34 #ifndef CRYPTOPP_PUBKEY_H
35 #define CRYPTOPP_PUBKEY_H
39 #if CRYPTOPP_MSC_VERSION
40 # pragma warning(push)
41 # pragma warning(disable: 4702)
55 #if defined(__SUNPRO_CC)
56 # define MAYBE_RETURN(x) return x
58 # define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
229 template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
248 template <
class BASE>
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266 template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303 typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
380 static HashIdentifier CRYPTOPP_API Lookup()
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472 template <
class HASH_ALGORITHM>
482 template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
516 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
526 void InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
size_t signatureLength)
const;
537 template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552 template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
670 template <
class SCHEME_OPTIONS>
677 template <
class SCHEME_OPTIONS>
713 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
736 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
760 static void CRYPTOPP_API
DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
763 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
795 if (!GetBasePrecomputation().IsInitialized())
798 if (m_validationLevel > level)
802 bool pass = ValidateGroup(rng, level);
803 CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
806 m_validationLevel = pass ? level+1 : 0;
811 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
813 return GetValueHelper(
this, name, valueType, pValue)
834 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
843 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844 m_validationLevel = 0;
853 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
859 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
864 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
871 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
882 SimultaneousExponentiate(&result, base, &exponent, 1);
930 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
938 virtual Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
979 virtual bool FastSubgroupCheckAvailable()
const =0;
1002 void ParametersChanged() {m_validationLevel = 0;}
1005 mutable unsigned int m_validationLevel;
1012 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
1016 typedef GROUP_PRECOMP GroupPrecomputation;
1017 typedef typename GROUP_PRECOMP::Element Element;
1018 typedef BASE_PRECOMP BasePrecomputation;
1035 GROUP_PRECOMP m_groupPrecomputation;
1077 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1162 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1173 AssignFromHelper(
this, source)
1199 this->AccessAbstractGroupParameters().AssignFrom(source);
1200 AssignFromHelper(
this, source)
1211 template <
class PK,
class GP,
class O = OID>
1215 typedef GP GroupParameters;
1219 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1221 {AccessGroupParameters().BERDecode(bt);
return true;}
1223 {GetGroupParameters().DEREncode(bt);
return true;}
1225 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1226 GP & AccessGroupParameters() {
return m_groupParameters;}
1229 GP m_groupParameters;
1241 typedef typename GP::Element Element;
1249 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1251 const Integer &q = GetAbstractGroupParameters().GetSubgroupOrder();
1252 const Integer &x = GetPrivateExponent();
1256 pass = pass && x.IsPositive() && x < q;
1266 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1268 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1273 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1279 this->AccessGroupParameters().GenerateRandom(rng, params);
1293 {GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);}
1300 const Integer & GetPrivateExponent()
const {
return m_x;}
1313 template <
class BASE,
class SIGNATURE_SCHEME>
1321 BASE::GenerateRandom(rng, params);
1325 typename SIGNATURE_SCHEME::Signer signer(*
this);
1326 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1338 typedef typename GP::Element Element;
1346 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1348 pass = pass && GetAbstractGroupParameters().ValidateElement(level, this->
GetPublicElement(), &GetPublicPrecomputation());
1352 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1354 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1359 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1367 AccessPublicPrecomputation().Precompute(GetAbstractGroupParameters().GetGroupPrecomputation(), GetAbstractGroupParameters().GetSubgroupOrder().BitCount(), precomputationStorage);
1378 GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);
1379 GetPublicPrecomputation().Save(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1395 typename GP::BasePrecomputation m_ypc;
1434 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1435 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1481 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1492 virtual bool ParameterSupported(
const char *name)
const
1493 {CRYPTOPP_UNUSED(name);
return false;}
1494 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1503 virtual bool ParameterSupported(
const char *name)
const
1504 {CRYPTOPP_UNUSED(name);
return false;}
1505 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1506 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1507 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1508 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1509 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1518 typedef KI KeyInterface;
1519 typedef typename KI::Element Element;
1526 virtual KeyInterface & AccessKeyInterface() =0;
1527 virtual const KeyInterface & GetKeyInterface()
const =0;
1535 template <
class INTFACE,
class KEY_INTFACE>
1546 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1547 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1553 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1570 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1575 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1578 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1579 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1582 virtual bool IsDeterministic()
const {
return false;}
1586 virtual HashIdentifier GetHashIdentifier()
const =0;
1587 virtual size_t GetDigestSize()
const =0;
1616 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1617 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1618 recoverableMessage, recoverableMessageLength,
1619 ma.m_presignature, ma.m_presignature.
size(),
1620 ma.m_semisignature);
1625 this->GetMaterial().DoQuickSanityCheck();
1632 SecByteBlock representative(this->MessageRepresentativeLength());
1633 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1635 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1636 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1637 representative, this->MessageRepresentativeBitLength());
1662 if (ks.
BitCount() == q.BitCount()) {
1679 const size_t rLen = alg.
RLen(params);
1680 r.Encode(signature, rLen);
1684 RestartMessageAccumulator(rng, ma);
1703 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1724 const size_t rLen = alg.
RLen(params);
1725 const size_t sLen = alg.
SLen(params);
1727 if (signatureLength < rLen + sLen)
1730 ma.m_semisignature.
Assign(signature, rLen);
1731 ma.m_s.
Decode(signature+rLen, sLen);
1733 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1738 this->GetMaterial().DoQuickSanityCheck();
1745 SecByteBlock representative(this->MessageRepresentativeLength());
1746 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1747 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1748 representative, this->MessageRepresentativeBitLength());
1752 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1753 return alg.
Verify(params, key, e, r, ma.m_s);
1758 this->GetMaterial().DoQuickSanityCheck();
1765 SecByteBlock representative(this->MessageRepresentativeLength());
1766 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1768 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1769 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1770 representative, this->MessageRepresentativeBitLength());
1775 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1778 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1779 ma.AccessHash(), this->GetHashIdentifier(),
1780 ma.m_presignature, ma.m_presignature.
size(),
1781 ma.m_semisignature, ma.m_semisignature.
size(),
1789 template <
class PK,
class KI>
1793 typedef typename DL_Base<KI>::Element Element;
1797 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1799 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1800 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1803 size_t CiphertextLength(
size_t plaintextLength)
const
1805 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1806 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1809 bool ParameterSupported(
const char *name)
const
1810 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1832 CRYPTOPP_UNUSED(rng);
1841 ciphertext += elementSize;
1842 ciphertextLength -= elementSize;
1844 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1846 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1847 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1849 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1880 ciphertext += elementSize;
1884 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1885 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1887 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1894 template <
class T1,
class T2>
1897 typedef T1 AlgorithmInfo;
1898 typedef T2 GroupParameters;
1899 typedef typename GroupParameters::Element Element;
1905 template <
class T1,
class T2>
1909 typedef typename Keys::PrivateKey
PrivateKey;
1910 typedef typename Keys::PublicKey
PublicKey;
1919 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1922 typedef T3 SignatureAlgorithm;
1923 typedef T4 MessageEncodingMethod;
1924 typedef T5 HashFunction;
1933 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1937 typedef T4 KeyDerivationAlgorithm;
1938 typedef T5 SymmetricEncryptionAlgorithm;
1945 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1949 typedef SCHEME_OPTIONS SchemeOptions;
1950 typedef typename KEY::Element Element;
1954 PrivateKey & AccessPrivateKey() {
return m_key;}
1955 PublicKey & AccessPublicKey() {
return m_key;}
1958 const KEY & GetKey()
const {
return m_key;}
1959 KEY & AccessKey() {
return m_key;}
1962 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1963 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1966 HashIdentifier GetHashIdentifier()
const
1968 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1969 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1971 size_t GetDigestSize()
const
1973 typedef typename SchemeOptions::HashFunction H;
1974 return H::DIGESTSIZE;
1985 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1989 typedef typename KEY::Element Element;
2002 HashIdentifier GetHashIdentifier()
const
2003 {
return HashIdentifier();}
2010 template <
class SCHEME_OPTIONS>
2017 this->RestartMessageAccumulator(rng, *p);
2024 template <
class SCHEME_OPTIONS>
2036 template <
class SCHEME_OPTIONS>
2043 template <
class SCHEME_OPTIONS>
2061 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2062 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2063 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2073 CRYPTOPP_UNUSED(rng);
2080 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2086 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2088 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2089 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2101 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2130 template <
class ELEMENT,
class COFACTOR_OPTION>
2134 typedef ELEMENT Element;
2136 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName()
2147 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2161 if (!validateOtherPublicKey)
2164 if (params.FastSubgroupCheckAvailable())
2186 template <
class BASE>
2193 {this->AccessKey().AssignFrom(key);}
2196 {this->AccessKey().BERDecode(bt);}
2199 {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
2202 {this->AccessKey().Initialize(v1);}
2204 template <
class T1,
class T2>
2206 {this->AccessKey().Initialize(v1, v2);}
2208 template <
class T1,
class T2,
class T3>
2210 {this->AccessKey().Initialize(v1, v2, v3);}
2212 template <
class T1,
class T2,
class T3,
class T4>
2214 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2216 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2217 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2218 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2220 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2221 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2222 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2224 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2225 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2226 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2228 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2229 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2230 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2232 template <
class T1,
class T2>
2234 {this->AccessKey().Initialize(v1, v2);}
2236 template <
class T1,
class T2,
class T3>
2238 {this->AccessKey().Initialize(v1, v2, v3);}
2240 template <
class T1,
class T2,
class T3,
class T4>
2242 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2244 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2245 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2246 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2248 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2249 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2250 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2252 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2253 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2254 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2256 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2257 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2258 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2275 template <
class KEYS,
class STANDARD,
class ALG_INFO>
2278 template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2281 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2288 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2301 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2304 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2313 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2327 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2330 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2336 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2350 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2364 #if CRYPTOPP_MSC_VERSION
2365 # pragma warning(pop)