1*f0865ec9SKyle Evans /* 2*f0865ec9SKyle Evans * Copyright (C) 2017 - This file is part of libecc project 3*f0865ec9SKyle Evans * 4*f0865ec9SKyle Evans * Authors: 5*f0865ec9SKyle Evans * Ryad BENADJILA <ryadbenadjila@gmail.com> 6*f0865ec9SKyle Evans * Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr> 7*f0865ec9SKyle Evans * Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr> 8*f0865ec9SKyle Evans * 9*f0865ec9SKyle Evans * Contributors: 10*f0865ec9SKyle Evans * Nicolas VIVET <nicolas.vivet@ssi.gouv.fr> 11*f0865ec9SKyle Evans * Karim KHALFALLAH <karim.khalfallah@ssi.gouv.fr> 12*f0865ec9SKyle Evans * 13*f0865ec9SKyle Evans * This software is licensed under a dual BSD and GPL v2 license. 14*f0865ec9SKyle Evans * See LICENSE file at the root folder of the project. 15*f0865ec9SKyle Evans */ 16*f0865ec9SKyle Evans #include <libecc/curves/ec_edwards.h> 17*f0865ec9SKyle Evans 18*f0865ec9SKyle Evans #define EC_EDWARDS_CRV_MAGIC ((word_t)(0x9c7349a1837c6794ULL)) 19*f0865ec9SKyle Evans 20*f0865ec9SKyle Evans /* 21*f0865ec9SKyle Evans * Check pointed Edwards curve structure has already been 22*f0865ec9SKyle Evans * initialized. 23*f0865ec9SKyle Evans * 24*f0865ec9SKyle Evans * Returns 0 on success, -1 on error. 25*f0865ec9SKyle Evans */ 26*f0865ec9SKyle Evans int ec_edwards_crv_check_initialized(ec_edwards_crv_src_t crv) 27*f0865ec9SKyle Evans { 28*f0865ec9SKyle Evans int ret; 29*f0865ec9SKyle Evans 30*f0865ec9SKyle Evans MUST_HAVE((crv != NULL) && (crv->magic == EC_EDWARDS_CRV_MAGIC), ret, err); 31*f0865ec9SKyle Evans ret = 0; 32*f0865ec9SKyle Evans 33*f0865ec9SKyle Evans err: 34*f0865ec9SKyle Evans return ret; 35*f0865ec9SKyle Evans } 36*f0865ec9SKyle Evans 37*f0865ec9SKyle Evans /* 38*f0865ec9SKyle Evans * Initialize pointed Edwards curve structure using given a and d 39*f0865ec9SKyle Evans * Fp elements representing curve equation (a x^2 + y^2 = 1 + d x^2 y^2) parameters. 40*f0865ec9SKyle Evans * 41*f0865ec9SKyle Evans * Returns 0 on success, -1 on error. 42*f0865ec9SKyle Evans */ 43*f0865ec9SKyle Evans int ec_edwards_crv_init(ec_edwards_crv_t crv, fp_src_t a, fp_src_t d, nn_src_t order) 44*f0865ec9SKyle Evans { 45*f0865ec9SKyle Evans int ret, iszero, cmp; 46*f0865ec9SKyle Evans 47*f0865ec9SKyle Evans ret = nn_check_initialized(order); EG(ret, err); 48*f0865ec9SKyle Evans ret = fp_check_initialized(a); EG(ret, err); 49*f0865ec9SKyle Evans ret = fp_check_initialized(d); EG(ret, err); 50*f0865ec9SKyle Evans MUST_HAVE((a->ctx == d->ctx), ret, err); 51*f0865ec9SKyle Evans MUST_HAVE((crv != NULL), ret, err); 52*f0865ec9SKyle Evans 53*f0865ec9SKyle Evans /* a and d in Fp, must be distinct and non zero */ 54*f0865ec9SKyle Evans MUST_HAVE((!fp_iszero(a, &iszero)) && (!iszero), ret, err); 55*f0865ec9SKyle Evans MUST_HAVE((!fp_iszero(d, &iszero)) && (!iszero), ret, err); 56*f0865ec9SKyle Evans MUST_HAVE((!fp_cmp(a, d, &cmp)) && cmp, ret, err); 57*f0865ec9SKyle Evans 58*f0865ec9SKyle Evans ret = fp_init(&(crv->a), a->ctx); EG(ret, err); 59*f0865ec9SKyle Evans ret = fp_init(&(crv->d), d->ctx); EG(ret, err); 60*f0865ec9SKyle Evans ret = fp_copy(&(crv->a), a); EG(ret, err); 61*f0865ec9SKyle Evans ret = fp_copy(&(crv->d), d); EG(ret, err); 62*f0865ec9SKyle Evans ret = nn_copy(&(crv->order), order); EG(ret, err); 63*f0865ec9SKyle Evans 64*f0865ec9SKyle Evans crv->magic = EC_EDWARDS_CRV_MAGIC; 65*f0865ec9SKyle Evans 66*f0865ec9SKyle Evans err: 67*f0865ec9SKyle Evans return ret; 68*f0865ec9SKyle Evans } 69*f0865ec9SKyle Evans 70*f0865ec9SKyle Evans 71*f0865ec9SKyle Evans /* Uninitialize curve */ 72*f0865ec9SKyle Evans void ec_edwards_crv_uninit(ec_edwards_crv_t crv) 73*f0865ec9SKyle Evans { 74*f0865ec9SKyle Evans if ((crv != NULL) && (crv->magic == EC_EDWARDS_CRV_MAGIC)) { 75*f0865ec9SKyle Evans crv->magic = WORD(0); 76*f0865ec9SKyle Evans } 77*f0865ec9SKyle Evans 78*f0865ec9SKyle Evans return; 79*f0865ec9SKyle Evans } 80