1 // GoGOST -- Pure Go GOST cryptographic functions library
2 // Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with this program. If not, see <http://www.gnu.org/licenses/>.
25 zero *big.Int = big.NewInt(0)
26 bigInt1 *big.Int = big.NewInt(1)
27 bigInt2 *big.Int = big.NewInt(2)
28 bigInt3 *big.Int = big.NewInt(3)
32 Name string // Just simple identifier
34 P *big.Int // Characteristic of the underlying prime field
35 Q *big.Int // Elliptic curve subgroup order
37 // Equation coefficients of the elliptic curve in canonical form
41 // Equation coefficients of the elliptic curve in twisted Edwards form
45 // Basic point X and Y coordinates
49 // Temporary variable for the add method
54 // Cached s/t parameters for Edwards curve points conversion
59 func NewCurve(name string, p, q, a, b, x, y, e, d *big.Int) (*Curve, error) {
83 return nil, errors.New("Invalid curve parameters")
85 if e != nil && d != nil {
92 func (c *Curve) pos(v *big.Int) {
98 func (c *Curve) add(p1x, p1y, p2x, p2y *big.Int) {
99 if p1x.Cmp(p2x) == 0 && p1y.Cmp(p2y) == 0 {
102 c.t.Mul(c.t, bigInt3)
104 c.tx.Mul(bigInt2, p1y)
105 c.tx.ModInverse(c.tx, c.P)
115 c.t.ModInverse(c.tx, c.P)
133 func (c *Curve) Exp(degree, xS, yS *big.Int) (*big.Int, *big.Int, error) {
134 if degree.Cmp(zero) == 0 {
135 return nil, nil, errors.New("Bad degree value")
137 dg := big.NewInt(0).Sub(degree, bigInt1)
138 tx := big.NewInt(0).Set(xS)
139 ty := big.NewInt(0).Set(yS)
140 cx := big.NewInt(0).Set(xS)
141 cy := big.NewInt(0).Set(yS)
142 for dg.Cmp(zero) != 0 {
144 c.add(tx, ty, cx, cy)
147 c.add(cx, cy, cx, cy)