I am writing the following code for scalar multiplication in elliptic curve in c++. The code runs when i don\'t initialize the value of the point. But when i do, it gives me the
ERROR: CryptoPP::ECP::GetField(...) returned nullptr.
For Crypto++ you need to load a curve. Based on the code you posted it does not look like that has been done. Loading the curve loads the domain parameters for the curve. In the case of a curve over a prime field the domain parameters are {a,b,p,G,n,h}
, where a
and b
are coefficients, p
modulus, G
is the basepoint with order N, n
is the order and h
is the cofactor. You can see them in eccrypto.cpp.
For secp521r1
the easiest way to do it is probably along the lines of the following. secp256r1
was used to make the output smaller, but you should use secp521r1
#include "integer.h"
#include "eccrypto.h"
#include "osrng.h"
#include "oids.h"
int main(int argc, char* argv[])
using namespace CryptoPP;
typedef DL_GroupParameters_EC GroupParameters;
typedef DL_GroupParameters_EC::Element Element;
AutoSeededRandomPool prng;
GroupParameters group;
// private key
Integer x(prng, Integer::One(), group.GetMaxExponent());
std::cout << "Private exponent:" << std::endl;
std::cout << " " << std::hex << x << std::endl;
// public key
Element y = group.ExponentiateBase(x);
std::cout << "Public element:" << std::endl;
std::cout << " " << std::hex << y.x << std::endl;
std::cout << " " << std::hex << y.y << std::endl;
// element addition
Element u = group.GetCurve().Add(y, ECP::Point(2,3));
std::cout << "Add:" << std::endl;
std::cout << " " << std::hex << u.x << std::endl;
std::cout << " " << std::hex << u.y << std::endl;
// scalar multiplication
Element v = group.GetCurve().ScalarMultiply(u, Integer::Two());
std::cout << "Mult:" << std::endl;
std::cout << " " << std::hex << v.x << std::endl;
std::cout << " " << std::hex << v.y << std::endl;
return 0;
Compile the code with g++ test.cxx ./libcryptopp.a -o test.exe
Running the code produces:
$ ./test.exe
Private exponent:
Public element:
The DL_GroupParameters_EC
looks unusual because you are into lower-level base interfaces. I think that's where you want to be based on your sample code.
In general the hierarchy of objects with respect to the EC gear is/are shown below. It uses both an "is a" or "has a" relationships. For example, a Signer and Decryptor each "has a" Private Key. A Private Key "is a" GroupParameters.
+- Public key
+- Group parameters
+- Curve
+- Field
+- Private key
+- Group parameters
+- Curve
+- Field
+- Public key
+- Group parameters
+- Curve
+- Field
+- Private key
+- Group parameters
+- Curve
+- Field
For example, the Signer is the protocol, and implements everything you need in a single package. Below the Signer is the Private Key, and it performs the multiplication and exponentiation. Below the Private Key is the field and the curve. And so on until you get to the coefficients and modulus.
With that said, you usually want to use one of the higher level objects. Most folks use Encryptors, Decryptors, Public Keys and Private Keys. Most folks don't need to go below, like into objects like GroupParameters or Curves.
You might also be interested in the Crypto++ Manual and Elliptic Curve Cryptography in the Crypto++ wiki.