doxygen/curve448__scalar_8h_source.html

/*

 * Ed448 Scalar

 * (C) 2024 Jack Lloyd

 *     2024 Fabian Albert - Rohde & Schwarz Cybersecurity

 *

 * Botan is released under the Simplified BSD License (see license.txt)

 */

#ifndef BOTAN_CURVE448_SCALAR_H_

#define BOTAN_CURVE448_SCALAR_H_


#include <botan/strong_type.h>

#include <botan/types.h>

#include <botan/internal/bit_ops.h>

#include <botan/internal/loadstor.h>


namespace Botan {


constexpr size_t words_for_bits(size_t x) {

   constexpr size_t word_bits = sizeof(word) * 8;

   return (x + word_bits - 1) / word_bits;

}


/**

 * @brief Representation of a scalar for X448.

 *

 * The scalar is an element in 0 <= s < L, where L is the group

 * order of X448. The constructor and all operations on

 * scalars reduce the element mod L internally. All operations are

 * constant time.

 *

 * L = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885

 * (RFC 7748 4.2)

 */


class BOTAN_TEST_API Scalar448 final {

   public:

      constexpr static size_t WORDS = words_for_bits(446);

      constexpr static size_t BYTES = ceil_tobytes<size_t>(446);


      /// @brief Construct a new scalar from (max. 114) bytes. Little endian.

      explicit Scalar448(std::span<const uint8_t> x);


      /// @brief Convert the scalar to bytes in little endian.

      template <size_t S = BYTES>


      std::array<uint8_t, S> to_bytes() const

         requires(S >= BYTES)

      {

         std::array<uint8_t, S> result = {0};

         store_le(std::span(result).template first<BYTES>(), m_scalar_words);

         return result;

      }


      /// @brief Access the i-th bit of the scalar. From 0 (lsb) to 445 (msb).

      bool get_bit(size_t i) const;


      /// @brief scalar = (scalar + other) mod L

      Scalar448 operator+(const Scalar448& other) const;


      /// @brief scalar = (scalar * other) mod L

      Scalar448 operator*(const Scalar448& other) const;


      /// @return true iff x >= L.

      static bool bytes_are_reduced(std::span<const uint8_t> x);


   private:

      // NOLINTNEXTLINE(*-member-init)

      explicit Scalar448(std::span<const word, WORDS> scalar_words) { copy_mem(m_scalar_words, scalar_words); }


      std::array<word, WORDS> m_scalar_words;

};


}  // namespace Botan


#endif  // BOTAN_CURVE448_SCALAR_H_

BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:41

Botan::Scalar448
Representation of a scalar for X448.
Definition curve448_scalar.h:34

Botan::Scalar448::Scalar448
Scalar448(std::span< const uint8_t > x)
Construct a new scalar from (max. 114) bytes. Little endian.
Definition curve448_scalar.cpp:148

Botan::Scalar448::to_bytes
std::array< uint8_t, S > to_bytes() const
Convert the scalar to bytes in little endian.
Definition curve448_scalar.h:44

Botan::Scalar448::WORDS
static constexpr size_t WORDS
Definition curve448_scalar.h:36

Botan::Scalar448::BYTES
static constexpr size_t BYTES
Definition curve448_scalar.h:37

Botan
Definition alg_id.cpp:13

Botan::copy_mem
constexpr void copy_mem(T *out, const T *in, size_t n)
Definition mem_ops.h:145

Botan::operator*
BigInt operator*(const BigInt &x, const BigInt &y)
Definition big_ops3.cpp:56

Botan::words_for_bits
constexpr size_t words_for_bits(size_t x)
Definition curve448_scalar.h:18

Botan::operator+
OctetString operator+(const OctetString &k1, const OctetString &k2)
Definition symkey.cpp:99

Botan::store_le
constexpr auto store_le(ParamTs &&... params)
Definition loadstor.h:736

Botan::ceil_tobytes
BOTAN_FORCE_INLINE constexpr T ceil_tobytes(T bits)
Definition bit_ops.h:155

Botan::word
std::conditional_t< HasNative64BitRegisters, std::uint64_t, uint32_t > word
Definition types.h:119