/src/botan/build/include/botan/curve_gfp.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Elliptic curves over GF(p) |
3 | | * |
4 | | * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke |
5 | | * 2010-2011,2012,2014 Jack Lloyd |
6 | | * |
7 | | * Botan is released under the Simplified BSD License (see license.txt) |
8 | | */ |
9 | | |
10 | | #ifndef BOTAN_GFP_CURVE_H_ |
11 | | #define BOTAN_GFP_CURVE_H_ |
12 | | |
13 | | #include <botan/bigint.h> |
14 | | #include <memory> |
15 | | |
16 | | // Currently exposed in PointGFp |
17 | | //BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h) |
18 | | |
19 | | namespace Botan { |
20 | | |
21 | | class BOTAN_UNSTABLE_API CurveGFp_Repr |
22 | | { |
23 | | public: |
24 | 1.34k | virtual ~CurveGFp_Repr() = default; |
25 | | |
26 | | virtual const BigInt& get_p() const = 0; |
27 | | virtual const BigInt& get_a() const = 0; |
28 | | virtual const BigInt& get_b() const = 0; |
29 | | |
30 | | virtual size_t get_p_words() const = 0; |
31 | | |
32 | | virtual size_t get_ws_size() const = 0; |
33 | | |
34 | | virtual bool is_one(const BigInt& x) const = 0; |
35 | | |
36 | | virtual bool a_is_zero() const = 0; |
37 | | |
38 | | virtual bool a_is_minus_3() const = 0; |
39 | | |
40 | | /* |
41 | | * Returns to_curve_rep(get_a()) |
42 | | */ |
43 | | virtual const BigInt& get_a_rep() const = 0; |
44 | | |
45 | | /* |
46 | | * Returns to_curve_rep(get_b()) |
47 | | */ |
48 | | virtual const BigInt& get_b_rep() const = 0; |
49 | | |
50 | | /* |
51 | | * Returns to_curve_rep(1) |
52 | | */ |
53 | | virtual const BigInt& get_1_rep() const = 0; |
54 | | |
55 | | virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0; |
56 | | |
57 | | virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
58 | | |
59 | | virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
60 | | |
61 | | void curve_mul(BigInt& z, const BigInt& x, const BigInt& y, |
62 | | secure_vector<word>& ws) const |
63 | 128M | { |
64 | 128M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
65 | 128M | curve_mul_words(z, x.data(), x.size(), y, ws); |
66 | 128M | } |
67 | | |
68 | | virtual void curve_mul_words(BigInt& z, |
69 | | const word x_words[], |
70 | | const size_t x_size, |
71 | | const BigInt& y, |
72 | | secure_vector<word>& ws) const = 0; |
73 | | |
74 | | void curve_sqr(BigInt& z, const BigInt& x, |
75 | | secure_vector<word>& ws) const |
76 | 138M | { |
77 | 138M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
78 | 138M | curve_sqr_words(z, x.data(), x.size(), ws); |
79 | 138M | } |
80 | | |
81 | | virtual void curve_sqr_words(BigInt& z, |
82 | | const word x_words[], |
83 | | size_t x_size, |
84 | | secure_vector<word>& ws) const = 0; |
85 | | }; |
86 | | |
87 | | /** |
88 | | * This class represents an elliptic curve over GF(p) |
89 | | * |
90 | | * There should not be any reason for applications to use this type. |
91 | | * If you need EC primitives use the interfaces EC_Group and PointGFp |
92 | | * |
93 | | * It is likely this class will be removed entirely in a future major |
94 | | * release. |
95 | | */ |
96 | | class BOTAN_UNSTABLE_API CurveGFp final |
97 | | { |
98 | | public: |
99 | | |
100 | | /** |
101 | | * Create an uninitialized CurveGFp |
102 | | */ |
103 | 1.71M | CurveGFp() = default; |
104 | | |
105 | | /** |
106 | | * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p) |
107 | | * @param p prime number of the field |
108 | | * @param a first coefficient |
109 | | * @param b second coefficient |
110 | | */ |
111 | | CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) : |
112 | | m_repr(choose_repr(p, a, b)) |
113 | 1.34k | { |
114 | 1.34k | } |
115 | | |
116 | 1.27M | CurveGFp(const CurveGFp&) = default; |
117 | | |
118 | 792k | CurveGFp& operator=(const CurveGFp&) = default; |
119 | | |
120 | | /** |
121 | | * @return curve coefficient a |
122 | | */ |
123 | 24.3k | const BigInt& get_a() const { return m_repr->get_a(); } |
124 | | |
125 | | /** |
126 | | * @return curve coefficient b |
127 | | */ |
128 | 24.3k | const BigInt& get_b() const { return m_repr->get_b(); } |
129 | | |
130 | | /** |
131 | | * Get prime modulus of the field of the curve |
132 | | * @return prime modulus of the field of the curve |
133 | | */ |
134 | 22.5M | const BigInt& get_p() const { return m_repr->get_p(); } |
135 | | |
136 | 1.55M | size_t get_p_words() const { return m_repr->get_p_words(); } |
137 | | |
138 | 22.4M | size_t get_ws_size() const { return m_repr->get_ws_size(); } |
139 | | |
140 | 3.74M | const BigInt& get_a_rep() const { return m_repr->get_a_rep(); } |
141 | | |
142 | 56.5k | const BigInt& get_b_rep() const { return m_repr->get_b_rep(); } |
143 | | |
144 | 146k | const BigInt& get_1_rep() const { return m_repr->get_1_rep(); } |
145 | | |
146 | 12.3M | bool a_is_minus_3() const { return m_repr->a_is_minus_3(); } |
147 | 12.4M | bool a_is_zero() const { return m_repr->a_is_zero(); } |
148 | | |
149 | 167k | bool is_one(const BigInt& x) const { return m_repr->is_one(x); } |
150 | | |
151 | | BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const |
152 | 167k | { |
153 | 167k | return m_repr->invert_element(x, ws); |
154 | 167k | } |
155 | | |
156 | | void to_rep(BigInt& x, secure_vector<word>& ws) const |
157 | 31.0k | { |
158 | 31.0k | m_repr->to_curve_rep(x, ws); |
159 | 31.0k | } |
160 | | |
161 | | void from_rep(BigInt& x, secure_vector<word>& ws) const |
162 | 165k | { |
163 | 165k | m_repr->from_curve_rep(x, ws); |
164 | 165k | } |
165 | | |
166 | | BigInt from_rep_to_tmp(const BigInt& x, secure_vector<word>& ws) const |
167 | 100k | { |
168 | 100k | BigInt xt(x); |
169 | 100k | m_repr->from_curve_rep(xt, ws); |
170 | 100k | return xt; |
171 | 100k | } |
172 | | |
173 | | // TODO: from_rep taking && ref |
174 | | |
175 | | void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const |
176 | 122M | { |
177 | 122M | m_repr->curve_mul(z, x, y, ws); |
178 | 122M | } |
179 | | |
180 | | void mul(BigInt& z, const word x_w[], size_t x_size, |
181 | | const BigInt& y, secure_vector<word>& ws) const |
182 | 27.9M | { |
183 | 27.9M | m_repr->curve_mul_words(z, x_w, x_size, y, ws); |
184 | 27.9M | } |
185 | | |
186 | | void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const |
187 | 88.6M | { |
188 | 88.6M | m_repr->curve_sqr(z, x, ws); |
189 | 88.6M | } |
190 | | |
191 | | void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const |
192 | 4.07M | { |
193 | 4.07M | m_repr->curve_sqr_words(z, x_w, x_size, ws); |
194 | 4.07M | } |
195 | | |
196 | | BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const |
197 | 0 | { |
198 | 0 | return mul_to_tmp(x, y, ws); |
199 | 0 | } |
200 | | |
201 | | BigInt sqr(const BigInt& x, secure_vector<word>& ws) const |
202 | 0 | { |
203 | 0 | return sqr_to_tmp(x, ws); |
204 | 0 | } |
205 | | |
206 | | BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const |
207 | 4.55M | { |
208 | 4.55M | BigInt z; |
209 | 4.55M | m_repr->curve_mul(z, x, y, ws); |
210 | 4.55M | return z; |
211 | 4.55M | } |
212 | | |
213 | | BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const |
214 | 435k | { |
215 | 435k | BigInt z; |
216 | 435k | m_repr->curve_sqr(z, x, ws); |
217 | 435k | return z; |
218 | 435k | } |
219 | | |
220 | | void swap(CurveGFp& other) |
221 | 1.49M | { |
222 | 1.49M | std::swap(m_repr, other.m_repr); |
223 | 1.49M | } |
224 | | |
225 | | /** |
226 | | * Equality operator |
227 | | * @param other a curve |
228 | | * @return true iff *this is the same as other |
229 | | */ |
230 | | inline bool operator==(const CurveGFp& other) const |
231 | 1.58M | { |
232 | 1.58M | if(m_repr.get() == other.m_repr.get()) |
233 | 1.58M | return true; |
234 | | |
235 | 0 | return (get_p() == other.get_p()) && |
236 | 0 | (get_a() == other.get_a()) && |
237 | 0 | (get_b() == other.get_b()); |
238 | 0 | } |
239 | | |
240 | | private: |
241 | | static std::shared_ptr<CurveGFp_Repr> |
242 | | choose_repr(const BigInt& p, const BigInt& a, const BigInt& b); |
243 | | |
244 | | std::shared_ptr<CurveGFp_Repr> m_repr; |
245 | | }; |
246 | | |
247 | | inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs) |
248 | 27.8k | { |
249 | 27.8k | return !(lhs == rhs); |
250 | 27.8k | } |
251 | | |
252 | | } |
253 | | |
254 | | namespace std { |
255 | | |
256 | | template<> inline |
257 | | void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1, |
258 | | Botan::CurveGFp& curve2) noexcept |
259 | 0 | { |
260 | 0 | curve1.swap(curve2); |
261 | 0 | } |
262 | | |
263 | | } // namespace std |
264 | | |
265 | | #endif |