Botan 3.9.0
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::EC_AffinePoint_Data_BN Class Referencefinal

#include <ec_inner_bn.h>

Inheritance diagram for Botan::EC_AffinePoint_Data_BN:
Botan::EC_AffinePoint_Data

Public Member Functions

std::unique_ptr< EC_AffinePoint_Dataclone () const override
 EC_AffinePoint_Data_BN (std::shared_ptr< const EC_Group_Data > group, EC_Point pt)
size_t field_element_bytes () const override
const std::shared_ptr< const EC_Group_Data > & group () const override
bool is_identity () const override
std::unique_ptr< EC_AffinePoint_Datamul (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
secure_vector< uint8_t > mul_x_only (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
void serialize_compressed_to (std::span< uint8_t > bytes) const override
void serialize_uncompressed_to (std::span< uint8_t > bytes) const override
void serialize_x_to (std::span< uint8_t > bytes) const override
void serialize_xy_to (std::span< uint8_t > bytes) const override
void serialize_y_to (std::span< uint8_t > bytes) const override
EC_Point to_legacy_point () const override

Detailed Description

Definition at line 59 of file ec_inner_bn.h.

Constructor & Destructor Documentation

◆ EC_AffinePoint_Data_BN()

Botan::EC_AffinePoint_Data_BN::EC_AffinePoint_Data_BN ( std::shared_ptr< const EC_Group_Data > group,
EC_Point pt )

Definition at line 87 of file ec_inner_bn.cpp.

87 :
88 m_group(std::move(group)), m_pt(std::move(pt)) {
89 if(!m_pt.is_zero()) {
90 m_pt.force_affine();
91 m_xy = m_pt.xy_bytes();
92 }
93}
Botan::EC_AffinePoint_Data_BN::group
const std::shared_ptr< const EC_Group_Data > & group() const override
Definition ec_inner_bn.cpp:99

References group().

Member Function Documentation

◆ clone()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::clone ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 95 of file ec_inner_bn.cpp.

95 {
96 return std::make_unique<EC_AffinePoint_Data_BN>(m_group, m_pt);
97}

◆ field_element_bytes()

size_t Botan::EC_AffinePoint_Data_BN::field_element_bytes ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 139 of file ec_inner_bn.cpp.

139 {
140 return m_group->p_bytes();
141}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ group()

const std::shared_ptr< const EC_Group_Data > & Botan::EC_AffinePoint_Data_BN::group ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 99 of file ec_inner_bn.cpp.

99 {
100 return m_group;
101}

Referenced by EC_AffinePoint_Data_BN().

◆ is_identity()

bool Botan::EC_AffinePoint_Data_BN::is_identity ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 143 of file ec_inner_bn.cpp.

143 {
144 return m_xy.empty();
145}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ mul()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::mul ( const EC_Scalar_Data & scalar,
RandomNumberGenerator & rng ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 103 of file ec_inner_bn.cpp.

104 {
105 BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
106 const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
107
108 std::vector<BigInt> ws;
109 EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
110
111 // We pass order*cofactor here to "correctly" handle the case where the
112 // point is on the curve but not in the prime order subgroup. This only
113 // matters for groups with cofactor > 1
114 // See https://github.com/randombit/botan/issues/3800
115
116 const auto order = m_group->order() * m_group->cofactor();
117 auto pt = mul.mul(bn.value(), rng, order, ws);
118 return std::make_unique<EC_AffinePoint_Data_BN>(m_group, std::move(pt));
119}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:33
Botan::EC_AffinePoint_Data_BN::mul
std::unique_ptr< EC_AffinePoint_Data > mul(const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
Definition ec_inner_bn.cpp:103
Botan::EC_Scalar_Data_BN::checked_ref
static const EC_Scalar_Data_BN & checked_ref(const EC_Scalar_Data &data)
Definition ec_inner_bn.cpp:14

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

Referenced by mul(), and mul_x_only().

◆ mul_x_only()

secure_vector< uint8_t > Botan::EC_AffinePoint_Data_BN::mul_x_only ( const EC_Scalar_Data & scalar,
RandomNumberGenerator & rng ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 121 of file ec_inner_bn.cpp.

122 {
123 BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
124 const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
125
126 std::vector<BigInt> ws;
127 EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
128
129 // We pass order*cofactor here to "correctly" handle the case where the
130 // point is on the curve but not in the prime order subgroup. This only
131 // matters for groups with cofactor > 1
132 // See https://github.com/randombit/botan/issues/3800
133
134 const auto order = m_group->order() * m_group->cofactor();
135 auto pt = mul.mul(bn.value(), rng, order, ws);
136 return pt.x_bytes();
137}

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

◆ serialize_compressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_compressed_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 168 of file ec_inner_bn.cpp.

168 {
169 BOTAN_STATE_CHECK(!this->is_identity());
170 const size_t fe_bytes = this->field_element_bytes();
171 BOTAN_ARG_CHECK(bytes.size() == 1 + fe_bytes, "Invalid output size");
172 const bool y_is_odd = (m_xy[m_xy.size() - 1] & 0x01) == 0x01;
173
174 BufferStuffer stuffer(bytes);
175 stuffer.append(y_is_odd ? 0x03 : 0x02);
176 serialize_x_to(stuffer.next(fe_bytes));
177}
BOTAN_STATE_CHECK
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:49
Botan::EC_AffinePoint_Data_BN::serialize_x_to
void serialize_x_to(std::span< uint8_t > bytes) const override
Definition ec_inner_bn.cpp:147
Botan::EC_AffinePoint_Data_BN::field_element_bytes
size_t field_element_bytes() const override
Definition ec_inner_bn.cpp:139
Botan::EC_AffinePoint_Data_BN::is_identity
bool is_identity() const override
Definition ec_inner_bn.cpp:143

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), is_identity(), Botan::BufferStuffer::next(), and serialize_x_to().

◆ serialize_uncompressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_uncompressed_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 179 of file ec_inner_bn.cpp.

179 {
180 BOTAN_STATE_CHECK(!this->is_identity());
181 const size_t fe_bytes = this->field_element_bytes();
182 BOTAN_ARG_CHECK(bytes.size() == 1 + 2 * fe_bytes, "Invalid output size");
183 BufferStuffer stuffer(bytes);
184 stuffer.append(0x04);
185 stuffer.append(m_xy);
186}

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), and is_identity().

◆ serialize_x_to()

void Botan::EC_AffinePoint_Data_BN::serialize_x_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 147 of file ec_inner_bn.cpp.

147 {
148 BOTAN_STATE_CHECK(!this->is_identity());
149 const size_t fe_bytes = this->field_element_bytes();
150 BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
151 copy_mem(bytes, std::span{m_xy}.first(fe_bytes));
152}
Botan::copy_mem
constexpr void copy_mem(T *out, const T *in, size_t n)
Definition mem_ops.h:145

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

Referenced by serialize_compressed_to().

◆ serialize_xy_to()

void Botan::EC_AffinePoint_Data_BN::serialize_xy_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 161 of file ec_inner_bn.cpp.

161 {
162 BOTAN_STATE_CHECK(!this->is_identity());
163 const size_t fe_bytes = this->field_element_bytes();
164 BOTAN_ARG_CHECK(bytes.size() == 2 * fe_bytes, "Invalid output size");
165 copy_mem(bytes, m_xy);
166}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ serialize_y_to()

void Botan::EC_AffinePoint_Data_BN::serialize_y_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 154 of file ec_inner_bn.cpp.

154 {
155 BOTAN_STATE_CHECK(!this->is_identity());
156 const size_t fe_bytes = this->field_element_bytes();
157 BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
158 copy_mem(bytes, std::span{m_xy}.last(fe_bytes));
159}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ to_legacy_point()

EC_Point Botan::EC_AffinePoint_Data_BN::to_legacy_point ( ) const
inlineoverride

Definition at line 85 of file ec_inner_bn.h.

85{ return m_pt; }
The documentation for this class was generated from the following files:
Generated by doxygen 1.14.0