diff options
Diffstat (limited to 'src/exhaustive/brainpool_rfc.c')
| -rw-r--r-- | src/exhaustive/brainpool_rfc.c | 77 |
1 files changed, 73 insertions, 4 deletions
diff --git a/src/exhaustive/brainpool_rfc.c b/src/exhaustive/brainpool_rfc.c index 7af6b29..b3c5e5e 100644 --- a/src/exhaustive/brainpool_rfc.c +++ b/src/exhaustive/brainpool_rfc.c @@ -4,19 +4,88 @@ */ #include "brainpool_rfc.h" +#include "brainpool.h" +#include "util/bits.h" -GENERATOR(brainpool_rfc_gen_seed_random) { - -} +#define brainpool_delegate(func) \ + int ret = func(curve, args, state); \ + if (ret != 1) { \ + return ret; \ + } \ + curve->seed->type = SEED_BRAINPOOL_RFC; \ + return 1; GENERATOR(brainpool_rfc_gen_seed_argument) { + brainpool_delegate(brainpool_gen_seed_argument); +} +GENERATOR(brainpool_rfc_gen_seed_random) { + brainpool_delegate(brainpool_gen_seed_random); } GENERATOR(brainpool_rfc_gen_seed_input) { - + brainpool_delegate(brainpool_gen_seed_input); } GENERATOR(brainpool_rfc_gen_equation) { + // field is definitely prime + pari_sp btop = avma; + seed_t *seed = curve->seed; + do { + if (seed->brainpool.update_seed) { + brainpool_update_seed(seed->seed); + seed->brainpool.update_seed = false; + } + + GEN z; + bits_t *a_bits = + brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v); + GEN a = bits_to_i(a_bits); + bits_free(&a_bits); + z = Fp_sqrtn(a, stoi(4), curve->field, NULL); + if (z == NULL) { + brainpool_update_seed(seed->seed); + avma = btop; + continue; + } + seed->brainpool.seed_a = bits_copy(seed->seed); + + GEN b; + do { + brainpool_update_seed(seed->seed); + bits_t *b_bits = brainpool_hash(seed->seed, seed->brainpool.w, + seed->brainpool.v); + b = bits_to_i(b_bits); + bits_free(&b_bits); + } while (Fp_issquare(b, curve->field)); + + seed->brainpool.seed_b = bits_copy(seed->seed); + + GEN mod_a = gmodulo(a, curve->field); + GEN mod_b = gmodulo(b, curve->field); + + if (gequal0(gmulsg(-16, gadd(gmulsg(4, gpowgs(mod_a, 3)), + gmulsg(27, gsqr(mod_b)))))) { + brainpool_update_seed(seed->seed); + bits_free(&seed->brainpool.seed_a); + bits_free(&seed->brainpool.seed_b); + avma = btop; + continue; + } + + brainpool_update_seed(seed->seed); + seed->brainpool.seed_bp = bits_copy(seed->seed); + + bits_t *mult_bits = + brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v); + seed->brainpool.mult = bits_to_i(mult_bits); + + curve->a = mod_a; + curve->b = mod_b; + gerepileall(btop, 2, &curve->a, &curve->b); + break; + } while (true); + seed->brainpool.update_seed = true; + return 1; }
\ No newline at end of file |