Botan 3.6.0
Crypto and TLS for C&
ec_apoint.cpp
Go to the documentation of this file.
1/*
2* (C) 2024 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/ec_apoint.h>
8
9#include <botan/ec_group.h>
10#include <botan/ec_scalar.h>
11#include <botan/internal/ec_inner_data.h>
12
13namespace Botan {
14
15EC_AffinePoint::EC_AffinePoint(std::unique_ptr<EC_AffinePoint_Data> point) : m_point(std::move(point)) {
16 BOTAN_ASSERT_NONNULL(m_point);
17}
18
19EC_AffinePoint::EC_AffinePoint(const EC_AffinePoint& other) : m_point(other.inner().clone()) {}
20
21EC_AffinePoint::EC_AffinePoint(EC_AffinePoint&& other) noexcept : m_point(std::move(other.m_point)) {}
22
23EC_AffinePoint& EC_AffinePoint::operator=(const EC_AffinePoint& other) {
24 if(this != &other) {
25 m_point = other.inner().clone();
26 }
27 return (*this);
28}
29
30EC_AffinePoint& EC_AffinePoint::operator=(EC_AffinePoint&& other) noexcept {
31 m_point.swap(other.m_point);
32 return (*this);
33}
34
35EC_AffinePoint::EC_AffinePoint(const EC_Group& group, std::span<const uint8_t> bytes) {
36 m_point = group._data()->point_deserialize(bytes);
37 if(!m_point) {
38 throw Decoding_Error("Failed to deserialize elliptic curve point");
39 }
40}
41
44
45EC_AffinePoint EC_AffinePoint::identity(const EC_Group& group) {
46 const uint8_t id_encoding[1] = {0};
47 return EC_AffinePoint(group, id_encoding);
48}
49
50EC_AffinePoint EC_AffinePoint::generator(const EC_Group& group) {
51 return EC_AffinePoint(group, group.get_base_point());
52}
53
54std::optional<EC_AffinePoint> EC_AffinePoint::from_bigint_xy(const EC_Group& group, const BigInt& x, const BigInt& y) {
55 if(x.is_negative() || x >= group.get_p()) {
56 return {};
57 }
58 if(y.is_negative() || y >= group.get_p()) {
59 return {};
60 }
61
62 const size_t fe_bytes = group.get_p_bytes();
63 std::vector<uint8_t> sec1(1 + 2 * fe_bytes);
64 sec1[0] = 0x04;
65 x.serialize_to(std::span{sec1}.subspan(1, fe_bytes));
66 y.serialize_to(std::span{sec1}.last(fe_bytes));
67
68 return EC_AffinePoint::deserialize(group, sec1);
69}
70
71size_t EC_AffinePoint::field_element_bytes() const {
72 return inner().field_element_bytes();
73}
74
75bool EC_AffinePoint::is_identity() const {
76 return inner().is_identity();
77}
78
79EC_AffinePoint EC_AffinePoint::hash_to_curve_ro(const EC_Group& group,
80 std::string_view hash_fn,
81 std::span<const uint8_t> input,
82 std::span<const uint8_t> domain_sep) {
83 auto pt = group._data()->point_hash_to_curve_ro(hash_fn, input, domain_sep);
84 return EC_AffinePoint(std::move(pt));
85}
86
87EC_AffinePoint EC_AffinePoint::hash_to_curve_nu(const EC_Group& group,
88 std::string_view hash_fn,
89 std::span<const uint8_t> input,
90 std::span<const uint8_t> domain_sep) {
91 auto pt = group._data()->point_hash_to_curve_nu(hash_fn, input, domain_sep);
92 return EC_AffinePoint(std::move(pt));
93}
94
95EC_AffinePoint::~EC_AffinePoint() = default;
96
97std::optional<EC_AffinePoint> EC_AffinePoint::deserialize(const EC_Group& group, std::span<const uint8_t> bytes) {
98 if(auto pt = group._data()->point_deserialize(bytes)) {
99 return EC_AffinePoint(std::move(pt));
100 } else {
101 return {};
102 }
103}
104
105EC_AffinePoint EC_AffinePoint::g_mul(const EC_Scalar& scalar, RandomNumberGenerator& rng, std::vector<BigInt>& ws) {
106 auto pt = scalar._inner().group()->point_g_mul(scalar.inner(), rng, ws);
107 return EC_AffinePoint(std::move(pt));
108}
109
110EC_AffinePoint EC_AffinePoint::mul(const EC_Scalar& scalar, RandomNumberGenerator& rng, std::vector<BigInt>& ws) const {
111 return EC_AffinePoint(inner().mul(scalar._inner(), rng, ws));
112}
113
114void EC_AffinePoint::serialize_x_to(std::span<uint8_t> bytes) const {
115 BOTAN_STATE_CHECK(!this->is_identity());
116 m_point->serialize_x_to(bytes);
117}
118
119void EC_AffinePoint::serialize_y_to(std::span<uint8_t> bytes) const {
120 BOTAN_STATE_CHECK(!this->is_identity());
121 m_point->serialize_y_to(bytes);
122}
123
124void EC_AffinePoint::serialize_xy_to(std::span<uint8_t> bytes) const {
125 BOTAN_STATE_CHECK(!this->is_identity());
126 m_point->serialize_xy_to(bytes);
127}
128
129void EC_AffinePoint::serialize_compressed_to(std::span<uint8_t> bytes) const {
130 BOTAN_STATE_CHECK(!this->is_identity());
131 m_point->serialize_compressed_to(bytes);
132}
133
134void EC_AffinePoint::serialize_uncompressed_to(std::span<uint8_t> bytes) const {
135 BOTAN_STATE_CHECK(!this->is_identity());
136 m_point->serialize_uncompressed_to(bytes);
137}
138
139EC_Point EC_AffinePoint::to_legacy_point() const {
140 return m_point->to_legacy_point();
141}
142
143EC_AffinePoint EC_AffinePoint::_from_inner(std::unique_ptr<EC_AffinePoint_Data> inner) {
144 return EC_AffinePoint(std::move(inner));
145}
146
147const std::shared_ptr<const EC_Group_Data>& EC_AffinePoint::_group() const {
148 return inner().group();
149}
150
151} // namespace Botan
BOTAN_STATE_CHECK
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:41
BOTAN_ASSERT_NONNULL
#define BOTAN_ASSERT_NONNULL(ptr)
Definition assert.h:86
Botan::BigInt::serialize_to
void serialize_to(std::span< uint8_t > out) const
Definition bigint.cpp:383
Botan::BigInt::is_negative
bool is_negative() const
Definition bigint.h:560
Botan::Decoding_Error
Definition exceptn.h:191
Botan::EC_AffinePoint_Data::clone
virtual std::unique_ptr< EC_AffinePoint_Data > clone() const =0
Botan::EC_AffinePoint_Data::field_element_bytes
virtual size_t field_element_bytes() const =0
Botan::EC_AffinePoint_Data::group
virtual const std::shared_ptr< const EC_Group_Data > & group() const =0
Botan::EC_AffinePoint_Data::is_identity
virtual bool is_identity() const =0
Botan::EC_AffinePoint
Definition ec_apoint.h:29
Botan::EC_AffinePoint::hash_to_curve_ro
static EC_AffinePoint hash_to_curve_ro(const EC_Group &group, std::string_view hash_fn, std::span< const uint8_t > input, std::span< const uint8_t > domain_sep)
Definition ec_apoint.cpp:79
Botan::EC_AffinePoint::field_element_bytes
size_t field_element_bytes() const
Definition ec_apoint.cpp:71
Botan::EC_AffinePoint::serialize_xy_to
void serialize_xy_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:124
Botan::EC_AffinePoint::hash_to_curve_nu
static EC_AffinePoint hash_to_curve_nu(const EC_Group &group, std::string_view hash_fn, std::span< const uint8_t > input, std::span< const uint8_t > domain_sep)
Definition ec_apoint.cpp:87
Botan::EC_AffinePoint::is_identity
bool is_identity() const
Return true if this point is the identity element.
Definition ec_apoint.cpp:75
Botan::EC_AffinePoint::identity
static EC_AffinePoint identity(const EC_Group &group)
Return the identity element.
Definition ec_apoint.cpp:45
Botan::EC_AffinePoint::from_bigint_xy
static std::optional< EC_AffinePoint > from_bigint_xy(const EC_Group &group, const BigInt &x, const BigInt &y)
Definition ec_apoint.cpp:54
Botan::EC_AffinePoint::EC_AffinePoint
EC_AffinePoint(const EC_Group &group, std::span< const uint8_t > bytes)
Definition ec_apoint.cpp:35
Botan::EC_AffinePoint::~EC_AffinePoint
~EC_AffinePoint()
Botan::EC_AffinePoint::_from_inner
static EC_AffinePoint _from_inner(std::unique_ptr< EC_AffinePoint_Data > inner)
Definition ec_apoint.cpp:143
Botan::EC_AffinePoint::_group
const std::shared_ptr< const EC_Group_Data > & _group() const
Definition ec_apoint.cpp:147
Botan::EC_AffinePoint::deserialize
static std::optional< EC_AffinePoint > deserialize(const EC_Group &group, std::span< const uint8_t > bytes)
Definition ec_apoint.cpp:97
Botan::EC_AffinePoint::serialize_x_to
void serialize_x_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:114
Botan::EC_AffinePoint::serialize_compressed_to
void serialize_compressed_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:129
Botan::EC_AffinePoint::serialize_uncompressed_to
void serialize_uncompressed_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:134
Botan::EC_AffinePoint::serialize_y_to
void serialize_y_to(std::span< uint8_t > bytes) const
Definition ec_apoint.cpp:119
Botan::EC_AffinePoint::to_legacy_point
EC_Point to_legacy_point() const
Definition ec_apoint.cpp:139
Botan::EC_AffinePoint::operator=
EC_AffinePoint & operator=(const EC_AffinePoint &other)
Definition ec_apoint.cpp:23
Botan::EC_AffinePoint::g_mul
static EC_AffinePoint g_mul(const EC_Scalar &scalar, RandomNumberGenerator &rng, std::vector< BigInt > &ws)
Definition ec_apoint.cpp:105
Botan::EC_AffinePoint::generator
static EC_AffinePoint generator(const EC_Group &group)
Return the standard group generator.
Definition ec_apoint.cpp:50
Botan::EC_AffinePoint::mul
EC_AffinePoint mul(const EC_Scalar &scalar, RandomNumberGenerator &rng, std::vector< BigInt > &ws) const
Definition ec_apoint.cpp:110
Botan::EC_Group
Definition ec_group.h:51
Botan::EC_Group::get_p
const BigInt & get_p() const
Definition ec_group.cpp:434
Botan::EC_Group::get_base_point
const EC_Point & get_base_point() const
Definition ec_group.cpp:446
Botan::EC_Group::_data
const std::shared_ptr< EC_Group_Data > & _data() const
Definition ec_group.h:370
Botan::EC_Group::get_p_bytes
size_t get_p_bytes() const
Definition ec_group.cpp:422
Botan::EC_Point
Definition ec_point.h:37
Botan::EC_Scalar_Data::group
virtual const std::shared_ptr< const EC_Group_Data > & group() const =0
Botan::EC_Scalar
Definition ec_scalar.h:28
Botan::EC_Scalar::_inner
const EC_Scalar_Data & _inner() const
Definition ec_scalar.h:211
Botan::EC_Point_Format
EC_Point_Format
Definition ec_point.h:19
Generated by doxygen 1.12.0