Move EC_GFp_simple_method() to the bottom of the file.

Most of the implemeentation functions for EC_GFp_simple_method() are reused by other code, hence they cannot be made static. However, this keeps the pattern consistent. ok tb@
author: jsing <> 2023-03-07 05:54:40 +0000
committer: jsing <> 2023-03-07 05:54:40 +0000
commit: 7633d4ba32d9a14f42b878e9febb3381cc589594 (patch)
tree: 07d53a2b726919335b3c36251e87d4935cb61573 /src
parent: 4ed2def591bd0905eecf5872bceda17c300d15b9 (diff)
download: openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.tar.gz
openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.tar.bz2
openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.zip
1 files changed, 51 insertions, 75 deletions
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index dc3b3926d1..8f53b150b8 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_smpl.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ecp_smpl.c,v 1.39 2023/03/07 05:54:40 jsing Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * for the OpenSSL project.
 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,69 +67,20 @@
 #include "bn_local.h"
 #include "ec_local.h"
-const EC_METHOD *
+/*
-EC_GFp_simple_method(void)
+ * Most method functions in this file are designed to work with
-{
-        static const EC_METHOD ret = {
-                .flags = EC_FLAGS_DEFAULT_OCT,
-                .field_type = NID_X9_62_prime_field,
-                .group_init = ec_GFp_simple_group_init,
-                .group_finish = ec_GFp_simple_group_finish,
-                .group_clear_finish = ec_GFp_simple_group_clear_finish,
-                .group_copy = ec_GFp_simple_group_copy,
-                .group_set_curve = ec_GFp_simple_group_set_curve,
-                .group_get_curve = ec_GFp_simple_group_get_curve,
-                .group_get_degree = ec_GFp_simple_group_get_degree,
-                .group_order_bits = ec_group_simple_order_bits,
-                .group_check_discriminant =
-                    ec_GFp_simple_group_check_discriminant,
-                .point_init = ec_GFp_simple_point_init,
-                .point_finish = ec_GFp_simple_point_finish,
-                .point_clear_finish = ec_GFp_simple_point_clear_finish,
-                .point_copy = ec_GFp_simple_point_copy,
-                .point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-                .point_set_Jprojective_coordinates =
-                    ec_GFp_simple_set_Jprojective_coordinates,
-                .point_get_Jprojective_coordinates =
-                    ec_GFp_simple_get_Jprojective_coordinates,
-                .point_set_affine_coordinates =
-                    ec_GFp_simple_point_set_affine_coordinates,
-                .point_get_affine_coordinates =
-                    ec_GFp_simple_point_get_affine_coordinates,
-                .add = ec_GFp_simple_add,
-                .dbl = ec_GFp_simple_dbl,
-                .invert = ec_GFp_simple_invert,
-                .is_at_infinity = ec_GFp_simple_is_at_infinity,
-                .is_on_curve = ec_GFp_simple_is_on_curve,
-                .point_cmp = ec_GFp_simple_cmp,
-                .make_affine = ec_GFp_simple_make_affine,
-                .points_make_affine = ec_GFp_simple_points_make_affine,
-                .mul_generator_ct = ec_GFp_simple_mul_generator_ct,
-                .mul_single_ct = ec_GFp_simple_mul_single_ct,
-                .mul_double_nonct = ec_GFp_simple_mul_double_nonct,
-                .field_mul = ec_GFp_simple_field_mul,
-                .field_sqr = ec_GFp_simple_field_sqr,
-                .blind_coordinates = ec_GFp_simple_blind_coordinates,
-        };
-        return &ret;
-}
-/* Most method functions in this file are designed to work with
 * non-trivial representations of field elements if necessary
 * (see ecp_mont.c): while standard modular addition and subtraction
 * are used, the field_mul and field_sqr methods will be used for
 * multiplication, and field_encode and field_decode (if defined)
 * will be used for converting between representations.
+ *
 * Functions ec_GFp_simple_points_make_affine() and
 * ec_GFp_simple_point_get_affine_coordinates() specifically assume
 * that if a non-trivial representation is used, it is a Montgomery
 * representation (i.e. 'encoding' means multiplying by some factor R).
 */
 int
 ec_GFp_simple_group_init(EC_GROUP *group)
 {
@@ -140,7 +91,6 @@ ec_GFp_simple_group_init(EC_GROUP *group)
        return 1;
 }
 void
 ec_GFp_simple_group_finish(EC_GROUP *group)
 {
@@ -149,7 +99,6 @@ ec_GFp_simple_group_finish(EC_GROUP *group)
        BN_free(&group->b);
 }
 void
 ec_GFp_simple_group_clear_finish(EC_GROUP *group)
 {
@@ -158,7 +107,6 @@ ec_GFp_simple_group_clear_finish(EC_GROUP *group)
        BN_clear_free(&group->b);
 }
 int
 ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
 {
@@ -174,7 +122,6 @@ ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
        return 1;
 }
 int
 ec_GFp_simple_group_set_curve(EC_GROUP *group,
    const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
@@ -231,7 +178,6 @@ ec_GFp_simple_group_set_curve(EC_GROUP *group,
        return ret;
 }
 int
 ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
 {
@@ -275,14 +221,12 @@ ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNU
        return ret;
 }
 int
 ec_GFp_simple_group_get_degree(const EC_GROUP *group)
 {
        return BN_num_bits(&group->field);
 }
 int
 ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 {
@@ -358,7 +302,6 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
        return ret;
 }
 int
 ec_GFp_simple_point_init(EC_POINT * point)
 {
@@ -370,7 +313,6 @@ ec_GFp_simple_point_init(EC_POINT * point)
        return 1;
 }
 void
 ec_GFp_simple_point_finish(EC_POINT *point)
 {
@@ -379,7 +321,6 @@ ec_GFp_simple_point_finish(EC_POINT *point)
        BN_free(&point->Z);
 }
 void
 ec_GFp_simple_point_clear_finish(EC_POINT *point)
 {
@@ -389,7 +330,6 @@ ec_GFp_simple_point_clear_finish(EC_POINT *point)
        point->Z_is_one = 0;
 }
 int
 ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
 {
@@ -404,7 +344,6 @@ ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
        return 1;
 }
 int
 ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
 {
@@ -413,7 +352,6 @@ ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
        return 1;
 }
 int
 ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
    EC_POINT *point, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z,
@@ -822,7 +760,6 @@ ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const E
        return ret;
 }
 int
 ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
 {
@@ -964,7 +901,6 @@ ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX
        return ret;
 }
 int
 ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
 {
@@ -975,14 +911,12 @@ ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
        return BN_usub(&point->Y, &group->field, &point->Y);
 }
 int
 ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
 {
        return BN_is_zero(&point->Z);
 }
 int
 ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
 {
@@ -1085,7 +1019,6 @@ ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *
        return ret;
 }
 int
 ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
 {
@@ -1187,7 +1120,6 @@ ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, B
        return ret;
 }
 int
 ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
 {
@@ -1225,7 +1157,6 @@ ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
        return ret;
 }
 int
 ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
 {
@@ -1400,7 +1331,6 @@ ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *po
        return ret;
 }
 int
 ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 {
@@ -1471,7 +1401,6 @@ ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx)
        return ret;
 }
 #define EC_POINT_BN_set_flags(P, flags) do {                            \
        BN_set_flags(&(P)->X, (flags));                                 \
        BN_set_flags(&(P)->Y, (flags));                                 \
@@ -1723,3 +1652,50 @@ ec_GFp_simple_mul_double_nonct(const EC_GROUP *group, EC_POINT *r,
 {
        return ec_wNAF_mul(group, r, g_scalar, 1, &point, &p_scalar, ctx);
 }
+static const EC_METHOD ec_GFp_simple_method = {
+        .flags = EC_FLAGS_DEFAULT_OCT,
+        .field_type = NID_X9_62_prime_field,
+        .group_init = ec_GFp_simple_group_init,
+        .group_finish = ec_GFp_simple_group_finish,
+        .group_clear_finish = ec_GFp_simple_group_clear_finish,
+        .group_copy = ec_GFp_simple_group_copy,
+        .group_set_curve = ec_GFp_simple_group_set_curve,
+        .group_get_curve = ec_GFp_simple_group_get_curve,
+        .group_get_degree = ec_GFp_simple_group_get_degree,
+        .group_order_bits = ec_group_simple_order_bits,
+        .group_check_discriminant = ec_GFp_simple_group_check_discriminant,
+        .point_init = ec_GFp_simple_point_init,
+        .point_finish = ec_GFp_simple_point_finish,
+        .point_clear_finish = ec_GFp_simple_point_clear_finish,
+        .point_copy = ec_GFp_simple_point_copy,
+        .point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
+        .point_set_Jprojective_coordinates =
+            ec_GFp_simple_set_Jprojective_coordinates,
+        .point_get_Jprojective_coordinates =
+            ec_GFp_simple_get_Jprojective_coordinates,
+        .point_set_affine_coordinates =
+            ec_GFp_simple_point_set_affine_coordinates,
+        .point_get_affine_coordinates =
+            ec_GFp_simple_point_get_affine_coordinates,
+        .add = ec_GFp_simple_add,
+        .dbl = ec_GFp_simple_dbl,
+        .invert = ec_GFp_simple_invert,
+        .is_at_infinity = ec_GFp_simple_is_at_infinity,
+        .is_on_curve = ec_GFp_simple_is_on_curve,
+        .point_cmp = ec_GFp_simple_cmp,
+        .make_affine = ec_GFp_simple_make_affine,
+        .points_make_affine = ec_GFp_simple_points_make_affine,
+        .mul_generator_ct = ec_GFp_simple_mul_generator_ct,
+        .mul_single_ct = ec_GFp_simple_mul_single_ct,
+        .mul_double_nonct = ec_GFp_simple_mul_double_nonct,
+        .field_mul = ec_GFp_simple_field_mul,
+        .field_sqr = ec_GFp_simple_field_sqr,
+        .blind_coordinates = ec_GFp_simple_blind_coordinates,
+};
+const EC_METHOD *
+EC_GFp_simple_method(void)
+{
+        return &ec_GFp_simple_method;
+}
author	jsing <>	2023-03-07 05:54:40 +0000
committer	jsing <>	2023-03-07 05:54:40 +0000
commit	7633d4ba32d9a14f42b878e9febb3381cc589594 (patch)
tree	07d53a2b726919335b3c36251e87d4935cb61573 /src
parent	4ed2def591bd0905eecf5872bceda17c300d15b9 (diff)
download	openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.tar.gz openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.tar.bz2 openbsd-7633d4ba32d9a14f42b878e9febb3381cc589594.zip

diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index dc3b3926d1..8f53b150b8 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ecp_smpl.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */	1	/* $OpenBSD: ecp_smpl.c,v 1.39 2023/03/07 05:54:40 jsing Exp $ */
2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>	2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3	* for the OpenSSL project.	3	* for the OpenSSL project.
4	* Includes code written by Bodo Moeller for the OpenSSL project.	4	* Includes code written by Bodo Moeller for the OpenSSL project.
@@ -67,69 +67,20 @@
67	#include "bn_local.h"	67	#include "bn_local.h"
68	#include "ec_local.h"	68	#include "ec_local.h"
69		69
70	const EC_METHOD *	70	/*
71	EC_GFp_simple_method(void)	71	* Most method functions in this file are designed to work with
72	{
73	static const EC_METHOD ret = {
74	.flags = EC_FLAGS_DEFAULT_OCT,
75	.field_type = NID_X9_62_prime_field,
76	.group_init = ec_GFp_simple_group_init,
77	.group_finish = ec_GFp_simple_group_finish,
78	.group_clear_finish = ec_GFp_simple_group_clear_finish,
79	.group_copy = ec_GFp_simple_group_copy,
80	.group_set_curve = ec_GFp_simple_group_set_curve,
81	.group_get_curve = ec_GFp_simple_group_get_curve,
82	.group_get_degree = ec_GFp_simple_group_get_degree,
83	.group_order_bits = ec_group_simple_order_bits,
84	.group_check_discriminant =
85	ec_GFp_simple_group_check_discriminant,
86	.point_init = ec_GFp_simple_point_init,
87	.point_finish = ec_GFp_simple_point_finish,
88	.point_clear_finish = ec_GFp_simple_point_clear_finish,
89	.point_copy = ec_GFp_simple_point_copy,
90	.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
91	.point_set_Jprojective_coordinates =
92	ec_GFp_simple_set_Jprojective_coordinates,
93	.point_get_Jprojective_coordinates =
94	ec_GFp_simple_get_Jprojective_coordinates,
95	.point_set_affine_coordinates =
96	ec_GFp_simple_point_set_affine_coordinates,
97	.point_get_affine_coordinates =
98	ec_GFp_simple_point_get_affine_coordinates,
99	.add = ec_GFp_simple_add,
100	.dbl = ec_GFp_simple_dbl,
101	.invert = ec_GFp_simple_invert,
102	.is_at_infinity = ec_GFp_simple_is_at_infinity,
103	.is_on_curve = ec_GFp_simple_is_on_curve,
104	.point_cmp = ec_GFp_simple_cmp,
105	.make_affine = ec_GFp_simple_make_affine,
106	.points_make_affine = ec_GFp_simple_points_make_affine,
107	.mul_generator_ct = ec_GFp_simple_mul_generator_ct,
108	.mul_single_ct = ec_GFp_simple_mul_single_ct,
109	.mul_double_nonct = ec_GFp_simple_mul_double_nonct,
110	.field_mul = ec_GFp_simple_field_mul,
111	.field_sqr = ec_GFp_simple_field_sqr,
112	.blind_coordinates = ec_GFp_simple_blind_coordinates,
113	};
114
115	return &ret;
116	}
117
118
119	/* Most method functions in this file are designed to work with
120	* non-trivial representations of field elements if necessary	72	* non-trivial representations of field elements if necessary
121	* (see ecp_mont.c): while standard modular addition and subtraction	73	* (see ecp_mont.c): while standard modular addition and subtraction
122	* are used, the field_mul and field_sqr methods will be used for	74	* are used, the field_mul and field_sqr methods will be used for
123	* multiplication, and field_encode and field_decode (if defined)	75	* multiplication, and field_encode and field_decode (if defined)
124	* will be used for converting between representations.	76	* will be used for converting between representations.
125		77	*
126	* Functions ec_GFp_simple_points_make_affine() and	78	* Functions ec_GFp_simple_points_make_affine() and
127	* ec_GFp_simple_point_get_affine_coordinates() specifically assume	79	* ec_GFp_simple_point_get_affine_coordinates() specifically assume
128	* that if a non-trivial representation is used, it is a Montgomery	80	* that if a non-trivial representation is used, it is a Montgomery
129	* representation (i.e. 'encoding' means multiplying by some factor R).	81	* representation (i.e. 'encoding' means multiplying by some factor R).
130	*/	82	*/
131		83
132
133	int	84	int
134	ec_GFp_simple_group_init(EC_GROUP *group)	85	ec_GFp_simple_group_init(EC_GROUP *group)
135	{	86	{
@@ -140,7 +91,6 @@ ec_GFp_simple_group_init(EC_GROUP *group)
140	return 1;	91	return 1;
141	}	92	}
142		93
143
144	void	94	void
145	ec_GFp_simple_group_finish(EC_GROUP *group)	95	ec_GFp_simple_group_finish(EC_GROUP *group)
146	{	96	{
@@ -149,7 +99,6 @@ ec_GFp_simple_group_finish(EC_GROUP *group)
149	BN_free(&group->b);	99	BN_free(&group->b);
150	}	100	}
151		101
152
153	void	102	void
154	ec_GFp_simple_group_clear_finish(EC_GROUP *group)	103	ec_GFp_simple_group_clear_finish(EC_GROUP *group)
155	{	104	{
@@ -158,7 +107,6 @@ ec_GFp_simple_group_clear_finish(EC_GROUP *group)
158	BN_clear_free(&group->b);	107	BN_clear_free(&group->b);
159	}	108	}
160		109
161
162	int	110	int
163	ec_GFp_simple_group_copy(EC_GROUP dest, const EC_GROUP src)	111	ec_GFp_simple_group_copy(EC_GROUP dest, const EC_GROUP src)
164	{	112	{
@@ -174,7 +122,6 @@ ec_GFp_simple_group_copy(EC_GROUP dest, const EC_GROUP src)
174	return 1;	122	return 1;
175	}	123	}
176		124
177
178	int	125	int
179	ec_GFp_simple_group_set_curve(EC_GROUP *group,	126	ec_GFp_simple_group_set_curve(EC_GROUP *group,
180	const BIGNUM p, const BIGNUM a, const BIGNUM b, BN_CTX ctx)	127	const BIGNUM p, const BIGNUM a, const BIGNUM b, BN_CTX ctx)
@@ -231,7 +178,6 @@ ec_GFp_simple_group_set_curve(EC_GROUP *group,
231	return ret;	178	return ret;
232	}	179	}
233		180
234
235	int	181	int
236	ec_GFp_simple_group_get_curve(const EC_GROUP group, BIGNUM p, BIGNUM a, BIGNUM b, BN_CTX *ctx)	182	ec_GFp_simple_group_get_curve(const EC_GROUP group, BIGNUM p, BIGNUM a, BIGNUM b, BN_CTX *ctx)
237	{	183	{
@@ -275,14 +221,12 @@ ec_GFp_simple_group_get_curve(const EC_GROUP group, BIGNUM p, BIGNUM *a, BIGNU
275	return ret;	221	return ret;
276	}	222	}
277		223
278
279	int	224	int
280	ec_GFp_simple_group_get_degree(const EC_GROUP *group)	225	ec_GFp_simple_group_get_degree(const EC_GROUP *group)
281	{	226	{
282	return BN_num_bits(&group->field);	227	return BN_num_bits(&group->field);
283	}	228	}
284		229
285
286	int	230	int
287	ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)	231	ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)
288	{	232	{
@@ -358,7 +302,6 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)
358	return ret;	302	return ret;
359	}	303	}
360		304
361
362	int	305	int
363	ec_GFp_simple_point_init(EC_POINT * point)	306	ec_GFp_simple_point_init(EC_POINT * point)
364	{	307	{
@@ -370,7 +313,6 @@ ec_GFp_simple_point_init(EC_POINT * point)
370	return 1;	313	return 1;
371	}	314	}
372		315
373
374	void	316	void
375	ec_GFp_simple_point_finish(EC_POINT *point)	317	ec_GFp_simple_point_finish(EC_POINT *point)
376	{	318	{
@@ -379,7 +321,6 @@ ec_GFp_simple_point_finish(EC_POINT *point)
379	BN_free(&point->Z);	321	BN_free(&point->Z);
380	}	322	}
381		323
382
383	void	324	void
384	ec_GFp_simple_point_clear_finish(EC_POINT *point)	325	ec_GFp_simple_point_clear_finish(EC_POINT *point)
385	{	326	{
@@ -389,7 +330,6 @@ ec_GFp_simple_point_clear_finish(EC_POINT *point)
389	point->Z_is_one = 0;	330	point->Z_is_one = 0;
390	}	331	}
391		332
392
393	int	333	int
394	ec_GFp_simple_point_copy(EC_POINT dest, const EC_POINT src)	334	ec_GFp_simple_point_copy(EC_POINT dest, const EC_POINT src)
395	{	335	{
@@ -404,7 +344,6 @@ ec_GFp_simple_point_copy(EC_POINT dest, const EC_POINT src)
404	return 1;	344	return 1;
405	}	345	}
406		346
407
408	int	347	int
409	ec_GFp_simple_point_set_to_infinity(const EC_GROUP group, EC_POINT point)	348	ec_GFp_simple_point_set_to_infinity(const EC_GROUP group, EC_POINT point)
410	{	349	{
@@ -413,7 +352,6 @@ ec_GFp_simple_point_set_to_infinity(const EC_GROUP group, EC_POINT point)
413	return 1;	352	return 1;
414	}	353	}
415		354
416
417	int	355	int
418	ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,	356	ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
419	EC_POINT point, const BIGNUM x, const BIGNUM y, const BIGNUM z,	357	EC_POINT point, const BIGNUM x, const BIGNUM y, const BIGNUM z,
@@ -822,7 +760,6 @@ ec_GFp_simple_add(const EC_GROUP group, EC_POINT r, const EC_POINT *a, const E
822	return ret;	760	return ret;
823	}	761	}
824		762
825
826	int	763	int
827	ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT a, BN_CTX ctx)	764	ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT a, BN_CTX ctx)
828	{	765	{
@@ -964,7 +901,6 @@ ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT *a, BN_CTX
964	return ret;	901	return ret;
965	}	902	}
966		903
967
968	int	904	int
969	ec_GFp_simple_invert(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)	905	ec_GFp_simple_invert(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
970	{	906	{
@@ -975,14 +911,12 @@ ec_GFp_simple_invert(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
975	return BN_usub(&point->Y, &group->field, &point->Y);	911	return BN_usub(&point->Y, &group->field, &point->Y);
976	}	912	}
977		913
978
979	int	914	int
980	ec_GFp_simple_is_at_infinity(const EC_GROUP group, const EC_POINT point)	915	ec_GFp_simple_is_at_infinity(const EC_GROUP group, const EC_POINT point)
981	{	916	{
982	return BN_is_zero(&point->Z);	917	return BN_is_zero(&point->Z);
983	}	918	}
984		919
985
986	int	920	int
987	ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *ctx)	921	ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *ctx)
988	{	922	{
@@ -1085,7 +1019,6 @@ ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *
1085	return ret;	1019	return ret;
1086	}	1020	}
1087		1021
1088
1089	int	1022	int
1090	ec_GFp_simple_cmp(const EC_GROUP group, const EC_POINT a, const EC_POINT b, BN_CTX ctx)	1023	ec_GFp_simple_cmp(const EC_GROUP group, const EC_POINT a, const EC_POINT b, BN_CTX ctx)
1091	{	1024	{
@@ -1187,7 +1120,6 @@ ec_GFp_simple_cmp(const EC_GROUP group, const EC_POINT a, const EC_POINT *b, B
1187	return ret;	1120	return ret;
1188	}	1121	}
1189		1122
1190
1191	int	1123	int
1192	ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)	1124	ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
1193	{	1125	{
@@ -1225,7 +1157,6 @@ ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
1225	return ret;	1157	return ret;
1226	}	1158	}
1227		1159
1228
1229	int	1160	int
1230	ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT points[], BN_CTX *ctx)	1161	ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT points[], BN_CTX *ctx)
1231	{	1162	{
@@ -1400,7 +1331,6 @@ ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT po
1400	return ret;	1331	return ret;
1401	}	1332	}
1402		1333
1403
1404	int	1334	int
1405	ec_GFp_simple_field_mul(const EC_GROUP group, BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX *ctx)	1335	ec_GFp_simple_field_mul(const EC_GROUP group, BIGNUM r, const BIGNUM a, const BIGNUM b, BN_CTX *ctx)
1406	{	1336	{
@@ -1471,7 +1401,6 @@ ec_GFp_simple_blind_coordinates(const EC_GROUP group, EC_POINT p, BN_CTX *ctx)
1471	return ret;	1401	return ret;
1472	}	1402	}
1473		1403
1474
1475	#define EC_POINT_BN_set_flags(P, flags) do { \	1404	#define EC_POINT_BN_set_flags(P, flags) do { \
1476	BN_set_flags(&(P)->X, (flags)); \	1405	BN_set_flags(&(P)->X, (flags)); \
1477	BN_set_flags(&(P)->Y, (flags)); \	1406	BN_set_flags(&(P)->Y, (flags)); \
@@ -1723,3 +1652,50 @@ ec_GFp_simple_mul_double_nonct(const EC_GROUP group, EC_POINT r,
1723	{	1652	{
1724	return ec_wNAF_mul(group, r, g_scalar, 1, &point, &p_scalar, ctx);	1653	return ec_wNAF_mul(group, r, g_scalar, 1, &point, &p_scalar, ctx);
1725	}	1654	}
		1655
		1656	static const EC_METHOD ec_GFp_simple_method = {
		1657	.flags = EC_FLAGS_DEFAULT_OCT,
		1658	.field_type = NID_X9_62_prime_field,
		1659	.group_init = ec_GFp_simple_group_init,
		1660	.group_finish = ec_GFp_simple_group_finish,
		1661	.group_clear_finish = ec_GFp_simple_group_clear_finish,
		1662	.group_copy = ec_GFp_simple_group_copy,
		1663	.group_set_curve = ec_GFp_simple_group_set_curve,
		1664	.group_get_curve = ec_GFp_simple_group_get_curve,
		1665	.group_get_degree = ec_GFp_simple_group_get_degree,
		1666	.group_order_bits = ec_group_simple_order_bits,
		1667	.group_check_discriminant = ec_GFp_simple_group_check_discriminant,
		1668	.point_init = ec_GFp_simple_point_init,
		1669	.point_finish = ec_GFp_simple_point_finish,
		1670	.point_clear_finish = ec_GFp_simple_point_clear_finish,
		1671	.point_copy = ec_GFp_simple_point_copy,
		1672	.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
		1673	.point_set_Jprojective_coordinates =
		1674	ec_GFp_simple_set_Jprojective_coordinates,
		1675	.point_get_Jprojective_coordinates =
		1676	ec_GFp_simple_get_Jprojective_coordinates,
		1677	.point_set_affine_coordinates =
		1678	ec_GFp_simple_point_set_affine_coordinates,
		1679	.point_get_affine_coordinates =
		1680	ec_GFp_simple_point_get_affine_coordinates,
		1681	.add = ec_GFp_simple_add,
		1682	.dbl = ec_GFp_simple_dbl,
		1683	.invert = ec_GFp_simple_invert,
		1684	.is_at_infinity = ec_GFp_simple_is_at_infinity,
		1685	.is_on_curve = ec_GFp_simple_is_on_curve,
		1686	.point_cmp = ec_GFp_simple_cmp,
		1687	.make_affine = ec_GFp_simple_make_affine,
		1688	.points_make_affine = ec_GFp_simple_points_make_affine,
		1689	.mul_generator_ct = ec_GFp_simple_mul_generator_ct,
		1690	.mul_single_ct = ec_GFp_simple_mul_single_ct,
		1691	.mul_double_nonct = ec_GFp_simple_mul_double_nonct,
		1692	.field_mul = ec_GFp_simple_field_mul,
		1693	.field_sqr = ec_GFp_simple_field_sqr,
		1694	.blind_coordinates = ec_GFp_simple_blind_coordinates,
		1695	};
		1696
		1697	const EC_METHOD *
		1698	EC_GFp_simple_method(void)
		1699	{
		1700	return &ec_GFp_simple_method;
		1701	}