34 #ifndef CRYPTOPP_PUBKEY_H
35 #define CRYPTOPP_PUBKEY_H
39 #if CRYPTOPP_MSC_VERSION
40 # pragma warning(push)
41 # pragma warning(disable: 4702)
55 #if defined(__SUNPRO_CC)
56 # define MAYBE_RETURN(x) return x
58 # define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
229 template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
248 template <
class BASE>
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266 template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303 typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472 template <
class HASH_ALGORITHM>
482 template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
537 template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552 template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
670 template <
class SCHEME_OPTIONS>
677 template <
class SCHEME_OPTIONS>
713 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
736 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
760 static void CRYPTOPP_API DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
763 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
795 if (!GetBasePrecomputation().IsInitialized())
798 if (m_validationLevel > level)
802 bool pass = ValidateGroup(rng, level);
803 CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
806 m_validationLevel = pass ? level+1 : 0;
811 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
813 return GetValueHelper(
this, name, valueType, pValue)
834 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
843 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844 m_validationLevel = 0;
853 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
859 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
864 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
871 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
882 SimultaneousExponentiate(&result, base, &exponent, 1);
930 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
938 virtual Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
979 virtual bool FastSubgroupCheckAvailable()
const =0;
1002 void ParametersChanged() {m_validationLevel = 0;}
1005 mutable unsigned int m_validationLevel;
1012 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
1016 typedef GROUP_PRECOMP GroupPrecomputation;
1017 typedef typename GROUP_PRECOMP::Element Element;
1018 typedef BASE_PRECOMP BasePrecomputation;
1035 GROUP_PRECOMP m_groupPrecomputation;
1077 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1079 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1089 virtual const Element &
GetPublicElement()
const {
return GetPublicPrecomputation().GetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation());}
1093 virtual void SetPublicElement(
const Element &y) {AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
1149 pub.
SetPublicElement(this->GetAbstractGroupParameters().ExponentiateBase(GetPrivateExponent()));
1162 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1164 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1172 this->AccessAbstractGroupParameters().AssignFrom(source);
1173 AssignFromHelper(
this, source)
1199 this->AccessAbstractGroupParameters().AssignFrom(source);
1200 AssignFromHelper(
this, source)
1211 template <
class PK,
class GP,
class O = OID>
1215 typedef GP GroupParameters;
1219 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1221 {AccessGroupParameters().BERDecode(bt);
return true;}
1223 {GetGroupParameters().DEREncode(bt);
return true;}
1225 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1226 GP & AccessGroupParameters() {
return m_groupParameters;}
1229 GP m_groupParameters;
1241 typedef typename GP::Element Element;
1256 pass = pass && x.IsPositive() && x < q;
1266 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1268 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1273 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1279 this->AccessGroupParameters().GenerateRandom(rng, params);
1313 template <
class BASE,
class SIGNATURE_SCHEME>
1321 BASE::GenerateRandom(rng, params);
1325 typename SIGNATURE_SCHEME::Signer signer(*
this);
1326 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1338 typedef typename GP::Element Element;
1352 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1354 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1359 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1395 typename GP::BasePrecomputation m_ypc;
1434 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1435 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1481 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1492 virtual bool ParameterSupported(
const char *name)
const
1493 {CRYPTOPP_UNUSED(name);
return false;}
1494 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1503 virtual bool ParameterSupported(
const char *name)
const
1504 {CRYPTOPP_UNUSED(name);
return false;}
1505 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1506 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1507 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1508 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1509 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1518 typedef KI KeyInterface;
1519 typedef typename KI::Element Element;
1526 virtual KeyInterface & AccessKeyInterface() =0;
1527 virtual const KeyInterface & GetKeyInterface()
const =0;
1535 template <
class INTFACE,
class KEY_INTFACE>
1546 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1547 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1553 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1570 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1575 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1578 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1579 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1582 virtual bool IsDeterministic()
const {
return false;}
1586 virtual HashIdentifier GetHashIdentifier()
const =0;
1587 virtual size_t GetDigestSize()
const =0;
1616 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1617 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1618 recoverableMessage, recoverableMessageLength,
1619 ma.m_presignature, ma.m_presignature.
size(),
1620 ma.m_semisignature);
1625 this->GetMaterial().DoQuickSanityCheck();
1632 SecByteBlock representative(this->MessageRepresentativeLength());
1633 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1635 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1636 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1637 representative, this->MessageRepresentativeBitLength());
1679 const size_t rLen = alg.
RLen(params);
1680 r.
Encode(signature, rLen);
1684 RestartMessageAccumulator(rng, ma);
1686 return this->SignatureLength();
1703 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1724 const size_t rLen = alg.
RLen(params);
1725 const size_t sLen = alg.
SLen(params);
1727 if (signatureLength < rLen + sLen)
1730 ma.m_semisignature.
Assign(signature, rLen);
1731 ma.m_s.
Decode(signature+rLen, sLen);
1733 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1738 this->GetMaterial().DoQuickSanityCheck();
1745 SecByteBlock representative(this->MessageRepresentativeLength());
1746 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1747 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1748 representative, this->MessageRepresentativeBitLength());
1752 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1753 return alg.
Verify(params, key, e, r, ma.m_s);
1758 this->GetMaterial().DoQuickSanityCheck();
1765 SecByteBlock representative(this->MessageRepresentativeLength());
1766 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1768 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1769 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1770 representative, this->MessageRepresentativeBitLength());
1775 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1778 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1779 ma.AccessHash(), this->GetHashIdentifier(),
1780 ma.m_presignature, ma.m_presignature.
size(),
1781 ma.m_semisignature, ma.m_semisignature.
size(),
1789 template <
class PK,
class KI>
1793 typedef typename DL_Base<KI>::Element Element;
1797 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1799 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1800 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1803 size_t CiphertextLength(
size_t plaintextLength)
const
1805 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1806 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1809 bool ParameterSupported(
const char *name)
const
1810 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1832 CRYPTOPP_UNUSED(rng);
1841 ciphertext += elementSize;
1842 ciphertextLength -= elementSize;
1844 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1846 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1847 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1849 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1880 ciphertext += elementSize;
1884 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1885 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1887 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1894 template <
class T1,
class T2>
1897 typedef T1 AlgorithmInfo;
1898 typedef T2 GroupParameters;
1899 typedef typename GroupParameters::Element Element;
1905 template <
class T1,
class T2>
1909 typedef typename Keys::PrivateKey
PrivateKey;
1910 typedef typename Keys::PublicKey
PublicKey;
1919 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1922 typedef T3 SignatureAlgorithm;
1923 typedef T4 MessageEncodingMethod;
1924 typedef T5 HashFunction;
1933 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1937 typedef T4 KeyDerivationAlgorithm;
1938 typedef T5 SymmetricEncryptionAlgorithm;
1945 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1949 typedef SCHEME_OPTIONS SchemeOptions;
1950 typedef typename KEY::Element Element;
1954 PrivateKey & AccessPrivateKey() {
return m_key;}
1955 PublicKey & AccessPublicKey() {
return m_key;}
1958 const KEY & GetKey()
const {
return m_key;}
1959 KEY & AccessKey() {
return m_key;}
1962 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1963 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1966 HashIdentifier GetHashIdentifier()
const
1968 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1969 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1971 size_t GetDigestSize()
const
1973 typedef typename SchemeOptions::HashFunction H;
1974 return H::DIGESTSIZE;
1985 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1989 typedef typename KEY::Element Element;
2002 HashIdentifier GetHashIdentifier()
const
2003 {
return HashIdentifier();}
2010 template <
class SCHEME_OPTIONS>
2017 this->RestartMessageAccumulator(rng, *p);
2024 template <
class SCHEME_OPTIONS>
2036 template <
class SCHEME_OPTIONS>
2043 template <
class SCHEME_OPTIONS>
2061 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2062 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2063 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2068 x.Encode(privateKey, PrivateKeyLength());
2073 CRYPTOPP_UNUSED(rng);
2075 Integer x(privateKey, PrivateKeyLength());
2080 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2085 Integer x(privateKey, PrivateKeyLength());
2086 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2088 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2089 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2101 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2130 template <
class ELEMENT,
class COFACTOR_OPTION>
2134 typedef ELEMENT Element;
2136 CRYPTOPP_STATIC_CONSTEXPR
const char*
CRYPTOPP_API StaticAlgorithmName()
2147 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2161 if (!validateOtherPublicKey)
2164 if (params.FastSubgroupCheckAvailable())
2186 template <
class BASE>
2193 {this->AccessKey().AssignFrom(key);}
2196 {this->AccessKey().BERDecode(bt);}
2199 {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
2202 {this->AccessKey().Initialize(v1);}
2204 template <
class T1,
class T2>
2206 {this->AccessKey().Initialize(v1, v2);}
2208 template <
class T1,
class T2,
class T3>
2210 {this->AccessKey().Initialize(v1, v2, v3);}
2212 template <
class T1,
class T2,
class T3,
class T4>
2214 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2216 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2217 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2218 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2220 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2221 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2222 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2224 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2225 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2226 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2228 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2229 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2230 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2232 template <
class T1,
class T2>
2234 {this->AccessKey().Initialize(v1, v2);}
2236 template <
class T1,
class T2,
class T3>
2238 {this->AccessKey().Initialize(v1, v2, v3);}
2240 template <
class T1,
class T2,
class T3,
class T4>
2242 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2244 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2245 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2246 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2248 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2249 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2250 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2252 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2253 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2254 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2256 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2257 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2258 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2275 template <
class KEYS,
class STANDARD,
class ALG_INFO>
2278 template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2281 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2288 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2301 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2304 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2310 typedef typename Standard::SignatureMessageEncodingMethod MessageEncodingMethod;
2313 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2327 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2330 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2336 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2350 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2364 #if CRYPTOPP_MSC_VERSION
2365 # pragma warning(pop)
Classes for performing mathematics over different fields.
Standard names for retrieving values by name when working with NameValuePairs.
Interface for asymmetric algorithms.
Interface for crypto material.
Interface for crypto prameters.
Exception thrown when an invalid group element is encountered.
Discrete Log (DL) base interface.
Discrete Log (DL) cryptosystem base implementation.
Discrete Log (DL) decryptor base implementation.
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Decrypt a byte string.
Discrete Log (DL) decryptor implementation.
Discrete Log (DL) encryption scheme.
PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
Interface for Elgamal-like signature algorithms.
virtual void Sign(const DL_GroupParameters< T > ¶ms, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0
Sign a message using a private key.
virtual bool IsDeterministic() const
Signature scheme flag.
virtual size_t SLen(const DL_GroupParameters< T > ¶ms) const
Retrieve S length.
virtual size_t RLen(const DL_GroupParameters< T > ¶ms) const
Retrieve R length.
virtual bool Verify(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0
Verify a message using a public key.
virtual Integer RecoverPresignature(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &r, const Integer &s) const
Recover a Presignature.
Discrete Log (DL) encryptor base implementation.
void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Encrypt a byte string.
Discrete Log (DL) encryptor implementation.
DL_FixedBasePrecomputation interface.
virtual Element Exponentiate(const DL_GroupPrecomputation< Element > &group, const Integer &exponent) const =0
Exponentiates an element.
Interface for Discrete Log (DL) group parameters.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
virtual Integer GetCofactor() const
Retrieves the cofactor.
virtual bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation< Element > *precomp) const =0
Check the element for errors.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
virtual const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const =0
Retrieves the group precomputation.
virtual bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const =0
Check the group for errors.
virtual const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const =0
Retrieves the group precomputation.
virtual Integer GetGroupOrder() const
Retrieves the order of the group.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
virtual DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()=0
Retrieves the group precomputation.
virtual const Element & GetSubgroupGenerator() const
Retrieves the subgroup generator.
virtual unsigned int GetEncodedElementSize(bool reversible) const =0
Retrieves the encoded element's size.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const =0
Exponentiates a base to multiple exponents.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
virtual Integer ConvertElementToInteger(const Element &element) const =0
Converts an element to an Integer.
virtual bool IsIdentity(const Element &element) const =0
Determines if an element is an identity.
Base implementation of Discrete Log (DL) group parameters.
const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const
Retrieves the group precomputation.
const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const
Retrieves the group precomputation.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
DL_GroupPrecomputation interface.
Diffie-Hellman key agreement algorithm.
Interface for DL key agreement algorithms.
Interface for key derivation algorithms used in DL cryptosystems.
Base class for a Discrete Log (DL) key.
virtual const DL_GroupParameters< T > & GetAbstractGroupParameters() const =0
Retrieves abstract group parameters.
virtual DL_GroupParameters< T > & AccessAbstractGroupParameters()=0
Retrieves abstract group parameters.
Discrete Log (DL) key base implementation.
Discrete Log (DL) base object implementation.
Discrete Log (DL) object implementation.
Interface for Discrete Log (DL) private keys.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void MakePublicKey(DL_PublicKey< T > &pub) const
Initializes a public key from this key.
virtual void SetPrivateExponent(const Integer &x)=0
Sets the private exponent.
virtual const Integer & GetPrivateExponent() const =0
Retrieves the private exponent.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
Discrete Log (DL) private key base implementation.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
Decode privateKey part of privateKeyInfo.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
const Integer & GetPrivateExponent() const
Retrieves the private exponent.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
void DEREncodePrivateKey(BufferedTransformation &bt) const
Encode privateKey part of privateKeyInfo.
void SetPrivateExponent(const Integer &x)
Sets the private exponent.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
Interface for Discrete Log (DL) public keys.
virtual const DL_FixedBasePrecomputation< T > & GetPublicPrecomputation() const =0
Accesses the public precomputation.
virtual Element ExponentiatePublicElement(const Integer &exponent) const
Exponentiates this element.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
virtual void SetPublicElement(const Element &y)
Sets the public element.
virtual DL_FixedBasePrecomputation< T > & AccessPublicPrecomputation()=0
Accesses the public precomputation.
virtual const Element & GetPublicElement() const
Retrieves the public element.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual Element CascadeExponentiateBaseAndPublicElement(const Integer &baseExp, const Integer &publicExp) const
Exponentiates an element.
Discrete Log (DL) public key base implementation.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
DL_FixedBasePrecomputation< Element > & AccessPublicPrecomputation()
Accesses the public precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
const DL_FixedBasePrecomputation< Element > & GetPublicPrecomputation() const
Accesses the public precomputation.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Discrete Log (DL) signature scheme.
PK_FinalTemplate< DL_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
PK_FinalTemplate< DL_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Discrete Log (DL) signature scheme base implementation.
size_t MaxRecoverableLength() const
Provides the maximum recoverable length.
bool RecoverablePartFirst() const
Determines if the scheme allows recoverable part first.
bool AllowNonrecoverablePart() const
Determines if the scheme has non-recoverable part.
size_t SignatureLength() const
Provides the signature length.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the maximum recoverable length.
bool IsProbabilistic() const
Determines if the scheme is probabilistic.
Discrete Log (DL) signature scheme signer base implementation.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
Sign and restart messageAccumulator.
void RawSign(const Integer &k, const Integer &e, Integer &r, Integer &s) const
Testing interface.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
Discrete Log (DL) signer implementation.
Discrete Log (DL) simple key agreement base implementation.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
Derive agreed value.
CryptoParameters & AccessCryptoParameters()
Retrieves a reference to Crypto Parameters.
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate private key in this domain.
const Element & GetGenerator() const
Retrieves a reference to the group generator.
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a public key from a private key in this domain.
unsigned int PrivateKeyLength() const
Provides the size of the private key.
unsigned int PublicKeyLength() const
Provides the size of the public key.
Interface for symmetric encryption algorithms used in DL cryptosystems.
Discret Log (DL) Verifier base class.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
Recover a message from its signature.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
Discrete Log (DL) verifier implementation.
Interface for deterministic signers.
virtual Integer GenerateRandom(const Integer &x, const Integer &q, const Integer &e) const =0
Generate k.
Multiple precision integer with arithmetic operations.
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
void Randomize(RandomNumberGenerator &rng, size_t bitCount)
Set this Integer to random integer.
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
static const Integer & One()
Integer representing 1.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
static const Integer & Zero()
Integer representing 0.
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
unsigned int ByteCount() const
Determines the number of bytes required to represent the Integer.
static Integer Gcd(const Integer &a, const Integer &n)
Calculate greatest common divisor.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
Interface for key agreement algorithms.
Mask generation function interface.
virtual void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const =0
Generate and apply mask.
Ring of congruence classes modulo n.
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Interface for retrieving values given their names.
bool GetThisObject(T &object) const
Get a copy of this object or subobject.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
A method was called which was not implemented.
Uses encapsulation to hide an object in derived classes.
P1363 key derivation function.
static void DeriveKey(byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength)
P1363 key derivation function.
P1363 mask generation function.
static const char * StaticAlgorithmName()
The algorithm name.
void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const
P1363 mask generation function.
Interface for message encoding method for public key signature schemes.
Message encoding method for public key encryption.
virtual size_t MaxUnpaddedLength(size_t paddedLength) const =0
max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of ...
Template implementing constructors for public key algorithm classes.
Public key trapdoor function default implementation.
Interface for message encoding method for public key signature schemes.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
Interface for accumulating messages to be signed or verified.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
bool IsProbabilistic() const
Determines whether an encoding method requires a random number generator.
Encodes and Decodes privateKeyInfo.
Interface for private keys.
Interface for public keys.
Interface for random number generators.
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Applies the trapdoor function, using random data if required.
virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Applies the inverse of the trapdoor function, using random data if required.
virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the inverse of the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the decryption algorithm is randomized.
void New(size_type newSize)
Change size without preserving contents.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
size_type size() const
Provides the count of elements in the SecBlock.
Interface for domains of simple key agreement protocols.
Restricts the instantiation of a class to one static object without locks.
const T & Ref(...) const
Return a reference to the inner Singleton object.
The base for trapdoor based cryptosystems.
Trapdoor function cryptosystem base class.
Trapdoor function cryptosystems decryption base class.
Trapdoor Function (TF) decryptor options.
Trapdoor Function (TF) encryption scheme.
PK_FinalTemplate< TF_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
PK_FinalTemplate< TF_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
STANDARD Standard
see EncryptionStandard for a list of standards
Trapdoor function cryptosystems encryption base class.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) base implementation.
Trapdoor Function (TF) signature with external reference.
Trapdoor Function (TF) signature scheme options.
Trapdoor Function (TF) Signature Scheme.
PK_FinalTemplate< TF_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
STANDARD Standard
see SignatureStandard for a list of standards
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Trapdoor Function (TF) Signature Scheme base class.
Trapdoor Function (TF) Signer base class.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const
Sign and restart messageAccumulator.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) Verifier base class.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &recoveryAccumulator) const
Recover a message from its signature.
Trapdoor Function (TF) encryptor options.
Provides range for plaintext and ciphertext lengths.
virtual Integer PreimageBound() const =0
Returns the maximum size of a message before the trapdoor function is applied.
virtual Integer ImageBound() const =0
Returns the maximum size of a message after the trapdoor function is applied.
virtual Integer MaxImage() const
Returns the maximum size of a message after the trapdoor function is applied bound to a public key.
virtual Integer MaxPreimage() const
Returns the maximum size of a message before the trapdoor function is applied bound to a public key.
Applies the trapdoor function.
virtual Integer ApplyFunction(const Integer &x) const =0
Applies the trapdoor.
bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
Applies the trapdoor function.
Applies the inverse of the trapdoor function.
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function.
bool IsRandomized() const
Determines if the decryption algorithm is randomized.
virtual Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Calculates the inverse of an element.
Encodes and decodes subjectPublicKeyInfo.
Pointer that overloads operator ->
Library configuration file.
#define CRYPTOPP_API
Win32 calling convention.
Abstract base classes that provide a uniform interface to this library.
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
CRYPTOPP_DLL RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
Classes for precomputation in a group.
Implementation of BufferedTransformation's attachment interface.
Classes and functions for the FIPS 140-2 validated library.
CRYPTOPP_DLL bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
Multiple precision integer with arithmetic operations.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
Class file for performing modular arithmetic.
Crypto++ library namespace.
const char * SubgroupGenerator()
Integer, ECP::Point, or EC2N::Point.
const char * PrivateExponent()
Integer.
const char * SubgroupOrder()
Integer.
const char * PublicElement()
Integer.
CofactorMultiplicationOption
Methods for avoiding "Small-Subgroup" attacks on Diffie-Hellman Key Agreement.
@ INCOMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication incompatible with ordinary Diffie-Hellman.
@ NO_COFACTOR_MULTIPLICTION
No cofactor multiplication applied.
@ COMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication compatible with ordinary Diffie-Hellman.
Classes for automatic resource management.
Discrete Log (DL) crypto scheme options.
Discrete Log (DL) key options.
Discrete Log (DL) scheme options.
Discrete Log (DL) signature scheme options.
Returns a decoding results.
Base class for public key encryption standard classes.
Converts an enumeration to a type suitable for use as a template parameter.
Base class for public key signature standard classes.
Trapdoor Function (TF) scheme options.
Trapdoor Function (TF) signature scheme options.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.