37.3.7.8 Point is on Elliptic Curve
Purpose
This service is used to test whether the point is on the curve.
How to Use the Service
Description
The operation performed is:
Status = IsPointOnCurve(X, Y, Z);
In this computation, the following parameters need to be provided:
- The input points filled in projective coordinates (X, Y, Z) (pointed by {nu1PointBase, 3*U2ModLength + 4}). This point can be point at infinity.
- AParam and BParam are the Elliptic Curve Equation parameters (pointed by {nu1AParam, u2ModLength+ 4} and {nu1BParam, u2ModLength + 4}).
- Cns the Fast Modular Constant filled (pointed by {nu1CnsBase, u2ModLength + 8})
- P the modulus filled (pointed by {nu1ModBase, u2ModLength + 8})
- The workspace not initialized (pointed by {nu1WorkSpace, 4*u2ModLength + 28})
The service name for this operation is
GF2NEcPointIsOnCurve.
Important: Before using this
service, the constant Cns must have been calculated with the
Fast Modular Reduction service.
Parameters Definition
| Parameter | Type | Dir. | Location | Data Length | Before Executing the Service | After Executing the Service |
|---|---|---|---|---|---|---|
| nu1ModBase | nu1 | I | Crypto RAM | u2ModLength + 4 | Base of modulus P | Base of modulus P |
| nu1CnsBase | nu1 | I | Crypto RAM | u2ModLength + 8 | Base of Cns | Base of Cns |
| u2ModLength | u2 | I | – | – | Length of modulus P | Length of modulus P |
| nu1PointBase | nu1 | I | Crypto RAM | 3*u2ModLength + 12 | Input point | Unchanged |
| nu1AParam | nu1 | I | Crypto RAM | u2ModLength + 4 | The parameter a | Unchanged |
| nu1BParam | nu1 | I | Crypto RAM | u2ModLength + 4 | The parameter b | Unchanged |
| nu1Workspace | nu1 | I | Crypto RAM | 4*u2ModLength + 28 | N/A | Workspace |
Code Example
PUKCL_PARAM PUKCLParam;
PPUKCL_PARAM pvPUKCLParam = &PUKCLParam;
// ! The Random Number Generator must be initialized and started
// ! following the directives given for the RNG on the chip
PUKCL (u2Option) = 0;
// Depending on the option specified, not all fields must be filled
PUKCL _GF2NEcPointIsOnCurve(nu1ModBase) = <Base of the ram location of P>;
PUKCL _GF2NEcPointIsOnCurve(u2ModLength) = <Byte length of P>;
PUKCL _GF2NEcPointIsOnCurve(nu1CnsBase) = <Base of the ram location of Cns>;
PUKCL _GF2NEcPointIsOnCurve(nu1PointABase) = <Base of the A point>;
PUKCL _GF2NEcPointIsOnCurve(nu1AParam) = <Base of the ram location of the parameter a>;
PUKCL _GF2NEcPointIsOnCurve(nu1BParam) = <Base of the ram location of the parameter b>;
PUKCL _GF2NEcPointIsOnCurve(nu1PointBase) = <Base of the ram location of the point>;
PUKCL _GF2NEcPointIsOnCurve(nu1Workspace) = <Base of the ram location of the workspace>;
...
// vPUKCL_Process() is a macro command, which populates the service name
// and then calls the library...
vPUKC L_Process(GF2NEcPointIsOnCurve,
pvPUKCLParam);
if (PUKCL (u2Status) == PUKCL_OK)
{
...
}
else // Manage the error
Constraints
No overlapping between either input and output are allowed. The following conditions must be avoided to ensure that the service works correctly:
- nu1ModBase, nu1CnsBase, nu1PointABase, nu1AParam, nu1BParam and nu1Workspace are not aligned on 32-bit boundaries
- {nu1ModBase, u2ModLength + 4}, {nu1CnsBase, u2ModLength + 8}, {nu1PointABase, 3*u2ModLength + 12}, {nu1AParam, u2ModLength + 4}, {nu1BParam, u2ModLength + 4}, {nu1Workspace, 4*u2ModLength + 28} are not in Crypto RAM
- u2ModLength is either: < 12, > 0xffc or not a 32-bit length
- All overlapping between {nu1ModBase, u2ModLength + 4}, {nu1CnsBase, u2ModLength + 8}, {nu1PointABase, 3*u2ModLength + 12}, {nu1AParam, u2ModLength + 4}, {nu1BParam, u2ModLength + 4} and {nu1Workspace, 4*u2ModLength + 28}
Status Returned Values
| Returned Status | Importance | Meaning |
|---|---|---|
| PUKCL_OK | – | The point is on the curve. |
| PUKCL_POINT_IS_NOT_ON_CURVE | Warning | The point is not on the curve. |
| PUKCL_POINT_AT_INFINITY | Warning | The input point has its Z equal to zero, so it’s a representation of the infinite point. |