preisacm
/
masterthesis-ecdaa-network-wrapper
1
0
Fork 0
Code Issues Releases Wiki Activity
Network wrapper protocol as part of the practical master thesis
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 Commits
1 Branch
0 Tags
422 KiB
 
 
Tree: c900e824f1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c900e824f1'
${ noResults }
masterthesis-ecdaa-network-.../amcl-extensions/ecp2_FP256BN.c

113 lines
3.4 KiB
Raw Blame History

/******************************************************************************
*
* Copyright 2017 Xaptum, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
*
*****************************************************************************/
#include "./ecp2_FP256BN.h"
size_t ecp2_FP256BN_length(void)
{
return ECP2_FP256BN_LENGTH;
}
void ecp2_FP256BN_set_to_generator(ECP2_FP256BN *point)
{
BIG_256_56 xa, xb, ya, yb;
FP2_FP256BN x, y;
BIG_256_56_rcopy(xa, CURVE_Pxa_FP256BN);
BIG_256_56_rcopy(xb, CURVE_Pxb_FP256BN);
BIG_256_56_rcopy(ya, CURVE_Pya_FP256BN);
BIG_256_56_rcopy(yb, CURVE_Pyb_FP256BN);
FP2_FP256BN_from_BIGs(&x, xa, xb);
FP2_FP256BN_from_BIGs(&y, ya, yb);
ECP2_FP256BN_set(point, &x, &y);
}
void ecp2_FP256BN_serialize(uint8_t *buffer_out,
ECP2_FP256BN *point)
{
buffer_out[0] = 0x04;
octet as_oct = {.len = 0,
.max = ECP2_FP256BN_LENGTH,
.val = (char*)buffer_out + 1};
ECP2_FP256BN_toOctet(&as_oct, point);
}
int ecp2_FP256BN_deserialize(ECP2_FP256BN *point_out,
uint8_t *buffer)
{
// 1) Check that serialized point was properly formatted.
if (0x4 != buffer[0])
return -2;
// 2) Get the xa, xb, ya, yb coordinates.
BIG_256_56 xa, xb, ya, yb;
BIG_256_56_fromBytes(xa, (char*)&(buffer[1]));
BIG_256_56_fromBytes(xb, (char*)&(buffer[MODBYTES_256_56+1]));
BIG_256_56_fromBytes(ya, (char*)&(buffer[2*MODBYTES_256_56+1]));
BIG_256_56_fromBytes(yb, (char*)&(buffer[3*MODBYTES_256_56+1]));
// 3) Check the coordinates are valid Fp points
// (i.e. that they are less-than modulus)
// (step 2 in X9.62 Sec 5.2.2)
BIG_256_56 q;
BIG_256_56_rcopy(q, Modulus_FP256BN);
if (1 == BIG_256_56_comp(xa, q))
return -1;
if (1 == BIG_256_56_comp(xb, q))
return -1;
if (1 == BIG_256_56_comp(ya, q))
return -1;
if (1 == BIG_256_56_comp(yb, q))
return -1;
// 4) Check that point is on curve (ECP2_FP256BN_set does this implicitly).
// (step 3 in X9.62 Sec 5.2.2)
FP2_FP256BN wx, wy;
FP_FP256BN_nres(&(wx.a), xa);
FP_FP256BN_nres(&(wx.b), xb);
FP_FP256BN_nres(&(wy.a), ya);
FP_FP256BN_nres(&(wy.b), yb);
if (!ECP2_FP256BN_set(point_out, &wx, &wy))
return -1;
// 5) Check that point is not the identity.
// (step 1 in X9.62 Sec 5.2.2)
if (ECP2_FP256BN_isinf(point_out)) {
return -1;
}
// 6) Check that point is in the proper subgroup
// (step 4 in X9.62 Sec 5.2.2)
// (check order*point == inf).
ECP2_FP256BN point_copy;
ECP2_FP256BN_copy(&point_copy, point_out);
BIG_256_56 curve_order;
BIG_256_56_rcopy(curve_order, CURVE_Order_FP256BN);
ECP2_FP256BN_mul(&point_copy, curve_order);
if (!ECP2_FP256BN_isinf(&point_copy)) {
return -1;
}
return 0;
}