6 #ifndef CRYPTOPP_ECCRYPTO_H 7 #define CRYPTOPP_ECCRYPTO_H 34 typedef EC EllipticCurve;
35 typedef typename EllipticCurve::Point Point;
36 typedef Point Element;
41 : m_compress(
false), m_encodeAsOID(
false) {Initialize(oid);}
43 : m_compress(
false), m_encodeAsOID(
false) {Initialize(ec, G, n, k);}
45 : m_compress(
false), m_encodeAsOID(
false) {BERDecode(bt);}
49 this->m_groupPrecomputation.SetCurve(ec);
50 this->SetSubgroupGenerator(G);
54 void Initialize(
const OID &oid);
57 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
68 const Integer & GetSubgroupOrder()
const {
return m_n;}
72 bool FastSubgroupCheckAvailable()
const {
return false;}
73 void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const 76 GetCurve().EncodePoint(encoded, element, m_compress);
78 element.x.Encode(encoded, GetEncodedElementSize(
false));
80 virtual unsigned int GetEncodedElementSize(
bool reversible)
const 83 return GetCurve().EncodedPointSize(m_compress);
85 return GetCurve().GetField().MaxElementByteLength();
87 Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const 90 if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(
true)))
92 if (checkForGroupMembership && !ValidateElement(1, result, NULL))
96 Integer ConvertElementToInteger(
const Element &element)
const;
97 Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
98 bool IsIdentity(
const Element &element)
const {
return element.identity;}
99 void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
100 static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {
return "EC";}
103 OID GetAlgorithmID()
const;
106 Element MultiplyElements(
const Element &a,
const Element &b)
const;
107 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
112 static OID CRYPTOPP_API GetNextRecommendedParametersOID(
const OID &oid);
117 void SetPointCompression(
bool compress) {m_compress = compress;}
118 bool GetPointCompression()
const {
return m_compress;}
120 void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
121 bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
123 const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
125 bool operator==(
const ThisClass &rhs)
const 126 {
return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
128 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY 129 const Point& GetBasePoint()
const {
return this->GetSubgroupGenerator();}
130 const Integer& GetBasePointOrder()
const {
return this->GetSubgroupOrder();}
131 void LoadRecommendedParameters(
const OID &oid) {Initialize(oid);}
134 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 139 unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
140 unsigned int ExponentLength()
const {
return m_n.ByteCount();}
145 mutable bool m_compress, m_encodeAsOID;
153 typedef typename EC::Point Element;
156 {this->AccessGroupParameters() = params; this->SetPublicElement(Q);}
157 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Element &Q)
158 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);}
164 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 174 typedef typename EC::Point Element;
177 {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);}
178 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Integer &x)
179 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);}
181 {this->GenerateRandom(rng, params);}
189 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 195 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
200 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 206 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
211 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 223 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 228 template <
class EC,
class H>
238 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 248 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA";}
250 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 260 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECNR";}
262 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 268 template <
class EC,
class H>
269 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
271 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 277 template <
class EC,
class H = SHA>
278 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
280 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 289 template <
class EC,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = false>
293 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
294 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
295 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
298 static std::string CRYPTOPP_API StaticAlgorithmName() {
return "ECIES";}
300 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 304 #if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_CLANG_VERSION >= 30000) 305 } __attribute__((deprecated (
"ECIES will be changing in the near future due to (1) an implementation bug and (2) an interop issue.")));
306 #elif (CRYPTOPP_GCC_VERSION ) 307 } __attribute__((deprecated));
314 #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES 315 #include "eccrypto.cpp" 338 #ifndef CRYPTOPP_ECCRYPTO_H 339 #define CRYPTOPP_ECCRYPTO_H 368 typedef EC EllipticCurve;
369 typedef typename EllipticCurve::Point Point;
370 typedef Point Element;
375 : m_compress(
false), m_encodeAsOID(
false) {Initialize(oid);}
377 : m_compress(
false), m_encodeAsOID(
false) {Initialize(ec, G, n, k);}
379 : m_compress(
false), m_encodeAsOID(
false) {
BERDecode(bt);}
383 this->m_groupPrecomputation.SetCurve(ec);
384 this->SetSubgroupGenerator(G);
388 void Initialize(
const OID &oid);
391 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
402 const Integer & GetSubgroupOrder()
const {
return m_n;}
406 bool FastSubgroupCheckAvailable()
const {
return false;}
407 void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const 410 GetCurve().EncodePoint(encoded, element, m_compress);
412 element.x.Encode(encoded, GetEncodedElementSize(
false));
414 virtual unsigned int GetEncodedElementSize(
bool reversible)
const 417 return GetCurve().EncodedPointSize(m_compress);
419 return GetCurve().GetField().MaxElementByteLength();
421 Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const 424 if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(
true)))
426 if (checkForGroupMembership && !ValidateElement(1, result, NULL))
430 Integer ConvertElementToInteger(
const Element &element)
const;
431 Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
432 bool IsIdentity(
const Element &element)
const {
return element.identity;}
433 void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
434 static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {
return "EC";}
437 OID GetAlgorithmID()
const;
440 Element MultiplyElements(
const Element &a,
const Element &b)
const;
441 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
446 static OID CRYPTOPP_API GetNextRecommendedParametersOID(
const OID &oid);
451 void SetPointCompression(
bool compress) {m_compress = compress;}
452 bool GetPointCompression()
const {
return m_compress;}
454 void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
455 bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
457 const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
459 bool operator==(
const ThisClass &rhs)
const 460 {
return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
462 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY 463 const Point& GetBasePoint()
const {
return this->GetSubgroupGenerator();}
464 const Integer& GetBasePointOrder()
const {
return this->GetSubgroupOrder();}
465 void LoadRecommendedParameters(
const OID &oid) {Initialize(oid);}
468 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 473 unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
474 unsigned int ExponentLength()
const {
return m_n.ByteCount();}
478 bool m_compress, m_encodeAsOID;
487 typedef typename EC::Point Element;
490 {this->AccessGroupParameters() = params; this->SetPublicElement(Q);}
491 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Element &Q)
492 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);}
498 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 508 typedef typename EC::Point Element;
511 {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);}
512 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Integer &x)
513 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);}
515 {this->GenerateRandom(rng, params);}
523 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 529 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
534 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 540 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
545 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 557 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 562 template <
class EC,
class H>
572 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 582 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA";}
584 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 594 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECNR";}
596 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 602 template <
class EC,
class H>
603 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
605 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 611 template <
class EC,
class H = SHA>
612 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
614 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 623 template <
class EC,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = false>
627 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
628 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
629 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
632 static std::string CRYPTOPP_API StaticAlgorithmName() {
return "ECIES";}
634 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 638 #if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800) 639 } __attribute__((deprecated (
"ECIES will be changing in the near future due to (1) an implementation bug and (2) an interop issue")));
640 #elif (CRYPTOPP_GCC_VERSION) 641 } __attribute__((deprecated));
648 #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES 649 #include "eccrypto.cpp" void BERDecode(BufferedTransformation &bt)
Decode this object from a BufferedTransformation.
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
This file contains helper classes/functions for implementing public key algorithms.
Classes for Elliptic Curves over prime fields.
Converts a typename to an enumerated value.
Abstract base classes that provide a uniform interface to this library.
Library configuration file.
Interface for random number generators.
Discrete Log Based Encryption Scheme.
Discrete Log Based Signature Scheme.
Classes for Elliptic Curves over binary fields.
Classes for HMAC message authentication codes.
MQV domain for performing authenticated key agreement.
Classes for Diffie-Hellman key exchange.
Elliptic Curve Menezes-Qu-Vanstone, AKA ECMQV
Multiple precision integer with arithmetic operations.
Elliptic Curve Integrated Encryption Scheme, AKA ECIES
Implementation of schemes based on DL over GF(p)
void DEREncodePublicKey(BufferedTransformation &bt) const
encode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
Elliptic Curve Diffie-Hellman, AKA ECDH
Classes and functions for working with ANS.1 objects.
Classes for SHA-1 and SHA-2 family of message digests.
Elliptic Curve Parameters.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
void AssignFrom(const NameValuePairs &source)
static const Integer & Zero()
Integer representing 0.
Crypto++ library namespace.
Classes for Menezes–Qu–Vanstone (MQV) key agreement.
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
Interface for retrieving values given their names.