aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/ec_group
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-02-18 12:01:43 -0500
committerJack Lloyd <[email protected]>2018-02-18 13:37:42 -0500
commit9772e10e3112f9b14669d372574bcc01981028f2 (patch)
treedb1a4c6aa745ff73dd52da6dcc57a812901d3e8a /src/lib/pubkey/ec_group
parent292c32bd73b3c114621ac2e4a668f6aca02c0cea (diff)
Add functions to reduce integers mod the order to EC_Group
This allows calculating the Barett reduction params just once, when the group is initialized, then sharing them across all operations which use that group.
Diffstat (limited to 'src/lib/pubkey/ec_group')
-rw-r--r--src/lib/pubkey/ec_group/ec_group.cpp42
-rw-r--r--src/lib/pubkey/ec_group/ec_group.h32
2 files changed, 65 insertions, 9 deletions
diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp
index 0c2cd566c..beff90eec 100644
--- a/src/lib/pubkey/ec_group/ec_group.cpp
+++ b/src/lib/pubkey/ec_group/ec_group.cpp
@@ -35,9 +35,10 @@ class EC_Group_Data final
m_base_point(m_curve, g_x, g_y),
m_order(order),
m_cofactor(cofactor),
+ m_mod_order(order),
m_oid(oid),
m_p_bits(p.bits()),
- m_p_bytes(p.bytes())
+ m_order_bits(order.bits())
{
}
@@ -60,18 +61,30 @@ class EC_Group_Data final
BigInt g_y() const { return m_base_point.get_affine_y(); }
size_t p_bits() const { return m_p_bits; }
- size_t p_bytes() const { return m_p_bytes; }
+ size_t p_bytes() const { return (m_p_bits + 7) / 8; }
+
+ size_t order_bits() const { return m_order_bits; }
+ size_t order_bytes() const { return (m_order_bits + 7) / 8; }
const CurveGFp& curve() const { return m_curve; }
const PointGFp& base_point() const { return m_base_point; }
+ BigInt mod_order(const BigInt& x) const { return m_mod_order.reduce(x); }
+
+ BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const
+ {
+ return m_mod_order.multiply(x, y);
+ }
+
private:
CurveGFp m_curve;
PointGFp m_base_point;
BigInt m_order;
BigInt m_cofactor;
+ Modular_Reducer m_mod_order;
OID m_oid;
- size_t m_p_bits, m_p_bytes;
+ size_t m_p_bits;
+ size_t m_order_bits;
};
class EC_Group_Data_Map final
@@ -246,6 +259,9 @@ std::shared_ptr<EC_Group_Data> EC_Group::BER_decode_EC_group(const uint8_t bits[
.end_cons()
.verify_end();
+ if(p.bits() < 64 || p.is_negative() || a.is_negative() || b.is_negative() || order <= 0 || cofactor <= 0)
+ throw Decoding_Error("Invalid ECC parameters");
+
std::pair<BigInt, BigInt> base_xy = Botan::OS2ECP(base_pt.data(), base_pt.size(), p, a, b);
return ec_group_data().lookup_or_create(p, a, b, base_xy.first, base_xy.second, order, cofactor, OID());
@@ -348,6 +364,16 @@ size_t EC_Group::get_p_bytes() const
return data().p_bytes();
}
+size_t EC_Group::get_order_bits() const
+ {
+ return data().order_bits();
+ }
+
+size_t EC_Group::get_order_bytes() const
+ {
+ return data().order_bytes();
+ }
+
const BigInt& EC_Group::get_p() const
{
return data().p();
@@ -378,6 +404,16 @@ const BigInt& EC_Group::get_cofactor() const
return data().cofactor();
}
+BigInt EC_Group::mod_order(const BigInt& k) const
+ {
+ return data().mod_order(k);
+ }
+
+BigInt EC_Group::multiply_mod_order(const BigInt& x, const BigInt& y) const
+ {
+ return data().multiply_mod_order(x, y);
+ }
+
const OID& EC_Group::get_curve_oid() const
{
return data().oid();
diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h
index 1dc839540..b4b0ec9b3 100644
--- a/src/lib/pubkey/ec_group/ec_group.h
+++ b/src/lib/pubkey/ec_group/ec_group.h
@@ -133,6 +133,16 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final
size_t get_p_bytes() const;
/**
+ * Return the size of group order in bits (same as get_order().bits())
+ */
+ size_t get_order_bits() const;
+
+ /**
+ * Return the size of p in bytes (same as get_order().bytes())
+ */
+ size_t get_order_bytes() const;
+
+ /**
* Return the prime modulus of the field
*/
const BigInt& get_p() const;
@@ -159,6 +169,22 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final
*/
const BigInt& get_order() const;
+ /*
+ * Reduce x modulo the order
+ */
+ BigInt mod_order(const BigInt& x) const;
+
+ /*
+ * Reduce (x*y) modulo the order
+ */
+ BigInt multiply_mod_order(const BigInt& x, const BigInt& y) const;
+
+ /**
+ * Return the cofactor
+ * @result the cofactor
+ */
+ const BigInt& get_cofactor() const;
+
/**
* Return the OID of these domain parameters
* @result the OID as a string
@@ -172,12 +198,6 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final
const OID& get_curve_oid() const;
/**
- * Return the cofactor
- * @result the cofactor
- */
- const BigInt& get_cofactor() const;
-
- /**
* Return a point on this curve with the affine values x, y
*/
PointGFp point(const BigInt& x, const BigInt& y) const;