Botan 3.8.1
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::EC_AffinePoint_Data_BN Class Referencefinal

#include <ec_inner_bn.h>

Inheritance diagram for Botan::EC_AffinePoint_Data_BN:
Botan::EC_AffinePoint_Data

Public Member Functions

std::unique_ptr< EC_AffinePoint_Dataclone () const override
 
 EC_AffinePoint_Data_BN (std::shared_ptr< const EC_Group_Data > group, EC_Point pt)
 
size_t field_element_bytes () const override
 
const std::shared_ptr< const EC_Group_Data > & group () const override
 
bool is_identity () const override
 
std::unique_ptr< EC_AffinePoint_Datamul (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
 
secure_vector< uint8_t > mul_x_only (const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
 
void serialize_compressed_to (std::span< uint8_t > bytes) const override
 
void serialize_uncompressed_to (std::span< uint8_t > bytes) const override
 
void serialize_x_to (std::span< uint8_t > bytes) const override
 
void serialize_xy_to (std::span< uint8_t > bytes) const override
 
void serialize_y_to (std::span< uint8_t > bytes) const override
 
EC_Point to_legacy_point () const override
 

Detailed Description

Definition at line 57 of file ec_inner_bn.h.

Constructor & Destructor Documentation

◆ EC_AffinePoint_Data_BN()

Botan::EC_AffinePoint_Data_BN::EC_AffinePoint_Data_BN ( std::shared_ptr< const EC_Group_Data > group,
EC_Point pt )

Definition at line 80 of file ec_inner_bn.cpp.

80 :
81 m_group(std::move(group)), m_pt(std::move(pt)) {
82 if(!m_pt.is_zero()) {
83 m_pt.force_affine();
84 m_xy = m_pt.xy_bytes();
85 }
86}
Botan::EC_AffinePoint_Data_BN::group
const std::shared_ptr< const EC_Group_Data > & group() const override
Definition ec_inner_bn.cpp:92

References group().

Member Function Documentation

◆ clone()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::clone ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 88 of file ec_inner_bn.cpp.

88 {
89 return std::make_unique<EC_AffinePoint_Data_BN>(m_group, m_pt);
90}

◆ field_element_bytes()

size_t Botan::EC_AffinePoint_Data_BN::field_element_bytes ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 132 of file ec_inner_bn.cpp.

132 {
133 return m_group->p_bytes();
134}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ group()

const std::shared_ptr< const EC_Group_Data > & Botan::EC_AffinePoint_Data_BN::group ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 92 of file ec_inner_bn.cpp.

92 {
93 return m_group;
94}

Referenced by EC_AffinePoint_Data_BN().

◆ is_identity()

bool Botan::EC_AffinePoint_Data_BN::is_identity ( ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 136 of file ec_inner_bn.cpp.

136 {
137 return m_xy.empty();
138}

Referenced by serialize_compressed_to(), serialize_uncompressed_to(), serialize_x_to(), serialize_xy_to(), and serialize_y_to().

◆ mul()

std::unique_ptr< EC_AffinePoint_Data > Botan::EC_AffinePoint_Data_BN::mul ( const EC_Scalar_Data & scalar,
RandomNumberGenerator & rng ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 96 of file ec_inner_bn.cpp.

97 {
98 BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
99 const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
100
101 std::vector<BigInt> ws;
102 EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
103
104 // We pass order*cofactor here to "correctly" handle the case where the
105 // point is on the curve but not in the prime order subgroup. This only
106 // matters for groups with cofactor > 1
107 // See https://github.com/randombit/botan/issues/3800
108
109 const auto order = m_group->order() * m_group->cofactor();
110 auto pt = mul.mul(bn.value(), rng, order, ws);
111 return std::make_unique<EC_AffinePoint_Data_BN>(m_group, std::move(pt));
112}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:31
Botan::EC_AffinePoint_Data_BN::mul
std::unique_ptr< EC_AffinePoint_Data > mul(const EC_Scalar_Data &scalar, RandomNumberGenerator &rng) const override
Definition ec_inner_bn.cpp:96
Botan::EC_Scalar_Data_BN::checked_ref
static const EC_Scalar_Data_BN & checked_ref(const EC_Scalar_Data &data)
Definition ec_inner_bn.cpp:14

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

Referenced by mul(), and mul_x_only().

◆ mul_x_only()

secure_vector< uint8_t > Botan::EC_AffinePoint_Data_BN::mul_x_only ( const EC_Scalar_Data & scalar,
RandomNumberGenerator & rng ) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 114 of file ec_inner_bn.cpp.

115 {
116 BOTAN_ARG_CHECK(scalar.group() == m_group, "Curve mismatch");
117 const auto& bn = EC_Scalar_Data_BN::checked_ref(scalar);
118
119 std::vector<BigInt> ws;
120 EC_Point_Var_Point_Precompute mul(m_pt, rng, ws);
121
122 // We pass order*cofactor here to "correctly" handle the case where the
123 // point is on the curve but not in the prime order subgroup. This only
124 // matters for groups with cofactor > 1
125 // See https://github.com/randombit/botan/issues/3800
126
127 const auto order = m_group->order() * m_group->cofactor();
128 auto pt = mul.mul(bn.value(), rng, order, ws);
129 return pt.x_bytes();
130}

References BOTAN_ARG_CHECK, Botan::EC_Scalar_Data_BN::checked_ref(), Botan::EC_Scalar_Data::group(), and mul().

◆ serialize_compressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_compressed_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 161 of file ec_inner_bn.cpp.

161 {
162 BOTAN_STATE_CHECK(!this->is_identity());
163 const size_t fe_bytes = this->field_element_bytes();
164 BOTAN_ARG_CHECK(bytes.size() == 1 + fe_bytes, "Invalid output size");
165 const bool y_is_odd = (m_xy[m_xy.size() - 1] & 0x01) == 0x01;
166
167 BufferStuffer stuffer(bytes);
168 stuffer.append(y_is_odd ? 0x03 : 0x02);
169 serialize_x_to(stuffer.next(fe_bytes));
170}
BOTAN_STATE_CHECK
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:43
Botan::EC_AffinePoint_Data_BN::serialize_x_to
void serialize_x_to(std::span< uint8_t > bytes) const override
Definition ec_inner_bn.cpp:140
Botan::EC_AffinePoint_Data_BN::field_element_bytes
size_t field_element_bytes() const override
Definition ec_inner_bn.cpp:132
Botan::EC_AffinePoint_Data_BN::is_identity
bool is_identity() const override
Definition ec_inner_bn.cpp:136

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), is_identity(), Botan::BufferStuffer::next(), and serialize_x_to().

◆ serialize_uncompressed_to()

void Botan::EC_AffinePoint_Data_BN::serialize_uncompressed_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 172 of file ec_inner_bn.cpp.

172 {
173 BOTAN_STATE_CHECK(!this->is_identity());
174 const size_t fe_bytes = this->field_element_bytes();
175 BOTAN_ARG_CHECK(bytes.size() == 1 + 2 * fe_bytes, "Invalid output size");
176 BufferStuffer stuffer(bytes);
177 stuffer.append(0x04);
178 stuffer.append(m_xy);
179}

References Botan::BufferStuffer::append(), BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, field_element_bytes(), and is_identity().

◆ serialize_x_to()

void Botan::EC_AffinePoint_Data_BN::serialize_x_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 140 of file ec_inner_bn.cpp.

140 {
141 BOTAN_STATE_CHECK(!this->is_identity());
142 const size_t fe_bytes = this->field_element_bytes();
143 BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
144 copy_mem(bytes, std::span{m_xy}.first(fe_bytes));
145}
Botan::copy_mem
constexpr void copy_mem(T *out, const T *in, size_t n)
Definition mem_ops.h:149

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

Referenced by serialize_compressed_to().

◆ serialize_xy_to()

void Botan::EC_AffinePoint_Data_BN::serialize_xy_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 154 of file ec_inner_bn.cpp.

154 {
155 BOTAN_STATE_CHECK(!this->is_identity());
156 const size_t fe_bytes = this->field_element_bytes();
157 BOTAN_ARG_CHECK(bytes.size() == 2 * fe_bytes, "Invalid output size");
158 copy_mem(bytes, m_xy);
159}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ serialize_y_to()

void Botan::EC_AffinePoint_Data_BN::serialize_y_to ( std::span< uint8_t > bytes) const
overridevirtual

Implements Botan::EC_AffinePoint_Data.

Definition at line 147 of file ec_inner_bn.cpp.

147 {
148 BOTAN_STATE_CHECK(!this->is_identity());
149 const size_t fe_bytes = this->field_element_bytes();
150 BOTAN_ARG_CHECK(bytes.size() == fe_bytes, "Invalid output size");
151 copy_mem(bytes, std::span{m_xy}.last(fe_bytes));
152}

References BOTAN_ARG_CHECK, BOTAN_STATE_CHECK, Botan::copy_mem(), field_element_bytes(), and is_identity().

◆ to_legacy_point()

EC_Point Botan::EC_AffinePoint_Data_BN::to_legacy_point ( ) const
inlineoverride

Definition at line 83 of file ec_inner_bn.h.

83{ return m_pt; }
The documentation for this class was generated from the following files:
Generated by doxygen 1.13.2