aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-02-25 03:58:35 +0000
committerlloyd <[email protected]>2010-02-25 03:58:35 +0000
commit8ba3a81c5f1cbe488269df5e009de3d165eb0654 (patch)
tree87daff36a9e415d0d118d708c2e51b23dd700d3b /src
parentc13f576834a52b03b88366cb243da49fc784b284 (diff)
CurveGFp: Inline, deleting source file. Store only a,b,p as
BigInts. Also reorder constructor args to p, a, b which seems more sensible to me.
Diffstat (limited to 'src')
-rw-r--r--src/math/gfpmath/curve_gfp.cpp45
-rw-r--r--src/math/gfpmath/curve_gfp.h50
-rw-r--r--src/math/gfpmath/info.txt1
-rw-r--r--src/math/gfpmath/point_gfp.cpp26
-rw-r--r--src/math/gfpmath/point_gfp.h1
-rw-r--r--src/pubkey/ec_dompar/ec_dompar.cpp79
6 files changed, 80 insertions, 122 deletions
diff --git a/src/math/gfpmath/curve_gfp.cpp b/src/math/gfpmath/curve_gfp.cpp
deleted file mode 100644
index b3be7d228..000000000
--- a/src/math/gfpmath/curve_gfp.cpp
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
-* Elliptic curves over GF(p)
-*
-* (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
-* 2008-2010 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/curve_gfp.h>
-#include <botan/bigint.h>
-#include <assert.h>
-#include <ostream>
-
-namespace Botan {
-
-CurveGFp::CurveGFp(const GFpElement& a, const GFpElement& b,
- const BigInt& p) :
- modulus(p), mA(a), mB(b)
- {
- if(p != mA.get_p() || p != mB.get_p())
- throw Invalid_Argument("could not construct curve: moduli of arguments differ");
- }
-
-// swaps the states of *this and other, does not throw
-void CurveGFp::swap(CurveGFp& other)
- {
- std::swap(mA, other.mA);
- std::swap(mB, other.mB);
- std::swap(modulus, other.modulus);
- }
-
-bool operator==(const CurveGFp& lhs, const CurveGFp& rhs)
- {
- return (lhs.get_p() == rhs.get_p() &&
- lhs.get_a() == rhs.get_a() &&
- lhs.get_b() == rhs.get_b());
- }
-
-std::ostream& operator<<(std::ostream& output, const CurveGFp& elem)
- {
- return output << "y^2 = x^3 + (" << elem.get_a() << ")x + (" << elem.get_b() << ")";
- }
-
-}
diff --git a/src/math/gfpmath/curve_gfp.h b/src/math/gfpmath/curve_gfp.h
index e4ee7c8f5..cc1d42290 100644
--- a/src/math/gfpmath/curve_gfp.h
+++ b/src/math/gfpmath/curve_gfp.h
@@ -10,8 +10,7 @@
#ifndef BOTAN_GFP_CURVE_H__
#define BOTAN_GFP_CURVE_H__
-#include <botan/gfp_element.h>
-#include <iosfwd>
+#include <botan/bigint.h>
namespace Botan {
@@ -24,12 +23,12 @@ class BOTAN_DLL CurveGFp
/**
* Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
+ * @param p prime number of the field
* @param a first coefficient
* @param b second coefficient
- * @param p prime number of the field
*/
- CurveGFp(const GFpElement& a, const GFpElement& b,
- const BigInt& p);
+ CurveGFp(const BigInt& p, const BigInt& a, const BigInt& b) :
+ p(p), a(a), b(b) {}
// CurveGFp(const CurveGFp& other) = default;
// CurveGFp& operator=(const CurveGFp& other) = default;
@@ -38,58 +37,49 @@ class BOTAN_DLL CurveGFp
* Get coefficient a
* @result coefficient a
*/
- const GFpElement& get_a() const { return mA; }
+ const BigInt& get_a() const { return a; }
/**
* Get coefficient b
* @result coefficient b
*/
- const GFpElement& get_b() const { return mB; }
+ const BigInt& get_b() const { return b; }
/**
* Get prime modulus of the field of the curve
* @result prime modulus of the field of the curve
*/
- const BigInt& get_p() const { return modulus; }
+ const BigInt& get_p() const { return p; }
/**
* swaps the states of *this and other, does not throw
* @param other The curve to swap values with
*/
- void swap(CurveGFp& other);
+ void swap(CurveGFp& other)
+ {
+ std::swap(a, other.a);
+ std::swap(b, other.b);
+ std::swap(p, other.p);
+ }
+
+ bool operator==(const CurveGFp& other) const
+ {
+ return (p == other.p && a == other.a && b == other.b);
+ }
private:
- BigInt modulus;
- GFpElement mA;
- GFpElement mB;
+ BigInt p, a, b;
};
-// relational operators
-BOTAN_DLL bool operator==(const CurveGFp& lhs, const CurveGFp& rhs);
-
inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs)
{
return !(lhs == rhs);
}
-// io operators
-BOTAN_DLL std::ostream& operator<<(std::ostream& output, const CurveGFp& elem);
-
-// swaps the states of curve1 and curve2, does not throw!
-// cf. Meyers, Item 25
-inline
-void swap(CurveGFp& curve1, CurveGFp& curve2)
- {
- curve1.swap(curve2);
- }
-
-} // namespace Botan
-
+}
namespace std {
-// swaps the states of curve1 and curve2, does not throw!
-// cf. Meyers, Item 25
template<> inline
void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1,
Botan::CurveGFp& curve2)
diff --git a/src/math/gfpmath/info.txt b/src/math/gfpmath/info.txt
index 8c80e9e9d..68cff026d 100644
--- a/src/math/gfpmath/info.txt
+++ b/src/math/gfpmath/info.txt
@@ -7,7 +7,6 @@ point_gfp.h
</header:public>
<source>
-curve_gfp.cpp
gfp_element.cpp
point_gfp.cpp
</source>
diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp
index f9aaf5c3c..b8fe3351b 100644
--- a/src/math/gfpmath/point_gfp.cpp
+++ b/src/math/gfpmath/point_gfp.cpp
@@ -20,9 +20,9 @@ BigInt decompress_point(bool yMod2,
{
BigInt xpow3 = x * x * x;
- BigInt g = curve.get_a().get_value() * x;
+ BigInt g = curve.get_a() * x;
g += xpow3;
- g += curve.get_b().get_value();
+ g += curve.get_b();
g = g % curve.get_p();
BigInt z = ressol(g, curve.get_p());
@@ -209,7 +209,7 @@ PointGFp& PointGFp::mult2_in_place()
S = x + x;
- GFpElement a_z4 = curve.get_a();
+ GFpElement a_z4(curve.get_p(), curve.get_a());
GFpElement z2 = point_z() * point_z();
a_z4 *= z2;
@@ -327,16 +327,20 @@ void PointGFp::check_invariants() const
if(coord_z == BigInt(1))
{
- GFpElement ax = curve.get_a() * point_x();
- if(y2 != (x3 + ax + curve.get_b()))
+ GFpElement ax(curve.get_p(), curve.get_a());
+ ax *= point_x();
+
+ GFpElement b(curve.get_p(), curve.get_b());
+
+ if(y2 != (x3 + ax + b))
throw Illegal_Point();
}
GFpElement Zpow2 = point_z() * point_z();
GFpElement Zpow3 = Zpow2 * point_z();
- GFpElement AZpow4 = Zpow3 * point_z() * curve.get_a();
+ GFpElement AZpow4 = Zpow3 * point_z() * GFpElement(curve.get_p(), curve.get_a());
const GFpElement aXZ4 = AZpow4 * point_x();
- const GFpElement bZ6 = curve.get_b() * Zpow3 * Zpow3;
+ const GFpElement bZ6 = GFpElement(curve.get_p(), curve.get_b()) * Zpow3 * Zpow3;
if(y2 != (x3 + aXZ4 + bZ6))
throw Illegal_Point();
@@ -501,7 +505,13 @@ PointGFp create_random_point(RandomNumberGenerator& rng,
GFpElement x = GFpElement(p, r);
GFpElement x3 = x * x * x;
- GFpElement y = (curve.get_a() * x) + (x3 * curve.get_b());
+ GFpElement ax(curve.get_p(), curve.get_a());
+ ax *= x;
+
+ GFpElement bx3(curve.get_p(), curve.get_b());
+ bx3 *= x3;
+
+ GFpElement y = ax + bx3;
if(ressol(y.get_value(), p) > 0)
return PointGFp(curve, x.get_value(), y.get_value());
diff --git a/src/math/gfpmath/point_gfp.h b/src/math/gfpmath/point_gfp.h
index 2da4b0506..6613da2e2 100644
--- a/src/math/gfpmath/point_gfp.h
+++ b/src/math/gfpmath/point_gfp.h
@@ -11,6 +11,7 @@
#define BOTAN_POINT_GFP_H__
#include <botan/curve_gfp.h>
+#include <botan/gfp_element.h>
#include <vector>
namespace Botan {
diff --git a/src/pubkey/ec_dompar/ec_dompar.cpp b/src/pubkey/ec_dompar/ec_dompar.cpp
index 3719153f0..30a121875 100644
--- a/src/pubkey/ec_dompar/ec_dompar.cpp
+++ b/src/pubkey/ec_dompar/ec_dompar.cpp
@@ -429,18 +429,19 @@ EC_Domain_Params get_ec_dompar(const std::string& oid)
std::vector<std::string> dom_par = get_standard_domain_parameter(oid);
BigInt p(dom_par[0]); // give as 0x...
- GFpElement a(p, BigInt(dom_par[1]));
- GFpElement b(p, BigInt(dom_par[2]));
+ BigInt a(dom_par[1]);
+ BigInt b(dom_par[2]);
+ BigInt order(dom_par[4]);
+ BigInt cofactor(dom_par[5]);
Pipe pipe(new Hex_Decoder);
pipe.process_msg(dom_par[3]);
SecureVector<byte> sv_g = pipe.read_all();
- CurveGFp curve(a, b, p);
- PointGFp G = OS2ECP ( sv_g, curve );
+ CurveGFp curve(p, a, b);
+
+ PointGFp G = OS2ECP(sv_g, curve);
G.check_invariants();
- BigInt order(dom_par[4]);
- BigInt cofactor(dom_par[5]);
EC_Domain_Params result(curve, G, order, cofactor);
return result;
}
@@ -465,32 +466,32 @@ EC_Domain_Params::EC_Domain_Params(const CurveGFp& curve, const PointGFp& base_p
namespace {
-SecureVector<byte> encode_der_ec_dompar_explicit(EC_Domain_Params const& dom_pars)
+SecureVector<byte> encode_der_ec_dompar_explicit(const EC_Domain_Params& dom_pars)
{
u32bit ecpVers1 = 1;
OID curve_type_oid("1.2.840.10045.1.1");
- DER_Encoder der;
+ const u32bit p_bytes = dom_pars.get_curve().get_p().bytes();
- der.start_cons(SEQUENCE)
+ return DER_Encoder()
+ .start_cons(SEQUENCE)
.encode(ecpVers1)
.start_cons(SEQUENCE)
.encode(curve_type_oid)
.encode(dom_pars.get_curve().get_p())
.end_cons()
.start_cons(SEQUENCE)
- .encode(FE2OSP ( dom_pars.get_curve().get_a() ), OCTET_STRING)
- .encode(FE2OSP ( dom_pars.get_curve().get_b() ), OCTET_STRING)
+ .encode(BigInt::encode_1363(dom_pars.get_curve().get_a(), p_bytes), OCTET_STRING)
+ .encode(BigInt::encode_1363(dom_pars.get_curve().get_b(), p_bytes), OCTET_STRING)
.end_cons()
.encode(EC2OSP ( dom_pars.get_base_point(), PointGFp::UNCOMPRESSED), OCTET_STRING)
.encode(dom_pars.get_order())
.encode(dom_pars.get_cofactor())
- .end_cons();
-
- return der.get_contents();
+ .end_cons()
+ .get_contents();
}
-EC_Domain_Params decode_ber_ec_dompar_explicit(SecureVector<byte> const& encoded)
+EC_Domain_Params decode_ber_ec_dompar_explicit(const SecureVector<byte>& encoded)
{
BigInt ecpVers1(1);
OID curve_type_oid;
@@ -500,35 +501,37 @@ EC_Domain_Params decode_ber_ec_dompar_explicit(SecureVector<byte> const& encoded
SecureVector<byte> sv_base_point;
BigInt order;
BigInt cofactor;
- BER_Decoder dec(encoded);
- dec
- .start_cons(SEQUENCE)
- .decode(ecpVers1)
- .start_cons(SEQUENCE)
- .decode(curve_type_oid)
- .decode(p)
- .end_cons()
+
+ BER_Decoder(encoded)
.start_cons(SEQUENCE)
- .decode(sv_a, OCTET_STRING)
- .decode(sv_b, OCTET_STRING)
+ .decode(ecpVers1)
+ .start_cons(SEQUENCE)
+ .decode(curve_type_oid)
+ .decode(p)
+ .end_cons()
+ .start_cons(SEQUENCE)
+ .decode(sv_a, OCTET_STRING)
+ .decode(sv_b, OCTET_STRING)
+ .end_cons()
+ .decode(sv_base_point, OCTET_STRING)
+ .decode(order)
+ .decode(cofactor)
.end_cons()
- .decode(sv_base_point, OCTET_STRING)
- .decode(order)
- .decode(cofactor)
- .verify_end()
- .end_cons();
+ .verify_end();
+
if(ecpVers1 != 1)
- {
throw Decoding_Error("wrong ecpVers");
- }
+
// Set the domain parameters
if(curve_type_oid.as_string() != "1.2.840.10045.1.1") // NOTE: hardcoded: prime field type
{
throw Decoding_Error("wrong curve type oid where prime field was expected");
}
- GFpElement a(p,BigInt::decode(sv_a, sv_a.size()));
- GFpElement b(p,BigInt::decode(sv_b, sv_b.size()));
- CurveGFp curve(a,b,p);
+
+ CurveGFp curve(p,
+ BigInt::decode(sv_a, sv_a.size()),
+ BigInt::decode(sv_b, sv_b.size()));
+
PointGFp G = OS2ECP ( sv_base_point, curve );
G.check_invariants();
return EC_Domain_Params(curve, G, order, cofactor);
@@ -536,7 +539,7 @@ EC_Domain_Params decode_ber_ec_dompar_explicit(SecureVector<byte> const& encoded
} // end anonymous namespace
-SecureVector<byte> encode_der_ec_dompar(EC_Domain_Params const& dom_pars, EC_dompar_enc enc_type)
+SecureVector<byte> encode_der_ec_dompar(const EC_Domain_Params& dom_pars, EC_dompar_enc enc_type)
{
SecureVector<byte> result;
@@ -560,7 +563,7 @@ SecureVector<byte> encode_der_ec_dompar(EC_Domain_Params const& dom_pars, EC_dom
return result;
}
-EC_Domain_Params decode_ber_ec_dompar(SecureVector<byte> const& encoded)
+EC_Domain_Params decode_ber_ec_dompar(const SecureVector<byte>& encoded)
{
BER_Decoder dec(encoded);
BER_Object obj = dec.get_next_object();
@@ -579,7 +582,7 @@ EC_Domain_Params decode_ber_ec_dompar(SecureVector<byte> const& encoded)
throw Decoding_Error("encountered unexpected when trying to decode domain parameters");
}
-bool operator==(EC_Domain_Params const& lhs, EC_Domain_Params const& rhs)
+bool operator==(const EC_Domain_Params& lhs, const EC_Domain_Params& rhs)
{
return ((lhs.get_curve() == rhs.get_curve()) &&
(lhs.get_base_point() == rhs.get_base_point()) &&
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 06:39:09 +0000