34#ifndef CRYPTOPP_PUBKEY_H
35#define CRYPTOPP_PUBKEY_H
39#if CRYPTOPP_MSC_VERSION
41# pragma warning(disable: 4702)
55#if defined(__SUNPRO_CC)
56# define MAYBE_RETURN(x) return x
58# define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
229template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
380 static HashIdentifier CRYPTOPP_API Lookup()
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472template <
class HASH_ALGORITHM>
482template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
516 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
526 void InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
size_t signatureLength)
const;
537template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656template <
class SCHEME_OPTIONS>
663template <
class SCHEME_OPTIONS>
670template <
class SCHEME_OPTIONS>
677template <
class SCHEME_OPTIONS>
711CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
717 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "MGF1";}
720 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
732 static void CRYPTOPP_API DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
735 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
767 if (!GetBasePrecomputation().IsInitialized())
770 if (m_validationLevel > level)
773 bool pass = ValidateGroup(rng, level);
774 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
776 m_validationLevel = pass ? level+1 : 0;
781 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
783 return GetValueHelper(
this, name, valueType, pValue)
784 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupOrder)
785 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupGenerator)
804 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
813 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
814 m_validationLevel = 0;
823 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
829 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
834 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
841 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
852 SimultaneousExponentiate(&result, base, &exponent, 1);
900 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
908 virtual Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
949 virtual bool FastSubgroupCheckAvailable()
const =0;
972 void ParametersChanged() {m_validationLevel = 0;}
975 mutable unsigned int m_validationLevel;
982template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
986 typedef GROUP_PRECOMP GroupPrecomputation;
987 typedef typename GROUP_PRECOMP::Element Element;
988 typedef BASE_PRECOMP BasePrecomputation;
1005 GROUP_PRECOMP m_groupPrecomputation;
1047 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1049 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1050 CRYPTOPP_GET_FUNCTION_ENTRY(PublicElement);
1059 virtual const Element &
GetPublicElement()
const {
return GetPublicPrecomputation().GetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation());}
1063 virtual void SetPublicElement(
const Element &y) {AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
1119 pub.
SetPublicElement(this->GetAbstractGroupParameters().ExponentiateBase(GetPrivateExponent()));
1132 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1134 return GetValueHelper(
this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1135 CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent);
1142 this->AccessAbstractGroupParameters().AssignFrom(source);
1143 AssignFromHelper(
this, source)
1144 CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent);
1169 this->AccessAbstractGroupParameters().AssignFrom(source);
1170 AssignFromHelper(
this, source)
1171 CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
1181template <
class PK,
class GP,
class O = OID>
1185 typedef GP GroupParameters;
1189 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1191 {AccessGroupParameters().BERDecode(bt);
return true;}
1193 {GetGroupParameters().DEREncode(bt);
return true;}
1195 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1196 GP & AccessGroupParameters() {
return m_groupParameters;}
1199 GP m_groupParameters;
1211 typedef typename GP::Element Element;
1223 pass = pass && x.IsPositive() && x < q;
1229 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1231 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1236 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1242 this->AccessGroupParameters().GenerateRandom(rng, params);
1276template <
class BASE,
class SIGNATURE_SCHEME>
1284 BASE::GenerateRandom(rng, params);
1286 if (FIPS_140_2_ComplianceEnabled())
1288 typename SIGNATURE_SCHEME::Signer signer(*
this);
1289 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1290 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1301 typedef typename GP::Element Element;
1313 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1315 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1320 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1356 typename GP::BasePrecomputation m_ypc;
1395 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1396 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1442 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1453 virtual bool ParameterSupported(
const char *name)
const
1454 {CRYPTOPP_UNUSED(name);
return false;}
1455 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1464 virtual bool ParameterSupported(
const char *name)
const
1465 {CRYPTOPP_UNUSED(name);
return false;}
1466 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1467 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1468 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1469 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1470 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1479 typedef KI KeyInterface;
1480 typedef typename KI::Element Element;
1487 virtual KeyInterface & AccessKeyInterface() =0;
1488 virtual const KeyInterface & GetKeyInterface()
const =0;
1496template <
class INTFACE,
class KEY_INTFACE>
1507 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1508 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1514 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1531 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1536 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1539 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1540 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1543 virtual bool IsDeterministic()
const {
return false;}
1547 virtual HashIdentifier GetHashIdentifier()
const =0;
1548 virtual size_t GetDigestSize()
const =0;
1577 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1578 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1579 recoverableMessage, recoverableMessageLength,
1580 ma.m_presignature, ma.m_presignature.
size(),
1581 ma.m_semisignature);
1586 this->GetMaterial().DoQuickSanityCheck();
1593 SecByteBlock representative(this->MessageRepresentativeLength());
1594 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1596 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1597 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1598 representative, this->MessageRepresentativeBitLength());
1633 size_t rLen = alg.
RLen(params);
1634 r.
Encode(signature, rLen);
1638 RestartMessageAccumulator(rng, ma);
1640 return this->SignatureLength();
1657 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1671 CRYPTOPP_UNUSED(signature); CRYPTOPP_UNUSED(signatureLength);
1676 size_t rLen = alg.
RLen(params);
1677 ma.m_semisignature.
Assign(signature, rLen);
1678 ma.m_s.
Decode(signature+rLen, alg.
SLen(params));
1680 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1685 this->GetMaterial().DoQuickSanityCheck();
1692 SecByteBlock representative(this->MessageRepresentativeLength());
1693 this->GetMessageEncodingInterface().ComputeMessageRepresentative(NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1694 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1695 representative, this->MessageRepresentativeBitLength());
1699 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1700 return alg.
Verify(params, key, e, r, ma.m_s);
1705 this->GetMaterial().DoQuickSanityCheck();
1712 SecByteBlock representative(this->MessageRepresentativeLength());
1713 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1715 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1716 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1717 representative, this->MessageRepresentativeBitLength());
1722 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1725 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1726 ma.AccessHash(), this->GetHashIdentifier(),
1727 ma.m_presignature, ma.m_presignature.
size(),
1728 ma.m_semisignature, ma.m_semisignature.
size(),
1736template <
class PK,
class KI>
1740 typedef typename DL_Base<KI>::Element Element;
1744 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1746 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1747 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1750 size_t CiphertextLength(
size_t plaintextLength)
const
1752 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1753 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1756 bool ParameterSupported(
const char *name)
const
1757 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1779 CRYPTOPP_UNUSED(rng);
1788 ciphertext += elementSize;
1789 ciphertextLength -= elementSize;
1791 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1793 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1794 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1796 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1827 ciphertext += elementSize;
1831 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1832 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1834 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1841template <
class T1,
class T2>
1844 typedef T1 AlgorithmInfo;
1845 typedef T2 GroupParameters;
1846 typedef typename GroupParameters::Element Element;
1852template <
class T1,
class T2>
1856 typedef typename Keys::PrivateKey
PrivateKey;
1857 typedef typename Keys::PublicKey
PublicKey;
1866template <
class T1,
class T2,
class T3,
class T4,
class T5>
1869 typedef T3 SignatureAlgorithm;
1870 typedef T4 MessageEncodingMethod;
1871 typedef T5 HashFunction;
1880template <
class T1,
class T2,
class T3,
class T4,
class T5>
1884 typedef T4 KeyDerivationAlgorithm;
1885 typedef T5 SymmetricEncryptionAlgorithm;
1892template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1896 typedef SCHEME_OPTIONS SchemeOptions;
1897 typedef typename KEY::Element Element;
1901 PrivateKey & AccessPrivateKey() {
return m_key;}
1902 PublicKey & AccessPublicKey() {
return m_key;}
1905 const KEY & GetKey()
const {
return m_key;}
1906 KEY & AccessKey() {
return m_key;}
1909 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1910 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1913 HashIdentifier GetHashIdentifier()
const
1915 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1916 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1918 size_t GetDigestSize()
const
1920 typedef typename SchemeOptions::HashFunction H;
1921 return H::DIGESTSIZE;
1932template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1936 typedef typename KEY::Element Element;
1949 HashIdentifier GetHashIdentifier()
const
1950 {
return HashIdentifier();}
1957template <
class SCHEME_OPTIONS>
1964 this->RestartMessageAccumulator(rng, *p);
1971template <
class SCHEME_OPTIONS>
1983template <
class SCHEME_OPTIONS>
1990template <
class SCHEME_OPTIONS>
2008 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2009 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2010 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2015 x.Encode(privateKey, PrivateKeyLength());
2020 CRYPTOPP_UNUSED(rng);
2022 Integer x(privateKey, PrivateKeyLength());
2027 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2032 Integer x(privateKey, PrivateKeyLength());
2033 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2035 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2036 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2048 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2077template <
class ELEMENT,
class COFACTOR_OPTION>
2081 typedef ELEMENT Element;
2083 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName()
2094 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2108 if (!validateOtherPublicKey)
2111 if (params.FastSubgroupCheckAvailable())
2133template <
class BASE>
2140 {this->AccessKey().AssignFrom(key);}
2143 {this->AccessKey().BERDecode(bt);}
2146 {this->AccessKey().AssignFrom(algorithm.
GetMaterial());}
2149 {this->AccessKey().Initialize(v1);}
2151 template <
class T1,
class T2>
2153 {this->AccessKey().Initialize(v1, v2);}
2155 template <
class T1,
class T2,
class T3>
2157 {this->AccessKey().Initialize(v1, v2, v3);}
2159 template <
class T1,
class T2,
class T3,
class T4>
2161 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2163 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2164 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2165 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2167 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2168 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2169 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2171 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2172 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2173 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2175 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2176 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2177 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2179 template <
class T1,
class T2>
2181 {this->AccessKey().Initialize(v1, v2);}
2183 template <
class T1,
class T2,
class T3>
2185 {this->AccessKey().Initialize(v1, v2, v3);}
2187 template <
class T1,
class T2,
class T3,
class T4>
2189 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2191 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2192 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2193 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2195 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2196 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2197 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2199 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2200 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2201 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2203 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2204 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2205 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2222template <
class KEYS,
class STANDARD,
class ALG_INFO>
2225template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2228 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2235 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2248template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2251template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2257 typedef typename Standard::SignatureMessageEncodingMethod MessageEncodingMethod;
2260 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2274template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2277template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2283 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2297template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2311#if CRYPTOPP_MSC_VERSION
2312# pragma warning(pop)
Classes for performing mathematics over different fields.
Standard names for retrieving values by name when working with NameValuePairs.
Interface for asymmetric algorithms.
virtual const CryptoMaterial & GetMaterial() const =0
Retrieves a reference to CryptoMaterial.
Interface for crypto material, such as public and private keys, and crypto parameters.
Interface for crypto prameters.
Exception thrown when an invalid group element is encountered.
Discrete Log (DL) base interface.
Discrete Log (DL) cryptosystem base implementation.
Discrete Log (DL) decryptor base implementation.
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Decrypt a byte string.
Discrete Log (DL) decryptor implementation.
Discrete Log (DL) encryption scheme.
PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
Interface for Elgamal-like signature algorithms.
virtual void Sign(const DL_GroupParameters< T > ¶ms, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0
Sign a message using a private key.
virtual bool IsDeterministic() const
Signature scheme flag.
virtual size_t SLen(const DL_GroupParameters< T > ¶ms) const
Retrieve S length.
virtual size_t RLen(const DL_GroupParameters< T > ¶ms) const
Retrieve R length.
virtual bool Verify(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0
Verify a message using a public key.
virtual Integer RecoverPresignature(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &r, const Integer &s) const
Recover a Presignature.
Discrete Log (DL) encryptor base implementation.
void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Encrypt a byte string.
Discrete Log (DL) encryptor implementation.
DL_FixedBasePrecomputation interface.
virtual Element Exponentiate(const DL_GroupPrecomputation< Element > &group, const Integer &exponent) const =0
Exponentiates an element.
Interface for Discrete Log (DL) group parameters.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
virtual Integer GetCofactor() const
Retrieves the cofactor.
virtual bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation< Element > *precomp) const =0
Check the element for errors.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
virtual bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const =0
Check the group for errors.
virtual const Element & GetSubgroupGenerator() const
Retrieves the subgroup generator.
virtual Integer GetGroupOrder() const
Retrieves the order of the group.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
virtual unsigned int GetEncodedElementSize(bool reversible) const =0
Retrieves the encoded element's size.
virtual const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const =0
Retrieves the group precomputation.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
virtual const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const =0
Retrieves the group precomputation.
virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const =0
Exponentiates a base to multiple exponents.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
virtual Integer ConvertElementToInteger(const Element &element) const =0
Converts an element to an Integer.
virtual bool IsIdentity(const Element &element) const =0
Determines if an element is an identity.
virtual DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()=0
Retrieves the group precomputation.
Base implementation of Discrete Log (DL) group parameters.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const
Retrieves the group precomputation.
const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const
Retrieves the group precomputation.
DL_GroupPrecomputation interface.
Diffie-Hellman key agreement algorithm.
Interface for DL key agreement algorithms.
Interface for key derivation algorithms used in DL cryptosystems.
Base class for a Discrete Log (DL) key.
virtual DL_GroupParameters< T > & AccessAbstractGroupParameters()=0
Retrieves abstract group parameters.
virtual const DL_GroupParameters< T > & GetAbstractGroupParameters() const =0
Retrieves abstract group parameters.
Discrete Log (DL) key base implementation.
Discrete Log (DL) base object implementation.
Discrete Log (DL) object implementation.
Interface for Discrete Log (DL) private keys.
virtual const Integer & GetPrivateExponent() const =0
Retrieves the private exponent.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void MakePublicKey(DL_PublicKey< T > &pub) const
Initializes a public key from this key.
virtual void SetPrivateExponent(const Integer &x)=0
Sets the private exponent.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
Discrete Log (DL) private key base implementation.
void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
const Integer & GetPrivateExponent() const
Retrieves the private exponent.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
void SetPrivateExponent(const Integer &x)
Sets the private exponent.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
Interface for Discrete Log (DL) public keys.
virtual DL_FixedBasePrecomputation< T > & AccessPublicPrecomputation()=0
Accesses the public precomputation.
virtual const Element & GetPublicElement() const
Retrieves the public element.
virtual Element ExponentiatePublicElement(const Integer &exponent) const
Exponentiates this element.
virtual const DL_FixedBasePrecomputation< T > & GetPublicPrecomputation() const =0
Accesses the public precomputation.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
virtual void SetPublicElement(const Element &y)
Sets the public element.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual Element CascadeExponentiateBaseAndPublicElement(const Integer &baseExp, const Integer &publicExp) const
Exponentiates an element.
Discrete Log (DL) public key base implementation.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
DL_FixedBasePrecomputation< Element > & AccessPublicPrecomputation()
Accesses the public precomputation.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
const DL_FixedBasePrecomputation< Element > & GetPublicPrecomputation() const
Accesses the public precomputation.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Discrete Log (DL) signature scheme.
PK_FinalTemplate< DL_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
PK_FinalTemplate< DL_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Discrete Log (DL) signature scheme base implementation.
size_t MaxRecoverableLength() const
Provides the maximum recoverable length.
bool RecoverablePartFirst() const
Determines if the scheme allows recoverable part first.
bool AllowNonrecoverablePart() const
Determines if the scheme has non-recoverable part.
size_t SignatureLength() const
Provides the signature length.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the maximum recoverable length.
bool IsProbabilistic() const
Determines if the scheme is probabilistic.
Discrete Log (DL) signature scheme signer base implementation.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
Sign and restart messageAccumulator.
void RawSign(const Integer &k, const Integer &e, Integer &r, Integer &s) const
Testing interface.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
Discrete Log (DL) signer implementation.
Discrete Log (DL) simple key agreement base implementation.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
CryptoParameters & AccessCryptoParameters()
Retrieves a reference to Crypto Parameters.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
Derive agreed value.
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate private key in this domain.
const Element & GetGenerator() const
Retrieves a reference to the group generator.
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a public key from a private key in this domain.
unsigned int PrivateKeyLength() const
Provides the size of the private key.
unsigned int PublicKeyLength() const
Provides the size of the public key.
Interface for symmetric encryption algorithms used in DL cryptosystems.
Discret Log (DL) Verifier base class.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
Recover a message from its signature.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
Discrete Log (DL) verifier implementation.
Interface for deterministic signers.
virtual Integer GenerateRandom(const Integer &x, const Integer &q, const Integer &e) const =0
Generate k.
Multiple precision integer with arithmetic operations.
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
static const Integer & Zero()
Integer representing 0.
static Integer Gcd(const Integer &a, const Integer &n)
Calculate greatest common divisor.
void Randomize(RandomNumberGenerator &rng, size_t bitCount)
Set this Integer to random integer.
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
static const Integer & One()
Integer representing 1.
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
unsigned int ByteCount() const
Determines the number of bytes required to represent the Integer.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
Interface for key agreement algorithms.
Mask generation function interface.
virtual void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const =0
Generate and apply mask.
Ring of congruence classes modulo n.
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Interface for retrieving values given their names.
bool GetThisObject(T &object) const
Get a copy of this object or subobject.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
A method was called which was not implemented.
Uses encapsulation to hide an object in derived classes.
P1363 key derivation function.
P1363 mask generation function.
void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const
Generate and apply mask.
Interface for message encoding method for public key signature schemes.
Message encoding method for public key encryption.
virtual size_t MaxUnpaddedLength(size_t paddedLength) const =0
max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of ...
Template implementing constructors for public key algorithm classes.
Public key trapdoor function default implementation.
Interface for message encoding method for public key signature schemes.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
Interface for accumulating messages to be signed or verified.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
Interface for message encoding method for public key signature schemes.
bool IsProbabilistic() const
Determines whether an encoding method requires a random number generator.
Encodes and Decodes privateKeyInfo.
Interface for private keys.
Interface for public keys.
Interface for random number generators.
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Applies the trapdoor function, using random data if required.
virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Applies the inverse of the trapdoor function, using random data if required.
virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Applies the inverse of the trapdoor function, using random data if required.
virtual bool IsRandomized() const
Determines if the decryption algorithm is randomized.
void New(size_type newSize)
Change size without preserving contents.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
size_type size() const
Provides the count of elements in the SecBlock.
Interface for domains of simple key agreement protocols.
Restricts the instantiation of a class to one static object without locks.
const T & Ref(...) const
Return a reference to the inner Singleton object.
The base for trapdoor based cryptosystems.
Trapdoor function cryptosystem base class.
Trapdoor function cryptosystems decryption base class.
Trapdoor Function (TF) decryptor options.
Trapdoor Function (TF) encryption scheme.
PK_FinalTemplate< TF_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
PK_FinalTemplate< TF_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
STANDARD Standard
see EncryptionStandard for a list of standards
Trapdoor function cryptosystems encryption base class.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) base implementation.
Trapdoor Function (TF) signature with external reference.
Trapdoor Function (TF) signature scheme options.
Trapdoor Function (TF) Signature Scheme.
PK_FinalTemplate< TF_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
STANDARD Standard
see SignatureStandard for a list of standards
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Trapdoor Function (TF) Signature Scheme base class.
Trapdoor Function (TF) Signer base class.
Trapdoor Function (TF) encryptor options.
Trapdoor Function (TF) Verifier base class.
Trapdoor Function (TF) encryptor options.
Provides range for plaintext and ciphertext lengths.
virtual Integer PreimageBound() const =0
Returns the maximum size of a message before the trapdoor function is applied.
virtual Integer ImageBound() const =0
Returns the maximum size of a message after the trapdoor function is applied.
virtual Integer MaxImage() const
Returns the maximum size of a message after the trapdoor function is applied bound to a public key.
virtual Integer MaxPreimage() const
Returns the maximum size of a message before the trapdoor function is applied bound to a public key.
Applies the trapdoor function.
virtual Integer ApplyFunction(const Integer &x) const =0
Applies the trapdoor.
bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
Applies the trapdoor function.
Applies the inverse of the trapdoor function.
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function.
bool IsRandomized() const
Determines if the decryption algorithm is randomized.
virtual Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const =0
Calculates the inverse of an element.
Encodes and decodes subjectPublicKeyInfo.
Pointer that overloads operator ->
Library configuration file.
Abstract base classes that provide a uniform interface to this library.
Classes for precomputation in a group.
Implementation of BufferedTransformation's attachment interface.
Classes and functions for the FIPS 140-2 validated library.
Multiple precision integer with arithmetic operations.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
Class file for performing modular arithmetic.
Crypto++ library namespace.
CofactorMultiplicationOption
Methods for avoiding "Small-Subgroup" attacks on Diffie-Hellman Key Agreement.
@ INCOMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication incompatible with ordinary Diffie-Hellman.
@ NO_COFACTOR_MULTIPLICTION
No cofactor multiplication applied.
@ COMPATIBLE_COFACTOR_MULTIPLICTION
Cofactor multiplication compatible with ordinary Diffie-Hellman.
Classes for automatic resource management.
Discrete Log (DL) crypto scheme options.
Discrete Log (DL) key options.
Discrete Log (DL) scheme options.
Discrete Log (DL) signature scheme options.
Returns a decoding results.
Base class for public key encryption standard classes.
Converts an enumeration to a type suitable for use as a template parameter.
Base class for public key signature standard classes.
Trapdoor Function (TF) scheme options.
Trapdoor Function (TF) signature scheme options.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.