src/math/gfpmath/curve_gfp.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

/*
* Elliptic curves over GF(p)
*
* (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke
*     2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/

#ifndef BOTAN_GFP_CURVE_H__
#define BOTAN_GFP_CURVE_H__

#include <botan/bigint.h>
#include <botan/gfp_element.h>
#include <iosfwd>

namespace Botan {

/**
* This class represents an elliptic curve over GF(p)
*/
class BOTAN_DLL CurveGFp
   {
   public:

      /**
      * Construct the elliptic curve E: y^2 = x^3 + ax + b over GF(p)
      * @param a first coefficient
      * @param b second coefficient
      * @param p prime number of the field
      */
      CurveGFp(const GFpElement& a, const GFpElement& b,
               const BigInt& p);

      // CurveGFp(const CurveGFp& other) = default;
      // CurveGFp& operator=(const CurveGFp& other) = default;

      // getters

      /**
      * Get coefficient a
      * @result coefficient a
      */
      const GFpElement& get_a() const { return mA; }

      /**
      * Get coefficient b
      * @result coefficient b
      */
      const GFpElement& get_b() const { return mB; }

      /**
      * Get the GFpElement coefficient a  transformed
      * to its m-residue. This can be used for efficency reasons: the curve
      * stores the transformed version after the first invocation of this
      * function.
      * @result the coefficient a, transformed to its m-residue
      */
      const GFpElement& get_mres_a() const { return mres_a; }

      /**
      * Get the GFpElement coefficient b transformed
      * to its m-residue. This can be used for efficency reasons: the curve
      * stores the transformed version after the first invocation of this
      * function.
      * @result the coefficient b, transformed to its m-residue
      */
      const GFpElement& get_mres_b() const { return mres_b; }

      /**
      * Get the GFpElement 1  transformed
      * to its m-residue. This can be used for efficency reasons: the curve
      * stores the transformed version after the first invocation of this
      * function.
      * @result the GFpElement 1, transformed to its m-residue
      */
      const GFpElement& get_mres_one() { return mres_one; }

      /**
      * Get prime modulus of the field of the curve
      * @result prime modulus of the field of the curve
      */
      const BigInt& get_p() const { return modulus.get_p(); }

      /**
      * swaps the states of *this and other, does not throw
      * @param other The curve to swap values with
      */
      void swap(CurveGFp& other);

   private:
      GFpModulus modulus;
      GFpElement mA;
      GFpElement mB;
      GFpElement mres_a, mres_b, mres_one;
   };

// relational operators
bool operator==(const CurveGFp& lhs, const CurveGFp& rhs);

inline bool operator!=(const CurveGFp& lhs, const CurveGFp& rhs)
   {
   return !(lhs == rhs);
   }

// io operators
std::ostream& operator<<(std::ostream& output, const CurveGFp& elem);

// swaps the states of curve1 and curve2, does not throw!
// cf. Meyers, Item 25
inline
void swap(CurveGFp& curve1, CurveGFp& curve2)
   {
   curve1.swap(curve2);
   }

} // namespace Botan


namespace std {

// swaps the states of curve1 and curve2, does not throw!
// cf. Meyers, Item 25
template<> inline
void swap<Botan::CurveGFp>(Botan::CurveGFp& curve1,
                           Botan::CurveGFp& curve2)
   {
   curve1.swap(curve2);
   }

} // namespace std

#endif