|
|
@ -6,8 +6,6 @@ var ecparams = sec("secp256k1") |
|
|
var BigInteger = require('bigi') |
|
|
var BigInteger = require('bigi') |
|
|
var ECPointFp = require('./ec').ECPointFp |
|
|
var ECPointFp = require('./ec').ECPointFp |
|
|
|
|
|
|
|
|
var P_OVER_FOUR = null |
|
|
|
|
|
|
|
|
|
|
|
function implShamirsTrick(P, k, Q, l) { |
|
|
function implShamirsTrick(P, k, Q, l) { |
|
|
var m = Math.max(k.bitLength(), l.bitLength()) |
|
|
var m = Math.max(k.bitLength(), l.bitLength()) |
|
|
var Z = P.add2D(Q) |
|
|
var Z = P.add2D(Q) |
|
|
@ -257,9 +255,9 @@ var ecdsa = { |
|
|
var a = curve.getA().toBigInteger() |
|
|
var a = curve.getA().toBigInteger() |
|
|
var b = curve.getB().toBigInteger() |
|
|
var b = curve.getB().toBigInteger() |
|
|
|
|
|
|
|
|
// We precalculate (p + 1) / 4 where p is if the field order
|
|
|
// We precalculate (p + 1) / 4 where p is the field order
|
|
|
if (!P_OVER_FOUR) { |
|
|
if (!curve.P_OVER_FOUR) { |
|
|
P_OVER_FOUR = p.add(BigInteger.ONE).divide(BigInteger.valueOf(4)) |
|
|
curve.P_OVER_FOUR = p.add(BigInteger.ONE).shiftRight(2) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// 1.1 Compute x
|
|
|
// 1.1 Compute x
|
|
|
@ -267,7 +265,7 @@ var ecdsa = { |
|
|
|
|
|
|
|
|
// 1.3 Convert x to point
|
|
|
// 1.3 Convert x to point
|
|
|
var alpha = x.multiply(x).multiply(x).add(a.multiply(x)).add(b).mod(p) |
|
|
var alpha = x.multiply(x).multiply(x).add(a.multiply(x)).add(b).mod(p) |
|
|
var beta = alpha.modPow(P_OVER_FOUR, p) |
|
|
var beta = alpha.modPow(curve.P_OVER_FOUR, p) |
|
|
|
|
|
|
|
|
// If beta is even, but y isn't, or vice versa, then convert it,
|
|
|
// If beta is even, but y isn't, or vice versa, then convert it,
|
|
|
// otherwise we're done and y == beta.
|
|
|
// otherwise we're done and y == beta.
|
|
|
|
Daniel Cousens
11 years ago