-
Notifications
You must be signed in to change notification settings - Fork 21
/
edwards.go
89 lines (75 loc) · 1.67 KB
/
edwards.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package gost
import (
"math/big"
)
func (c *Curve) IsEdwards() bool {
return c.E != nil
}
func (c *Curve) EdwardsST() (*big.Int, *big.Int) {
if c.edS != nil {
return c.edS, c.edT
}
c.edS = big.NewInt(0)
c.edS.Set(c.E)
c.edS.Sub(c.edS, c.D)
c.pos(c.edS)
var t big.Int
t.SetUint64(4)
t.ModInverse(&t, c.P)
c.edS.Mul(c.edS, &t)
c.edS.Mod(c.edS, c.P)
c.edT = big.NewInt(0)
c.edT.Set(c.E)
c.edT.Add(c.edT, c.D)
t.SetUint64(6)
t.ModInverse(&t, c.P)
c.edT.Mul(c.edT, &t)
c.edT.Mod(c.edT, c.P)
return c.edS, c.edT
}
// Convert Weierstrass X,Y coordinates to twisted Edwards U,V
func XY2UV(c *Curve, x, y *big.Int) (*big.Int, *big.Int) {
if !c.IsEdwards() {
panic("non twisted Edwards curve")
}
edS, edT := c.EdwardsST()
var t big.Int
t.Sub(x, edT)
c.pos(&t)
u := big.NewInt(0)
u.ModInverse(y, c.P)
u.Mul(u, &t)
u.Mod(u, c.P)
v := big.NewInt(0).Set(&t)
v.Sub(v, edS)
c.pos(v)
t.Add(&t, edS)
t.ModInverse(&t, c.P)
v.Mul(v, &t)
v.Mod(v, c.P)
return u, v
}
// Convert twisted Edwards U,V coordinates to Weierstrass X,Y
func UV2XY(c *Curve, u, v *big.Int) (*big.Int, *big.Int) {
if !c.IsEdwards() {
panic("non twisted Edwards curve")
}
edS, edT := c.EdwardsST()
var tx, ty big.Int
tx.Add(bigInt1, v)
tx.Mul(&tx, edS)
tx.Mod(&tx, c.P)
ty.Sub(bigInt1, v)
c.pos(&ty)
x := big.NewInt(0)
x.ModInverse(&ty, c.P)
x.Mul(x, &tx)
x.Add(x, edT)
x.Mod(x, c.P)
y := big.NewInt(0)
y.Mul(u, &ty)
y.ModInverse(y, c.P)
y.Mul(y, &tx)
y.Mod(y, c.P)
return x, y
}