77 int uECC_curve_private_key_size(uECC_Curve curve)  in uECC_curve_private_key_size()  argument
79 	return BITS_TO_BYTES(curve->num_n_bits);  in uECC_curve_private_key_size()
82 int uECC_curve_public_key_size(uECC_Curve curve)  in uECC_curve_public_key_size()  argument
84 	return 2 * curve->num_bytes;  in uECC_curve_public_key_size()
374 			   const uECC_word_t *right, uECC_Curve curve)  in uECC_vli_modMult_fast()  argument
377 	uECC_vli_mult(product, left, right, curve->num_words);  in uECC_vli_modMult_fast()
379 	curve->mmod_fast(result, product);  in uECC_vli_modMult_fast()
384 				    uECC_Curve curve)  in uECC_vli_modSquare_fast()  argument
386 	uECC_vli_modMult_fast(result, left, left, curve);  in uECC_vli_modSquare_fast()
456 			     uECC_word_t * Z1, uECC_Curve curve)  in double_jacobian_default()  argument
461 	wordcount_t num_words = curve->num_words;  in double_jacobian_default()
467 	uECC_vli_modSquare_fast(t4, Y1, curve);   /* t4 = y1^2 */  in double_jacobian_default()
468 	uECC_vli_modMult_fast(t5, X1, t4, curve); /* t5 = x1*y1^2 = A */  in double_jacobian_default()
469 	uECC_vli_modSquare_fast(t4, t4, curve);   /* t4 = y1^4 */  in double_jacobian_default()
470 	uECC_vli_modMult_fast(Y1, Y1, Z1, curve); /* t2 = y1*z1 = z3 */  in double_jacobian_default()
471 	uECC_vli_modSquare_fast(Z1, Z1, curve);   /* t3 = z1^2 */  in double_jacobian_default()
473 	uECC_vli_modAdd(X1, X1, Z1, curve->p, num_words); /* t1 = x1 + z1^2 */  in double_jacobian_default()
474 	uECC_vli_modAdd(Z1, Z1, Z1, curve->p, num_words); /* t3 = 2*z1^2 */  in double_jacobian_default()
475 	uECC_vli_modSub(Z1, X1, Z1, curve->p, num_words); /* t3 = x1 - z1^2 */  in double_jacobian_default()
476 	uECC_vli_modMult_fast(X1, X1, Z1, curve); /* t1 = x1^2 - z1^4 */  in double_jacobian_default()
478 	uECC_vli_modAdd(Z1, X1, X1, curve->p, num_words); /* t3 = 2*(x1^2 - z1^4) */  in double_jacobian_default()
479 	uECC_vli_modAdd(X1, X1, Z1, curve->p, num_words); /* t1 = 3*(x1^2 - z1^4) */  in double_jacobian_default()
481 		uECC_word_t l_carry = uECC_vli_add(X1, X1, curve->p, num_words);  in double_jacobian_default()
489 	uECC_vli_modSquare_fast(Z1, X1, curve); /* t3 = B^2 */  in double_jacobian_default()
490 	uECC_vli_modSub(Z1, Z1, t5, curve->p, num_words); /* t3 = B^2 - A */  in double_jacobian_default()
491 	uECC_vli_modSub(Z1, Z1, t5, curve->p, num_words); /* t3 = B^2 - 2A = x3 */  in double_jacobian_default()
492 	uECC_vli_modSub(t5, t5, Z1, curve->p, num_words); /* t5 = A - x3 */  in double_jacobian_default()
493 	uECC_vli_modMult_fast(X1, X1, t5, curve); /* t1 = B * (A - x3) */  in double_jacobian_default()
495 	uECC_vli_modSub(t4, X1, t4, curve->p, num_words);  in double_jacobian_default()
504 		    uECC_Curve curve)  in x_side_default()  argument
507 	wordcount_t num_words = curve->num_words;  in x_side_default()
509 	uECC_vli_modSquare_fast(result, x, curve); /* r = x^2 */  in x_side_default()
510 	uECC_vli_modSub(result, result, _3, curve->p, num_words); /* r = x^2 - 3 */  in x_side_default()
511 	uECC_vli_modMult_fast(result, result, x, curve); /* r = x^3 - 3x */  in x_side_default()
513 	uECC_vli_modAdd(result, result, curve->b, curve->p, num_words);  in x_side_default()
622 uECC_word_t EccPoint_isZero(const uECC_word_t *point, uECC_Curve curve)  in EccPoint_isZero()  argument
624 	return uECC_vli_isZero(point, curve->num_words * 2);  in EccPoint_isZero()
628 	     uECC_Curve curve)  in apply_z()  argument
632 	uECC_vli_modSquare_fast(t1, Z, curve);    /* z^2 */  in apply_z()
633 	uECC_vli_modMult_fast(X1, X1, t1, curve); /* x1 * z^2 */  in apply_z()
634 	uECC_vli_modMult_fast(t1, t1, Z, curve);  /* z^3 */  in apply_z()
635 	uECC_vli_modMult_fast(Y1, Y1, t1, curve); /* y1 * z^3 */  in apply_z()
642 				uECC_Curve curve)  in XYcZ_initial_double()  argument
645 	wordcount_t num_words = curve->num_words;  in XYcZ_initial_double()
656 	apply_z(X1, Y1, z, curve);  in XYcZ_initial_double()
657 	curve->double_jacobian(X1, Y1, z, curve);  in XYcZ_initial_double()
658 	apply_z(X2, Y2, z, curve);  in XYcZ_initial_double()
663 	      uECC_Curve curve)  in XYcZ_add()  argument
667 	wordcount_t num_words = curve->num_words;  in XYcZ_add()
669 	uECC_vli_modSub(t5, X2, X1, curve->p, num_words); /* t5 = x2 - x1 */  in XYcZ_add()
670 	uECC_vli_modSquare_fast(t5, t5, curve); /* t5 = (x2 - x1)^2 = A */  in XYcZ_add()
671 	uECC_vli_modMult_fast(X1, X1, t5, curve); /* t1 = x1*A = B */  in XYcZ_add()
672 	uECC_vli_modMult_fast(X2, X2, t5, curve); /* t3 = x2*A = C */  in XYcZ_add()
673 	uECC_vli_modSub(Y2, Y2, Y1, curve->p, num_words); /* t4 = y2 - y1 */  in XYcZ_add()
674 	uECC_vli_modSquare_fast(t5, Y2, curve); /* t5 = (y2 - y1)^2 = D */  in XYcZ_add()
676 	uECC_vli_modSub(t5, t5, X1, curve->p, num_words); /* t5 = D - B */  in XYcZ_add()
677 	uECC_vli_modSub(t5, t5, X2, curve->p, num_words); /* t5 = D - B - C = x3 */  in XYcZ_add()
678 	uECC_vli_modSub(X2, X2, X1, curve->p, num_words); /* t3 = C - B */  in XYcZ_add()
679 	uECC_vli_modMult_fast(Y1, Y1, X2, curve); /* t2 = y1*(C - B) */  in XYcZ_add()
680 	uECC_vli_modSub(X2, X1, t5, curve->p, num_words); /* t3 = B - x3 */  in XYcZ_add()
681 	uECC_vli_modMult_fast(Y2, Y2, X2, curve); /* t4 = (y2 - y1)*(B - x3) */  in XYcZ_add()
682 	uECC_vli_modSub(Y2, Y2, Y1, curve->p, num_words); /* t4 = y3 */  in XYcZ_add()
693 		      uECC_Curve curve)  in XYcZ_addC()  argument
699 	wordcount_t num_words = curve->num_words;  in XYcZ_addC()
701 	uECC_vli_modSub(t5, X2, X1, curve->p, num_words); /* t5 = x2 - x1 */  in XYcZ_addC()
702 	uECC_vli_modSquare_fast(t5, t5, curve); /* t5 = (x2 - x1)^2 = A */  in XYcZ_addC()
703 	uECC_vli_modMult_fast(X1, X1, t5, curve); /* t1 = x1*A = B */  in XYcZ_addC()
704 	uECC_vli_modMult_fast(X2, X2, t5, curve); /* t3 = x2*A = C */  in XYcZ_addC()
705 	uECC_vli_modAdd(t5, Y2, Y1, curve->p, num_words); /* t5 = y2 + y1 */  in XYcZ_addC()
706 	uECC_vli_modSub(Y2, Y2, Y1, curve->p, num_words); /* t4 = y2 - y1 */  in XYcZ_addC()
708 	uECC_vli_modSub(t6, X2, X1, curve->p, num_words); /* t6 = C - B */  in XYcZ_addC()
709 	uECC_vli_modMult_fast(Y1, Y1, t6, curve); /* t2 = y1 * (C - B) = E */  in XYcZ_addC()
710 	uECC_vli_modAdd(t6, X1, X2, curve->p, num_words); /* t6 = B + C */  in XYcZ_addC()
711 	uECC_vli_modSquare_fast(X2, Y2, curve); /* t3 = (y2 - y1)^2 = D */  in XYcZ_addC()
712 	uECC_vli_modSub(X2, X2, t6, curve->p, num_words); /* t3 = D - (B + C) = x3 */  in XYcZ_addC()
714 	uECC_vli_modSub(t7, X1, X2, curve->p, num_words); /* t7 = B - x3 */  in XYcZ_addC()
715 	uECC_vli_modMult_fast(Y2, Y2, t7, curve); /* t4 = (y2 - y1)*(B - x3) */  in XYcZ_addC()
717 	uECC_vli_modSub(Y2, Y2, Y1, curve->p, num_words);  in XYcZ_addC()
719 	uECC_vli_modSquare_fast(t7, t5, curve); /* t7 = (y2 + y1)^2 = F */  in XYcZ_addC()
720 	uECC_vli_modSub(t7, t7, t6, curve->p, num_words); /* t7 = F - (B + C) = x3' */  in XYcZ_addC()
721 	uECC_vli_modSub(t6, t7, X1, curve->p, num_words); /* t6 = x3' - B */  in XYcZ_addC()
722 	uECC_vli_modMult_fast(t6, t6, t5, curve); /* t6 = (y2+y1)*(x3' - B) */  in XYcZ_addC()
724 	uECC_vli_modSub(Y1, t6, Y1, curve->p, num_words);  in XYcZ_addC()
732 		   bitcount_t num_bits, uECC_Curve curve)   in EccPoint_mult()  argument
740 	wordcount_t num_words = curve->num_words;  in EccPoint_mult()
745 	XYcZ_initial_double(Rx[1], Ry[1], Rx[0], Ry[0], initial_Z, curve);  in EccPoint_mult()
749 		XYcZ_addC(Rx[1 - nb], Ry[1 - nb], Rx[nb], Ry[nb], curve);  in EccPoint_mult()
750 		XYcZ_add(Rx[nb], Ry[nb], Rx[1 - nb], Ry[1 - nb], curve);  in EccPoint_mult()
754 	XYcZ_addC(Rx[1 - nb], Ry[1 - nb], Rx[nb], Ry[nb], curve);  in EccPoint_mult()
757 	uECC_vli_modSub(z, Rx[1], Rx[0], curve->p, num_words); /* X1 - X0 */  in EccPoint_mult()
758 	uECC_vli_modMult_fast(z, z, Ry[1 - nb], curve); /* Yb * (X1 - X0) */  in EccPoint_mult()
759 	uECC_vli_modMult_fast(z, z, point, curve); /* xP * Yb * (X1 - X0) */  in EccPoint_mult()
760 	uECC_vli_modInv(z, z, curve->p, num_words); /* 1 / (xP * Yb * (X1 - X0))*/  in EccPoint_mult()
762 	uECC_vli_modMult_fast(z, z, point + num_words, curve);  in EccPoint_mult()
764 	uECC_vli_modMult_fast(z, z, Rx[1 - nb], curve);  in EccPoint_mult()
767 	XYcZ_add(Rx[nb], Ry[nb], Rx[1 - nb], Ry[1 - nb], curve);  in EccPoint_mult()
768 	apply_z(Rx[0], Ry[0], z, curve);  in EccPoint_mult()
775 			 uECC_word_t *k1, uECC_Curve curve)  in regularize_k()  argument
778 	wordcount_t num_n_words = BITS_TO_WORDS(curve->num_n_bits);  in regularize_k()
780 	bitcount_t num_n_bits = curve->num_n_bits;  in regularize_k()
782 	uECC_word_t carry = uECC_vli_add(k0, k, curve->n, num_n_words) ||  in regularize_k()
786 	uECC_vli_add(k1, k0, curve->n, num_n_words);  in regularize_k()
793 					uECC_Curve curve)  in EccPoint_compute_public_key()  argument
803 	carry = regularize_k(private_key, tmp1, tmp2, curve);  in EccPoint_compute_public_key()
805 	EccPoint_mult(result, curve->G, p2[!carry], 0, curve->num_n_bits + 1, curve);  in EccPoint_compute_public_key()
807 	if (EccPoint_isZero(result, curve)) {  in EccPoint_compute_public_key()
863 int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve)  in uECC_valid_point()  argument
867 	wordcount_t num_words = curve->num_words;  in uECC_valid_point()
870 	if (EccPoint_isZero(point, curve)) {  in uECC_valid_point()
875 	if (uECC_vli_cmp_unsafe(curve->p, point, num_words) != 1 ||  in uECC_valid_point()
876 		uECC_vli_cmp_unsafe(curve->p, point + num_words, num_words) != 1) {  in uECC_valid_point()
880 	uECC_vli_modSquare_fast(tmp1, point + num_words, curve);  in uECC_valid_point()
881 	curve->x_side(tmp2, point, curve); /* tmp2 = x^3 + ax + b */  in uECC_valid_point()
890 int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve)  in uECC_valid_public_key()  argument
895 	uECC_vli_bytesToNative(_public, public_key, curve->num_bytes);  in uECC_valid_public_key()
897 	_public + curve->num_words,  in uECC_valid_public_key()
898 	public_key + curve->num_bytes,  in uECC_valid_public_key()
899 	curve->num_bytes);  in uECC_valid_public_key()
901 	if (uECC_vli_cmp_unsafe(_public, curve->G, NUM_ECC_WORDS * 2) == 0) {  in uECC_valid_public_key()
905 	return uECC_valid_point(_public, curve);  in uECC_valid_public_key()
909 			    uECC_Curve curve)  in uECC_compute_public_key()  argument
918 	BITS_TO_BYTES(curve->num_n_bits));  in uECC_compute_public_key()
921 	if (uECC_vli_isZero(_private, BITS_TO_WORDS(curve->num_n_bits))) {  in uECC_compute_public_key()
925 	if (uECC_vli_cmp(curve->n, _private, BITS_TO_WORDS(curve->num_n_bits)) != 1) {  in uECC_compute_public_key()
930 	if (!EccPoint_compute_public_key(_public, _private, curve)) {  in uECC_compute_public_key()
934 	uECC_vli_nativeToBytes(public_key, curve->num_bytes, _public);  in uECC_compute_public_key()
937 	curve->num_bytes, curve->num_bytes, _public + curve->num_words);  in uECC_compute_public_key()