doxygen/ed25519__fe_8h_source.html

/*

* Ed25519 field element

* (C) 2017 Ribose Inc

*

* Based on the public domain code from SUPERCOP ref10 by

* Peter Schwabe, Daniel J. Bernstein, Niels Duif, Tanja Lange, Bo-Yin Yang

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#ifndef BOTAN_ED25519_FE_H_

#define BOTAN_ED25519_FE_H_


#include <botan/mem_ops.h>

#include <botan/exceptn.h>


namespace Botan {


/**

* An element of the field \\Z/(2^255-19)

*/

class FE_25519

   {

   public:

      ~FE_25519() { secure_scrub_memory(m_fe, sizeof(m_fe)); }


      /**

      * Zero element

      */

      FE_25519(int init = 0)

         {

         if(init != 0 && init != 1)

            throw Invalid_Argument("Invalid FE_25519 initial value");

         clear_mem(m_fe, 10);

         m_fe[0] = init;

         }


      FE_25519(std::initializer_list<int32_t> x)

         {

         if(x.size() != 10)

            throw Invalid_Argument("Invalid FE_25519 initializer list");

         copy_mem(m_fe, x.begin(), 10);

         }


      FE_25519(int64_t h0, int64_t h1, int64_t h2, int64_t h3, int64_t h4,

               int64_t h5, int64_t h6, int64_t h7, int64_t h8, int64_t h9)

         {

         m_fe[0] = static_cast<int32_t>(h0);

         m_fe[1] = static_cast<int32_t>(h1);

         m_fe[2] = static_cast<int32_t>(h2);

         m_fe[3] = static_cast<int32_t>(h3);

         m_fe[4] = static_cast<int32_t>(h4);

         m_fe[5] = static_cast<int32_t>(h5);

         m_fe[6] = static_cast<int32_t>(h6);

         m_fe[7] = static_cast<int32_t>(h7);

         m_fe[8] = static_cast<int32_t>(h8);

         m_fe[9] = static_cast<int32_t>(h9);

         }


      FE_25519(const FE_25519& other) = default;

      FE_25519& operator=(const FE_25519& other) = default;


      FE_25519(FE_25519&& other) = default;

      FE_25519& operator=(FE_25519&& other) = default;


      void from_bytes(const uint8_t b[32]);

      void to_bytes(uint8_t b[32]) const;


      bool is_zero() const

         {

         uint8_t s[32];

         to_bytes(s);


         uint8_t sum = 0;

         for(size_t i = 0; i != 32; ++i)

            { sum |= s[i]; }


         // TODO avoid ternary here

         return (sum == 0) ? 1 : 0;

         }


      /*

      return 1 if f is in {1,3,5,...,q-2}

      return 0 if f is in {0,2,4,...,q-1}

      */

      bool is_negative() const

         {

         // TODO could avoid most of the to_bytes computation here

         uint8_t s[32];

         to_bytes(s);

         return s[0] & 1;

         }


      static FE_25519 add(const FE_25519& a, const FE_25519& b)

         {

         FE_25519 z;

         for(size_t i = 0; i != 10; ++i)

            { z[i] = a[i] + b[i]; }

         return z;

         }


      static FE_25519 sub(const FE_25519& a, const FE_25519& b)

         {

         FE_25519 z;

         for(size_t i = 0; i != 10; ++i)

            { z[i] = a[i] - b[i]; }

         return z;

         }


      static FE_25519 negate(const FE_25519& a)

         {

         FE_25519 z;

         for(size_t i = 0; i != 10; ++i)

            { z[i] = -a[i]; }

         return z;

         }


      static FE_25519 mul(const FE_25519& a, const FE_25519& b);

      static FE_25519 sqr_iter(const FE_25519& a, size_t iter);

      static FE_25519 sqr(const FE_25519& a) { return sqr_iter(a, 1); }

      static FE_25519 sqr2(const FE_25519& a);

      static FE_25519 pow_22523(const FE_25519& a);

      static FE_25519 invert(const FE_25519& a);


      // TODO remove

      int32_t operator[](size_t i) const { return m_fe[i]; }

      int32_t& operator[](size_t i) { return m_fe[i]; }


   private:


      int32_t m_fe[10];

   };


typedef FE_25519 fe;


/*

fe means field element.

Here the field is

An element t, entries t[0]...t[9], represents the integer

t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].

Bounds on each t[i] vary depending on context.

*/


inline void fe_frombytes(fe& x, const uint8_t* b)

   {

   x.from_bytes(b);

   }


inline void fe_tobytes(uint8_t* b, const fe& x)

   {

   x.to_bytes(b);

   }


inline void fe_copy(fe& a, const fe& b)

   {

   a = b;

   }


inline int fe_isnonzero(const fe& x)

   {

   return x.is_zero() ? 0 : 1;

   }


inline int fe_isnegative(const fe& x)

   {

   return x.is_negative();

   }


inline void fe_0(fe& x)

   {

   x = FE_25519();

   }


inline void fe_1(fe& x)

   {

   x = FE_25519(1);

   }


inline void fe_add(fe& x, const fe& a, const fe& b)

   {

   x = FE_25519::add(a, b);

   }


inline void fe_sub(fe& x, const fe& a, const fe& b)

   {

   x = FE_25519::sub(a, b);

   }


inline void fe_neg(fe& x, const fe& z)

   {

   x = FE_25519::negate(z);

   }


inline void fe_mul(fe& x, const fe& a, const fe& b)

   {

   x = FE_25519::mul(a, b);

   }


inline void fe_sq(fe& x, const fe& z)

   {

   x = FE_25519::sqr(z);

   }


inline void fe_sq_iter(fe& x, const fe& z, size_t iter)

   {

   x = FE_25519::sqr_iter(z, iter);

   }


inline void fe_sq2(fe& x, const fe& z)

   {

   x = FE_25519::sqr2(z);

   }


inline void fe_invert(fe& x, const fe& z)

   {

   x = FE_25519::invert(z);

   }


inline void fe_pow22523(fe& x, const fe& y)

   {

   x = FE_25519::pow_22523(y);

   }


}


#endif

Botan::FE_25519
Definition: ed25519_fe.h:23

Botan::FE_25519::add
static FE_25519 add(const FE_25519 &a, const FE_25519 &b)
Definition: ed25519_fe.h:94

Botan::FE_25519::operator=
FE_25519 & operator=(FE_25519 &&other)=default

Botan::FE_25519::sub
static FE_25519 sub(const FE_25519 &a, const FE_25519 &b)
Definition: ed25519_fe.h:102

Botan::FE_25519::FE_25519
FE_25519(const FE_25519 &other)=default

Botan::FE_25519::is_negative
bool is_negative() const
Definition: ed25519_fe.h:86

Botan::FE_25519::FE_25519
FE_25519(int64_t h0, int64_t h1, int64_t h2, int64_t h3, int64_t h4, int64_t h5, int64_t h6, int64_t h7, int64_t h8, int64_t h9)
Definition: ed25519_fe.h:45

Botan::FE_25519::to_bytes
void to_bytes(uint8_t b[32]) const
Definition: ed25519_fe.cpp:667

Botan::FE_25519::from_bytes
void from_bytes(const uint8_t b[32])
Definition: ed25519_fe.cpp:605

Botan::FE_25519::invert
static FE_25519 invert(const FE_25519 &a)
Definition: ed25519_fe.cpp:17

Botan::FE_25519::sqr
static FE_25519 sqr(const FE_25519 &a)
Definition: ed25519_fe.h:120

Botan::FE_25519::FE_25519
FE_25519(std::initializer_list< int32_t > x)
Definition: ed25519_fe.h:38

Botan::FE_25519::operator=
FE_25519 & operator=(const FE_25519 &other)=default

Botan::FE_25519::mul
static FE_25519 mul(const FE_25519 &a, const FE_25519 &b)
Definition: ed25519_fe.cpp:115

Botan::FE_25519::FE_25519
FE_25519(FE_25519 &&other)=default

Botan::FE_25519::operator[]
int32_t & operator[](size_t i)
Definition: ed25519_fe.h:127

Botan::FE_25519::negate
static FE_25519 negate(const FE_25519 &a)
Definition: ed25519_fe.h:110

Botan::FE_25519::operator[]
int32_t operator[](size_t i) const
Definition: ed25519_fe.h:126

Botan::FE_25519::~FE_25519
~FE_25519()
Definition: ed25519_fe.h:25

Botan::FE_25519::pow_22523
static FE_25519 pow_22523(const FE_25519 &a)
Definition: ed25519_fe.cpp:50

Botan::FE_25519::FE_25519
FE_25519(int init=0)
Definition: ed25519_fe.h:30

Botan::FE_25519::sqr_iter
static FE_25519 sqr_iter(const FE_25519 &a, size_t iter)
Definition: ed25519_fe.cpp:337

Botan::FE_25519::is_zero
bool is_zero() const
Definition: ed25519_fe.h:69

Botan::FE_25519::sqr2
static FE_25519 sqr2(const FE_25519 &a)
Definition: ed25519_fe.cpp:479

Botan::Invalid_Argument
Definition: exceptn.h:133

init
int(* init)(CTX *)
Definition: commoncrypto_hash.cpp:27

b
PolynomialVector b
Definition: kyber.cpp:821

Botan
Definition: alg_id.cpp:13

Botan::fe_sq2
void fe_sq2(fe &x, const fe &z)
Definition: ed25519_fe.h:210

Botan::fe_0
void fe_0(fe &x)
Definition: ed25519_fe.h:170

Botan::fe_isnegative
int fe_isnegative(const fe &x)
Definition: ed25519_fe.h:164

Botan::fe_isnonzero
int fe_isnonzero(const fe &x)
Definition: ed25519_fe.h:159

Botan::fe_1
void fe_1(fe &x)
Definition: ed25519_fe.h:175

Botan::fe_mul
void fe_mul(fe &x, const fe &a, const fe &b)
Definition: ed25519_fe.h:195

Botan::fe_sq
void fe_sq(fe &x, const fe &z)
Definition: ed25519_fe.h:200

Botan::fe_neg
void fe_neg(fe &x, const fe &z)
Definition: ed25519_fe.h:190

Botan::fe
FE_25519 fe
Definition: ed25519_fe.h:134

Botan::copy_mem
constexpr void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:126

Botan::secure_scrub_memory
void secure_scrub_memory(void *ptr, size_t n)
Definition: os_utils.cpp:81

Botan::fe_sq_iter
void fe_sq_iter(fe &x, const fe &z, size_t iter)
Definition: ed25519_fe.h:205

Botan::fe_copy
void fe_copy(fe &a, const fe &b)
Definition: ed25519_fe.h:154

Botan::fe_add
void fe_add(fe &x, const fe &a, const fe &b)
Definition: ed25519_fe.h:180

Botan::fe_sub
void fe_sub(fe &x, const fe &a, const fe &b)
Definition: ed25519_fe.h:185

Botan::fe_tobytes
void fe_tobytes(uint8_t *b, const fe &x)
Definition: ed25519_fe.h:149

Botan::fe_pow22523
void fe_pow22523(fe &x, const fe &y)
Definition: ed25519_fe.h:220

Botan::fe_invert
void fe_invert(fe &x, const fe &z)
Definition: ed25519_fe.h:215

Botan::fe_frombytes
void fe_frombytes(fe &x, const uint8_t *b)
Definition: ed25519_fe.h:144

Botan::clear_mem
constexpr void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:115