6#if CRYPTOPP_MSC_VERSION
7# pragma warning(disable: 4127 4189 4459)
10#if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE
11# pragma GCC diagnostic ignored "-Wunused-value"
12# pragma GCC diagnostic ignored "-Wunused-variable"
13# pragma GCC diagnostic ignored "-Wunused-parameter"
16#ifndef CRYPTOPP_IMPORTS
36#ifdef CRYPTOPP_NATIVE_DWORD_AVAILABLE
51 throw SelfTestFailure(
"Cryptographic algorithms are disabled before the power-up self tests are performed.");
54 throw SelfTestFailure(
"Cryptographic algorithms are disabled after a power-up self test failed.");
60 this->ThrowIfInvalidKeyLength(length);
61 this->UncheckedSetKey(key,
static_cast<unsigned int>(length), params);
74void SimpleKeyingInterface::ThrowIfInvalidKeyLength(
size_t length)
80void SimpleKeyingInterface::ThrowIfResynchronizable()
83 throw InvalidArgument(GetAlgorithm().AlgorithmName() +
": this object requires an IV");
86void SimpleKeyingInterface::ThrowIfInvalidIV(
const byte *iv)
89 throw InvalidArgument(GetAlgorithm().AlgorithmName() +
": this object cannot use a null IV");
92size_t SimpleKeyingInterface::ThrowIfInvalidIVLength(
int length)
96 size =
static_cast<size_t>(
IVSize());
102 size =
static_cast<size_t>(length);
107const byte * SimpleKeyingInterface::GetIVAndThrowIfInvalid(
const NameValuePairs ¶ms,
size_t &size)
110 const byte *iv = NULLPTR;
118 iv = ivWithLength.
begin();
119 ThrowIfInvalidIV(iv);
120 size = ThrowIfInvalidIVLength(
static_cast<int>(ivWithLength.
size()));
124 ThrowIfInvalidIV(iv);
125 size =
static_cast<size_t>(
IVSize());
129 ThrowIfResynchronizable();
147 const unsigned int blockSize =
BlockSize();
149 size_t xorIncrement = xorBlocks ? blockSize : 0;
154 inBlocks =
PtrAdd(inBlocks, length - blockSize);
155 xorBlocks =
PtrAdd(xorBlocks, length - blockSize);
156 outBlocks =
PtrAdd(outBlocks, length - blockSize);
157 inIncrement = 0-inIncrement;
158 xorIncrement = 0-xorIncrement;
159 outIncrement = 0-outIncrement;
163 const bool xorFlag = xorBlocks && (flags &
BT_XorInput);
164 while (length >= blockSize)
169 xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);
179 const_cast<byte *
>(inBlocks)[blockSize-1]++;
181 inBlocks =
PtrAdd(inBlocks, inIncrement);
182 outBlocks =
PtrAdd(outBlocks, outIncrement);
183 xorBlocks =
PtrAdd(xorBlocks, xorIncrement);
192 return GetAlignmentOf<word32>();
197 return GetAlignmentOf<word32>();
202 return GetAlignmentOf<word32>();
212 else if (length != 0)
224 outLength = inLength;
227 else if (inLength != 0)
244 UncheckedSpecifyDataLengths(headerLength, messageLength, footerLength);
251 Update(header, headerLength);
260 Update(header, headerLength);
285 const word32 range = max-min;
293 value =
Crop(value, maxBits);
294 }
while (value > range);
313 CRYPTOPP_UNUSED(output), CRYPTOPP_UNUSED(size);
331 (void)target.
ChannelPut(channel, buffer, len);
343 return static_cast<size_t>(-1);
346void KeyDerivationFunction::ThrowIfInvalidDerivedKeyLength(
size_t length)
const
353 CRYPTOPP_UNUSED(params);
367#if defined(CRYPTOPP_DOXYGEN_PROCESSING)
379 CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(size);
380 throw NotImplemented(
"NullRNG: NullRNG should only be passed to functions that don't need to generate random bytes");
383#if defined(CRYPTOPP_DOXYGEN_PROCESSING)
393 void Shuffle (IT begin, IT end) {}
402 static ClassNullRNG s_nullRNG;
409 ThrowIfInvalidTruncatedSize(digestLength);
410 SecByteBlock calculated(digestLength ? digestLength : 1);
415void HashTransformation::ThrowIfInvalidTruncatedSize(
size_t size)
const
436 CRYPTOPP_UNUSED(propagation);
443 CRYPTOPP_UNUSED(propagation);
450 CRYPTOPP_UNUSED(propagation);
457 byte* space = NULLPTR;
469 size =
Put2(inString, length, messageEnd, blocking);
481 size =
ChannelPut2(channel, inString, length, messageEnd, blocking);
489 result =
Flush(hardFlush, propagation, blocking);
523 result =
Peek(b) != 0;
534 size =
Get(&outByte, 1);
557 size =
Peek(&outByte, 1);
569 size = (size_t)
CopyTo(arraySink, peekMax);
596 unsigned int size = 0;
628 unsigned int size = 0;
642 unsigned int maxMessages = messageCount;
643 for (messageCount=0; messageCount < maxMessages &&
AnyMessages(); messageCount++)
646 lword transferredBytes;
656 blockedBytes =
TransferTo2(target, transferredBytes, channel, blocking);
657 if (blockedBytes > 0)
673 unsigned int size = 0;
698 unsigned int messageCount;
701 messageCount = UINT_MAX;
706 while (messageCount != 0);
711 byteCount = ULONG_MAX;
712 size_t blockedBytes =
TransferTo2(target, byteCount, channel, blocking);
716 while (byteCount != 0);
741 PutWord(
false, order, m_buf, value);
742 return ChannelPut(channel, m_buf, 2, blocking);
747 PutWord(
false, order, m_buf, value);
748 return ChannelPut(channel, m_buf, 4, blocking);
753 PutWord(
false, order, m_buf, value);
754 return ChannelPut(channel, m_buf, 8, blocking);
774 byte buf[2] = {0, 0};
775 size_t len =
Peek(buf, 2);
778 value =
word16((buf[0] << 8) | buf[1]);
780 value =
word16((buf[1] << 8) | buf[0]);
787 byte buf[4] = {0, 0, 0, 0};
788 size_t len =
Peek(buf, 4);
791 value =
word32((buf[0] << 24) | (buf[1] << 16) |
792 (buf[2] << 8) | (buf[3] << 0));
794 value =
word32((buf[3] << 24) | (buf[2] << 16) |
795 (buf[1] << 8) | (buf[0] << 0));
802 byte buf[8] = {0, 0, 0, 0, 0, 0, 0, 0};
803 size_t len =
Peek(buf, 8);
845class PK_DefaultEncryptionFilter :
public Unflushable<Filter>
849 : m_rng(rng), m_encryptor(encryptor), m_parameters(parameters)
854 size_t Put2(
const byte *inString,
size_t length,
int messageEnd,
bool blocking)
857 m_plaintextQueue.Put(inString, length);
862 size_t plaintextLength;
863 if (!
SafeConvert(m_plaintextQueue.CurrentSize(), plaintextLength))
864 throw InvalidArgument(
"PK_DefaultEncryptionFilter: plaintext too long");
865 size_t ciphertextLength = m_encryptor.CiphertextLength(plaintextLength);
868 m_plaintextQueue.Get(plaintext, plaintextLength);
869 m_ciphertext.resize(ciphertextLength);
870 m_encryptor.Encrypt(m_rng, plaintext, plaintextLength, m_ciphertext, m_parameters);
873 FILTER_OUTPUT(1, m_ciphertext, m_ciphertext.size(), messageEnd);
875 FILTER_END_NO_MESSAGE_END;
887 return new PK_DefaultEncryptionFilter(rng, *
this, attachment, parameters);
890class PK_DefaultDecryptionFilter :
public Unflushable<Filter>
894 : m_rng(rng), m_decryptor(decryptor), m_parameters(parameters)
899 size_t Put2(
const byte *inString,
size_t length,
int messageEnd,
bool blocking)
902 m_ciphertextQueue.Put(inString, length);
907 size_t ciphertextLength;
908 if (!
SafeConvert(m_ciphertextQueue.CurrentSize(), ciphertextLength))
909 throw InvalidArgument(
"PK_DefaultDecryptionFilter: ciphertext too long");
910 size_t maxPlaintextLength = m_decryptor.MaxPlaintextLength(ciphertextLength);
913 m_ciphertextQueue.Get(ciphertext, ciphertextLength);
914 m_plaintext.resize(maxPlaintextLength);
915 m_result = m_decryptor.Decrypt(m_rng, ciphertext, ciphertextLength, m_plaintext, m_parameters);
916 if (!m_result.isValidCoding)
920 FILTER_OUTPUT(1, m_plaintext, m_result.messageLength, messageEnd);
922 FILTER_END_NO_MESSAGE_END;
935 return new PK_DefaultDecryptionFilter(rng, *
this, attachment, parameters);
947 m->Update(message, messageLen);
952 const byte *nonrecoverableMessage,
size_t nonrecoverableMessageLength,
byte *signature)
const
956 m->Update(nonrecoverableMessage, nonrecoverableMessageLength);
970 m->Update(message, messageLen);
981 const byte *nonrecoverableMessage,
size_t nonrecoverableMessageLength,
982 const byte *signature,
size_t signatureLength)
const
986 m->Update(nonrecoverableMessage, nonrecoverableMessageLength);
1010#ifndef CRYPTOPP_BUILD_VERSION
1011# define CRYPTOPP_BUILD_VERSION CRYPTOPP_VERSION
1015 return CRYPTOPP_BUILD_VERSION;
1021 NullNameValuePairs() {}
1022 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1023 {CRYPTOPP_UNUSED(name); CRYPTOPP_UNUSED(valueType); CRYPTOPP_UNUSED(pValue);
return false;}
1026#if HAVE_GCC_INIT_PRIORITY
1027 const std::string
DEFAULT_CHANNEL __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 25))) =
"";
1028 const std::string
AAD_CHANNEL __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 26))) =
"AAD";
1029 const NullNameValuePairs s_nullNameValuePairs __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 27)));
1031#elif HAVE_MSC_INIT_PRIORITY
1032 #pragma warning(disable: 4073)
1033 #pragma init_seg(lib)
1036 const NullNameValuePairs s_nullNameValuePairs;
1038 #pragma warning(default: 4073)
1039#elif HAVE_XLC_INIT_PRIORITY
1040 #pragma priority(260)
1043 const NullNameValuePairs s_nullNameValuePairs;
Classes for working with NameValuePairs.
AlgorithmParameters MakeParameters(const char *name, const T &value, bool throwIfNotUsed=true)
Create an object that implements NameValuePairs.
Standard names for retrieving values by name when working with NameValuePairs.
Algorithm(bool checkSelfTestStatus=true)
Interface for all crypto algorithms.
virtual std::string AlgorithmName() const
Provides the name of this algorithm.
Copy input to a memory buffer.
virtual void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0
Generate static private key in this domain.
virtual void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0
Generate a static public key from a private key in this domain.
virtual void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0
Generate ephemeral public key.
virtual void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0
Generate ephemeral private key.
virtual void GenerateStaticKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const
Generate a static private/public key pair.
virtual void GenerateEphemeralKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const
Generate private/public key pair.
virtual lword MaxHeaderLength() const =0
Provides the maximum length of AAD that can be input.
virtual lword MaxFooterLength() const
Provides the maximum length of AAD.
virtual void EncryptAndAuthenticate(byte *ciphertext, byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *message, size_t messageLength)
Encrypts and calculates a MAC in one call.
void SpecifyDataLengths(lword headerLength, lword messageLength, lword footerLength=0)
Prescribes the data lengths.
virtual lword MaxMessageLength() const =0
Provides the maximum length of encrypted data.
virtual bool DecryptAndVerify(byte *message, const byte *mac, size_t macSize, const byte *iv, int ivLength, const byte *header, size_t headerLength, const byte *ciphertext, size_t ciphertextLength)
Decrypts and verifies a MAC in one call.
virtual std::string AlgorithmName() const
Provides the name of this algorithm.
Acts as an input discarding Filter or Sink.
Data structure used to store byte strings.
Interface for cloning objects.
virtual Clonable * Clone() const
Copies this object.
Used to pass byte array input as part of a NameValuePairs object.
const byte * begin() const
Pointer to the first byte in the memory block.
size_t size() const
Length of the memory block.
Fixed size stack-based SecBlock.
void GenerateRandomWithKeySize(RandomNumberGenerator &rng, unsigned int keySize)
Generate a random key or crypto parameters.
virtual void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms=g_nullNameValuePairs)
Generate a random key or crypto parameters.
An invalid argument was detected.
A decryption filter encountered invalid ciphertext.
Exception thrown when an invalid derived key length is encountered.
Exception thrown when an invalid key length is encountered.
virtual size_t MinDerivedKeyLength() const
Determine minimum number of bytes.
virtual void SetParameters(const NameValuePairs ¶ms)
Set or change parameters.
virtual size_t MaxDerivedKeyLength() const
Determine maximum number of bytes.
virtual bool IsValidDerivedLength(size_t keylength) const
Returns whether keylength is a valid key length.
virtual std::string AlgorithmName() const =0
Provides the name of this algorithm.
Thrown when an unexpected type is encountered.
Interface for retrieving values given their names.
virtual CRYPTOPP_DLL bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const =0
Get a named value.
bool GetValue(const char *name, T &value) const
Get a named value.
A method was called which was not implemented.
Interface for public-key decryptors.
virtual BufferedTransformation * CreateDecryptionFilter(RandomNumberGenerator &rng, BufferedTransformation *attachment=NULL, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Create a new decryption filter.
Interface for public-key encryptors.
virtual BufferedTransformation * CreateEncryptionFilter(RandomNumberGenerator &rng, BufferedTransformation *attachment=NULL, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Create a new encryption filter.
Interface for accumulating messages to be signed or verified.
virtual size_t SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, byte *signature) const
Sign a recoverable message.
virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const =0
Input a recoverable message to an accumulator.
virtual size_t Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const
Sign and delete the messageAccumulator.
virtual size_t SignMessage(RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const
Sign a message.
virtual PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const =0
Create a new HashTransformation to accumulate the message to be signed.
virtual size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0
Sign and restart messageAccumulator.
virtual PK_MessageAccumulator * NewVerificationAccumulator() const =0
Create a new HashTransformation to accumulate the message to be verified.
virtual bool VerifyMessage(const byte *message, size_t messageLen, const byte *signature, size_t signatureLen) const
Check whether input signature is a valid signature for input message.
virtual DecodingResult RecoverMessage(byte *recoveredMessage, const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, const byte *signature, size_t signatureLength) const
Recover a message from its signature.
virtual bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const =0
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const =0
Input signature into a message accumulator.
virtual DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const =0
Recover a message from its signature.
virtual DecodingResult Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const
Recover a message from its signature.
virtual bool Verify(PK_MessageAccumulator *messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message.
Interface for random number generators.
virtual void DiscardBytes(size_t n)
Generate and discard n bytes.
virtual word32 GenerateWord32(word32 min=0, word32 max=0xffffffffUL)
Generate a random 32 bit word in the range min to max, inclusive.
virtual byte GenerateByte()
Generate new random byte and return it.
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
virtual void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length)
Generate random bytes into a BufferedTransformation.
virtual unsigned int GenerateBit()
Generate new random bit and return it.
virtual void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
void Shuffle(IT begin, IT end)
Randomly shuffle the specified array.
size_type size() const
Provides the count of elements in the SecBlock.
Exception thrown when a crypto algorithm is used after a self test fails.
virtual void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0
Generate a public key from a private key in this domain.
virtual void GenerateKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const
Generate a private/public key pair.
virtual void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0
Generate private key in this domain.
void SetKeyWithRounds(const byte *key, size_t length, int rounds)
Sets or reset the key of this object.
virtual void GetNextIV(RandomNumberGenerator &rng, byte *iv)
Retrieves a secure IV for the next message.
virtual bool IsValidKeyLength(size_t keylength) const
Returns whether keylength is a valid key length.
void SetKeyWithIV(const byte *key, size_t length, const byte *iv, size_t ivLength)
Sets or reset the key of this object.
bool IsResynchronizable() const
Determines if the object can be resynchronized.
virtual IV_Requirement IVRequirement() const =0
Minimal requirement for secure IVs.
@ UNPREDICTABLE_RANDOM_IV
The IV must be random and unpredictable.
virtual unsigned int MaxIVLength() const
Provides the maximum size of an IV.
virtual void SetKey(const byte *key, size_t length, const NameValuePairs ¶ms=g_nullNameValuePairs)
Sets or reset the key of this object.
virtual unsigned int MinIVLength() const
Provides the minimum size of an IV.
virtual unsigned int IVSize() const
Returns length of the IV accepted by this object.
virtual void Resynchronize(const byte *iv, int ivLength=-1)
Resynchronize with an IV.
Base class for unflushable filters.
Pointer that overloads operator ->
Manages resources for a single object.
Library configuration file.
word64 word
Full word used for multiprecision integer arithmetic.
unsigned int word32
32-bit unsigned datatype
unsigned short word16
16-bit unsigned datatype
word128 dword
Double word used for multiprecision integer arithmetic.
unsigned long long word64
64-bit unsigned datatype
word64 lword
Large word type.
Abstract base classes that provide a uniform interface to this library.
int LibraryVersion(...)
Specifies the build-time version of the library.
CRYPTOPP_DLL BufferedTransformation & TheBitBucket()
An input discarding BufferedTransformation.
CRYPTOPP_DLL RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
const std::string DEFAULT_CHANNEL
Default channel for BufferedTransformation.
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
ByteOrder
Provides the byte ordering.
@ BIG_ENDIAN_ORDER
byte order is big-endian
const std::string AAD_CHANNEL
Channel for additional authenticated data.
Implementation of BufferedTransformation's attachment interface.
Classes and functions for the FIPS 140-2 validated library.
CRYPTOPP_DLL bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
CRYPTOPP_DLL PowerUpSelfTestStatus GetPowerUpSelfTestStatus()
Provides the current power-up self test status.
@ POWER_UP_SELF_TEST_NOT_DONE
The self tests have not been performed.
@ POWER_UP_SELF_TEST_FAILED
The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), but the result was fa...
Utility functions for the Crypto++ library.
unsigned int BitPrecision(const T &value)
Returns the number of bits required for a value.
T Crop(T value, size_t bits)
Truncates the value to the specified number of bits.
#define CRYPTOPP_COMPILE_ASSERT(expr)
Compile time assertion.
std::string IntToString(T value, unsigned int base=10)
Converts a value to a string.
bool SafeConvert(T1 from, T2 &to)
Perform a conversion from from to to.
PTR PtrAdd(PTR pointer, OFF offset)
Create a pointer with an offset.
const T1 UnsignedMin(const T1 &a, const T2 &b)
Safe comparison of values that could be negative and incorrectly promoted.
void PutWord(bool assumeAligned, ByteOrder order, byte *block, T value, const byte *xorBlock=NULL)
Access a block of memory.
CRYPTOPP_DLL bool VerifyBufsEqual(const byte *buf1, const byte *buf2, size_t count)
Performs a near constant-time comparison of two equally sized buffers.
CRYPTOPP_DLL void xorbuf(byte *buf, const byte *mask, size_t count)
Performs an XOR of a buffer with a mask.
Crypto++ library namespace.
const char * IV()
ConstByteArrayParameter, also accepts const byte * for backwards compatibility.
Classes for access to the operating system's random number generators.
Classes and functions for secure memory allocations.
Classes for automatic resource management.
Returns a decoding results.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.