13 #if !defined(NDEBUG) && !defined(CRYPTOPP_IS_DLL)
15 NAMESPACE_BEGIN(CryptoPP)
16 void RSA_TestInstantiations()
39 #ifndef CRYPTOPP_IMPORTS
41 NAMESPACE_BEGIN(CryptoPP)
45 return ASN1::rsaEncryption();
67 return a_exp_b_mod_c(x, m_e, m_n);
74 pass = pass && m_e >
Integer::One() && m_e.IsOdd() && m_e < m_n;
80 return GetValueHelper(
this, name, valueType, pValue).Assignable()
81 CRYPTOPP_GET_FUNCTION_ENTRY(Modulus)
82 CRYPTOPP_GET_FUNCTION_ENTRY(PublicExponent)
88 AssignFromHelper(
this, source)
89 CRYPTOPP_SET_FUNCTION_ENTRY(Modulus)
90 CRYPTOPP_SET_FUNCTION_ENTRY(PublicExponent)
100 bool IsAcceptable(
const Integer &candidate)
const {
return RelativelyPrime(m_e, candidate-
Integer::One());}
106 int modulusSize = 2048;
109 if (modulusSize < 16)
110 throw InvalidArgument(
"InvertibleRSAFunction: specified modulus size is too small");
114 if (m_e < 3 || m_e.IsEven())
115 throw InvalidArgument(
"InvertibleRSAFunction: invalid public exponent");
120 m_p.GenerateRandom(rng, primeParam);
121 m_q.GenerateRandom(rng, primeParam);
124 assert(m_d.IsPositive());
126 m_dp = m_d % (m_p-1);
127 m_dq = m_d % (m_q-1);
135 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
139 EncryptionPairwiseConsistencyTest_FIPS_140_Only(encryptor, decryptor);
150 if (n.IsEven() || e.IsEven() | d.IsEven())
151 throw InvalidArgument(
"InvertibleRSAFunction: input is not a valid RSA private key");
168 Integer a = modn.Exponentiate(i, r);
180 m_dp = m_d % (m_p-1);
181 m_dq = m_d % (m_q-1);
186 throw InvalidArgument(
"InvertibleRSAFunction: input is not a valid RSA private key");
196 BERDecodeUnsigned<word32>(privateKey, version, INTEGER, 0, 0);
197 m_n.BERDecode(privateKey);
198 m_e.BERDecode(privateKey);
199 m_d.BERDecode(privateKey);
200 m_p.BERDecode(privateKey);
201 m_q.BERDecode(privateKey);
202 m_dp.BERDecode(privateKey);
203 m_dq.BERDecode(privateKey);
204 m_u.BERDecode(privateKey);
205 privateKey.MessageEnd();
211 DEREncodeUnsigned<word32>(privateKey, 0);
220 privateKey.MessageEnd();
225 DoQuickSanityCheck();
231 }
while (rInv.IsZero());
232 Integer re = modn.Exponentiate(r, m_e);
233 re = modn.Multiply(re, x);
236 Integer y = ModularRoot(re, m_dq, m_dp, m_q, m_p, m_u);
237 y = modn.Multiply(y, rInv);
238 if (modn.Exponentiate(y, m_e) != x)
246 pass = pass && m_p >
Integer::One() && m_p.IsOdd() && m_p < m_n;
247 pass = pass && m_q >
Integer::One() && m_q.IsOdd() && m_q < m_n;
248 pass = pass && m_d >
Integer::One() && m_d.IsOdd() && m_d < m_n;
249 pass = pass && m_dp >
Integer::One() && m_dp.IsOdd() && m_dp < m_p;
250 pass = pass && m_dq >
Integer::One() && m_dq.IsOdd() && m_dq < m_q;
251 pass = pass && m_u.IsPositive() && m_u < m_p;
254 pass = pass && m_p * m_q == m_n;
255 pass = pass && m_e*m_d % LCM(m_p-1, m_q-1) == 1;
256 pass = pass && m_dp == m_d%(m_p-1) && m_dq == m_d%(m_q-1);
257 pass = pass && m_u * m_q % m_p == 1;
260 pass = pass && VerifyPrime(rng, m_p, level-2) && VerifyPrime(rng, m_q, level-2);
266 return GetValueHelper<RSAFunction>(
this, name, valueType, pValue).Assignable()
267 CRYPTOPP_GET_FUNCTION_ENTRY(Prime1)
268 CRYPTOPP_GET_FUNCTION_ENTRY(Prime2)
269 CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent)
270 CRYPTOPP_GET_FUNCTION_ENTRY(ModPrime1PrivateExponent)
271 CRYPTOPP_GET_FUNCTION_ENTRY(ModPrime2PrivateExponent)
272 CRYPTOPP_GET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
278 AssignFromHelper<RSAFunction>(
this, source)
279 CRYPTOPP_SET_FUNCTION_ENTRY(Prime1)
280 CRYPTOPP_SET_FUNCTION_ENTRY(Prime2)
281 CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent)
282 CRYPTOPP_SET_FUNCTION_ENTRY(ModPrime1PrivateExponent)
283 CRYPTOPP_SET_FUNCTION_ENTRY(ModPrime2PrivateExponent)
284 CRYPTOPP_SET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
292 Integer t = RSAFunction::ApplyFunction(x);
293 return t % 16 == 12 ? t : m_n - t;
298 Integer t = InvertibleRSAFunction::CalculateInverse(rng, x);
299 return STDMIN(t, m_n-t);
base class for all exceptions thrown by Crypto++
exception thrown when an invalid argument is detected
T GetValueWithDefault(const char *name, T defaultValue) const
get a named value, returns the default if the name doesn't exist
void DEREncodePublicKey(BufferedTransformation &bt) const
encode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
some error not belong to any of the above categories
ring of congruence classes modulo n
interface for random number generators
Integer MultiplicativeInverse() const
return inverse if 1 or -1, otherwise return 0
static const Integer & One()
avoid calling constructors for these frequently used integers
bool GetIntValue(const char *name, int &value) const
get a named value with type int
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
bool FIPS_140_2_ComplianceEnabled()
returns whether FIPS 140-2 compliance features were enabled at compile time
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
check this object for errors
const char * PublicExponent()
Integer.
void AssignFrom(const NameValuePairs &source)
assign values from source to this object
multiple precision integer and basic arithmetics
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
void AssignFrom(const NameValuePairs &source)
assign values from source to this object
RandomNumberGenerator & NullRNG()
returns a reference that can be passed to functions that ask for a RNG but doesn't actually use it ...
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
to be implemented by derived classes, users should use one of the above functions instead ...
const char * PointerToPrimeSelector()
const PrimeSelector *
const char * KeySize()
int, in bits
void DEREncode(BufferedTransformation &bt) const
encode using Distinguished Encoding Rules, put result into a BufferedTransformation object ...
This file contains classes that implement the RSA ciphers and signature schemes as defined in PKCS #1...
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
to be implemented by derived classes, users should use one of the above functions instead ...
Integer InverseMod(const Integer &n) const
calculate multiplicative inverse of *this mod n
const char * ModulusSize()
int, in bits
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
check this object for errors
interface for retrieving values given their names
A template implementing constructors for public key algorithm classes.