@@ -145,10 +145,9 @@ library P256 {
145145 */
146146 function isValidPublicKey (bytes32 x , bytes32 y ) internal pure returns (bool result ) {
147147 assembly ("memory-safe" ) {
148- let p := P
149- let lhs := mulmod (y, y, p) // y^2
150- let rhs := addmod (mulmod (addmod (mulmod (x, x, p), A, p), x, p), B, p) // ((x^2 + a) * x) + b = x^3 + ax + b
151- result := and (and (lt (x, p), lt (y, p)), eq (lhs, rhs)) // Should conform with the Weierstrass equation
148+ let lhs := mulmod (y, y, P) // y^2
149+ let rhs := addmod (mulmod (addmod (mulmod (x, x, P), A, P), x, P), B, P) // ((x^2 + a) * x) + b = x^3 + ax + b
150+ result := and (and (lt (x, P), lt (y, P)), eq (lhs, rhs)) // Should conform with the Weierstrass equation
152151 }
153152 }
154153
@@ -188,30 +187,29 @@ library P256 {
188187 uint256 z2
189188 ) private pure returns (uint256 rx , uint256 ry , uint256 rz ) {
190189 assembly ("memory-safe" ) {
191- let p := P
192190 let z1 := mload (add (p1, 0x40 ))
193- let s1 := mulmod (mload (add (p1, 0x20 )), mulmod (mulmod (z2, z2, p ), z2, p ), p ) // s1 = y1*z2³
194- let s2 := mulmod (y2, mulmod (mulmod (z1, z1, p ), z1, p ), p ) // s2 = y2*z1³
195- let r := addmod (s2, sub (p , s1), p ) // r = s2-s1
196- let u1 := mulmod (mload (p1), mulmod (z2, z2, p ), p ) // u1 = x1*z2²
197- let u2 := mulmod (x2, mulmod (z1, z1, p ), p ) // u2 = x2*z1²
198- let h := addmod (u2, sub (p , u1), p ) // h = u2-u1
199- let hh := mulmod (h, h, p ) // h²
191+ let s1 := mulmod (mload (add (p1, 0x20 )), mulmod (mulmod (z2, z2, P ), z2, P ), P ) // s1 = y1*z2³
192+ let s2 := mulmod (y2, mulmod (mulmod (z1, z1, P ), z1, P ), P ) // s2 = y2*z1³
193+ let r := addmod (s2, sub (P , s1), P ) // r = s2-s1
194+ let u1 := mulmod (mload (p1), mulmod (z2, z2, P ), P ) // u1 = x1*z2²
195+ let u2 := mulmod (x2, mulmod (z1, z1, P ), P ) // u2 = x2*z1²
196+ let h := addmod (u2, sub (P , u1), P ) // h = u2-u1
197+ let hh := mulmod (h, h, P ) // h²
200198
201199 // x' = r²-h³-2*u1*h²
202200 rx := addmod (
203- addmod (mulmod (r, r, p ), sub (p , mulmod (h, hh, p )), p ),
204- sub (p , mulmod (2 , mulmod (u1, hh, p ), p )),
205- p
201+ addmod (mulmod (r, r, P ), sub (P , mulmod (h, hh, P )), P ),
202+ sub (P , mulmod (2 , mulmod (u1, hh, P ), P )),
203+ P
206204 )
207205 // y' = r*(u1*h²-x')-s1*h³
208206 ry := addmod (
209- mulmod (r, addmod (mulmod (u1, hh, p ), sub (p , rx), p ), p ),
210- sub (p , mulmod (s1, mulmod (h, hh, p ), p )),
211- p
207+ mulmod (r, addmod (mulmod (u1, hh, P ), sub (P , rx), P ), P ),
208+ sub (P , mulmod (s1, mulmod (h, hh, P ), P )),
209+ P
212210 )
213211 // z' = h*z1*z2
214- rz := mulmod (h, mulmod (z1, z2, p ), p )
212+ rz := mulmod (h, mulmod (z1, z2, P ), P )
215213 }
216214 }
217215
@@ -221,19 +219,18 @@ library P256 {
221219 */
222220 function _jDouble (uint256 x , uint256 y , uint256 z ) private pure returns (uint256 rx , uint256 ry , uint256 rz ) {
223221 assembly ("memory-safe" ) {
224- let p := P
225- let yy := mulmod (y, y, p)
226- let zz := mulmod (z, z, p)
227- let s := mulmod (4 , mulmod (x, yy, p), p) // s = 4*x*y²
228- let m := addmod (mulmod (3 , mulmod (x, x, p), p), mulmod (A, mulmod (zz, zz, p), p), p) // m = 3*x²+a*z⁴
229- let t := addmod (mulmod (m, m, p), sub (p, mulmod (2 , s, p)), p) // t = m²-2*s
222+ let yy := mulmod (y, y, P)
223+ let zz := mulmod (z, z, P)
224+ let s := mulmod (4 , mulmod (x, yy, P), P) // s = 4*x*y²
225+ let m := addmod (mulmod (3 , mulmod (x, x, P), P), mulmod (A, mulmod (zz, zz, P), P), P) // m = 3*x²+a*z⁴
226+ let t := addmod (mulmod (m, m, P), sub (P, mulmod (2 , s, P)), P) // t = m²-2*s
230227
231228 // x' = t
232229 rx := t
233230 // y' = m*(s-t)-8*y⁴
234- ry := addmod (mulmod (m, addmod (s, sub (p , t), p ), p ), sub (p , mulmod (8 , mulmod (yy, yy, p ), p )), p )
231+ ry := addmod (mulmod (m, addmod (s, sub (P , t), P ), P ), sub (P , mulmod (8 , mulmod (yy, yy, P ), P )), P )
235232 // z' = 2*y*z
236- rz := mulmod (2 , mulmod (y, z, p ), p )
233+ rz := mulmod (2 , mulmod (y, z, P ), P )
237234 }
238235 }
239236
0 commit comments