summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2012-03-16 20:59:33 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2012-03-16 20:59:33 +0100
commit3ea1ba496ece8d6e0e90b4b6f32b59ae62052cda (patch)
tree58c738732657baceccbdbd8b56b7d55ce84907fe
parenta3743a365adc74d79cac500980f216d5ece3f187 (diff)
downloadlibuecc-3ea1ba496ece8d6e0e90b4b6f32b59ae62052cda.tar
libuecc-3ea1ba496ece8d6e0e90b4b6f32b59ae62052cda.zip
For Edwards curves, the identity element isn't at infinity, so rename the identity check function accordingly
-rw-r--r--include/libuecc/ecc.h2
-rw-r--r--src/ec25519.c13
2 files changed, 8 insertions, 7 deletions
diff --git a/include/libuecc/ecc.h b/include/libuecc/ecc.h
index f535702..a422ecb 100644
--- a/include/libuecc/ecc.h
+++ b/include/libuecc/ecc.h
@@ -45,7 +45,7 @@ typedef struct _ecc_25519_work {
void ecc_25519_load(ecc_25519_work *out, const ecc_public_key_256 *in);
void ecc_25519_store(ecc_public_key_256 *out, const ecc_25519_work *in);
-int ecc_25519_is_infinity(const ecc_25519_work *in);
+int ecc_25519_is_identity(const ecc_25519_work *in);
void ecc_25519_add(ecc_25519_work *out, const ecc_25519_work *in1, const ecc_25519_work *in2);
void ecc_25519_double(ecc_25519_work *out, const ecc_25519_work *in);
void ecc_25519_scalarmult(ecc_25519_work *out, const ecc_secret_key_256 *n, const ecc_25519_work *base);
diff --git a/src/ec25519.c b/src/ec25519.c
index b9ca4e9..dfb806b 100644
--- a/src/ec25519.c
+++ b/src/ec25519.c
@@ -387,10 +387,10 @@ void ecc_25519_store(ecc_public_key_256 *out, const ecc_25519_work *in) {
out->p[31] |= (y[0] << 7);
}
-static const ecc_25519_work infty = {{0}, {0}, {1}};
+static const ecc_25519_work id = {{1}, {0}, {0}};
-int ecc_25519_is_infinity(const ecc_25519_work *in) {
- return (check_zero(in->X)|check_zero(in->Y));
+int ecc_25519_is_identity(const ecc_25519_work *in) {
+ return (check_zero(in->X)|check_zero(in->Y)|check_zero(in->Z));
}
void ecc_25519_double(ecc_25519_work *out, const ecc_25519_work *in) {
@@ -411,11 +411,12 @@ void ecc_25519_double(ecc_25519_work *out, const ecc_25519_work *in) {
sub(t5, C, t4);
mult(out->Y, E, t5);
mult(out->Z, D, E);
- selectw(out, out, &infty, ecc_25519_is_infinity(out));
+ selectw(out, out, &id, ecc_25519_is_identity(out));
}
void ecc_25519_add(ecc_25519_work *out, const ecc_25519_work *in1, const ecc_25519_work *in2) {
unsigned int A[32], B[32], C[32], D[32], E[32], H[32], I[32], t0[32], t1[32], t2[32], t3[32], t4[32], t5[32], t6[32], t7[32], t8[32];
+ int id1 = ecc_25519_is_identity(in1), id2 = ecc_25519_is_identity(in2);
mult(A, in1->Z, in2->Z);
square(t0, A);
@@ -436,8 +437,8 @@ void ecc_25519_add(ecc_25519_work *out, const ecc_25519_work *in1, const ecc_255
mult(out->Y, t7, I);
mult(t8, H, I);
mult(out->Z, A, t8);
- selectw(out, out, in1, check_zero(t3));
- selectw(out, out, in2, check_zero(t2));
+ selectw(out, out, in1, id2);
+ selectw(out, out, in2, id1);
}
void ecc_25519_scalarmult(ecc_25519_work *out, const ecc_secret_key_256 *n, const ecc_25519_work *base) {