5 #ifndef CRYPTOPP_IMPORTS 11 #include "algebra.cpp" 12 #include "eprecomp.cpp" 17 : m_field(BERDecodeGF2NP(bt))
20 m_field->BERDecodeElement(seq, m_a);
21 m_field->BERDecodeElement(seq, m_b);
23 if (!seq.EndReached())
27 BERDecodeBitString(seq, seed, unused);
34 m_field->DEREncode(bt);
36 m_field->DEREncodeElement(seq, m_a);
37 m_field->DEREncodeElement(seq, m_b);
41 bool EC2N::DecodePoint(
EC2N::Point &P,
const byte *encodedPoint,
size_t encodedPointLen)
const 44 return DecodePoint(P, store, encodedPointLen);
50 if (encodedPointLen < 1 || !bt.
Get(type))
61 if (encodedPointLen != EncodedPointSize(
true))
65 P.x.Decode(bt, m_field->MaxElementByteLength());
69 P.y = m_field->SquareRoot(m_b);
73 FieldElement z = m_field->Square(P.x);
74 assert(P.x == m_field->SquareRoot(z));
75 P.y = m_field->Divide(m_field->Add(m_field->Multiply(z, m_field->Add(P.x, m_a)), m_b), z);
76 assert(P.x == m_field->Subtract(m_field->Divide(m_field->Subtract(m_field->Multiply(P.y, z), m_b), z), m_a));
77 z = m_field->SolveQuadraticEquation(P.y);
78 assert(m_field->Add(m_field->Square(z), z) == P.y);
79 z.SetCoefficient(0, type & 1);
81 P.y = m_field->Multiply(z, P.x);
86 if (encodedPointLen != EncodedPointSize(
false))
89 unsigned int len = m_field->MaxElementByteLength();
106 bt.
Put(2 + (!P.x ? 0 : m_field->Divide(P.y, P.x).GetBit(0)));
107 P.x.Encode(bt, m_field->MaxElementByteLength());
111 unsigned int len = m_field->MaxElementByteLength();
118 void EC2N::EncodePoint(byte *encodedPoint,
const Point &P,
bool compressed)
const 120 ArraySink sink(encodedPoint, EncodedPointSize(compressed));
121 EncodePoint(sink, P, compressed);
122 assert(sink.TotalPutLength() == EncodedPointSize(compressed));
128 BERDecodeOctetString(bt, str);
130 if (!DecodePoint(P, str, str.
size()))
138 EncodePoint(str, P, compressed);
144 CRYPTOPP_UNUSED(rng);
146 pass = pass && m_a.CoefficientCount() <= m_field->MaxElementBitLength();
147 pass = pass && m_b.CoefficientCount() <= m_field->MaxElementBitLength();
150 pass = pass && m_field->GetModulus().IsIrreducible();
155 bool EC2N::VerifyPoint(
const Point &P)
const 157 const FieldElement &x = P.x, &y = P.y;
159 (x.CoefficientCount() <= m_field->MaxElementBitLength()
160 && y.CoefficientCount() <= m_field->MaxElementBitLength()
161 && !(((x+m_a)*x*x+m_b-(x+y)*y)%m_field->GetModulus()));
164 bool EC2N::Equal(
const Point &P,
const Point &Q)
const 166 if (P.identity && Q.identity)
169 if (P.identity && !Q.identity)
172 if (!P.identity && Q.identity)
175 return (m_field->Equal(P.x,Q.x) && m_field->Equal(P.y,Q.y));
183 const EC2N::Point& EC2N::Inverse(
const Point &P)
const 189 m_R.identity =
false;
190 m_R.y = m_field->Add(P.x, P.y);
196 const EC2N::Point& EC2N::Add(
const Point &P,
const Point &Q)
const 198 if (P.identity)
return Q;
199 if (Q.identity)
return P;
200 if (Equal(P, Q))
return Double(P);
201 if (m_field->Equal(P.x, Q.x) && m_field->Equal(P.y, m_field->Add(Q.x, Q.y)))
return Identity();
203 FieldElement t = m_field->Add(P.y, Q.y);
204 t = m_field->Divide(t, m_field->Add(P.x, Q.x));
205 FieldElement x = m_field->Square(t);
206 m_field->Accumulate(x, t);
207 m_field->Accumulate(x, Q.x);
208 m_field->Accumulate(x, m_a);
209 m_R.y = m_field->Add(P.y, m_field->Multiply(t, x));
210 m_field->Accumulate(x, P.x);
211 m_field->Accumulate(m_R.y, x);
214 m_R.identity =
false;
218 const EC2N::Point& EC2N::Double(
const Point &P)
const 220 if (P.identity)
return P;
221 if (!m_field->IsUnit(P.x))
return Identity();
223 FieldElement t = m_field->Divide(P.y, P.x);
224 m_field->Accumulate(t, P.x);
225 m_R.y = m_field->Square(P.x);
226 m_R.x = m_field->Square(t);
227 m_field->Accumulate(m_R.x, t);
228 m_field->Accumulate(m_R.x, m_a);
229 m_field->Accumulate(m_R.y, m_field->Multiply(t, m_R.x));
230 m_field->Accumulate(m_R.y, m_R.x);
232 m_R.identity =
false;
Restricts the instantiation of a class to one static object without locks.
size_type size() const
Provides the count of elements in the SecBlock.
Interface for random number generators.
SecByteBlock is a SecBlock<byte> typedef.
Classes for Elliptic Curves over binary fields.
Copy input to a memory buffer.
Elliptic Curve over GF(2^n)
string-based implementation of Store interface
Classes and functions for working with ANS.1 objects.
Implementation of BufferedTransformation's attachment interface in cryptlib.h.
size_t DEREncodeOctetString(BufferedTransformation &out, const byte *str, size_t strLen)
ASN Strings.
Crypto++ library namespace.