Coverage Report

Created: 2020-02-14 15:38

/src/botan/build/include/botan/curve_gfp.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
* Elliptic curves over GF(p)
3
*
4
* (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
5
*     2010-2011,2012,2014 Jack Lloyd
6
*
7
* Botan is released under the Simplified BSD License (see license.txt)
8
*/
9
10
#ifndef BOTAN_GFP_CURVE_H_
11
#define BOTAN_GFP_CURVE_H_
12
13
#include <botan/bigint.h>
14
#include <memory>
15
16
// Currently exposed in PointGFp
17
//BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h)
18
19
namespace Botan {
20
21
class BOTAN_UNSTABLE_API CurveGFp_Repr
22
   {
23
   public:
24
1.28k
      virtual ~CurveGFp_Repr() = default;
25
26
      virtual const BigInt& get_p() const = 0;
27
      virtual const BigInt& get_a() const = 0;
28
      virtual const BigInt& get_b() const = 0;
29
30
      virtual size_t get_p_words() const = 0;
31
32
      virtual size_t get_ws_size() const = 0;
33
34
      virtual bool is_one(const BigInt& x) const = 0;
35
36
      virtual bool a_is_zero() const = 0;
37
38
      virtual bool a_is_minus_3() const = 0;
39
40
      /*
41
      * Returns to_curve_rep(get_a())
42
      */
43
      virtual const BigInt& get_a_rep() const = 0;
44
45
      /*
46
      * Returns to_curve_rep(get_b())
47
      */
48
      virtual const BigInt& get_b_rep() const = 0;
49
50
      /*
51
      * Returns to_curve_rep(1)
52
      */
53
      virtual const BigInt& get_1_rep() const = 0;
54
55
      virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0;
56
57
      virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
58
59
      virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0;
60
61
      void curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
62
                     secure_vector<word>& ws) const
63
106M
         {
64
106M
         BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
65
106M
         curve_mul_words(z, x.data(), x.size(), y, ws);
66
106M
         }
67
68
      virtual void curve_mul_words(BigInt& z,
69
                                   const word x_words[],
70
                                   const size_t x_size,
71
                                   const BigInt& y,
72
                                   secure_vector<word>& ws) const = 0;
73
74
      void curve_sqr(BigInt& z, const BigInt& x,
75
                             secure_vector<word>& ws) const
76
118M
         {
77
118M
         BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words());
78
118M
         curve_sqr_words(z, x.data(), x.size(), ws);
79
118M
         }
80
81
      virtual void curve_sqr_words(BigInt& z,
82
                                   const word x_words[],
83
                                   size_t x_size,
84
                                   secure_vector<word>& ws) const = 0;
85
   };
86
87
/**
88
* This class represents an elliptic curve over GF(p)
89
*
90
* There should not be any reason for applications to use this type.
91
* If you need EC primitives use the interfaces EC_Group and PointGFp
92
*
93
* It is likely this class will be removed entirely in a future major
94
* release.
95
*/
96
class BOTAN_UNSTABLE_API CurveGFp final
97
   {
98
   public:
99
100
      /**
101
      * Create an uninitialized CurveGFp
102
      */
103
1.49M
      CurveGFp() = default;
104
105
      /**
106
      * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
107
      * @param p prime number of the field
108
      * @param a first coefficient
109
      * @param b second coefficient
110
      */
111
      CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) :
112
         m_repr(choose_repr(p, a, b))
113
1.28k
         {
114
1.28k
         }
115
116
1.18M
      CurveGFp(const CurveGFp&) = default;
117
118
638k
      CurveGFp& operator=(const CurveGFp&) = default;
119
120
      /**
121
      * @return curve coefficient a
122
      */
123
24.3k
      const BigInt& get_a() const { return m_repr->get_a(); }
124
125
      /**
126
      * @return curve coefficient b
127
      */
128
24.3k
      const BigInt& get_b() const { return m_repr->get_b(); }
129
130
      /**
131
      * Get prime modulus of the field of the curve
132
      * @return prime modulus of the field of the curve
133
      */
134
18.7M
      const BigInt& get_p() const { return m_repr->get_p(); }
135
136
1.47M
      size_t get_p_words() const { return m_repr->get_p_words(); }
137
138
18.6M
      size_t get_ws_size() const { return m_repr->get_ws_size(); }
139
140
1.95M
      const BigInt& get_a_rep() const { return m_repr->get_a_rep(); }
141
142
56.4k
      const BigInt& get_b_rep() const { return m_repr->get_b_rep(); }
143
144
161k
      const BigInt& get_1_rep() const { return m_repr->get_1_rep(); }
145
146
11.1M
      bool a_is_minus_3() const { return m_repr->a_is_minus_3(); }
147
11.2M
      bool a_is_zero() const { return m_repr->a_is_zero(); }
148
149
146k
      bool is_one(const BigInt& x) const { return m_repr->is_one(x); }
150
151
      BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const
152
148k
         {
153
148k
         return m_repr->invert_element(x, ws);
154
148k
         }
155
156
      void to_rep(BigInt& x, secure_vector<word>& ws) const
157
36.5k
         {
158
36.5k
         m_repr->to_curve_rep(x, ws);
159
36.5k
         }
160
161
      void from_rep(BigInt& x, secure_vector<word>& ws) const
162
145k
         {
163
145k
         m_repr->from_curve_rep(x, ws);
164
145k
         }
165
166
      BigInt from_rep_to_tmp(const BigInt& x, secure_vector<word>& ws) const
167
98.4k
         {
168
98.4k
         BigInt xt(x);
169
98.4k
         m_repr->from_curve_rep(xt, ws);
170
98.4k
         return xt;
171
98.4k
         }
172
173
      // TODO: from_rep taking && ref
174
175
      void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
176
100M
         {
177
100M
         m_repr->curve_mul(z, x, y, ws);
178
100M
         }
179
180
      void mul(BigInt& z, const word x_w[], size_t x_size,
181
               const BigInt& y, secure_vector<word>& ws) const
182
21.9M
         {
183
21.9M
         m_repr->curve_mul_words(z, x_w, x_size, y, ws);
184
21.9M
         }
185
186
      void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const
187
72.2M
         {
188
72.2M
         m_repr->curve_sqr(z, x, ws);
189
72.2M
         }
190
191
      void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const
192
3.66M
         {
193
3.66M
         m_repr->curve_sqr_words(z, x_w, x_size, ws);
194
3.66M
         }
195
196
      BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
197
0
         {
198
0
         return mul_to_tmp(x, y, ws);
199
0
         }
200
201
      BigInt sqr(const BigInt& x, secure_vector<word>& ws) const
202
0
         {
203
0
         return sqr_to_tmp(x, ws);
204
0
         }
205
206
      BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const
207
3.80M
         {
208
3.80M
         BigInt z;
209
3.80M
         m_repr->curve_mul(z, x, y, ws);
210
3.80M
         return z;
211
3.80M
         }
212
213
      BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const
214
412k
         {
215
412k
         BigInt z;
216
412k
         m_repr->curve_sqr(z, x, ws);
217
412k
         return z;
218
412k
         }
219
220
      void swap(CurveGFp& other)
221
1.31M
         {
222
1.31M
         std::swap(m_repr, other.m_repr);
223
1.31M
         }
224
225
      /**
226
      * Equality operator
227
      * @param other a curve
228
      * @return true iff *this is the same as other
229
      */
230
      inline bool operator==(const CurveGFp& other) const
231
1.49M
         {
232
1.49M
         if(m_repr.get() == other.m_repr.get())
233
1.49M
            return true;
234
0
235
0
         return (get_p() == other.get_p()) &&
236
0
                (get_a() == other.get_a()) &&
237
0
                (get_b() == other.get_b());
238
0
         }
239
240
   private:
241
      static std::shared_ptr<CurveGFp_Repr>
242
         choose_repr(const BigInt& p, const BigInt& a, const BigInt& b);
243
244
      std::shared_ptr<CurveGFp_Repr> m_repr;
245
   };
246
247
inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs)
248
25.3k
   {
249
25.3k
   return !(lhs == rhs);
250
25.3k
   }
251
252
}
253
254
namespace std {
255
256
template<> inline
257
void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1,
258
                           Botan::CurveGFp& curve2) noexcept
259
0
   {
260
0
   curve1.swap(curve2);
261
0
   }
262
263
} // namespace std
264
265
#endif