24 template <class GROUP_PARAMETERS, class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption>
28 typedef GROUP_PARAMETERS GroupParameters;
29 typedef typename GroupParameters::Element Element;
35 : m_groupParameters(params) {}
40 template <
class T1,
class T2>
42 {m_groupParameters.Initialize(v1, v2);}
44 template <
class T1,
class T2,
class T3>
46 {m_groupParameters.Initialize(v1, v2, v3);}
48 template <
class T1,
class T2,
class T3,
class T4>
50 {m_groupParameters.Initialize(v1, v2, v3, v4);}
52 const GroupParameters & GetGroupParameters()
const {
return m_groupParameters;}
53 GroupParameters & AccessGroupParameters() {
return m_groupParameters;}
55 CryptoParameters & AccessCryptoParameters() {
return AccessAbstractGroupParameters();}
57 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
64 x.
Encode(privateKey, StaticPrivateKeyLength());
71 Integer x(privateKey, StaticPrivateKeyLength());
72 Element y = params.ExponentiateBase(x);
73 params.EncodeElement(
true, y, publicKey);
83 x.Encode(privateKey, StaticPrivateKeyLength());
84 Element y = params.ExponentiateBase(x);
85 params.EncodeElement(
true, y, privateKey+StaticPrivateKeyLength());
91 memcpy(publicKey, privateKey+StaticPrivateKeyLength(), EphemeralPublicKeyLength());
95 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
96 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
97 bool validateStaticOtherPublicKey=
true)
const 102 Element WW = params.DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
103 Element VV = params.DecodeElement(ephemeralOtherPublicKey,
true);
105 Integer s(staticPrivateKey, StaticPrivateKeyLength());
106 Integer u(ephemeralPrivateKey, StaticPrivateKeyLength());
107 Element V = params.DecodeElement(ephemeralPrivateKey+StaticPrivateKeyLength(),
false);
109 const Integer &r = params.GetSubgroupOrder();
111 Integer e = ((h2+params.ConvertElementToInteger(V)%h2)*s+u) % r;
112 Integer tt = h2 + params.ConvertElementToInteger(VV) % h2;
114 if (COFACTOR_OPTION::ToEnum() == NO_COFACTOR_MULTIPLICTION)
116 Element P = params.ExponentiateElement(WW, tt);
117 P = m_groupParameters.MultiplyElements(P, VV);
120 params.SimultaneousExponentiate(R, P, e2, 2);
121 if (!params.IsIdentity(R[0]) || params.IsIdentity(R[1]))
123 params.EncodeElement(
false, R[1], agreedValue);
127 const Integer &k = params.GetCofactor();
128 if (COFACTOR_OPTION::ToEnum() == COMPATIBLE_COFACTOR_MULTIPLICTION)
130 Element P = m_groupParameters.CascadeExponentiate(VV, k*e, WW, k*(e*tt%r));
131 if (params.IsIdentity(P))
133 params.EncodeElement(
false, P, agreedValue);
147 GroupParameters m_groupParameters;
Utility functions for the Crypto++ library.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
generate static public key
interface for DL group parameters
void BERDecode(BufferedTransformation &bt)
for backwards compatibility, calls AccessMaterial().Load(bt)
unsigned int EphemeralPublicKeyLength() const
return length of ephemeral public keys in this domain
Abstract base classes that provide a uniform interface to this library.
Ring of congruence classes modulo n.
Interface for random number generators.
static const Integer & One()
Integer representing 1.
MQV_Domain< DL_GroupParameters_GFP_DefaultSafePrime > MQV
Menezes-Qu-Vanstone in GF(p) with key validation, AKA MQV
unsigned int BitCount() const
number of significant bits = floor(log2(abs(*this))) + 1
MQV domain for performing authenticated key agreement.
static Integer Power2(size_t e)
Exponentiates to a power of 2.
unsigned int EphemeralPrivateKeyLength() const
return length of ephemeral private keys in this domain
unsigned int StaticPrivateKeyLength() const
return length of static private keys in this domain
Multiple precision integer with arithmetic operations.
unsigned int AgreedValueLength() const
return length of agreed value produced
void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
generate static private key
Implementation of schemes based on DL over GF(p)
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
generate ephemeral public key
Interface for crypto prameters.
Class file for performing modular arithmetic.
Crypto++ library namespace.
Interface for domains of authenticated key agreement protocols.
void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
generate ephemeral private key
bool Agree(byte *agreedValue, const byte *staticPrivateKey, const byte *ephemeralPrivateKey, const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey, bool validateStaticOtherPublicKey=true) const
derive agreed value from your private keys and couterparty's public keys, return false in case of fai...
unsigned int StaticPublicKeyLength() const
return length of static public keys in this domain