Represents an element of the finite field GF(q) for q = 2^m. More...

#include <cmce_gf.h>

Public Member Functions
	Classic_McEliece_GF (CmceGfElem elem, CmceGfMod modulus)
	Creates an element of GF(q) from a uint16_t.

CmceGfElem	elem () const
	Get the GF(q) element as a GF_Elem.

Classic_McEliece_GF	inv () const
	Invert the element. Constant time.

bool	is_zero () const
	Check if the element is zero.

size_t	log_q () const
	Get m, the degree of the element's modulus.

CmceGfMod	modulus () const
	Get the modulus f(z) of GF(q) as a GF_Mod.

Classic_McEliece_GF	operator* (Classic_McEliece_GF other) const
	Multiply the element by `other` in GF(q). Constant time.

Classic_McEliece_GF &	operator*= (Classic_McEliece_GF other)
	Multiply the element by `other` in GF(q). Constant time.

Classic_McEliece_GF	operator+ (Classic_McEliece_GF other) const
	Add `other` to the element. Constant time.

Classic_McEliece_GF &	operator+= (Classic_McEliece_GF other)
	Add `other` to the element. Constant time.

Classic_McEliece_GF	operator/ (Classic_McEliece_GF other) const
	Divide the element by `other` in GF(q). Constant time.

Classic_McEliece_GF &	operator= (const CmceGfElem elem)
	Change the element to `elem`.

bool	operator== (Classic_McEliece_GF other) const
	Check if the element is equal to `other`. Modulus is ignored.

Classic_McEliece_GF	square () const
	Square the element. Constant time.

Static Public Member Functions
static size_t	log_q_from_mod (CmceGfMod modulus)
	Get m.

Detailed Description

Represents an element of the finite field GF(q) for q = 2^m.

This class implements the finite field GF(q) for q = 2^m via the irreducible polynomial f(z) of degree m. The elements of GF(q) are represented as polynomials of degree m-1 with coefficients in GF(2). Each element and the modulus is represented by a uint16_t, where the i-th least significant bit corresponds to the coefficient of z^i. For example, the element (z^3 + z^2 + 1) is represented by the uint16_t 0b1101.

Definition at line 30 of file cmce_gf.h.

Constructor & Destructor Documentation

◆ Classic_McEliece_GF()

Botan::Classic_McEliece_GF::Classic_McEliece_GF	(	CmceGfElem	elem,
		CmceGfMod	modulus )

inline

Creates an element of GF(q) from a uint16_t.

Each element and the modulus is represented by a uint16_t, where the i-th least significant bit corresponds to the coefficient of z^i.

Parameters

elem	The element as a uint16_t. Must be less than 2^m.
modulus	The modulus of GF(q).

Definition at line 41 of file cmce_gf.h.

41 : m_elem(elem), m_modulus(modulus) {

42 BOTAN_DEBUG_ASSERT(elem <= (size_t(1) << log_q()) - 1);

43 }

BOTAN_DEBUG_ASSERT

#define BOTAN_DEBUG_ASSERT(expr)

Definition assert.h:98

Botan::Classic_McEliece_GF::elem

CmceGfElem elem() const

Get the GF(q) element as a GF_Elem.

Definition cmce_gf.h:68

Botan::Classic_McEliece_GF::modulus

CmceGfMod modulus() const

Get the modulus f(z) of GF(q) as a GF_Mod.

Definition cmce_gf.h:75

Botan::Classic_McEliece_GF::log_q

size_t log_q() const

Get m, the degree of the element's modulus.

Definition cmce_gf.h:61

References BOTAN_DEBUG_ASSERT.

Referenced by operator*().

Member Function Documentation

◆ elem()

CmceGfElem Botan::Classic_McEliece_GF::elem ( ) const

inline

Get the GF(q) element as a GF_Elem.

Returns: the element as a GF_Elem.

Definition at line 68 of file cmce_gf.h.

68{ return m_elem; }

Referenced by Botan::GF_Mask::expand(), Botan::GF_Mask::if_set_return(), Botan::GF_Mask::is_equal(), Botan::GF_Mask::is_lte(), Botan::GF_Mask::is_zero(), operator==(), Botan::GF_Mask::select(), and Botan::GF_Mask::select().

◆ inv()

Classic_McEliece_GF Botan::Classic_McEliece_GF::inv ( ) const

Invert the element. Constant time.

Definition at line 62 of file cmce_gf.cpp.

                                                   {
   // Compute the inverse using fermat's little theorem: a^(q-1) = 1 => a^(q-2) = a^-1
 
   // exponent = (q-2). This is public information, therefore the workflow is constant time.
   size_t exponent = (size_t(1) << log_q()) - 2;
   Classic_McEliece_GF base = *this;
 
   // Compute base^exponent using the square-and-multiply algorithm
   Classic_McEliece_GF result = {CmceGfElem(1), m_modulus};
   while(exponent > 0) {
      if(exponent % 2 == 1) {
         // multiply
         result = (result * base);
      }
      // square
      base = base.square();
      exponent /= 2;
   }
 
   return result;
}

References log_q(), and square().

Referenced by operator/().

◆ is_zero()

bool Botan::Classic_McEliece_GF::is_zero ( ) const

inline

Check if the element is zero.

Definition at line 142 of file cmce_gf.h.

142{ return elem() == 0; }

◆ log_q()

size_t Botan::Classic_McEliece_GF::log_q ( ) const

inline

Get m, the degree of the element's modulus.

Returns: size_t The degree log_q of the modulus (m for GF(2^m)).

Definition at line 61 of file cmce_gf.h.

61{ return log_q_from_mod(m_modulus); }

Botan::Classic_McEliece_GF::log_q_from_mod

static size_t log_q_from_mod(CmceGfMod modulus)

Get m.

Definition cmce_gf.h:54

Referenced by inv(), and operator*().

◆ log_q_from_mod()

static size_t Botan::Classic_McEliece_GF::log_q_from_mod ( CmceGfMod modulus )

inlinestatic

Get m.

For a given irreducible polynomial modulus f(z) representing the modulus of a finite field GF(q) = GF(2^m), get the degree log_q of f(z) which corresponds to m.

Parameters

modulus The modulus of GF(q).

Returns: size_t The degree log_q of the modulus (m for GF(2^m)).

Definition at line 54 of file cmce_gf.h.

54{ return floor_log2(modulus.get()); }

Botan::detail::Strong_Base::get

constexpr T & get() &

Definition strong_type.h:50

Botan::floor_log2

constexpr T floor_log2(T n)

Definition bit_ops.h:125

References Botan::floor_log2(), and Botan::detail::Strong_Base< T >::get().

◆ modulus()

CmceGfMod Botan::Classic_McEliece_GF::modulus ( ) const

inline

Get the modulus f(z) of GF(q) as a GF_Mod.

Returns: the modulus as a GF_Mod.

Definition at line 75 of file cmce_gf.h.

75{ return m_modulus; }

Referenced by Botan::GF_Mask::if_set_return(), Botan::Classic_McEliece_Polynomial::operator()(), Botan::GF_Mask::select(), and Botan::GF_Mask::select().

◆ operator*()

Classic_McEliece_GF Botan::Classic_McEliece_GF::operator* ( Classic_McEliece_GF other ) const

Multiply the element by other in GF(q). Constant time.

Definition at line 47 of file cmce_gf.cpp.

                                                                                  {
   BOTAN_ASSERT_NOMSG(m_modulus == other.m_modulus);
 
   uint32_t a = m_elem.get();
   uint32_t b = other.m_elem.get();
 
   uint32_t acc = a * (b & CT::value_barrier<uint32_t>(1));
 
   for(size_t i = 1; i < log_q(); i++) {
      acc ^= (a * (b & (1 << i)));
   }
 
   return Classic_McEliece_GF(internal_reduce(acc, m_modulus), m_modulus);
}

References Botan::b, BOTAN_ASSERT_NOMSG, Classic_McEliece_GF(), Botan::detail::Strong_Base< T >::get(), log_q(), and Botan::CT::value_barrier().

◆ operator*=()

Classic_McEliece_GF & Botan::Classic_McEliece_GF::operator*= ( Classic_McEliece_GF other )

inline

Multiply the element by other in GF(q). Constant time.

Definition at line 113 of file cmce_gf.h.

                                                                 {
         BOTAN_DEBUG_ASSERT(m_modulus == other.m_modulus);
         *this = *this * other;
         return *this;
      }

References BOTAN_DEBUG_ASSERT.

◆ operator+()

Classic_McEliece_GF Botan::Classic_McEliece_GF::operator+ ( Classic_McEliece_GF other ) const

inline

Add other to the element. Constant time.

Definition at line 96 of file cmce_gf.h.

96 {

97 BOTAN_DEBUG_ASSERT(m_modulus == other.m_modulus);

98 return Classic_McEliece_GF(m_elem ^ other.m_elem, m_modulus);

99 }

References BOTAN_DEBUG_ASSERT.

◆ operator+=()

Classic_McEliece_GF & Botan::Classic_McEliece_GF::operator+= ( Classic_McEliece_GF other )

inline

Add other to the element. Constant time.

Definition at line 104 of file cmce_gf.h.

                                                                 {
         BOTAN_DEBUG_ASSERT(m_modulus == other.m_modulus);
         m_elem ^= other.m_elem;
         return *this;
      }

References BOTAN_DEBUG_ASSERT.

◆ operator/()

Classic_McEliece_GF Botan::Classic_McEliece_GF::operator/ ( Classic_McEliece_GF other ) const

inline

Divide the element by other in GF(q). Constant time.

Definition at line 88 of file cmce_gf.h.

88 {

89 BOTAN_DEBUG_ASSERT(m_modulus == other.m_modulus);

90 return *this * other.inv();

91 }

References BOTAN_DEBUG_ASSERT, and inv().

◆ operator=()

Classic_McEliece_GF & Botan::Classic_McEliece_GF::operator= ( const CmceGfElem elem )

inline

Change the element to elem.

Definition at line 80 of file cmce_gf.h.

80 {

81 m_elem = elem & CmceGfElem((size_t(1) << log_q()) - 1);

82 return *this;

83 }

◆ operator==()

bool Botan::Classic_McEliece_GF::operator== ( Classic_McEliece_GF other ) const

inline

Check if the element is equal to other. Modulus is ignored.

Definition at line 127 of file cmce_gf.h.

127{ return elem() == other.elem(); }

References elem().

◆ square()

Classic_McEliece_GF Botan::Classic_McEliece_GF::square ( ) const

inline

Square the element. Constant time.

Definition at line 132 of file cmce_gf.h.

132{ return (*this) * (*this); }

Referenced by inv().

The documentation for this class was generated from the following files:

src/lib/pubkey/classic_mceliece/cmce_gf.h
src/lib/pubkey/classic_mceliece/cmce_gf.cpp

Public Member Functions

Static Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ Classic_McEliece_GF()

Member Function Documentation

◆ elem()

◆ inv()

◆ is_zero()

◆ log_q()

◆ log_q_from_mod()

◆ modulus()

◆ operator*()

◆ operator*=()

◆ operator+()

◆ operator+=()

◆ operator/()

◆ operator=()

◆ operator==()

◆ square()