3 #ifndef CRYPTOPP_PUBKEY_H 4 #define CRYPTOPP_PUBKEY_H 39 #if CRYPTOPP_MSC_VERSION 40 # pragma warning(push) 41 # pragma warning(disable: 4702) 72 virtual ~TrapdoorFunctionBounds() {}
77 virtual Integer PreimageBound()
const =0;
81 virtual Integer ImageBound()
const =0;
116 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 130 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 142 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
197 {
return CalculateInverse(rng, x);}
216 virtual bool ParameterSupported(
const char *name)
const 217 {CRYPTOPP_UNUSED(name);
return false;}
220 virtual size_t MaxUnpaddedLength(
size_t paddedLength)
const =0;
233 template <
class TFI,
class MEI>
239 typedef TFI TrapdoorFunctionInterface;
240 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
242 typedef MEI MessageEncodingInterface;
243 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
245 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 255 template <
class BASE>
259 size_t MaxPlaintextLength(
size_t ciphertextLength)
const 260 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
261 size_t CiphertextLength(
size_t plaintextLength)
const 262 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
264 virtual size_t FixedMaxPlaintextLength()
const =0;
265 virtual size_t FixedCiphertextLength()
const =0;
267 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 276 template <
class INTERFACE,
class BASE>
280 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
281 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
282 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
285 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
287 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
289 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 301 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 313 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 320 typedef std::pair<const byte *, size_t> HashIdentifier;
333 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const 334 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
335 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const 336 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
338 bool IsProbabilistic()
const 340 bool AllowNonrecoverablePart()
const 341 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
342 virtual bool RecoverablePartFirst()
const 343 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
346 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const 347 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
351 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 const byte *presignature,
size_t presignatureLength,
355 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
356 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
357 if (RecoverablePartFirst())
358 assert(!
"ProcessRecoverableMessage() not implemented");
362 const byte *recoverableMessage,
size_t recoverableMessageLength,
364 byte *representative,
size_t representativeBitLength)
const =0;
366 virtual bool VerifyMessageRepresentative(
368 byte *representative,
size_t representativeBitLength)
const =0;
372 byte *representative,
size_t representativeBitLength,
373 byte *recoveredMessage)
const 374 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
375 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
376 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
380 const byte *presignature,
size_t presignatureLength,
381 const byte *semisignature,
size_t semisignatureLength,
382 byte *recoveredMessage)
const 383 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
384 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
385 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
392 static HashIdentifier CRYPTOPP_API Lookup()
394 return HashIdentifier((
const byte *)NULL, 0);
407 bool VerifyMessageRepresentative(
409 byte *representative,
size_t representativeBitLength)
const;
419 bool VerifyMessageRepresentative(
421 byte *representative,
size_t representativeBitLength)
const;
432 const byte *recoverableMessage,
size_t recoverableMessageLength,
434 byte *representative,
size_t representativeBitLength)
const;
445 const byte *recoverableMessage,
size_t recoverableMessageLength,
447 byte *representative,
size_t representativeBitLength)
const;
461 void Update(
const byte *input,
size_t length)
463 AccessHash().Update(input, length);
464 m_empty = m_empty && length == 0;
467 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
476 template <
class HASH_ALGORITHM>
484 template <
class INTERFACE,
class BASE>
488 size_t SignatureLength()
const 489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const 491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const 493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const 496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const 498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const 500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
502 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 507 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
509 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
510 virtual HashIdentifier GetHashIdentifier()
const =0;
511 virtual size_t GetDigestSize()
const =0;
518 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
521 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 530 void InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
size_t signatureLength)
const;
534 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 542 template <
class T1,
class T2,
class T3>
545 typedef T1 AlgorithmInfo;
548 typedef typename Keys::PublicKey
PublicKey;
549 typedef T3 MessageEncodingMethod;
553 template <
class T1,
class T2,
class T3,
class T4>
556 typedef T4 HashFunction;
560 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
564 typedef SCHEME_OPTIONS SchemeOptions;
565 typedef KEY_CLASS KeyClass;
567 PublicKey & AccessPublicKey() {
return AccessKey();}
568 const PublicKey & GetPublicKey()
const {
return GetKey();}
570 PrivateKey & AccessPrivateKey() {
return AccessKey();}
571 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
573 virtual const KeyClass & GetKey()
const =0;
574 virtual KeyClass & AccessKey() =0;
576 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
580 CRYPTOPP_UNUSED(rng);
588 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const 597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const 601 HashIdentifier GetHashIdentifier()
const 603 typedef CPP_TYPENAME SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<CPP_TYPENAME SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const 608 typedef CPP_TYPENAME SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
614 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
619 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
621 const KEY & GetKey()
const {
return *m_pKey;}
622 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
624 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 633 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
637 typedef KEY_CLASS KeyClass;
639 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
640 KeyClass & AccessKey() {
return m_trapdoorFunction;}
642 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 647 KeyClass m_trapdoorFunction;
651 template <
class SCHEME_OPTIONS>
657 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
669 template <
class SCHEME_OPTIONS>
681 virtual void GenerateAndMask(
HashTransformation &hash, byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
bool mask =
true)
const =0;
684 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash, byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
690 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "MGF1";}
691 void GenerateAndMask(
HashTransformation &hash, byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
bool mask =
true)
const 693 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULL, 0, mask, 0);
704 static void CRYPTOPP_API DeriveKey(byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
707 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
734 if (!GetBasePrecomputation().IsInitialized())
737 if (m_validationLevel > level)
740 bool pass = ValidateGroup(rng, level);
741 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
743 m_validationLevel = pass ? level+1 : 0;
748 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 750 return GetValueHelper(
this, name, valueType, pValue)
760 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
765 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
766 m_validationLevel = 0;
771 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
775 virtual const Element & GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
776 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
777 virtual Element ExponentiateBase(
const Integer &exponent)
const 779 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
781 virtual Element ExponentiateElement(
const Element &base,
const Integer &exponent)
const 784 SimultaneousExponentiate(&result, base, &exponent, 1);
791 virtual const Integer & GetSubgroupOrder()
const =0;
792 virtual Integer GetMaxExponent()
const =0;
793 virtual Integer GetGroupOrder()
const {
return GetSubgroupOrder()*GetCofactor();}
794 virtual Integer GetCofactor()
const {
return GetGroupOrder()/GetSubgroupOrder();}
795 virtual unsigned int GetEncodedElementSize(
bool reversible)
const =0;
796 virtual void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const =0;
797 virtual Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
798 virtual Integer ConvertElementToInteger(
const Element &element)
const =0;
801 virtual bool FastSubgroupCheckAvailable()
const =0;
802 virtual bool IsIdentity(
const Element &element)
const =0;
803 virtual void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const =0;
805 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 810 void ParametersChanged() {m_validationLevel = 0;}
813 mutable unsigned int m_validationLevel;
817 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<CPP_TYPENAME GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<CPP_TYPENAME GROUP_PRECOMP::Element> >
821 typedef GROUP_PRECOMP GroupPrecomputation;
822 typedef typename GROUP_PRECOMP::Element Element;
823 typedef BASE_PRECOMP BasePrecomputation;
829 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 834 GROUP_PRECOMP m_groupPrecomputation;
856 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 858 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
865 virtual const Element & GetPublicElement()
const {
return GetPublicPrecomputation().GetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation());}
866 virtual void SetPublicElement(
const Element &y) {AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
867 virtual Element ExponentiatePublicElement(
const Integer &exponent)
const 870 return GetPublicPrecomputation().Exponentiate(params.GetGroupPrecomputation(), exponent);
872 virtual Element CascadeExponentiateBaseAndPublicElement(
const Integer &baseExp,
const Integer &publicExp)
const 875 return params.GetBasePrecomputation().CascadeExponentiate(params.GetGroupPrecomputation(), baseExp, GetPublicPrecomputation(), publicExp);
881 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 897 pub.AccessAbstractGroupParameters().AssignFrom(this->GetAbstractGroupParameters());
898 pub.SetPublicElement(this->GetAbstractGroupParameters().ExponentiateBase(GetPrivateExponent()));
901 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 903 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
909 this->AccessAbstractGroupParameters().AssignFrom(source);
910 AssignFromHelper(
this, source)
914 virtual const Integer & GetPrivateExponent()
const =0;
915 virtual void SetPrivateExponent(
const Integer &x) =0;
917 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 927 pPrivateKey->MakePublicKey(*
this);
930 this->AccessAbstractGroupParameters().AssignFrom(source);
931 AssignFromHelper(
this, source)
939 template <
class PK,
class GP,
class O = OID>
943 typedef GP GroupParameters;
945 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
951 {AccessGroupParameters().BERDecode(bt);
return true;}
953 {GetGroupParameters().DEREncode(bt);
return true;}
955 const GP & GetGroupParameters()
const {
return m_groupParameters;}
956 GP & AccessGroupParameters() {
return m_groupParameters;}
959 GP m_groupParameters;
970 typedef typename GP::Element Element;
975 bool pass = GetAbstractGroupParameters().Validate(rng, level);
977 const Integer &q = GetAbstractGroupParameters().GetSubgroupOrder();
978 const Integer &x = GetPrivateExponent();
980 pass = pass && x.IsPositive() && x < q;
986 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 988 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
993 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
999 this->AccessGroupParameters().GenerateRandom(rng, params);
1004 SetPrivateExponent(x);
1010 {AccessAbstractGroupParameters().Precompute(precomputationStorage);}
1013 {AccessAbstractGroupParameters().LoadPrecomputation(storedPrecomputation);}
1016 {GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);}
1023 const Integer & GetPrivateExponent()
const {
return m_x;}
1024 void SetPrivateExponent(
const Integer &x) {m_x = x;}
1028 {m_x.BERDecode(bt);}
1030 {m_x.DEREncode(bt);}
1037 template <
class BASE,
class SIGNATURE_SCHEME>
1043 BASE::GenerateRandom(rng, params);
1047 typename SIGNATURE_SCHEME::Signer signer(*
this);
1048 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1049 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1059 typedef typename GP::Element Element;
1064 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1065 pass = pass && GetAbstractGroupParameters().ValidateElement(level, this->GetPublicElement(), &GetPublicPrecomputation());
1069 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 1071 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1076 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1083 AccessAbstractGroupParameters().Precompute(precomputationStorage);
1084 AccessPublicPrecomputation().Precompute(GetAbstractGroupParameters().GetGroupPrecomputation(), GetAbstractGroupParameters().GetSubgroupOrder().BitCount(), precomputationStorage);
1089 AccessAbstractGroupParameters().LoadPrecomputation(storedPrecomputation);
1090 AccessPublicPrecomputation().Load(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1095 GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);
1096 GetPublicPrecomputation().Save(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1109 {
return this->GetGroupParameters() == rhs.GetGroupParameters() && this->GetPublicElement() == rhs.GetPublicElement();}
1112 typename GP::BasePrecomputation m_ypc;
1124 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1125 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1128 {
return params.GetSubgroupOrder().
ByteCount();}
1130 {
return params.GetSubgroupOrder().
ByteCount();}
1141 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1143 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1153 virtual bool ParameterSupported(
const char *name)
const 1154 {CRYPTOPP_UNUSED(name);
return false;}
1155 virtual void Derive(
const DL_GroupParameters<T> &groupParams, byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1157 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1166 virtual bool ParameterSupported(
const char *name)
const 1167 {CRYPTOPP_UNUSED(name);
return false;}
1168 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1169 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1170 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1171 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength, byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1172 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength, byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1174 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1184 typedef KI KeyInterface;
1185 typedef typename KI::Element Element;
1190 virtual KeyInterface & AccessKeyInterface() =0;
1191 virtual const KeyInterface & GetKeyInterface()
const =0;
1193 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1199 template <
class INTERFACE,
class KEY_INTERFACE>
1203 size_t SignatureLength()
const 1205 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1206 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1208 size_t MaxRecoverableLength()
const 1209 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1210 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const 1211 {CRYPTOPP_UNUSED(signatureLength); assert(
false);
return 0;}
1213 bool IsProbabilistic()
const 1215 bool AllowNonrecoverablePart()
const 1216 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1217 bool RecoverablePartFirst()
const 1218 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1220 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1225 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1226 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1230 virtual HashIdentifier GetHashIdentifier()
const =0;
1231 virtual size_t GetDigestSize()
const =0;
1246 r = params.ConvertElementToInteger(params.ExponentiateBase(k));
1247 alg.Sign(params, key.GetPrivateExponent(), k, e, r, s);
1250 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const 1253 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1254 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1255 recoverableMessage, recoverableMessageLength,
1256 ma.m_presignature, ma.m_presignature.
size(),
1257 ma.m_semisignature);
1262 this->GetMaterial().DoQuickSanityCheck();
1269 SecByteBlock representative(this->MessageRepresentativeLength());
1270 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1272 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1273 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1274 representative, this->MessageRepresentativeBitLength());
1282 Integer k(rng, 1, params.GetSubgroupOrder()-1);
1284 r = params.ConvertElementToInteger(params.ExponentiateBase(k));
1285 alg.Sign(params, key.GetPrivateExponent(), k, e, r, s);
1296 size_t rLen = alg.RLen(params);
1297 r.Encode(signature, rLen);
1298 s.Encode(signature+rLen, alg.SLen(params));
1301 RestartMessageAccumulator(rng, ma);
1303 return this->SignatureLength();
1306 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1324 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1335 CRYPTOPP_UNUSED(signature); CRYPTOPP_UNUSED(signatureLength);
1340 size_t rLen = alg.RLen(params);
1341 ma.m_semisignature.
Assign(signature, rLen);
1342 ma.m_s.
Decode(signature+rLen, alg.SLen(params));
1344 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1349 this->GetMaterial().DoQuickSanityCheck();
1356 SecByteBlock representative(this->MessageRepresentativeLength());
1357 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1358 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1359 representative, this->MessageRepresentativeBitLength());
1363 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1364 return alg.Verify(params, key, e, r, ma.m_s);
1369 this->GetMaterial().DoQuickSanityCheck();
1376 SecByteBlock representative(this->MessageRepresentativeLength());
1377 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1379 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1380 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1381 representative, this->MessageRepresentativeBitLength());
1385 ma.m_presignature.
New(params.GetEncodedElementSize(
false));
1386 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1387 alg.RecoverPresignature(params, key, r, ma.m_s).
Encode(ma.m_presignature, ma.m_presignature.
size());
1389 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1390 ma.AccessHash(), this->GetHashIdentifier(),
1391 ma.m_presignature, ma.m_presignature.
size(),
1392 ma.m_semisignature, ma.m_semisignature.
size(),
1396 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1402 template <
class PK,
class KI>
1406 typedef typename DL_Base<KI>::Element Element;
1408 size_t MaxPlaintextLength(
size_t ciphertextLength)
const 1410 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1411 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1414 size_t CiphertextLength(
size_t plaintextLength)
const 1416 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1417 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1420 bool ParameterSupported(
const char *name)
const 1421 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1423 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1444 CRYPTOPP_UNUSED(rng);
1451 Element q = params.DecodeElement(ciphertext,
true);
1452 size_t elementSize = params.GetEncodedElementSize(
true);
1453 ciphertext += elementSize;
1454 ciphertextLength -= elementSize;
1456 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.GetPrivateExponent());
1458 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1459 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1461 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1469 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1490 Element q = params.ExponentiateBase(x);
1491 params.EncodeElement(
true, q, ciphertext);
1492 unsigned int elementSize = params.GetEncodedElementSize(
true);
1493 ciphertext += elementSize;
1495 Element z = agreeAlg.AgreeWithEphemeralPrivateKey(params, key.GetPublicPrecomputation(), x);
1497 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1498 derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
1500 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1503 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1509 template <
class T1,
class T2>
1512 typedef T1 AlgorithmInfo;
1513 typedef T2 GroupParameters;
1514 typedef typename GroupParameters::Element Element;
1518 template <
class T1,
class T2>
1522 typedef typename Keys::PrivateKey
PrivateKey;
1523 typedef typename Keys::PublicKey
PublicKey;
1527 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1530 typedef T3 SignatureAlgorithm;
1531 typedef T4 MessageEncodingMethod;
1532 typedef T5 HashFunction;
1536 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1540 typedef T4 KeyDerivationAlgorithm;
1541 typedef T5 SymmetricEncryptionAlgorithm;
1545 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1549 typedef SCHEME_OPTIONS SchemeOptions;
1550 typedef typename KEY::Element Element;
1552 PrivateKey & AccessPrivateKey() {
return m_key;}
1553 PublicKey & AccessPublicKey() {
return m_key;}
1556 const KEY & GetKey()
const {
return m_key;}
1557 KEY & AccessKey() {
return m_key;}
1559 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1564 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1565 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1568 HashIdentifier GetHashIdentifier()
const 1570 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1571 return HashLookup::template HashIdentifierLookup2<CPP_TYPENAME SchemeOptions::HashFunction>::Lookup();
1573 size_t GetDigestSize()
const 1575 typedef CPP_TYPENAME SchemeOptions::HashFunction H;
1576 return H::DIGESTSIZE;
1584 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1588 typedef typename KEY::Element Element;
1590 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1603 HashIdentifier GetHashIdentifier()
const 1604 {
return HashIdentifier();}
1610 template <
class SCHEME_OPTIONS>
1617 this->RestartMessageAccumulator(rng, *p);
1623 template <
class SCHEME_OPTIONS>
1634 template <
class SCHEME_OPTIONS>
1640 template <
class SCHEME_OPTIONS>
1654 CryptoParameters & AccessCryptoParameters() {
return AccessAbstractGroupParameters();}
1655 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
1656 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
1657 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
1662 x.
Encode(privateKey, PrivateKeyLength());
1667 CRYPTOPP_UNUSED(rng);
1669 Integer x(privateKey, PrivateKeyLength());
1670 Element y = params.ExponentiateBase(x);
1671 params.EncodeElement(
true, y, publicKey);
1674 bool Agree(byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const 1679 Integer x(privateKey, PrivateKeyLength());
1680 Element w = params.DecodeElement(otherPublicKey, validateOtherPublicKey);
1682 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
1683 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
1684 params.EncodeElement(
false, z, agreedValue);
1693 const Element &GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
1695 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1705 enum CofactorMultiplicationOption {NO_COFACTOR_MULTIPLICTION, COMPATIBLE_COFACTOR_MULTIPLICTION, INCOMPATIBLE_COFACTOR_MULTIPLICTION};
1711 template <
class ELEMENT,
class COFACTOR_OPTION>
1715 typedef ELEMENT Element;
1717 static const char * CRYPTOPP_API StaticAlgorithmName()
1718 {
return COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION ?
"DHC" :
"DH";}
1722 return publicPrecomputation.Exponentiate(params.GetGroupPrecomputation(),
1723 COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION ? privateExponent*params.GetCofactor() : privateExponent);
1726 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const 1728 if (COFACTOR_OPTION::ToEnum() == COMPATIBLE_COFACTOR_MULTIPLICTION)
1730 const Integer &k = params.GetCofactor();
1731 return params.ExponentiateElement(publicElement,
1734 else if (COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION)
1735 return params.ExponentiateElement(publicElement, privateExponent*params.GetCofactor());
1738 assert(COFACTOR_OPTION::ToEnum() == NO_COFACTOR_MULTIPLICTION);
1740 if (!validateOtherPublicKey)
1741 return params.ExponentiateElement(publicElement, privateExponent);
1743 if (params.FastSubgroupCheckAvailable())
1745 if (!params.ValidateElement(2, publicElement, NULL))
1747 return params.ExponentiateElement(publicElement, privateExponent);
1751 const Integer e[2] = {params.GetSubgroupOrder(), privateExponent};
1753 params.SimultaneousExponentiate(r, publicElement, e, 2);
1754 if (!params.IsIdentity(r[0]))
1761 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 1769 template <
class BASE>
1776 {this->AccessKey().AssignFrom(key);}
1779 {this->AccessKey().BERDecode(bt);}
1782 {this->AccessKey().AssignFrom(algorithm.
GetMaterial());}
1785 {this->AccessKey().Initialize(v1);}
1787 #if (defined(_MSC_VER) && _MSC_VER < 1300) 1789 template <
class T1,
class T2>
1791 {this->AccessKey().Initialize(v1, v2);}
1793 template <
class T1,
class T2,
class T3>
1795 {this->AccessKey().Initialize(v1, v2, v3);}
1797 template <
class T1,
class T2,
class T3,
class T4>
1799 {this->AccessKey().Initialize(v1, v2, v3, v4);}
1801 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1803 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
1805 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
1807 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
1809 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
1811 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
1813 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
1814 PK_FinalTemplate(T1 &v1, T2 &v2, T3 &v3, T4 &v4, T5 &v5, T6 &v6, T7 &v7, T8 &v8)
1815 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
1819 template <
class T1,
class T2>
1821 {this->AccessKey().Initialize(v1, v2);}
1823 template <
class T1,
class T2,
class T3>
1825 {this->AccessKey().Initialize(v1, v2, v3);}
1827 template <
class T1,
class T2,
class T3,
class T4>
1829 {this->AccessKey().Initialize(v1, v2, v3, v4);}
1831 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1832 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
1833 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
1835 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
1836 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
1837 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
1839 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
1840 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
1841 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
1843 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
1844 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
1845 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
1847 template <
class T1,
class T2>
1849 {this->AccessKey().Initialize(v1, v2);}
1851 template <
class T1,
class T2,
class T3>
1853 {this->AccessKey().Initialize(v1, v2, v3);}
1855 template <
class T1,
class T2,
class T3,
class T4>
1857 {this->AccessKey().Initialize(v1, v2, v3, v4);}
1859 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1860 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
1861 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
1863 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
1864 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
1865 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
1867 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
1868 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
1869 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
1871 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
1872 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
1873 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
1888 template <
class STANDARD,
class KEYS,
class ALG_INFO>
1892 template <
class STANDARD,
class KEYS,
class ALG_INFO = TF_ES<STANDARD, KEYS,
int> >
1893 class TF_ES :
public KEYS
1895 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
1902 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
1910 template <
class STANDARD,
class H,
class KEYS,
class ALG_INFO>
1914 template <
class STANDARD,
class H,
class KEYS,
class ALG_INFO = TF_SS<STANDARD, H, KEYS,
int> >
1915 class TF_SS :
public KEYS
1920 typedef typename Standard::SignatureMessageEncodingMethod MessageEncodingMethod;
1923 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
1931 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
1935 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
1936 class DL_SS :
public KEYS
1941 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
1950 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
1964 #if CRYPTOPP_MSC_VERSION 1965 # pragma warning(pop) void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
Standard names for retrieving values by name when working with NameValuePairs.
bool GetThisObject(T &object) const
Get a copy of this object or subobject.
Applies the trapdoor function, using random data if required.
PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Encrypt a byte string.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
Interface for asymmetric algorithms.
Interface for message encoding method for public key signature schemes.
Trapdoor Function Based Encryption Scheme.
virtual const CryptoMaterial & GetMaterial() const =0
returns a const reference to the crypto material used by this object
DH key agreement algorithm.
Restricts the instantiation of a class to one static object without locks.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
PK_MessageAccumulator * NewVerificationAccumulator() const
create a new HashTransformation to accumulate the message to be verified
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Decrypt a byte string.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
static Integer Gcd(const Integer &a, const Integer &n)
greatest common divisor
encodes/decodes privateKeyInfo
void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
The base for trapdoor based cryptosystems.
interface for DL group parameters
Converts a typename to an enumerated value.
Interface for message encoding method for public key signature schemes.
virtual bool IsRandomized() const
Determines if the decryption algorithm is randomized.
Abstract base classes that provide a uniform interface to this library.
size_type size() const
Provides the count of elements in the SecBlock.
bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Message encoding method for public key encryption.
interface for key derivation algorithms used in DL cryptosystems
Classes for automatic resource management.
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function.
Library configuration file.
interface for DL private keys
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Ring of congruence classes modulo n.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
sign and restart messageAccumulator
Interface for random number generators.
void New(size_type newSize)
Change size without preserving contents.
Trapdoor function cryptosystems decryption base class.
Discrete Log Based Encryption Scheme.
SecByteBlock is a SecBlock<byte> typedef.
Provides range for plaintext and ciphertext lengths.
Interface for private keys.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
recover a message from its signature
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
static const Integer & One()
Integer representing 1.
interface for DL public keys
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
generate private key
Base class for public key signature standard classes.
const char * PrivateExponent()
Integer.
Pointer that overloads operator→
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Discrete Log Based Signature Scheme.
unsigned int PublicKeyLength() const
return length of public keys in this domain
unsigned int AgreedValueLength() const
return length of agreed value produced
virtual Integer MaxPreimage() const
Returns the maximum size of a message before the trapdoor function is applied bound to a public key...
Interface for domains of simple key agreement protocols.
bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
Applies the inverse of the trapdoor function.
Returns a decoding results.
Uses encapsulation to hide an object in derived classes.
PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const
create a new HashTransformation to accumulate the message to be signed
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
retrieve previously saved precomputation
PK_FinalTemplate< TF_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
A method was called which was not implemented.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
interface for Elgamal-like signature algorithms
Interface for message encoding method for public key signature schemes.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
derive agreed value from your private key and couterparty's public key, return false in case of failu...
Interface for message encoding method for public key signature schemes.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
Base class for public key encryption standard classes.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
retrieve previously saved precomputation
Multiple precision integer with arithmetic operations.
STANDARD Standard
see SignatureStandard for a list of standards
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
virtual Integer MaxImage() const
Returns the maximum size of a message after the trapdoor function is applied bound to a public key...
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
const char * SubgroupGenerator()
Integer, ECP::Point, or EC2N::Point.
Applies the trapdoor function.
unsigned int PrivateKeyLength() const
return length of private keys in this domain
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
Public key trapdoor function base class.
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
bool IsRandomized() const
Determines if the decryption algorithm is randomized.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
Implementation of BufferedTransformation's attachment interface in cryptlib.h.
Interface for accumulating messages to be signed or verified.
Interface for key agreement algorithms.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Classes for precomputation in a group.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
PK_FinalTemplate< DL_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
save precomputation for later use
Classes and functions for the FIPS 140-2 validated library.
STANDARD Standard
see EncryptionStandard for a list of standards
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
generate public key
Interface for crypto material, such as public and private keys, and crypto parameters.
PK_FinalTemplate< TF_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
Interface for crypto prameters.
virtual bool IsRandomized() const
Determines if the encryption algorithm is randomized.
PK_FinalTemplate< TF_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
save precomputation for later use
Class file for performing modular arithmetic.
Interface for public keys.
Crypto++ library namespace.
Applies the inverse of the trapdoor function, using random data if required.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
interface for symmetric encryption algorithms used in DL cryptosystems
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
save precomputation for later use
encodes/decodes subjectPublicKeyInfo
Trapdoor function cryptosystem base class.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
retrieve previously saved precomputation
PK_FinalTemplate< DL_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Interface for message encoding method for public key signature schemes.
const char * SubgroupOrder()
Integer.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
Interface for message encoding method for public key signature schemes.
const char * PublicElement()
Integer.
interface for DL key agreement algorithms
Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
Applies the trapdoor function.
unsigned int ByteCount() const
number of significant bytes = ceiling(BitCount()/8)
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
input signature into a message accumulator
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
Interface for message encoding method for public key signature schemes.
Interface for retrieving values given their names.
A template implementing constructors for public key algorithm classes.
Trapdoor Function Based Signature Scheme.
Base class for identifying alogorithm.