public ECFieldElement squarePow(int pow) { ECFieldElement r = this; for (int i = 0; i < pow; ++i) { r = r.square(); } return r; }
private ECFieldElement checkSqrt(ECFieldElement z) { return z.square().equals(this) ? z : null; }
private ECFieldElement checkSqrt(ECFieldElement z) { return z.square().equals(this) ? z : null; }
private static void implPrintRootZ(X9ECParameters x9) { ECFieldElement z = x9.getCurve().fromBigInteger(BigInteger.valueOf(2)); ECFieldElement rootZ = z.sqrt(); System.out.println(rootZ.toBigInteger().toString(16).toUpperCase()); if (!rootZ.square().equals(z)) { throw new IllegalStateException("Optimized-sqrt sanity check failed"); } }
private static ECFieldElement trace(ECFieldElement fe) { ECFieldElement t = fe; for (int i = 1; i < fe.getFieldSize(); ++i) { t = t.square().add(fe); } return t; }
private static ECFieldElement trace(ECFieldElement fe) { ECFieldElement t = fe; for (int i = 1; i < fe.getFieldSize(); ++i) { t = t.square().add(fe); } return t; }
public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y) { return square().subtract(x.multiply(y)); }
public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y) { return square().subtract(x.multiply(y)); }
public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y) { return square().add(x.multiply(y)); }
public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y) { return square().add(x.multiply(y)); }
private static int calculateTrace(ECFieldElement fe) { int m = fe.getFieldSize(); ECFieldElement tr = fe; for (int i = 1; i < m; ++i) { fe = fe.square(); tr = tr.add(fe); } BigInteger b = tr.toBigInteger(); if (b.bitLength() > 1) { throw new IllegalStateException(); } return b.intValue(); }
protected ECFieldElement getDenominator(int coordinateSystem, ECPoint p) { switch (coordinateSystem) { case ECCurve.COORD_HOMOGENEOUS: case ECCurve.COORD_LAMBDA_PROJECTIVE: case ECCurve.COORD_SKEWED: return p.getZCoord(0); case ECCurve.COORD_JACOBIAN: case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: case ECCurve.COORD_JACOBIAN_MODIFIED: return p.getZCoord(0).square(); default: return null; } }
private static ECFieldElement[] findBetaValues(ECCurve c) { BigInteger q = c.getField().getCharacteristic(); BigInteger e = q.divide(ECConstants.THREE); // Search for a random value that generates a non-trival cube root of 1 SecureRandom random = new SecureRandom(); BigInteger b; do { BigInteger r = BigIntegers.createRandomInRange(ECConstants.TWO, q.subtract(ECConstants.TWO), random); b = r.modPow(e, q); } while (b.equals(ECConstants.ONE)); ECFieldElement beta = c.fromBigInteger(b); return new ECFieldElement[]{ beta, beta.square() }; }
protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b, ECFieldElement aSquared, ECFieldElement bSquared) { /* * NOTE: If squaring in the field is faster than multiplication, then this is a quicker * way to calculate 2.A.B, if A^2 and B^2 are already known. */ return a.add(b).square().subtract(aSquared).subtract(bSquared); }
protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b, ECFieldElement aSquared, ECFieldElement bSquared) { /* * NOTE: If squaring in the field is faster than multiplication, then this is a quicker * way to calculate 2.A.B, if A^2 and B^2 are already known. */ return a.add(b).square().subtract(aSquared).subtract(bSquared); }
protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b, ECFieldElement aSquared, ECFieldElement bSquared) { /* * NOTE: If squaring in the field is faster than multiplication, then this is a quicker * way to calculate 2.A.B, if A^2 and B^2 are already known. */ return a.add(b).square().subtract(aSquared).subtract(bSquared); }
protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b, ECFieldElement aSquared, ECFieldElement bSquared) { /* * NOTE: If squaring in the field is faster than multiplication, then this is a quicker * way to calculate 2.A.B, if A^2 and B^2 are already known. */ return a.add(b).square().subtract(aSquared).subtract(bSquared); }
public static BigInteger y(ECCurve curve, BigInteger x) { // Andrey Jivsov https://www.ietf.org/archive/id/draft-jivsov-ecc-compact-05.txt. ECFieldElement X = curve.fromBigInteger(x); ECFieldElement rhs = X.square().add(curve.getA()).multiply(X).add(curve.getB()); // y' = sqrt( C(x) ), where y'>0 ECFieldElement yTilde = rhs.sqrt(); if (yTilde == null) { throw new IllegalArgumentException("invalid point compression"); } // y = min(y',p-y') BigInteger yT = yTilde.toBigInteger(); BigInteger yTn = yTilde.negate().toBigInteger(); BigInteger y = yT.compareTo(yTn) == -1 ? yT : yTn; return y; }
protected ECPoint.Fp twiceJacobianModified(boolean calculateW) { ECFieldElement X1 = this.x, Y1 = this.y, Z1 = this.zs[0], W1 = getJacobianModifiedW(); ECFieldElement X1Squared = X1.square(); ECFieldElement M = three(X1Squared).add(W1); ECFieldElement _2Y1 = two(Y1); ECFieldElement _2Y1Squared = _2Y1.multiply(Y1); ECFieldElement S = two(X1.multiply(_2Y1Squared)); ECFieldElement X3 = M.square().subtract(two(S)); ECFieldElement _4T = _2Y1Squared.square(); ECFieldElement _8T = two(_4T); ECFieldElement Y3 = M.multiply(S.subtract(X3)).subtract(_8T); ECFieldElement W3 = calculateW ? two(_8T.multiply(W1)) : null; ECFieldElement Z3 = Z1.isOne() ? _2Y1 : _2Y1.multiply(Z1); return new ECPoint.Fp(this.getCurve(), X3, Y3, new ECFieldElement[]{ Z3, W3 }, this.withCompression); } }
protected ECPoint.Fp twiceJacobianModified(boolean calculateW) { ECFieldElement X1 = this.x, Y1 = this.y, Z1 = this.zs[0], W1 = getJacobianModifiedW(); ECFieldElement X1Squared = X1.square(); ECFieldElement M = three(X1Squared).add(W1); ECFieldElement _2Y1 = two(Y1); ECFieldElement _2Y1Squared = _2Y1.multiply(Y1); ECFieldElement S = two(X1.multiply(_2Y1Squared)); ECFieldElement X3 = M.square().subtract(two(S)); ECFieldElement _4T = _2Y1Squared.square(); ECFieldElement _8T = two(_4T); ECFieldElement Y3 = M.multiply(S.subtract(X3)).subtract(_8T); ECFieldElement W3 = calculateW ? two(_8T.multiply(W1)) : null; ECFieldElement Z3 = Z1.isOne() ? _2Y1 : _2Y1.multiply(Z1); return new ECPoint.Fp(this.getCurve(), X3, Y3, new ECFieldElement[]{ Z3, W3 }, this.withCompression); } }