Added curve25519 special case in ecc_set_point.

3a64c5a7 · Niels Möller · d583973e · 3a64c5a7 · 3a64c5a7
Commit 3a64c5a7 authored Aug 25, 2014 by Niels Möller
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 5 deletions

ChangeLog ChangeLog +5 -0

ecc-point.c ecc-point.c +19 -5

No files found.
--- a/ChangeLog
+++ b/ChangeLog
+2014-08-25  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-point.c (ecc_point_set): Handle curve25519 as a special
+	case, when checking if the point is on the curve.
+
 2014-08-24  Niels Möller  <nisse@lysator.liu.se>

 	* testsuite/ecdh-test.c: Test ecc_point_mul and ecc_point_mul_g,

--- a/ecc-point.c
+++ b/ecc-point.c
@@ -68,12 +68,26 @@ ecc_point_set (struct ecc_point *p, const mpz_t x, const mpz_t y)
  mpz_init (lhs);
  mpz_init (rhs);

-  /* Check that y^2 = x^3 - 3*x + b (mod p) */
+  if (p->ecc->bit_size == 255)
+    {
+      /* curve25519 special case. FIXME: Do in some cleaner way? */
+
+      /* Check that y^2 = x^3 + 486662 x^2 + x (mod p)*/
+      mpz_mul (lhs, x, x); /* Reuse lhs as a temporary */
+      mpz_add_ui (rhs, x, 486662);
+      mpz_mul (rhs, rhs, lhs);
+      mpz_add (rhs, rhs, x);
+    }
+  else
+    {
+      /* Check that y^2 = x^3 - 3*x + b (mod p) */
+      mpz_mul (rhs, x, x);
+      mpz_sub_ui (rhs, rhs, 3);
+      mpz_mul (rhs, rhs, x);
+      mpz_add (rhs, rhs, mpz_roinit_n (t, p->ecc->b, size));
+    }
+
  mpz_mul (lhs, y, y);
-  mpz_mul (rhs, x, x);
-  mpz_sub_ui (rhs, rhs, 3);
-  mpz_mul (rhs, rhs, x);
-  mpz_add (rhs, rhs, mpz_roinit_n (t, p->ecc->b, size));

  res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, p->ecc->p, size));