~moody/libdp9ik

libdp9ik/edwards.go -rw-r--r-- 2.4 KiB
4efa26b9 — Jacob Moody Progress made towards authpak_new and authpak_finish 9 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package libdp9ik

import "math/big"

func mpsel(c int, b1 *big.Int, b2 *big.Int, r *big.Int) {
	if c != 0 {
		r.Set(b1)
	} else {
		r.Set(b2)
	}
}

func edwards_sel(s *big.Int, X1 *big.Int, Y1 *big.Int, Z1 *big.Int, T1 *big.Int, X2 *big.Int, Y2 *big.Int, Z2 *big.Int, T2 *big.Int, X3 *big.Int, Y3 *big.Int, Z3 *big.Int, T3 *big.Int) {
	c := s.Cmp(big.NewInt(0))
	mpsel(c, X1, X2, X3)
	mpsel(c, Y1, Y2, Y3)
	mpsel(c, Z1, Z2, Z3)
	mpsel(c, T1, T2, T3)
}

func edwards_new(x *big.Int, y *big.Int, z *big.Int, t *big.Int, X *big.Int, Y *big.Int, Z *big.Int, T *big.Int) {
	X.Set(x)
	Y.Set(y)
	Z.Set(z)
	T.Set(t)
}

func edwards_add(p *big.Int, a *big.Int, d *big.Int, X1 *big.Int, Y1 *big.Int, Z1 *big.Int, T1 *big.Int, X2 *big.Int, Y2 *big.Int, Z2 *big.Int, T2 *big.Int, X3 *big.Int, Y3 *big.Int, Z3 *big.Int, T3 *big.Int) {
	H := big.NewInt(0)
	G := big.NewInt(0)
	F := big.NewInt(0)
	E := big.NewInt(0)
	D := big.NewInt(0)
	C := big.NewInt(0)
	B := big.NewInt(0)
	A := big.NewInt(0)
	modmul(X1, X2, p, A)
	modmul(Y1, Y2, p, B)
	tmp1 := big.NewInt(0)
	modmul(d, T1, p, tmp1)
	modmul(tmp1, T2, p, C)
	modmul(Z1, Z2, p, D)
	tmp1.SetInt64(1)
	modadd(X1, Y1, p, tmp1)
	tmp2 := big.NewInt(0)
	modadd(X2, Y2, p, tmp2)
	modsub(E, A, p, E)
	modsub(E, B, p, E)
	modsub(D, C, p, F)
	modadd(D, C, p, G)
	modmul(a, A, p, H)
	modsub(B, H, p, H)
	modmul(E, F, p, X3)
	modmul(G, H, p, Y3)
	modmul(F, G, p, Z3)
	modmul(E, H, p, T3)
}

func edwards_scale(p *big.Int, a *big.Int, d *big.Int, s *big.Int, X1 *big.Int, Y1 *big.Int, Z1 *big.Int, T1 *big.Int, X3 *big.Int, Y3 *big.Int, Z3 *big.Int, T3 *big.Int) {
	j := big.NewInt(0)
	k := big.NewInt(0)
	T4 := big.NewInt(0)
	Z4 := big.NewInt(0)
	Y4 := big.NewInt(0)
	X4 := big.NewInt(0)
	T2 := big.NewInt(0)
	Z2 := big.NewInt(0)
	Y2 := big.NewInt(0)
	X2 := big.NewInt(0)
	edwards_new(X1, Y1, Z1, T1, X2, Y2, Z2, T2)
	edwards_new(big.NewInt(0), big.NewInt(1), big.NewInt(1), big.NewInt(0), X4, Y4, Z4, T4)
	tmp1 := big.NewInt(0)
	tmp1.Mod(s, big.NewInt(2))
	edwards_sel(tmp1, X2, Y2, Z2, T2, X4, Y4, Z4, T4, X3, Y3, Z3, T3)
	k.Rsh(s, 1)
	j.Rsh(p, 1)
	for {
		if j.Cmp(big.NewInt(0)) != 0 {
			edwards_add(p, a, d, X2, Y2, Z2, T2, X2, Y2, Z2, T2, X2, Y2, Z2, T2)
			edwards_add(p, a, d, X2, Y2, Z2, T2, X3, Y3, Z3, T3, X4, Y4, Z4, T4)
			tmp2 := big.NewInt(0)
			tmp2.Mod(k, big.NewInt(2))
			edwards_sel(tmp2, X4, Y4, Z4, T4, X3, Y3, Z3, T3, X3, Y3, Z3, T3)
			k.Rsh(k, 1)
			j.Rsh(j, 1)
		} else {
			break
		}
	}
}