MCPcopy
hub / github.com/tjfoc/gmsm / sm2P256PointSub

Function sm2P256PointSub

sm2/p256.go:501–560  ·  view source on GitHub ↗

(x3, y3, z3) = (x1, y1, z1)- (x2, y2, z2)

(x1, y1, z1, x2, y2, z2, x3, y3, z3 *sm2P256FieldElement)

Source from the content-addressed store, hash-verified

499
500// (x3, y3, z3) = (x1, y1, z1)- (x2, y2, z2)
501func sm2P256PointSub(x1, y1, z1, x2, y2, z2, x3, y3, z3 *sm2P256FieldElement) {
502 var u1, u2, z22, z12, z23, z13, s1, s2, h, h2, r, r2, tm sm2P256FieldElement
503 y:=sm2P256ToBig(y2)
504 zero:=new(big.Int).SetInt64(0)
505 y.Sub(zero,y)
506 sm2P256FromBig(y2,y)
507
508 if sm2P256ToBig(z1).Sign() == 0 {
509 sm2P256Dup(x3, x2)
510 sm2P256Dup(y3, y2)
511 sm2P256Dup(z3, z2)
512 return
513 }
514
515 if sm2P256ToBig(z2).Sign() == 0 {
516 sm2P256Dup(x3, x1)
517 sm2P256Dup(y3, y1)
518 sm2P256Dup(z3, z1)
519 return
520 }
521
522 sm2P256Square(&z12, z1) // z12 = z1 ^ 2
523 sm2P256Square(&z22, z2) // z22 = z2 ^ 2
524
525 sm2P256Mul(&z13, &z12, z1) // z13 = z1 ^ 3
526 sm2P256Mul(&z23, &z22, z2) // z23 = z2 ^ 3
527
528 sm2P256Mul(&u1, x1, &z22) // u1 = x1 * z2 ^ 2
529 sm2P256Mul(&u2, x2, &z12) // u2 = x2 * z1 ^ 2
530
531 sm2P256Mul(&s1, y1, &z23) // s1 = y1 * z2 ^ 3
532 sm2P256Mul(&s2, y2, &z13) // s2 = y2 * z1 ^ 3
533
534 if sm2P256ToBig(&u1).Cmp(sm2P256ToBig(&u2)) == 0 &&
535 sm2P256ToBig(&s1).Cmp(sm2P256ToBig(&s2)) == 0 {
536 sm2P256PointDouble(x1, y1, z1, x1, y1, z1)
537 }
538
539 sm2P256Sub(&h, &u2, &u1) // h = u2 - u1
540 sm2P256Sub(&r, &s2, &s1) // r = s2 - s1
541
542 sm2P256Square(&r2, &r) // r2 = r ^ 2
543 sm2P256Square(&h2, &h) // h2 = h ^ 2
544
545 sm2P256Mul(&tm, &h2, &h) // tm = h ^ 3
546 sm2P256Sub(x3, &r2, &tm)
547 sm2P256Mul(&tm, &u1, &h2)
548 sm2P256Scalar(&tm, 2) // tm = 2 * (u1 * h ^ 2)
549 sm2P256Sub(x3, x3, &tm) // x3 = r ^ 2 - h ^ 3 - 2 * u1 * h ^ 2
550
551 sm2P256Mul(&tm, &u1, &h2) // tm = u1 * h ^ 2
552 sm2P256Sub(&tm, &tm, x3) // tm = u1 * h ^ 2 - x3
553 sm2P256Mul(y3, &r, &tm)
554 sm2P256Mul(&tm, &h2, &h) // tm = h ^ 3
555 sm2P256Mul(&tm, &tm, &s1) // tm = s1 * h ^ 3
556 sm2P256Sub(y3, y3, &tm) // y3 = r * (u1 * h ^ 2 - x3) - s1 * h ^ 3
557
558 sm2P256Mul(z3, z1, z2)

Callers 1

sm2P256ScalarMultFunction · 0.85

Calls 9

sm2P256ToBigFunction · 0.85
sm2P256FromBigFunction · 0.85
sm2P256DupFunction · 0.85
sm2P256SquareFunction · 0.85
sm2P256MulFunction · 0.85
sm2P256PointDoubleFunction · 0.85
sm2P256SubFunction · 0.85
sm2P256ScalarFunction · 0.85
SignMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…