Crypto++  8.2
Free C++ class library of cryptographic schemes
ecp.cpp
1 // ecp.cpp - originally written and placed in the public domain by Wei Dai
2 
3 #include "pch.h"
4 
5 #ifndef CRYPTOPP_IMPORTS
6 
7 #include "ecp.h"
8 #include "asn.h"
9 #include "integer.h"
10 #include "nbtheory.h"
11 #include "modarith.h"
12 #include "filters.h"
13 #include "algebra.cpp"
14 
15 ANONYMOUS_NAMESPACE_BEGIN
16 
17 using CryptoPP::ECP;
18 using CryptoPP::ModularArithmetic;
19 
20 #if defined(HAVE_GCC_INIT_PRIORITY)
21  const ECP::Point g_identity __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 51))) = ECP::Point();
22 #elif defined(HAVE_MSC_INIT_PRIORITY)
23  #pragma warning(disable: 4075)
24  #pragma init_seg(".CRT$XCU")
25  const ECP::Point g_identity;
26  #pragma warning(default: 4075)
27 #elif defined(HAVE_XLC_INIT_PRIORITY)
28  #pragma priority(290)
29  const ECP::Point g_identity;
30 #endif
31 
32 inline ECP::Point ToMontgomery(const ModularArithmetic &mr, const ECP::Point &P)
33 {
34  return P.identity ? P : ECP::Point(mr.ConvertIn(P.x), mr.ConvertIn(P.y));
35 }
36 
37 inline ECP::Point FromMontgomery(const ModularArithmetic &mr, const ECP::Point &P)
38 {
39  return P.identity ? P : ECP::Point(mr.ConvertOut(P.x), mr.ConvertOut(P.y));
40 }
41 
42 ANONYMOUS_NAMESPACE_END
43 
44 NAMESPACE_BEGIN(CryptoPP)
45 
46 ECP::ECP(const ECP &ecp, bool convertToMontgomeryRepresentation)
47 {
48  if (convertToMontgomeryRepresentation && !ecp.GetField().IsMontgomeryRepresentation())
49  {
50  m_fieldPtr.reset(new MontgomeryRepresentation(ecp.GetField().GetModulus()));
51  m_a = GetField().ConvertIn(ecp.m_a);
52  m_b = GetField().ConvertIn(ecp.m_b);
53  }
54  else
55  operator=(ecp);
56 }
57 
59  : m_fieldPtr(new Field(bt))
60 {
61  BERSequenceDecoder seq(bt);
62  GetField().BERDecodeElement(seq, m_a);
63  GetField().BERDecodeElement(seq, m_b);
64  // skip optional seed
65  if (!seq.EndReached())
66  {
67  SecByteBlock seed;
68  unsigned int unused;
69  BERDecodeBitString(seq, seed, unused);
70  }
71  seq.MessageEnd();
72 }
73 
75 {
76  GetField().DEREncode(bt);
77  DERSequenceEncoder seq(bt);
78  GetField().DEREncodeElement(seq, m_a);
79  GetField().DEREncodeElement(seq, m_b);
80  seq.MessageEnd();
81 }
82 
83 bool ECP::DecodePoint(ECP::Point &P, const byte *encodedPoint, size_t encodedPointLen) const
84 {
85  StringStore store(encodedPoint, encodedPointLen);
86  return DecodePoint(P, store, encodedPointLen);
87 }
88 
89 bool ECP::DecodePoint(ECP::Point &P, BufferedTransformation &bt, size_t encodedPointLen) const
90 {
91  byte type;
92  if (encodedPointLen < 1 || !bt.Get(type))
93  return false;
94 
95  switch (type)
96  {
97  case 0:
98  P.identity = true;
99  return true;
100  case 2:
101  case 3:
102  {
103  if (encodedPointLen != EncodedPointSize(true))
104  return false;
105 
106  Integer p = FieldSize();
107 
108  P.identity = false;
109  P.x.Decode(bt, GetField().MaxElementByteLength());
110  P.y = ((P.x*P.x+m_a)*P.x+m_b) % p;
111 
112  if (Jacobi(P.y, p) !=1)
113  return false;
114 
115  P.y = ModularSquareRoot(P.y, p);
116 
117  if ((type & 1) != P.y.GetBit(0))
118  P.y = p-P.y;
119 
120  return true;
121  }
122  case 4:
123  {
124  if (encodedPointLen != EncodedPointSize(false))
125  return false;
126 
127  unsigned int len = GetField().MaxElementByteLength();
128  P.identity = false;
129  P.x.Decode(bt, len);
130  P.y.Decode(bt, len);
131  return true;
132  }
133  default:
134  return false;
135  }
136 }
137 
138 void ECP::EncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
139 {
140  if (P.identity)
141  NullStore().TransferTo(bt, EncodedPointSize(compressed));
142  else if (compressed)
143  {
144  bt.Put((byte)(2U + P.y.GetBit(0)));
145  P.x.Encode(bt, GetField().MaxElementByteLength());
146  }
147  else
148  {
149  unsigned int len = GetField().MaxElementByteLength();
150  bt.Put(4U); // uncompressed
151  P.x.Encode(bt, len);
152  P.y.Encode(bt, len);
153  }
154 }
155 
156 void ECP::EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const
157 {
158  ArraySink sink(encodedPoint, EncodedPointSize(compressed));
159  EncodePoint(sink, P, compressed);
160  CRYPTOPP_ASSERT(sink.TotalPutLength() == EncodedPointSize(compressed));
161 }
162 
164 {
165  SecByteBlock str;
166  BERDecodeOctetString(bt, str);
167  Point P;
168  if (!DecodePoint(P, str, str.size()))
169  BERDecodeError();
170  return P;
171 }
172 
173 void ECP::DEREncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
174 {
175  SecByteBlock str(EncodedPointSize(compressed));
176  EncodePoint(str, P, compressed);
177  DEREncodeOctetString(bt, str);
178 }
179 
180 bool ECP::ValidateParameters(RandomNumberGenerator &rng, unsigned int level) const
181 {
182  Integer p = FieldSize();
183 
184  bool pass = p.IsOdd();
185  pass = pass && !m_a.IsNegative() && m_a<p && !m_b.IsNegative() && m_b<p;
186 
187  if (level >= 1)
188  pass = pass && ((4*m_a*m_a*m_a+27*m_b*m_b)%p).IsPositive();
189 
190  if (level >= 2)
191  pass = pass && VerifyPrime(rng, p);
192 
193  return pass;
194 }
195 
196 bool ECP::VerifyPoint(const Point &P) const
197 {
198  const FieldElement &x = P.x, &y = P.y;
199  Integer p = FieldSize();
200  return P.identity ||
201  (!x.IsNegative() && x<p && !y.IsNegative() && y<p
202  && !(((x*x+m_a)*x+m_b-y*y)%p));
203 }
204 
205 bool ECP::Equal(const Point &P, const Point &Q) const
206 {
207  if (P.identity && Q.identity)
208  return true;
209 
210  if (P.identity && !Q.identity)
211  return false;
212 
213  if (!P.identity && Q.identity)
214  return false;
215 
216  return (GetField().Equal(P.x,Q.x) && GetField().Equal(P.y,Q.y));
217 }
218 
219 const ECP::Point& ECP::Identity() const
220 {
221 #if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY) || defined(HAVE_XLC_INIT_PRIORITY)
222  return g_identity;
223 #elif defined(CRYPTOPP_CXX11_DYNAMIC_INIT)
224  static const ECP::Point g_identity;
225  return g_identity;
226 #else
227  return Singleton<Point>().Ref();
228 #endif
229 }
230 
231 const ECP::Point& ECP::Inverse(const Point &P) const
232 {
233  if (P.identity)
234  return P;
235  else
236  {
237  m_R.identity = false;
238  m_R.x = P.x;
239  m_R.y = GetField().Inverse(P.y);
240  return m_R;
241  }
242 }
243 
244 const ECP::Point& ECP::Add(const Point &P, const Point &Q) const
245 {
246  if (P.identity) return Q;
247  if (Q.identity) return P;
248  if (GetField().Equal(P.x, Q.x))
249  return GetField().Equal(P.y, Q.y) ? Double(P) : Identity();
250 
251  FieldElement t = GetField().Subtract(Q.y, P.y);
252  t = GetField().Divide(t, GetField().Subtract(Q.x, P.x));
253  FieldElement x = GetField().Subtract(GetField().Subtract(GetField().Square(t), P.x), Q.x);
254  m_R.y = GetField().Subtract(GetField().Multiply(t, GetField().Subtract(P.x, x)), P.y);
255 
256  m_R.x.swap(x);
257  m_R.identity = false;
258  return m_R;
259 }
260 
261 const ECP::Point& ECP::Double(const Point &P) const
262 {
263  if (P.identity || P.y==GetField().Identity()) return Identity();
264 
265  FieldElement t = GetField().Square(P.x);
266  t = GetField().Add(GetField().Add(GetField().Double(t), t), m_a);
267  t = GetField().Divide(t, GetField().Double(P.y));
268  FieldElement x = GetField().Subtract(GetField().Subtract(GetField().Square(t), P.x), P.x);
269  m_R.y = GetField().Subtract(GetField().Multiply(t, GetField().Subtract(P.x, x)), P.y);
270 
271  m_R.x.swap(x);
272  m_R.identity = false;
273  return m_R;
274 }
275 
276 template <class T, class Iterator> void ParallelInvert(const AbstractRing<T> &ring, Iterator begin, Iterator end)
277 {
278  size_t n = end-begin;
279  if (n == 1)
280  *begin = ring.MultiplicativeInverse(*begin);
281  else if (n > 1)
282  {
283  std::vector<T> vec((n+1)/2);
284  unsigned int i;
285  Iterator it;
286 
287  for (i=0, it=begin; i<n/2; i++, it+=2)
288  vec[i] = ring.Multiply(*it, *(it+1));
289  if (n%2 == 1)
290  vec[n/2] = *it;
291 
292  ParallelInvert(ring, vec.begin(), vec.end());
293 
294  for (i=0, it=begin; i<n/2; i++, it+=2)
295  {
296  if (!vec[i])
297  {
298  *it = ring.MultiplicativeInverse(*it);
299  *(it+1) = ring.MultiplicativeInverse(*(it+1));
300  }
301  else
302  {
303  std::swap(*it, *(it+1));
304  *it = ring.Multiply(*it, vec[i]);
305  *(it+1) = ring.Multiply(*(it+1), vec[i]);
306  }
307  }
308  if (n%2 == 1)
309  *it = vec[n/2];
310  }
311 }
312 
314 {
315  ProjectivePoint() {}
316  ProjectivePoint(const Integer &x, const Integer &y, const Integer &z)
317  : x(x), y(y), z(z) {}
318 
319  Integer x,y,z;
320 };
321 
323 {
324 public:
325  ProjectiveDoubling(const ModularArithmetic &m_mr, const Integer &m_a, const Integer &m_b, const ECPPoint &Q)
326  : mr(m_mr), firstDoubling(true), negated(false)
327  {
328  CRYPTOPP_UNUSED(m_b);
329  if (Q.identity)
330  {
331  sixteenY4 = P.x = P.y = mr.MultiplicativeIdentity();
332  aZ4 = P.z = mr.Identity();
333  }
334  else
335  {
336  P.x = Q.x;
337  P.y = Q.y;
338  sixteenY4 = P.z = mr.MultiplicativeIdentity();
339  aZ4 = m_a;
340  }
341  }
342 
343  void Double()
344  {
345  twoY = mr.Double(P.y);
346  P.z = mr.Multiply(P.z, twoY);
347  fourY2 = mr.Square(twoY);
348  S = mr.Multiply(fourY2, P.x);
349  aZ4 = mr.Multiply(aZ4, sixteenY4);
350  M = mr.Square(P.x);
351  M = mr.Add(mr.Add(mr.Double(M), M), aZ4);
352  P.x = mr.Square(M);
353  mr.Reduce(P.x, S);
354  mr.Reduce(P.x, S);
355  mr.Reduce(S, P.x);
356  P.y = mr.Multiply(M, S);
357  sixteenY4 = mr.Square(fourY2);
358  mr.Reduce(P.y, mr.Half(sixteenY4));
359  }
360 
361  const ModularArithmetic &mr;
362  ProjectivePoint P;
363  bool firstDoubling, negated;
364  Integer sixteenY4, aZ4, twoY, fourY2, S, M;
365 };
366 
367 struct ZIterator
368 {
369  ZIterator() {}
370  ZIterator(std::vector<ProjectivePoint>::iterator it) : it(it) {}
371  Integer& operator*() {return it->z;}
372  int operator-(ZIterator it2) {return int(it-it2.it);}
373  ZIterator operator+(int i) {return ZIterator(it+i);}
374  ZIterator& operator+=(int i) {it+=i; return *this;}
375  std::vector<ProjectivePoint>::iterator it;
376 };
377 
378 ECP::Point ECP::ScalarMultiply(const Point &P, const Integer &k) const
379 {
380  Element result;
381  if (k.BitCount() <= 5)
383  else
384  ECP::SimultaneousMultiply(&result, P, &k, 1);
385  return result;
386 }
387 
388 void ECP::SimultaneousMultiply(ECP::Point *results, const ECP::Point &P, const Integer *expBegin, unsigned int expCount) const
389 {
390  if (!GetField().IsMontgomeryRepresentation())
391  {
392  ECP ecpmr(*this, true);
393  const ModularArithmetic &mr = ecpmr.GetField();
394  ecpmr.SimultaneousMultiply(results, ToMontgomery(mr, P), expBegin, expCount);
395  for (unsigned int i=0; i<expCount; i++)
396  results[i] = FromMontgomery(mr, results[i]);
397  return;
398  }
399 
400  ProjectiveDoubling rd(GetField(), m_a, m_b, P);
401  std::vector<ProjectivePoint> bases;
402  std::vector<WindowSlider> exponents;
403  exponents.reserve(expCount);
404  std::vector<std::vector<word32> > baseIndices(expCount);
405  std::vector<std::vector<bool> > negateBase(expCount);
406  std::vector<std::vector<word32> > exponentWindows(expCount);
407  unsigned int i;
408 
409  for (i=0; i<expCount; i++)
410  {
411  CRYPTOPP_ASSERT(expBegin->NotNegative());
412  exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 5));
413  exponents[i].FindNextWindow();
414  }
415 
416  unsigned int expBitPosition = 0;
417  bool notDone = true;
418 
419  while (notDone)
420  {
421  notDone = false;
422  bool baseAdded = false;
423  for (i=0; i<expCount; i++)
424  {
425  if (!exponents[i].finished && expBitPosition == exponents[i].windowBegin)
426  {
427  if (!baseAdded)
428  {
429  bases.push_back(rd.P);
430  baseAdded =true;
431  }
432 
433  exponentWindows[i].push_back(exponents[i].expWindow);
434  baseIndices[i].push_back((word32)bases.size()-1);
435  negateBase[i].push_back(exponents[i].negateNext);
436 
437  exponents[i].FindNextWindow();
438  }
439  notDone = notDone || !exponents[i].finished;
440  }
441 
442  if (notDone)
443  {
444  rd.Double();
445  expBitPosition++;
446  }
447  }
448 
449  // convert from projective to affine coordinates
450  ParallelInvert(GetField(), ZIterator(bases.begin()), ZIterator(bases.end()));
451  for (i=0; i<bases.size(); i++)
452  {
453  if (bases[i].z.NotZero())
454  {
455  bases[i].y = GetField().Multiply(bases[i].y, bases[i].z);
456  bases[i].z = GetField().Square(bases[i].z);
457  bases[i].x = GetField().Multiply(bases[i].x, bases[i].z);
458  bases[i].y = GetField().Multiply(bases[i].y, bases[i].z);
459  }
460  }
461 
462  std::vector<BaseAndExponent<Point, Integer> > finalCascade;
463  for (i=0; i<expCount; i++)
464  {
465  finalCascade.resize(baseIndices[i].size());
466  for (unsigned int j=0; j<baseIndices[i].size(); j++)
467  {
468  ProjectivePoint &base = bases[baseIndices[i][j]];
469  if (base.z.IsZero())
470  finalCascade[j].base.identity = true;
471  else
472  {
473  finalCascade[j].base.identity = false;
474  finalCascade[j].base.x = base.x;
475  if (negateBase[i][j])
476  finalCascade[j].base.y = GetField().Inverse(base.y);
477  else
478  finalCascade[j].base.y = base.y;
479  }
480  finalCascade[j].exponent = Integer(Integer::POSITIVE, 0, exponentWindows[i][j]);
481  }
482  results[i] = GeneralCascadeMultiplication(*this, finalCascade.begin(), finalCascade.end());
483  }
484 }
485 
486 ECP::Point ECP::CascadeScalarMultiply(const Point &P, const Integer &k1, const Point &Q, const Integer &k2) const
487 {
488  if (!GetField().IsMontgomeryRepresentation())
489  {
490  ECP ecpmr(*this, true);
491  const ModularArithmetic &mr = ecpmr.GetField();
492  return FromMontgomery(mr, ecpmr.CascadeScalarMultiply(ToMontgomery(mr, P), k1, ToMontgomery(mr, Q), k2));
493  }
494  else
495  return AbstractGroup<Point>::CascadeScalarMultiply(P, k1, Q, k2);
496 }
497 
498 NAMESPACE_END
499 
500 #endif
const Integer & Double(const Integer &a) const
Doubles an element in the ring.
Definition: modarith.h:176
bool VerifyPoint(const Point &P) const
Verifies points on elliptic curve.
Definition: ecp.cpp:196
Integer & Reduce(Integer &a, const Integer &b) const
TODO.
Definition: integer.cpp:4609
bool Equal(const Integer &a, const Integer &b) const
Compare two elements for equality.
Definition: modarith.h:135
const Integer & Square(const Integer &a) const
Square an element in the ring.
Definition: modarith.h:197
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Definition: modarith.h:218
Restricts the instantiation of a class to one static object without locks.
Definition: misc.h:298
Elliptical Curve Point over GF(p), where p is prime.
Definition: ecpoint.h:20
virtual const Element & Subtract(const Element &a, const Element &b) const
Subtracts elements in the group.
Definition: algebra.cpp:20
virtual const Element & Multiply(const Element &a, const Element &b) const =0
Multiplies elements in the group.
Classes for Elliptic Curves over prime fields.
void MessageEnd()
Signals the end of messages to the object.
Definition: asn.cpp:538
Elliptic Curve over GF(p), where p is prime.
Definition: ecp.h:26
virtual Integer ConvertOut(const Integer &a) const
Reduces an element in the congruence class.
Definition: modarith.h:123
const Integer & Inverse(const Integer &a) const
Inverts the element in the ring.
Definition: integer.cpp:4626
bool InversionIsFast() const
Determine if inversion is fast.
Definition: ecp.h:75
const Integer & Subtract(const Integer &a, const Integer &b) const
Subtracts elements in the ring.
Definition: integer.cpp:4592
unsigned int MaxElementByteLength() const
Provides the maximum byte size of an element in the ring.
Definition: modarith.h:248
Square block cipher.
Definition: square.h:24
bool IsNegative() const
Determines if the Integer is negative.
Definition: integer.h:339
CRYPTOPP_DLL size_t CRYPTOPP_API DEREncodeOctetString(BufferedTransformation &bt, const byte *str, size_t strLen)
DER encode octet string.
Definition: asn.cpp:104
Ring of congruence classes modulo n.
Definition: modarith.h:43
Interface for random number generators.
Definition: cryptlib.h:1383
bool DecodePoint(Point &P, BufferedTransformation &bt, size_t len) const
Decodes an elliptic curve point.
Definition: ecp.cpp:89
SecBlock<byte> typedef.
Definition: secblock.h:1058
BER Sequence Decoder.
Definition: asn.h:403
Interface for buffered transformations.
Definition: cryptlib.h:1598
bool NotNegative() const
Determines if the Integer is non-negative.
Definition: integer.h:342
virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1, const Element &y, const Integer &e2) const
TODO.
Definition: algebra.cpp:97
const Integer & Add(const Integer &a, const Integer &b) const
Adds elements in the ring.
Definition: integer.cpp:4552
Abstract ring.
Definition: algebra.h:118
const Integer & Identity() const
Provides the Identity element.
Definition: modarith.h:140
const Point & Identity() const
Provides the Identity element.
Definition: ecp.cpp:219
void DEREncodeElement(BufferedTransformation &out, const Element &a) const
Encodes element in DER format.
Definition: integer.cpp:4531
Point CascadeScalarMultiply(const Point &P, const Integer &k1, const Point &Q, const Integer &k2) const
TODO.
Definition: ecp.cpp:486
const Point & Inverse(const Point &P) const
Inverts the element in the group.
Definition: ecp.cpp:231
Copy input to a memory buffer.
Definition: filters.h:1137
void BERDecodeElement(BufferedTransformation &in, Element &a) const
Decodes element in DER format.
Definition: integer.cpp:4536
Empty store.
Definition: filters.h:1258
bool EndReached() const
Determine end of stream.
Definition: asn.cpp:441
lword TransferTo(BufferedTransformation &target, lword transferMax=LWORD_MAX, const std::string &channel=DEFAULT_CHANNEL)
move transferMax bytes of the buffered output to target as input
Definition: cryptlib.h:1926
Point ScalarMultiply(const Point &P, const Integer &k) const
Performs a scalar multiplication.
Definition: ecp.cpp:378
size_t Put(byte inByte, bool blocking=true)
Input a byte for processing.
Definition: cryptlib.h:1620
const Integer & Multiply(const Integer &a, const Integer &b) const
Multiplies elements in the ring.
Definition: modarith.h:190
void swap(Integer &a)
Swaps this Integer with another Integer.
Definition: integer.cpp:3183
bool Equal(const Point &P, const Point &Q) const
Compare two points.
Definition: ecp.cpp:205
bool IsZero() const
Determines if the Integer is 0.
Definition: integer.h:333
CRYPTOPP_DLL Integer CRYPTOPP_API ModularSquareRoot(const Integer &a, const Integer &p)
Extract a modular square root.
Definition: nbtheory.cpp:572
virtual const Element & MultiplicativeInverse(const Element &a) const =0
Calculate the multiplicative inverse of an element in the group.
Multiple precision integer with arithmetic operations.
Definition: integer.h:49
Precompiled header file.
CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
DER decode bit string.
Definition: asn.cpp:191
const Integer & Half(const Integer &a) const
Divides an element by 2.
Definition: integer.cpp:4541
String-based implementation of Store interface.
Definition: filters.h:1196
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Definition: trap.h:69
void BERDecodeError()
Raises a BERDecodeErr.
Definition: asn.h:69
Abstract group.
Definition: algebra.h:26
virtual Integer ConvertIn(const Integer &a) const
Reduces an element in the congruence class.
Definition: modarith.h:115
Classes and functions for working with ANS.1 objects.
void DEREncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const
DER Encodes an elliptic curve point.
Definition: ecp.cpp:173
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
Definition: integer.cpp:3359
Implementation of BufferedTransformation's attachment interface.
void MessageEnd()
Signals the end of messages to the object.
Definition: asn.cpp:467
Classes and functions for number theoretic operations.
DER Sequence Encoder.
Definition: asn.h:435
CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
BER decode octet string.
Definition: asn.cpp:117
const Point & Double(const Point &P) const
Doubles an element in the group.
Definition: ecp.cpp:261
Performs modular arithmetic in Montgomery representation for increased speed.
Definition: modarith.h:295
void EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const
Encodes an elliptic curve point.
Definition: ecp.cpp:156
ECP()
Construct an ECP.
Definition: ecp.h:36
Multiple precision integer with arithmetic operations.
CRYPTOPP_DLL bool CRYPTOPP_API VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level=1)
Verifies a number is probably prime.
Definition: nbtheory.cpp:247
unsigned int EncodedPointSize(bool compressed=false) const
Determines encoded point size.
Definition: ecp.h:90
virtual size_t Get(byte &outByte)
Retrieve a 8-bit byte.
Definition: cryptlib.cpp:529
Class file for performing modular arithmetic.
Crypto++ library namespace.
void DEREncode(BufferedTransformation &bt) const
DER Encode.
Definition: ecp.cpp:74
const Integer & MultiplicativeIdentity() const
Retrieves the multiplicative identity.
Definition: modarith.h:182
Point BERDecodePoint(BufferedTransformation &bt) const
BER Decodes an elliptic curve point.
Definition: ecp.cpp:163
void SimultaneousMultiply(Point *results, const Point &base, const Integer *exponents, unsigned int exponentsCount) const
Multiplies a base to multiple exponents in a group.
Definition: ecp.cpp:388
const T & Ref(...) const
Return a reference to the inner Singleton object.
Definition: misc.h:319
size_type size() const
Provides the count of elements in the SecBlock.
Definition: secblock.h:797
lword TotalPutLength()
Provides the number of bytes written to the Sink.
Definition: filters.h:1160
void DEREncode(BufferedTransformation &bt) const
Encodes in DER format.
Definition: integer.cpp:4523
const Point & Add(const Point &P, const Point &Q) const
Adds elements in the group.
Definition: ecp.cpp:244
the value is positive or 0
Definition: integer.h:75
bool IsOdd() const
Determines if the Integer is odd parity.
Definition: integer.h:354
CRYPTOPP_DLL int CRYPTOPP_API Jacobi(const Integer &a, const Integer &b)
Calculate the Jacobi symbol.
Definition: nbtheory.cpp:792