1 // GoGOST -- Pure Go GOST cryptographic functions library
2 // Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, version 3 of the License.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // You should have received a copy of the GNU General Public License
14 // along with this program. If not, see <http://www.gnu.org/licenses/>.
24 zero *big.Int = big.NewInt(0)
25 bigInt1 *big.Int = big.NewInt(1)
26 bigInt2 *big.Int = big.NewInt(2)
27 bigInt3 *big.Int = big.NewInt(3)
31 Name string // Just simple identifier
33 P *big.Int // Characteristic of the underlying prime field
34 Q *big.Int // Elliptic curve subgroup order
36 // Equation coefficients of the elliptic curve in canonical form
40 // Equation coefficients of the elliptic curve in twisted Edwards form
44 // Basic point X and Y coordinates
48 // Temporary variable for the add method
53 // Cached s/t parameters for Edwards curve points conversion
58 func NewCurve(p, q, a, b, x, y, e, d *big.Int) (*Curve, error) {
82 return nil, errors.New("gogost/gost3410: invalid curve parameters")
84 if e != nil && d != nil {
91 func (c *Curve) pos(v *big.Int) {
97 func (c *Curve) add(p1x, p1y, p2x, p2y *big.Int) {
98 if p1x.Cmp(p2x) == 0 && p1y.Cmp(p2y) == 0 {
101 c.t.Mul(c.t, bigInt3)
103 c.tx.Mul(bigInt2, p1y)
104 c.tx.ModInverse(c.tx, c.P)
114 c.t.ModInverse(c.tx, c.P)
132 func (c *Curve) Exp(degree, xS, yS *big.Int) (*big.Int, *big.Int, error) {
133 if degree.Cmp(zero) == 0 {
134 return nil, nil, errors.New("gogost/gost3410: zero degree value")
136 dg := big.NewInt(0).Sub(degree, bigInt1)
137 tx := big.NewInt(0).Set(xS)
138 ty := big.NewInt(0).Set(yS)
139 cx := big.NewInt(0).Set(xS)
140 cy := big.NewInt(0).Set(yS)
141 for dg.Cmp(zero) != 0 {
143 c.add(tx, ty, cx, cy)
146 c.add(cx, cy, cx, cy)