34 #ifndef CRYPTOPP_PUBKEY_H
35 #define CRYPTOPP_PUBKEY_H
39 #if CRYPTOPP_MSC_VERSION
40 # pragma warning(push)
41 # pragma warning(disable: 4702)
55 #if defined(__SUNPRO_CC)
56 # define MAYBE_RETURN(x) return x
58 # define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
80 virtual Integer PreimageBound()
const =0;
84 virtual Integer ImageBound()
const =0;
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
217 virtual size_t MaxUnpaddedLength(
size_t paddedLength)
const =0;
229 template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
248 template <
class BASE>
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266 template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303 typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
380 static HashIdentifier CRYPTOPP_API Lookup()
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472 template <
class HASH_ALGORITHM>
482 template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
516 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
526 void InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
size_t signatureLength)
const;
537 template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552 template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
670 template <
class SCHEME_OPTIONS>
677 template <
class SCHEME_OPTIONS>
697 virtual void GenerateAndMask(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
bool mask =
true)
const =0;
711 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
717 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "MGF1";}
720 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
732 static void CRYPTOPP_API DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
735 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
767 if (!GetBasePrecomputation().IsInitialized())
770 if (m_validationLevel > level)
773 bool pass = ValidateGroup(rng, level);
774 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
776 m_validationLevel = pass ? level+1 : 0;
781 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
783 return GetValueHelper(
this, name, valueType, pValue)
784 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupOrder)
785 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupGenerator)
804 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
813 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
814 m_validationLevel = 0;
823 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
829 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
834 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
841 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
852 SimultaneousExponentiate(&result, base, &exponent, 1);
870 virtual const Integer & GetSubgroupOrder()
const =0;
874 virtual Integer GetMaxExponent()
const =0;
892 virtual unsigned int GetEncodedElementSize(
bool reversible)
const =0;
900 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
908 virtual Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
914 virtual Integer ConvertElementToInteger(
const Element &element)
const =0;
949 virtual bool FastSubgroupCheckAvailable()
const =0;
957 virtual bool IsIdentity(
const Element &element)
const =0;
969 virtual void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const =0;
972 void ParametersChanged() {m_validationLevel = 0;}
975 mutable unsigned int m_validationLevel;
982 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
986 typedef GROUP_PRECOMP GroupPrecomputation;
987 typedef typename GROUP_PRECOMP::Element Element;
988 typedef BASE_PRECOMP BasePrecomputation;
1005 GROUP_PRECOMP m_groupPrecomputation;
1047 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1050 CRYPTOPP_GET_FUNCTION_ENTRY(PublicElement);
1132 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1135 CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent);
1143 AssignFromHelper(
this, source)
1144 CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent);
1150 virtual const Integer & GetPrivateExponent()
const =0;
1154 virtual void SetPrivateExponent(
const Integer &x) =0;
1169 this->AccessAbstractGroupParameters().AssignFrom(source);
1170 AssignFromHelper(
this, source)
1171 CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
1181 template <
class PK,
class GP,
class O = OID>
1185 typedef GP GroupParameters;
1189 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1191 {AccessGroupParameters().BERDecode(bt);
return true;}
1193 {GetGroupParameters().DEREncode(bt);
return true;}
1195 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1196 GP & AccessGroupParameters() {
return m_groupParameters;}
1199 GP m_groupParameters;
1211 typedef typename GP::Element Element;
1218 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1220 const Integer &q = GetAbstractGroupParameters().GetSubgroupOrder();
1221 const Integer &x = GetPrivateExponent();
1223 pass = pass && x.IsPositive() && x < q;
1229 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1231 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1236 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1242 this->AccessGroupParameters().GenerateRandom(rng, params);
1256 {GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);}
1263 const Integer & GetPrivateExponent()
const {
return m_x;}
1276 template <
class BASE,
class SIGNATURE_SCHEME>
1284 BASE::GenerateRandom(rng, params);
1288 typename SIGNATURE_SCHEME::Signer signer(*
this);
1289 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1290 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1301 typedef typename GP::Element Element;
1308 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1309 pass = pass && GetAbstractGroupParameters().ValidateElement(level, this->
GetPublicElement(), &GetPublicPrecomputation());
1313 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1315 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1320 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1328 AccessPublicPrecomputation().Precompute(GetAbstractGroupParameters().GetGroupPrecomputation(), GetAbstractGroupParameters().GetSubgroupOrder().BitCount(), precomputationStorage);
1339 GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);
1340 GetPublicPrecomputation().Save(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1356 typename GP::BasePrecomputation m_ypc;
1395 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1396 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1442 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1453 virtual bool ParameterSupported(
const char *name)
const
1454 {CRYPTOPP_UNUSED(name);
return false;}
1455 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1464 virtual bool ParameterSupported(
const char *name)
const
1465 {CRYPTOPP_UNUSED(name);
return false;}
1466 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1467 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1468 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1469 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1470 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1479 typedef KI KeyInterface;
1480 typedef typename KI::Element Element;
1487 virtual KeyInterface & AccessKeyInterface() =0;
1488 virtual const KeyInterface & GetKeyInterface()
const =0;
1496 template <
class INTFACE,
class KEY_INTFACE>
1507 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1508 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1514 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1531 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1536 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1539 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1540 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1543 virtual bool IsDeterministic()
const {
return false;}
1547 virtual HashIdentifier GetHashIdentifier()
const =0;
1548 virtual size_t GetDigestSize()
const =0;
1577 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1578 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1579 recoverableMessage, recoverableMessageLength,
1580 ma.m_presignature, ma.m_presignature.
size(),
1581 ma.m_semisignature);
1586 this->GetMaterial().DoQuickSanityCheck();
1593 SecByteBlock representative(this->MessageRepresentativeLength());
1594 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1596 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1597 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1598 representative, this->MessageRepresentativeBitLength());
1633 size_t rLen = alg.
RLen(params);
1634 r.Encode(signature, rLen);
1638 RestartMessageAccumulator(rng, ma);
1657 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1671 CRYPTOPP_UNUSED(signature); CRYPTOPP_UNUSED(signatureLength);
1676 size_t rLen = alg.
RLen(params);
1677 ma.m_semisignature.
Assign(signature, rLen);
1678 ma.m_s.
Decode(signature+rLen, alg.
SLen(params));
1680 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1685 this->GetMaterial().DoQuickSanityCheck();
1692 SecByteBlock representative(this->MessageRepresentativeLength());
1693 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1694 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1695 representative, this->MessageRepresentativeBitLength());
1699 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1700 return alg.
Verify(params, key, e, r, ma.m_s);
1705 this->GetMaterial().DoQuickSanityCheck();
1712 SecByteBlock representative(this->MessageRepresentativeLength());
1713 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1715 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1716 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1717 representative, this->MessageRepresentativeBitLength());
1722 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1725 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1726 ma.AccessHash(), this->GetHashIdentifier(),
1727 ma.m_presignature, ma.m_presignature.
size(),
1728 ma.m_semisignature, ma.m_semisignature.
size(),
1736 template <
class PK,
class KI>
1740 typedef typename DL_Base<KI>::Element Element;
1744 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1746 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1747 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1750 size_t CiphertextLength(
size_t plaintextLength)
const
1752 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1753 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1756 bool ParameterSupported(
const char *name)
const
1757 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1779 CRYPTOPP_UNUSED(rng);
1788 ciphertext += elementSize;
1789 ciphertextLength -= elementSize;
1791 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1793 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1794 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1796 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1827 ciphertext += elementSize;
1831 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1832 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1834 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1841 template <
class T1,
class T2>
1844 typedef T1 AlgorithmInfo;
1845 typedef T2 GroupParameters;
1846 typedef typename GroupParameters::Element Element;
1852 template <
class T1,
class T2>
1856 typedef typename Keys::PrivateKey
PrivateKey;
1857 typedef typename Keys::PublicKey
PublicKey;
1866 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1869 typedef T3 SignatureAlgorithm;
1870 typedef T4 MessageEncodingMethod;
1871 typedef T5 HashFunction;
1880 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1884 typedef T4 KeyDerivationAlgorithm;
1885 typedef T5 SymmetricEncryptionAlgorithm;
1892 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1896 typedef SCHEME_OPTIONS SchemeOptions;
1897 typedef typename KEY::Element Element;
1901 PrivateKey & AccessPrivateKey() {
return m_key;}
1902 PublicKey & AccessPublicKey() {
return m_key;}
1905 const KEY & GetKey()
const {
return m_key;}
1906 KEY & AccessKey() {
return m_key;}
1909 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1910 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1913 HashIdentifier GetHashIdentifier()
const
1915 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1916 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1918 size_t GetDigestSize()
const
1920 typedef typename SchemeOptions::HashFunction H;
1921 return H::DIGESTSIZE;
1932 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1936 typedef typename KEY::Element Element;
1949 HashIdentifier GetHashIdentifier()
const
1950 {
return HashIdentifier();}
1957 template <
class SCHEME_OPTIONS>
1964 this->RestartMessageAccumulator(rng, *p);
1971 template <
class SCHEME_OPTIONS>
1983 template <
class SCHEME_OPTIONS>
1990 template <
class SCHEME_OPTIONS>
2008 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2009 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2010 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2020 CRYPTOPP_UNUSED(rng);
2027 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2033 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2035 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2036 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2048 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2077 template <
class ELEMENT,
class COFACTOR_OPTION>
2081 typedef ELEMENT Element;
2083 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName()
2094 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2108 if (!validateOtherPublicKey)
2111 if (params.FastSubgroupCheckAvailable())
2133 template <
class BASE>
2140 {this->AccessKey().AssignFrom(key);}
2143 {this->AccessKey().BERDecode(bt);}
2146 {this->AccessKey().AssignFrom(algorithm.
GetMaterial());}
2149 {this->AccessKey().Initialize(v1);}
2151 template <
class T1,
class T2>
2153 {this->AccessKey().Initialize(v1, v2);}
2155 template <
class T1,
class T2,
class T3>
2157 {this->AccessKey().Initialize(v1, v2, v3);}
2159 template <
class T1,
class T2,
class T3,
class T4>
2161 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2163 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2164 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2165 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2167 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2168 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2169 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2171 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2172 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2173 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2175 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2176 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2177 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2179 template <
class T1,
class T2>
2181 {this->AccessKey().Initialize(v1, v2);}
2183 template <
class T1,
class T2,
class T3>
2185 {this->AccessKey().Initialize(v1, v2, v3);}
2187 template <
class T1,
class T2,
class T3,
class T4>
2189 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2191 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2192 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2193 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2195 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2196 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2197 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2199 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2200 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2201 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2203 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2204 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2205 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2222 template <
class KEYS,
class STANDARD,
class ALG_INFO>
2225 template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2226 class TF_ES :
public KEYS
2228 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2235 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2248 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2251 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2252 class TF_SS :
public KEYS
2260 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2274 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2277 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2278 class DL_SS :
public KEYS
2283 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2297 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2311 #if CRYPTOPP_MSC_VERSION
2312 # pragma warning(pop)