84 static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z,
96     if (!group->meth->field_sqr(group, x, x, ctx))
98     if (!group->meth->field_sqr(group, t1, z, ctx))
100     if (!group->meth->field_mul(group, z, x, t1, ctx))
102     if (!group->meth->field_sqr(group, x, x, ctx))
104     if (!group->meth->field_sqr(group, t1, t1, ctx))
106     if (!group->meth->field_mul(group, t1, &group->b, t1, ctx))
125 static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1,
141     if (!group->meth->field_mul(group, x1, x1, z2, ctx))
143     if (!group->meth->field_mul(group, z1, z1, x2, ctx))
145     if (!group->meth->field_mul(group, t2, x1, z1, ctx))
149     if (!group->meth->field_sqr(group, z1, z1, ctx))
151     if (!group->meth->field_mul(group, x1, z1, t1, ctx))
173 static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y,
205     if (!group->meth->field_mul(group, t3, z1, z2, ctx))
208     if (!group->meth->field_mul(group, z1, z1, x, ctx))
212     if (!group->meth->field_mul(group, z2, z2, x, ctx))
214     if (!group->meth->field_mul(group, x1, z2, x1, ctx))
219     if (!group->meth->field_mul(group, z2, z2, z1, ctx))
221     if (!group->meth->field_sqr(group, t4, x, ctx))
225     if (!group->meth->field_mul(group, t4, t4, t3, ctx))
230     if (!group->meth->field_mul(group, t3, t3, x, ctx))
232     if (!group->meth->field_div(group, t3, t5, t3, ctx))
234     if (!group->meth->field_mul(group, t4, t3, t4, ctx))
236     if (!group->meth->field_mul(group, x2, x1, t3, ctx))
241     if (!group->meth->field_mul(group, z2, z2, t4, ctx))
263 static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
280         EC_POINT_is_at_infinity(group, point)) {
281         return EC_POINT_set_to_infinity(group, r);
300     bn_wexpand(x1, group->field.top);
301     bn_wexpand(z1, group->field.top);
302     bn_wexpand(x2, group->field.top);
303     bn_wexpand(z2, group->field.top);
305     if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
309     if (!group->meth->field_sqr(group, z2, x1, ctx))
311     if (!group->meth->field_sqr(group, x2, z2, ctx))
313     if (!BN_GF2m_add(x2, x2, &group->b))
332             BN_consttime_swap(word & mask, x1, x2, group->field.top);
333             BN_consttime_swap(word & mask, z1, z2, group->field.top);
334             if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
336             if (!gf2m_Mdouble(group, x1, z1, ctx))
338             BN_consttime_swap(word & mask, x1, x2, group->field.top);
339             BN_consttime_swap(word & mask, z1, z2, group->field.top);
346     i = gf2m_Mxy(group, &point->X, &point->Y, x1, z1, x2, z2, ctx);
350         if (!EC_POINT_set_to_infinity(group, r))
371  *     scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
374 int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
398         || (num == 0 && EC_GROUP_have_precompute_mult(group))) {
399         ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
403     if ((p = EC_POINT_new(group)) == NULL)
405     if ((acc = EC_POINT_new(group)) == NULL)
408     if (!EC_POINT_set_to_infinity(group, acc))
413             (group, p, scalar, group->generator, ctx))
416             if (!group->meth->invert(group, p, ctx))
418         if (!group->meth->add(group, acc, acc, p, ctx))
424             (group, p, scalars[i], points[i], ctx))
427             if (!group->meth->invert(group, p, ctx))
429         if (!group->meth->add(group, acc, acc, p, ctx))
453 int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
455     return ec_wNAF_precompute_mult(group, ctx);
458 int ec_GF2m_have_precompute_mult(const EC_GROUP *group)
460     return ec_wNAF_have_precompute_mult(group);

Indexes created Wed May 22 12:01:17 MDT 2024