/src/botan/build/include/botan/curve_gfp.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Elliptic curves over GF(p) |
3 | | * |
4 | | * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke |
5 | | * 2010-2011,2012,2014 Jack Lloyd |
6 | | * |
7 | | * Botan is released under the Simplified BSD License (see license.txt) |
8 | | */ |
9 | | |
10 | | #ifndef BOTAN_GFP_CURVE_H_ |
11 | | #define BOTAN_GFP_CURVE_H_ |
12 | | |
13 | | #include <botan/bigint.h> |
14 | | #include <memory> |
15 | | |
16 | | // Currently exposed in EC_Point |
17 | | //BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h) |
18 | | |
19 | | namespace Botan { |
20 | | |
21 | | class BOTAN_UNSTABLE_API CurveGFp_Repr { |
22 | | public: |
23 | 1 | virtual ~CurveGFp_Repr() = default; |
24 | | |
25 | | virtual const BigInt& get_p() const = 0; |
26 | | virtual const BigInt& get_a() const = 0; |
27 | | virtual const BigInt& get_b() const = 0; |
28 | | |
29 | | virtual size_t get_p_words() const = 0; |
30 | | |
31 | | virtual size_t get_ws_size() const = 0; |
32 | | |
33 | | virtual bool is_one(const BigInt& x) const = 0; |
34 | | |
35 | | virtual bool a_is_zero() const = 0; |
36 | | |
37 | | virtual bool a_is_minus_3() const = 0; |
38 | | |
39 | | /* |
40 | | * Returns to_curve_rep(get_a()) |
41 | | */ |
42 | | virtual const BigInt& get_a_rep() const = 0; |
43 | | |
44 | | /* |
45 | | * Returns to_curve_rep(get_b()) |
46 | | */ |
47 | | virtual const BigInt& get_b_rep() const = 0; |
48 | | |
49 | | /* |
50 | | * Returns to_curve_rep(1) |
51 | | */ |
52 | | virtual const BigInt& get_1_rep() const = 0; |
53 | | |
54 | | virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0; |
55 | | |
56 | | virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
57 | | |
58 | | virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
59 | | |
60 | 25.2M | void curve_mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
61 | 25.2M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
62 | 25.2M | curve_mul_words(z, x.data(), x.size(), y, ws); |
63 | 25.2M | } |
64 | | |
65 | | virtual void curve_mul_words( |
66 | | BigInt& z, const word x_words[], const size_t x_size, const BigInt& y, secure_vector<word>& ws) const = 0; |
67 | | |
68 | 34.3M | void curve_sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const { |
69 | 34.3M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
70 | 34.3M | curve_sqr_words(z, x.data(), x.size(), ws); |
71 | 34.3M | } |
72 | | |
73 | | virtual void curve_sqr_words(BigInt& z, const word x_words[], size_t x_size, secure_vector<word>& ws) const = 0; |
74 | | }; |
75 | | |
76 | | /** |
77 | | * This class represents an elliptic curve over GF(p) |
78 | | * |
79 | | * There should not be any reason for applications to use this type. |
80 | | * If you need EC primitives use the interfaces EC_Group and EC_Point |
81 | | * |
82 | | * It is likely this class will be removed entirely in a future major |
83 | | * release. |
84 | | */ |
85 | | class BOTAN_UNSTABLE_API CurveGFp final { |
86 | | public: |
87 | | /** |
88 | | * Create an uninitialized CurveGFp |
89 | | */ |
90 | 80.9k | CurveGFp() = default; |
91 | | |
92 | | /** |
93 | | * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p) |
94 | | * @param p prime number of the field |
95 | | * @param a first coefficient |
96 | | * @param b second coefficient |
97 | | */ |
98 | 1 | CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) : m_repr(choose_repr(p, a, b)) {} |
99 | | |
100 | 120k | CurveGFp(const CurveGFp&) = default; |
101 | | |
102 | 5.74k | CurveGFp& operator=(const CurveGFp&) = default; |
103 | | |
104 | | /** |
105 | | * @return curve coefficient a |
106 | | */ |
107 | 1.37k | const BigInt& get_a() const { return m_repr->get_a(); } |
108 | | |
109 | | /** |
110 | | * @return curve coefficient b |
111 | | */ |
112 | 1.37k | const BigInt& get_b() const { return m_repr->get_b(); } |
113 | | |
114 | | /** |
115 | | * Get prime modulus of the field of the curve |
116 | | * @return prime modulus of the field of the curve |
117 | | */ |
118 | 4.78M | const BigInt& get_p() const { return m_repr->get_p(); } |
119 | | |
120 | 288k | size_t get_p_words() const { return m_repr->get_p_words(); } |
121 | | |
122 | 4.76M | size_t get_ws_size() const { return m_repr->get_ws_size(); } |
123 | | |
124 | 0 | const BigInt& get_a_rep() const { return m_repr->get_a_rep(); } |
125 | | |
126 | 0 | const BigInt& get_b_rep() const { return m_repr->get_b_rep(); } |
127 | | |
128 | 24.4k | const BigInt& get_1_rep() const { return m_repr->get_1_rep(); } |
129 | | |
130 | 3.12M | bool a_is_minus_3() const { return m_repr->a_is_minus_3(); } |
131 | | |
132 | 3.12M | bool a_is_zero() const { return m_repr->a_is_zero(); } |
133 | | |
134 | 43.9k | bool is_one(const BigInt& x) const { return m_repr->is_one(x); } |
135 | | |
136 | 43.8k | BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const { return m_repr->invert_element(x, ws); } |
137 | | |
138 | 1.70k | void to_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->to_curve_rep(x, ws); } |
139 | | |
140 | 43.8k | void from_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->from_curve_rep(x, ws); } |
141 | | |
142 | 82 | BigInt from_rep_to_tmp(const BigInt& x, secure_vector<word>& ws) const { |
143 | 82 | BigInt xt(x); |
144 | 82 | m_repr->from_curve_rep(xt, ws); |
145 | 82 | return xt; |
146 | 82 | } |
147 | | |
148 | | // TODO: from_rep taking && ref |
149 | | |
150 | 24.5M | void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
151 | 24.5M | m_repr->curve_mul(z, x, y, ws); |
152 | 24.5M | } |
153 | | |
154 | 5.18M | void mul(BigInt& z, const word x_w[], size_t x_size, const BigInt& y, secure_vector<word>& ws) const { |
155 | 5.18M | m_repr->curve_mul_words(z, x_w, x_size, y, ws); |
156 | 5.18M | } |
157 | | |
158 | 17.4M | void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const { m_repr->curve_sqr(z, x, ws); } |
159 | | |
160 | 950k | void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const { |
161 | 950k | m_repr->curve_sqr_words(z, x_w, x_size, ws); |
162 | 950k | } |
163 | | |
164 | 0 | BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { return mul_to_tmp(x, y, ws); } |
165 | | |
166 | 0 | BigInt sqr(const BigInt& x, secure_vector<word>& ws) const { return sqr_to_tmp(x, ws); } |
167 | | |
168 | 62.3k | BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
169 | 62.3k | BigInt z; |
170 | 62.3k | m_repr->curve_mul(z, x, y, ws); |
171 | 62.3k | return z; |
172 | 62.3k | } |
173 | | |
174 | 52.9k | BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const { |
175 | 52.9k | BigInt z; |
176 | 52.9k | m_repr->curve_sqr(z, x, ws); |
177 | 52.9k | return z; |
178 | 52.9k | } |
179 | | |
180 | 75.7k | void swap(CurveGFp& other) { std::swap(m_repr, other.m_repr); } |
181 | | |
182 | | /** |
183 | | * Equality operator |
184 | | * @param other a curve |
185 | | * @return true iff *this is the same as other |
186 | | */ |
187 | 299k | inline bool operator==(const CurveGFp& other) const { |
188 | 299k | if(m_repr.get() == other.m_repr.get()) |
189 | 299k | return true; |
190 | | |
191 | 0 | return (get_p() == other.get_p()) && (get_a() == other.get_a()) && (get_b() == other.get_b()); |
192 | 299k | } |
193 | | |
194 | | private: |
195 | | static std::shared_ptr<CurveGFp_Repr> choose_repr(const BigInt& p, const BigInt& a, const BigInt& b); |
196 | | |
197 | | std::shared_ptr<CurveGFp_Repr> m_repr; |
198 | | }; |
199 | | |
200 | 11.0k | inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs) { return !(lhs == rhs); } |
201 | | |
202 | | } // namespace Botan |
203 | | |
204 | | namespace std { |
205 | | |
206 | | template <> |
207 | 0 | inline void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1, Botan::CurveGFp& curve2) noexcept { |
208 | 0 | curve1.swap(curve2); |
209 | 0 | } |
210 | | |
211 | | } // namespace std |
212 | | |
213 | | #endif |