User Guide: eccrypto.h
eccrypto.h provides template classes for elliptic-curve-based cryptographic operations. The classes are templates primarily because two distinct types of elliptic curves are in use; thus, an elliptic curve over GF(2n) is represented by class EC2N (ec2n.h), whereas an elliptic curve over GF(p) is represented by class ECP (ecp.h).
Elliptic curve parameters are represented by template class ECParameters. Parameters can be initialized in various ways; however, one of the more practical ones is to use the method LoadRecommendedParameters(), supplying one of the recommended-parameters-OIDs as defined in oids.h.
Example - generate an EC2N keypair and save it:
// ECPrivateKey is used directly only because the private key // won't actually be used to perform any cryptographic operation. AutoSeededRandomPool rng; ECPrivateKey privkey(rng, ASN1::sect233k1); Base64Encoder privkeysink(new FileSink("c:\\privkey.txt")); privkey.DEREncode(privkeysink); privkeysink.MessageEnd(); // Need to flush Base64Encoder's buffer // Suppose we want to store the public key separately, // possibly because we will be sending the public key to a third party. ECPublicKey pubkey(privkey); Base64Encoder pubkeysink(new FileSink("c:\\pubkey.txt")); pubkey.DEREncode(pubkeysink); pubkeysink.MessageEnd(); // Need to flush Base64Encoder's buffer
Example - load a public key and encrypt a file:
string sContents; FileSource("c:\\tobesigned.dat", true, new StringSink(sContents)); ECEncryptor pubkey( FileSource("c:\\pubkey.txt", true, new Base64Decoder))); // Cannot use std::string for buffer; // its internal storage might not be contiguous SecByteBlock sbbCipherText(pubkey.CipherTextLength(sContents.size())); // ECIES encryption is nice because it handles the entire encryption // process internally, regardless of the length of input data. // We don't have to generate a symmetric session key and encrypt // with it separately. AutoSeededRandomPool rng; pubkey.Encrypt( rng, (byte const*) sContents.data(), sContents.size(), sbbCipherText.Begin()); FileSink("c:\\encrypted.dat").Put(sbbCipherText.Begin(), sbbCipherText.Size());
To find other topics in the User Guide, visit Category:User Guide.