Crypto++  8.9
Free C++ class library of cryptographic schemes
ecp.cpp
1 // ecp.cpp - originally written and placed in the public domain by Wei Dai
2 
3 #include "pch.h"
4 
5 #ifndef CRYPTOPP_IMPORTS
6 
7 #include "ecp.h"
8 #include "asn.h"
9 #include "integer.h"
10 #include "nbtheory.h"
11 #include "modarith.h"
12 #include "filters.h"
13 #include "algebra.cpp"
14 
15 ANONYMOUS_NAMESPACE_BEGIN
16 
17 using CryptoPP::ECP;
18 using CryptoPP::Integer;
19 using CryptoPP::ModularArithmetic;
20 
21 #if defined(HAVE_GCC_INIT_PRIORITY)
22  #define INIT_ATTRIBUTE __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 50)))
23  const ECP::Point g_identity INIT_ATTRIBUTE = ECP::Point();
24 #elif defined(HAVE_MSC_INIT_PRIORITY)
25  #pragma warning(disable: 4075)
26  #pragma init_seg(".CRT$XCU")
27  const ECP::Point g_identity;
28  #pragma warning(default: 4075)
29 #elif defined(HAVE_XLC_INIT_PRIORITY)
30  #pragma priority(290)
31  const ECP::Point g_identity;
32 #endif
33 
34 inline ECP::Point ToMontgomery(const ModularArithmetic &mr, const ECP::Point &P)
35 {
36  return P.identity ? P : ECP::Point(mr.ConvertIn(P.x), mr.ConvertIn(P.y));
37 }
38 
39 inline ECP::Point FromMontgomery(const ModularArithmetic &mr, const ECP::Point &P)
40 {
41  return P.identity ? P : ECP::Point(mr.ConvertOut(P.x), mr.ConvertOut(P.y));
42 }
43 
44 inline Integer IdentityToInteger(bool val)
45 {
46  return val ? Integer::One() : Integer::Zero();
47 }
48 
49 struct ProjectivePoint
50 {
51  ProjectivePoint() {}
52  ProjectivePoint(const Integer &x, const Integer &y, const Integer &z)
53  : x(x), y(y), z(z) {}
54 
55  Integer x, y, z;
56 };
57 
58 ANONYMOUS_NAMESPACE_END
59 
60 NAMESPACE_BEGIN(CryptoPP)
61 
62 ECP::ECP(const ECP &ecp, bool convertToMontgomeryRepresentation)
63 {
64  if (convertToMontgomeryRepresentation && !ecp.GetField().IsMontgomeryRepresentation())
65  {
66  m_fieldPtr.reset(new MontgomeryRepresentation(ecp.GetField().GetModulus()));
67  m_a = GetField().ConvertIn(ecp.m_a);
68  m_b = GetField().ConvertIn(ecp.m_b);
69  }
70  else
71  operator=(ecp);
72 }
73 
74 ECP::ECP(BufferedTransformation &bt)
75  : m_fieldPtr(new Field(bt))
76 {
77  BERSequenceDecoder seq(bt);
78  GetField().BERDecodeElement(seq, m_a);
79  GetField().BERDecodeElement(seq, m_b);
80  // skip optional seed
81  if (!seq.EndReached())
82  {
83  SecByteBlock seed;
84  unsigned int unused;
85  BERDecodeBitString(seq, seed, unused);
86  }
87  seq.MessageEnd();
88 }
89 
90 void ECP::DEREncode(BufferedTransformation &bt) const
91 {
92  GetField().DEREncode(bt);
93  DERSequenceEncoder seq(bt);
94  GetField().DEREncodeElement(seq, m_a);
95  GetField().DEREncodeElement(seq, m_b);
96  seq.MessageEnd();
97 }
98 
99 bool ECP::DecodePoint(ECP::Point &P, const byte *encodedPoint, size_t encodedPointLen) const
100 {
101  StringStore store(encodedPoint, encodedPointLen);
102  return DecodePoint(P, store, encodedPointLen);
103 }
104 
105 bool ECP::DecodePoint(ECP::Point &P, BufferedTransformation &bt, size_t encodedPointLen) const
106 {
107  byte type;
108  if (encodedPointLen < 1 || !bt.Get(type))
109  return false;
110 
111  switch (type)
112  {
113  case 0:
114  P.identity = true;
115  return true;
116  case 2:
117  case 3:
118  {
119  if (encodedPointLen != EncodedPointSize(true))
120  return false;
121 
122  // Check for p is prime due to GH #1249
123  const Integer p = FieldSize();
124  CRYPTOPP_ASSERT(IsPrime(p));
125  if (!IsPrime(p))
126  return false;
127 
128  P.identity = false;
129  P.x.Decode(bt, GetField().MaxElementByteLength());
130  P.y = ((P.x*P.x+m_a)*P.x+m_b) % p;
131 
132  if (Jacobi(P.y, p) !=1)
133  return false;
134 
135  // Callers must ensure p is prime, GH #1249
136  P.y = ModularSquareRoot(P.y, p);
137 
138  if ((type & 1) != P.y.GetBit(0))
139  P.y = p-P.y;
140 
141  return true;
142  }
143  case 4:
144  {
145  if (encodedPointLen != EncodedPointSize(false))
146  return false;
147 
148  unsigned int len = GetField().MaxElementByteLength();
149  P.identity = false;
150  P.x.Decode(bt, len);
151  P.y.Decode(bt, len);
152  return true;
153  }
154  default:
155  return false;
156  }
157 }
158 
159 void ECP::EncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
160 {
161  if (P.identity)
162  NullStore().TransferTo(bt, EncodedPointSize(compressed));
163  else if (compressed)
164  {
165  bt.Put((byte)(2U + P.y.GetBit(0)));
166  P.x.Encode(bt, GetField().MaxElementByteLength());
167  }
168  else
169  {
170  unsigned int len = GetField().MaxElementByteLength();
171  bt.Put(4U); // uncompressed
172  P.x.Encode(bt, len);
173  P.y.Encode(bt, len);
174  }
175 }
176 
177 void ECP::EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const
178 {
179  ArraySink sink(encodedPoint, EncodedPointSize(compressed));
180  EncodePoint(sink, P, compressed);
181  CRYPTOPP_ASSERT(sink.TotalPutLength() == EncodedPointSize(compressed));
182 }
183 
184 ECP::Point ECP::BERDecodePoint(BufferedTransformation &bt) const
185 {
186  SecByteBlock str;
187  BERDecodeOctetString(bt, str);
188  Point P;
189  if (!DecodePoint(P, str, str.size()))
190  BERDecodeError();
191  return P;
192 }
193 
194 void ECP::DEREncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
195 {
196  SecByteBlock str(EncodedPointSize(compressed));
197  EncodePoint(str, P, compressed);
198  DEREncodeOctetString(bt, str);
199 }
200 
201 bool ECP::ValidateParameters(RandomNumberGenerator &rng, unsigned int level) const
202 {
203  Integer p = FieldSize();
204 
205  bool pass = p.IsOdd();
206  pass = pass && !m_a.IsNegative() && m_a<p && !m_b.IsNegative() && m_b<p;
207 
208  if (level >= 1)
209  pass = pass && ((4*m_a*m_a*m_a+27*m_b*m_b)%p).IsPositive();
210 
211  if (level >= 2)
212  pass = pass && VerifyPrime(rng, p);
213 
214  return pass;
215 }
216 
217 bool ECP::VerifyPoint(const Point &P) const
218 {
219  const FieldElement &x = P.x, &y = P.y;
220  Integer p = FieldSize();
221  return P.identity ||
222  (!x.IsNegative() && x<p && !y.IsNegative() && y<p
223  && !(((x*x+m_a)*x+m_b-y*y)%p));
224 }
225 
226 bool ECP::Equal(const Point &P, const Point &Q) const
227 {
228  if (P.identity && Q.identity)
229  return true;
230 
231  if (P.identity && !Q.identity)
232  return false;
233 
234  if (!P.identity && Q.identity)
235  return false;
236 
237  return (GetField().Equal(P.x,Q.x) && GetField().Equal(P.y,Q.y));
238 }
239 
240 const ECP::Point& ECP::Identity() const
241 {
242 #if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY) || defined(HAVE_XLC_INIT_PRIORITY)
243  return g_identity;
244 #elif defined(CRYPTOPP_CXX11_STATIC_INIT)
245  static const ECP::Point g_identity;
246  return g_identity;
247 #else
248  return Singleton<Point>().Ref();
249 #endif
250 }
251 
252 const ECP::Point& ECP::Inverse(const Point &P) const
253 {
254  if (P.identity)
255  return P;
256  else
257  {
258  m_R.identity = false;
259  m_R.x = P.x;
260  m_R.y = GetField().Inverse(P.y);
261  return m_R;
262  }
263 }
264 
265 const ECP::Point& ECP::Add(const Point &P, const Point &Q) const
266 {
267  if (P.identity) return Q;
268  if (Q.identity) return P;
269  if (GetField().Equal(P.x, Q.x))
270  return GetField().Equal(P.y, Q.y) ? Double(P) : Identity();
271 
272  FieldElement t = GetField().Subtract(Q.y, P.y);
273  t = GetField().Divide(t, GetField().Subtract(Q.x, P.x));
274  FieldElement x = GetField().Subtract(GetField().Subtract(GetField().Square(t), P.x), Q.x);
275  m_R.y = GetField().Subtract(GetField().Multiply(t, GetField().Subtract(P.x, x)), P.y);
276 
277  m_R.x.swap(x);
278  m_R.identity = false;
279  return m_R;
280 }
281 
282 const ECP::Point& ECP::Double(const Point &P) const
283 {
284  if (P.identity || P.y==GetField().Identity()) return Identity();
285 
286  FieldElement t = GetField().Square(P.x);
287  t = GetField().Add(GetField().Add(GetField().Double(t), t), m_a);
288  t = GetField().Divide(t, GetField().Double(P.y));
289  FieldElement x = GetField().Subtract(GetField().Subtract(GetField().Square(t), P.x), P.x);
290  m_R.y = GetField().Subtract(GetField().Multiply(t, GetField().Subtract(P.x, x)), P.y);
291 
292  m_R.x.swap(x);
293  m_R.identity = false;
294  return m_R;
295 }
296 
297 template <class T, class Iterator> void ParallelInvert(const AbstractRing<T> &ring, Iterator begin, Iterator end)
298 {
299  size_t n = end-begin;
300  if (n == 1)
301  *begin = ring.MultiplicativeInverse(*begin);
302  else if (n > 1)
303  {
304  std::vector<T> vec((n+1)/2);
305  unsigned int i;
306  Iterator it;
307 
308  for (i=0, it=begin; i<n/2; i++, it+=2)
309  vec[i] = ring.Multiply(*it, *(it+1));
310  if (n%2 == 1)
311  vec[n/2] = *it;
312 
313  ParallelInvert(ring, vec.begin(), vec.end());
314 
315  for (i=0, it=begin; i<n/2; i++, it+=2)
316  {
317  if (!vec[i])
318  {
319  *it = ring.MultiplicativeInverse(*it);
320  *(it+1) = ring.MultiplicativeInverse(*(it+1));
321  }
322  else
323  {
324  std::swap(*it, *(it+1));
325  *it = ring.Multiply(*it, vec[i]);
326  *(it+1) = ring.Multiply(*(it+1), vec[i]);
327  }
328  }
329  if (n%2 == 1)
330  *it = vec[n/2];
331  }
332 }
333 
334 class ProjectiveDoubling
335 {
336 public:
337  ProjectiveDoubling(const ModularArithmetic &m_mr, const Integer &m_a, const Integer &m_b, const ECPPoint &Q)
338  : mr(m_mr)
339  {
340  CRYPTOPP_UNUSED(m_b);
341  if (Q.identity)
342  {
343  sixteenY4 = P.x = P.y = mr.MultiplicativeIdentity();
344  aZ4 = P.z = mr.Identity();
345  }
346  else
347  {
348  P.x = Q.x;
349  P.y = Q.y;
350  sixteenY4 = P.z = mr.MultiplicativeIdentity();
351  aZ4 = m_a;
352  }
353  }
354 
355  void Double()
356  {
357  twoY = mr.Double(P.y);
358  P.z = mr.Multiply(P.z, twoY);
359  fourY2 = mr.Square(twoY);
360  S = mr.Multiply(fourY2, P.x);
361  aZ4 = mr.Multiply(aZ4, sixteenY4);
362  M = mr.Square(P.x);
363  M = mr.Add(mr.Add(mr.Double(M), M), aZ4);
364  P.x = mr.Square(M);
365  mr.Reduce(P.x, S);
366  mr.Reduce(P.x, S);
367  mr.Reduce(S, P.x);
368  P.y = mr.Multiply(M, S);
369  sixteenY4 = mr.Square(fourY2);
370  mr.Reduce(P.y, mr.Half(sixteenY4));
371  }
372 
373  const ModularArithmetic &mr;
374  ProjectivePoint P;
375  Integer sixteenY4, aZ4, twoY, fourY2, S, M;
376 };
377 
378 struct ZIterator
379 {
380  ZIterator() {}
381  ZIterator(std::vector<ProjectivePoint>::iterator it) : it(it) {}
382  Integer& operator*() {return it->z;}
383  int operator-(ZIterator it2) {return int(it-it2.it);}
384  ZIterator operator+(int i) {return ZIterator(it+i);}
385  ZIterator& operator+=(int i) {it+=i; return *this;}
386  std::vector<ProjectivePoint>::iterator it;
387 };
388 
389 ECP::Point ECP::ScalarMultiply(const Point &P, const Integer &k) const
390 {
391  Element result;
392  if (k.BitCount() <= 5)
393  AbstractGroup<ECPPoint>::SimultaneousMultiply(&result, P, &k, 1);
394  else
395  ECP::SimultaneousMultiply(&result, P, &k, 1);
396  return result;
397 }
398 
399 void ECP::SimultaneousMultiply(ECP::Point *results, const ECP::Point &P, const Integer *expBegin, unsigned int expCount) const
400 {
401  if (!GetField().IsMontgomeryRepresentation())
402  {
403  ECP ecpmr(*this, true);
404  const ModularArithmetic &mr = ecpmr.GetField();
405  ecpmr.SimultaneousMultiply(results, ToMontgomery(mr, P), expBegin, expCount);
406  for (unsigned int i=0; i<expCount; i++)
407  results[i] = FromMontgomery(mr, results[i]);
408  return;
409  }
410 
411  ProjectiveDoubling rd(GetField(), m_a, m_b, P);
412  std::vector<ProjectivePoint> bases;
413  std::vector<WindowSlider> exponents;
414  exponents.reserve(expCount);
415  std::vector<std::vector<word32> > baseIndices(expCount);
416  std::vector<std::vector<bool> > negateBase(expCount);
417  std::vector<std::vector<word32> > exponentWindows(expCount);
418  unsigned int i;
419 
420  for (i=0; i<expCount; i++)
421  {
422  CRYPTOPP_ASSERT(expBegin->NotNegative());
423  exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 5));
424  exponents[i].FindNextWindow();
425  }
426 
427  unsigned int expBitPosition = 0;
428  bool notDone = true;
429 
430  while (notDone)
431  {
432  notDone = false;
433  bool baseAdded = false;
434  for (i=0; i<expCount; i++)
435  {
436  if (!exponents[i].finished && expBitPosition == exponents[i].windowBegin)
437  {
438  if (!baseAdded)
439  {
440  bases.push_back(rd.P);
441  baseAdded =true;
442  }
443 
444  exponentWindows[i].push_back(exponents[i].expWindow);
445  baseIndices[i].push_back((word32)bases.size()-1);
446  negateBase[i].push_back(exponents[i].negateNext);
447 
448  exponents[i].FindNextWindow();
449  }
450  notDone = notDone || !exponents[i].finished;
451  }
452 
453  if (notDone)
454  {
455  rd.Double();
456  expBitPosition++;
457  }
458  }
459 
460  // convert from projective to affine coordinates
461  ParallelInvert(GetField(), ZIterator(bases.begin()), ZIterator(bases.end()));
462  for (i=0; i<bases.size(); i++)
463  {
464  if (bases[i].z.NotZero())
465  {
466  bases[i].y = GetField().Multiply(bases[i].y, bases[i].z);
467  bases[i].z = GetField().Square(bases[i].z);
468  bases[i].x = GetField().Multiply(bases[i].x, bases[i].z);
469  bases[i].y = GetField().Multiply(bases[i].y, bases[i].z);
470  }
471  }
472 
473  std::vector<BaseAndExponent<Point, Integer> > finalCascade;
474  for (i=0; i<expCount; i++)
475  {
476  finalCascade.resize(baseIndices[i].size());
477  for (unsigned int j=0; j<baseIndices[i].size(); j++)
478  {
479  ProjectivePoint &base = bases[baseIndices[i][j]];
480  if (base.z.IsZero())
481  finalCascade[j].base.identity = true;
482  else
483  {
484  finalCascade[j].base.identity = false;
485  finalCascade[j].base.x = base.x;
486  if (negateBase[i][j])
487  finalCascade[j].base.y = GetField().Inverse(base.y);
488  else
489  finalCascade[j].base.y = base.y;
490  }
491  finalCascade[j].exponent = Integer(Integer::POSITIVE, 0, exponentWindows[i][j]);
492  }
493  results[i] = GeneralCascadeMultiplication(*this, finalCascade.begin(), finalCascade.end());
494  }
495 }
496 
497 ECP::Point ECP::CascadeScalarMultiply(const Point &P, const Integer &k1, const Point &Q, const Integer &k2) const
498 {
499  if (!GetField().IsMontgomeryRepresentation())
500  {
501  ECP ecpmr(*this, true);
502  const ModularArithmetic &mr = ecpmr.GetField();
503  return FromMontgomery(mr, ecpmr.CascadeScalarMultiply(ToMontgomery(mr, P), k1, ToMontgomery(mr, Q), k2));
504  }
505  else
506  return AbstractGroup<Point>::CascadeScalarMultiply(P, k1, Q, k2);
507 }
508 
509 NAMESPACE_END
510 
511 #endif
asn.h
Classes and functions for working with ANS.1 objects.
BERDecodeBitString
CRYPTOPP_DLL size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
DER decode bit string.
operator+
OID operator+(const OID &lhs, unsigned long rhs)
Append a value to an OID.
DEREncodeOctetString
CRYPTOPP_DLL size_t DEREncodeOctetString(BufferedTransformation &bt, const byte *str, size_t strLen)
DER encode octet string.
BERDecodeOctetString
CRYPTOPP_DLL size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
BER decode octet string.
BERDecodeError
void BERDecodeError()
Raises a BERDecodeErr.
Definition: asn.h:104
AbstractGroup::CascadeScalarMultiply
virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1, const Element &y, const Integer &e2) const
TODO.
Definition: algebra.cpp:97
AbstractGroup::SimultaneousMultiply
virtual void SimultaneousMultiply(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const
Multiplies a base to multiple exponents in a group.
Definition: algebra.cpp:256
AbstractGroup< ECPPoint >::Subtract
virtual const Element & Subtract(const Element &a, const Element &b) const
Subtracts elements in the group.
Definition: algebra.cpp:20
AbstractRing
Abstract ring.
Definition: algebra.h:119
AbstractRing::Multiply
virtual const Element & Multiply(const Element &a, const Element &b) const =0
Multiplies elements in the group.
AbstractRing::MultiplicativeInverse
virtual const Element & MultiplicativeInverse(const Element &a) const =0
Calculate the multiplicative inverse of an element in the group.
ArraySink
Copy input to a memory buffer.
Definition: filters.h:1200
BERSequenceDecoder
BER Sequence Decoder.
Definition: asn.h:526
BufferedTransformation
Interface for buffered transformations.
Definition: cryptlib.h:1657
BufferedTransformation::Get
virtual size_t Get(byte &outByte)
Retrieve a 8-bit byte.
BufferedTransformation::TransferTo
lword TransferTo(BufferedTransformation &target, lword transferMax=LWORD_MAX, const std::string &channel=DEFAULT_CHANNEL)
move transferMax bytes of the buffered output to target as input
Definition: cryptlib.h:1996
BufferedTransformation::Put
size_t Put(byte inByte, bool blocking=true)
Input a byte for processing.
Definition: cryptlib.h:1678
DERSequenceEncoder
DER Sequence Encoder.
Definition: asn.h:558
ECP
Elliptic Curve over GF(p), where p is prime.
Definition: ecp.h:27
ECP::InversionIsFast
bool InversionIsFast() const
Determine if inversion is fast.
Definition: ecp.h:75
ECP::Inverse
const Point & Inverse(const Point &P) const
Inverts the element in the group.
ECP::EncodePoint
void EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const
Encodes an elliptic curve point.
ECP::ECP
ECP()
Construct an ECP.
Definition: ecp.h:36
ECP::Equal
bool Equal(const Point &P, const Point &Q) const
Compare two points.
ECP::DEREncodePoint
void DEREncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
DER Encodes an elliptic curve point.
ECP::VerifyPoint
bool VerifyPoint(const Point &P) const
Verifies points on elliptic curve.
ECP::Identity
const Point & Identity() const
Provides the Identity element.
ECP::BERDecodePoint
Point BERDecodePoint(BufferedTransformation &bt) const
BER Decodes an elliptic curve point.
ECP::EncodedPointSize
unsigned int EncodedPointSize(bool compressed=false) const
Determines encoded point size.
Definition: ecp.h:90
ECP::DecodePoint
bool DecodePoint(Point &P, BufferedTransformation &bt, size_t len) const
Decodes an elliptic curve point.
ECP::DEREncode
void DEREncode(BufferedTransformation &bt) const
DER Encode.
ECP::Add
const Point & Add(const Point &P, const Point &Q) const
Adds elements in the group.
Integer
Multiple precision integer with arithmetic operations.
Definition: integer.h:50
Integer::One
static const Integer & One()
Integer representing 1.
Integer::BitCount
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
Integer::NotNegative
bool NotNegative() const
Determines if the Integer is non-negative.
Definition: integer.h:344
Integer::swap
void swap(Integer &a)
Swaps this Integer with another Integer.
Integer::IsNegative
bool IsNegative() const
Determines if the Integer is negative.
Definition: integer.h:341
Integer::POSITIVE
@ POSITIVE
the value is positive or 0
Definition: integer.h:75
Integer::IsOdd
bool IsOdd() const
Determines if the Integer is odd parity.
Definition: integer.h:356
ModularArithmetic
Ring of congruence classes modulo n.
Definition: modarith.h:44
ModularArithmetic::Add
const Integer & Add(const Integer &a, const Integer &b) const
Adds elements in the ring.
ModularArithmetic::Multiply
const Integer & Multiply(const Integer &a, const Integer &b) const
Multiplies elements in the ring.
Definition: modarith.h:190
ModularArithmetic::Inverse
const Integer & Inverse(const Integer &a) const
Inverts the element in the ring.
ModularArithmetic::Divide
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Definition: modarith.h:218
ModularArithmetic::MaxElementByteLength
unsigned int MaxElementByteLength() const
Provides the maximum byte size of an element in the ring.
Definition: modarith.h:248
ModularArithmetic::DEREncodeElement
void DEREncodeElement(BufferedTransformation &out, const Element &a) const
Encodes element in DER format.
ModularArithmetic::GetModulus
const Integer & GetModulus() const
Retrieves the modulus.
Definition: modarith.h:99
ModularArithmetic::IsMontgomeryRepresentation
virtual bool IsMontgomeryRepresentation() const
Retrieves the representation.
Definition: modarith.h:108
ModularArithmetic::Square
const Integer & Square(const Integer &a) const
Square an element in the ring.
Definition: modarith.h:197
ModularArithmetic::Equal
bool Equal(const Integer &a, const Integer &b) const
Compare two elements for equality.
Definition: modarith.h:135
ModularArithmetic::Subtract
const Integer & Subtract(const Integer &a, const Integer &b) const
Subtracts elements in the ring.
ModularArithmetic::ConvertOut
virtual Integer ConvertOut(const Integer &a) const
Reduces an element in the congruence class.
Definition: modarith.h:123
ModularArithmetic::ConvertIn
virtual Integer ConvertIn(const Integer &a) const
Reduces an element in the congruence class.
Definition: modarith.h:115
ModularArithmetic::DEREncode
void DEREncode(BufferedTransformation &bt) const
Encodes in DER format.
MontgomeryRepresentation
Performs modular arithmetic in Montgomery representation for increased speed.
Definition: modarith.h:296
NullStore
Empty store.
Definition: filters.h:1321
RandomNumberGenerator
Interface for random number generators.
Definition: cryptlib.h:1440
SecBlock::size
size_type size() const
Provides the count of elements in the SecBlock.
Definition: secblock.h:867
SecByteBlock
SecBlock<byte> typedef.
Definition: secblock.h:1226
Singleton
Restricts the instantiation of a class to one static object without locks.
Definition: misc.h:309
Singleton::Ref
const T & Ref(...) const
Return a reference to the inner Singleton object.
Definition: misc.h:329
Square
Square block cipher.
Definition: square.h:25
StringStore
String-based implementation of Store interface.
Definition: filters.h:1259
word32
unsigned int word32
32-bit unsigned datatype
Definition: config_int.h:72
ecp.h
Classes for Elliptic Curves over prime fields.
filters.h
Implementation of BufferedTransformation's attachment interface.
integer.h
Multiple precision integer with arithmetic operations.
operator-
inline ::Integer operator-(const ::Integer &a, const ::Integer &b)
Subtraction.
Definition: integer.h:772
operator*
inline ::Integer operator*(const ::Integer &a, const ::Integer &b)
Multiplication.
Definition: integer.h:775
modarith.h
Class file for performing modular arithmetic.
CryptoPP
Crypto++ library namespace.
nbtheory.h
Classes and functions for number theoretic operations.
Jacobi
CRYPTOPP_DLL int Jacobi(const Integer &a, const Integer &b)
Calculate the Jacobi symbol.
IsPrime
CRYPTOPP_DLL bool IsPrime(const Integer &p)
Verifies a number is probably prime.
ModularSquareRoot
CRYPTOPP_DLL Integer ModularSquareRoot(const Integer &a, const Integer &p)
Extract a modular square root.
VerifyPrime
CRYPTOPP_DLL bool VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level=1)
Verifies a number is probably prime.
pch.h
Precompiled header file.
swap
void swap(::SecBlock< T, A > &a, ::SecBlock< T, A > &b)
Swap two SecBlocks.
Definition: secblock.h:1289
ECPPoint
Elliptical Curve Point over GF(p), where p is prime.
Definition: ecpoint.h:21
CRYPTOPP_ASSERT
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Definition: trap.h:68
Generated on Thu Feb 6 2025 01:23:13 for Crypto++ by doxygen 1.9.1