From 6a856479a846d83a22d71571329c2c9a5e68c9fe Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Wed, 5 Feb 2014 23:38:37 +0100 Subject: [PATCH] introduce point_multiply --- ecdsa.c | 32 +++++++++++++++++++++++++++++--- ecdsa.h | 3 ++- 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/ecdsa.c b/ecdsa.c index 7bb830ada..92b9a95d0 100644 --- a/ecdsa.c +++ b/ecdsa.c @@ -92,8 +92,35 @@ void point_double(curve_point *cp) memcpy(&(cp->y), &yr, sizeof(bignum256)); } +// res = k * p +void point_multiply(const bignum256 *k, const curve_point *p, curve_point *res) +{ + int i, j; + // result is zero + int is_zero = 1; + curve_point curr; + // initial res + memcpy(&curr, p, sizeof(curve_point)); + for (i = 0; i < 9; i++) { + for (j = 0; j < 30; j++) { + if (i == 8 && (k->val[i] >> j) == 0) break; + if (k->val[i] & (1u << j)) { + if (is_zero) { + memcpy(res, &curr, sizeof(curve_point)); + is_zero = 0; + } else { + point_add(&curr, res); + } + } + point_double(&curr); + } + } + bn_mod(&(res->x), &prime256k1); + bn_mod(&(res->y), &prime256k1); +} + // res = k * G -void scalar_multiply(bignum256 *k, curve_point *res) +void scalar_multiply(const bignum256 *k, curve_point *res) { int i, j; // result is zero @@ -397,8 +424,7 @@ void uncompress_coords(uint8_t odd, const bignum256 *x, bignum256 *y) bn_addmodi(y, 7, &prime256k1); // y is x^3 + 7 bn_sqrt(y, &prime256k1); // y = sqrt(y) if ((odd & 0x01) != (y->val[0] & 1)) { - bn_substract(&prime256k1, y, y); // y = -y - bn_mod(y, &prime256k1); + bn_substract_noprime(&prime256k1, y, y); // y = -y } } diff --git a/ecdsa.h b/ecdsa.h index 97661c4aa..956a310ab 100644 --- a/ecdsa.h +++ b/ecdsa.h @@ -34,7 +34,8 @@ void point_add(const curve_point *cp1, curve_point *cp2); void point_double(curve_point *cp); -void scalar_multiply(bignum256 *k, curve_point *res); +void point_multiply(const bignum256 *k, const curve_point *p, curve_point *res); +void scalar_multiply(const bignum256 *k, curve_point *res); void uncompress_coords(uint8_t odd, const bignum256 *x, bignum256 *y); int ecdsa_sign(const uint8_t *priv_key, const uint8_t *msg, uint32_t msg_len, uint8_t *sig);