5#ifndef CRYPTOPP_IMPORTS
12#include "eprecomp.cpp"
14ANONYMOUS_NAMESPACE_BEGIN
18#if defined(HAVE_GCC_INIT_PRIORITY)
19 #define INIT_ATTRIBUTE __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 51)))
21#elif defined(HAVE_MSC_INIT_PRIORITY)
22 #pragma warning(disable: 4075)
23 #pragma init_seg(".CRT$XCU")
25 #pragma warning(default: 4075)
26#elif defined(HAVE_XLC_INIT_PRIORITY)
31ANONYMOUS_NAMESPACE_END
36 : m_field(BERDecodeGF2NP(bt))
39 m_field->BERDecodeElement(seq, m_a);
40 m_field->BERDecodeElement(seq, m_b);
42 if (!seq.EndReached())
53 m_field->DEREncode(bt);
55 m_field->DEREncodeElement(seq, m_a);
56 m_field->DEREncodeElement(seq, m_b);
69 if (encodedPointLen < 1 || !bt.
Get(type))
84 P.x.Decode(bt, m_field->MaxElementByteLength());
88 P.y = m_field->SquareRoot(m_b);
92 FieldElement z = m_field->Square(P.x);
94 P.y = m_field->Divide(m_field->Add(m_field->Multiply(z, m_field->Add(P.x, m_a)), m_b), z);
95 CRYPTOPP_ASSERT(P.x == m_field->Subtract(m_field->Divide(m_field->Subtract(m_field->Multiply(P.y, z), m_b), z), m_a));
96 z = m_field->SolveQuadraticEquation(P.y);
98 z.SetCoefficient(0, type & 1);
100 P.y = m_field->Multiply(z, P.x);
108 unsigned int len = m_field->MaxElementByteLength();
125 bt.
Put((
byte)(2U + (!P.x ? 0U : m_field->Divide(P.y, P.x).GetBit(0))));
126 P.x.Encode(bt, m_field->MaxElementByteLength());
130 unsigned int len = m_field->MaxElementByteLength();
163 CRYPTOPP_UNUSED(rng);
165 pass = pass && m_a.CoefficientCount() <= m_field->MaxElementBitLength();
166 pass = pass && m_b.CoefficientCount() <= m_field->MaxElementBitLength();
169 pass = pass && m_field->GetModulus().IsIrreducible();
176 const FieldElement &x = P.x, &y = P.y;
178 (x.CoefficientCount() <= m_field->MaxElementBitLength()
179 && y.CoefficientCount() <= m_field->MaxElementBitLength()
180 && !(((x+m_a)*x*x+m_b-(x+y)*y)%m_field->GetModulus()));
183bool EC2N::Equal(
const Point &P,
const Point &Q)
const
185 if (P.identity && Q.identity)
188 if (P.identity && !Q.identity)
191 if (!P.identity && Q.identity)
194 return (m_field->Equal(P.x,Q.x) && m_field->Equal(P.y,Q.y));
199#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY) || defined(HAVE_XLC_INIT_PRIORITY)
201#elif defined(CRYPTOPP_CXX11_STATIC_INIT)
215 m_R.identity =
false;
216 m_R.y = m_field->Add(P.x, P.y);
224 if (P.identity)
return Q;
225 if (Q.identity)
return P;
227 if (m_field->Equal(P.x, Q.x) && m_field->Equal(P.y, m_field->Add(Q.x, Q.y)))
return Identity();
229 FieldElement t = m_field->Add(P.y, Q.y);
230 t = m_field->Divide(t, m_field->Add(P.x, Q.x));
231 FieldElement x = m_field->Square(t);
232 m_field->Accumulate(x, t);
233 m_field->Accumulate(x, Q.x);
234 m_field->Accumulate(x, m_a);
235 m_R.y = m_field->Add(P.y, m_field->Multiply(t, x));
236 m_field->Accumulate(x, P.x);
237 m_field->Accumulate(m_R.y, x);
240 m_R.identity =
false;
246 if (P.identity)
return P;
247 if (!m_field->IsUnit(P.x))
return Identity();
249 FieldElement t = m_field->Divide(P.y, P.x);
250 m_field->Accumulate(t, P.x);
251 m_R.y = m_field->Square(P.x);
252 m_R.x = m_field->Square(t);
253 m_field->Accumulate(m_R.x, t);
254 m_field->Accumulate(m_R.x, m_a);
255 m_field->Accumulate(m_R.y, m_field->Multiply(t, m_R.x));
256 m_field->Accumulate(m_R.y, m_R.x);
258 m_R.identity =
false;
269 m_ep.m_group = m_ec.get();
275 m_ec.reset(
new EC2N(ec));
276 m_ep.SetGroupAndBase(*m_ec, base);
281 m_ep.Precompute(maxExpBits, storage);
288 BERDecodeUnsigned<word32>(seq, version,
INTEGER, 1, 1);
289 m_ep.m_exponentBase.BERDecode(seq);
290 m_ep.m_windowSize = m_ep.m_exponentBase.BitCount() - 1;
291 m_ep.m_bases.clear();
292 while (!seq.EndReached())
293 m_ep.m_bases.push_back(m_ec->BERDecodePoint(seq));
300 DEREncodeUnsigned<word32>(seq, 1);
301 m_ep.m_exponentBase.DEREncode(seq);
302 for (
unsigned i=0; i<m_ep.m_bases.size(); i++)
303 m_ec->DEREncodePoint(seq, m_ep.m_bases[i]);
309 return m_ep.Exponentiate(exponent);
314 return m_ep.CascadeExponentiate(exponent,
static_cast<const EcPrecomputation<EC2N> &
>(pc2).m_ep, exponent2);
Classes and functions for working with ANS.1 objects.
CRYPTOPP_DLL size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
DER decode bit string.
CRYPTOPP_DLL size_t DEREncodeOctetString(BufferedTransformation &bt, const byte *str, size_t strLen)
DER encode octet string.
CRYPTOPP_DLL size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
BER decode octet string.
void BERDecodeError()
Raises a BERDecodeErr.
Copy input to a memory buffer.
DL_FixedBasePrecomputation interface.
Elliptic Curve over GF(2^n)
bool VerifyPoint(const Point &P) const
Verifies points on elliptic curve.
const Point & Identity() const
Provides the Identity element.
const Point & Double(const Point &P) const
Doubles an element in the group.
unsigned int EncodedPointSize(bool compressed=false) const
Determines encoded point size.
bool Equal(const Point &P, const Point &Q) const
Compare two elements for equality.
bool DecodePoint(Point &P, BufferedTransformation &bt, size_t len) const
Decodes an elliptic curve point.
void DEREncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
DER Encodes an elliptic curve point.
void EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const
Encodes an elliptic curve point.
void DEREncode(BufferedTransformation &bt) const
Encode the fields fieldID and curve of the sequence ECParameters.
Point BERDecodePoint(BufferedTransformation &bt) const
BER Decodes an elliptic curve point.
const Point & Inverse(const Point &P) const
Inverts the element in the group.
const Point & Add(const Point &P, const Point &Q) const
Adds elements in the group.
Elliptic Curve precomputation.
Multiple precision integer with arithmetic operations.
Interface for random number generators.
size_type size() const
Provides the count of elements in the SecBlock.
Restricts the instantiation of a class to one static object without locks.
const T & Ref(...) const
Return a reference to the inner Singleton object.
String-based implementation of Store interface.
unsigned int word32
32-bit unsigned datatype
Classes for Elliptic Curves over binary fields.
Implementation of BufferedTransformation's attachment interface.
Multiple precision integer with arithmetic operations.
Crypto++ library namespace.
Elliptical Curve Point over GF(2^n)
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.