Botan 3.6.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | Friends | List of all members
Botan::EC_AffinePoint Class Referencefinal

#include <ec_apoint.h>

Public Member Functions

const std::shared_ptr< const EC_Group_Data > & _group () const
 
const EC_AffinePoint_Data_inner () const
 
 EC_AffinePoint (const EC_AffinePoint &other)
 
 EC_AffinePoint (const EC_Group &group, const EC_Point &pt)
 
 EC_AffinePoint (const EC_Group &group, std::span< const uint8_t > bytes)
 
 EC_AffinePoint (EC_AffinePoint &&other) noexcept
 
size_t field_element_bytes () const
 
bool is_identity () const
 Return true if this point is the identity element.
 
EC_AffinePoint mul (const EC_Scalar &scalar, RandomNumberGenerator &rng, std::vector< BigInt > &ws) const
 
EC_AffinePointoperator= (const EC_AffinePoint &other)
 
EC_AffinePointoperator= (EC_AffinePoint &&other) noexcept
 
template<concepts::resizable_byte_buffer T = std::vector<uint8_t>>
T serialize_compressed () const
 
void serialize_compressed_to (std::span< uint8_t > bytes) const
 
template<concepts::resizable_byte_buffer T = std::vector<uint8_t>>
T serialize_uncompressed () const
 
void serialize_uncompressed_to (std::span< uint8_t > bytes) const
 
void serialize_x_to (std::span< uint8_t > bytes) const
 
void serialize_xy_to (std::span< uint8_t > bytes) const
 
void serialize_y_to (std::span< uint8_t > bytes) const
 
EC_Point to_legacy_point () const
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T x_bytes () const
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T xy_bytes () const
 
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T y_bytes () const
 
 ~EC_AffinePoint ()
 

Static Public Member Functions

static EC_AffinePoint _from_inner (std::unique_ptr< EC_AffinePoint_Data > inner)
 
static std::optional< EC_AffinePointdeserialize (const EC_Group &group, std::span< const uint8_t > bytes)
 
static std::optional< EC_AffinePointfrom_bigint_xy (const EC_Group &group, const BigInt &x, const BigInt &y)
 
static EC_AffinePoint g_mul (const EC_Scalar &scalar, RandomNumberGenerator &rng, std::vector< BigInt > &ws)
 
static EC_AffinePoint generator (const EC_Group &group)
 Return the standard group generator.
 
static EC_AffinePoint hash_to_curve_nu (const EC_Group &group, std::string_view hash_fn, std::span< const uint8_t > input, std::span< const uint8_t > domain_sep)
 
static EC_AffinePoint hash_to_curve_ro (const EC_Group &group, std::string_view hash_fn, std::span< const uint8_t > input, std::span< const uint8_t > domain_sep)
 
static EC_AffinePoint identity (const EC_Group &group)
 Return the identity element.
 

Friends

class EC_Mul2Table
 

Detailed Description

Definition at line 29 of file ec_apoint.h.

Constructor & Destructor Documentation

◆ EC_AffinePoint() [1/4]

Botan::EC_AffinePoint::EC_AffinePoint ( const EC_Group & group,
std::span< const uint8_t > bytes )

Point deserialization. Throws if wrong length or not a valid point

This accepts SEC1 compressed or uncompressed formats

Definition at line 35 of file ec_apoint.cpp.

35 {
36 m_point = group._data()->point_deserialize(bytes);
37 if(!m_point) {
38 throw Decoding_Error("Failed to deserialize elliptic curve point");
39 }
40}

References Botan::EC_Group::_data().

Referenced by _from_inner(), deserialize(), g_mul(), generator(), hash_to_curve_nu(), hash_to_curve_ro(), identity(), and mul().

◆ EC_AffinePoint() [2/4]

Botan::EC_AffinePoint::EC_AffinePoint ( const EC_AffinePoint & other)

Definition at line 19 of file ec_apoint.cpp.

19: m_point(other.inner().clone()) {}

◆ EC_AffinePoint() [3/4]

Botan::EC_AffinePoint::EC_AffinePoint ( EC_AffinePoint && other)
noexcept

Definition at line 21 of file ec_apoint.cpp.

21: m_point(std::move(other.m_point)) {}

◆ EC_AffinePoint() [4/4]

Botan::EC_AffinePoint::EC_AffinePoint ( const EC_Group & group,
const EC_Point & pt )

Deprecated conversion

Definition at line 42 of file ec_apoint.cpp.

42 :
43 EC_AffinePoint(group, pt.encode(EC_Point_Format::Uncompressed)) {}
Botan::EC_AffinePoint::EC_AffinePoint
EC_AffinePoint(const EC_Group &group, std::span< const uint8_t > bytes)
Definition ec_apoint.cpp:35

◆ ~EC_AffinePoint()

Botan::EC_AffinePoint::~EC_AffinePoint ( )
default

Member Function Documentation

◆ _from_inner()

EC_AffinePoint Botan::EC_AffinePoint::_from_inner ( std::unique_ptr< EC_AffinePoint_Data > inner)
static

Definition at line 143 of file ec_apoint.cpp.

143 {
144 return EC_AffinePoint(std::move(inner));
145}

References EC_AffinePoint().

Referenced by Botan::EC_Group::Mul2Table::mul2_vartime().

◆ _group()

const std::shared_ptr< const EC_Group_Data > & Botan::EC_AffinePoint::_group ( ) const

Definition at line 147 of file ec_apoint.cpp.

147 {
148 return inner().group();
149}
Botan::EC_AffinePoint_Data::group
virtual const std::shared_ptr< const EC_Group_Data > & group() const =0

References Botan::EC_AffinePoint_Data::group().

◆ _inner()

const EC_AffinePoint_Data & Botan::EC_AffinePoint::_inner ( ) const
inline

Definition at line 190 of file ec_apoint.h.

190{ return inner(); }

◆ deserialize()

std::optional< EC_AffinePoint > Botan::EC_AffinePoint::deserialize ( const EC_Group & group,
std::span< const uint8_t > bytes )
static

Point deserialization. Returns nullopt if wrong length or not a valid point

This accepts SEC1 compressed or uncompressed formats

Definition at line 97 of file ec_apoint.cpp.

97 {
98 if(auto pt = group._data()->point_deserialize(bytes)) {
99 return EC_AffinePoint(std::move(pt));
100 } else {
101 return {};
102 }
103}

References Botan::EC_Group::_data(), and EC_AffinePoint().

Referenced by from_bigint_xy().

◆ field_element_bytes()

size_t Botan::EC_AffinePoint::field_element_bytes ( ) const

Return the number of bytes of a field element

A point consists of two field elements, plus possibly a header

Definition at line 71 of file ec_apoint.cpp.

71 {
72 return inner().field_element_bytes();
73}
Botan::EC_AffinePoint_Data::field_element_bytes
virtual size_t field_element_bytes() const =0

References Botan::EC_AffinePoint_Data::field_element_bytes().

◆ from_bigint_xy()

std::optional< EC_AffinePoint > Botan::EC_AffinePoint::from_bigint_xy ( const EC_Group & group,
const BigInt & x,
const BigInt & y )
static

Create a point from a pair (x,y) of integers

The integers must be within the field - in the range [0,p) and must satisfy the curve equation

Definition at line 54 of file ec_apoint.cpp.

54 {
55 if(x.is_negative() || x >= group.get_p()) {
56 return {};
57 }
58 if(y.is_negative() || y >= group.get_p()) {
59 return {};
60 }
61
62 const size_t fe_bytes = group.get_p_bytes();
63 std::vector<uint8_t> sec1(1 + 2 * fe_bytes);
64 sec1[0] = 0x04;
65 x.serialize_to(std::span{sec1}.subspan(1, fe_bytes));
66 y.serialize_to(std::span{sec1}.last(fe_bytes));
67
68 return EC_AffinePoint::deserialize(group, sec1);
69}
Botan::EC_AffinePoint::deserialize
static std::optional< EC_AffinePoint > deserialize(const EC_Group &group, std::span< const uint8_t > bytes)
Definition ec_apoint.cpp:97

References deserialize(), Botan::EC_Group::get_p(), Botan::EC_Group::get_p_bytes(), Botan::BigInt::is_negative(), and Botan::BigInt::serialize_to().

◆ g_mul()

EC_AffinePoint Botan::EC_AffinePoint::g_mul ( const EC_Scalar & scalar,
RandomNumberGenerator & rng,
std::vector< BigInt > & ws )
static

Multiply by the group generator returning a complete point

Workspace argument is transitional

Definition at line 105 of file ec_apoint.cpp.

105 {
106 auto pt = scalar._inner().group()->point_g_mul(scalar.inner(), rng, ws);
107 return EC_AffinePoint(std::move(pt));
108}

References Botan::EC_Scalar::_inner(), EC_AffinePoint(), and Botan::EC_Scalar_Data::group().

Referenced by Botan::EC_PrivateKey_Data::public_key().

◆ generator()

EC_AffinePoint Botan::EC_AffinePoint::generator ( const EC_Group & group)
static

Return the standard group generator.

Definition at line 50 of file ec_apoint.cpp.

50 {
51 return EC_AffinePoint(group, group.get_base_point());
52}

References EC_AffinePoint(), and Botan::EC_Group::get_base_point().

◆ hash_to_curve_nu()

EC_AffinePoint Botan::EC_AffinePoint::hash_to_curve_nu ( const EC_Group & group,
std::string_view hash_fn,
std::span< const uint8_t > input,
std::span< const uint8_t > domain_sep )
static

Hash to curve (RFC 9380), non uniform variant

Only supported for specific groups

Definition at line 87 of file ec_apoint.cpp.

90 {
91 auto pt = group._data()->point_hash_to_curve_nu(hash_fn, input, domain_sep);
92 return EC_AffinePoint(std::move(pt));
93}

References Botan::EC_Group::_data(), and EC_AffinePoint().

◆ hash_to_curve_ro()

EC_AffinePoint Botan::EC_AffinePoint::hash_to_curve_ro ( const EC_Group & group,
std::string_view hash_fn,
std::span< const uint8_t > input,
std::span< const uint8_t > domain_sep )
static

Hash to curve (RFC 9380), random oracle variant

Only supported for specific groups

Definition at line 79 of file ec_apoint.cpp.

82 {
83 auto pt = group._data()->point_hash_to_curve_ro(hash_fn, input, domain_sep);
84 return EC_AffinePoint(std::move(pt));
85}

References Botan::EC_Group::_data(), and EC_AffinePoint().

◆ identity()

EC_AffinePoint Botan::EC_AffinePoint::identity ( const EC_Group & group)
static

Return the identity element.

Definition at line 45 of file ec_apoint.cpp.

45 {
46 const uint8_t id_encoding[1] = {0};
47 return EC_AffinePoint(group, id_encoding);
48}

References EC_AffinePoint().

◆ is_identity()

bool Botan::EC_AffinePoint::is_identity ( ) const

Return true if this point is the identity element.

Definition at line 75 of file ec_apoint.cpp.

75 {
76 return inner().is_identity();
77}
Botan::EC_AffinePoint_Data::is_identity
virtual bool is_identity() const =0

References Botan::EC_AffinePoint_Data::is_identity().

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ mul()

EC_AffinePoint Botan::EC_AffinePoint::mul ( const EC_Scalar & scalar,
RandomNumberGenerator & rng,
std::vector< BigInt > & ws ) const

Multiply a point by a scalar returning a complete point

Workspace argument is transitional

Definition at line 110 of file ec_apoint.cpp.

110 {
111 return EC_AffinePoint(inner().mul(scalar._inner(), rng, ws));
112}
Botan::EC_AffinePoint::mul
EC_AffinePoint mul(const EC_Scalar &scalar, RandomNumberGenerator &rng, std::vector< BigInt > &ws) const
Definition ec_apoint.cpp:110

References Botan::EC_Scalar::_inner(), EC_AffinePoint(), and mul().

Referenced by mul().

◆ operator=() [1/2]

EC_AffinePoint & Botan::EC_AffinePoint::operator= ( const EC_AffinePoint & other)

Definition at line 23 of file ec_apoint.cpp.

23 {
24 if(this != &other) {
25 m_point = other.inner().clone();
26 }
27 return (*this);
28}

References Botan::EC_AffinePoint_Data::clone().

◆ operator=() [2/2]

EC_AffinePoint & Botan::EC_AffinePoint::operator= ( EC_AffinePoint && other)
noexcept

Definition at line 30 of file ec_apoint.cpp.

30 {
31 m_point.swap(other.m_point);
32 return (*this);
33}

◆ serialize_compressed()

template<concepts::resizable_byte_buffer T = std::vector<uint8_t>>
T Botan::EC_AffinePoint::serialize_compressed ( ) const
inline

Return the bytes of the affine x and y coordinates in a container

This function will fail if this point is the identity element

Definition at line 166 of file ec_apoint.h.

166 {
167 T bytes(1 + this->field_element_bytes());
168 this->serialize_compressed_to(bytes);
169 return bytes;
170 }
Botan::EC_AffinePoint::field_element_bytes
size_t field_element_bytes() const
Definition ec_apoint.cpp:71
Botan::EC_AffinePoint::serialize_compressed_to
void serialize_compressed_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:129
T
FE_25519 T
Definition ge.cpp:34

References T.

◆ serialize_compressed_to()

void Botan::EC_AffinePoint::serialize_compressed_to ( std::span< uint8_t > bytes) const

Write the fixed length SEC1 compressed encoding

The output span must be exactly 1 + field_element_bytes long

This function will fail if this point is the identity element

Definition at line 129 of file ec_apoint.cpp.

129 {
130 BOTAN_STATE_CHECK(!this->is_identity());
131 m_point->serialize_compressed_to(bytes);
132}
BOTAN_STATE_CHECK
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:41
Botan::EC_AffinePoint::is_identity
bool is_identity() const
Return true if this point is the identity element.
Definition ec_apoint.cpp:75

References BOTAN_STATE_CHECK, and is_identity().

◆ serialize_uncompressed()

template<concepts::resizable_byte_buffer T = std::vector<uint8_t>>
T Botan::EC_AffinePoint::serialize_uncompressed ( ) const
inline

Return the bytes of the affine x and y coordinates in a container

This function will fail if this point is the identity element

Definition at line 156 of file ec_apoint.h.

156 {
157 T bytes(1 + 2 * this->field_element_bytes());
158 this->serialize_uncompressed_to(bytes);
159 return bytes;
160 }
Botan::EC_AffinePoint::serialize_uncompressed_to
void serialize_uncompressed_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:134

References T.

◆ serialize_uncompressed_to()

void Botan::EC_AffinePoint::serialize_uncompressed_to ( std::span< uint8_t > bytes) const

Return the fixed length encoding of SEC1 uncompressed encoding

The output span must be exactly 1 + 2*field_element_bytes long

This function will fail if this point is the identity element

Definition at line 134 of file ec_apoint.cpp.

134 {
135 BOTAN_STATE_CHECK(!this->is_identity());
136 m_point->serialize_uncompressed_to(bytes);
137}

References BOTAN_STATE_CHECK, and is_identity().

◆ serialize_x_to()

void Botan::EC_AffinePoint::serialize_x_to ( std::span< uint8_t > bytes) const

Write the fixed length encoding of affine x coordinate

The output span must be exactly field_element_bytes long

This function will fail if this point is the identity element

Definition at line 114 of file ec_apoint.cpp.

114 {
115 BOTAN_STATE_CHECK(!this->is_identity());
116 m_point->serialize_x_to(bytes);
117}

References BOTAN_STATE_CHECK, and is_identity().

◆ serialize_xy_to()

void Botan::EC_AffinePoint::serialize_xy_to ( std::span< uint8_t > bytes) const

Write the fixed length encoding of affine x and y coordinates

The output span must be exactly 2*field_element_bytes long

This function will fail if this point is the identity element

Definition at line 124 of file ec_apoint.cpp.

124 {
125 BOTAN_STATE_CHECK(!this->is_identity());
126 m_point->serialize_xy_to(bytes);
127}

References BOTAN_STATE_CHECK, and is_identity().

◆ serialize_y_to()

void Botan::EC_AffinePoint::serialize_y_to ( std::span< uint8_t > bytes) const

Write the fixed length encoding of affine y coordinate

The output span must be exactly field_element_bytes long

This function will fail if this point is the identity element

Definition at line 119 of file ec_apoint.cpp.

119 {
120 BOTAN_STATE_CHECK(!this->is_identity());
121 m_point->serialize_y_to(bytes);
122}

References BOTAN_STATE_CHECK, and is_identity().

◆ to_legacy_point()

EC_Point Botan::EC_AffinePoint::to_legacy_point ( ) const

Deprecated conversion

Definition at line 139 of file ec_apoint.cpp.

139 {
140 return m_point->to_legacy_point();
141}

Referenced by Botan::EC_Group::OS2ECP().

◆ x_bytes()

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::EC_AffinePoint::x_bytes ( ) const
inline

Return the bytes of the affine x coordinate in a container

This function will fail if this point is the identity element

Definition at line 126 of file ec_apoint.h.

126 {
127 T bytes(this->field_element_bytes());
128 this->serialize_x_to(bytes);
129 return bytes;
130 }
Botan::EC_AffinePoint::serialize_x_to
void serialize_x_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:114

References T.

◆ xy_bytes()

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::EC_AffinePoint::xy_bytes ( ) const
inline

Return the bytes of the affine x and y coordinates in a container

This function will fail if this point is the identity element

Definition at line 146 of file ec_apoint.h.

146 {
147 T bytes(2 * this->field_element_bytes());
148 this->serialize_xy_to(bytes);
149 return bytes;
150 }
Botan::EC_AffinePoint::serialize_xy_to
void serialize_xy_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:124

References T.

◆ y_bytes()

template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
T Botan::EC_AffinePoint::y_bytes ( ) const
inline

Return the bytes of the affine y coordinate in a container

This function will fail if this point is the identity element

Definition at line 136 of file ec_apoint.h.

136 {
137 T bytes(this->field_element_bytes());
138 this->serialize_y_to(bytes);
139 return bytes;
140 }
Botan::EC_AffinePoint::serialize_y_to
void serialize_y_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:119

References T.

Friends And Related Symbol Documentation

◆ EC_Mul2Table

friend class EC_Mul2Table
friend

Definition at line 197 of file ec_apoint.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0