The logic PointGFp::operator*= was basically doing

*this = scalar * *this;

And operator* was doing a needless copy.

Instead make operator* a real multiplication operation, define *= in terms
of it.

2 files changed, 31 insertions, 29 deletions

diff --git a/src/math/numbertheory/point_gfp.cpp b/src/math/numbertheory/point_gfp.cpp
index d7ad72552..4e8906dba 100644
--- a/src/math/numbertheory/point_gfp.cpp
+++ b/src/math/numbertheory/point_gfp.cpp
@@ -268,27 +268,32 @@ PointGFp& PointGFp::operator-=(const PointGFp& rhs)
 
 PointGFp& PointGFp::operator*=(const BigInt& scalar)
    {
-   Workspace ws(curve.get_p_words());
+   *this = scalar * *this;
+   return *this;
+   }
+
+PointGFp operator*(const BigInt& scalar, const PointGFp& point)
+   {
+   const CurveGFp& curve = point.get_curve();
+
+   if(scalar.is_zero())
+      return PointGFp(curve); // zero point
+
+   PointGFp::Workspace ws(curve.get_p_words());
 
    if(scalar.abs() <= 2) // special cases for small values
       {
       u32bit value = scalar.abs().to_u32bit();
 
-      if(value == 0)
-         *this = PointGFp(curve); // set to zero point
-      else if(value == 1)
-         {
-         if(scalar.is_negative())
-            this->negate();
-         }
-      else if(value == 2)
-         {
-         this->mult2(ws);
-         if(scalar.is_negative())
-            this->negate();
-         }
+      PointGFp result = point;
+
+      if(value == 2)
+         result.mult2(ws);
 
-      return *this;
+      if(scalar.is_negative())
+         result.negate();
+
+      return result;
       }
 
    const u32bit scalar_bits = scalar.bits();
@@ -296,9 +301,7 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar)
    const u32bit window_size = 4;
 
    std::vector<PointGFp> Ps((1 << window_size) - 1);
-   Ps[0] = *this;
-   if(scalar.is_negative())
-      Ps[0].negate();
+   Ps[0] = point;
 
    for(u32bit i = 1; i != Ps.size(); ++i)
       {
@@ -310,7 +313,7 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar)
          Ps[i].add(Ps[0], ws);
       }
 
-   PointGFp H(this->curve); // create as zero
+   PointGFp H(curve); // create as zero
    u32bit bits_left = scalar_bits;
 
    while(bits_left >= window_size)
@@ -338,8 +341,7 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar)
    if(scalar.is_negative())
       H.negate();
 
-   *this = H;
-   return *this;
+   return H;
    }
 
 BigInt PointGFp::get_affine_x() const
diff --git a/src/math/numbertheory/point_gfp.h b/src/math/numbertheory/point_gfp.h
index f5e409ca7..d92a5cbcb 100644
--- a/src/math/numbertheory/point_gfp.h
+++ b/src/math/numbertheory/point_gfp.h
@@ -78,14 +78,20 @@ class BOTAN_DLL PointGFp
 
       /**
       * *= Operator
-      * This function turns on the the special reduction multiplication
-      * itself for fast computation, turns it off again when finished.
       * @param scalar the PointGFp to multiply with *this
       * @result resulting PointGFp
       */
       PointGFp& operator*=(const BigInt& scalar);
 
       /**
+      * Multiplication Operator
+      * @param scalar the scalar value
+      * @param point the point value
+      * @return scalar*point on the curve
+      */
+      friend BOTAN_DLL PointGFp operator*(const BigInt& scalar, const PointGFp& point);
+
+      /**
       * Negate this point
       * @return *this
       */
@@ -237,12 +243,6 @@ inline PointGFp operator-(const PointGFp& lhs, const PointGFp& rhs)
    return tmp -= rhs;
    }
 
-inline PointGFp operator*(const BigInt& scalar, const PointGFp& point)
-   {
-   PointGFp result(point);
-   return result *= scalar;
-   }
-
 inline PointGFp operator*(const PointGFp& point, const BigInt& scalar)
    {
    return scalar * point;