4272N/A * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. 4272N/A * Use is subject to license terms. 4272N/A * This library is free software; you can redistribute it and/or 4272N/A * modify it under the terms of the GNU Lesser General Public 4272N/A * License as published by the Free Software Foundation; either 4272N/A * version 2.1 of the License, or (at your option) any later version. 4272N/A * This library is distributed in the hope that it will be useful, 4272N/A * but WITHOUT ANY WARRANTY; without even the implied warranty of 4272N/A * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 4272N/A * Lesser General Public License for more details. 4272N/A * You should have received a copy of the GNU Lesser General Public License 4272N/A * along with this library; if not, write to the Free Software Foundation, 4272N/A * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 4272N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 4272N/A/* ********************************************************************* 1674N/A * The Original Code is the elliptic curve math library for binary polynomial field curves. 1674N/A * The Initial Developer of the Original Code is 1674N/A * Portions created by the Initial Developer are Copyright (C) 2003 1674N/A * the Initial Developer. All Rights Reserved. 1674N/A * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories 1674N/A *********************************************************************** */ 1674N/A/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */ 1674N/A/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */ 1674N/A/* Computes R = P + Q based on IEEE P1363 A.10.2. Elliptic curve points P, 1674N/A * Q, and R can all be identical. Uses affine coordinates. */ 1674N/A /* if P = inf, then R = Q */ 1674N/A /* if Q = inf, then R = P */ 1674N/A /* if px != qx, then lambda = (py+qy) / (px+qx), tempx = a + lambda^2 1674N/A /* if py != qy or qx = 0, then R = inf */ 1674N/A /* lambda = qx + qy / qx */ 1674N/A /* tempx = a + lambda^2 + lambda */ 1674N/A /* ry = (qx + tempx) * lambda + tempx + qy */ 1674N/A/* Computes R = P - Q. Elliptic curve points P, Q, and R can all be 1674N/A * identical. Uses affine coordinates. */ 1674N/A/* Computes R = 2P. Elliptic curve points P and R can be identical. Uses 1674N/A/* by default, this routine is unused and thus doesn't need to be compiled */ 1674N/A/* Computes R = nP based on IEEE P1363 A.10.3. Elliptic curve points P and 1674N/A * R can be identical. Uses affine coordinates. */ 1674N/A /* if n = 0 then r = inf */ 1674N/A /* if n < 0 then Q = -Q, k = -k */ 1674N/A for (i = l -
1; i >= 0; i--) {
1674N/A /* if k_i = 1, then S = S + Q */ 1674N/A /* l = index of high order bit in binary representation of 3*k */ 1674N/A for (i = l -
1; i >=
1; i--) {
1674N/A /* if k3_i = 1 and k_i = 0, then S = S + Q */ 1674N/A /* if k3_i = 0 and k_i = 1, then S = S - Q */ 1674N/A/* Validates a point on a GF2m curve. */ 1674N/A /* 1: Verify that publicValue is not the point at infinity */ 1674N/A /* 2: Verify that the coordinates of publicValue are elements 1674N/A /* 3: Verify that publicValue is on the curve. */ 1674N/A /* left-hand side: y^2 + x*y */ 1674N/A /* right-hand side: x^3 + a*x^2 + b */ 1674N/A /* 4: Verify that the order of the curve times the publicValue 1674N/A * is the point at infinity.