/src/botan/build/include/botan/curve_gfp.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Elliptic curves over GF(p) |
3 | | * |
4 | | * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke |
5 | | * 2010-2011,2012,2014 Jack Lloyd |
6 | | * |
7 | | * Botan is released under the Simplified BSD License (see license.txt) |
8 | | */ |
9 | | |
10 | | #ifndef BOTAN_GFP_CURVE_H_ |
11 | | #define BOTAN_GFP_CURVE_H_ |
12 | | |
13 | | #include <botan/bigint.h> |
14 | | #include <memory> |
15 | | |
16 | | // Currently exposed in EC_Point |
17 | | //BOTAN_FUTURE_INTERNAL_HEADER(curve_gfp.h) |
18 | | |
19 | | namespace Botan { |
20 | | |
21 | | class BOTAN_UNSTABLE_API CurveGFp_Repr { |
22 | | public: |
23 | 27 | virtual ~CurveGFp_Repr() = default; |
24 | | |
25 | | virtual const BigInt& get_p() const = 0; |
26 | | virtual const BigInt& get_a() const = 0; |
27 | | virtual const BigInt& get_b() const = 0; |
28 | | |
29 | | virtual size_t get_p_words() const = 0; |
30 | | |
31 | | virtual size_t get_ws_size() const = 0; |
32 | | |
33 | | virtual bool is_one(const BigInt& x) const = 0; |
34 | | |
35 | | virtual bool a_is_zero() const = 0; |
36 | | |
37 | | virtual bool a_is_minus_3() const = 0; |
38 | | |
39 | | /* |
40 | | * Returns to_curve_rep(get_a()) |
41 | | */ |
42 | | virtual const BigInt& get_a_rep() const = 0; |
43 | | |
44 | | /* |
45 | | * Returns to_curve_rep(get_b()) |
46 | | */ |
47 | | virtual const BigInt& get_b_rep() const = 0; |
48 | | |
49 | | /* |
50 | | * Returns to_curve_rep(1) |
51 | | */ |
52 | | virtual const BigInt& get_1_rep() const = 0; |
53 | | |
54 | | virtual BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const = 0; |
55 | | |
56 | | virtual void to_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
57 | | |
58 | | virtual void from_curve_rep(BigInt& x, secure_vector<word>& ws) const = 0; |
59 | | |
60 | 6.85M | void curve_mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
61 | 6.85M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
62 | 6.85M | curve_mul_words(z, x.data(), x.size(), y, ws); |
63 | 6.85M | } |
64 | | |
65 | | virtual void curve_mul_words( |
66 | | BigInt& z, const word x_words[], size_t x_size, const BigInt& y, secure_vector<word>& ws) const = 0; |
67 | | |
68 | 4.64M | void curve_sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const { |
69 | 4.64M | BOTAN_DEBUG_ASSERT(x.sig_words() <= get_p_words()); |
70 | 4.64M | curve_sqr_words(z, x.data(), x.size(), ws); |
71 | 4.64M | } |
72 | | |
73 | | virtual void curve_sqr_words(BigInt& z, const word x_words[], size_t x_size, secure_vector<word>& ws) const = 0; |
74 | | }; |
75 | | |
76 | | /** |
77 | | * This class represents an elliptic curve over GF(p) |
78 | | * |
79 | | * There should not be any reason for applications to use this type. |
80 | | * If you need EC primitives use the interfaces EC_Group and EC_Point |
81 | | * |
82 | | * It is likely this class will be removed entirely in a future major |
83 | | * release. |
84 | | */ |
85 | | class BOTAN_UNSTABLE_API CurveGFp final { |
86 | | public: |
87 | | /** |
88 | | * Create an uninitialized CurveGFp |
89 | | */ |
90 | 35.6k | CurveGFp() = default; |
91 | | |
92 | | /** |
93 | | * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p) |
94 | | * @param p prime number of the field |
95 | | * @param a first coefficient |
96 | | * @param b second coefficient |
97 | | */ |
98 | 27 | CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) : m_repr(choose_repr(p, a, b)) {} |
99 | | |
100 | 42.9k | CurveGFp(const CurveGFp&) = default; |
101 | | |
102 | 14.4k | CurveGFp& operator=(const CurveGFp&) = default; |
103 | | |
104 | | /** |
105 | | * @return curve coefficient a |
106 | | */ |
107 | 683 | const BigInt& get_a() const { return m_repr->get_a(); } |
108 | | |
109 | | /** |
110 | | * @return curve coefficient b |
111 | | */ |
112 | 683 | const BigInt& get_b() const { return m_repr->get_b(); } |
113 | | |
114 | | /** |
115 | | * Get prime modulus of the field of the curve |
116 | | * @return prime modulus of the field of the curve |
117 | | */ |
118 | 1.17M | const BigInt& get_p() const { return m_repr->get_p(); } |
119 | | |
120 | 512k | size_t get_p_words() const { return m_repr->get_p_words(); } |
121 | | |
122 | 1.16M | size_t get_ws_size() const { return m_repr->get_ws_size(); } |
123 | | |
124 | 98.8k | const BigInt& get_a_rep() const { return m_repr->get_a_rep(); } |
125 | | |
126 | 7.57k | const BigInt& get_b_rep() const { return m_repr->get_b_rep(); } |
127 | | |
128 | 9.13k | const BigInt& get_1_rep() const { return m_repr->get_1_rep(); } |
129 | | |
130 | 537k | bool a_is_minus_3() const { return m_repr->a_is_minus_3(); } |
131 | | |
132 | 600k | bool a_is_zero() const { return m_repr->a_is_zero(); } |
133 | | |
134 | 3.03k | bool is_one(const BigInt& x) const { return m_repr->is_one(x); } |
135 | | |
136 | 3.24k | BigInt invert_element(const BigInt& x, secure_vector<word>& ws) const { return m_repr->invert_element(x, ws); } |
137 | | |
138 | 5.44k | void to_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->to_curve_rep(x, ws); } |
139 | | |
140 | 2.47k | void from_rep(BigInt& x, secure_vector<word>& ws) const { m_repr->from_curve_rep(x, ws); } |
141 | | |
142 | 12.7k | BigInt from_rep_to_tmp(const BigInt& x, secure_vector<word>& ws) const { |
143 | 12.7k | BigInt xt(x); |
144 | 12.7k | m_repr->from_curve_rep(xt, ws); |
145 | 12.7k | return xt; |
146 | 12.7k | } |
147 | | |
148 | | // TODO: from_rep taking && ref |
149 | | |
150 | 6.70M | void mul(BigInt& z, const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
151 | 6.70M | m_repr->curve_mul(z, x, y, ws); |
152 | 6.70M | } |
153 | | |
154 | 2.00M | void mul(BigInt& z, const word x_w[], size_t x_size, const BigInt& y, secure_vector<word>& ws) const { |
155 | 2.00M | m_repr->curve_mul_words(z, x_w, x_size, y, ws); |
156 | 2.00M | } |
157 | | |
158 | 4.31M | void sqr(BigInt& z, const BigInt& x, secure_vector<word>& ws) const { m_repr->curve_sqr(z, x, ws); } |
159 | | |
160 | 441k | void sqr(BigInt& z, const word x_w[], size_t x_size, secure_vector<word>& ws) const { |
161 | 441k | m_repr->curve_sqr_words(z, x_w, x_size, ws); |
162 | 441k | } |
163 | | |
164 | 0 | BigInt mul(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { return mul_to_tmp(x, y, ws); } |
165 | | |
166 | 0 | BigInt sqr(const BigInt& x, secure_vector<word>& ws) const { return sqr_to_tmp(x, ws); } |
167 | | |
168 | 131k | BigInt mul_to_tmp(const BigInt& x, const BigInt& y, secure_vector<word>& ws) const { |
169 | 131k | BigInt z; |
170 | 131k | m_repr->curve_mul(z, x, y, ws); |
171 | 131k | return z; |
172 | 131k | } |
173 | | |
174 | 23.8k | BigInt sqr_to_tmp(const BigInt& x, secure_vector<word>& ws) const { |
175 | 23.8k | BigInt z; |
176 | 23.8k | m_repr->curve_sqr(z, x, ws); |
177 | 23.8k | return z; |
178 | 23.8k | } |
179 | | |
180 | 31.3k | void swap(CurveGFp& other) { std::swap(m_repr, other.m_repr); } |
181 | | |
182 | 0 | friend void swap(CurveGFp& x, CurveGFp& y) { x.swap(y); } |
183 | | |
184 | | /** |
185 | | * Equality operator |
186 | | * @param other a curve |
187 | | * @return true iff *this is the same as other |
188 | | */ |
189 | 512k | inline bool operator==(const CurveGFp& other) const { |
190 | 512k | if(m_repr.get() == other.m_repr.get()) { |
191 | 512k | return true; |
192 | 512k | } |
193 | | |
194 | 0 | return (get_p() == other.get_p()) && (get_a() == other.get_a()) && (get_b() == other.get_b()); |
195 | 512k | } |
196 | | |
197 | | private: |
198 | | static std::shared_ptr<CurveGFp_Repr> choose_repr(const BigInt& p, const BigInt& a, const BigInt& b); |
199 | | |
200 | | std::shared_ptr<CurveGFp_Repr> m_repr; |
201 | | }; |
202 | | |
203 | 111 | inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs) { |
204 | 111 | return !(lhs == rhs); |
205 | 111 | } |
206 | | |
207 | | } // namespace Botan |
208 | | |
209 | | #endif |