34#ifndef CRYPTOPP_PUBKEY_H
35#define CRYPTOPP_PUBKEY_H
39#if CRYPTOPP_MSC_VERSION
41# pragma warning(disable: 4702)
55#if defined(__SUNPRO_CC)
56# define MAYBE_RETURN(x) return x
58# define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
229template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472template <
class HASH_ALGORITHM>
482template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
537template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656template <
class SCHEME_OPTIONS>
663template <
class SCHEME_OPTIONS>
670template <
class SCHEME_OPTIONS>
677template <
class SCHEME_OPTIONS>
713CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
736 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
760 static void CRYPTOPP_API DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
763 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
795 if (!GetBasePrecomputation().IsInitialized())
798 if (m_validationLevel > level)
802 bool pass = ValidateGroup(rng, level);
803 CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
806 m_validationLevel = pass ? level+1 : 0;
811 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
813 return GetValueHelper(
this, name, valueType, pValue)
814 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupOrder)
815 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupGenerator)
834 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
843 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844 m_validationLevel = 0;
853 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
859 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
864 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
871 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
882 SimultaneousExponentiate(&result, base, &exponent, 1);
930 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
938 virtual Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
979 virtual bool FastSubgroupCheckAvailable()
const =0;
1002 void ParametersChanged() {m_validationLevel = 0;}
1005 mutable unsigned int m_validationLevel;
1012template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
1016 typedef GROUP_PRECOMP GroupPrecomputation;
1017 typedef typename GROUP_PRECOMP::Element Element;
1018 typedef BASE_PRECOMP BasePrecomputation;
1035 GROUP_PRECOMP m_groupPrecomputation;
1077 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1079 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1080 CRYPTOPP_GET_FUNCTION_ENTRY(PublicElement);
1089 virtual const Element &
GetPublicElement()
const {
return GetPublicPrecomputation().GetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation());}
1093 virtual void SetPublicElement(
const Element &y) {AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
1149 pub.
SetPublicElement(this->GetAbstractGroupParameters().ExponentiateBase(GetPrivateExponent()));
1162 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1164 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1165 CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent);
1172 this->AccessAbstractGroupParameters().AssignFrom(source);
1173 AssignFromHelper(
this, source)
1174 CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent);
1199 this->AccessAbstractGroupParameters().AssignFrom(source);
1200 AssignFromHelper(
this, source)
1201 CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
1211template <
class PK,
class GP,
class O = OID>
1215 typedef GP GroupParameters;
1219 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1221 {AccessGroupParameters().BERDecode(bt);
return true;}
1223 {GetGroupParameters().DEREncode(bt);
return true;}
1225 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1226 GP & AccessGroupParameters() {
return m_groupParameters;}
1229 GP m_groupParameters;
1241 typedef typename GP::Element Element;
1256 pass = pass && x.IsPositive() && x < q;
1266 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1268 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1273 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1279 this->AccessGroupParameters().GenerateRandom(rng, params);
1313template <
class BASE,
class SIGNATURE_SCHEME>
1321 BASE::GenerateRandom(rng, params);
1325 typename SIGNATURE_SCHEME::Signer signer(*
this);
1326 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1338 typedef typename GP::Element Element;
1352 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1354 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1359 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1395 typename GP::BasePrecomputation m_ypc;
1435 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1436 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1484 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1497 virtual bool ParameterSupported(
const char *name)
const
1498 {CRYPTOPP_UNUSED(name);
return false;}
1499 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1509 virtual bool ParameterSupported(
const char *name)
const
1510 {CRYPTOPP_UNUSED(name);
return false;}
1511 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1512 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1513 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1514 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1515 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1524 typedef KI KeyInterface;
1525 typedef typename KI::Element Element;
1532 virtual KeyInterface & AccessKeyInterface() =0;
1533 virtual const KeyInterface & GetKeyInterface()
const =0;
1541template <
class INTFACE,
class KEY_INTFACE>
1552 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1553 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1559 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1576 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1581 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1584 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1585 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1588 virtual bool IsDeterministic()
const {
return false;}
1592 virtual HashIdentifier GetHashIdentifier()
const =0;
1593 virtual size_t GetDigestSize()
const =0;
1623 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1624 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1625 recoverableMessage, recoverableMessageLength,
1626 ma.m_presignature, ma.m_presignature.
size(),
1627 ma.m_semisignature);
1632 this->GetMaterial().DoQuickSanityCheck();
1639 SecByteBlock representative(this->MessageRepresentativeLength());
1640 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1642 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1643 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1644 representative, this->MessageRepresentativeBitLength());
1686 const size_t rLen = alg.
RLen(params);
1687 r.
Encode(signature, rLen);
1691 RestartMessageAccumulator(rng, ma);
1693 return this->SignatureLength();
1710 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1732 const size_t rLen = alg.
RLen(params);
1733 const size_t sLen = alg.
SLen(params);
1735 if (signatureLength < rLen + sLen)
1738 ma.m_semisignature.
Assign(signature, rLen);
1739 ma.m_s.
Decode(signature+rLen, sLen);
1741 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1746 this->GetMaterial().DoQuickSanityCheck();
1753 SecByteBlock representative(this->MessageRepresentativeLength());
1754 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1755 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1756 representative, this->MessageRepresentativeBitLength());
1760 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1761 return alg.
Verify(params, key, e, r, ma.m_s);
1766 this->GetMaterial().DoQuickSanityCheck();
1773 SecByteBlock representative(this->MessageRepresentativeLength());
1774 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1776 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1777 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1778 representative, this->MessageRepresentativeBitLength());
1783 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1786 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1787 ma.AccessHash(), this->GetHashIdentifier(),
1788 ma.m_presignature, ma.m_presignature.
size(),
1789 ma.m_semisignature, ma.m_semisignature.
size(),
1797template <
class PK,
class KI>
1801 typedef typename DL_Base<KI>::Element Element;
1805 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1807 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1808 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1811 size_t CiphertextLength(
size_t plaintextLength)
const
1813 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1814 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1817 bool ParameterSupported(
const char *name)
const
1818 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1841 CRYPTOPP_UNUSED(rng);
1850 ciphertext += elementSize;
1851 ciphertextLength -= elementSize;
1853 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1855 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1856 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1858 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1890 ciphertext += elementSize;
1894 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1895 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1897 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1904template <
class T1,
class T2>
1907 typedef T1 AlgorithmInfo;
1908 typedef T2 GroupParameters;
1909 typedef typename GroupParameters::Element Element;
1915template <
class T1,
class T2>
1919 typedef typename Keys::PrivateKey
PrivateKey;
1920 typedef typename Keys::PublicKey
PublicKey;
1929template <
class T1,
class T2,
class T3,
class T4,
class T5>
1932 typedef T3 SignatureAlgorithm;
1933 typedef T4 MessageEncodingMethod;
1934 typedef T5 HashFunction;
1943template <
class T1,
class T2,
class T3,
class T4,
class T5>
1947 typedef T4 KeyDerivationAlgorithm;
1948 typedef T5 SymmetricEncryptionAlgorithm;
1955template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1959 typedef SCHEME_OPTIONS SchemeOptions;
1960 typedef typename KEY::Element Element;
1964 PrivateKey & AccessPrivateKey() {
return m_key;}
1965 PublicKey & AccessPublicKey() {
return m_key;}
1968 const KEY & GetKey()
const {
return m_key;}
1969 KEY & AccessKey() {
return m_key;}
1972 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1973 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1976 HashIdentifier GetHashIdentifier()
const
1978 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1979 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1981 size_t GetDigestSize()
const
1983 typedef typename SchemeOptions::HashFunction H;
1984 return H::DIGESTSIZE;
1995template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1999 typedef typename KEY::Element Element;
2012 HashIdentifier GetHashIdentifier()
const
2013 {
return HashIdentifier();}
2020template <
class SCHEME_OPTIONS>
2027 this->RestartMessageAccumulator(rng, *p);
2034template <
class SCHEME_OPTIONS>
2046template <
class SCHEME_OPTIONS>
2053template <
class SCHEME_OPTIONS>
2071 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2072 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2073 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2078 x.Encode(privateKey, PrivateKeyLength());
2083 CRYPTOPP_UNUSED(rng);
2085 Integer x(privateKey, PrivateKeyLength());
2090 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2095 Integer x(privateKey, PrivateKeyLength());
2096 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2098 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2099 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2111 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2140template <
class ELEMENT,
class COFACTOR_OPTION>
2144 typedef ELEMENT Element;
2146 CRYPTOPP_STATIC_CONSTEXPR
const char*
CRYPTOPP_API StaticAlgorithmName()
2157 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2171 if (!validateOtherPublicKey)
2174 if (params.FastSubgroupCheckAvailable())
2196template <
class BASE>
2203 {this->AccessKey().AssignFrom(key);}
2206 {this->AccessKey().BERDecode(bt);}
2209 {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
2212 {this->AccessKey().Initialize(v1);}
2214 template <
class T1,
class T2>
2216 {this->AccessKey().Initialize(v1, v2);}
2218 template <
class T1,
class T2,
class T3>
2220 {this->AccessKey().Initialize(v1, v2, v3);}
2222 template <
class T1,
class T2,
class T3,
class T4>
2224 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2226 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2227 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2228 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2230 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2231 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2232 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2234 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2235 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2236 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2238 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2239 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2240 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2242 template <
class T1,
class T2>
2244 {this->AccessKey().Initialize(v1, v2);}
2246 template <
class T1,
class T2,
class T3>
2248 {this->AccessKey().Initialize(v1, v2, v3);}
2250 template <
class T1,
class T2,
class T3,
class T4>
2252 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2254 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2255 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2256 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2258 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2259 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2260 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2262 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2263 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2264 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2266 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2267 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2268 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2285template <
class KEYS,
class STANDARD,
class ALG_INFO>
2288template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2291 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2298 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2311template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2314template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2320 typedef typename Standard::SignatureMessageEncodingMethod MessageEncodingMethod;
2323 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2337template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2340template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2346 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2360template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2374#if CRYPTOPP_MSC_VERSION
2375# pragma warning(pop)
Classes for performing mathematics over different fields.
Standard names for retrieving values by name when working with NameValuePairs.
Interface for asymmetric algorithms.
Interface for crypto material.
Interface for crypto parameters.
Exception thrown when an invalid group element is encountered.
Discrete Log (DL) base interface.
Discrete Log (DL) cryptosystem base implementation.
Discrete Log (DL) decryptor base implementation.
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Decrypt a byte string.
Discrete Log (DL) decryptor implementation.
Discrete Log (DL) encryption scheme.
PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
Interface for Elgamal-like signature algorithms.
virtual void Sign(const DL_GroupParameters< T > ¶ms, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0
Sign a message using a private key.
virtual bool IsDeterministic() const
Signature scheme flag.
virtual size_t SLen(const DL_GroupParameters< T > ¶ms) const
Retrieve S length.
virtual size_t RLen(const DL_GroupParameters< T > ¶ms) const
Retrieve R length.
virtual bool Verify(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0
Verify a message using a public key.
virtual Integer RecoverPresignature(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &r, const Integer &s) const
Recover a Presignature.
Discrete Log (DL) encryptor base implementation.
void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Encrypt a byte string.
Discrete Log (DL) encryptor implementation.
DL_FixedBasePrecomputation interface.
virtual Element Exponentiate(const DL_GroupPrecomputation< Element > &group, const Integer &exponent) const =0
Exponentiates an element.
Interface for Discrete Log (DL) group parameters.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
virtual Integer GetCofactor() const
Retrieves the cofactor.
virtual bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation< Element > *precomp) const =0
Check the element for errors.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
virtual bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const =0
Check the group for errors.
virtual const Element & GetSubgroupGenerator() const
Retrieves the subgroup generator.
virtual Integer GetGroupOrder() const
Retrieves the order of the group.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
virtual unsigned int GetEncodedElementSize(bool reversible) const =0
Retrieves the encoded element's size.
virtual const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const =0
Retrieves the group precomputation.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
virtual const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const =0
Retrieves the group precomputation.
virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const =0
Exponentiates a base to multiple exponents.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
virtual Integer ConvertElementToInteger(const Element &element) const =0
Converts an element to an Integer.
virtual bool IsIdentity(const Element &element) const =0
Determines if an element is an identity.
virtual DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()=0
Retrieves the group precomputation.
Base implementation of Discrete Log (DL) group parameters.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const
Retrieves the group precomputation.
const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const
Retrieves the group precomputation.
DL_GroupPrecomputation interface.
Diffie-Hellman key agreement algorithm.
Interface for DL key agreement algorithms.
Interface for key derivation algorithms used in DL cryptosystems.
Base class for a Discrete Log (DL) key.
virtual DL_GroupParameters< T > & AccessAbstractGroupParameters()=0
Retrieves abstract group parameters.
virtual const DL_GroupParameters< T > & GetAbstractGroupParameters() const =0
Retrieves abstract group parameters.
Discrete Log (DL) key base implementation.
Discrete Log (DL) base object implementation.
Discrete Log (DL) object implementation.
Interface for Discrete Log (DL) private keys.
virtual const Integer & GetPrivateExponent() const =0
Retrieves the private exponent.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void MakePublicKey(DL_PublicKey< T > &pub) const
Initializes a public key from this key.
virtual void SetPrivateExponent(const Integer &x)=0
Sets the private exponent.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
Discrete Log (DL) private key base implementation.
void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
Decode privateKey part of privateKeyInfo.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
const Integer & GetPrivateExponent() const
Retrieves the private exponent.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
void DEREncodePrivateKey(BufferedTransformation &bt) const
Encode privateKey part of privateKeyInfo.
void SetPrivateExponent(const Integer &x)
Sets the private exponent.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
Interface for Discrete Log (DL) public keys.
virtual DL_FixedBasePrecomputation< T > & AccessPublicPrecomputation()=0
Accesses the public precomputation.
virtual const Element & GetPublicElement() const
Retrieves the public element.
virtual Element ExponentiatePublicElement(const Integer &exponent) const
Exponentiates this element.
virtual const DL_FixedBasePrecomputation< T > & GetPublicPrecomputation() const =0
Accesses the public precomputation.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
virtual void SetPublicElement(const Element &y)
Sets the public element.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual Element CascadeExponentiateBaseAndPublicElement(const Integer &baseExp, const Integer &publicExp) const
Exponentiates an element.
Discrete Log (DL) public key base implementation.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
DL_FixedBasePrecomputation< Element > & AccessPublicPrecomputation()
Accesses the public precomputation.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
const DL_FixedBasePrecomputation< Element > & GetPublicPrecomputation() const
Accesses the public precomputation.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Discrete Log (DL) signature scheme.
PK_FinalTemplate< DL_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
PK_FinalTemplate< DL_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Discrete Log (DL) signature scheme base implementation.
size_t MaxRecoverableLength() const
Provides the maximum recoverable length.
bool RecoverablePartFirst() const
Determines if the scheme allows recoverable part first.
bool AllowNonrecoverablePart() const
Determines if the scheme has non-recoverable part.
size_t SignatureLength() const
Provides the signature length.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the maximum recoverable length.
bool IsProbabilistic() const
Determines if the scheme is probabilistic.
Discrete Log (DL) signature scheme signer base implementation.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
Sign and restart messageAccumulator.
void RawSign(const Integer &k, const Integer &e, Integer &r, Integer &s) const
Testing interface.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
Discrete Log (DL) signer implementation.
Discrete Log (DL) simple key agreement base implementation.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
CryptoParameters & AccessCryptoParameters()
Retrieves a reference to Crypto Parameters.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
Derive agreed value.
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate private key in this domain.
const Element & GetGenerator() const
Retrieves a reference to the group generator.
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a public key from a private key in this domain.
unsigned int PrivateKeyLength() const
Provides the size of the private key.
unsigned int PublicKeyLength() const
Provides the size of the public key.
Interface for symmetric encryption algorithms used in DL cryptosystems.
Discret Log (DL) Verifier base class.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
Recover a message from its signature.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
Discrete Log (DL) verifier implementation.
Interface for deterministic signers.
virtual Integer GenerateRandom(const Integer &x, const Integer &q, const Integer &e) const =0
Generate k.
Multiple precision integer with arithmetic operations.
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
static const Integer & Zero()
Integer representing 0.
void Randomize(RandomNumberGenerator &rng, size_t bitCount)
Set this Integer to random integer.
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
static Integer Gcd(const Integer &a, const Integer &n)
Calculate greatest common divisor.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
static const Integer & One()
Integer representing 1.
Interface for key agreement algorithms.
Mask generation function interface.
virtual void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const =0
Generate and apply mask.
Ring of congruence classes modulo n.
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Interface for retrieving values given their names.
bool GetThisObject(T &object) const
Get a copy of this object or subobject.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
A method was called which was not implemented.
Uses encapsulation to hide an object in derived classes.
P1363 key derivation function.
static void DeriveKey(byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength)
P1363 key derivation function.
P1363 mask generation function.
void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const
P1363 mask generation function.
static const char * StaticAlgorithmName()
The algorithm name.
Interface for message encoding method for public key signature schemes.
Message encoding method for public key encryption.
virtual size_t MaxUnpaddedLength(size_t paddedLength) const =0
max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of ...
Template implementing constructors for public key algorithm classes.
Public key trapdoor function default implementation.
Interface for message encoding method for public key signature schemes.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
Interface for accumulating messages to be signed or verified.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
bool IsProbabilistic() const
Determines whether an encoding method requires a random number generator.
Encodes and Decodes privateKeyInfo.
Interface for private keys.
Interface for public keys.
Interface for random number generators.
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Applies the trapdoor function, using random data if required.
virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Applies the inverse of the trapdoor function, using random data if required.
virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the inverse of the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the decryption algorithm is randomized.
void New(size_type newSize)
Change size without preserving contents.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
size_type size() const
Provides the count of elements in the SecBlock.
Interface for domains of simple key agreement protocols.
Restricts the instantiation of a class to one static object without locks.
const T & Ref(...) const
Return a reference to the inner Singleton object.
The base for trapdoor based cryptosystems.
Trapdoor function cryptosystem base class.
Trapdoor function cryptosystems decryption base class.
Trapdoor Function (TF) decryptor options.
Trapdoor Function (TF) encryption scheme.
PK_FinalTemplate< TF_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
PK_FinalTemplate< TF_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
STANDARD Standard
see EncryptionStandard for a list of standards
Trapdoor function cryptosystems encryption base class.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) base implementation.
Trapdoor Function (TF) signature with external reference.
Trapdoor Function (TF) signature scheme options.
Trapdoor Function (TF) Signature Scheme.
PK_FinalTemplate< TF_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
STANDARD Standard
see SignatureStandard for a list of standards
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Trapdoor Function (TF) Signature Scheme base class.
Trapdoor Function (TF) Signer base class.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const
Sign and restart messageAccumulator.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) Verifier base class.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &recoveryAccumulator) const
Recover a message from its signature.
Trapdoor Function (TF) encryptor options.
Provides range for plaintext and ciphertext lengths.
virtual Integer PreimageBound() const =0
Returns the maximum size of a message before the trapdoor function is applied.
virtual Integer ImageBound() const =0
Returns the maximum size of a representation after the trapdoor function is applied.
virtual Integer MaxImage() const
Returns the maximum size of a representation after the trapdoor function is applied bound to a public...
virtual Integer MaxPreimage() const
Returns the maximum size of a message before the trapdoor function is applied bound to a public key.
Applies the trapdoor function.
virtual Integer ApplyFunction(const Integer &x) const =0
Applies the trapdoor.
bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
Applies the trapdoor function.
Applies the inverse of the trapdoor function.
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function.
bool IsRandomized() const
Determines if the decryption algorithm is randomized.
virtual Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Calculates the inverse of an element.
Encodes and decodes subjectPublicKeyInfo.
Pointer that overloads operator ->
Library configuration file.
#define CRYPTOPP_API
Win32 calling convention.
Abstract base classes that provide a uniform interface to this library.
CRYPTOPP_DLL RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
Classes for precomputation in a group.
Implementation of BufferedTransformation's attachment interface.
Classes and functions for the FIPS 140-2 validated library.
CRYPTOPP_DLL bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
Multiple precision integer with arithmetic operations.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
Class file for performing modular arithmetic.
Crypto++ library namespace.
CofactorMultiplicationOption
Methods for avoiding "Small-Subgroup" attacks on Diffie-Hellman Key Agreement.
@ INCOMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication incompatible with ordinary Diffie-Hellman.
@ NO_COFACTOR_MULTIPLICTION
No cofactor multiplication applied.
@ COMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication compatible with ordinary Diffie-Hellman.
Classes for automatic resource management.
Discrete Log (DL) crypto scheme options.
Discrete Log (DL) key options.
Discrete Log (DL) scheme options.
Discrete Log (DL) signature scheme options.
Returns a decoding results.
Base class for public key encryption standard classes.
Converts an enumeration to a type suitable for use as a template parameter.
Base class for public key signature standard classes.
Trapdoor Function (TF) scheme options.
Trapdoor Function (TF) signature scheme options.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.