b0ab12e6 |
1 | /* -*-c-*- |
2 | * |
f94b972d |
3 | * $Id$ |
b0ab12e6 |
4 | * |
5 | * Elliptic curve definitions |
6 | * |
7 | * (c) 2001 Straylight/Edgeware |
8 | */ |
9 | |
10 | /*----- Licensing notice --------------------------------------------------* |
11 | * |
12 | * This file is part of Catacomb. |
13 | * |
14 | * Catacomb is free software; you can redistribute it and/or modify |
15 | * it under the terms of the GNU Library General Public License as |
16 | * published by the Free Software Foundation; either version 2 of the |
17 | * License, or (at your option) any later version. |
18 | * |
19 | * Catacomb is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
22 | * GNU Library General Public License for more details. |
23 | * |
24 | * You should have received a copy of the GNU Library General Public |
25 | * License along with Catacomb; if not, write to the Free |
26 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
27 | * MA 02111-1307, USA. |
28 | */ |
29 | |
b0ab12e6 |
30 | #ifndef CATACOMB_EC_H |
31 | #define CATACOMB_EC_H |
32 | |
33 | #ifdef __cplusplus |
34 | extern "C" { |
35 | #endif |
36 | |
37 | /*----- Header files ------------------------------------------------------*/ |
38 | |
432c4e18 |
39 | #ifndef CATACOMB_FIELD_H |
40 | # include "field.h" |
41 | #endif |
42 | |
43 | #ifndef CATACOMB_MP_H |
44 | # include "mp.h" |
45 | #endif |
46 | |
47 | #ifndef CATACOMB_QDPARSE_H |
48 | # include "qdparse.h" |
49 | #endif |
b0ab12e6 |
50 | |
51 | /*----- Data structures ---------------------------------------------------*/ |
52 | |
b085fd91 |
53 | /* --- An elliptic curve representation --- */ |
54 | |
b0ab12e6 |
55 | typedef struct ec_curve { |
56 | const struct ec_ops *ops; /* Curve operations */ |
57 | field *f; /* Underlying field structure */ |
432c4e18 |
58 | mp *a, *b; /* Standard params (internal form) */ |
b0ab12e6 |
59 | } ec_curve; |
60 | |
b085fd91 |
61 | /* --- An elliptic curve point --- */ |
62 | |
b0ab12e6 |
63 | typedef struct ec { |
64 | mp *x, *y; /* Point coordinates */ |
65 | mp *z; /* Common denominator (or null) */ |
66 | } ec; |
67 | |
b085fd91 |
68 | /* --- A factor for simultaneous multiplication --- */ |
69 | |
70 | typedef struct ec_mulfactor { |
71 | ec base; /* The point */ |
41cb1beb |
72 | mp *exp; /* The exponent */ |
b085fd91 |
73 | } ec_mulfactor; |
74 | |
8823192f |
75 | /* --- Elliptic curve operations --- * |
76 | * |
77 | * All operations (apart from @destroy@ and @in@) are guaranteed to be |
391faf42 |
78 | * performed on internal representations of points. |
79 | * |
80 | * (Historical note. We used to guarantee that the second to @add@ and @mul@ |
81 | * was the output of @in@ or @fix@, but this canonification turned out to |
82 | * make the precomputation in @ec_exp@ too slow. Projective implementations |
83 | * must therefore cope with a pair of arbitrary points.) |
8823192f |
84 | */ |
b085fd91 |
85 | |
b0ab12e6 |
86 | typedef struct ec_ops { |
f94b972d |
87 | const char *name; |
b0ab12e6 |
88 | void (*destroy)(ec_curve */*c*/); |
34e4f738 |
89 | int (*samep)(ec_curve */*c*/, ec_curve */*d*/); |
41a324a7 |
90 | ec *(*in)(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
91 | ec *(*out)(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
8823192f |
92 | ec *(*fix)(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
41a324a7 |
93 | ec *(*find)(ec_curve */*c*/, ec */*d*/, mp */*x*/); |
b085fd91 |
94 | ec *(*neg)(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
41a324a7 |
95 | ec *(*add)(ec_curve */*c*/, ec */*d*/, const ec */*p*/, const ec */*q*/); |
b085fd91 |
96 | ec *(*sub)(ec_curve */*c*/, ec */*d*/, const ec */*p*/, const ec */*q*/); |
41a324a7 |
97 | ec *(*dbl)(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
8823192f |
98 | int (*check)(ec_curve */*c*/, const ec */*p*/); |
b0ab12e6 |
99 | } ec_ops; |
100 | |
f94b972d |
101 | #define EC_NAME(c) (c)->ops->name |
102 | |
34e4f738 |
103 | #define EC_SAMEP(c, d) (c)->ops->samep((c), (d)) |
41a324a7 |
104 | #define EC_IN(c, d, p) (c)->ops->in((c), (d), (p)) |
dbfee00a |
105 | #define EC_OUT(c, d, p) (c)->ops->out((c), (d), (p)) |
8823192f |
106 | #define EC_FIX(c, d, p) (c)->ops->fix((c), (d), (p)) |
41a324a7 |
107 | |
b0ab12e6 |
108 | #define EC_FIND(c, d, x) (c)->ops->find((c), (d), (x)) |
b085fd91 |
109 | #define EC_NEG(c, d, x) (c)->ops->neg((c), (d), (x)) |
b0ab12e6 |
110 | #define EC_ADD(c, d, p, q) (c)->ops->add((c), (d), (p), (q)) |
b085fd91 |
111 | #define EC_SUB(c, d, p, q) (c)->ops->sub((c), (d), (p), (q)) |
b0ab12e6 |
112 | #define EC_DBL(c, d, p) (c)->ops->dbl((c), (d), (p)) |
8823192f |
113 | #define EC_CHECK(c, p) (c)->ops->check((c), (p)) |
b0ab12e6 |
114 | |
432c4e18 |
115 | /* --- Elliptic curve parameters --- */ |
116 | |
117 | typedef struct ec_info { |
118 | ec_curve *c; /* The actual curve */ |
119 | ec g; /* The common point */ |
120 | mp *r; /* Order of %$g$% */ |
121 | mp *h; /* Cofactor %$h = \#E/r$% */ |
122 | } ec_info; |
123 | |
b0ab12e6 |
124 | /*----- Simple memory management things -----------------------------------*/ |
125 | |
126 | /* --- @ec_create@ --- * |
127 | * |
128 | * Arguments: @ec *p@ = pointer to an elliptic-curve point |
129 | * |
41a324a7 |
130 | * Returns: The argument @p@. |
b0ab12e6 |
131 | * |
132 | * Use: Initializes a new point. The initial value is the additive |
133 | * identity (which is universal for all curves). |
134 | */ |
135 | |
136 | #define EC_INIT { MP_NEW, MP_NEW, MP_NEW } |
137 | |
138 | #define EC_CREATE(p) do { \ |
139 | ec *_p = (p); \ |
140 | _p->x = _p->y = _p->z = MP_NEW; \ |
141 | } while (0) |
142 | |
41a324a7 |
143 | extern ec *ec_create(ec */*p*/); |
b0ab12e6 |
144 | |
145 | /* --- @ec_destroy@ --- * |
146 | * |
147 | * Arguments: @ec *p@ = pointer to an elliptic-curve point |
148 | * |
149 | * Returns: --- |
150 | * |
151 | * Use: Destroys a point, making it invalid. |
152 | */ |
153 | |
154 | #define EC_DESTROY(p) do { \ |
155 | ec *_p = (p); \ |
156 | if (!EC_ATINF(_p)) { \ |
157 | MP_DROP(_p->x); \ |
158 | MP_DROP(_p->y); \ |
159 | if (_p->z) MP_DROP(_p->z); \ |
160 | } \ |
161 | } while (0) |
162 | |
163 | extern void ec_destroy(ec */*p*/); |
164 | |
165 | /* --- @ec_atinf@ --- * |
166 | * |
167 | * Arguments: @const ec *p@ = pointer to a point |
168 | * |
169 | * Returns: Nonzero if %$p = O$% is the point at infinity, zero |
170 | * otherwise. |
171 | */ |
172 | |
173 | #define EC_ATINF(p) ((p)->x == MP_NEW || (p)->x == MP_NEWSEC) |
174 | |
175 | extern int ec_atinf(const ec */*p*/); |
176 | |
177 | /* --- @ec_setinf@ --- * |
178 | * |
179 | * Arguments: @ec *p@ = pointer to a point |
180 | * |
41a324a7 |
181 | * Returns: The argument @p@. |
b0ab12e6 |
182 | * |
183 | * Use: Sets the given point to be the point %$O$% at infinity. |
184 | */ |
185 | |
186 | #define EC_SETINF(p) do { \ |
187 | ec *_p = (p); \ |
188 | if (!EC_ATINF(_p)) { \ |
189 | MP_DROP(_p->x); \ |
190 | MP_DROP(_p->y); \ |
191 | if (_p->z) MP_DROP(_p->z); \ |
192 | _p->x = _p->y = _p->z = MP_NEW; \ |
193 | _p->y = MP_NEW; \ |
194 | _p->z = MP_NEW; \ |
195 | } \ |
196 | } while (0) |
197 | |
41a324a7 |
198 | extern ec *ec_setinf(ec */*p*/); |
b0ab12e6 |
199 | |
200 | /* --- @ec_copy@ --- * |
201 | * |
202 | * Arguments: @ec *d@ = pointer to destination point |
203 | * @const ec *p@ = pointer to source point |
204 | * |
41a324a7 |
205 | * Returns: The destination @d@. |
b0ab12e6 |
206 | * |
207 | * Use: Creates a copy of an elliptic curve point. |
208 | */ |
209 | |
210 | #define EC_COPY(d, p) do { \ |
211 | ec *_d = (d); \ |
212 | const ec *_p = (p); \ |
213 | if (d != p) { \ |
214 | EC_DESTROY(d); \ |
215 | if (EC_ATINF(p)) \ |
216 | _d->x = _d->y = _d->z = MP_NEW; \ |
217 | else { \ |
b085fd91 |
218 | _d->x = MP_COPY(_p->x); \ |
219 | _d->y = MP_COPY(_p->y); \ |
220 | _d->z = _p->z ? MP_COPY(_p->z) : MP_NEW; \ |
b0ab12e6 |
221 | } \ |
222 | } \ |
223 | } while (0) |
224 | |
41a324a7 |
225 | extern ec *ec_copy(ec */*d*/, const ec */*p*/); |
b0ab12e6 |
226 | |
bc985cef |
227 | /* --- @ec_eq@ --- * |
228 | * |
229 | * Arguments: @const ec *p, *q@ = two points |
230 | * |
231 | * Returns: Nonzero if the points are equal. Compares external-format |
232 | * points. |
233 | */ |
234 | |
235 | #define EC_EQ(p, q) \ |
236 | ((EC_ATINF(p) && EC_ATINF(q)) || \ |
237 | (!EC_ATINF(p) && !EC_ATINF(q) && \ |
238 | MP_EQ((p)->x, (q)->x) && \ |
239 | MP_EQ((p)->y, (q)->y))) |
240 | |
241 | extern int ec_eq(const ec *p, const ec *q); |
242 | |
b0ab12e6 |
243 | /*----- Interesting arithmetic --------------------------------------------*/ |
244 | |
34e4f738 |
245 | /* --- @ec_samep@ --- * |
246 | * |
247 | * Arguments: @ec_curve *c, *d@ = two elliptic curves |
248 | * |
249 | * Returns: Nonzero if the curves are identical (not just isomorphic). |
250 | * |
251 | * Use: Checks for sameness of curves. This function does the full |
252 | * check, not just the curve-type-specific check done by the |
253 | * @sampep@ field operation. |
254 | */ |
255 | |
256 | extern int ec_samep(ec_curve */*c*/, ec_curve */*d*/); |
257 | |
b0ab12e6 |
258 | /* --- @ec_find@ --- * |
259 | * |
260 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
261 | * @ec *d@ = pointer to the destination point |
262 | * @mp *x@ = a possible x-coordinate |
263 | * |
b085fd91 |
264 | * Returns: The destination if OK, or null if no point was found. |
b0ab12e6 |
265 | * |
b085fd91 |
266 | * Use: Finds a point on an elliptic curve with a given |
267 | * x-coordinate. If there is no point with the given |
268 | * %$x$%-coordinate, a null pointer is returned and the |
269 | * destination is left invalid. |
b0ab12e6 |
270 | */ |
271 | |
b085fd91 |
272 | extern ec *ec_find(ec_curve */*c*/, ec */*d*/, mp */*x*/); |
273 | |
bc985cef |
274 | /* --- @ec_rand@ --- * |
275 | * |
276 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
277 | * @ec *d@ = pointer to the destination point |
278 | * @grand *r@ = random number source |
279 | * |
280 | * Returns: The destination @d@. |
281 | * |
282 | * Use: Finds a random point on the given curve. |
283 | */ |
284 | |
285 | extern ec *ec_rand(ec_curve */*c*/, ec */*d*/, grand */*r*/); |
286 | |
b085fd91 |
287 | /* --- @ec_neg@ --- * |
288 | * |
289 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
290 | * @ec *d@ = pointer to the destination point |
291 | * @const ec *p@ = pointer to the operand point |
292 | * |
293 | * Returns: The destination point. |
294 | * |
295 | * Use: Computes the negation of the given point. |
296 | */ |
297 | |
298 | extern ec *ec_neg(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
b0ab12e6 |
299 | |
300 | /* --- @ec_add@ --- * |
301 | * |
302 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
303 | * @ec *d@ = pointer to the destination point |
304 | * @const ec *p, *q@ = pointers to the operand points |
305 | * |
41a324a7 |
306 | * Returns: The destination @d@. |
b0ab12e6 |
307 | * |
308 | * Use: Adds two points on an elliptic curve. |
309 | */ |
310 | |
41a324a7 |
311 | extern ec *ec_add(ec_curve */*c*/, ec */*d*/, |
312 | const ec */*p*/, const ec */*q*/); |
b0ab12e6 |
313 | |
b085fd91 |
314 | /* --- @ec_sub@ --- * |
315 | * |
316 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
317 | * @ec *d@ = pointer to the destination point |
318 | * @const ec *p, *q@ = pointers to the operand points |
319 | * |
320 | * Returns: The destination @d@. |
321 | * |
322 | * Use: Subtracts one point from another on an elliptic curve. |
323 | */ |
324 | |
325 | extern ec *ec_sub(ec_curve */*c*/, ec */*d*/, |
326 | const ec */*p*/, const ec */*q*/); |
327 | |
b0ab12e6 |
328 | /* --- @ec_dbl@ --- * |
329 | * |
330 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
331 | * @ec *d@ = pointer to the destination point |
332 | * @const ec *p@ = pointer to the operand point |
333 | * |
41a324a7 |
334 | * Returns: The destination @d@. |
b0ab12e6 |
335 | * |
336 | * Use: Doubles a point on an elliptic curve. |
337 | */ |
338 | |
41a324a7 |
339 | extern ec *ec_dbl(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
b0ab12e6 |
340 | |
8823192f |
341 | /* --- @ec_check@ --- * |
342 | * |
343 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
344 | * @const ec *p@ = pointer to the point |
345 | * |
346 | * Returns: Zero if OK, nonzero if this is an invalid point. |
347 | * |
348 | * Use: Checks that a point is actually on an elliptic curve. |
349 | */ |
350 | |
351 | extern int ec_check(ec_curve */*c*/, const ec */*p*/); |
352 | |
b085fd91 |
353 | /* --- @ec_mul@, @ec_imul@ --- * |
b0ab12e6 |
354 | * |
355 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
356 | * @ec *d@ = pointer to the destination point |
357 | * @const ec *p@ = pointer to the generator point |
358 | * @mp *n@ = integer multiplier |
359 | * |
41a324a7 |
360 | * Returns: The destination @d@. |
b0ab12e6 |
361 | * |
b085fd91 |
362 | * Use: Multiplies a point by a scalar, returning %$n p$%. The |
363 | * @imul@ variant uses internal representations for argument |
364 | * and result. |
b0ab12e6 |
365 | */ |
366 | |
41a324a7 |
367 | extern ec *ec_mul(ec_curve */*c*/, ec */*d*/, const ec */*p*/, mp */*n*/); |
b085fd91 |
368 | extern ec *ec_imul(ec_curve */*c*/, ec */*d*/, const ec */*p*/, mp */*n*/); |
369 | |
370 | /* --- @ec_mmul@, @ec_immul@ --- * |
371 | * |
372 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
373 | * @ec *d@ = pointer to the destination point |
374 | * @const ec_mulfactor *f@ = pointer to vector of factors |
375 | * @size_t n@ = number of factors |
376 | * |
377 | * Returns: The destination @d@. |
378 | * |
379 | * Use: Does simultaneous point multiplication. The @immul@ variant |
380 | * uses internal representations for arguments and result. |
381 | */ |
382 | |
383 | extern ec *ec_mmul(ec_curve */*c*/, ec */*d*/, |
384 | const ec_mulfactor */*f*/, size_t /*n*/); |
385 | extern ec *ec_immul(ec_curve */*c*/, ec */*d*/, |
386 | const ec_mulfactor */*f*/, size_t /*n*/); |
41a324a7 |
387 | |
388 | /*----- Standard curve operations -----------------------------------------*/ |
389 | |
34e4f738 |
390 | /* --- @ec_stdsamep@ --- * |
391 | * |
392 | * Arguments: @ec_curve *c, *d@ = two elliptic curves |
393 | * |
394 | * Returns: Nonzero if the curves are identical (not just isomorphic). |
395 | * |
396 | * Use: Simple sameness check on @a@ and @b@ curve members. |
397 | */ |
398 | |
399 | extern int ec_stdsamep(ec_curve */*c*/, ec_curve */*d*/); |
400 | |
8823192f |
401 | /* --- @ec_idin@, @ec_idout@, @ec_idfix@ --- * |
41a324a7 |
402 | * |
403 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
404 | * @ec *d@ = pointer to the destination |
405 | * @const ec *p@ = pointer to a source point |
406 | * |
407 | * Returns: The destination @d@. |
408 | * |
409 | * Use: An identity operation if your curve has no internal |
410 | * representation. (The field internal representation is still |
411 | * used.) |
412 | */ |
413 | |
414 | extern ec *ec_idin(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
415 | extern ec *ec_idout(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
8823192f |
416 | extern ec *ec_idfix(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
41a324a7 |
417 | |
8823192f |
418 | /* --- @ec_projin@, @ec_projout@, @ec_projfix@ --- * |
41a324a7 |
419 | * |
420 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
421 | * @ec *d@ = pointer to the destination |
422 | * @const ec *p@ = pointer to a source point |
423 | * |
424 | * Returns: The destination @d@. |
425 | * |
426 | * Use: Conversion functions if your curve operations use a |
427 | * projective representation. |
428 | */ |
429 | |
430 | extern ec *ec_projin(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
431 | extern ec *ec_projout(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
8823192f |
432 | extern ec *ec_projfix(ec_curve */*c*/, ec */*d*/, const ec */*p*/); |
b0ab12e6 |
433 | |
b085fd91 |
434 | /* --- @ec_stdsub@ --- * |
435 | * |
436 | * Arguments: @ec_curve *c@ = pointer to an elliptic curve |
437 | * @ec *d@ = pointer to the destination |
41cb1beb |
438 | * @const ec *p, *q@ = the operand points |
b085fd91 |
439 | * |
440 | * Returns: The destination @d@. |
441 | * |
442 | * Use: Standard point subtraction operation, in terms of negation |
443 | * and addition. This isn't as efficient as a ready-made |
444 | * subtraction operator. |
445 | */ |
446 | |
41cb1beb |
447 | extern ec *ec_stdsub(ec_curve */*c*/, ec */*d*/, |
448 | const ec */*p*/, const ec */*q*/); |
b085fd91 |
449 | |
b0ab12e6 |
450 | /*----- Creating curves ---------------------------------------------------*/ |
451 | |
b085fd91 |
452 | /* --- @ec_destroycurve@ --- * |
453 | * |
454 | * Arguments: @ec_curve *c@ = pointer to an ellptic curve |
455 | * |
456 | * Returns: --- |
457 | * |
458 | * Use: Destroys a description of an elliptic curve. |
459 | */ |
460 | |
461 | extern void ec_destroycurve(ec_curve */*c*/); |
462 | |
463 | /* --- @ec_prime@, @ec_primeproj@ --- * |
b0ab12e6 |
464 | * |
dbfee00a |
465 | * Arguments: @field *f@ = the underlying field for this elliptic curve |
b0ab12e6 |
466 | * @mp *a, *b@ = the coefficients for this curve |
467 | * |
02d7884d |
468 | * Returns: A pointer to the curve, or null. |
b0ab12e6 |
469 | * |
470 | * Use: Creates a curve structure for an elliptic curve defined over |
b085fd91 |
471 | * a prime field. The @primeproj@ variant uses projective |
472 | * coordinates, which can be a win. |
b0ab12e6 |
473 | */ |
474 | |
475 | extern ec_curve *ec_prime(field */*f*/, mp */*a*/, mp */*b*/); |
b085fd91 |
476 | extern ec_curve *ec_primeproj(field */*f*/, mp */*a*/, mp */*b*/); |
b0ab12e6 |
477 | |
ceb3f0c0 |
478 | /* --- @ec_bin@, @ec_binproj@ --- * |
b0ab12e6 |
479 | * |
480 | * Arguments: @field *f@ = the underlying field for this elliptic curve |
481 | * @mp *a, *b@ = the coefficients for this curve |
482 | * |
02d7884d |
483 | * Returns: A pointer to the curve, or null. |
b0ab12e6 |
484 | * |
ceb3f0c0 |
485 | * Use: Creates a curve structure for an elliptic curve defined over |
486 | * a binary field. The @binproj@ variant uses projective |
487 | * coordinates, which can be a win. |
b0ab12e6 |
488 | */ |
489 | |
490 | extern ec_curve *ec_bin(field */*f*/, mp */*a*/, mp */*b*/); |
ceb3f0c0 |
491 | extern ec_curve *ec_binproj(field */*f*/, mp */*a*/, mp */*b*/); |
b0ab12e6 |
492 | |
432c4e18 |
493 | /*----- Curve parameter sets ----------------------------------------------*/ |
494 | |
495 | /* --- @ec_curveparse@ --- * |
496 | * |
497 | * Arguments: @qd_parse *qd@ = parser context |
498 | * |
499 | * Returns: Elliptic curve pointer if OK, or null. |
500 | * |
501 | * Use: Parses an elliptic curve description, which has the form |
502 | * |
503 | * * a field description |
504 | * * an optional `/' |
505 | * * `prime', `primeproj', `bin', or `binproj' |
506 | * * an optional `:' |
507 | * * the %$a$% parameter |
508 | * * an optional `,' |
509 | * * the %$b$% parameter |
510 | */ |
511 | |
512 | extern ec_curve *ec_curveparse(qd_parse */*qd*/); |
513 | |
514 | /* --- @ec_ptparse@ --- * |
515 | * |
516 | * Arguments: @qd_parse *qd@ = parser context |
517 | * @ec *p@ = where to put the point |
518 | * |
519 | * Returns: The point address, or null. |
520 | * |
521 | * Use: Parses an elliptic curve point. This has the form |
522 | * |
523 | * * %$x$%-coordinate |
524 | * * optional `,' |
525 | * * %$y$%-coordinate |
526 | */ |
527 | |
528 | extern ec *ec_ptparse(qd_parse */*qd*/, ec */*p*/); |
529 | |
530 | /* --- @ec_infoparse@ --- * |
531 | * |
532 | * Arguments: @qd_parse *qd@ = parser context |
533 | * @ec_info *ei@ = curve information block, currently |
534 | * uninitialized |
535 | * |
536 | * Returns: Zero on success, nonzero on failure. |
537 | * |
538 | * Use: Parses an elliptic curve information string, and stores the |
539 | * information in @ei@. This has the form |
540 | * |
541 | * * elliptic curve description |
542 | * * optional `/' |
543 | * * common point |
544 | * * optional `:' |
545 | * * group order |
546 | * * optional `*' |
547 | * * cofactor |
548 | */ |
549 | |
550 | extern int ec_infoparse(qd_parse */*qd*/, ec_info */*ei*/); |
551 | |
7b6d64f1 |
552 | /* --- @ec_infofromdata@ --- * |
553 | * |
554 | * Arguments: @ec_info *ei@ = where to write the information |
555 | * @ecdata *ed@ = raw data |
556 | * |
557 | * Returns: --- |
558 | * |
559 | * Use: Loads elliptic curve information about one of the standard |
560 | * curves. |
561 | */ |
562 | |
563 | struct ecdata; |
564 | extern void ec_infofromdata(ec_info */*ei*/, struct ecdata */*ed*/); |
565 | |
432c4e18 |
566 | /* --- @ec_getinfo@ --- * |
567 | * |
568 | * Arguments: @ec_info *ei@ = where to write the information |
569 | * @const char *p@ = string describing a curve |
570 | * |
571 | * Returns: Null on success, or a pointer to an error message. |
572 | * |
573 | * Use: Parses out information about a curve. The string is either a |
574 | * standard curve name, or a curve info string. |
575 | */ |
576 | |
577 | extern const char *ec_getinfo(ec_info */*ei*/, const char */*p*/); |
578 | |
34e4f738 |
579 | /* --- @ec_sameinfop@ --- * |
580 | * |
581 | * Arguments: @ec_info *ei, *ej@ = two elliptic curve parameter sets |
582 | * |
583 | * Returns: Nonzero if the curves are identical (not just isomorphic). |
584 | * |
585 | * Use: Checks for sameness of curve parameters. |
586 | */ |
587 | |
588 | extern int ec_sameinfop(ec_info */*ei*/, ec_info */*ej*/); |
589 | |
432c4e18 |
590 | /* --- @ec_freeinfo@ --- * |
591 | * |
592 | * Arguments: @ec_info *ei@ = elliptic curve information block to free |
593 | * |
594 | * Returns: --- |
595 | * |
596 | * Use: Frees the information block. |
597 | */ |
598 | |
599 | extern void ec_freeinfo(ec_info */*ei*/); |
600 | |
601 | /* --- @ec_checkinfo@ --- * |
602 | * |
603 | * Arguments: @const ec_info *ei@ = elliptic curve information block |
604 | * |
605 | * Returns: Null if OK, or pointer to error message. |
606 | * |
607 | * Use: Checks an elliptic curve according to the rules in SEC1. |
608 | */ |
609 | |
610 | extern const char *ec_checkinfo(const ec_info */*ei*/, grand */*gr*/); |
611 | |
b0ab12e6 |
612 | /*----- That's all, folks -------------------------------------------------*/ |
613 | |
614 | #ifdef __cplusplus |
615 | } |
616 | #endif |
617 | |
618 | #endif |