/src/botan/build/include/botan/bigint.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * BigInt |
3 | | * (C) 1999-2008,2012,2018 Jack Lloyd |
4 | | * 2007 FlexSecure |
5 | | * |
6 | | * Botan is released under the Simplified BSD License (see license.txt) |
7 | | */ |
8 | | |
9 | | #ifndef BOTAN_BIGINT_H_ |
10 | | #define BOTAN_BIGINT_H_ |
11 | | |
12 | | #include <botan/types.h> |
13 | | #include <botan/secmem.h> |
14 | | #include <botan/exceptn.h> |
15 | | #include <iosfwd> |
16 | | |
17 | | namespace Botan { |
18 | | |
19 | | class RandomNumberGenerator; |
20 | | |
21 | | /** |
22 | | * Arbitrary precision integer |
23 | | */ |
24 | | class BOTAN_PUBLIC_API(2,0) BigInt final |
25 | | { |
26 | | public: |
27 | | /** |
28 | | * Base enumerator for encoding and decoding |
29 | | */ |
30 | | enum Base { Decimal = 10, Hexadecimal = 16, Binary = 256 }; |
31 | | |
32 | | /** |
33 | | * Sign symbol definitions for positive and negative numbers |
34 | | */ |
35 | | enum Sign { Negative = 0, Positive = 1 }; |
36 | | |
37 | | /** |
38 | | * Create empty (zero) BigInt |
39 | | */ |
40 | 6.58M | BigInt() = default; |
41 | | |
42 | | /** |
43 | | * Create a 0-value BigInt |
44 | | */ |
45 | 78.3k | static BigInt zero() { return BigInt(); } |
46 | | |
47 | | /** |
48 | | * Create a 1-value BigInt |
49 | | */ |
50 | 2.44k | static BigInt one() { return BigInt::from_word(1); } |
51 | | |
52 | | /** |
53 | | * Create BigInt from an unsigned 64 bit integer |
54 | | * @param n initial value of this BigInt |
55 | | */ |
56 | | static BigInt from_u64(uint64_t n); |
57 | | |
58 | | /** |
59 | | * Create BigInt from a word (limb) |
60 | | * @param n initial value of this BigInt |
61 | | */ |
62 | | static BigInt from_word(word n); |
63 | | |
64 | | /** |
65 | | * Create BigInt from a signed 32 bit integer |
66 | | * @param n initial value of this BigInt |
67 | | */ |
68 | | static BigInt from_s32(int32_t n); |
69 | | |
70 | | /** |
71 | | * Create BigInt from an unsigned 64 bit integer |
72 | | * @param n initial value of this BigInt |
73 | | */ |
74 | | BigInt(uint64_t n); |
75 | | |
76 | | /** |
77 | | * Copy Constructor |
78 | | * @param other the BigInt to copy |
79 | | */ |
80 | 1.04M | BigInt(const BigInt& other) = default; |
81 | | |
82 | | /** |
83 | | * Create BigInt from a string. If the string starts with 0x the |
84 | | * rest of the string will be interpreted as hexadecimal digits. |
85 | | * Otherwise, it will be interpreted as a decimal number. |
86 | | * |
87 | | * @param str the string to parse for an integer value |
88 | | */ |
89 | | explicit BigInt(const std::string& str); |
90 | | |
91 | | /** |
92 | | * Create a BigInt from an integer in a byte array |
93 | | * @param buf the byte array holding the value |
94 | | * @param length size of buf |
95 | | */ |
96 | | BigInt(const uint8_t buf[], size_t length); |
97 | | |
98 | | /** |
99 | | * Create a BigInt from an integer in a byte array |
100 | | * @param vec the byte vector holding the value |
101 | | */ |
102 | | template<typename Alloc> |
103 | 71 | explicit BigInt(const std::vector<uint8_t, Alloc>& vec) : BigInt(vec.data(), vec.size()) {} |
104 | | |
105 | | /** |
106 | | * Create a BigInt from an integer in a byte array |
107 | | * @param buf the byte array holding the value |
108 | | * @param length size of buf |
109 | | * @param base is the number base of the integer in buf |
110 | | */ |
111 | | BigInt(const uint8_t buf[], size_t length, Base base); |
112 | | |
113 | | /** |
114 | | * Create a BigInt from an integer in a byte array |
115 | | * @param buf the byte array holding the value |
116 | | * @param length size of buf |
117 | | * @param max_bits if the resulting integer is more than max_bits, |
118 | | * it will be shifted so it is at most max_bits in length. |
119 | | */ |
120 | | static BigInt from_bytes_with_max_bits(const uint8_t buf[], size_t length, |
121 | | size_t max_bits); |
122 | | |
123 | | /** |
124 | | * \brief Create a random BigInt of the specified size |
125 | | * |
126 | | * @param rng random number generator |
127 | | * @param bits size in bits |
128 | | * @param set_high_bit if true, the highest bit is always set |
129 | | * |
130 | | * @see randomize |
131 | | */ |
132 | | BigInt(RandomNumberGenerator& rng, size_t bits, bool set_high_bit = true); |
133 | | |
134 | | /** |
135 | | * Create BigInt of specified size, all zeros |
136 | | * @param n size of the internal register in words |
137 | | */ |
138 | | static BigInt with_capacity(size_t n); |
139 | | |
140 | | /** |
141 | | * Move constructor |
142 | | */ |
143 | | BigInt(BigInt&& other) |
144 | 777k | { |
145 | 777k | this->swap(other); |
146 | 777k | } |
147 | | |
148 | 8.47M | ~BigInt() { const_time_unpoison(); } |
149 | | |
150 | | /** |
151 | | * Move assignment |
152 | | */ |
153 | | BigInt& operator=(BigInt&& other) |
154 | 1.91M | { |
155 | 1.91M | if(this != &other) |
156 | 1.91M | this->swap(other); |
157 | | |
158 | 1.91M | return (*this); |
159 | 1.91M | } |
160 | | |
161 | | /** |
162 | | * Copy assignment |
163 | | */ |
164 | 4.27M | BigInt& operator=(const BigInt&) = default; |
165 | | |
166 | | /** |
167 | | * Swap this value with another |
168 | | * @param other BigInt to swap values with |
169 | | */ |
170 | | void swap(BigInt& other) |
171 | 5.75M | { |
172 | 5.75M | m_data.swap(other.m_data); |
173 | 5.75M | std::swap(m_signedness, other.m_signedness); |
174 | 5.75M | } |
175 | | |
176 | | void swap_reg(secure_vector<word>& reg) |
177 | 9.37M | { |
178 | 9.37M | m_data.swap(reg); |
179 | | // sign left unchanged |
180 | 9.37M | } |
181 | | |
182 | | /** |
183 | | * += operator |
184 | | * @param y the BigInt to add to this |
185 | | */ |
186 | | BigInt& operator+=(const BigInt& y) |
187 | 92.6k | { |
188 | 92.6k | return add(y.data(), y.sig_words(), y.sign()); |
189 | 92.6k | } |
190 | | |
191 | | /** |
192 | | * += operator |
193 | | * @param y the word to add to this |
194 | | */ |
195 | | BigInt& operator+=(word y) |
196 | 6.66M | { |
197 | 6.66M | return add(&y, 1, Positive); |
198 | 6.66M | } |
199 | | |
200 | | /** |
201 | | * -= operator |
202 | | * @param y the BigInt to subtract from this |
203 | | */ |
204 | | BigInt& operator-=(const BigInt& y) |
205 | 90.4k | { |
206 | 90.4k | return sub(y.data(), y.sig_words(), y.sign()); |
207 | 90.4k | } |
208 | | |
209 | | /** |
210 | | * -= operator |
211 | | * @param y the word to subtract from this |
212 | | */ |
213 | | BigInt& operator-=(word y) |
214 | 1.03k | { |
215 | 1.03k | return sub(&y, 1, Positive); |
216 | 1.03k | } |
217 | | |
218 | | /** |
219 | | * *= operator |
220 | | * @param y the BigInt to multiply with this |
221 | | */ |
222 | | BigInt& operator*=(const BigInt& y); |
223 | | |
224 | | /** |
225 | | * *= operator |
226 | | * @param y the word to multiply with this |
227 | | */ |
228 | | BigInt& operator*=(word y); |
229 | | |
230 | | /** |
231 | | * /= operator |
232 | | * @param y the BigInt to divide this by |
233 | | */ |
234 | | BigInt& operator/=(const BigInt& y); |
235 | | |
236 | | /** |
237 | | * Modulo operator |
238 | | * @param y the modulus to reduce this by |
239 | | */ |
240 | | BigInt& operator%=(const BigInt& y); |
241 | | |
242 | | /** |
243 | | * Modulo operator |
244 | | * @param y the modulus (word) to reduce this by |
245 | | */ |
246 | | word operator%=(word y); |
247 | | |
248 | | /** |
249 | | * Left shift operator |
250 | | * @param shift the number of bits to shift this left by |
251 | | */ |
252 | | BigInt& operator<<=(size_t shift); |
253 | | |
254 | | /** |
255 | | * Right shift operator |
256 | | * @param shift the number of bits to shift this right by |
257 | | */ |
258 | | BigInt& operator>>=(size_t shift); |
259 | | |
260 | | /** |
261 | | * Increment operator |
262 | | */ |
263 | 0 | BigInt& operator++() { return (*this += 1); } |
264 | | |
265 | | /** |
266 | | * Decrement operator |
267 | | */ |
268 | 0 | BigInt& operator--() { return (*this -= 1); } |
269 | | |
270 | | /** |
271 | | * Postfix increment operator |
272 | | */ |
273 | 0 | BigInt operator++(int) { BigInt x = (*this); ++(*this); return x; } |
274 | | |
275 | | /** |
276 | | * Postfix decrement operator |
277 | | */ |
278 | 0 | BigInt operator--(int) { BigInt x = (*this); --(*this); return x; } |
279 | | |
280 | | /** |
281 | | * Unary negation operator |
282 | | * @return negative this |
283 | | */ |
284 | | BigInt operator-() const; |
285 | | |
286 | | /** |
287 | | * ! operator |
288 | | * @return true iff this is zero, otherwise false |
289 | | */ |
290 | 0 | bool operator !() const { return (!is_nonzero()); } |
291 | | |
292 | | static BigInt add2(const BigInt& x, const word y[], size_t y_words, Sign y_sign); |
293 | | |
294 | | BigInt& add(const word y[], size_t y_words, Sign sign); |
295 | | |
296 | | BigInt& sub(const word y[], size_t y_words, Sign sign) |
297 | 91.4k | { |
298 | 91.4k | return add(y, y_words, sign == Positive ? Negative : Positive); |
299 | 91.4k | } |
300 | | |
301 | | /** |
302 | | * Multiply this with y |
303 | | * @param y the BigInt to multiply with this |
304 | | * @param ws a temp workspace |
305 | | */ |
306 | | BigInt& mul(const BigInt& y, secure_vector<word>& ws); |
307 | | |
308 | | /** |
309 | | * Square value of *this |
310 | | * @param ws a temp workspace |
311 | | */ |
312 | | BigInt& square(secure_vector<word>& ws); |
313 | | |
314 | | /** |
315 | | * Set *this to y - *this |
316 | | * @param y the BigInt to subtract from as a sequence of words |
317 | | * @param y_words length of y in words |
318 | | * @param ws a temp workspace |
319 | | */ |
320 | | BigInt& rev_sub(const word y[], size_t y_words, secure_vector<word>& ws); |
321 | | |
322 | | /** |
323 | | * Set *this to (*this + y) % mod |
324 | | * This function assumes *this is >= 0 && < mod |
325 | | * @param y the BigInt to add - assumed y >= 0 and y < mod |
326 | | * @param mod the positive modulus |
327 | | * @param ws a temp workspace |
328 | | */ |
329 | | BigInt& mod_add(const BigInt& y, const BigInt& mod, secure_vector<word>& ws); |
330 | | |
331 | | /** |
332 | | * Set *this to (*this - y) % mod |
333 | | * This function assumes *this is >= 0 && < mod |
334 | | * @param y the BigInt to subtract - assumed y >= 0 and y < mod |
335 | | * @param mod the positive modulus |
336 | | * @param ws a temp workspace |
337 | | */ |
338 | | BigInt& mod_sub(const BigInt& y, const BigInt& mod, secure_vector<word>& ws); |
339 | | |
340 | | /** |
341 | | * Set *this to (*this * y) % mod |
342 | | * This function assumes *this is >= 0 && < mod |
343 | | * y should be small, less than 16 |
344 | | * @param y the small integer to multiply by |
345 | | * @param mod the positive modulus |
346 | | * @param ws a temp workspace |
347 | | */ |
348 | | BigInt& mod_mul(uint8_t y, const BigInt& mod, secure_vector<word>& ws); |
349 | | |
350 | | /** |
351 | | * Return *this % mod |
352 | | * |
353 | | * Assumes that *this is (if anything) only slightly larger than |
354 | | * mod and performs repeated subtractions. It should not be used if |
355 | | * *this is much larger than mod, instead use modulo operator. |
356 | | */ |
357 | | size_t reduce_below(const BigInt& mod, secure_vector<word> &ws); |
358 | | |
359 | | /** |
360 | | * Return *this % mod |
361 | | * |
362 | | * Assumes that *this is (if anything) only slightly larger than mod and |
363 | | * performs repeated subtractions. It should not be used if *this is much |
364 | | * larger than mod, instead use modulo operator. |
365 | | * |
366 | | * Performs exactly bound subtractions, so if *this is >= bound*mod then the |
367 | | * result will not be fully reduced. If bound is zero, nothing happens. |
368 | | */ |
369 | | void ct_reduce_below(const BigInt& mod, secure_vector<word> &ws, size_t bound); |
370 | | |
371 | | /** |
372 | | * Zeroize the BigInt. The size of the underlying register is not |
373 | | * modified. |
374 | | */ |
375 | 698k | void clear() { m_data.set_to_zero(); m_signedness = Positive; } |
376 | | |
377 | | /** |
378 | | * Compare this to another BigInt |
379 | | * @param n the BigInt value to compare with |
380 | | * @param check_signs include sign in comparison? |
381 | | * @result if (this<n) return -1, if (this>n) return 1, if both |
382 | | * values are identical return 0 [like Perl's <=> operator] |
383 | | */ |
384 | | int32_t cmp(const BigInt& n, bool check_signs = true) const; |
385 | | |
386 | | /** |
387 | | * Compare this to another BigInt |
388 | | * @param n the BigInt value to compare with |
389 | | * @result true if this == n or false otherwise |
390 | | */ |
391 | | bool is_equal(const BigInt& n) const; |
392 | | |
393 | | /** |
394 | | * Compare this to another BigInt |
395 | | * @param n the BigInt value to compare with |
396 | | * @result true if this < n or false otherwise |
397 | | */ |
398 | | bool is_less_than(const BigInt& n) const; |
399 | | |
400 | | /** |
401 | | * Compare this to an integer |
402 | | * @param n the value to compare with |
403 | | * @result if (this<n) return -1, if (this>n) return 1, if both |
404 | | * values are identical return 0 [like Perl's <=> operator] |
405 | | */ |
406 | | int32_t cmp_word(word n) const; |
407 | | |
408 | | /** |
409 | | * Test if the integer has an even value |
410 | | * @result true if the integer is even, false otherwise |
411 | | */ |
412 | 75.1k | bool is_even() const { return (get_bit(0) == 0); } |
413 | | |
414 | | /** |
415 | | * Test if the integer has an odd value |
416 | | * @result true if the integer is odd, false otherwise |
417 | | */ |
418 | 2.36M | bool is_odd() const { return (get_bit(0) == 1); } |
419 | | |
420 | | /** |
421 | | * Test if the integer is not zero |
422 | | * @result true if the integer is non-zero, false otherwise |
423 | | */ |
424 | 2.18M | bool is_nonzero() const { return (!is_zero()); } |
425 | | |
426 | | /** |
427 | | * Test if the integer is zero |
428 | | * @result true if the integer is zero, false otherwise |
429 | | */ |
430 | | bool is_zero() const |
431 | 6.18M | { |
432 | 6.18M | return (sig_words() == 0); |
433 | 6.18M | } |
434 | | |
435 | | /** |
436 | | * Set bit at specified position |
437 | | * @param n bit position to set |
438 | | */ |
439 | | void set_bit(size_t n) |
440 | 25.2k | { |
441 | 25.2k | conditionally_set_bit(n, true); |
442 | 25.2k | } |
443 | | |
444 | | /** |
445 | | * Conditionally set bit at specified position. Note if set_it is |
446 | | * false, nothing happens, and if the bit is already set, it |
447 | | * remains set. |
448 | | * |
449 | | * @param n bit position to set |
450 | | * @param set_it if the bit should be set |
451 | | */ |
452 | | void conditionally_set_bit(size_t n, bool set_it) |
453 | 80.1M | { |
454 | 80.1M | const size_t which = n / BOTAN_MP_WORD_BITS; |
455 | 80.1M | const word mask = static_cast<word>(set_it) << (n % BOTAN_MP_WORD_BITS); |
456 | 80.1M | m_data.set_word_at(which, word_at(which) | mask); |
457 | 80.1M | } |
458 | | |
459 | | /** |
460 | | * Clear bit at specified position |
461 | | * @param n bit position to clear |
462 | | */ |
463 | | void clear_bit(size_t n); |
464 | | |
465 | | /** |
466 | | * Clear all but the lowest n bits |
467 | | * @param n amount of bits to keep |
468 | | */ |
469 | | void mask_bits(size_t n) |
470 | 12.0M | { |
471 | 12.0M | m_data.mask_bits(n); |
472 | 12.0M | } |
473 | | |
474 | | /** |
475 | | * Return bit value at specified position |
476 | | * @param n the bit offset to test |
477 | | * @result true, if the bit at position n is set, false otherwise |
478 | | */ |
479 | | bool get_bit(size_t n) const |
480 | 73.6M | { |
481 | 73.6M | return ((word_at(n / BOTAN_MP_WORD_BITS) >> (n % BOTAN_MP_WORD_BITS)) & 1); |
482 | 73.6M | } |
483 | | |
484 | | /** |
485 | | * Return (a maximum of) 32 bits of the complete value |
486 | | * @param offset the offset to start extracting |
487 | | * @param length amount of bits to extract (starting at offset) |
488 | | * @result the integer extracted from the register starting at |
489 | | * offset with specified length |
490 | | */ |
491 | | uint32_t get_substring(size_t offset, size_t length) const; |
492 | | |
493 | | /** |
494 | | * Convert this value into a uint32_t, if it is in the range |
495 | | * [0 ... 2**32-1], or otherwise throw an exception. |
496 | | * @result the value as a uint32_t if conversion is possible |
497 | | */ |
498 | | uint32_t to_u32bit() const; |
499 | | |
500 | | /** |
501 | | * Convert this value to a decimal string. |
502 | | * Warning: decimal conversions are relatively slow |
503 | | * |
504 | | * If the integer is zero then "0" is returned. |
505 | | * If the integer is negative then "-" is prefixed. |
506 | | */ |
507 | | std::string to_dec_string() const; |
508 | | |
509 | | /** |
510 | | * Convert this value to a hexadecimal string. |
511 | | * |
512 | | * If the integer is negative then "-" is prefixed. |
513 | | * Then a prefix of "0x" is added. |
514 | | * Follows is a sequence of hexadecimal characters in uppercase. |
515 | | * |
516 | | * The number of hexadecimal characters is always an even number, |
517 | | * with a zero prefix being included if necessary. |
518 | | * For example encoding the integer "5" results in "0x05" |
519 | | */ |
520 | | std::string to_hex_string() const; |
521 | | |
522 | | /** |
523 | | * @param n the offset to get a byte from |
524 | | * @result byte at offset n |
525 | | */ |
526 | | uint8_t byte_at(size_t n) const; |
527 | | |
528 | | /** |
529 | | * Return the word at a specified position of the internal register |
530 | | * @param n position in the register |
531 | | * @return value at position n |
532 | | */ |
533 | | word word_at(size_t n) const |
534 | 238M | { |
535 | 238M | return m_data.get_word_at(n); |
536 | 238M | } |
537 | | |
538 | | void set_word_at(size_t i, word w) |
539 | 38.7M | { |
540 | 38.7M | m_data.set_word_at(i, w); |
541 | 38.7M | } |
542 | | |
543 | | void set_words(const word w[], size_t len) |
544 | 696k | { |
545 | 696k | m_data.set_words(w, len); |
546 | 696k | } |
547 | | |
548 | | /** |
549 | | * Tests if the sign of the integer is negative |
550 | | * @result true, iff the integer has a negative sign |
551 | | */ |
552 | 55.4M | bool is_negative() const { return (sign() == Negative); } |
553 | | |
554 | | /** |
555 | | * Tests if the sign of the integer is positive |
556 | | * @result true, iff the integer has a positive sign |
557 | | */ |
558 | 627k | bool is_positive() const { return (sign() == Positive); } |
559 | | |
560 | | /** |
561 | | * Return the sign of the integer |
562 | | * @result the sign of the integer |
563 | | */ |
564 | 90.5M | Sign sign() const { return (m_signedness); } |
565 | | |
566 | | /** |
567 | | * @result the opposite sign of the represented integer value |
568 | | */ |
569 | | Sign reverse_sign() const |
570 | 135k | { |
571 | 135k | if(sign() == Positive) |
572 | 135k | return Negative; |
573 | 524 | return Positive; |
574 | 135k | } |
575 | | |
576 | | /** |
577 | | * Flip the sign of this BigInt |
578 | | */ |
579 | | void flip_sign() |
580 | 1.68k | { |
581 | 1.68k | set_sign(reverse_sign()); |
582 | 1.68k | } |
583 | | |
584 | | /** |
585 | | * Set sign of the integer |
586 | | * @param sign new Sign to set |
587 | | */ |
588 | | void set_sign(Sign sign) |
589 | 15.1M | { |
590 | 15.1M | if(sign == Negative && is_zero()) |
591 | 847 | sign = Positive; |
592 | | |
593 | 15.1M | m_signedness = sign; |
594 | 15.1M | } |
595 | | |
596 | | /** |
597 | | * @result absolute (positive) value of this |
598 | | */ |
599 | | BigInt abs() const; |
600 | | |
601 | | /** |
602 | | * Give size of internal register |
603 | | * @result size of internal register in words |
604 | | */ |
605 | 239M | size_t size() const { return m_data.size(); } |
606 | | |
607 | | /** |
608 | | * Return how many words we need to hold this value |
609 | | * @result significant words of the represented integer value |
610 | | */ |
611 | | size_t sig_words() const |
612 | 57.0M | { |
613 | 57.0M | return m_data.sig_words(); |
614 | 57.0M | } |
615 | | |
616 | | /** |
617 | | * Give byte length of the integer |
618 | | * @result byte length of the represented integer value |
619 | | */ |
620 | | size_t bytes() const; |
621 | | |
622 | | /** |
623 | | * Get the bit length of the integer |
624 | | * @result bit length of the represented integer value |
625 | | */ |
626 | | size_t bits() const; |
627 | | |
628 | | /** |
629 | | * Get the number of high bits unset in the top (allocated) word |
630 | | * of this integer. Returns BOTAN_MP_WORD_BITS only iff *this is |
631 | | * zero. Ignores sign. |
632 | | */ |
633 | | size_t top_bits_free() const; |
634 | | |
635 | | /** |
636 | | * Return a mutable pointer to the register |
637 | | * @result a pointer to the start of the internal register |
638 | | */ |
639 | 154M | word* mutable_data() { return m_data.mutable_data(); } |
640 | | |
641 | | /** |
642 | | * Return a const pointer to the register |
643 | | * @result a pointer to the start of the internal register |
644 | | */ |
645 | 166M | const word* data() const { return m_data.const_data(); } |
646 | | |
647 | | /** |
648 | | * Don't use this function in application code |
649 | | */ |
650 | 2.87M | secure_vector<word>& get_word_vector() { return m_data.mutable_vector(); } |
651 | | |
652 | | /** |
653 | | * Don't use this function in application code |
654 | | */ |
655 | 37.6M | const secure_vector<word>& get_word_vector() const { return m_data.const_vector(); } |
656 | | |
657 | | /** |
658 | | * Increase internal register buffer to at least n words |
659 | | * @param n new size of register |
660 | | */ |
661 | 77.6M | void grow_to(size_t n) const { m_data.grow_to(n); } |
662 | | |
663 | 810k | void resize(size_t s) { m_data.resize(s); } |
664 | | |
665 | | /** |
666 | | * Fill BigInt with a random number with size of bitsize |
667 | | * |
668 | | * If \p set_high_bit is true, the highest bit will be set, which causes |
669 | | * the entropy to be \a bits-1. Otherwise the highest bit is randomly chosen |
670 | | * by the rng, causing the entropy to be \a bits. |
671 | | * |
672 | | * @param rng the random number generator to use |
673 | | * @param bitsize number of bits the created random value should have |
674 | | * @param set_high_bit if true, the highest bit is always set |
675 | | */ |
676 | | void randomize(RandomNumberGenerator& rng, size_t bitsize, bool set_high_bit = true); |
677 | | |
678 | | /** |
679 | | * Store BigInt-value in a given byte array |
680 | | * @param buf destination byte array for the integer value |
681 | | */ |
682 | | void binary_encode(uint8_t buf[]) const; |
683 | | |
684 | | /** |
685 | | * Store BigInt-value in a given byte array. If len is less than |
686 | | * the size of the value, then it will be truncated. If len is |
687 | | * greater than the size of the value, it will be zero-padded. |
688 | | * If len exactly equals this->bytes(), this function behaves identically |
689 | | * to binary_encode. |
690 | | * |
691 | | * @param buf destination byte array for the integer value |
692 | | * @param len how many bytes to write |
693 | | */ |
694 | | void binary_encode(uint8_t buf[], size_t len) const; |
695 | | |
696 | | /** |
697 | | * Read integer value from a byte array with given size |
698 | | * @param buf byte array buffer containing the integer |
699 | | * @param length size of buf |
700 | | */ |
701 | | void binary_decode(const uint8_t buf[], size_t length); |
702 | | |
703 | | /** |
704 | | * Read integer value from a byte vector |
705 | | * @param buf the vector to load from |
706 | | */ |
707 | | template<typename Alloc> |
708 | | void binary_decode(const std::vector<uint8_t, Alloc>& buf) |
709 | 45.3k | { |
710 | 45.3k | binary_decode(buf.data(), buf.size()); |
711 | 45.3k | } void Botan::BigInt::binary_decode<std::__1::allocator<unsigned char> >(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&) Line | Count | Source | 709 | 123 | { | 710 | 123 | binary_decode(buf.data(), buf.size()); | 711 | 123 | } |
void Botan::BigInt::binary_decode<Botan::secure_allocator<unsigned char> >(std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> > const&) Line | Count | Source | 709 | 45.1k | { | 710 | 45.1k | binary_decode(buf.data(), buf.size()); | 711 | 45.1k | } |
|
712 | | |
713 | | /** |
714 | | * Place the value into out, zero-padding up to size words |
715 | | * Throw if *this cannot be represented in size words |
716 | | */ |
717 | | void encode_words(word out[], size_t size) const; |
718 | | |
719 | | /** |
720 | | * If predicate is true assign other to *this |
721 | | * Uses a masked operation to avoid side channels |
722 | | */ |
723 | | void ct_cond_assign(bool predicate, const BigInt& other); |
724 | | |
725 | | /** |
726 | | * If predicate is true swap *this and other |
727 | | * Uses a masked operation to avoid side channels |
728 | | */ |
729 | | void ct_cond_swap(bool predicate, BigInt& other); |
730 | | |
731 | | /** |
732 | | * If predicate is true add value to *this |
733 | | */ |
734 | | void ct_cond_add(bool predicate, const BigInt& value); |
735 | | |
736 | | /** |
737 | | * If predicate is true flip the sign of *this |
738 | | */ |
739 | | void cond_flip_sign(bool predicate); |
740 | | |
741 | | #if defined(BOTAN_HAS_VALGRIND) |
742 | | void const_time_poison() const; |
743 | | void const_time_unpoison() const; |
744 | | #else |
745 | 604k | void const_time_poison() const {} |
746 | 8.51M | void const_time_unpoison() const {} |
747 | | #endif |
748 | | |
749 | | /** |
750 | | * @param rng a random number generator |
751 | | * @param min the minimum value (must be non-negative) |
752 | | * @param max the maximum value (must be non-negative and > min) |
753 | | * @return random integer in [min,max) |
754 | | */ |
755 | | static BigInt random_integer(RandomNumberGenerator& rng, |
756 | | const BigInt& min, |
757 | | const BigInt& max); |
758 | | |
759 | | /** |
760 | | * Create a power of two |
761 | | * @param n the power of two to create |
762 | | * @return bigint representing 2^n |
763 | | */ |
764 | | static BigInt power_of_2(size_t n) |
765 | 12.6k | { |
766 | 12.6k | BigInt b; |
767 | 12.6k | b.set_bit(n); |
768 | 12.6k | return b; |
769 | 12.6k | } |
770 | | |
771 | | /** |
772 | | * Encode the integer value from a BigInt to a std::vector of bytes |
773 | | * @param n the BigInt to use as integer source |
774 | | * @result secure_vector of bytes containing the bytes of the integer |
775 | | */ |
776 | | static std::vector<uint8_t> encode(const BigInt& n) |
777 | 0 | { |
778 | 0 | std::vector<uint8_t> output(n.bytes()); |
779 | 0 | n.binary_encode(output.data()); |
780 | 0 | return output; |
781 | 0 | } |
782 | | |
783 | | /** |
784 | | * Encode the integer value from a BigInt to a secure_vector of bytes |
785 | | * @param n the BigInt to use as integer source |
786 | | * @result secure_vector of bytes containing the bytes of the integer |
787 | | */ |
788 | | static secure_vector<uint8_t> encode_locked(const BigInt& n) |
789 | 0 | { |
790 | 0 | secure_vector<uint8_t> output(n.bytes()); |
791 | 0 | n.binary_encode(output.data()); |
792 | 0 | return output; |
793 | 0 | } |
794 | | |
795 | | /** |
796 | | * Create a BigInt from an integer in a byte array |
797 | | * @param buf the binary value to load |
798 | | * @param length size of buf |
799 | | * @result BigInt representing the integer in the byte array |
800 | | */ |
801 | | static BigInt decode(const uint8_t buf[], size_t length) |
802 | 799 | { |
803 | 799 | return BigInt(buf, length); |
804 | 799 | } |
805 | | |
806 | | /** |
807 | | * Create a BigInt from an integer in a byte array |
808 | | * @param buf the binary value to load |
809 | | * @result BigInt representing the integer in the byte array |
810 | | */ |
811 | | template<typename Alloc> |
812 | | static BigInt decode(const std::vector<uint8_t, Alloc>& buf) |
813 | | { |
814 | | return BigInt(buf); |
815 | | } |
816 | | |
817 | | /** |
818 | | * Create a BigInt from an integer in a byte array |
819 | | * @param buf the binary value to load |
820 | | * @param length size of buf |
821 | | * @param base number-base of the integer in buf |
822 | | * @result BigInt representing the integer in the byte array |
823 | | */ |
824 | | static BigInt decode(const uint8_t buf[], size_t length, |
825 | | Base base); |
826 | | |
827 | | /** |
828 | | * Create a BigInt from an integer in a byte array |
829 | | * @param buf the binary value to load |
830 | | * @param base number-base of the integer in buf |
831 | | * @result BigInt representing the integer in the byte array |
832 | | */ |
833 | | template<typename Alloc> |
834 | | static BigInt decode(const std::vector<uint8_t, Alloc>& buf, Base base) |
835 | | { |
836 | | if(base == Binary) |
837 | | return BigInt(buf); |
838 | | return BigInt::decode(buf.data(), buf.size(), base); |
839 | | } |
840 | | |
841 | | /** |
842 | | * Encode a BigInt to a byte array according to IEEE 1363 |
843 | | * @param n the BigInt to encode |
844 | | * @param bytes the length of the resulting secure_vector<uint8_t> |
845 | | * @result a secure_vector<uint8_t> containing the encoded BigInt |
846 | | */ |
847 | | static secure_vector<uint8_t> encode_1363(const BigInt& n, size_t bytes); |
848 | | |
849 | | static void encode_1363(uint8_t out[], size_t bytes, const BigInt& n); |
850 | | |
851 | | /** |
852 | | * Encode two BigInt to a byte array according to IEEE 1363 |
853 | | * @param n1 the first BigInt to encode |
854 | | * @param n2 the second BigInt to encode |
855 | | * @param bytes the length of the encoding of each single BigInt |
856 | | * @result a secure_vector<uint8_t> containing the concatenation of the two encoded BigInt |
857 | | */ |
858 | | static secure_vector<uint8_t> encode_fixed_length_int_pair(const BigInt& n1, const BigInt& n2, size_t bytes); |
859 | | |
860 | | private: |
861 | | |
862 | | class Data |
863 | | { |
864 | | public: |
865 | | word* mutable_data() |
866 | 161M | { |
867 | 161M | invalidate_sig_words(); |
868 | 161M | return m_reg.data(); |
869 | 161M | } |
870 | | |
871 | | const word* const_data() const |
872 | 166M | { |
873 | 166M | return m_reg.data(); |
874 | 166M | } |
875 | | |
876 | | secure_vector<word>& mutable_vector() |
877 | 2.87M | { |
878 | 2.87M | invalidate_sig_words(); |
879 | 2.87M | return m_reg; |
880 | 2.87M | } |
881 | | |
882 | | const secure_vector<word>& const_vector() const |
883 | 37.6M | { |
884 | 37.6M | return m_reg; |
885 | 37.6M | } |
886 | | |
887 | | word get_word_at(size_t n) const |
888 | 238M | { |
889 | 238M | if(n < m_reg.size()) |
890 | 237M | return m_reg[n]; |
891 | 1.23M | return 0; |
892 | 238M | } |
893 | | |
894 | | void set_word_at(size_t i, word w) |
895 | 118M | { |
896 | 118M | invalidate_sig_words(); |
897 | 118M | if(i >= m_reg.size()) |
898 | 23.0M | { |
899 | 23.0M | if(w == 0) |
900 | 22.9M | return; |
901 | 89.1k | grow_to(i + 1); |
902 | 89.1k | } |
903 | 95.9M | m_reg[i] = w; |
904 | 95.9M | } |
905 | | |
906 | | void set_words(const word w[], size_t len) |
907 | 696k | { |
908 | 696k | invalidate_sig_words(); |
909 | 696k | m_reg.assign(w, w + len); |
910 | 696k | } |
911 | | |
912 | | void set_to_zero() |
913 | 698k | { |
914 | 698k | m_reg.resize(m_reg.capacity()); |
915 | 698k | clear_mem(m_reg.data(), m_reg.size()); |
916 | 698k | m_sig_words = 0; |
917 | 698k | } |
918 | | |
919 | | void set_size(size_t s) |
920 | 0 | { |
921 | 0 | invalidate_sig_words(); |
922 | 0 | clear_mem(m_reg.data(), m_reg.size()); |
923 | 0 | m_reg.resize(s + (8 - (s % 8))); |
924 | 0 | } |
925 | | |
926 | | void mask_bits(size_t n) |
927 | 12.0M | { |
928 | 12.0M | if(n == 0) { return set_to_zero(); } |
929 | | |
930 | 12.0M | const size_t top_word = n / BOTAN_MP_WORD_BITS; |
931 | | |
932 | | // if(top_word < sig_words()) ? |
933 | 12.0M | if(top_word < size()) |
934 | 12.0M | { |
935 | 12.0M | const word mask = (static_cast<word>(1) << (n % BOTAN_MP_WORD_BITS)) - 1; |
936 | 12.0M | const size_t len = size() - (top_word + 1); |
937 | 12.0M | if(len > 0) |
938 | 11.9M | { |
939 | 11.9M | clear_mem(&m_reg[top_word+1], len); |
940 | 11.9M | } |
941 | 12.0M | m_reg[top_word] &= mask; |
942 | 12.0M | invalidate_sig_words(); |
943 | 12.0M | } |
944 | 12.0M | } |
945 | | |
946 | | void grow_to(size_t n) const |
947 | 77.8M | { |
948 | 77.8M | if(n > size()) |
949 | 7.47M | { |
950 | 7.47M | if(n <= m_reg.capacity()) |
951 | 2.94M | m_reg.resize(n); |
952 | 4.53M | else |
953 | 4.53M | m_reg.resize(n + (8 - (n % 8))); |
954 | 7.47M | } |
955 | 77.8M | } |
956 | | |
957 | 347M | size_t size() const { return m_reg.size(); } |
958 | | |
959 | | void shrink_to_fit(size_t min_size = 0) |
960 | 0 | { |
961 | 0 | const size_t words = std::max(min_size, sig_words()); |
962 | 0 | m_reg.resize(words); |
963 | 0 | } |
964 | | |
965 | | void resize(size_t s) |
966 | 810k | { |
967 | 810k | m_reg.resize(s); |
968 | 810k | } |
969 | | |
970 | | void swap(Data& other) |
971 | 5.75M | { |
972 | 5.75M | m_reg.swap(other.m_reg); |
973 | 5.75M | std::swap(m_sig_words, other.m_sig_words); |
974 | 5.75M | } |
975 | | |
976 | | void swap(secure_vector<word>& reg) |
977 | 9.42M | { |
978 | 9.42M | m_reg.swap(reg); |
979 | 9.42M | invalidate_sig_words(); |
980 | 9.42M | } |
981 | | |
982 | | void invalidate_sig_words() const |
983 | 305M | { |
984 | 305M | m_sig_words = sig_words_npos; |
985 | 305M | } |
986 | | |
987 | | size_t sig_words() const |
988 | 57.0M | { |
989 | 57.0M | if(m_sig_words == sig_words_npos) |
990 | 28.5M | { |
991 | 28.5M | m_sig_words = calc_sig_words(); |
992 | 28.5M | } |
993 | 28.4M | else |
994 | 28.4M | { |
995 | 28.4M | BOTAN_DEBUG_ASSERT(m_sig_words == calc_sig_words()); |
996 | 28.4M | } |
997 | 57.0M | return m_sig_words; |
998 | 57.0M | } |
999 | | private: |
1000 | | static const size_t sig_words_npos = static_cast<size_t>(-1); |
1001 | | |
1002 | | size_t calc_sig_words() const; |
1003 | | |
1004 | | mutable secure_vector<word> m_reg; |
1005 | | mutable size_t m_sig_words = sig_words_npos; |
1006 | | }; |
1007 | | |
1008 | | Data m_data; |
1009 | | Sign m_signedness = Positive; |
1010 | | }; |
1011 | | |
1012 | | /* |
1013 | | * Arithmetic Operators |
1014 | | */ |
1015 | | inline BigInt operator+(const BigInt& x, const BigInt& y) |
1016 | 749k | { |
1017 | 749k | return BigInt::add2(x, y.data(), y.sig_words(), y.sign()); |
1018 | 749k | } |
1019 | | |
1020 | | inline BigInt operator+(const BigInt& x, word y) |
1021 | 1.47k | { |
1022 | 1.47k | return BigInt::add2(x, &y, 1, BigInt::Positive); |
1023 | 1.47k | } |
1024 | | |
1025 | | inline BigInt operator+(word x, const BigInt& y) |
1026 | 0 | { |
1027 | 0 | return y + x; |
1028 | 0 | } |
1029 | | |
1030 | | inline BigInt operator-(const BigInt& x, const BigInt& y) |
1031 | 134k | { |
1032 | 134k | return BigInt::add2(x, y.data(), y.sig_words(), y.reverse_sign()); |
1033 | 134k | } |
1034 | | |
1035 | | inline BigInt operator-(const BigInt& x, word y) |
1036 | 37.6k | { |
1037 | 37.6k | return BigInt::add2(x, &y, 1, BigInt::Negative); |
1038 | 37.6k | } |
1039 | | |
1040 | | BigInt BOTAN_PUBLIC_API(2,0) operator*(const BigInt& x, const BigInt& y); |
1041 | | BigInt BOTAN_PUBLIC_API(2,8) operator*(const BigInt& x, word y); |
1042 | 182k | inline BigInt operator*(word x, const BigInt& y) { return y*x; } |
1043 | | |
1044 | | BigInt BOTAN_PUBLIC_API(2,0) operator/(const BigInt& x, const BigInt& d); |
1045 | | BigInt BOTAN_PUBLIC_API(2,0) operator/(const BigInt& x, word m); |
1046 | | BigInt BOTAN_PUBLIC_API(2,0) operator%(const BigInt& x, const BigInt& m); |
1047 | | word BOTAN_PUBLIC_API(2,0) operator%(const BigInt& x, word m); |
1048 | | BigInt BOTAN_PUBLIC_API(2,0) operator<<(const BigInt& x, size_t n); |
1049 | | BigInt BOTAN_PUBLIC_API(2,0) operator>>(const BigInt& x, size_t n); |
1050 | | |
1051 | | /* |
1052 | | * Comparison Operators |
1053 | | */ |
1054 | | inline bool operator==(const BigInt& a, const BigInt& b) |
1055 | 68.8k | { return a.is_equal(b); } |
1056 | | inline bool operator!=(const BigInt& a, const BigInt& b) |
1057 | 6.80k | { return !a.is_equal(b); } |
1058 | | inline bool operator<=(const BigInt& a, const BigInt& b) |
1059 | 38.2k | { return (a.cmp(b) <= 0); } |
1060 | | inline bool operator>=(const BigInt& a, const BigInt& b) |
1061 | 51.1k | { return (a.cmp(b) >= 0); } |
1062 | | inline bool operator<(const BigInt& a, const BigInt& b) |
1063 | 233k | { return a.is_less_than(b); } |
1064 | | inline bool operator>(const BigInt& a, const BigInt& b) |
1065 | 98.2k | { return b.is_less_than(a); } |
1066 | | |
1067 | | inline bool operator==(const BigInt& a, word b) |
1068 | 85.8k | { return (a.cmp_word(b) == 0); } |
1069 | | inline bool operator!=(const BigInt& a, word b) |
1070 | 84.9k | { return (a.cmp_word(b) != 0); } |
1071 | | inline bool operator<=(const BigInt& a, word b) |
1072 | 4.20k | { return (a.cmp_word(b) <= 0); } |
1073 | | inline bool operator>=(const BigInt& a, word b) |
1074 | 11.1k | { return (a.cmp_word(b) >= 0); } |
1075 | | inline bool operator<(const BigInt& a, word b) |
1076 | 80.0k | { return (a.cmp_word(b) < 0); } |
1077 | | inline bool operator>(const BigInt& a, word b) |
1078 | 162k | { return (a.cmp_word(b) > 0); } |
1079 | | |
1080 | | /* |
1081 | | * I/O Operators |
1082 | | */ |
1083 | | BOTAN_PUBLIC_API(2,0) std::ostream& operator<<(std::ostream&, const BigInt&); |
1084 | | BOTAN_PUBLIC_API(2,0) std::istream& operator>>(std::istream&, BigInt&); |
1085 | | |
1086 | | } |
1087 | | |
1088 | | namespace std { |
1089 | | |
1090 | | template<> |
1091 | | inline void swap<Botan::BigInt>(Botan::BigInt& x, Botan::BigInt& y) |
1092 | 98.0k | { |
1093 | 98.0k | x.swap(y); |
1094 | 98.0k | } |
1095 | | |
1096 | | } |
1097 | | |
1098 | | #endif |