Lines Matching refs:group
304 static int ec_group_set_generator(EC_GROUP *group, const EC_AFFINE *generator, in ec_group_set_generator() argument
306 assert(group->generator == NULL); in ec_group_set_generator()
308 if (!BN_copy(&group->order, order)) { in ec_group_set_generator()
312 bn_set_minimal_width(&group->order); in ec_group_set_generator()
314 BN_MONT_CTX_free(group->order_mont); in ec_group_set_generator()
315 group->order_mont = BN_MONT_CTX_new_for_modulus(&group->order, NULL); in ec_group_set_generator()
316 if (group->order_mont == NULL) { in ec_group_set_generator()
320 group->field_greater_than_order = BN_cmp(&group->field, order) > 0; in ec_group_set_generator()
321 if (group->field_greater_than_order) { in ec_group_set_generator()
325 BN_sub(&tmp, &group->field, order) && in ec_group_set_generator()
326 bn_copy_words(group->field_minus_order.words, group->field.width, &tmp); in ec_group_set_generator()
333 group->generator = EC_POINT_new(group); in ec_group_set_generator()
334 if (group->generator == NULL) { in ec_group_set_generator()
337 ec_affine_to_jacobian(group, &group->generator->raw, generator); in ec_group_set_generator()
338 assert(ec_felem_equal(group, &group->one, &group->generator->raw.Z)); in ec_group_set_generator()
342 int is_zero = CRYPTO_refcount_dec_and_test_zero(&group->references); in ec_group_set_generator()
390 int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, in EC_GROUP_set_generator() argument
392 if (group->curve_name != NID_undef || group->generator != NULL || in EC_GROUP_set_generator()
393 generator->group != group) { in EC_GROUP_set_generator()
424 if (BN_cmp(tmp, &group->field) <= 0) { in EC_GROUP_set_generator()
430 if (!ec_jacobian_to_affine(group, &affine, &generator->raw) || in EC_GROUP_set_generator()
431 !ec_group_set_generator(group, &affine, order)) { in EC_GROUP_set_generator()
443 EC_GROUP *group = NULL; in ec_group_new_from_data() local
464 group = ec_group_new(curve->method); in ec_group_new_from_data()
465 if (group == NULL || in ec_group_new_from_data()
466 !group->meth->group_set_curve(group, p, a, b, ctx)) { in ec_group_new_from_data()
473 if (!ec_felem_from_bytes(group, &x, params + 3 * param_len, param_len) || in ec_group_new_from_data()
474 !ec_felem_from_bytes(group, &y, params + 4 * param_len, param_len) || in ec_group_new_from_data()
475 !ec_point_set_affine_coordinates(group, &G, &x, &y)) { in ec_group_new_from_data()
479 if (!ec_group_set_generator(group, &G, order)) { in ec_group_new_from_data()
487 EC_GROUP_free(group); in ec_group_new_from_data()
488 group = NULL; in ec_group_new_from_data()
495 return group; in ec_group_new_from_data()
553 void EC_GROUP_free(EC_GROUP *group) { in EC_GROUP_free() argument
554 if (group == NULL || in EC_GROUP_free()
556 group->curve_name != NID_undef || in EC_GROUP_free()
557 !CRYPTO_refcount_dec_and_test_zero(&group->references)) { in EC_GROUP_free()
561 if (group->meth->group_finish != NULL) { in EC_GROUP_free()
562 group->meth->group_finish(group); in EC_GROUP_free()
565 ec_point_free(group->generator, 0 /* don't free group */); in EC_GROUP_free()
566 BN_free(&group->order); in EC_GROUP_free()
567 BN_MONT_CTX_free(group->order_mont); in EC_GROUP_free()
569 OPENSSL_free(group); in EC_GROUP_free()
581 EC_GROUP *group = (EC_GROUP *)a; in EC_GROUP_dup() local
582 CRYPTO_refcount_inc(&group->references); in EC_GROUP_dup()
583 return group; in EC_GROUP_dup()
613 const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) { in EC_GROUP_get0_generator() argument
614 return group->generator; in EC_GROUP_get0_generator()
617 const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group) { in EC_GROUP_get0_order() argument
618 assert(!BN_is_zero(&group->order)); in EC_GROUP_get0_order()
619 return &group->order; in EC_GROUP_get0_order()
622 int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) { in EC_GROUP_get_order() argument
623 if (BN_copy(order, EC_GROUP_get0_order(group)) == NULL) { in EC_GROUP_get_order()
629 int EC_GROUP_order_bits(const EC_GROUP *group) { in EC_GROUP_order_bits() argument
630 return BN_num_bits(&group->order); in EC_GROUP_order_bits()
633 int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, in EC_GROUP_get_cofactor() argument
639 int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a, in EC_GROUP_get_curve_GFp() argument
641 return ec_GFp_simple_group_get_curve(group, out_p, out_a, out_b); in EC_GROUP_get_curve_GFp()
644 int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; } in EC_GROUP_get_curve_name() argument
646 unsigned EC_GROUP_get_degree(const EC_GROUP *group) { in EC_GROUP_get_degree() argument
647 return BN_num_bits(&group->field); in EC_GROUP_get_degree()
680 EC_POINT *EC_POINT_new(const EC_GROUP *group) { in EC_POINT_new() argument
681 if (group == NULL) { in EC_POINT_new()
692 ret->group = EC_GROUP_dup(group); in EC_POINT_new()
702 EC_GROUP_free(point->group); in ec_point_free()
714 if (EC_GROUP_cmp(dest->group, src->group, NULL) != 0) { in EC_POINT_copy()
725 EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { in EC_POINT_dup() argument
730 EC_POINT *ret = EC_POINT_new(group); in EC_POINT_dup()
740 int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { in EC_POINT_set_to_infinity() argument
741 if (EC_GROUP_cmp(group, point->group, NULL) != 0) { in EC_POINT_set_to_infinity()
745 ec_GFp_simple_point_set_to_infinity(group, &point->raw); in EC_POINT_set_to_infinity()
749 int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { in EC_POINT_is_at_infinity() argument
750 if (EC_GROUP_cmp(group, point->group, NULL) != 0) { in EC_POINT_is_at_infinity()
754 return ec_GFp_simple_is_at_infinity(group, &point->raw); in EC_POINT_is_at_infinity()
757 int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, in EC_POINT_is_on_curve() argument
759 if (EC_GROUP_cmp(group, point->group, NULL) != 0) { in EC_POINT_is_on_curve()
763 return ec_GFp_simple_is_on_curve(group, &point->raw); in EC_POINT_is_on_curve()
766 int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, in EC_POINT_cmp() argument
768 if (EC_GROUP_cmp(group, a->group, NULL) != 0 || in EC_POINT_cmp()
769 EC_GROUP_cmp(group, b->group, NULL) != 0) { in EC_POINT_cmp()
775 return ec_GFp_simple_points_equal(group, &a->raw, &b->raw) ? 0 : 1; in EC_POINT_cmp()
778 int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, in EC_POINT_get_affine_coordinates_GFp() argument
781 if (group->meth->point_get_affine_coordinates == 0) { in EC_POINT_get_affine_coordinates_GFp()
785 if (EC_GROUP_cmp(group, point->group, NULL) != 0) { in EC_POINT_get_affine_coordinates_GFp()
790 if (!group->meth->point_get_affine_coordinates(group, &point->raw, in EC_POINT_get_affine_coordinates_GFp()
793 (x != NULL && !ec_felem_to_bignum(group, x, &x_felem)) || in EC_POINT_get_affine_coordinates_GFp()
794 (y != NULL && !ec_felem_to_bignum(group, y, &y_felem))) { in EC_POINT_get_affine_coordinates_GFp()
800 int EC_POINT_get_affine_coordinates(const EC_GROUP *group, in EC_POINT_get_affine_coordinates() argument
803 return EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx); in EC_POINT_get_affine_coordinates()
806 void ec_affine_to_jacobian(const EC_GROUP *group, EC_RAW_POINT *out, in ec_affine_to_jacobian() argument
810 out->Z = group->one; in ec_affine_to_jacobian()
813 int ec_jacobian_to_affine(const EC_GROUP *group, EC_AFFINE *out, in ec_jacobian_to_affine() argument
815 return group->meth->point_get_affine_coordinates(group, p, &out->X, &out->Y); in ec_jacobian_to_affine()
818 int ec_jacobian_to_affine_batch(const EC_GROUP *group, EC_AFFINE *out, in ec_jacobian_to_affine_batch() argument
820 if (group->meth->jacobian_to_affine_batch == NULL) { in ec_jacobian_to_affine_batch()
824 return group->meth->jacobian_to_affine_batch(group, out, in, num); in ec_jacobian_to_affine_batch()
827 int ec_point_set_affine_coordinates(const EC_GROUP *group, EC_AFFINE *out, in ec_point_set_affine_coordinates() argument
830 const EC_FELEM *b) = group->meth->felem_mul; in ec_point_set_affine_coordinates()
832 group->meth->felem_sqr; in ec_point_set_affine_coordinates()
836 felem_sqr(group, &lhs, y); // lhs = y^2 in ec_point_set_affine_coordinates()
837 felem_sqr(group, &rhs, x); // rhs = x^2 in ec_point_set_affine_coordinates()
838 ec_felem_add(group, &rhs, &rhs, &group->a); // rhs = x^2 + a in ec_point_set_affine_coordinates()
839 felem_mul(group, &rhs, &rhs, x); // rhs = x^3 + ax in ec_point_set_affine_coordinates()
840 ec_felem_add(group, &rhs, &rhs, &group->b); // rhs = x^3 + ax + b in ec_point_set_affine_coordinates()
841 if (!ec_felem_equal(group, &lhs, &rhs)) { in ec_point_set_affine_coordinates()
847 if (group->generator != NULL) { in ec_point_set_affine_coordinates()
848 assert(ec_felem_equal(group, &group->one, &group->generator->raw.Z)); in ec_point_set_affine_coordinates()
849 out->X = group->generator->raw.X; in ec_point_set_affine_coordinates()
850 out->Y = group->generator->raw.Y; in ec_point_set_affine_coordinates()
860 int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, in EC_POINT_set_affine_coordinates_GFp() argument
863 if (EC_GROUP_cmp(group, point->group, NULL) != 0) { in EC_POINT_set_affine_coordinates_GFp()
875 if (!ec_bignum_to_felem(group, &x_felem, x) || in EC_POINT_set_affine_coordinates_GFp()
876 !ec_bignum_to_felem(group, &y_felem, y) || in EC_POINT_set_affine_coordinates_GFp()
877 !ec_point_set_affine_coordinates(group, &affine, &x_felem, &y_felem)) { in EC_POINT_set_affine_coordinates_GFp()
880 ec_set_to_safe_point(group, &point->raw); in EC_POINT_set_affine_coordinates_GFp()
884 ec_affine_to_jacobian(group, &point->raw, &affine); in EC_POINT_set_affine_coordinates_GFp()
888 int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point, in EC_POINT_set_affine_coordinates() argument
891 return EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx); in EC_POINT_set_affine_coordinates()
894 int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, in EC_POINT_add() argument
896 if (EC_GROUP_cmp(group, r->group, NULL) != 0 || in EC_POINT_add()
897 EC_GROUP_cmp(group, a->group, NULL) != 0 || in EC_POINT_add()
898 EC_GROUP_cmp(group, b->group, NULL) != 0) { in EC_POINT_add()
902 group->meth->add(group, &r->raw, &a->raw, &b->raw); in EC_POINT_add()
906 int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, in EC_POINT_dbl() argument
908 if (EC_GROUP_cmp(group, r->group, NULL) != 0 || in EC_POINT_dbl()
909 EC_GROUP_cmp(group, a->group, NULL) != 0) { in EC_POINT_dbl()
913 group->meth->dbl(group, &r->raw, &a->raw); in EC_POINT_dbl()
918 int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { in EC_POINT_invert() argument
919 if (EC_GROUP_cmp(group, a->group, NULL) != 0) { in EC_POINT_invert()
923 ec_GFp_simple_invert(group, &a->raw); in EC_POINT_invert()
927 static int arbitrary_bignum_to_scalar(const EC_GROUP *group, EC_SCALAR *out, in arbitrary_bignum_to_scalar() argument
929 if (ec_bignum_to_scalar(group, out, in)) { in arbitrary_bignum_to_scalar()
936 const BIGNUM *order = &group->order; in arbitrary_bignum_to_scalar()
941 ec_bignum_to_scalar(group, out, tmp); in arbitrary_bignum_to_scalar()
946 int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, in EC_POINT_mul() argument
957 if (EC_GROUP_cmp(group, r->group, NULL) != 0 || in EC_POINT_mul()
958 (p != NULL && EC_GROUP_cmp(group, p->group, NULL) != 0)) { in EC_POINT_mul()
986 if (!arbitrary_bignum_to_scalar(group, &scalar, g_scalar, ctx) || in EC_POINT_mul()
987 !ec_point_mul_scalar_base(group, &r->raw, &scalar)) { in EC_POINT_mul()
995 if (!arbitrary_bignum_to_scalar(group, &scalar, p_scalar, ctx) || in EC_POINT_mul()
996 !ec_point_mul_scalar(group, &tmp, &p->raw, &scalar)) { in EC_POINT_mul()
1002 group->meth->add(group, &r->raw, &r->raw, &tmp); in EC_POINT_mul()
1013 int ec_point_mul_scalar_public(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar_public() argument
1021 if (group->meth->mul_public == NULL) { in ec_point_mul_scalar_public()
1022 return group->meth->mul_public_batch(group, r, g_scalar, p, p_scalar, 1); in ec_point_mul_scalar_public()
1025 group->meth->mul_public(group, r, g_scalar, p, p_scalar); in ec_point_mul_scalar_public()
1029 int ec_point_mul_scalar_public_batch(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar_public_batch() argument
1033 if (group->meth->mul_public_batch == NULL) { in ec_point_mul_scalar_public_batch()
1038 return group->meth->mul_public_batch(group, r, g_scalar, points, scalars, in ec_point_mul_scalar_public_batch()
1042 int ec_point_mul_scalar(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar() argument
1049 group->meth->mul(group, r, p, scalar); in ec_point_mul_scalar()
1053 if (!ec_GFp_simple_is_on_curve(group, r)) { in ec_point_mul_scalar()
1061 int ec_point_mul_scalar_base(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar_base() argument
1068 group->meth->mul_base(group, r, scalar); in ec_point_mul_scalar_base()
1072 if (!ec_GFp_simple_is_on_curve(group, r)) { in ec_point_mul_scalar_base()
1080 int ec_point_mul_scalar_batch(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar_batch() argument
1085 if (group->meth->mul_batch == NULL) { in ec_point_mul_scalar_batch()
1090 group->meth->mul_batch(group, r, p0, scalar0, p1, scalar1, p2, scalar2); in ec_point_mul_scalar_batch()
1094 if (!ec_GFp_simple_is_on_curve(group, r)) { in ec_point_mul_scalar_batch()
1102 int ec_init_precomp(const EC_GROUP *group, EC_PRECOMP *out, in ec_init_precomp() argument
1104 if (group->meth->init_precomp == NULL) { in ec_init_precomp()
1109 return group->meth->init_precomp(group, out, p); in ec_init_precomp()
1112 int ec_point_mul_scalar_precomp(const EC_GROUP *group, EC_RAW_POINT *r, in ec_point_mul_scalar_precomp() argument
1117 if (group->meth->mul_precomp == NULL) { in ec_point_mul_scalar_precomp()
1122 group->meth->mul_precomp(group, r, p0, scalar0, p1, scalar1, p2, scalar2); in ec_point_mul_scalar_precomp()
1126 if (!ec_GFp_simple_is_on_curve(group, r)) { in ec_point_mul_scalar_precomp()
1134 void ec_point_select(const EC_GROUP *group, EC_RAW_POINT *out, BN_ULONG mask, in ec_point_select() argument
1136 ec_felem_select(group, &out->X, mask, &a->X, &b->X); in ec_point_select()
1137 ec_felem_select(group, &out->Y, mask, &a->Y, &b->Y); in ec_point_select()
1138 ec_felem_select(group, &out->Z, mask, &a->Z, &b->Z); in ec_point_select()
1141 void ec_affine_select(const EC_GROUP *group, EC_AFFINE *out, BN_ULONG mask, in ec_affine_select() argument
1143 ec_felem_select(group, &out->X, mask, &a->X, &b->X); in ec_affine_select()
1144 ec_felem_select(group, &out->Y, mask, &a->Y, &b->Y); in ec_affine_select()
1147 void ec_precomp_select(const EC_GROUP *group, EC_PRECOMP *out, BN_ULONG mask, in ec_precomp_select() argument
1152 ec_affine_select(group, &out->comb[i], mask, &a->comb[i], &b->comb[i]); in ec_precomp_select()
1156 int ec_cmp_x_coordinate(const EC_GROUP *group, const EC_RAW_POINT *p, in ec_cmp_x_coordinate() argument
1158 return group->meth->cmp_x_coordinate(group, p, r); in ec_cmp_x_coordinate()
1161 int ec_get_x_coordinate_as_scalar(const EC_GROUP *group, EC_SCALAR *out, in ec_get_x_coordinate_as_scalar() argument
1165 if (!ec_get_x_coordinate_as_bytes(group, bytes, &len, sizeof(bytes), p)) { in ec_get_x_coordinate_as_scalar()
1196 group->order.width < EC_MAX_WORDS ? out->words[group->order.width] : 0; in ec_get_x_coordinate_as_scalar()
1197 bn_reduce_once_in_place(out->words, carry, group->order.d, tmp, in ec_get_x_coordinate_as_scalar()
1198 group->order.width); in ec_get_x_coordinate_as_scalar()
1202 int ec_get_x_coordinate_as_bytes(const EC_GROUP *group, uint8_t *out, in ec_get_x_coordinate_as_bytes() argument
1205 size_t len = BN_num_bytes(&group->field); in ec_get_x_coordinate_as_bytes()
1213 if (!group->meth->point_get_affine_coordinates(group, p, &x, NULL)) { in ec_get_x_coordinate_as_bytes()
1217 ec_felem_to_bytes(group, out, out_len, &x); in ec_get_x_coordinate_as_bytes()
1222 void ec_set_to_safe_point(const EC_GROUP *group, EC_RAW_POINT *out) { in ec_set_to_safe_point() argument
1223 if (group->generator != NULL) { in ec_set_to_safe_point()
1224 ec_GFp_simple_point_copy(out, &group->generator->raw); in ec_set_to_safe_point()
1229 ec_GFp_simple_point_set_to_infinity(group, out); in ec_set_to_safe_point()
1233 void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) {} in EC_GROUP_set_asn1_flag() argument
1235 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) { in EC_GROUP_method_of() argument
1246 void EC_GROUP_set_point_conversion_form(EC_GROUP *group, in EC_GROUP_set_point_conversion_form() argument