------------------------------*
33 * Revision 1.1 2004/04/01 12:50:09 mdw
34 * Add cyclic group abstraction, with test code. Separate off exponentation
35 * functions for better static linking. Fix a buttload of bugs on the way.
36 * Generally ensure that negative exponents do inversion correctly. Add
37 * table of standard prime-field subgroups. (Binary field subgroups are
38 * currently unimplemented but easy to add if anyone ever finds a good one.)
42 /*----- Header files ------------------------------------------------------*/
47 /*----- Main code ---------------------------------------------------------*/
49 /* --- @ec_imul@, @ec_mul@ --- *
51 * Arguments: @ec_curve *c@ = pointer to an elliptic curve
52 * @ec *d@ = pointer to the destination point
53 * @const ec *p@ = pointer to the generator point
54 * @mp *n@ = integer multiplier
56 * Returns: The destination @d@.
58 * Use: Multiplies a point by a scalar, returning %$n p$%. The
59 * @imul@ variant uses internal representations for argument
63 ec
*ec_imul(ec_curve
*c
, ec
*d
, const ec
*p
, mp
*n
)
68 if (t
.x
&& (n
->f
& MP_BURN
))
77 if (MP_LEN(n
) < EXP_THRESH
)
86 ec
*ec_mul(ec_curve
*c
, ec
*d
, const ec
*p
, mp
*n
)
90 return (EC_OUT(c
, d
, d
));
93 /* --- @ec_mmul@, @ec_immul@ --- *
95 * Arguments: @ec_curve *c@ = pointer to an elliptic curve
96 * @ec *d@ = pointer to the destination point
97 * @const ec_mulfactor *f@ = pointer to vector of factors
98 * @size_t n@ = number of factors
100 * Returns: The destination @d@.
102 * Use: Does simultaneous point multiplication. The @immul@ variant
103 * uses internal representations for arguments and result.
109 static ec
*immul(ec_curve
*c
, ec
*d
, ec_mulfactor
*f
, size_t n
)
113 for (i
= 0; i
< n
; i
++) {
115 if (f
[i
].exp
->f
& MP_NEG
)
116 EC_NEG(c
, &f
[i
].base
, &f
[i
].base
);
117 if (f
[i
].base
.x
&& f
[i
].exp
->f
& MP_BURN
)
118 f
[i
].base
.x
->f
|= MP_BURN
;
122 for (i
= 0; i
< n
; i
++)
123 EC_DESTROY(&f
[i
].base
);
128 ec
*ec_immul(ec_curve
*c
, ec
*d
, const ec_mulfactor
*f
, size_t n
)
130 ec_mulfactor
*ff
= xmalloc(n
* sizeof(ec_mulfactor
));
133 for (i
= 0; i
< n
; i
++) {
134 EC_CREATE(&ff
[i
].base
);
135 EC_COPY(&ff
[i
].base
, &f
[i
].base
);
136 ff
[i
].exp
= f
[i
].exp
;
138 return (immul(c
, d
, ff
, n
));
141 ec
*ec_mmul(ec_curve
*c
, ec
*d
, const ec_mulfactor
*f
, size_t n
)
143 ec_mulfactor
*ff
= xmalloc(n
* sizeof(ec_mulfactor
));
146 for (i
= 0; i
< n
; i
++) {
147 EC_CREATE(&ff
[i
].base
);
148 EC_IN(c
, &ff
[i
].base
, &f
[i
].base
);
149 ff
[i
].exp
= f
[i
].exp
;
152 return (EC_OUT(c
, d
, d
));
155 /*----- That's all, folks -------------------------------------------------*/