Botan 3.3.0
Crypto and TLS for C&
curve_gfp.h
Go to the documentation of this file.
1/*
2* Elliptic curves over GF(p)
3*
4* (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
5* 2010-2011,2012,2014 Jack Lloyd
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#ifndef BOTAN_GFP_CURVE_H_
11#define BOTAN_GFP_CURVE_H_
12
13#include <botan/bigint.h>
14#include <memory>
15
16// Currently exposed in EC_Point
17//BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h)
18
19namespace Botan {
20
22 public:
23 virtual ~CurveGFp_Repr() = default;
24
25 virtual const BigInt& get_p() const = 0;
26 virtual const BigInt& get_a() const = 0;
27 virtual const BigInt& get_b() const = 0;
28
29 virtual size_t get_p_words() const = 0;
30
31 virtual size_t get_ws_size() const = 0;
32
33 virtual bool is_one(const BigInt& x) const = 0;
34
35 virtual bool a_is_zero() const = 0;
36
37 virtual bool a_is_minus_3() const = 0;
38
39 /*
40 * Returns to_curve_rep(get_a())
41 */
42 virtual const BigInt& get_a_rep() const = 0;
43
44 /*
45 * Returns to_curve_rep(get_b())
46 */
47 virtual const BigInt& get_b_rep() const = 0;
48
49 /*
50 * Returns to_curve_rep(1)
51 */
52 virtual const BigInt& get_1_rep() const = 0;
53
54 virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0;
55
56 virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
57
58 virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
59
60 void curve_mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const {
61 BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
62 curve_mul_words(z, x.data(), x.size(), y, ws);
63 }
64
65 virtual void curve_mul_words(
66 BigInt& z, const word x_words[], size_t x_size, const BigInt& y, secure_vector<word>& ws) const = 0;
67
68 void curve_sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const {
69 BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
70 curve_sqr_words(z, x.data(), x.size(), ws);
71 }
72
73 virtual void curve_sqr_words(BigInt& z, const word x_words[], size_t x_size, secure_vector<word>& ws) const = 0;
74};
75
76/**
77* This class represents an elliptic curve over GF(p)
78*
79* There should not be any reason for applications to use this type.
80* If you need EC primitives use the interfaces EC_Group and EC_Point
81*
82* It is likely this class will be removed entirely in a future major
83* release.
84*/
86 public:
87 /**
88 * Create an uninitialized CurveGFp
89 */
90 CurveGFp() = default;
91
92 /**
93 * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
94 * @param p prime number of the field
95 * @param a first coefficient
96 * @param b second coefficient
97 */
98 CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) : m_repr(choose_repr(p, a, b)) {}
99
100 CurveGFp(const CurveGFp&) = default;
101
102 CurveGFp& operator=(const CurveGFp&) = default;
103
104 /**
105 * @return curve coefficient a
106 */
107 const BigInt& get_a() const { return m_repr->get_a(); }
108
109 /**
110 * @return curve coefficient b
111 */
112 const BigInt& get_b() const { return m_repr->get_b(); }
113
114 /**
115 * Get prime modulus of the field of the curve
116 * @return prime modulus of the field of the curve
117 */
118 const BigInt& get_p() const { return m_repr->get_p(); }
119
120 size_t get_p_words() const { return m_repr->get_p_words(); }
121
122 size_t get_ws_size() const { return m_repr->get_ws_size(); }
123
124 const BigInt& get_a_rep() const { return m_repr->get_a_rep(); }
125
126 const BigInt& get_b_rep() const { return m_repr->get_b_rep(); }
127
128 const BigInt& get_1_rep() const { return m_repr->get_1_rep(); }
129
130 bool a_is_minus_3() const { return m_repr->a_is_minus_3(); }
131
132 bool a_is_zero() const { return m_repr->a_is_zero(); }
133
134 bool is_one(const BigInt& x) const { return m_repr->is_one(x); }
135
136 BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const { return m_repr->invert_element(x, ws); }
137
138 void to_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->to_curve_rep(x, ws); }
139
140 void from_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->from_curve_rep(x, ws); }
141
143 BigInt xt(x);
144 m_repr->from_curve_rep(xt, ws);
145 return xt;
146 }
147
148 // TODO: from_rep taking && ref
149
150 void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const {
151 m_repr->curve_mul(z, x, y, ws);
152 }
153
154 void mul(BigInt& z, const word x_w[], size_t x_size, const BigInt& y, secure_vector<word>& ws) const {
155 m_repr->curve_mul_words(z, x_w, x_size, y, ws);
156 }
157
158 void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const { m_repr->curve_sqr(z, x, ws); }
159
160 void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const {
161 m_repr->curve_sqr_words(z, x_w, x_size, ws);
162 }
163
164 BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { return mul_to_tmp(x, y, ws); }
165
166 BigInt sqr(const BigInt& x, secure_vector<word>& ws) const { return sqr_to_tmp(x, ws); }
167
168 BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const {
169 BigInt z;
170 m_repr->curve_mul(z, x, y, ws);
171 return z;
172 }
173
175 BigInt z;
176 m_repr->curve_sqr(z, x, ws);
177 return z;
178 }
179
180 void swap(CurveGFp& other) { std::swap(m_repr, other.m_repr); }
181
182 friend void swap(CurveGFp& x, CurveGFp& y) { x.swap(y); }
183
184 /**
185 * Equality operator
186 * @param other a curve
187 * @return true iff *this is the same as other
188 */
189 inline bool operator==(const CurveGFp& other) const {
190 if(m_repr.get() == other.m_repr.get()) {
191 return true;
192 }
193
194 return (get_p() == other.get_p()) && (get_a() == other.get_a()) && (get_b() == other.get_b());
195 }
196
197 private:
198 static std::shared_ptr<CurveGFp_Repr> choose_repr(const BigInt& p, const BigInt& a, const BigInt& b);
199
200 std::shared_ptr<CurveGFp_Repr> m_repr;
201};
202
203inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs) {
204 return !(lhs == rhs);
205}
206
207} // namespace Botan
208
209#endif
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:98
size_t sig_words() const
Definition bigint.h:584
size_t size() const
Definition bigint.h:578
const word * data() const
Definition bigint.h:615
void curve_mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition curve_gfp.h:60
virtual size_t get_p_words() const =0
virtual BigInt invert_element(const BigInt &x, secure_vector< word > &ws) const =0
virtual ~CurveGFp_Repr()=default
virtual const BigInt & get_a() const =0
virtual void to_curve_rep(BigInt &x, secure_vector< word > &ws) const =0
virtual const BigInt & get_b() const =0
virtual bool is_one(const BigInt &x) const =0
virtual void curve_sqr_words(BigInt &z, const word x_words[], size_t x_size, secure_vector< word > &ws) const =0
virtual const BigInt & get_a_rep() const =0
virtual void curve_mul_words(BigInt &z, const word x_words[], size_t x_size, const BigInt &y, secure_vector< word > &ws) const =0
void curve_sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:68
virtual const BigInt & get_b_rep() const =0
virtual void from_curve_rep(BigInt &x, secure_vector< word > &ws) const =0
virtual const BigInt & get_p() const =0
virtual size_t get_ws_size() const =0
virtual bool a_is_minus_3() const =0
virtual const BigInt & get_1_rep() const =0
virtual bool a_is_zero() const =0
CurveGFp(const CurveGFp &)=default
bool a_is_minus_3() const
Definition curve_gfp.h:130
void mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition curve_gfp.h:150
void mul(BigInt &z, const word x_w[], size_t x_size, const BigInt &y, secure_vector< word > &ws) const
Definition curve_gfp.h:154
size_t get_ws_size() const
Definition curve_gfp.h:122
BigInt invert_element(const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:136
friend void swap(CurveGFp &x, CurveGFp &y)
Definition curve_gfp.h:182
const BigInt & get_1_rep() const
Definition curve_gfp.h:128
const BigInt & get_b_rep() const
Definition curve_gfp.h:126
bool is_one(const BigInt &x) const
Definition curve_gfp.h:134
void sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:158
void swap(CurveGFp &other)
Definition curve_gfp.h:180
const BigInt & get_a_rep() const
Definition curve_gfp.h:124
bool a_is_zero() const
Definition curve_gfp.h:132
BigInt from_rep_to_tmp(const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:142
void sqr(BigInt &z, const word x_w[], size_t x_size, secure_vector< word > &ws) const
Definition curve_gfp.h:160
CurveGFp()=default
const BigInt & get_a() const
Definition curve_gfp.h:107
void to_rep(BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:138
CurveGFp(const BigInt &p, const BigInt &a, const BigInt &b)
Definition curve_gfp.h:98
BigInt mul(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition curve_gfp.h:164
size_t get_p_words() const
Definition curve_gfp.h:120
CurveGFp & operator=(const CurveGFp &)=default
const BigInt & get_p() const
Definition curve_gfp.h:118
BigInt sqr_to_tmp(const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:174
BigInt sqr(const BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:166
const BigInt & get_b() const
Definition curve_gfp.h:112
bool operator==(const CurveGFp &other) const
Definition curve_gfp.h:189
void from_rep(BigInt &x, secure_vector< word > &ws) const
Definition curve_gfp.h:140
BigInt mul_to_tmp(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition curve_gfp.h:168
int(* final)(unsigned char *, CTX *)
#define BOTAN_UNSTABLE_API
Definition compiler.h:44
bool operator!=(const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
Definition alg_id.cpp:69
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61