Botan  2.11.0
Crypto and TLS for C++11
curve_gfp.h
Go to the documentation of this file.
1 /*
2 * Elliptic curves over GF(p)
3 *
4 * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
5 * 2010-2011,2012,2014 Jack Lloyd
6 *
7 * Botan is released under the Simplified BSD License (see license.txt)
8 */
9 
10 #ifndef BOTAN_GFP_CURVE_H_
11 #define BOTAN_GFP_CURVE_H_
12 
13 #include <botan/bigint.h>
14 #include <memory>
15 
16 namespace Botan {
17 
18 class BOTAN_UNSTABLE_API CurveGFp_Repr
19  {
20  public:
21  virtual ~CurveGFp_Repr() = default;
22 
23  virtual const BigInt& get_p() const = 0;
24  virtual const BigInt& get_a() const = 0;
25  virtual const BigInt& get_b() const = 0;
26 
27  virtual size_t get_p_words() const = 0;
28 
29  virtual size_t get_ws_size() const = 0;
30 
31  virtual bool is_one(const BigInt& x) const = 0;
32 
33  virtual bool a_is_zero() const = 0;
34 
35  virtual bool a_is_minus_3() const = 0;
36 
37  /*
38  * Returns to_curve_rep(get_a())
39  */
40  virtual const BigInt& get_a_rep() const = 0;
41 
42  /*
43  * Returns to_curve_rep(get_b())
44  */
45  virtual const BigInt& get_b_rep() const = 0;
46 
47  /*
48  * Returns to_curve_rep(1)
49  */
50  virtual const BigInt& get_1_rep() const = 0;
51 
52  virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0;
53 
54  virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
55 
56  virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
57 
58  void curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
59  secure_vector<word>& ws) const
60  {
61  BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
62  curve_mul_words(z, x.data(), x.size(), y, ws);
63  }
64 
65  virtual void curve_mul_words(BigInt& z,
66  const word x_words[],
67  const size_t x_size,
68  const BigInt& y,
69  secure_vector<word>& ws) const = 0;
70 
71  void curve_sqr(BigInt& z, const BigInt& x,
72  secure_vector<word>& ws) const
73  {
74  BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
75  curve_sqr_words(z, x.data(), x.size(), ws);
76  }
77 
78  virtual void curve_sqr_words(BigInt& z,
79  const word x_words[],
80  size_t x_size,
81  secure_vector<word>& ws) const = 0;
82  };
83 
84 /**
85 * This class represents an elliptic curve over GF(p)
86 *
87 * There should not be any reason for applications to use this type.
88 * If you need EC primitives use the interfaces EC_Group and PointGFp
89 *
90 * It is likely this class will be removed entirely in a future major
91 * release.
92 */
93 class BOTAN_UNSTABLE_API CurveGFp final
94  {
95  public:
96 
97  /**
98  * Create an uninitialized CurveGFp
99  */
100  CurveGFp() = default;
101 
102  /**
103  * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
104  * @param p prime number of the field
105  * @param a first coefficient
106  * @param b second coefficient
107  */
108  CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) :
109  m_repr(choose_repr(p, a, b))
110  {
111  }
112 
113  CurveGFp(const CurveGFp&) = default;
114 
115  CurveGFp& operator=(const CurveGFp&) = default;
116 
117  /**
118  * @return curve coefficient a
119  */
120  const BigInt& get_a() const { return m_repr->get_a(); }
121 
122  /**
123  * @return curve coefficient b
124  */
125  const BigInt& get_b() const { return m_repr->get_b(); }
126 
127  /**
128  * Get prime modulus of the field of the curve
129  * @return prime modulus of the field of the curve
130  */
131  const BigInt& get_p() const { return m_repr->get_p(); }
132 
133  size_t get_p_words() const { return m_repr->get_p_words(); }
134 
135  size_t get_ws_size() const { return m_repr->get_ws_size(); }
136 
137  const BigInt& get_a_rep() const { return m_repr->get_a_rep(); }
138 
139  const BigInt& get_b_rep() const { return m_repr->get_b_rep(); }
140 
141  const BigInt& get_1_rep() const { return m_repr->get_1_rep(); }
142 
143  bool a_is_minus_3() const { return m_repr->a_is_minus_3(); }
144  bool a_is_zero() const { return m_repr->a_is_zero(); }
145 
146  bool is_one(const BigInt& x) const { return m_repr->is_one(x); }
147 
148  BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const
149  {
150  return m_repr->invert_element(x, ws);
151  }
152 
153  void to_rep(BigInt& x, secure_vector<word>& ws) const
154  {
155  m_repr->to_curve_rep(x, ws);
156  }
157 
158  void from_rep(BigInt& x, secure_vector<word>& ws) const
159  {
160  m_repr->from_curve_rep(x, ws);
161  }
162 
163  BigInt from_rep(const BigInt& x, secure_vector<word>& ws) const
164  {
165  BigInt xt(x);
166  m_repr->from_curve_rep(xt, ws);
167  return xt;
168  }
169 
170  // TODO: from_rep taking && ref
171 
172  void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
173  {
174  m_repr->curve_mul(z, x, y, ws);
175  }
176 
177  void mul(BigInt& z, const word x_w[], size_t x_size,
178  const BigInt& y, secure_vector<word>& ws) const
179  {
180  m_repr->curve_mul_words(z, x_w, x_size, y, ws);
181  }
182 
183  void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const
184  {
185  m_repr->curve_sqr(z, x, ws);
186  }
187 
188  void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const
189  {
190  m_repr->curve_sqr_words(z, x_w, x_size, ws);
191  }
192 
193  BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
194  {
195  return mul_to_tmp(x, y, ws);
196  }
197 
198  BigInt sqr(const BigInt& x, secure_vector<word>& ws) const
199  {
200  return sqr_to_tmp(x, ws);
201  }
202 
203  BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
204  {
205  BigInt z;
206  m_repr->curve_mul(z, x, y, ws);
207  return z;
208  }
209 
210  BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const
211  {
212  BigInt z;
213  m_repr->curve_sqr(z, x, ws);
214  return z;
215  }
216 
217  void swap(CurveGFp& other)
218  {
219  std::swap(m_repr, other.m_repr);
220  }
221 
222  /**
223  * Equality operator
224  * @param other a curve
225  * @return true iff *this is the same as other
226  */
227  inline bool operator==(const CurveGFp& other) const
228  {
229  if(m_repr.get() == other.m_repr.get())
230  return true;
231 
232  return (get_p() == other.get_p()) &&
233  (get_a() == other.get_a()) &&
234  (get_b() == other.get_b());
235  }
236 
237  private:
238  static std::shared_ptr<CurveGFp_Repr>
239  choose_repr(const BigInt& p, const BigInt& a, const BigInt& b);
240 
241  std::shared_ptr<CurveGFp_Repr> m_repr;
242  };
243 
244 inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs)
245  {
246  return !(lhs == rhs);
247  }
248 
249 }
250 
251 namespace std {
252 
253 template<> inline
254 void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1,
255  Botan::CurveGFp& curve2) noexcept
256  {
257  curve1.swap(curve2);
258  }
259 
260 } // namespace std
261 
262 #endif
Botan::x
BigInt const BigInt & x
Definition: numthry.h:139
BOTAN_UNSTABLE_API
#define BOTAN_UNSTABLE_API
Definition: compiler.h:38
Botan::operator!=
bool operator!=(const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
Definition: alg_id.cpp:90
Botan::CurveGFp::a_is_minus_3
bool a_is_minus_3() const
Definition: curve_gfp.h:143
Botan::CurveGFp::get_a_rep
const BigInt & get_a_rep() const
Definition: curve_gfp.h:137
Botan::CurveGFp::to_rep
void to_rep(BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:153
Botan::b
bool const OID & b
Definition: asn1_oid.h:109
Botan::CurveGFp::get_b_rep
const BigInt & get_b_rep() const
Definition: curve_gfp.h:139
Botan::CurveGFp::CurveGFp
CurveGFp(const BigInt &p, const BigInt &a, const BigInt &b)
Definition: curve_gfp.h:108
Botan::CurveGFp::get_p_words
size_t get_p_words() const
Definition: curve_gfp.h:133
Botan::CurveGFp::from_rep
BigInt from_rep(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:163
Botan::p
BigInt const BigInt & p
Definition: numthry.h:150
Botan::ws
secure_vector< word > & ws
Definition: curve_nistp.h:24
Botan::CurveGFp_Repr
Definition: curve_gfp.h:18
final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:28
std
Definition: bigint.h:1136
Botan::CurveGFp::mul
void mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:172
Botan::CurveGFp::get_ws_size
size_t get_ws_size() const
Definition: curve_gfp.h:135
Botan::CurveGFp::sqr
void sqr(BigInt &z, const word x_w[], size_t x_size, secure_vector< word > &ws) const
Definition: curve_gfp.h:188
Botan::CurveGFp::from_rep
void from_rep(BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:158
Botan::CurveGFp_Repr::curve_mul
void curve_mul(BigInt &z, const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:58
Botan::CurveGFp::get_1_rep
const BigInt & get_1_rep() const
Definition: curve_gfp.h:141
Botan::CurveGFp::invert_element
BigInt invert_element(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:148
Botan::CurveGFp_Repr::curve_sqr
void curve_sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:71
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:123
Botan::a
size_t const BigInt & a
Definition: numthry.h:111
Botan::CurveGFp::mul
void mul(BigInt &z, const word x_w[], size_t x_size, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:177
Botan::CurveGFp::operator==
bool operator==(const CurveGFp &other) const
Definition: curve_gfp.h:227
Botan::CurveGFp::is_one
bool is_one(const BigInt &x) const
Definition: curve_gfp.h:146
Botan::CurveGFp::sqr_to_tmp
BigInt sqr_to_tmp(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:210
Botan::CurveGFp::swap
void swap(CurveGFp &other)
Definition: curve_gfp.h:217
Botan
Definition: alg_id.cpp:13
Botan::CurveGFp::mul_to_tmp
BigInt mul_to_tmp(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:203
Botan::CurveGFp::get_b
const BigInt & get_b() const
Definition: curve_gfp.h:125
Botan::CurveGFp::sqr
BigInt sqr(const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:198
Botan::CurveGFp::get_a
const BigInt & get_a() const
Definition: curve_gfp.h:120
Botan::CurveGFp::a_is_zero
bool a_is_zero() const
Definition: curve_gfp.h:144
Botan::y
const OctetString & y
Definition: symkey.h:126
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
Botan::CurveGFp::get_p
const BigInt & get_p() const
Definition: curve_gfp.h:131
Botan::CurveGFp::sqr
void sqr(BigInt &z, const BigInt &x, secure_vector< word > &ws) const
Definition: curve_gfp.h:183
Botan::CurveGFp::mul
BigInt mul(const BigInt &x, const BigInt &y, secure_vector< word > &ws) const
Definition: curve_gfp.h:193
Generated by   doxygen 1.8.15