7#ifndef CRYPTOPP_ECCRYPTO_H
8#define CRYPTOPP_ECCRYPTO_H
25#if CRYPTOPP_MSC_VERSION
27# pragma warning(disable: 4231 4275)
42 typedef EC EllipticCurve;
43 typedef typename EllipticCurve::Point Point;
44 typedef Point Element;
55 : m_compress(false), m_encodeAsOID(true) {
Initialize(oid);}
63 : m_compress(false), m_encodeAsOID(true) {
Initialize(ec, G, n, k);}
68 : m_compress(false), m_encodeAsOID(true) {BERDecode(bt);}
78 this->m_groupPrecomputation.SetCurve(ec);
90 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
105 bool FastSubgroupCheckAvailable()
const {
return false;}
106 void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const
109 GetCurve().EncodePoint(encoded, element, m_compress);
116 return GetCurve().EncodedPointSize(m_compress);
118 return GetCurve().GetField().MaxElementByteLength();
120 Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const
125 if (checkForGroupMembership && !ValidateElement(1, result, NULLPTR))
129 Integer ConvertElementToInteger(
const Element &element)
const;
131 bool IsIdentity(
const Element &element)
const {
return element.identity;}
132 void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
133 static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {
return "EC";}
136 OID GetAlgorithmID()
const;
139 Element MultiplyElements(
const Element &a,
const Element &b)
const;
140 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
145 static OID CRYPTOPP_API GetNextRecommendedParametersOID(
const OID &oid);
150 void SetPointCompression(
bool compress) {m_compress = compress;}
151 bool GetPointCompression()
const {
return m_compress;}
153 void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
154 bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
156 const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
158 bool operator==(
const ThisClass &rhs)
const
159 {
return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
162 unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
163 unsigned int ExponentLength()
const {
return m_n.
ByteCount();}
168 mutable bool m_compress, m_encodeAsOID;
177 typedef typename EC::Point Element;
195 {this->AccessGroupParameters().Initialize(ec, G, n); this->
SetPublicElement(Q);}
208 typedef typename EC::Point Element;
262template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption>
272template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption>
284template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption,
class HASH =
SHA256>
302template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption,
class HASH =
SHA256>
323template <
class EC,
class H>
343 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA";}
351template <
class EC,
class H>
355 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA-RFC6979";}
364 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECNR";}
372template <
class EC,
class H>
373struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
383template <
class EC,
class H>
386 DL_Algorithm_ECDSA_RFC6979<EC, H>,
387 DL_SignatureMessageEncodingMethod_DSA,
389 ECDSA_RFC6979<EC,H> >
391 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(
"ECDSA-RFC6979/") + H::StaticAlgorithmName();}
397template <
class EC,
class H = SHA1>
398struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
417 typedef typename EC::Point Element;
427 this->AccessGroupParameters() = params;
440 this->AccessGroupParameters().Initialize(ec, G, n);
442 CRYPTOPP_ASSERT(x>=1 && x<=this->AccessGroupParameters().GetSubgroupOrder()-1);
474 virtual bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
476 return GetValueHelper<DL_PrivateKey_ECGDSA<EC>,
482 AssignFromHelper<DL_PrivateKey_ECGDSA<EC>,
501 typedef typename EC::Point Element;
510 {this->AccessGroupParameters() = params; this->SetPublicElement(Q);}
519 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);}
525 pPrivateKey->MakePublicKey(*
this);
529 AssignFromHelper(
this, source)
530 CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
535 virtual void SetPublicElement(
const Element &y)
562 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECGDSA";}
572template <
class EC,
class H>
575 DL_Algorithm_ECGDSA<EC>,
576 DL_SignatureMessageEncodingMethod_DSA,
579 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(
"ECGDSA-ISO15946/") + H::StaticAlgorithmName();}
617template <
class EC,
class HASH = SHA1,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = true,
bool LABEL_OCTETS = false>
621 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
622 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<HASH> >,
623 DL_EncryptionAlgorithm_Xor<HMAC<HASH>, DHAES_MODE, LABEL_OCTETS>,
627 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECIES";}
632#ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
633#include "eccrypto.cpp"
659#if CRYPTOPP_MSC_VERSION
Classes and functions for working with ANS.1 objects.
DSA signature algorithm based on RFC 6979.
Elliptic Curve DSA (ECDSA) signature algorithm based on RFC 6979.
Elliptic Curve DSA (ECDSA) signature algorithm.
Elliptic Curve German DSA signature algorithm.
Elliptic Curve NR (ECNR) signature algorithm.
German Digital Signature Algorithm.
Exception thrown when an invalid group element is encountered.
Discrete Log (DL) encryption scheme.
DL_FixedBasePrecomputation interface.
Elliptic Curve Parameters.
DL_GroupParameters_EC(const OID &oid)
Construct an EC GroupParameters.
Integer GetCofactor() const
Retrieves the cofactor.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
this implementation doesn't actually generate a curve, it just initializes the parameters with existi...
virtual unsigned int GetEncodedElementSize(bool reversible) const
Retrieves the encoded element's size.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const
Decodes the element.
const Integer & GetSubgroupOrder() const
Retrieves the subgroup order.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
DL_GroupParameters_EC()
Construct an EC GroupParameters.
const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const
Retrieves the group precomputation.
bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const
Check the group for errors.
Integer GetMaxExponent() const
Retrieves the maximum exponent for the group.
void Initialize(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k=Integer::Zero())
Initialize an EC GroupParameters using {EC,G,n,k}.
DL_GroupParameters_EC(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k=Integer::Zero())
Construct an EC GroupParameters.
DL_GroupParameters_EC(BufferedTransformation &bt)
Construct an EC GroupParameters.
Interface for Discrete Log (DL) group parameters.
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
Base implementation of Discrete Log (DL) group parameters.
Elliptic Curve German DSA key for ISO/IEC 15946.
void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n)
Create an EC private key.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Integer &x)
Initialize an EC Private Key using {GP,x}.
void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC< EC > ¶ms)
Create an EC private key.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x)
Initialize an EC Private Key using {EC,G,n,x}.
Elliptic Curve Discrete Log (DL) private key.
void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC< EC > ¶ms)
Create an EC private key.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Integer &x)
Initialize an EC Private Key using {GP,x}.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x)
Initialize an EC Private Key using {EC,G,n,x}.
void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n)
Create an EC private key.
Discrete Log (DL) private key base implementation.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
const Integer & GetPrivateExponent() const
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
void SetPrivateExponent(const Integer &x)
Elliptic Curve German DSA key for ISO/IEC 15946.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q)
Initialize an EC Public Key using {EC,G,n,Q}.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Element &Q)
Initialize an EC Public Key using {GP,Q}.
Elliptic Curve Discrete Log (DL) public key.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q)
Initialize an EC Public Key using {EC,G,n,Q}.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Element &Q)
Initialize an EC Public Key using {GP,Q}.
virtual void SetPublicElement(const Element &y)
Sets the public element.
Discrete Log (DL) public key base implementation.
DL_FixedBasePrecomputation< Element > & AccessPublicPrecomputation()
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
Discrete Log (DL) signature scheme.
Fully Hashed Menezes-Qu-Vanstone in GF(p)
Hashed Menezes-Qu-Vanstone in GF(p)
Multiple precision integer with arithmetic operations.
static const Integer & Zero()
Integer representing 0.
bool NotZero() const
Determines if the Integer is non-0.
unsigned int ByteCount() const
Determines the number of bytes required to represent the Integer.
Integer InverseMod(const Integer &n) const
Calculate multiplicative inverse.
MQV domain for performing authenticated key agreement.
Interface for retrieving values given their names.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
Interface for random number generators.
Library configuration file.
Abstract base classes that provide a uniform interface to this library.
Classes for Diffie-Hellman key exchange.
Classes for Elliptic Curves over binary fields.
Classes for Elliptic Curves over prime fields.
Classes for Fully Hashed Menezes-Qu-Vanstone key agreement in GF(p)
Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
Classes for HMAC message authentication codes.
Classes for Hashed Menezes-Qu-Vanstone key agreement in GF(p)
Multiple precision integer with arithmetic operations.
Classes for Menezes–Qu–Vanstone (MQV) key agreement.
Crypto++ library namespace.
This file contains helper classes/functions for implementing public key algorithms.
Classes for SHA-1 and SHA-2 family of message digests.
Elliptic Curve German DSA keys for ISO/IEC 15946.
Elliptic Curve Discrete Log (DL) keys.
Elliptic Curve Diffie-Hellman.
Elliptic Curve DSA (ECDSA) deterministic signature scheme.
Elliptic Curve DSA (ECDSA) signature scheme.
Fully Hashed Elliptic Curve Menezes-Qu-Vanstone.
Elliptic Curve German Digital Signature Algorithm signature scheme.
Hashed Elliptic Curve Menezes-Qu-Vanstone.
Elliptic Curve Integrated Encryption Scheme.
Elliptic Curve Menezes-Qu-Vanstone.
Elliptic Curve NR (ECNR) signature scheme.
Converts an enumeration to a type suitable for use as a template parameter.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.