CoCalc -- Ed448Operations.java

GitHub Repository: PojavLauncherTeam/mobile
Path: blob/master/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/Ed448Operations.java
⁴¹¹⁶² views
1
/*
2
 * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25
package sun.security.ec.ed;
26

27
import sun.security.ec.point.*;
28
import sun.security.util.math.*;
29

30
import java.math.BigInteger;
31
import java.util.function.Function;
32

33
// Arithmetic works for a=1 and non-square d
34
/*
35
 * Elliptic curve point arithmetic, decoding, and other operations for the
36
 * family of curves including edwards448 and its related group. Though the
37
 * operations in this class are optimized for edwards448, they are correct
38
 * for any untwisted Edwards curve x^2 + y^2 = 1 + dx^2y^2 (mod p) where
39
 * d is not square (mod p).
40
 */
41
public class Ed448Operations extends EdECOperations {
42

43
    private final SmallValue two;
44
    private final ImmutableIntegerModuloP d;
45
    private final ProjectivePoint.Immutable basePoint;
46

47
    private static final BigInteger TWO = BigInteger.valueOf(2);
48
    private static final BigInteger THREE = BigInteger.valueOf(3);
49
    private static final BigInteger FIVE = BigInteger.valueOf(5);
50
    private final BigInteger sizeMinus3;
51

52
    public Ed448Operations(ImmutableIntegerModuloP d, BigInteger baseX,
53
                           BigInteger baseY) {
54

55
        this.two = d.getField().getSmallValue(2);
56
        this.d = d;
57
        this.basePoint = of(new AffinePoint(
58
            d.getField().getElement(baseX),
59
            d.getField().getElement(baseY)
60
        ));
61

62
        this.sizeMinus3 = d.getField().getSize().subtract(THREE);
63
    }
64

65
    @Override
66
    public Point basePointMultiply(byte[] scalar) {
67
        return setProduct(basePoint.mutable(), scalar);
68
    }
69

70
    @Override
71
    protected ProjectivePoint.Immutable getNeutral() {
72
        IntegerFieldModuloP field = d.getField();
73
        return new ProjectivePoint.Immutable(field.get0(), field.get1(),
74
            field.get1());
75
    }
76

77
    @Override
78
    protected MutablePoint setSum(MutablePoint p1, MutablePoint p2,
79
                                  MutableIntegerModuloP t1,
80
                                  MutableIntegerModuloP t2,
81
                                  MutableIntegerModuloP t3) {
82

83
        ProjectivePoint.Mutable ehp1 = (ProjectivePoint.Mutable) p1;
84
        ProjectivePoint.Mutable ehp2 = (ProjectivePoint.Mutable) p2;
85
        return setSum(ehp1, ehp2, t1, t2, t3);
86
    }
87

88
    @Override
89
    protected MutablePoint setDouble(MutablePoint p, MutableIntegerModuloP t1,
90
                                     MutableIntegerModuloP t2) {
91

92
        ProjectivePoint.Mutable ehp = (ProjectivePoint.Mutable) p;
93
        return setDouble(ehp, t1, t2);
94
    }
95

96
    @Override
97
    public ProjectivePoint.Immutable of(AffinePoint p) {
98
        return new ProjectivePoint.Immutable(p.getX(), p.getY(),
99
            p.getX().getField().get1());
100
    }
101

102
    @Override
103
    public <T extends Throwable>
104
    AffinePoint decodeAffinePoint(Function<String, T> exception, int xLSB,
105
                                  IntegerModuloP y) throws T {
106

107
        ImmutableIntegerModuloP y2 = y.square();
108
        ImmutableIntegerModuloP u = y2.subtract(d.getField().get1());
109
        MutableIntegerModuloP v = d.mutable().setProduct(y2)
110
            .setDifference(d.getField().get1());
111

112
        IntegerModuloP u5v3pow = u.pow(FIVE).multiply(v.pow(THREE))
113
            .pow(sizeMinus3.shiftRight(2));
114

115
        MutableIntegerModuloP x = v.mutable().setProduct(u.pow(THREE))
116
            .setProduct(u5v3pow);
117

118
        v.setProduct(x).setProduct(x);
119
        // v now holds vx^2
120
        if (v.asBigInteger().equals(u.asBigInteger())) {
121
            // x is correct
122
        } else {
123
            throw exception.apply("Invalid point");
124
        }
125

126
        if (x.asBigInteger().equals(BigInteger.ZERO) && xLSB == 1) {
127
            throw exception.apply("Invalid point");
128
        }
129

130
        if (xLSB != x.asBigInteger().mod(TWO).intValue()) {
131
            x.setAdditiveInverse();
132
        }
133

134
        return new AffinePoint(x.fixed(), y.fixed());
135
    }
136

137
    ProjectivePoint.Mutable setSum(
138
            ProjectivePoint.Mutable p1,
139
            ProjectivePoint.Mutable p2,
140
            MutableIntegerModuloP t1,
141
            MutableIntegerModuloP t2,
142
            MutableIntegerModuloP t3) {
143

144
        t1.setValue(p1.getX()).setProduct(p2.getX());
145
        // t1 holds C
146
        t2.setValue(p2.getX()).setSum(p2.getY());
147
        p1.getX().setSum(p1.getY()).setProduct(t2);
148
        // x holds H
149
        p1.getZ().setProduct(p2.getZ());
150
        // z holds A
151
        p1.getY().setProduct(p2.getY());
152
        // y holds D
153

154
        t3.setValue(d).setProduct(t1).setProduct(p1.getY());
155
        // t3 holds E
156
        // do part of the final calculation of x and y to free up t1
157
        p1.getX().setDifference(t1).setReduced().setDifference(p1.getY());
158
        p1.getY().setDifference(t1);
159
        t1.setValue(p1.getZ()).setSquare();
160
        // t2 holds B
161

162
        t2.setValue(t1).setDifference(t3);
163
        // t2 holds F
164
        t1.setSum(t3);
165
        // t1 holds G
166

167
        p1.getX().setProduct(t2).setProduct(p1.getZ());
168
        p1.getY().setProduct(t1).setProduct(p1.getZ());
169
        p1.getZ().setValue(t2.multiply(t1));
170

171
        return p1;
172

173
    }
174

175
    protected ProjectivePoint.Mutable setDouble(ProjectivePoint.Mutable p,
176
                                                MutableIntegerModuloP t1,
177
                                                MutableIntegerModuloP t2) {
178

179
        t2.setValue(p.getX()).setSquare();
180
        // t2 holds C
181
        p.getX().setSum(p.getY()).setSquare();
182
        // x holds B
183
        p.getY().setSquare();
184
        // y holds D
185
        p.getZ().setSquare();
186
        // z holds H
187

188
        t1.setValue(t2).setSum(p.getY()).setReduced();
189
        // t1 holds E
190
        t2.setDifference(p.getY());
191
        p.getY().setValue(t1).setProduct(t2);
192

193
        p.getZ().setProduct(two);
194
        p.getZ().setAdditiveInverse().setSum(t1);
195
        // z holds J
196
        p.getX().setDifference(t1).setProduct(p.getZ());
197
        p.getZ().setProduct(t1);
198

199
        return p;
200
    }
201
}
202

203
Product

Resources

Company
