4 #ifndef CRYPTOPP_HMQV_H
5 #define CRYPTOPP_HMQV_H
22 template <
class GROUP_PARAMETERS,
class COFACTOR_OPTION =
typename GROUP_PARAMETERS::DefaultCofactorOption,
class HASH = SHA512>
26 typedef GROUP_PARAMETERS GroupParameters;
27 typedef typename GroupParameters::Element Element;
32 HMQV_Domain(
bool clientRole =
true): m_role(clientRole ? RoleClient : RoleServer) {}
34 HMQV_Domain(
const GroupParameters ¶ms,
bool clientRole =
true)
35 : m_role(clientRole ? RoleClient : RoleServer), m_groupParameters(params) {}
38 : m_role(clientRole ? RoleClient : RoleServer)
39 {m_groupParameters.BERDecode(bt);}
43 : m_role(clientRole ? RoleClient : RoleServer)
44 {m_groupParameters.Initialize(v1);}
46 template <
class T1,
class T2>
48 : m_role(clientRole ? RoleClient : RoleServer)
49 {m_groupParameters.Initialize(v1, v2);}
51 template <
class T1,
class T2,
class T3>
52 HMQV_Domain(T1 v1, T2 v2, T3 v3,
bool clientRole =
true)
53 : m_role(clientRole ? RoleClient : RoleServer)
54 {m_groupParameters.Initialize(v1, v2, v3);}
56 template <
class T1,
class T2,
class T3,
class T4>
57 HMQV_Domain(T1 v1, T2 v2, T3 v3, T4 v4,
bool clientRole =
true)
58 : m_role(clientRole ? RoleClient : RoleServer)
59 {m_groupParameters.Initialize(v1, v2, v3, v4);}
63 const GroupParameters & GetGroupParameters()
const {
return m_groupParameters;}
64 GroupParameters & AccessGroupParameters(){
return m_groupParameters;}
69 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
110 CRYPTOPP_UNUSED(rng);
124 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
125 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
126 bool validateStaticOtherPublicKey=
true)
const
128 byte *XX = NULLPTR, *YY = NULLPTR, *AA = NULLPTR, *BB = NULLPTR;
129 size_t xxs = 0, yys = 0, aas = 0, bbs = 0;
140 if(m_role == RoleServer)
146 XX =
const_cast<byte*
>(ephemeralOtherPublicKey);
150 AA =
const_cast<byte*
>(staticOtherPublicKey);
155 else if(m_role == RoleClient)
163 YY =
const_cast<byte*
>(ephemeralOtherPublicKey);
167 BB =
const_cast<byte*
>(staticOtherPublicKey);
179 Element VV1 = params.
DecodeElement(staticOtherPublicKey,
false);
180 if(!params.
ValidateElement(validateStaticOtherPublicKey ? 3 : 1, VV1, NULLPTR))
185 Element VV2 = params.
DecodeElement(ephemeralOtherPublicKey,
false);
191 const unsigned int len = (((q.
BitCount()+1)/2 +7)/8);
197 Hash(NULLPTR, XX, xxs, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
198 d.Decode(dd.BytePtr(), dd.SizeInBytes());
205 if(m_role == RoleServer)
215 Element t2 = m_groupParameters.MultiplyElements(X, t1);
230 Element t2 = m_groupParameters.MultiplyElements(Y, t1);
248 inline void Hash(
const Element* sigma,
249 const byte* e1,
size_t e1len,
250 const byte* s1,
size_t s1len,
251 byte* digest,
size_t dlen)
const
254 size_t idx = 0, req = dlen;
255 size_t blk =
STDMIN(dlen, (
size_t)HASH::DIGESTSIZE);
259 if (e1len != 0 || s1len != 0) {
262 Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
264 x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
265 hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
267 if (e1len == 0 || s1len == 0) {
270 hash.Update(e1, e1len);
271 hash.Update(s1, s1len);
274 hash.TruncatedFinal(digest, blk);
280 hash.Update(&digest[idx], (
size_t)HASH::DIGESTSIZE);
282 idx += (size_t)HASH::DIGESTSIZE;
283 blk =
STDMIN(req, (
size_t)HASH::DIGESTSIZE);
284 hash.TruncatedFinal(&digest[idx], blk);
293 enum KeyAgreementRole{ RoleServer = 1, RoleClient };
298 GroupParameters m_groupParameters;
299 KeyAgreementRole m_role;