diff options
| author | J08nY | 2017-09-19 12:10:01 +0200 |
|---|---|---|
| committer | J08nY | 2017-09-19 12:10:01 +0200 |
| commit | 04af058bf659b3871916f4535bff6932b1741fab (patch) | |
| tree | d1a9b4eac1d0f1c52168056e7b7939b4d2c541e9 /src | |
| parent | 6adddf44e235fa272d82e8dcde748d6e7a8db14a (diff) | |
| download | ecgen-04af058bf659b3871916f4535bff6932b1741fab.tar.gz ecgen-04af058bf659b3871916f4535bff6932b1741fab.tar.zst ecgen-04af058bf659b3871916f4535bff6932b1741fab.zip | |
Diffstat (limited to 'src')
| -rw-r--r-- | src/exhaustive/ansi.c | 45 | ||||
| -rw-r--r-- | src/gen/types.h | 1 |
2 files changed, 38 insertions, 8 deletions
diff --git a/src/exhaustive/ansi.c b/src/exhaustive/ansi.c index 30db530..a2b24c8 100644 --- a/src/exhaustive/ansi.c +++ b/src/exhaustive/ansi.c @@ -40,7 +40,8 @@ static void seed_hash(seed_t *seed) { static void seed_tsh(seed_t *seed, const config_t *cfg) { pari_sp ltop = avma; seed->ansi.t = utoi(cfg->bits); - seed->ansi.s = floorr(rdivii(subis(seed->ansi.t, 1), stoi(160), DEFAULTPREC)); + seed->ansi.s = floorr( + rdivii(subis(seed->ansi.t, 1), stoi(160), DEFAULTPREC)); seed->ansi.h = subii(seed->ansi.t, mulis(seed->ansi.s, 160)); gerepileall(ltop, 3, &seed->ansi.t, &seed->ansi.s, &seed->ansi.h); } @@ -120,6 +121,7 @@ UNROLL(ansi_unroll_seed) { } static GENERATOR(ansi_gen_equation_fp) { + pari_sp ltop = avma; bits_t *c0 = bits_from_raw(curve->seed->hash20, 160); bits_shortenz(c0, 160 - itos(curve->seed->ansi.h)); @@ -128,32 +130,59 @@ static GENERATOR(ansi_gen_equation_fp) { bits_t *W = seed_process(curve->seed, W0); - return 0; + long ti = itos(curve->seed->ansi.t); + GEN r = gen_0; + for (long i = 1; i <= ti; ++i) { + GEN Wi = stoi(GET_BIT(W->bits, i - 1)); + r = addii(r, mulii(Wi, int2n(ti - i))); + } + curve->seed->ansi.r = r; + + GEN r_inv = Fp_invsafe(r, curve->field); + GEN a; + GEN b2; + do { + a = random_int(cfg->bits); + b2 = mulii(powis(a, 3), r_inv); + }while (!Fp_issquare(b2, curve->field)); + GEN b = Fp_sqrt(b2, curve->field); + + curve->a = a; + curve->b = b; + + gerepileall(ltop, 3, &r, &a, &b); + bits_free(&c0); + bits_free(&W0); + bits_free(&W); + return 1; } static GENERATOR(ansi_gen_equation_f2m) { + pari_sp ltop = avma; bits_t *b0 = bits_from_raw(curve->seed->hash20, 160); bits_shortenz(b0, 160 - itos(curve->seed->ansi.h)); bits_t *b = seed_process(curve->seed, b0); GEN ib = bits_to_i(b); if (gequal0(ib)) { + avma = ltop; return -3; } GEN a = random_int(cfg->bits); curve->a = field_ielement(curve->field, a); curve->b = field_ielement(curve->field, ib); + + gerepileall(ltop, 2, &curve->a, &curve->b); + bits_free(&b0); + bits_free(&b); return 1; } GENERATOR(ansi_gen_equation) { switch (cfg->field) { - case FIELD_PRIME: - return ansi_gen_equation_fp(curve, cfg, args); - case FIELD_BINARY: - return ansi_gen_equation_f2m(curve, cfg, args); - default: - pari_err_BUG("Field not prime or binary?"); + case FIELD_PRIME: return ansi_gen_equation_fp(curve, cfg, args); + case FIELD_BINARY: return ansi_gen_equation_f2m(curve, cfg, args); + default: pari_err_BUG("Field not prime or binary?"); return INT_MIN; /* NOT REACHABLE */ } } diff --git a/src/gen/types.h b/src/gen/types.h index 8b53da7..38d8a64 100644 --- a/src/gen/types.h +++ b/src/gen/types.h @@ -35,6 +35,7 @@ typedef struct seed_t { GEN t; GEN s; GEN h; + GEN r; } ansi; struct { bits_t *f; |