7 #if CRYPTOPP_MSC_VERSION 8 # pragma warning(disable: 4189 4589) 11 #ifndef CRYPTOPP_IMPORTS 23 #if !defined(NDEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING) 24 void TestInstantiations_gfpcrypt()
48 int modulusSize = 1024, defaultSubgroupOrderSize;
54 defaultSubgroupOrderSize = 160;
57 defaultSubgroupOrderSize = 224;
60 defaultSubgroupOrderSize = 256;
72 bool pass = DL_GroupParameters_GFP::ValidateGroup(rng, level);
74 pass = pass && ((pSize==1024 && qSize==160) || (pSize==2048 && qSize==224) || (pSize==2048 && qSize==256) || (pSize==3072 && qSize==256));
79 const byte *recoverableMessage,
size_t recoverableMessageLength,
81 byte *representative,
size_t representativeBitLength)
const 83 CRYPTOPP_UNUSED(rng), CRYPTOPP_UNUSED(recoverableMessage), CRYPTOPP_UNUSED(recoverableMessageLength);
84 CRYPTOPP_UNUSED(messageEmpty), CRYPTOPP_UNUSED(hashIdentifier);
85 assert(recoverableMessageLength == 0);
86 assert(hashIdentifier.second == 0);
88 const size_t representativeByteLength =
BitsToBytes(representativeBitLength);
92 memset(representative, 0, paddingLength);
95 if (digestSize*8 > representativeBitLength)
97 Integer h(representative, representativeByteLength);
98 h >>= representativeByteLength*8 - representativeBitLength;
99 h.
Encode(representative, representativeByteLength);
104 const byte *recoverableMessage,
size_t recoverableMessageLength,
106 byte *representative,
size_t representativeBitLength)
const 108 CRYPTOPP_UNUSED(rng);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
109 CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
110 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength);
112 assert(recoverableMessageLength == 0);
113 assert(hashIdentifier.second == 0);
114 const size_t representativeByteLength =
BitsToBytes(representativeBitLength);
116 const size_t paddingLength =
SaturatingSubtract(representativeByteLength, digestSize);
118 memset(representative, 0, paddingLength);
119 hash.
TruncatedFinal(representative+paddingLength,
STDMIN(representativeByteLength, digestSize));
121 if (digestSize*8 >= representativeBitLength)
123 Integer h(representative, representativeByteLength);
124 h >>= representativeByteLength*8 - representativeBitLength + 1;
125 h.
Encode(representative, representativeByteLength);
129 bool DL_GroupParameters_IntegerBased::ValidateGroup(
RandomNumberGenerator &rng,
unsigned int level)
const 131 const Integer &p = GetModulus(), &q = GetSubgroupOrder();
147 const Integer &p = GetModulus(), &q = GetSubgroupOrder();
150 pass = pass && GetFieldType() == 1 ? g.IsPositive() : g.NotNegative();
151 pass = pass && g < p && !IsIdentity(g);
156 pass = pass && gpc->Exponentiate(GetGroupPrecomputation(),
Integer::One()) == g;
160 if (GetFieldType() == 2)
161 pass = pass && Jacobi(g*g-4, p)==-1;
165 bool fullValidate = (GetFieldType() == 2 && level >= 3) || !FastSubgroupCheckAvailable();
167 if (fullValidate && pass)
169 Integer gp = gpc ? gpc->Exponentiate(GetGroupPrecomputation(), q) : ExponentiateElement(g, q);
170 pass = pass && IsIdentity(gp);
172 else if (GetFieldType() == 1)
173 pass = pass && Jacobi(g, p) == 1;
189 int modulusSize, subgroupOrderSize;
194 if (!alg.
GetIntValue(
"SubgroupOrderSize", subgroupOrderSize))
195 subgroupOrderSize = GetDefaultSubgroupOrderSize(modulusSize);
198 pg.Generate(GetFieldType() == 1 ? 1 : -1, rng, modulusSize, subgroupOrderSize);
207 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 208 void DL_GroupParameters_IntegerBased::EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const 210 CRYPTOPP_UNUSED(reversible);
211 element.
Encode(encoded, GetModulus().ByteCount());
214 unsigned int DL_GroupParameters_IntegerBased::GetEncodedElementSize(
bool reversible)
const 216 CRYPTOPP_UNUSED(reversible);
221 Integer DL_GroupParameters_IntegerBased::DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const 223 CRYPTOPP_UNUSED(checkForGroupMembership);
224 Integer g(encoded, GetModulus().ByteCount());
225 if (!ValidateElement(1, g, NULL))
236 if (parameters.EndReached())
239 q = ComputeGroupOrder(p) / 2;
243 parameters.MessageEnd();
245 SetModulusAndSubgroupGenerator(p, g);
253 m_q.DEREncode(parameters);
254 GetSubgroupGenerator().
DEREncode(parameters);
255 parameters.MessageEnd();
260 return GetValueHelper<DL_GroupParameters<Element> >(
this, name, valueType, pValue)
261 CRYPTOPP_GET_FUNCTION_ENTRY(
Modulus);
266 AssignFromHelper(
this, source)
272 OID DL_GroupParameters_IntegerBased::GetAlgorithmID()
const 274 return ASN1::id_dsa();
277 void DL_GroupParameters_GFP::SimultaneousExponentiate(
Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const 280 ma.SimultaneousExponentiate(results, base, exponents, exponentsCount);
285 return a_times_b_mod_c(a, b, GetModulus());
291 return ma.CascadeExponentiate(element1, exponent1, element2, exponent2);
294 Integer DL_GroupParameters_IntegerBased::GetMaxExponent()
const 296 return STDMIN(GetSubgroupOrder()-1,
Integer::Power2(2*DiscreteLogWorkFactor(GetFieldType()*GetModulus().BitCount())));
299 unsigned int DL_GroupParameters_IntegerBased::GetDefaultSubgroupOrderSize(
unsigned int modulusSize)
const 301 return 2*DiscreteLogWorkFactor(GetFieldType()*modulusSize);
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
An invalid argument was detected.
void BERDecode(BufferedTransformation &bt)
Decode this object from a BufferedTransformation.
Utility functions for the Crypto++ library.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
T GetValueWithDefault(const char *name, T defaultValue) const
Get a named value.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
Object identifiers for algorthms and schemes.
Library configuration file.
Ring of congruence classes modulo n.
Interface for random number generators.
generator of prime numbers of special forms
static const Integer & One()
Integer representing 1.
bool GetIntValue(const char *name, int &value) const
Get a named value with type int.
unsigned int BitCount() const
number of significant bits = floor(log2(abs(*this))) + 1
const char * SubgroupOrderSize()
int, in bits
bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const
bool GetValue(const char *name, T &value) const
Get a named value.
int GetIntValueWithDefault(const char *name, int defaultValue) const
Get a named value with type int, with default.
AlgorithmParameters MakeParameters(const char *name, const T &value, bool throwIfNotUsed=true)
Create an object that implements NameValuePairs.
bool VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level=1)
Verifies a prime number.
static Integer Power2(size_t e)
Exponentiates to a power of 2.
Multiple precision integer with arithmetic operations.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
const char * SubgroupGenerator()
Integer, ECP::Point, or EC2N::Point.
Implementation of schemes based on DL over GF(p)
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
Classes and functions for working with ANS.1 objects.
Classes and functions for number theoretic operations.
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
const char * Modulus()
Integer.
static const Integer & Zero()
Integer representing 0.
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
Class file for performing modular arithmetic.
Crypto++ library namespace.
const char * SubgroupOrder()
Integer.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
unsigned int ByteCount() const
number of significant bytes = ceiling(BitCount()/8)
Interface for retrieving values given their names.
A template implementing constructors for public key algorithm classes.