pyecsca/codegen/templates/mult_rtl.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

#include "mult.h"
#include "point.h"

void scalar_mult_inner(bn_t *scalar, point_t *point, curve_t *curve, point_t *out) {
	point_t *q = point_copy(point);
	point_t *r = point_copy(curve->neutral);

    {% if scalarmult.complete %}
	    size_t bits = bn_bit_length(&curve->n);
	{% else %}
        size_t bits = bn_bit_length(scalar);
    {% endif %}

	{%- if scalarmult.always %}
		point_t *dummy = point_new();
	{%- endif %}
	bn_t copy;
	bn_init(&copy);
	bn_copy(scalar, &copy);

    for (int i = 0; i < bits; i++) {
        if (bn_get_bit(&copy, 0) == 1) {
            point_accumulate(r, q, curve, r);
        } else {
        	{%- if scalarmult.always %}
			point_accumulate(r, q, curve, dummy);
			{%- endif %}
        }
        point_dbl(q, curve, q);
        bn_rsh(&copy, 1, &copy);
    }
    {%- if "scl" in scalarmult.formulas %}
    	point_scl(r, curve, r);
    {%- endif %}

    point_set(r, out);
    point_free(q);
    point_free(r);
    bn_clear(&copy);
	{%- if scalarmult.always %}
		point_free(dummy);
	{%- endif %}
}