JacobianPoint
in package
This class incorporates work from Mdanter's ECC Primitive Point class and Paul Miller's Noble-Secp256k1 Library.
The original works are licensed under the MIT License. This JacobianPoint class contains all of the important methods to handle JacobianPoint Manipulation as to verify and sign Schnorr signatures.
Table of Contents
Constants
- a = 0
- b = 7
- CurveBeta = '0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'
- CurveN = '0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141'
- CurveP = '0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F'
- Gx = '0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798'
- Gy = '0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8'
- HFa1 = '0x3086d221a7d46bcde86c90e49284eb15'
- HFa2 = '0x114ca50f7a8e2f3f657c1108d9d44cfd8'
- HFb1 = '0xe4437ed6010e88286f547fa90abfe4c3'
- HFb2 = '0x3086d221a7d46bcde86c90e49284eb15'
- HFPOW_2_128 = '0x100000000000000000000000000000000'
Properties
- $windowSize : int
- $x : GMP
- $y : GMP
- $z : GMP
Methods
- __construct() : mixed
- Construct a new JacobianPoint, coordinates used to represent elliptic curve points on prime curves.
- __debugInfo() : array<string|int, mixed>
- __toString() : string
- add() : self
- Algorithm for Adding 2 Jacobian Points together, only when the curve's a parameter is 0, (Cannot be used for other curves where a != 0), Based on: http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-1998-cmo-2.
- cmp() : int
- Compare two Jacobian Points.
- divNearest() : GMP
- Based on Hal Finney's Implementation of an Optimized ECDSA verification, based on the "Guide to Elliptic Curve Cryptography" by Hankerson, Found here: https://bitcointalk.org/index.php?topic=3238.msg45565#msg45565 (Necessary factors in splitting k into k1 and k2).
- double() : self
- Doubles a Jacobian Point when the Curve's A is O, (Does not work when A is not O).
- equals() : bool
- Verify that two Jacobian Points are Equal.
- fromAffine() : self
- Convert an Affine Point to a Jacobian Point.
- getBase() : self
- Create a Base Jacobian Generator Point (Gx, Gy, 1).
- getBasePoint() : GeneratorPoint
- Return a Base Generator Point with Default Window Size.
- getWindowSize() : int
- getX() : GMP
- getY() : GMP
- getZ() : GMP
- getZero() : self
- Return a Jacobian Point at 0, 1, 0.
- gmp_shiftr() : GMP
- Bitwise Right Shift.
- hasEvenY() : bool
- Verify if Y-Coordinate is Even.
- mod() : GMP
- Calculates A modulo B.
- mul() : self
- Multiply two points together.
- multiplyAndAddUnsafe() : bool|JacobianPoint
- Perform efficient double scalar multiplications of aP + bQ, Naive way as opposed to Strauss-Shamir's trick: Perform two multiplications of aP and bQ, then add them together, (Unsafe based on exposed Private Key).
- multiplyUnsafe() : self
- Uses Double-and-Add algorithm for Multiplication, Unsafe because of exposed private key.
- negate() : self
- Negate a JacobianPoint's Y-Coordinate to get the Negative Point.
- precomputeWindow() : array<string|int, mixed>
- Creates a wNAF precomputation window used for caching, (Default window size is 8).
- setWindowSize() : self
- splitScalarEndo() : array<string|int, mixed>
- Split 256-bit K into 2 128-bit (k1, k2) integers for which k1 + k2 * lambda = K.
- toAffine() : self
- converts JacobianPoint to AffinePoint (x, y) coordinates [(x, y, z) -> x = x/(z^2), y = y/(z^3)].
- wNAF() : array<string|int, mixed>
- Implement w-ary non-adjacent form (wNAF) for calculating elliptic curve multiplication.
Constants
a
public
mixed
a
= 0
b
public
mixed
b
= 7
CurveBeta
public
mixed
CurveBeta
= '0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee'
CurveN
public
mixed
CurveN
= '0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141'
CurveP
public
mixed
CurveP
= '0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F'
Gx
public
mixed
Gx
= '0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798'
Gy
public
mixed
Gy
= '0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8'
HFa1
public
mixed
HFa1
= '0x3086d221a7d46bcde86c90e49284eb15'
HFa2
public
mixed
HFa2
= '0x114ca50f7a8e2f3f657c1108d9d44cfd8'
HFb1
public
mixed
HFb1
= '0xe4437ed6010e88286f547fa90abfe4c3'
HFb2
public
mixed
HFb2
= '0x3086d221a7d46bcde86c90e49284eb15'
HFPOW_2_128
public
mixed
HFPOW_2_128
= '0x100000000000000000000000000000000'
Properties
$windowSize
private
int
$windowSize
= 8
$x
private
GMP
$x
$y
private
GMP
$y
$z
private
GMP
$z
Methods
__construct()
Construct a new JacobianPoint, coordinates used to represent elliptic curve points on prime curves.
public
__construct([GMP $x = null ][, GMP $y = null ][, GMP $z = null ]) : mixed
Parameters
- $x : GMP = null
- $y : GMP = null
- $z : GMP = null
__debugInfo()
public
__debugInfo() : array<string|int, mixed>
Return values
array<string|int, mixed>__toString()
public
__toString() : string
Tags
Return values
stringadd()
Algorithm for Adding 2 Jacobian Points together, only when the curve's a parameter is 0, (Cannot be used for other curves where a != 0), Based on: http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-1998-cmo-2.
public
add(self $other) : self
Parameters
- $other : self
Return values
selfcmp()
Compare two Jacobian Points.
public
cmp(self $other) : int
Parameters
- $other : self
Return values
intdivNearest()
Based on Hal Finney's Implementation of an Optimized ECDSA verification, based on the "Guide to Elliptic Curve Cryptography" by Hankerson, Found here: https://bitcointalk.org/index.php?topic=3238.msg45565#msg45565 (Necessary factors in splitting k into k1 and k2).
public
divNearest(GMP $a, GMP $b) : GMP
Parameters
- $a : GMP
- $b : GMP
Return values
GMPdouble()
Doubles a Jacobian Point when the Curve's A is O, (Does not work when A is not O).
public
double() : self
Based on: http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l.
Return values
selfequals()
Verify that two Jacobian Points are Equal.
public
equals(self $other) : bool
Parameters
- $other : self
Return values
boolfromAffine()
Convert an Affine Point to a Jacobian Point.
public
fromAffine(Point $point) : self
Parameters
- $point : Point
Return values
selfgetBase()
Create a Base Jacobian Generator Point (Gx, Gy, 1).
public
getBase() : self
Return values
selfgetBasePoint()
Return a Base Generator Point with Default Window Size.
public
getBasePoint() : GeneratorPoint
Return values
GeneratorPointgetWindowSize()
public
getWindowSize() : int
Return values
intgetX()
public
getX() : GMP
Tags
Return values
GMPgetY()
public
getY() : GMP
Tags
Return values
GMPgetZ()
public
getZ() : GMP
Tags
Return values
GMPgetZero()
Return a Jacobian Point at 0, 1, 0.
public
getZero() : self
Return values
selfgmp_shiftr()
Bitwise Right Shift.
public
gmp_shiftr(GMP|int $x, GMP|int $n) : GMP
Parameters
- $x : GMP|int
- $n : GMP|int
Return values
GMPhasEvenY()
Verify if Y-Coordinate is Even.
public
hasEvenY() : bool
Return values
boolmod()
Calculates A modulo B.
public
mod(GMP $a[, GMP $b = null ]) : GMP
Parameters
- $a : GMP
- $b : GMP = null
Return values
GMPmul()
Multiply two points together.
public
mul(GMP $n[, self $affinePoint = null ]) : self
Parameters
- $n : GMP
- $affinePoint : self = null
Return values
selfmultiplyAndAddUnsafe()
Perform efficient double scalar multiplications of aP + bQ, Naive way as opposed to Strauss-Shamir's trick: Perform two multiplications of aP and bQ, then add them together, (Unsafe based on exposed Private Key).
public
multiplyAndAddUnsafe(Point $Q, GMP $a, GMP $b) : bool|JacobianPoint
Parameters
- $Q : Point
- $a : GMP
- $b : GMP
Return values
bool|JacobianPointmultiplyUnsafe()
Uses Double-and-Add algorithm for Multiplication, Unsafe because of exposed private key.
public
multiplyUnsafe(GMP $scalar) : self
Parameters
- $scalar : GMP
Return values
selfnegate()
Negate a JacobianPoint's Y-Coordinate to get the Negative Point.
public
negate() : self
Return values
selfprecomputeWindow()
Creates a wNAF precomputation window used for caching, (Default window size is 8).
public
precomputeWindow(int $W) : array<string|int, mixed>
This will cache 65,536 points: 256 points for every bit from 0 to 256.
Parameters
- $W : int
Return values
array<string|int, mixed>setWindowSize()
public
setWindowSize(int $n) : self
Parameters
- $n : int
Return values
selfsplitScalarEndo()
Split 256-bit K into 2 128-bit (k1, k2) integers for which k1 + k2 * lambda = K.
public
splitScalarEndo(GMP $verifyModNumber) : array<string|int, mixed>
Split Scalar Endomorphism.
Parameters
- $verifyModNumber : GMP
Return values
array<string|int, mixed>toAffine()
converts JacobianPoint to AffinePoint (x, y) coordinates [(x, y, z) -> x = x/(z^2), y = y/(z^3)].
public
toAffine() : self
Return values
selfwNAF()
Implement w-ary non-adjacent form (wNAF) for calculating elliptic curve multiplication.
public
wNAF(GMP $n, Point $affinePoint) : array<string|int, mixed>
Parameters
- $n : GMP
- $affinePoint : Point