6#ifndef CRYPTOPP_IMPORTS
22ANONYMOUS_NAMESPACE_BEGIN
24using CryptoPP::PolynomialMod2;
26#if defined(HAVE_GCC_INIT_PRIORITY)
29#elif defined(HAVE_MSC_INIT_PRIORITY)
30 #pragma warning(disable: 4075)
31 #pragma init_seg(".CRT$XCU")
34 #pragma warning(default: 4075)
35#elif defined(HAVE_XLC_INIT_PRIORITY)
41ANONYMOUS_NAMESPACE_END
45#if (CRYPTOPP_CLMUL_AVAILABLE)
46extern CRYPTOPP_DLL
void GF2NT_233_Multiply_Reduce_CLMUL(
const word* pA,
const word* pB,
word* pC);
47extern CRYPTOPP_DLL
void GF2NT_233_Square_Reduce_CLMUL(
const word* pA,
word* pC);
50#if (CRYPTOPP_ARM_PMULL_AVAILABLE)
51extern void GF2NT_233_Multiply_Reduce_ARMv8(
const word* pA,
const word* pB,
word* pC);
52extern void GF2NT_233_Square_Reduce_ARMv8(
const word* pA,
word* pC);
55#if (CRYPTOPP_POWER8_VMULL_AVAILABLE) && 0
56extern void GF2NT_233_Multiply_Reduce_POWER8(
const word* pA,
const word* pB,
word* pC);
57extern void GF2NT_233_Square_Reduce_POWER8(
const word* pA,
word* pC);
84 const size_t nbytes = nbits/8 + 1;
87 buf[0] = (
byte)
Crop(buf[0], nbits % 8);
96 result.reg[result.reg.size()-1] = (
word)
Crop(result.reg[result.reg.size()-1], bitLength%
WORD_BITS);
100void PolynomialMod2::SetBit(
size_t n,
int value)
143 if (t1 > t0 || t2 > t0)
144 throw InvalidArgument(
"PolynomialMod2: exponents must be in descending order");
162 if (t1 > t0 || t2 > t0 || t3 > t0 || t4 > t0)
163 throw InvalidArgument(
"PolynomialMod2: exponents must be in descending order");
175struct NewPolynomialMod2
185#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY) || defined(HAVE_XLC_INIT_PRIORITY)
187#elif defined(CRYPTOPP_CXX11_STATIC_INIT)
197#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY) || defined(HAVE_XLC_INIT_PRIORITY)
199#elif defined(CRYPTOPP_CXX11_STATIC_INIT)
207void PolynomialMod2::Decode(
const byte *input,
size_t inputLen)
210 Decode(store, inputLen);
227 for (
size_t i=inputLen; i > 0; i--)
237 for (
size_t i=outputLen; i > 0; i--)
251 if (!dec.IsDefiniteLength() || dec.RemainingLength() != length)
284 for (i=0; i<reg.
size(); i++)
286 return CryptoPP::Parity(temp);
304 if (b.reg.size() >= reg.
size())
314 XorWords(result.reg, reg, b.reg, b.reg.size());
315 CopyWords(result.reg+b.reg.size(), reg+b.reg.size(), reg.
size()-b.reg.size());
323 AndWords(result.reg, reg, b.reg, result.reg.size());
331 for (
int i=b.Degree(); i>=0; i--)
342 static const word map[16] = {0, 1, 4, 5, 16, 17, 20, 21, 64, 65, 68, 69, 80, 81, 84, 85};
346 for (
unsigned i=0; i<reg.
size(); i++)
351 result.reg[2*i] |= map[(reg[i] >> (j/2)) % 16] << j;
354 result.reg[2*i+1] |= map[(reg[i] >> (j/2 +
WORD_BITS/2)) % 16] << j;
366 int degree = divisor.
Degree();
373 for (
int i=dividend.
Degree(); i>=0; i--)
376 remainder.reg[0] |= dividend[i];
377 if (remainder[degree])
379 remainder -= divisor;
401#if defined(CRYPTOPP_DEBUG)
402 int x=0; CRYPTOPP_UNUSED(x);
420 *r = (u << 1) | carry;
428 reg[reg.
size()-1] = carry;
443 *r = (u << shiftBits) | carry;
452 const size_t carryIndex = reg.
size();
453 reg.
Grow(reg.
size()+shiftWords+!!shiftBits);
454 reg[carryIndex] = carry;
461 for (i = (
int)reg.
size()-1; i>=shiftWords; i--)
462 reg[i] = reg[i-shiftWords];
489 *r = (u >> shiftBits) | carry;
497 for (i=0; i<reg.
size()-shiftWords; i++)
498 reg[i] = reg[i+shiftWords];
499 for (; i<reg.
size(); i++)
518bool PolynomialMod2::operator!()
const
520 for (
unsigned i=0; i<reg.
size(); i++)
521 if (reg[i])
return false;
529 for (i=0; i<smallerSize; i++)
530 if (reg[i] != rhs.reg[i])
return false;
532 for (i=smallerSize; i<reg.
size(); i++)
533 if (reg[i] != 0)
return false;
535 for (i=smallerSize; i<rhs.reg.
size(); i++)
536 if (rhs.reg[i] != 0)
return false;
544 long f = out.flags() & std::ios::basefield;
566 return out <<
'0' << suffix;
571 static const char upper[]=
"0123456789ABCDEF";
572 static const char lower[]=
"0123456789abcdef";
573 const char*
const vec = (out.flags() & std::ios::uppercase) ? upper : lower;
575 for (i=0; i*bits < a.BitCount(); i++)
578 for (
int j=0; j<bits; j++)
579 digit |= a[i*bits+j] << j;
586 if (i && (i%block)==0)
590 return out << suffix;
611 for (
int i=1; i<=d/2; i++)
613 u = u.Squared()%(*this);
627GF2NP::Element GF2NP::SquareRoot(
const Element &a)
const
630 for (
unsigned int i=1; i<m; i++)
635GF2NP::Element GF2NP::HalfTrace(
const Element &a)
const
639 for (
unsigned int i=1; i<=(m-1)/2; i++)
644GF2NP::Element GF2NP::SolveQuadraticEquation(
const Element &a)
const
655 for (
unsigned int i=1; i<=m-1; i++)
659 Accumulate(z, Multiply(w, a));
662 }
while (w.IsZero());
671GF2NT::GF2NT(
unsigned int c0,
unsigned int c1,
unsigned int c2)
680 if (c1 > c0 || c2 > c0)
684const GF2NT::Element& GF2NT::MultiplicativeInverse(
const Element &a)
const
691 word *c = T+m_modulus.reg.size();
692 word *f = T+2*m_modulus.reg.size();
693 word *g = T+3*m_modulus.reg.size();
694 size_t bcLen=1, fgLen=m_modulus.reg.size();
697 SetWords(T, 0, 3*m_modulus.reg.size());
701 CopyWords(g, m_modulus.reg, m_modulus.reg.size());
745 if (f[fgLen-1]==0 && g[fgLen-1]==0)
748 if (f[fgLen-1] < g[fgLen-1])
767 for (
unsigned int j=0; j<
WORD_BITS-t1; j++)
771 const unsigned int shift = t1 + j;
773 temp ^= (shift <
WORD_BITS) ? (((temp >> j) & 1) << shift) : 0;
799 for (
unsigned int j=0; j<
WORD_BITS-t1; j++)
803 const unsigned int shift = t1 + j;
805 temp ^= (shift <
WORD_BITS) ? (((temp >> j) & 1) << shift) : 0;
829const GF2NT::Element& GF2NT::Multiply(
const Element &a,
const Element &b)
const
831 size_t aSize =
STDMIN(a.reg.size(), result.reg.
size());
832 Element r((
word)0, m);
834 for (
int i=m-1; i>=0; i--)
839 XorWords(r.reg.begin(), m_modulus.reg, r.reg.size());
845 XorWords(r.reg.begin(), a.reg, aSize);
855const GF2NT::Element& GF2NT::Reduced(
const Element &a)
const
858 return m_domain.Mod(a, m_modulus);
887 word temp = b[i] & ~mask;
911 a.DEREncodeAsOctetString(out, MaxElementByteLength());
916 a.BERDecodeAsOctetString(in, MaxElementByteLength());
922 ASN1::characteristic_two_field().DEREncode(seq);
925 ASN1::tpBasis().DEREncode(parameters);
927 parameters.MessageEnd();
934 ASN1::characteristic_two_field().DEREncode(seq);
937 ASN1::ppBasis().DEREncode(parameters);
942 pentanomial.MessageEnd();
943 parameters.MessageEnd();
952 if (
OID(seq) != ASN1::characteristic_two_field())
958 if (oid == ASN1::tpBasis())
962 result.reset(
new GF2NT(m, t1, 0));
964 else if (oid == ASN1::ppBasis())
966 unsigned int t1, t2, t3;
971 pentanomial.MessageEnd();
972 result.reset(
new GF2NPP(m, t3, t2, t1, 0));
979 parameters.MessageEnd();
982 return result.release();
987GF2NT233::GF2NT233(
unsigned int c0,
unsigned int c1,
unsigned int c2)
994 if (c1 > c0 || c2 > c0)
995 throw InvalidArgument(
"GF2NT233: exponents must be in descending order");
998const GF2NT::Element& GF2NT233::Multiply(
const Element &a,
const Element &b)
const
1000#if (CRYPTOPP_CLMUL_AVAILABLE)
1007 const word* pA = a.reg.begin();
1008 const word* pB = b.reg.begin();
1009 word* pR = result.reg.begin();
1011 GF2NT_233_Multiply_Reduce_CLMUL(pA, pB, pR);
1015#elif (CRYPTOPP_ARM_PMULL_AVAILABLE)
1022 const word* pA = a.reg.begin();
1023 const word* pB = b.reg.begin();
1024 word* pR = result.reg.begin();
1026 GF2NT_233_Multiply_Reduce_ARMv8(pA, pB, pR);
1030#elif (CRYPTOPP_POWER8_VMULL_AVAILABLE) && 0
1037 const word* pA = a.reg.begin();
1038 const word* pB = b.reg.begin();
1039 word* pR = result.reg.begin();
1041 GF2NT_233_Multiply_Reduce_POWER8(pA, pB, pR);
1047 return GF2NT::Multiply(a, b);
1050const GF2NT::Element& GF2NT233::Square(
const Element &a)
const
1052#if (CRYPTOPP_CLMUL_AVAILABLE)
1058 const word* pA = a.reg.begin();
1059 word* pR = result.reg.begin();
1061 GF2NT_233_Square_Reduce_CLMUL(pA, pR);
1065#elif (CRYPTOPP_ARM_PMULL_AVAILABLE)
1071 const word* pA = a.reg.begin();
1072 word* pR = result.reg.begin();
1074 GF2NT_233_Square_Reduce_ARMv8(pA, pR);
1078#elif (CRYPTOPP_POWER8_VMULL_AVAILABLE) && 0
1084 const word* pA = a.reg.begin();
1085 word* pR = result.reg.begin();
1087 GF2NT_233_Square_Reduce_POWER8(pA, pR);
1093 return GF2NT::Square(a);
Classes for performing mathematics over different fields.
Classes and functions for working with ANS.1 objects.
std::ostream & operator<<(std::ostream &out, const OID &oid)
Print a OID value.
void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag=INTEGER, T minValue=0, T maxValue=T(0xffffffff))
BER Decode unsigned value.
size_t DEREncodeUnsigned(BufferedTransformation &out, T w, byte asnTag=INTEGER)
DER Encode unsigned value.
@ OCTET_STRING
ASN.1 Octet string.
void BERDecodeError()
Raises a BERDecodeErr.
virtual const Element & Gcd(const Element &a, const Element &b) const
Calculates the greatest common denominator in the ring.
virtual const Element & MultiplicativeInverse(const Element &a) const=0
Calculate the multiplicative inverse of an element in the group.
Copy input to a memory buffer.
GF(2^n) with Polynomial Basis.
GF(2^n) with Pentanomial Basis.
GF(2^n) with Trinomial Basis.
An invalid argument was detected.
Exception thrown when divide by zero is encountered.
Polynomial with Coefficients in GF(2)
void DEREncodeAsOctetString(BufferedTransformation &bt, size_t length) const
encode value as big-endian octet string
void Encode(byte *output, size_t outputLen) const
encode in big-endian format
static PolynomialMod2 Monomial(size_t i)
Provides x^i.
signed int Degree() const
the zero polynomial will return a degree of -1
static const PolynomialMod2 & One()
The One polinomial.
bool IsIrreducible() const
check for irreducibility
static PolynomialMod2 Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4)
Provides x^t0 + x^t1 + x^t2 + x^t3 + x^t4.
bool IsUnit() const
only 1 is a unit
void BERDecodeAsOctetString(BufferedTransformation &bt, size_t length)
decode value as big-endian octet string
byte GetByte(size_t n) const
return the n-th byte
unsigned int BitCount() const
number of significant bits = Degree() + 1
unsigned int WordCount() const
number of significant words = ceiling(ByteCount()/sizeof(word))
static PolynomialMod2 AllOnes(size_t n)
Provides x^(n-1) + ... + x + 1.
static PolynomialMod2 Trinomial(size_t t0, size_t t1, size_t t2)
Provides x^t0 + x^t1 + x^t2.
PolynomialMod2 InverseMod(const PolynomialMod2 &) const
calculate multiplicative inverse of *this mod n
unsigned int Parity() const
sum modulo 2 of all coefficients
PolynomialMod2()
Construct the zero polynomial.
static const PolynomialMod2 & Zero()
The Zero polinomial.
unsigned int ByteCount() const
number of significant bytes = ceiling(BitCount()/8)
static void Divide(PolynomialMod2 &r, PolynomialMod2 &q, const PolynomialMod2 &a, const PolynomialMod2 &d)
calculate r and q such that (a == d*q + r) && (deg(r) < deg(d))
static PolynomialMod2 Gcd(const PolynomialMod2 &a, const PolynomialMod2 &n)
greatest common divisor
void SetByte(size_t n, byte value)
set the n-th byte to value
Interface for random number generators.
virtual void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
Randomness Pool based on AES-256.
Secure memory block with allocator and cleanup.
iterator begin()
Provides an iterator pointing to the first element in the memory block.
void CleanNew(size_type newSize)
Change size without preserving contents.
void CleanGrow(size_type newSize)
Change size and preserve contents.
void Grow(size_type newSize)
Change size and preserve contents.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
size_type size() const
Provides the count of elements in the SecBlock.
Restricts the instantiation of a class to one static object without locks.
const T & Ref(...) const
Return a reference to the inner Singleton object.
String-based implementation of Store interface.
Pointer that overloads operator ->
Library configuration file.
unsigned char byte
8-bit unsigned datatype
word64 word
Full word used for multiprecision integer arithmetic.
const unsigned int WORD_BITS
Size of a platform word in bits.
const unsigned int WORD_SIZE
Size of a platform word in bytes.
Functions for CPU features and intrinsics.
Abstract base classes that provide a uniform interface to this library.
Implementation of BufferedTransformation's attachment interface.
Classes and functions for schemes over GF(2^n)
Utility functions for the Crypto++ library.
unsigned int BitPrecision(const T &value)
Returns the number of bits required for a value.
unsigned int BytePrecision(const T &value)
Returns the number of 8-bit bytes or octets required for a value.
size_t BitsToWords(size_t bitCount)
Returns the number of words required for the specified number of bits.
T Crop(T value, size_t bits)
Truncates the value to the specified number of bits.
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
size_t BytesToWords(size_t byteCount)
Returns the number of words required for the specified number of bytes.
bool SafeConvert(T1 from, T2 &to)
Perform a conversion from from to to.
Crypto++ library namespace.
ASN.1 object identifiers for algorithms and schemes.
Class file for Randomness Pool.
Classes for automatic resource management.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Support functions for word operations.
void ShiftWordsRightByWords(word *r, size_t n, size_t shiftWords)
Right shift word array.
void XorWords(word *r, const word *a, const word *b, size_t n)
XOR word arrays.
void SetWords(word *r, word a, size_t n)
Set the value of words.
word ShiftWordsLeftByBits(word *r, size_t n, unsigned int shiftBits)
Left shift word array.
void ShiftWordsLeftByWords(word *r, size_t n, size_t shiftWords)
Left shift word array.
size_t CountWords(const word *x, size_t n)
Count the number of words.
word ShiftWordsRightByBits(word *r, size_t n, unsigned int shiftBits)
Right shift word array.
void CopyWords(word *r, const word *a, size_t n)
Copy word array.
void AndWords(word *r, const word *a, const word *b, size_t n)
AND word arrays.