mphell/doc-v4/mphell__tuto__edwards_8c_source.html

 /*
   MPHELL-4.0
   Author(s): The MPHELL team

  (C) Copyright 2015-2018 - Institut Fourier / Univ. Grenoble Alpes (France)

  This file is part of the MPHELL Library.
  MPHELL is free software: you can redistribute it and/or modify
  it under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation, version 3 of the License.

  MPHELL is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with MPHELL.  If not, see <http://www.gnu.org/licenses/>.
 */

 #include <stdio.h>
 #include "mphell/mphell.h"

 int main()
 {
     /* Initialise MPHELL with 256 bits of security strength for the entropy, RANDOM_AES256 as DRBG and DEVURANDOM as entropy source */

     init_mphell(256, RANDOM_AES256, DEVURANDOM);

     /* Allocate a field of size 4*block_SIZE = 4*64 = 256 on 64 bits architecture */

     field k;
     field_alloc(k, FP, bits_to_nblock(256), NULL);

     /* Allocate a number of size 4*block_SIZE = 4*64 = 256 on 64 bits architecture */

     number p;
     number_init(&p, bits_to_nblock(256));

     /* Set the number p from a string in base 16 */

     number_set_str(p, "7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed", 16);

     /* Create the field of characteristic p */

     field_create(k, "", STACK_1, 1, p);

     /* Allocate curve */

     ec_curve E;
     ec_alloc (E, k);
     ec_init(E, k);

     /* Create curve */

     field_elt a, b;
     ec_point G;
     number n, h;

     field_elt_alloc(&a, k);
     field_elt_init(a, k);
     field_elt_alloc(&b, k);
     field_elt_init(b, k);
     ec_point_alloc(G, k);
     ec_point_init(G, k);
     number_init(&n, bits_to_nblock(256));
     number_init(&h, bits_to_nblock(256));

     field_elt_set_one(a, k);
     field_elt_set_str(b, "2dfc9311d490018c7338bf8688861767ff8ff5b2bebe27548a14b235eca6874a", 16, false, k, STACK_1);

     ec_point_set_aff_str(G, "159a6849e44c3c7f061b3d570fc4ed5b5d14c8ba4253df49cc7edf80f533ad9b", "6666666666666666666666666666666666666666666666666666666666666658", false, 16, EDWARDS, k, STACK_1);
     number_set_str(h, "0000000000000000000000000000000000000000000000000000000000000008", 16);
     number_set_str(n, "1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed", 16);

     ec_create (E, "Edwards_test", k, a, b, G, h, n, EDWARDS, EXTENDED_EDWARDS, STACK_1);

     printf("E: \n"); ec_curve_print(E, 16, STACK_1); printf("\n");

     field_elt_free(&a, k);
     field_elt_free(&b, k);
     ec_point_free(G, k);
     number_free(&n);
     number_free(&h);

     /* Allocate element of the field k */

     ec_point x;
     ec_point y;
     ec_point res;
     ec_point_alloc(x, k);
     ec_point_init(x, k);
     ec_point_alloc(y, k);
     ec_point_init(y, k);
     ec_point_alloc(res, k);
     ec_point_init(res, k);

     /* Set field element from string in base 16, which are not under Montgomery form */

     ec_point_set_aff_str(x, "67e82d6ecfec167788bc76ffc0165be5b3b5ac785f5bd1d2c427fa5c4ef02548", "5f6b282c46a137a1d612df50487cfa27a4b4df2c77bf6f12e56ec667ee37b181", false, 16, EDWARDS, k, STACK_1);
     ec_point_set_aff_str(y, "1ec6d017b0d11bd1d1b5cfefebfccbc8c8079e0f1030008a2e75207b77a987e6", "20bbd47f960781e9e13ea7cff81a4f5bec6106453cbae87abd3018d7803539be", false, 16, EDWARDS, k, STACK_1);

     /* Addition */

     ec_point_add(res, x, y, E, STACK_1);
     printf("x+y = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("x+y belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));

     /* Substraction */

     ec_point_sub(res, x, y, E, STACK_1);
     printf("x-y = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("x-y belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));

     /* Doubling */

     ec_point_dbl(res, x, E, STACK_1);
     printf("x*2 = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("x*2 belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));

     /* Negation */

     ec_point_neg(res, x, E);
     printf("-x = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("-x belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));

     /* Scalar Multiplication */

     number n1;
     number_init(&n1, 4);
     number_set_str(n1, "67e82d6ecfec167788bc76ffc0165be5b3b5ac785f5bd1d2c427fa5c4ef02551", 16);
     ec_point_mul(res, n1, x, E, STACK_1);
     printf("x*67e82d6ecfec167788bc76ffc0165be5b3b5ac785f5bd1d2c427fa5c4ef02551 = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("x*67e82d6ecfec167788bc76ffc0165be5b3b5ac785f5bd1d2c427fa5c4ef02551 belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));
     number_free(&n1);

     /* Random point */

     ec_point_random(res, E, STACK_1);
     printf("random point, res = "); ec_point_print(res, 16, true, k, STACK_1); printf("\n");
     printf("res belongs to E : %d\n\n", ec_belongs(res, E, STACK_1));

     /* Conversion to a point on a Weierstrass curve  */

     /* Allocation of memory for the destination point */

     ec_point convP;
     ec_point_alloc(convP, k);
     ec_point_init(convP, k);

     edwards_point_to_weierstrass_point (convP, res, E, STACK_1);
     printf("the image point on a weierstrass curve, convP="); ec_point_print(convP, 16, true, k, STACK_1); printf("\n");

     /* Conversion to a Weierstrass curve  */

     /* Allocation of memory for the destination point */

     ec_curve convC;
     ec_alloc (convC, k);
     ec_init (convC, k);

     edwards_to_weierstrass(convC, E, STACK_1);
     printf("convC: \n"); ec_curve_print(convC, 16, STACK_1); printf("\n");

     /* Free allocated memory */

     ec_point_free(convP, k);
     ec_point_free(x, k);
     ec_point_free(y, k);
     ec_point_free(res, k);
     number_free(&p);
     field_free(k);
     ec_free(E);
     ec_free(convC);

     free_mphell();

     return 0;
 }
ec_belongs
bool ec_belongs(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P belongs to E.
Definition: mphell-curve.c:865

field_elt
fp_elt * field_elt
Generic field element.
Definition: mphell-field.h:39

free_mphell
void free_mphell()
Free MPHELL memory, especially the big amount of temporary memory.
Definition: mphell-init.c:97

ec_create
void ec_create(ec_curve_ptr E, const char *id_curve, field_srcptr k, fe_srcptr a, fe_srcptr b, ec_point_srcptr G, number_srcptr h, number_srcptr n, const ec_type type, const ec_formula f, uint8_t stack)
Create an elliptic curve E, the curve must be allocated and initialised (ec_alloc & ec_init)
Definition: mphell-curve.c:62

field_elt_free
void field_elt_free(fe_ptr *src, field_srcptr k)
Free space used by src.
Definition: mphell-field.c:356

init_mphell
void init_mphell(const uint16_t security_strength, const random_type type, const entropy_type entropy)
Initialise MPHELL with security_strength bits of security (for random number only).
Definition: mphell-init.c:35

ec_point
Define an elliptic curve point.
Definition: mphell-curve.h:103

ec_point_alloc
void ec_point_alloc(ec_point_ptr P, field_srcptr k)
Allocate an elliptic curve point.
Definition: mphell-curve.c:673

edwards_to_weierstrass
void edwards_to_weierstrass(ec_curve_ptr E_res, ec_curve_srcptr E, uint8_t stack)
Convert the Edwards elliptic curve E to the corresponding Weierstrass elliptic curve E_res.
Definition: mphell-curve.c:2144

ec_point_neg
void ec_point_neg(ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E)
Set P3 to -P1.
Definition: mphell-curve.c:1117

ec_init
void ec_init(ec_curve_ptr E, field_srcptr k)
Initialise a curve.
Definition: mphell-curve.c:52

ec_point_print
void ec_point_print(ec_point_srcptr P, const uint8_t base, const bool lift, field_srcptr k, uint8_t stack)
Print a description of P.
Definition: mphell-curve.c:1064

bits_to_nblock
uint8_t bits_to_nblock(const uint16_t nbits)
Return the number of blocks required to store a nbits number.
Definition: mphell-util.c:29

field_elt_alloc
void field_elt_alloc(fe_ptr *dst, field_srcptr k)
Allocate space for a field element.
Definition: mphell-field.c:277

ec_point_init
void ec_point_init(ec_point_ptr P, field_srcptr k)
Initialise an elliptic curve point.
Definition: mphell-curve.c:682

field
field_t field[1]
Address of a field structure.
Definition: mphell-field.h:110

ec_point_add
void ec_point_add(ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Set P3 to P1 + P2, using dedicated formulae (not protected against SPA, but faster)
Definition: mphell-curve.c:1291

number_free
void number_free(number *dst)
Free a number_ptr allocated on the RAM memory (malloc)
Definition: mphell-number.c:75

ec_point_free
void ec_point_free(ec_point_ptr P, field_srcptr k)
Free the point P.
Definition: mphell-curve.c:700

ec_free
void ec_free(ec_curve_ptr E)
Free the elliptic curve E.
Definition: mphell-curve.c:655

field_elt_set_one
void field_elt_set_one(fe_ptr dst, field_srcptr k)
Set dst to one (or its Montgomery form if Montgomery arithmetic is used)
Definition: mphell-field.c:376

FP
Definition: mphell-field.h:81

field_create
void field_create(field_ptr k, const char *id, uint8_t stack, const uint32_t n,...)
Initialize the different fields of the structure pointed by k.
Definition: mphell-field.c:76

ec_point_set_aff_str
void ec_point_set_aff_str(ec_point_ptr P, const char *str_x, const char *str_y, const bool is_reduced, const uint8_t base, const ec_type type, field_srcptr k, uint8_t stack)
Set a point from its affine coordinates under string format.
Definition: mphell-curve.c:759

ec_point_dbl
void ec_point_dbl(ec_point_ptr P3, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to 2*P1, using dedicated formulae (not protected against SPA, but faster)
Definition: mphell-curve.c:1312

ec_alloc
void ec_alloc(ec_curve_ptr E, field_srcptr k)
Allocate a curve.
Definition: mphell-curve.c:37

edwards_point_to_weierstrass_point
void edwards_point_to_weierstrass_point(ec_point_ptr dst, ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Convert the Edwards point P of the elliptic curve E to the corresponding Weierstrass elliptic curve p...
Definition: mphell-curve.c:2247

RANDOM_AES256
Definition: mphell-random.h:39

field_alloc
void field_alloc(field_ptr k, const field_type type, const uint8_t size, field_ptr base)
Allocates space for the different fields of the structure pointed by k.
Definition: mphell-field.c:37

ec_point_mul
void ec_point_mul(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to n * P1 using Montgomery for Weierstrass elliptic curve, and naive method for other elliptic...
Definition: mphell-curve.c:1779

field_elt_init
void field_elt_init(fe_ptr dst, field_srcptr k)
Initialise the field element.
Definition: mphell-field.c:299

ec_curve_print
void ec_curve_print(ec_curve_srcptr E, const uint8_t base, uint8_t stack)
Print a description of E.
Definition: mphell-curve.c:1036

number_set_str
void number_set_str(number_ptr dst, const char *str, const uint8_t base)
Set dst to str.
Definition: mphell-number.c:299

DEVURANDOM
Definition: mphell-entropy.h:40

number_init
void number_init(number *dst, const uint8_t n)
Allocate a number_ptr on the RAM memory (malloc)
Definition: mphell-number.c:59

field_free
void field_free(field_ptr k)
Free the space of the field informations structure.
Definition: mphell-field.c:183

ec_point_random
void ec_point_random(ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Create a random point P on the elliptic curve E.
Definition: mphell-curve.c:885

ec_curve
Define an elliptic curve.
Definition: mphell-curve.h:139

field_elt_set_str
void field_elt_set_str(fe_ptr dst, const char *str, const uint8_t base, const bool isreduced, field_srcptr k, uint8_t stack)
Set dst to str, if Montgomery arithmetic is used, is_reduced == false -> transform dst into its Montg...
Definition: mphell-field.c:505

EDWARDS
Definition: mphell-curve.h:42

ec_point_sub
void ec_point_sub(ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Set P3 to P1 - P2, using dedicated formulae (not protected against SPA, but faster)
Definition: mphell-curve.c:1332

EXTENDED_EDWARDS
Definition: mphell-curve.h:61