@@ -145,9 +145,10 @@ library P256 {
145145 */
146146 function isValidPublicKey (bytes32 x , bytes32 y ) internal pure returns (bool result ) {
147147 assembly ("memory-safe" ) {
148- let lhs := mulmod (y, y, P) // y^2
149- let rhs := addmod (mulmod (addmod (mulmod (x, x, P), A, P), x, P), B, P) // ((x^2 + a) * x) + b = x^3 + ax + b
150- result := and (and (lt (x, P), lt (y, P)), eq (lhs, rhs)) // Should conform with the Weierstrass equation
148+ let p := P
149+ let lhs := mulmod (y, y, p) // y^2
150+ let rhs := addmod (mulmod (addmod (mulmod (x, x, p), A, p), x, p), B, p) // ((x^2 + a) * x) + b = x^3 + ax + b
151+ result := and (and (lt (x, p), lt (y, p)), eq (lhs, rhs)) // Should conform with the Weierstrass equation
151152 }
152153 }
153154
@@ -187,29 +188,30 @@ library P256 {
187188 uint256 z2
188189 ) private pure returns (uint256 rx , uint256 ry , uint256 rz ) {
189190 assembly ("memory-safe" ) {
191+ let p := P
190192 let z1 := mload (add (p1, 0x40 ))
191- let s1 := mulmod (mload (add (p1, 0x20 )), mulmod (mulmod (z2, z2, P ), z2, P ), P ) // s1 = y1*z2³
192- let s2 := mulmod (y2, mulmod (mulmod (z1, z1, P ), z1, P ), P ) // s2 = y2*z1³
193- let r := addmod (s2, sub (P , s1), P ) // r = s2-s1
194- let u1 := mulmod (mload (p1), mulmod (z2, z2, P ), P ) // u1 = x1*z2²
195- let u2 := mulmod (x2, mulmod (z1, z1, P ), P ) // u2 = x2*z1²
196- let h := addmod (u2, sub (P , u1), P ) // h = u2-u1
197- let hh := mulmod (h, h, P ) // h²
193+ let s1 := mulmod (mload (add (p1, 0x20 )), mulmod (mulmod (z2, z2, p ), z2, p ), p ) // s1 = y1*z2³
194+ let s2 := mulmod (y2, mulmod (mulmod (z1, z1, p ), z1, p ), p ) // s2 = y2*z1³
195+ let r := addmod (s2, sub (p , s1), p ) // r = s2-s1
196+ let u1 := mulmod (mload (p1), mulmod (z2, z2, p ), p ) // u1 = x1*z2²
197+ let u2 := mulmod (x2, mulmod (z1, z1, p ), p ) // u2 = x2*z1²
198+ let h := addmod (u2, sub (p , u1), p ) // h = u2-u1
199+ let hh := mulmod (h, h, p ) // h²
198200
199201 // x' = r²-h³-2*u1*h²
200202 rx := addmod (
201- addmod (mulmod (r, r, P ), sub (P , mulmod (h, hh, P )), P ),
202- sub (P , mulmod (2 , mulmod (u1, hh, P ), P )),
203- P
203+ addmod (mulmod (r, r, p ), sub (p , mulmod (h, hh, p )), p ),
204+ sub (p , mulmod (2 , mulmod (u1, hh, p ), p )),
205+ p
204206 )
205207 // y' = r*(u1*h²-x')-s1*h³
206208 ry := addmod (
207- mulmod (r, addmod (mulmod (u1, hh, P ), sub (P , rx), P ), P ),
208- sub (P , mulmod (s1, mulmod (h, hh, P ), P )),
209- P
209+ mulmod (r, addmod (mulmod (u1, hh, p ), sub (p , rx), p ), p ),
210+ sub (p , mulmod (s1, mulmod (h, hh, p ), p )),
211+ p
210212 )
211213 // z' = h*z1*z2
212- rz := mulmod (h, mulmod (z1, z2, P ), P )
214+ rz := mulmod (h, mulmod (z1, z2, p ), p )
213215 }
214216 }
215217
@@ -219,18 +221,19 @@ library P256 {
219221 */
220222 function _jDouble (uint256 x , uint256 y , uint256 z ) private pure returns (uint256 rx , uint256 ry , uint256 rz ) {
221223 assembly ("memory-safe" ) {
222- let yy := mulmod (y, y, P)
223- let zz := mulmod (z, z, P)
224- let s := mulmod (4 , mulmod (x, yy, P), P) // s = 4*x*y²
225- let m := addmod (mulmod (3 , mulmod (x, x, P), P), mulmod (A, mulmod (zz, zz, P), P), P) // m = 3*x²+a*z⁴
226- let t := addmod (mulmod (m, m, P), sub (P, mulmod (2 , s, P)), P) // t = m²-2*s
224+ let p := P
225+ let yy := mulmod (y, y, p)
226+ let zz := mulmod (z, z, p)
227+ let s := mulmod (4 , mulmod (x, yy, p), p) // s = 4*x*y²
228+ let m := addmod (mulmod (3 , mulmod (x, x, p), p), mulmod (A, mulmod (zz, zz, p), p), p) // m = 3*x²+a*z⁴
229+ let t := addmod (mulmod (m, m, p), sub (p, mulmod (2 , s, p)), p) // t = m²-2*s
227230
228231 // x' = t
229232 rx := t
230233 // y' = m*(s-t)-8*y⁴
231- ry := addmod (mulmod (m, addmod (s, sub (P , t), P ), P ), sub (P , mulmod (8 , mulmod (yy, yy, P ), P )), P )
234+ ry := addmod (mulmod (m, addmod (s, sub (p , t), p ), p ), sub (p , mulmod (8 , mulmod (yy, yy, p ), p )), p )
232235 // z' = 2*y*z
233- rz := mulmod (2 , mulmod (y, z, P ), P )
236+ rz := mulmod (2 , mulmod (y, z, p ), p )
234237 }
235238 }
236239
0 commit comments