|
@@ -28,15 +28,6 @@ type ProjectivePoint struct { |
|
|
Z ExtensionFieldElement |
|
|
Z ExtensionFieldElement |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// A point on the projective line P^1(F_p). |
|
|
|
|
|
// |
|
|
|
|
|
// This represents a point on the (Kummer line) of the prime-field subgroup of |
|
|
|
|
|
// the base curve E_0(F_p), defined by E_0 : y^2 = x^3 + x. |
|
|
|
|
|
type ProjectivePrimeFieldPoint struct { |
|
|
|
|
|
X PrimeFieldElement |
|
|
|
|
|
Z PrimeFieldElement |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func (params *ProjectiveCurveParameters) FromAffine(a *ExtensionFieldElement) { |
|
|
func (params *ProjectiveCurveParameters) FromAffine(a *ExtensionFieldElement) { |
|
|
params.A = *a |
|
|
params.A = *a |
|
|
params.C.One() |
|
|
params.C.One() |
|
@@ -169,23 +160,12 @@ func (point *ProjectivePoint) FromAffine(x *ExtensionFieldElement) { |
|
|
point.Z = oneExtensionField |
|
|
point.Z = oneExtensionField |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func (point *ProjectivePrimeFieldPoint) FromAffine(x *PrimeFieldElement) { |
|
|
|
|
|
point.X = *x |
|
|
|
|
|
point.Z = onePrimeField |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func (point *ProjectivePoint) ToAffine() *ExtensionFieldElement { |
|
|
func (point *ProjectivePoint) ToAffine() *ExtensionFieldElement { |
|
|
affine_x := new(ExtensionFieldElement) |
|
|
affine_x := new(ExtensionFieldElement) |
|
|
affine_x.Inv(&point.Z).Mul(affine_x, &point.X) |
|
|
affine_x.Inv(&point.Z).Mul(affine_x, &point.X) |
|
|
return affine_x |
|
|
return affine_x |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func (point *ProjectivePrimeFieldPoint) ToAffine() *PrimeFieldElement { |
|
|
|
|
|
affine_x := new(PrimeFieldElement) |
|
|
|
|
|
affine_x.Inv(&point.Z).Mul(affine_x, &point.X) |
|
|
|
|
|
return affine_x |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func (lhs *ProjectivePoint) VartimeEq(rhs *ProjectivePoint) bool { |
|
|
func (lhs *ProjectivePoint) VartimeEq(rhs *ProjectivePoint) bool { |
|
|
var t0, t1 ExtensionFieldElement |
|
|
var t0, t1 ExtensionFieldElement |
|
|
t0.Mul(&lhs.X, &rhs.Z) |
|
|
t0.Mul(&lhs.X, &rhs.Z) |
|
@@ -193,23 +173,11 @@ func (lhs *ProjectivePoint) VartimeEq(rhs *ProjectivePoint) bool { |
|
|
return t0.VartimeEq(&t1) |
|
|
return t0.VartimeEq(&t1) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func (lhs *ProjectivePrimeFieldPoint) VartimeEq(rhs *ProjectivePrimeFieldPoint) bool { |
|
|
|
|
|
var t0, t1 PrimeFieldElement |
|
|
|
|
|
t0.Mul(&lhs.X, &rhs.Z) |
|
|
|
|
|
t1.Mul(&lhs.Z, &rhs.X) |
|
|
|
|
|
return t0.VartimeEq(&t1) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func ProjectivePointConditionalSwap(xP, xQ *ProjectivePoint, choice uint8) { |
|
|
func ProjectivePointConditionalSwap(xP, xQ *ProjectivePoint, choice uint8) { |
|
|
ExtensionFieldConditionalSwap(&xP.X, &xQ.X, choice) |
|
|
ExtensionFieldConditionalSwap(&xP.X, &xQ.X, choice) |
|
|
ExtensionFieldConditionalSwap(&xP.Z, &xQ.Z, choice) |
|
|
ExtensionFieldConditionalSwap(&xP.Z, &xQ.Z, choice) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func ProjectivePrimeFieldPointConditionalSwap(xP, xQ *ProjectivePrimeFieldPoint, choice uint8) { |
|
|
|
|
|
PrimeFieldConditionalSwap(&xP.X, &xQ.X, choice) |
|
|
|
|
|
PrimeFieldConditionalSwap(&xP.Z, &xQ.Z, choice) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Combined coordinate doubling and differential addition. Takes projective points |
|
|
// Combined coordinate doubling and differential addition. Takes projective points |
|
|
// P,Q,Q-P and (A+2C)/4C curve E coefficient. Returns 2*P and P+Q calculated on E. |
|
|
// P,Q,Q-P and (A+2C)/4C curve E coefficient. Returns 2*P and P+Q calculated on E. |
|
|
// Function is used only by RightToLeftLadder. Corresponds to Algorithm 5 of SIKE |
|
|
// Function is used only by RightToLeftLadder. Corresponds to Algorithm 5 of SIKE |
|
|