diff options
author | Jack Lloyd <[email protected]> | 2018-02-18 12:01:43 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-02-18 13:37:42 -0500 |
commit | 9772e10e3112f9b14669d372574bcc01981028f2 (patch) | |
tree | db1a4c6aa745ff73dd52da6dcc57a812901d3e8a /src/lib/pubkey/ec_group | |
parent | 292c32bd73b3c114621ac2e4a668f6aca02c0cea (diff) |
Add functions to reduce integers mod the order to EC_Group
This allows calculating the Barett reduction params just once,
when the group is initialized, then sharing them across all
operations which use that group.
Diffstat (limited to 'src/lib/pubkey/ec_group')
-rw-r--r-- | src/lib/pubkey/ec_group/ec_group.cpp | 42 | ||||
-rw-r--r-- | src/lib/pubkey/ec_group/ec_group.h | 32 |
2 files changed, 65 insertions, 9 deletions
diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp index 0c2cd566c..beff90eec 100644 --- a/src/lib/pubkey/ec_group/ec_group.cpp +++ b/src/lib/pubkey/ec_group/ec_group.cpp @@ -35,9 +35,10 @@ class EC_Group_Data final m_base_point(m_curve, g_x, g_y), m_order(order), m_cofactor(cofactor), + m_mod_order(order), m_oid(oid), m_p_bits(p.bits()), - m_p_bytes(p.bytes()) + m_order_bits(order.bits()) { } @@ -60,18 +61,30 @@ class EC_Group_Data final BigInt g_y() const { return m_base_point.get_affine_y(); } size_t p_bits() const { return m_p_bits; } - size_t p_bytes() const { return m_p_bytes; } + size_t p_bytes() const { return (m_p_bits + 7) / 8; } + + size_t order_bits() const { return m_order_bits; } + size_t order_bytes() const { return (m_order_bits + 7) / 8; } const CurveGFp& curve() const { return m_curve; } const PointGFp& base_point() const { return m_base_point; } + BigInt mod_order(const BigInt& x) const { return m_mod_order.reduce(x); } + + BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const + { + return m_mod_order.multiply(x, y); + } + private: CurveGFp m_curve; PointGFp m_base_point; BigInt m_order; BigInt m_cofactor; + Modular_Reducer m_mod_order; OID m_oid; - size_t m_p_bits, m_p_bytes; + size_t m_p_bits; + size_t m_order_bits; }; class EC_Group_Data_Map final @@ -246,6 +259,9 @@ std::shared_ptr<EC_Group_Data> EC_Group::BER_decode_EC_group(const uint8_t bits[ .end_cons() .verify_end(); + if(p.bits() < 64 || p.is_negative() || a.is_negative() || b.is_negative() || order <= 0 || cofactor <= 0) + throw Decoding_Error("Invalid ECC parameters"); + std::pair<BigInt, BigInt> base_xy = Botan::OS2ECP(base_pt.data(), base_pt.size(), p, a, b); return ec_group_data().lookup_or_create(p, a, b, base_xy.first, base_xy.second, order, cofactor, OID()); @@ -348,6 +364,16 @@ size_t EC_Group::get_p_bytes() const return data().p_bytes(); } +size_t EC_Group::get_order_bits() const + { + return data().order_bits(); + } + +size_t EC_Group::get_order_bytes() const + { + return data().order_bytes(); + } + const BigInt& EC_Group::get_p() const { return data().p(); @@ -378,6 +404,16 @@ const BigInt& EC_Group::get_cofactor() const return data().cofactor(); } +BigInt EC_Group::mod_order(const BigInt& k) const + { + return data().mod_order(k); + } + +BigInt EC_Group::multiply_mod_order(const BigInt& x, const BigInt& y) const + { + return data().multiply_mod_order(x, y); + } + const OID& EC_Group::get_curve_oid() const { return data().oid(); diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h index 1dc839540..b4b0ec9b3 100644 --- a/src/lib/pubkey/ec_group/ec_group.h +++ b/src/lib/pubkey/ec_group/ec_group.h @@ -133,6 +133,16 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final size_t get_p_bytes() const; /** + * Return the size of group order in bits (same as get_order().bits()) + */ + size_t get_order_bits() const; + + /** + * Return the size of p in bytes (same as get_order().bytes()) + */ + size_t get_order_bytes() const; + + /** * Return the prime modulus of the field */ const BigInt& get_p() const; @@ -159,6 +169,22 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final */ const BigInt& get_order() const; + /* + * Reduce x modulo the order + */ + BigInt mod_order(const BigInt& x) const; + + /* + * Reduce (x*y) modulo the order + */ + BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const; + + /** + * Return the cofactor + * @result the cofactor + */ + const BigInt& get_cofactor() const; + /** * Return the OID of these domain parameters * @result the OID as a string @@ -172,12 +198,6 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final const OID& get_curve_oid() const; /** - * Return the cofactor - * @result the cofactor - */ - const BigInt& get_cofactor() const; - - /** * Return a point on this curve with the affine values x, y */ PointGFp point(const BigInt& x, const BigInt& y) const; |