summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/keybase/go-crypto/brainpool/rcurve.go
blob: 7e291d6aa4e3d6d591e31245461fa3a91594f3be (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
package brainpool

import (
	"crypto/elliptic"
	"math/big"
)

var _ elliptic.Curve = (*rcurve)(nil)

type rcurve struct {
	twisted elliptic.Curve
	params  *elliptic.CurveParams
	z       *big.Int
	zinv    *big.Int
	z2      *big.Int
	z3      *big.Int
	zinv2   *big.Int
	zinv3   *big.Int
}

var (
	two   = big.NewInt(2)
	three = big.NewInt(3)
)

func newrcurve(twisted elliptic.Curve, params *elliptic.CurveParams, z *big.Int) *rcurve {
	zinv := new(big.Int).ModInverse(z, params.P)
	return &rcurve{
		twisted: twisted,
		params:  params,
		z:       z,
		zinv:    zinv,
		z2:      new(big.Int).Exp(z, two, params.P),
		z3:      new(big.Int).Exp(z, three, params.P),
		zinv2:   new(big.Int).Exp(zinv, two, params.P),
		zinv3:   new(big.Int).Exp(zinv, three, params.P),
	}
}

func (curve *rcurve) toTwisted(x, y *big.Int) (*big.Int, *big.Int) {
	var tx, ty big.Int
	tx.Mul(x, curve.z2)
	tx.Mod(&tx, curve.params.P)
	ty.Mul(y, curve.z3)
	ty.Mod(&ty, curve.params.P)
	return &tx, &ty
}

func (curve *rcurve) fromTwisted(tx, ty *big.Int) (*big.Int, *big.Int) {
	var x, y big.Int
	x.Mul(tx, curve.zinv2)
	x.Mod(&x, curve.params.P)
	y.Mul(ty, curve.zinv3)
	y.Mod(&y, curve.params.P)
	return &x, &y
}

func (curve *rcurve) Params() *elliptic.CurveParams {
	return curve.params
}

func (curve *rcurve) IsOnCurve(x, y *big.Int) bool {
	return curve.twisted.IsOnCurve(curve.toTwisted(x, y))
}

func (curve *rcurve) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int) {
	tx1, ty1 := curve.toTwisted(x1, y1)
	tx2, ty2 := curve.toTwisted(x2, y2)
	return curve.fromTwisted(curve.twisted.Add(tx1, ty1, tx2, ty2))
}

func (curve *rcurve) Double(x1, y1 *big.Int) (x, y *big.Int) {
	return curve.fromTwisted(curve.twisted.Double(curve.toTwisted(x1, y1)))
}

func (curve *rcurve) ScalarMult(x1, y1 *big.Int, scalar []byte) (x, y *big.Int) {
	tx1, ty1 := curve.toTwisted(x1, y1)
	return curve.fromTwisted(curve.twisted.ScalarMult(tx1, ty1, scalar))
}

func (curve *rcurve) ScalarBaseMult(scalar []byte) (x, y *big.Int) {
	return curve.fromTwisted(curve.twisted.ScalarBaseMult(scalar))
}