304 static void ec_group_set0_generator(EC_GROUP *group, EC_POINT *generator) {  in ec_group_set0_generator()  argument
305   assert(group->generator == NULL);  in ec_group_set0_generator()
306   assert(group == generator->group);  in ec_group_set0_generator()
308   // Avoid a reference cycle. |group->generator| does not maintain an owning  in ec_group_set0_generator()
309   // pointer to |group|.  in ec_group_set0_generator()
310   group->generator = generator;  in ec_group_set0_generator()
311   int is_zero = CRYPTO_refcount_dec_and_test_zero(&group->references);  in ec_group_set0_generator()
341 int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,  in EC_GROUP_set_generator()  argument
343   if (group->curve_name != NID_undef || group->generator != NULL ||  in EC_GROUP_set_generator()
344       generator->group != group) {  in EC_GROUP_set_generator()
346     // |EC_GROUP_new_curve_GFp| and may only used once on each group.  in EC_GROUP_set_generator()
349     // |generator->group->generator| is set correctly.  in EC_GROUP_set_generator()
376   int ok = BN_cmp(tmp, &group->field) > 0;  in EC_GROUP_set_generator()
383   EC_POINT *copy = EC_POINT_new(group);  in EC_GROUP_set_generator()
386       !BN_copy(&group->order, order)) {  in EC_GROUP_set_generator()
391   BN_MONT_CTX_free(group->order_mont);  in EC_GROUP_set_generator()
392   group->order_mont = BN_MONT_CTX_new_for_modulus(&group->order, NULL);  in EC_GROUP_set_generator()
393   if (group->order_mont == NULL) {  in EC_GROUP_set_generator()
397   ec_group_set0_generator(group, copy);  in EC_GROUP_set_generator()
402   EC_GROUP *group = NULL;  in ec_group_new_from_data()  local
423   group = ec_group_new(curve->method);  in ec_group_new_from_data()
424   if (group == NULL ||  in ec_group_new_from_data()
425       !group->meth->group_set_curve(group, p, a, b, ctx)) {  in ec_group_new_from_data()
430   if ((P = EC_POINT_new(group)) == NULL) {  in ec_group_new_from_data()
441   if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) {  in ec_group_new_from_data()
445   if (!BN_bin2bn(params + 5 * param_len, param_len, &group->order)) {  in ec_group_new_from_data()
450   group->order_mont = BN_MONT_CTX_new_for_modulus(&group->order, ctx);  in ec_group_new_from_data()
451   if (group->order_mont == NULL) {  in ec_group_new_from_data()
456   ec_group_set0_generator(group, P);  in ec_group_new_from_data()
462     EC_GROUP_free(group);  in ec_group_new_from_data()
463     group = NULL;  in ec_group_new_from_data()
472   return group;  in ec_group_new_from_data()
530 void EC_GROUP_free(EC_GROUP *group) {  in EC_GROUP_free()  argument
531   if (group == NULL ||  in EC_GROUP_free()
533       group->curve_name != NID_undef ||  in EC_GROUP_free()
534       !CRYPTO_refcount_dec_and_test_zero(&group->references)) {  in EC_GROUP_free()
538   if (group->meth->group_finish != NULL) {  in EC_GROUP_free()
539     group->meth->group_finish(group);  in EC_GROUP_free()
542   ec_point_free(group->generator, 0 /* don't free group */);  in EC_GROUP_free()
543   BN_free(&group->order);  in EC_GROUP_free()
544   BN_MONT_CTX_free(group->order_mont);  in EC_GROUP_free()
546   OPENSSL_free(group);  in EC_GROUP_free()
558   EC_GROUP *group = (EC_GROUP *)a;  in EC_GROUP_dup()  local
559   CRYPTO_refcount_inc(&group->references);  in EC_GROUP_dup()
560   return group;  in EC_GROUP_dup()
589 const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) {  in EC_GROUP_get0_generator()  argument
590   return group->generator;  in EC_GROUP_get0_generator()
593 const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group) {  in EC_GROUP_get0_order()  argument
594   assert(!BN_is_zero(&group->order));  in EC_GROUP_get0_order()
595   return &group->order;  in EC_GROUP_get0_order()
598 int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) {  in EC_GROUP_get_order()  argument
599   if (BN_copy(order, EC_GROUP_get0_order(group)) == NULL) {  in EC_GROUP_get_order()
605 int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,  in EC_GROUP_get_cofactor()  argument
611 int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a,  in EC_GROUP_get_curve_GFp()  argument
613   return ec_GFp_simple_group_get_curve(group, out_p, out_a, out_b, ctx);  in EC_GROUP_get_curve_GFp()
616 int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; }  in EC_GROUP_get_curve_name()  argument
618 unsigned EC_GROUP_get_degree(const EC_GROUP *group) {  in EC_GROUP_get_degree()  argument
619   return ec_GFp_simple_group_get_degree(group);  in EC_GROUP_get_degree()
622 EC_POINT *EC_POINT_new(const EC_GROUP *group) {  in EC_POINT_new()  argument
625   if (group == NULL) {  in EC_POINT_new()
636   ret->group = EC_GROUP_dup(group);  in EC_POINT_new()
637   if (ret->group == NULL ||  in EC_POINT_new()
652     EC_GROUP_free(point->group);  in ec_point_free()
658   ec_point_free(point, 1 /* free group */);  in EC_POINT_free()
664   if (EC_GROUP_cmp(dest->group, src->group, NULL) != 0) {  in EC_POINT_copy()
674 EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) {  in EC_POINT_dup()  argument
679   EC_POINT *ret = EC_POINT_new(group);  in EC_POINT_dup()
689 int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) {  in EC_POINT_set_to_infinity()  argument
690   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_set_to_infinity()
694   return ec_GFp_simple_point_set_to_infinity(group, point);  in EC_POINT_set_to_infinity()
697 int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) {  in EC_POINT_is_at_infinity()  argument
698   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_is_at_infinity()
702   return ec_GFp_simple_is_at_infinity(group, point);  in EC_POINT_is_at_infinity()
705 int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,  in EC_POINT_is_on_curve()  argument
707   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_is_on_curve()
711   return ec_GFp_simple_is_on_curve(group, point, ctx);  in EC_POINT_is_on_curve()
714 int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,  in EC_POINT_cmp()  argument
716   if (EC_GROUP_cmp(group, a->group, NULL) != 0 ||  in EC_POINT_cmp()
717       EC_GROUP_cmp(group, b->group, NULL) != 0) {  in EC_POINT_cmp()
721   return ec_GFp_simple_cmp(group, a, b, ctx);  in EC_POINT_cmp()
724 int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) {  in EC_POINT_make_affine()  argument
725   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_make_affine()
729   return ec_GFp_simple_make_affine(group, point, ctx);  in EC_POINT_make_affine()
732 int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],  in EC_POINTs_make_affine()  argument
735     if (EC_GROUP_cmp(group, points[i]->group, NULL) != 0) {  in EC_POINTs_make_affine()
740   return ec_GFp_simple_points_make_affine(group, num, points, ctx);  in EC_POINTs_make_affine()
743 int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,  in EC_POINT_get_affine_coordinates_GFp()  argument
746   if (group->meth->point_get_affine_coordinates == 0) {  in EC_POINT_get_affine_coordinates_GFp()
750   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_get_affine_coordinates_GFp()
754   return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);  in EC_POINT_get_affine_coordinates_GFp()
757 int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,  in EC_POINT_set_affine_coordinates_GFp()  argument
760   if (EC_GROUP_cmp(group, point->group, NULL) != 0) {  in EC_POINT_set_affine_coordinates_GFp()
764   if (!ec_GFp_simple_point_set_affine_coordinates(group, point, x, y, ctx)) {  in EC_POINT_set_affine_coordinates_GFp()
768   if (!EC_POINT_is_on_curve(group, point, ctx)) {  in EC_POINT_set_affine_coordinates_GFp()
771     const EC_POINT *generator = EC_GROUP_get0_generator(group);  in EC_POINT_set_affine_coordinates_GFp()
773     // constructing an arbitrary group. In this, we give up and hope they're  in EC_POINT_set_affine_coordinates_GFp()
785 int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,  in EC_POINT_add()  argument
787   if (EC_GROUP_cmp(group, r->group, NULL) != 0 ||  in EC_POINT_add()
788       EC_GROUP_cmp(group, a->group, NULL) != 0 ||  in EC_POINT_add()
789       EC_GROUP_cmp(group, b->group, NULL) != 0) {  in EC_POINT_add()
793   return ec_GFp_simple_add(group, r, a, b, ctx);  in EC_POINT_add()
797 int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,  in EC_POINT_dbl()  argument
799   if (EC_GROUP_cmp(group, r->group, NULL) != 0 ||  in EC_POINT_dbl()
800       EC_GROUP_cmp(group, a->group, NULL) != 0) {  in EC_POINT_dbl()
804   return ec_GFp_simple_dbl(group, r, a, ctx);  in EC_POINT_dbl()
808 int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) {  in EC_POINT_invert()  argument
809   if (EC_GROUP_cmp(group, a->group, NULL) != 0) {  in EC_POINT_invert()
813   return ec_GFp_simple_invert(group, a, ctx);  in EC_POINT_invert()
816 static int arbitrary_bignum_to_scalar(const EC_GROUP *group, EC_SCALAR *out,  in arbitrary_bignum_to_scalar()  argument
818   if (ec_bignum_to_scalar(group, out, in)) {  in arbitrary_bignum_to_scalar()
826   const BIGNUM *order = &group->order;  in arbitrary_bignum_to_scalar()
831            ec_bignum_to_scalar_unchecked(group, out, tmp);  in arbitrary_bignum_to_scalar()
836 int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,  in EC_POINT_mul()  argument
860     if (!arbitrary_bignum_to_scalar(group, &g_scalar_storage, g_scalar, ctx)) {  in EC_POINT_mul()
867     if (!arbitrary_bignum_to_scalar(group, &p_scalar_storage, p_scalar, ctx)) {  in EC_POINT_mul()
873   ret = ec_point_mul_scalar(group, r, g_scalar_arg, p, p_scalar_arg, ctx);  in EC_POINT_mul()
882 int ec_point_mul_scalar_public(const EC_GROUP *group, EC_POINT *r,  in ec_point_mul_scalar_public()  argument
891   if (EC_GROUP_cmp(group, r->group, NULL) != 0 ||  in ec_point_mul_scalar_public()
892       (p != NULL && EC_GROUP_cmp(group, p->group, NULL) != 0)) {  in ec_point_mul_scalar_public()
897   return group->meth->mul_public(group, r, g_scalar, p, p_scalar, ctx);  in ec_point_mul_scalar_public()
900 int ec_point_mul_scalar(const EC_GROUP *group, EC_POINT *r,  in ec_point_mul_scalar()  argument
909   if (EC_GROUP_cmp(group, r->group, NULL) != 0 ||  in ec_point_mul_scalar()
910       (p != NULL && EC_GROUP_cmp(group, p->group, NULL) != 0)) {  in ec_point_mul_scalar()
915   return group->meth->mul(group, r, g_scalar, p, p_scalar, ctx);  in ec_point_mul_scalar()
918 void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) {}  in EC_GROUP_set_asn1_flag()  argument
920 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) {  in EC_GROUP_method_of()  argument
928 void EC_GROUP_set_point_conversion_form(EC_GROUP *group,  in EC_GROUP_set_point_conversion_form()  argument
948 int ec_bignum_to_scalar(const EC_GROUP *group, EC_SCALAR *out,  in ec_bignum_to_scalar()  argument
950   if (!ec_bignum_to_scalar_unchecked(group, out, in)) {  in ec_bignum_to_scalar()
953   if (!bn_less_than_words(out->words, group->order.d, group->order.top)) {  in ec_bignum_to_scalar()
960 int ec_bignum_to_scalar_unchecked(const EC_GROUP *group, EC_SCALAR *out,  in ec_bignum_to_scalar_unchecked()  argument
962   if (!bn_copy_words(out->words, group->order.top, in)) {  in ec_bignum_to_scalar_unchecked()
969 int ec_random_nonzero_scalar(const EC_GROUP *group, EC_SCALAR *out,  in ec_random_nonzero_scalar()  argument
971   return bn_rand_range_words(out->words, 1, group->order.d, group->order.top,  in ec_random_nonzero_scalar()