Botan 3.0.0-alpha0
Crypto and TLS for C&
curve_gfp.h
Go to the documentation of this file.
1/*
2* Elliptic curves over GF(p)
3*
4* (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
5* 2010-2011,2012,2014 Jack Lloyd
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#ifndef BOTAN_GFP_CURVE_H_
11#define BOTAN_GFP_CURVE_H_
12
13#include <botan/bigint.h>
14#include <memory>
15
16// Currently exposed in PointGFp
17//BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h)
18
19namespace Botan {
20
21class BOTAN_UNSTABLE_API CurveGFp_Repr
22 {
23 public:
24 virtual ~CurveGFp_Repr() = default;
25
26 virtual const BigInt& get_p() const = 0;
27 virtual const BigInt& get_a() const = 0;
28 virtual const BigInt& get_b() const = 0;
29
30 virtual size_t get_p_words() const = 0;
31
32 virtual size_t get_ws_size() const = 0;
33
34 virtual bool is_one(const BigInt& x) const = 0;
35
36 virtual bool a_is_zero() const = 0;
37
38 virtual bool a_is_minus_3() const = 0;
39
40 /*
41 * Returns to_curve_rep(get_a())
42 */
43 virtual const BigInt& get_a_rep() const = 0;
44
45 /*
46 * Returns to_curve_rep(get_b())
47 */
48 virtual const BigInt& get_b_rep() const = 0;
49
50 /*
51 * Returns to_curve_rep(1)
52 */
53 virtual const BigInt& get_1_rep() const = 0;
54
55 virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0;
56
57 virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
58
59 virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
60
61 void curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
62 secure_vector<word>& ws) const
63 {
64 BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
65 curve_mul_words(z, x.data(), x.size(), y, ws);
66 }
67
68 virtual void curve_mul_words(BigInt& z,
69 const word x_words[],
70 const size_t x_size,
71 const BigInt& y,
72 secure_vector<word>& ws) const = 0;
73
74 void curve_sqr(BigInt& z, const BigInt& x,
75 secure_vector<word>& ws) const
76 {
77 BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
78 curve_sqr_words(z, x.data(), x.size(), ws);
79 }
80
81 virtual void curve_sqr_words(BigInt& z,
82 const word x_words[],
83 size_t x_size,
84 secure_vector<word>& ws) const = 0;
85 };
86
87/**
88* This class represents an elliptic curve over GF(p)
89*
90* There should not be any reason for applications to use this type.
91* If you need EC primitives use the interfaces EC_Group and PointGFp
92*
93* It is likely this class will be removed entirely in a future major
94* release.
95*/
96class BOTAN_UNSTABLE_API CurveGFp final
97 {
98 public:
99
100 /**
101 * Create an uninitialized CurveGFp
102 */
103 CurveGFp() = default;
104
105 /**
106 * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
107 * @param p prime number of the field
108 * @param a first coefficient
109 * @param b second coefficient
110 */
111 CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) :
112 m_repr(choose_repr(p, a, b))
113 {
114 }
115
116 CurveGFp(const CurveGFp&) = default;
117
118 CurveGFp& operator=(const CurveGFp&) = default;
119
120 /**
121 * @return curve coefficient a
122 */
123 const BigInt& get_a() const { return m_repr->get_a(); }
124
125 /**
126 * @return curve coefficient b
127 */
128 const BigInt& get_b() const { return m_repr->get_b(); }
129
130 /**
131 * Get prime modulus of the field of the curve
132 * @return prime modulus of the field of the curve
133 */
134 const BigInt& get_p() const { return m_repr->get_p(); }
135
136 size_t get_p_words() const { return m_repr->get_p_words(); }
137
138 size_t get_ws_size() const { return m_repr->get_ws_size(); }
139
140 const BigInt& get_a_rep() const { return m_repr->get_a_rep(); }
141
142 const BigInt& get_b_rep() const { return m_repr->get_b_rep(); }
143
144 const BigInt& get_1_rep() const { return m_repr->get_1_rep(); }
145
146 bool a_is_minus_3() const { return m_repr->a_is_minus_3(); }
147 bool a_is_zero() const { return m_repr->a_is_zero(); }
148
149 bool is_one(const BigInt& x) const { return m_repr->is_one(x); }
150
151 BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const
152 {
153 return m_repr->invert_element(x, ws);
154 }
155
156 void to_rep(BigInt& x, secure_vector<word>& ws) const
157 {
158 m_repr->to_curve_rep(x, ws);
159 }
160
161 void from_rep(BigInt& x, secure_vector<word>& ws) const
162 {
163 m_repr->from_curve_rep(x, ws);
164 }
165
166 BigInt from_rep_to_tmp(const BigInt& x, secure_vector<word>& ws) const
167 {
168 BigInt xt(x);
169 m_repr->from_curve_rep(xt, ws);
170 return xt;
171 }
172
173 // TODO: from_rep taking && ref
174
175 void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
176 {
177 m_repr->curve_mul(z, x, y, ws);
178 }
179
180 void mul(BigInt& z, const word x_w[], size_t x_size,
181 const BigInt& y, secure_vector<word>& ws) const
182 {
183 m_repr->curve_mul_words(z, x_w, x_size, y, ws);
184 }
185
186 void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const
187 {
188 m_repr->curve_sqr(z, x, ws);
189 }
190
191 void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const
192 {
193 m_repr->curve_sqr_words(z, x_w, x_size, ws);
194 }
195
196 BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
197 {
198 return mul_to_tmp(x, y, ws);
199 }
200
201 BigInt sqr(const BigInt& x, secure_vector<word>& ws) const
202 {
203 return sqr_to_tmp(x, ws);
204 }
205
206 BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
207 {
208 BigInt z;
209 m_repr->curve_mul(z, x, y, ws);
210 return z;
211 }
212
213 BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const
214 {
215 BigInt z;
216 m_repr->curve_sqr(z, x, ws);
217 return z;
218 }
219
220 void swap(CurveGFp& other)
221 {
222 std::swap(m_repr, other.m_repr);
223 }
224
225 /**
226 * Equality operator
227 * @param other a curve
228 * @return true iff *this is the same as other
229 */
230 inline bool operator==(const CurveGFp& other) const
231 {
232 if(m_repr.get() == other.m_repr.get())
233 return true;
234
235 return (get_p() == other.get_p()) &&
236 (get_a() == other.get_a()) &&
237 (get_b() == other.get_b());
238 }
239
240 private:
241 static std::shared_ptr<CurveGFp_Repr>
242 choose_repr(const BigInt& p, const BigInt& a, const BigInt& b);
243
244 std::shared_ptr<CurveGFp_Repr> m_repr;
245 };
246
247inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs)
248 {
249 return !(lhs == rhs);
250 }
251
252}
253
254namespace std {
255
256template<> inline
257void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1,
258 Botan::CurveGFp& curve2) noexcept
259 {
260 curve1.swap(curve2);
261 }
262
263} // namespace std
264
265#endif
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:122
Botan::BigInt::sig_words
size_t sig_words() const
Definition: bigint.h:600
Botan::BigInt::size
size_t size() const
Definition: bigint.h:594
Botan::BigInt::data
const word * data() const
Definition: bigint.h:634
Botan::CurveGFp_Repr
Definition: curve_gfp.h:22
Botan::CurveGFp_Repr::curve_mul
void curve_mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:61
Botan::CurveGFp_Repr::get_p_words
virtual size_t get_p_words() const =0
Botan::CurveGFp_Repr::invert_element
virtual BigInt invert_element(const BigInt &x, secure_vector< word > &ws) const =0
Botan::CurveGFp_Repr::~CurveGFp_Repr
virtual ~CurveGFp_Repr()=default
Botan::CurveGFp_Repr::get_a
virtual const BigInt & get_a() const =0
Botan::CurveGFp_Repr::to_curve_rep
virtual void to_curve_rep(BigInt &x, secure_vector< word > &ws) const =0
Botan::CurveGFp_Repr::get_b
virtual const BigInt & get_b() const =0
Botan::CurveGFp_Repr::is_one
virtual bool is_one(const BigInt &x) const =0
Botan::CurveGFp_Repr::curve_sqr_words
virtual void curve_sqr_words(BigInt &z, const word x_words[], size_t x_size, secure_vector< word > &ws) const =0
Botan::CurveGFp_Repr::get_a_rep
virtual const BigInt & get_a_rep() const =0
Botan::CurveGFp_Repr::curve_sqr
void curve_sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:74
Botan::CurveGFp_Repr::get_b_rep
virtual const BigInt & get_b_rep() const =0
Botan::CurveGFp_Repr::from_curve_rep
virtual void from_curve_rep(BigInt &x, secure_vector< word > &ws) const =0
Botan::CurveGFp_Repr::get_p
virtual const BigInt & get_p() const =0
Botan::CurveGFp_Repr::get_ws_size
virtual size_t get_ws_size() const =0
Botan::CurveGFp_Repr::a_is_minus_3
virtual bool a_is_minus_3() const =0
Botan::CurveGFp_Repr::get_1_rep
virtual const BigInt & get_1_rep() const =0
Botan::CurveGFp_Repr::a_is_zero
virtual bool a_is_zero() const =0
Botan::CurveGFp_Repr::curve_mul_words
virtual void curve_mul_words(BigInt &z, const word x_words[], const size_t x_size, const BigInt &y, secure_vector< word > &ws) const =0
Botan::CurveGFp::CurveGFp
CurveGFp(const CurveGFp &)=default
Botan::CurveGFp::a_is_minus_3
bool a_is_minus_3() const
Definition: curve_gfp.h:146
Botan::CurveGFp::mul
void mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:175
Botan::CurveGFp::mul
void mul(BigInt &z, const word x_w[], size_t x_size, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:180
Botan::CurveGFp::get_ws_size
size_t get_ws_size() const
Definition: curve_gfp.h:138
Botan::CurveGFp::invert_element
BigInt invert_element(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:151
Botan::CurveGFp::get_1_rep
const BigInt & get_1_rep() const
Definition: curve_gfp.h:144
Botan::CurveGFp::get_b_rep
const BigInt & get_b_rep() const
Definition: curve_gfp.h:142
Botan::CurveGFp::is_one
bool is_one(const BigInt &x) const
Definition: curve_gfp.h:149
Botan::CurveGFp::sqr
void sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:186
Botan::CurveGFp::swap
void swap(CurveGFp &other)
Definition: curve_gfp.h:220
Botan::CurveGFp::get_a_rep
const BigInt & get_a_rep() const
Definition: curve_gfp.h:140
Botan::CurveGFp::a_is_zero
bool a_is_zero() const
Definition: curve_gfp.h:147
Botan::CurveGFp::from_rep_to_tmp
BigInt from_rep_to_tmp(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:166
Botan::CurveGFp::sqr
void sqr(BigInt &z, const word x_w[], size_t x_size, secure_vector< word > &ws) const
Definition: curve_gfp.h:191
Botan::CurveGFp::CurveGFp
CurveGFp()=default
Botan::CurveGFp::get_a
const BigInt & get_a() const
Definition: curve_gfp.h:123
Botan::CurveGFp::to_rep
void to_rep(BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:156
Botan::CurveGFp::CurveGFp
CurveGFp(const BigInt &p, const BigInt &a, const BigInt &b)
Definition: curve_gfp.h:111
Botan::CurveGFp::mul
BigInt mul(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:196
Botan::CurveGFp::get_p_words
size_t get_p_words() const
Definition: curve_gfp.h:136
Botan::CurveGFp::operator=
CurveGFp & operator=(const CurveGFp &)=default
Botan::CurveGFp::get_p
const BigInt & get_p() const
Definition: curve_gfp.h:134
Botan::CurveGFp::sqr_to_tmp
BigInt sqr_to_tmp(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:213
Botan::CurveGFp::sqr
BigInt sqr(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:201
Botan::CurveGFp::get_b
const BigInt & get_b() const
Definition: curve_gfp.h:128
Botan::CurveGFp::operator==
bool operator==(const CurveGFp &other) const
Definition: curve_gfp.h:230
Botan::CurveGFp::from_rep
void from_rep(BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:161
Botan::CurveGFp::mul_to_tmp
BigInt mul_to_tmp(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:206
final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:29
BOTAN_UNSTABLE_API
#define BOTAN_UNSTABLE_API
Definition: compiler.h:44
b
PolynomialVector b
Definition: kyber.cpp:821
Botan
Definition: alg_id.cpp:13
Botan::operator!=
bool operator!=(const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
Definition: alg_id.cpp:82
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
std
Definition: bigint.h:1077
Generated by doxygen 1.9.3