#include <ec_inner_bn.h>

Inheritance diagram for Botan::EC_AffinePoint_Data_BN:

Public Member Functions
std::unique_ptr< EC_AffinePoint_Data >	clone () const override
	EC_AffinePoint_Data_BN (std::shared_ptr< const EC_Group_Data > group, EC_Point pt)
size_t	field_element_bytes () const override
const std::shared_ptr< const EC_Group_Data > &	group () const override
bool	is_identity () const override
std::unique_ptr< EC_AffinePoint_Data >	mul (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
secure_vector< uint8_t >	mul_x_only (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
void	serialize_compressed_to (std::span< uint8_t > bytes) const override
void	serialize_uncompressed_to (std::span< uint8_t > bytes) const override
void	serialize_x_to (std::span< uint8_t > bytes) const override
void	serialize_xy_to (std::span< uint8_t > bytes) const override
void	serialize_y_to (std::span< uint8_t > bytes) const override
EC_Point	to_legacy_point () const override

Detailed Description

Definition at line 59 of file ec_inner_bn.h.

Constructor & Destructor Documentation

◆ EC_AffinePoint_Data_BN()

Botan::EC_AffinePoint_Data_BN::EC_AffinePoint_Data_BN	(	std::shared_ptr< const EC_Group_Data >	group,
		EC_Point	pt )

Definition at line 96 of file ec_inner_bn.cpp.

                                                                                                    :
      m_group(std::move(group)), m_pt(std::move(pt)) {
   if(!m_pt.is_zero()) {
      m_pt.force_affine();
      m_xy = m_pt.xy_bytes();
   }
}

References group().

Member Function Documentation

◆ clone()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::clone ( ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 104 of file ec_inner_bn.cpp.

                                                                       {
   return std::make_unique<EC_AffinePoint_Data_BN>(m_group, m_pt);
}

◆ field_element_bytes()

size_t Botan::EC_AffinePoint_Data_BN::field_element_bytes ( ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 148 of file ec_inner_bn.cpp.

                                                         {
   return m_group->p_bytes();
}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ group()

const std::shared_ptr< const EC_Group_Data > & Botan::EC_AffinePoint_Data_BN::group ( ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 108 of file ec_inner_bn.cpp.

                                                                              {
   return m_group;
}

Referenced by EC_AffinePoint_Data_BN().

◆ is_identity()

bool Botan::EC_AffinePoint_Data_BN::is_identity ( ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 152 of file ec_inner_bn.cpp.

                                               {
   return m_xy.empty();
}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ mul()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::mul	(	const EC_Scalar_Data &	scalar,
		RandomNumberGenerator &	rng ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 112 of file ec_inner_bn.cpp.

                                                                                                   {
   BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
   const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
 
   std::vector<BigInt> ws;
   const EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
 
   // We pass order*cofactor here to "correctly" handle the case where the
   // point is on the curve but not in the prime order subgroup. This only
   // matters for groups with cofactor > 1
   // See https://github.com/randombit/botan/issues/3800
 
   const auto order = m_group->order() * m_group->cofactor();
   auto pt = mul.mul(bn.value(), rng, order, ws);
   return std::make_unique<EC_AffinePoint_Data_BN>(m_group, std::move(pt));
}

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

Referenced by mul(), and mul_x_only().

◆ mul_x_only()

secure_vector< uint8_t > Botan::EC_AffinePoint_Data_BN::mul_x_only	(	const EC_Scalar_Data &	scalar,
		RandomNumberGenerator &	rng ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 130 of file ec_inner_bn.cpp.

                                                                                            {
   BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
   const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
 
   std::vector<BigInt> ws;
   const EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
 
   // We pass order*cofactor here to "correctly" handle the case where the
   // point is on the curve but not in the prime order subgroup. This only
   // matters for groups with cofactor > 1
   // See https://github.com/randombit/botan/issues/3800
 
   const auto order = m_group->order() * m_group->cofactor();
   auto pt = mul.mul(bn.value(), rng, order, ws);
   return pt.x_bytes();
}

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

◆ serialize_compressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_compressed_to ( std::span< uint8_t > bytes ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 177 of file ec_inner_bn.cpp.

                                                                                 {
   BOTAN_STATE_CHECK(!this->is_identity());
   const size_t fe_bytes = this->field_element_bytes();
   BOTAN_ARG_CHECK(bytes.size() == 1 + fe_bytes, "Invalid output size");
   const bool y_is_odd = (m_xy[m_xy.size() - 1] & 0x01) == 0x01;
 
   BufferStuffer stuffer(bytes);
   stuffer.append(y_is_odd ? 0x03 : 0x02);
   serialize_x_to(stuffer.next(fe_bytes));
}

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), is_identity(), Botan::BufferStuffer::next(), and serialize_x_to().

◆ serialize_uncompressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_uncompressed_to ( std::span< uint8_t > bytes ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 188 of file ec_inner_bn.cpp.

                                                                                   {
   BOTAN_STATE_CHECK(!this->is_identity());
   const size_t fe_bytes = this->field_element_bytes();
   BOTAN_ARG_CHECK(bytes.size() == 1 + 2 * fe_bytes, "Invalid output size");
   BufferStuffer stuffer(bytes);
   stuffer.append(0x04);
   stuffer.append(m_xy);
}

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), and is_identity().

◆ serialize_x_to()

void Botan::EC_AffinePoint_Data_BN::serialize_x_to ( std::span< uint8_t > bytes ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 156 of file ec_inner_bn.cpp.

                                                                        {
   BOTAN_STATE_CHECK(!this->is_identity());
   const size_t fe_bytes = this->field_element_bytes();
   BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
   copy_mem(bytes, std::span{m_xy}.first(fe_bytes));
}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

Referenced by serialize_compressed_to().

◆ serialize_xy_to()

void Botan::EC_AffinePoint_Data_BN::serialize_xy_to ( std::span< uint8_t > bytes ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 170 of file ec_inner_bn.cpp.

                                                                         {
   BOTAN_STATE_CHECK(!this->is_identity());
   const size_t fe_bytes = this->field_element_bytes();
   BOTAN_ARG_CHECK(bytes.size() == 2 * fe_bytes, "Invalid output size");
   copy_mem(bytes, m_xy);
}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ serialize_y_to()

void Botan::EC_AffinePoint_Data_BN::serialize_y_to ( std::span< uint8_t > bytes ) const

overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 163 of file ec_inner_bn.cpp.

                                                                        {
   BOTAN_STATE_CHECK(!this->is_identity());
   const size_t fe_bytes = this->field_element_bytes();
   BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
   copy_mem(bytes, std::span{m_xy}.last(fe_bytes));
}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ to_legacy_point()

EC_Point Botan::EC_AffinePoint_Data_BN::to_legacy_point ( ) const

inlineoverride

Definition at line 85 of file ec_inner_bn.h.

85{ return m_pt; }

The documentation for this class was generated from the following files:

src/lib/pubkey/ec_group/legacy_ec_point/ec_inner_bn.h
src/lib/pubkey/ec_group/legacy_ec_point/ec_inner_bn.cpp

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ EC_AffinePoint_Data_BN()

Member Function Documentation

◆ clone()

◆ field_element_bytes()

◆ group()

◆ is_identity()

◆ mul()

◆ mul_x_only()

◆ serialize_compressed_to()

◆ serialize_uncompressed_to()

◆ serialize_x_to()

◆ serialize_xy_to()

◆ serialize_y_to()

◆ to_legacy_point()