Crypto++  5.6.5
Free C++ class library of cryptographic schemes
eccrypto.cpp
1 // eccrypto.cpp - written and placed in the public domain by Wei Dai
2 
3 #include "pch.h"
4 
5 #include "config.h"
6 
7 #if CRYPTOPP_MSC_VERSION
8 # pragma warning(push)
9 # pragma warning(disable: 4127 4189)
10 #endif
11 
12 #if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE
13 # pragma GCC diagnostic push
14 # pragma GCC diagnostic ignored "-Wunused-function"
15 #endif
16 
17 #ifndef CRYPTOPP_IMPORTS
18 
19 #include "eccrypto.h"
20 #include "integer.h"
21 #include "nbtheory.h"
22 #include "filters.h"
23 #include "argnames.h"
24 #include "smartptr.h"
25 #include "oids.h"
26 #include "asn.h"
27 #include "hex.h"
28 #include "ec2n.h"
29 #include "misc.h"
30 
31 NAMESPACE_BEGIN(CryptoPP)
32 
33 #if 0
34 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
35 static void ECDSA_TestInstantiations()
36 {
38  ECDSA<EC2N>::Verifier t2(t1);
40  ECNR<ECP>::Verifier t4(t3);
45 }
46 #endif
47 #endif
48 
49 ANONYMOUS_NAMESPACE_BEGIN
50 Integer ConvertToInteger(const PolynomialMod2 &x)
51 {
52  unsigned int l = x.ByteCount();
53  SecByteBlock temp(l);
54  x.Encode(temp, l);
55  return Integer(temp, l);
56 }
57 
58 inline Integer ConvertToInteger(const Integer &x)
59 {
60  return x;
61 }
62 
63 bool CheckMOVCondition(const Integer &q, const Integer &r)
64 {
65  // see "Updated standards for validating elliptic curves", http://eprint.iacr.org/2007/343
66  Integer t = 1;
67  unsigned int n = q.IsEven() ? 1 : q.BitCount(), m = r.BitCount();
68 
69  for (unsigned int i=n; DiscreteLogWorkFactor(i)<m/2; i+=n)
70  {
71  if (q.IsEven())
72  t = (t+t)%r;
73  else
74  t = (t*q)%r;
75  if (t == 1)
76  return false;
77  }
78  return true;
79 }
80 ANONYMOUS_NAMESPACE_END
81 
82 // ******************************************************************
83 
84 template <class T> struct EcRecommendedParameters;
85 
86 template<> struct EcRecommendedParameters<EC2N>
87 {
88  EcRecommendedParameters(const OID &oid, unsigned int t2, unsigned int t3, unsigned int t4, const char *a, const char *b, const char *g, const char *n, unsigned int h)
89  : oid(oid), t0(0), t1(0), t2(t2), t3(t3), t4(t4), a(a), b(b), g(g), n(n), h(h) {}
90  EcRecommendedParameters(const OID &oid, unsigned int t0, unsigned int t1, unsigned int t2, unsigned int t3, unsigned int t4, const char *a, const char *b, const char *g, const char *n, unsigned int h)
91  : oid(oid), t0(t0), t1(t1), t2(t2), t3(t3), t4(t4), a(a), b(b), g(g), n(n), h(h) {}
92  EC2N *NewEC() const
93  {
94  StringSource ssA(a, true, new HexDecoder);
95  StringSource ssB(b, true, new HexDecoder);
96  if (t0 == 0)
97  return new EC2N(GF2NT(t2, t3, t4), EC2N::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), EC2N::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
98  else
99  return new EC2N(GF2NPP(t0, t1, t2, t3, t4), EC2N::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), EC2N::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
100  };
101 
102  OID oid;
103  unsigned int t0, t1, t2, t3, t4;
104  const char *a, *b, *g, *n;
105  unsigned int h;
106 };
107 
108 template<> struct EcRecommendedParameters<ECP>
109 {
110  EcRecommendedParameters(const OID &oid, const char *p, const char *a, const char *b, const char *g, const char *n, unsigned int h)
111  : oid(oid), p(p), a(a), b(b), g(g), n(n), h(h) {}
112  ECP *NewEC() const
113  {
114  StringSource ssP(p, true, new HexDecoder);
115  StringSource ssA(a, true, new HexDecoder);
116  StringSource ssB(b, true, new HexDecoder);
117  return new ECP(Integer(ssP, (size_t)ssP.MaxRetrievable()), ECP::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), ECP::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
118  };
119 
120  OID oid;
121  const char *p;
122  const char *a, *b, *g, *n;
123  unsigned int h;
124 };
125 
127 {
128  template <typename T>
129  inline bool operator()(const EcRecommendedParameters<T>& a, const OID& b) {return a.oid < b;}
130  template <typename T>
131  inline bool operator()(const OID& a, const EcRecommendedParameters<T>& b) {return a < b.oid;}
132  template <typename T>
133  inline bool operator()(const EcRecommendedParameters<T>& a, const EcRecommendedParameters<T>& b) {return a.oid < b.oid;}
134 };
135 
136 static void GetRecommendedParameters(const EcRecommendedParameters<EC2N> *&begin, const EcRecommendedParameters<EC2N> *&end)
137 {
138  // this array must be sorted by OID
139  static const EcRecommendedParameters<EC2N> rec[] = {
140  EcRecommendedParameters<EC2N>(ASN1::sect163k1(),
141  163, 7, 6, 3, 0,
142  "000000000000000000000000000000000000000001",
143  "000000000000000000000000000000000000000001",
144  "0402FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE80289070FB05D38FF58321F2E800536D538CCDAA3D9",
145  "04000000000000000000020108A2E0CC0D99F8A5EF",
146  2),
147  EcRecommendedParameters<EC2N>(ASN1::sect163r1(),
148  163, 7, 6, 3, 0,
149  "07B6882CAAEFA84F9554FF8428BD88E246D2782AE2",
150  "0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9",
151  "040369979697AB43897789566789567F787A7876A65400435EDB42EFAFB2989D51FEFCE3C80988F41FF883",
152  "03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B",
153  2),
154  EcRecommendedParameters<EC2N>(ASN1::sect239k1(),
155  239, 158, 0,
156  "000000000000000000000000000000000000000000000000000000000000",
157  "000000000000000000000000000000000000000000000000000000000001",
158  "0429A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA",
159  "2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5",
160  4),
161  EcRecommendedParameters<EC2N>(ASN1::sect113r1(),
162  113, 9, 0,
163  "003088250CA6E7C7FE649CE85820F7",
164  "00E8BEE4D3E2260744188BE0E9C723",
165  "04009D73616F35F4AB1407D73562C10F00A52830277958EE84D1315ED31886",
166  "0100000000000000D9CCEC8A39E56F",
167  2),
168  EcRecommendedParameters<EC2N>(ASN1::sect113r2(),
169  113, 9, 0,
170  "00689918DBEC7E5A0DD6DFC0AA55C7",
171  "0095E9A9EC9B297BD4BF36E059184F",
172  "0401A57A6A7B26CA5EF52FCDB816479700B3ADC94ED1FE674C06E695BABA1D",
173  "010000000000000108789B2496AF93",
174  2),
175  EcRecommendedParameters<EC2N>(ASN1::sect163r2(),
176  163, 7, 6, 3, 0,
177  "000000000000000000000000000000000000000001",
178  "020A601907B8C953CA1481EB10512F78744A3205FD",
179  "0403F0EBA16286A2D57EA0991168D4994637E8343E3600D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
180  "040000000000000000000292FE77E70C12A4234C33",
181  2),
182  EcRecommendedParameters<EC2N>(ASN1::sect283k1(),
183  283, 12, 7, 5, 0,
184  "000000000000000000000000000000000000000000000000000000000000000000000000",
185  "000000000000000000000000000000000000000000000000000000000000000000000001",
186  "040503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC245849283601CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
187  "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
188  4),
189  EcRecommendedParameters<EC2N>(ASN1::sect283r1(),
190  283, 12, 7, 5, 0,
191  "000000000000000000000000000000000000000000000000000000000000000000000001",
192  "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
193  "0405F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B1205303676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
194  "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
195  2),
196  EcRecommendedParameters<EC2N>(ASN1::sect131r1(),
197  131, 8, 3, 2, 0,
198  "07A11B09A76B562144418FF3FF8C2570B8",
199  "0217C05610884B63B9C6C7291678F9D341",
200  "040081BAF91FDF9833C40F9C181343638399078C6E7EA38C001F73C8134B1B4EF9E150",
201  "0400000000000000023123953A9464B54D",
202  2),
203  EcRecommendedParameters<EC2N>(ASN1::sect131r2(),
204  131, 8, 3, 2, 0,
205  "03E5A88919D7CAFCBF415F07C2176573B2",
206  "04B8266A46C55657AC734CE38F018F2192",
207  "040356DCD8F2F95031AD652D23951BB366A80648F06D867940A5366D9E265DE9EB240F",
208  "0400000000000000016954A233049BA98F",
209  2),
210  EcRecommendedParameters<EC2N>(ASN1::sect193r1(),
211  193, 15, 0,
212  "0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01",
213  "00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814",
214  "0401F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E10025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05",
215  "01000000000000000000000000C7F34A778F443ACC920EBA49",
216  2),
217  EcRecommendedParameters<EC2N>(ASN1::sect193r2(),
218  193, 15, 0,
219  "0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B",
220  "00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE",
221  "0400D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C",
222  "010000000000000000000000015AAB561B005413CCD4EE99D5",
223  2),
224  EcRecommendedParameters<EC2N>(ASN1::sect233k1(),
225  233, 74, 0,
226  "000000000000000000000000000000000000000000000000000000000000",
227  "000000000000000000000000000000000000000000000000000000000001",
228  "04017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD612601DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
229  "8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
230  4),
231  EcRecommendedParameters<EC2N>(ASN1::sect233r1(),
232  233, 74, 0,
233  "000000000000000000000000000000000000000000000000000000000001",
234  "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
235  "0400FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
236  "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
237  2),
238  EcRecommendedParameters<EC2N>(ASN1::sect409k1(),
239  409, 87, 0,
240  "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
241  "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
242  "040060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE902374601E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
243  "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
244  4),
245  EcRecommendedParameters<EC2N>(ASN1::sect409r1(),
246  409, 87, 0,
247  "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
248  "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
249  "04015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A70061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
250  "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
251  2),
252  EcRecommendedParameters<EC2N>(ASN1::sect571k1(),
253  571, 10, 5, 2, 0,
254  "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
255  "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
256  "04026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C89720349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
257  "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
258  4),
259  EcRecommendedParameters<EC2N>(ASN1::sect571r1(),
260  571, 10, 5, 2, 0,
261  "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
262  "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
263  "040303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
264  "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
265  2),
266  };
267  begin = rec;
268  end = rec + sizeof(rec)/sizeof(rec[0]);
269 }
270 
271 static void GetRecommendedParameters(const EcRecommendedParameters<ECP> *&begin, const EcRecommendedParameters<ECP> *&end)
272 {
273  // this array must be sorted by OID
274  static const EcRecommendedParameters<ECP> rec[] = {
275  EcRecommendedParameters<ECP>(ASN1::secp192r1(),
276  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
277  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
278  "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
279  "04188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF101207192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
280  "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
281  1),
282  EcRecommendedParameters<ECP>(ASN1::secp256r1(),
283  "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
284  "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
285  "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
286  "046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
287  "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
288  1),
289  EcRecommendedParameters<ECP>(ASN1::brainpoolP160r1(),
290  "E95E4A5F737059DC60DFC7AD95B3D8139515620F",
291  "340E7BE2A280EB74E2BE61BADA745D97E8F7C300",
292  "1E589A8595423412134FAA2DBDEC95C8D8675E58",
293  "04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321",
294  "E95E4A5F737059DC60DF5991D45029409E60FC09",
295  1),
296  EcRecommendedParameters<ECP>(ASN1::brainpoolP192r1(),
297  "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297",
298  "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF",
299  "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9",
300  "04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F",
301  "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1",
302  1),
303  EcRecommendedParameters<ECP>(ASN1::brainpoolP224r1(),
304  "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF",
305  "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43",
306  "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B",
307  "040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD",
308  "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F",
309  1),
310  EcRecommendedParameters<ECP>(ASN1::brainpoolP256r1(),
311  "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377",
312  "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9",
313  "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6",
314  "048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997",
315  "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7",
316  1),
317  EcRecommendedParameters<ECP>(ASN1::brainpoolP320r1(),
318  "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27",
319  "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4",
320  "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6",
321  "0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1",
322  "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311",
323  1),
324  EcRecommendedParameters<ECP>(ASN1::brainpoolP384r1(),
325  "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53",
326  "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826",
327  "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11",
328  "041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315",
329  "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565",
330  1),
331  EcRecommendedParameters<ECP>(ASN1::brainpoolP512r1(),
332  "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3",
333  "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA",
334  "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723",
335  "0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892",
336  "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069",
337  1),
338  EcRecommendedParameters<ECP>(ASN1::secp112r1(),
339  "DB7C2ABF62E35E668076BEAD208B",
340  "DB7C2ABF62E35E668076BEAD2088",
341  "659EF8BA043916EEDE8911702B22",
342  "0409487239995A5EE76B55F9C2F098A89CE5AF8724C0A23E0E0FF77500",
343  "DB7C2ABF62E35E7628DFAC6561C5",
344  1),
345  EcRecommendedParameters<ECP>(ASN1::secp112r2(),
346  "DB7C2ABF62E35E668076BEAD208B",
347  "6127C24C05F38A0AAAF65C0EF02C",
348  "51DEF1815DB5ED74FCC34C85D709",
349  "044BA30AB5E892B4E1649DD0928643ADCD46F5882E3747DEF36E956E97",
350  "36DF0AAFD8B8D7597CA10520D04B",
351  4),
352  EcRecommendedParameters<ECP>(ASN1::secp160r1(),
353  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
354  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
355  "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
356  "044A96B5688EF573284664698968C38BB913CBFC8223A628553168947D59DCC912042351377AC5FB32",
357  "0100000000000000000001F4C8F927AED3CA752257",
358  1),
359  EcRecommendedParameters<ECP>(ASN1::secp160k1(),
360  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
361  "0000000000000000000000000000000000000000",
362  "0000000000000000000000000000000000000007",
363  "043B4C382CE37AA192A4019E763036F4F5DD4D7EBB938CF935318FDCED6BC28286531733C3F03C4FEE",
364  "0100000000000000000001B8FA16DFAB9ACA16B6B3",
365  1),
366  EcRecommendedParameters<ECP>(ASN1::secp256k1(),
367  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
368  "0000000000000000000000000000000000000000000000000000000000000000",
369  "0000000000000000000000000000000000000000000000000000000000000007",
370  "0479BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
371  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
372  1),
373  EcRecommendedParameters<ECP>(ASN1::secp128r1(),
374  "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
375  "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
376  "E87579C11079F43DD824993C2CEE5ED3",
377  "04161FF7528B899B2D0C28607CA52C5B86CF5AC8395BAFEB13C02DA292DDED7A83",
378  "FFFFFFFE0000000075A30D1B9038A115",
379  1),
380  EcRecommendedParameters<ECP>(ASN1::secp128r2(),
381  "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
382  "D6031998D1B3BBFEBF59CC9BBFF9AEE1",
383  "5EEEFCA380D02919DC2C6558BB6D8A5D",
384  "047B6AA5D85E572983E6FB32A7CDEBC14027B6916A894D3AEE7106FE805FC34B44",
385  "3FFFFFFF7FFFFFFFBE0024720613B5A3",
386  4),
387  EcRecommendedParameters<ECP>(ASN1::secp160r2(),
388  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
389  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",
390  "B4E134D3FB59EB8BAB57274904664D5AF50388BA",
391  "0452DCB034293A117E1F4FF11B30F7199D3144CE6DFEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E",
392  "0100000000000000000000351EE786A818F3A1A16B",
393  1),
394  EcRecommendedParameters<ECP>(ASN1::secp192k1(),
395  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",
396  "000000000000000000000000000000000000000000000000",
397  "000000000000000000000000000000000000000000000003",
398  "04DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D",
399  "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D",
400  1),
401  EcRecommendedParameters<ECP>(ASN1::secp224k1(),
402  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",
403  "00000000000000000000000000000000000000000000000000000000",
404  "00000000000000000000000000000000000000000000000000000005",
405  "04A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5",
406  "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",
407  1),
408  EcRecommendedParameters<ECP>(ASN1::secp224r1(),
409  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
410  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
411  "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
412  "04B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
413  "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
414  1),
415  EcRecommendedParameters<ECP>(ASN1::secp384r1(),
416  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
417  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
418  "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
419  "04AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB73617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
420  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
421  1),
422  EcRecommendedParameters<ECP>(ASN1::secp521r1(),
423  "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
424  "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
425  "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
426  "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
427  "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
428  1),
429  };
430  begin = rec;
431  end = rec + sizeof(rec)/sizeof(rec[0]);
432 }
433 
435 {
436  const EcRecommendedParameters<EllipticCurve> *begin, *end;
437  GetRecommendedParameters(begin, end);
438  const EcRecommendedParameters<EllipticCurve> *it = std::upper_bound(begin, end, oid, OIDLessThan());
439  return (it == end ? OID() : it->oid);
440 }
441 
442 template <class EC> void DL_GroupParameters_EC<EC>::Initialize(const OID &oid)
443 {
444  const EcRecommendedParameters<EllipticCurve> *begin, *end;
445  GetRecommendedParameters(begin, end);
446  const EcRecommendedParameters<EllipticCurve> *it = std::lower_bound(begin, end, oid, OIDLessThan());
447  if (it == end || it->oid != oid)
448  throw UnknownOID();
449 
450  const EcRecommendedParameters<EllipticCurve> &param = *it;
451  m_oid = oid;
452  member_ptr<EllipticCurve> ec(param.NewEC());
453  this->m_groupPrecomputation.SetCurve(*ec);
454 
455  StringSource ssG(param.g, true, new HexDecoder);
456  Element G;
457  bool result = GetCurve().DecodePoint(G, ssG, (size_t)ssG.MaxRetrievable());
458  this->SetSubgroupGenerator(G);
459 
460  // TODO: this fails in practice. Should it throw?
461  CRYPTOPP_UNUSED(result); CRYPTOPP_ASSERT(result);
462 
463  StringSource ssN(param.n, true, new HexDecoder);
464  m_n.Decode(ssN, (size_t)ssN.MaxRetrievable());
465  m_k = param.h;
466 }
467 
468 template <class EC>
469 bool DL_GroupParameters_EC<EC>::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
470 {
471  if (strcmp(name, Name::GroupOID()) == 0)
472  {
473  if (m_oid.m_values.empty())
474  return false;
475 
476  this->ThrowIfTypeMismatch(name, typeid(OID), valueType);
477  *reinterpret_cast<OID *>(pValue) = m_oid;
478  return true;
479  }
480  else
481  return GetValueHelper<DL_GroupParameters<Element> >(this, name, valueType, pValue).Assignable()
482  CRYPTOPP_GET_FUNCTION_ENTRY(Curve);
483 }
484 
485 template <class EC>
487 {
488  OID oid;
489  if (source.GetValue(Name::GroupOID(), oid))
490  Initialize(oid);
491  else
492  {
493  EllipticCurve ec;
494  Point G;
495  Integer n;
496 
497  source.GetRequiredParameter("DL_GroupParameters_EC<EC>", Name::Curve(), ec);
498  source.GetRequiredParameter("DL_GroupParameters_EC<EC>", Name::SubgroupGenerator(), G);
499  source.GetRequiredParameter("DL_GroupParameters_EC<EC>", Name::SubgroupOrder(), n);
501 
502  Initialize(ec, G, n, k);
503  }
504 }
505 
506 template <class EC>
508 {
509  try
510  {
511  CRYPTOPP_UNUSED(rng);
512  AssignFrom(alg);
513  }
514  catch (InvalidArgument &)
515  {
516  throw NotImplemented("DL_GroupParameters_EC<EC>: curve generation is not implemented yet");
517  }
518 }
519 
520 template <class EC>
522 {
523  byte b;
524  if (!bt.Peek(b))
525  BERDecodeError();
526  if (b == OBJECT_IDENTIFIER)
527  Initialize(OID(bt));
528  else
529  {
530  BERSequenceDecoder seq(bt);
531  word32 version;
532  BERDecodeUnsigned<word32>(seq, version, INTEGER, 1, 1); // check version
533  EllipticCurve ec(seq);
534  Point G = ec.BERDecodePoint(seq);
535  Integer n(seq);
536  Integer k;
537  bool cofactorPresent = !seq.EndReached();
538  if (cofactorPresent)
539  k.BERDecode(seq);
540  else
541  k = Integer::Zero();
542  seq.MessageEnd();
543 
544  Initialize(ec, G, n, k);
545  }
546 }
547 
548 template <class EC>
550 {
551  if (m_encodeAsOID && !m_oid.m_values.empty())
552  m_oid.DEREncode(bt);
553  else
554  {
555  DERSequenceEncoder seq(bt);
556  DEREncodeUnsigned<word32>(seq, 1); // version
557  GetCurve().DEREncode(seq);
558  GetCurve().DEREncodePoint(seq, this->GetSubgroupGenerator(), m_compress);
559  m_n.DEREncode(seq);
560  if (m_k.NotZero())
561  m_k.DEREncode(seq);
562  seq.MessageEnd();
563  }
564 }
565 
566 template <class EC>
568 {
569  if (!m_k)
570  {
571  Integer q = GetCurve().FieldSize();
572  Integer qSqrt = q.SquareRoot();
573  m_k = (q+2*qSqrt+1)/m_n;
574  }
575 
576  return m_k;
577 }
578 
579 template <class EC>
581 {
582  return ConvertToInteger(element.x);
583 };
584 
585 template <class EC>
587 {
588  bool pass = GetCurve().ValidateParameters(rng, level);
589 
590  Integer q = GetCurve().FieldSize();
591  pass = pass && m_n!=q;
592 
593  if (level >= 2)
594  {
595  Integer qSqrt = q.SquareRoot();
596  pass = pass && m_n>4*qSqrt;
597  pass = pass && VerifyPrime(rng, m_n, level-2);
598  pass = pass && (m_k.IsZero() || m_k == (q+2*qSqrt+1)/m_n);
599  pass = pass && CheckMOVCondition(q, m_n);
600  }
601 
602  return pass;
603 }
604 
605 template <class EC>
606 bool DL_GroupParameters_EC<EC>::ValidateElement(unsigned int level, const Element &g, const DL_FixedBasePrecomputation<Element> *gpc) const
607 {
608  bool pass = !IsIdentity(g) && GetCurve().VerifyPoint(g);
609  if (level >= 1)
610  {
611  if (gpc)
612  pass = pass && gpc->Exponentiate(this->GetGroupPrecomputation(), Integer::One()) == g;
613  }
614  if (level >= 2 && pass)
615  {
616  const Integer &q = GetSubgroupOrder();
617  Element gq = gpc ? gpc->Exponentiate(this->GetGroupPrecomputation(), q) : this->ExponentiateElement(g, q);
618  pass = pass && IsIdentity(gq);
619  }
620  return pass;
621 }
622 
623 template <class EC>
624 void DL_GroupParameters_EC<EC>::SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const
625 {
626  GetCurve().SimultaneousMultiply(results, base, exponents, exponentsCount);
627 }
628 
629 template <class EC>
630 typename DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::MultiplyElements(const Element &a, const Element &b) const
631 {
632  return GetCurve().Add(a, b);
633 }
634 
635 template <class EC>
636 typename DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::CascadeExponentiate(const Element &element1, const Integer &exponent1, const Element &element2, const Integer &exponent2) const
637 {
638  return GetCurve().CascadeMultiply(exponent1, element1, exponent2, element2);
639 }
640 
641 template <class EC>
643 {
644  return ASN1::id_ecPublicKey();
645 }
646 
647 // ******************************************************************
648 
649 template <class EC>
650 void DL_PublicKey_EC<EC>::BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
651 {
652  CRYPTOPP_UNUSED(parametersPresent);
653 
654  typename EC::Point P;
655  if (!this->GetGroupParameters().GetCurve().DecodePoint(P, bt, size))
656  BERDecodeError();
657  this->SetPublicElement(P);
658 }
659 
660 template <class EC>
662 {
663  this->GetGroupParameters().GetCurve().EncodePoint(bt, this->GetPublicElement(), this->GetGroupParameters().GetPointCompression());
664 }
665 
666 // ******************************************************************
667 
668 template <class EC>
669 void DL_PrivateKey_EC<EC>::BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
670 {
671  CRYPTOPP_UNUSED(size);
672  BERSequenceDecoder seq(bt);
673  word32 version;
674  BERDecodeUnsigned<word32>(seq, version, INTEGER, 1, 1); // check version
675 
676  BERGeneralDecoder dec(seq, OCTET_STRING);
677  if (!dec.IsDefiniteLength())
678  BERDecodeError();
679  Integer x;
680  x.Decode(dec, (size_t)dec.RemainingLength());
681  dec.MessageEnd();
682  if (!parametersPresent && seq.PeekByte() != (CONTEXT_SPECIFIC | CONSTRUCTED | 0))
683  BERDecodeError();
684  if (!seq.EndReached() && seq.PeekByte() == (CONTEXT_SPECIFIC | CONSTRUCTED | 0))
685  {
686  BERGeneralDecoder parameters(seq, CONTEXT_SPECIFIC | CONSTRUCTED | 0);
687  this->AccessGroupParameters().BERDecode(parameters);
688  parameters.MessageEnd();
689  }
690  if (!seq.EndReached())
691  {
692  // skip over the public element
693  SecByteBlock subjectPublicKey;
694  unsigned int unusedBits;
695  BERGeneralDecoder publicKey(seq, CONTEXT_SPECIFIC | CONSTRUCTED | 1);
696  BERDecodeBitString(publicKey, subjectPublicKey, unusedBits);
697  publicKey.MessageEnd();
698  Element Q;
699  if (!(unusedBits == 0 && this->GetGroupParameters().GetCurve().DecodePoint(Q, subjectPublicKey, subjectPublicKey.size())))
700  BERDecodeError();
701  }
702  seq.MessageEnd();
703 
704  this->SetPrivateExponent(x);
705 }
706 
707 template <class EC>
709 {
710  DERSequenceEncoder privateKey(bt);
711  DEREncodeUnsigned<word32>(privateKey, 1); // version
712  // SEC 1 ver 1.0 says privateKey (m_d) has the same length as order of the curve
713  // this will be changed to order of base point in a future version
714  this->GetPrivateExponent().DEREncodeAsOctetString(privateKey, this->GetGroupParameters().GetSubgroupOrder().ByteCount());
715  privateKey.MessageEnd();
716 }
717 
718 NAMESPACE_END
719 
720 #endif
Standard names for retrieving values by name when working with NameValuePairs.
An invalid argument was detected.
Definition: cryptlib.h:184
void GetRequiredParameter(const char *className, const char *name, T &value) const
Retrieves a required name/value pair.
Definition: cryptlib.h:408
Utility functions for the Crypto++ library.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Definition: eccrypto.cpp:486
virtual size_t Peek(byte &outByte) const
Peek a 8-bit byte.
Definition: cryptlib.cpp:534
T GetValueWithDefault(const char *name, T defaultValue) const
Get a named value.
Definition: cryptlib.h:350
GF(2^n) with Trinomial Basis.
Definition: gf2n.h:326
Elliptic Curve over GF(p), where p is prime.
Definition: ecp.h:22
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Definition: eccrypto.cpp:469
Decode base 16 data back to bytes.
Definition: hex.h:36
bool IsEven() const
Determines if the Integer is even parity.
Definition: integer.h:342
unsigned int ByteCount() const
number of significant bytes = ceiling(BitCount()/8)
Definition: gf2n.cpp:195
size_type size() const
Provides the count of elements in the SecBlock.
Definition: secblock.h:524
ASN.1 object identifiers for algorthms and schemes.
Classes for automatic resource management.
Library configuration file.
Interface for random number generators.
Definition: cryptlib.h:1188
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
this implementation doesn't actually generate a curve, it just initializes the parameters with existi...
Definition: eccrypto.cpp:507
SecBlock typedef.
Definition: secblock.h:731
BER Sequence Decoder.
Definition: asn.h:302
Interface for buffered transformations.
Definition: cryptlib.h:1352
static const Integer & One()
Integer representing 1.
Definition: integer.cpp:3035
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
Definition: eccrypto.cpp:708
Polynomial with Coefficients in GF(2)
Definition: gf2n.h:21
Pointer that overloads operator ->
Definition: smartptr.h:39
Classes for Elliptic Curves over binary fields.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
Definition: integer.cpp:3305
bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const
Check the group for errors.
Definition: eccrypto.cpp:586
Integer SquareRoot() const
Extract square root.
Definition: integer.cpp:4320
bool GetValue(const char *name, T &value) const
Get a named value.
Definition: cryptlib.h:337
MQV domain for performing authenticated key agreement.
Definition: mqv.h:27
A method was called which was not implemented.
Definition: cryptlib.h:205
bool VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level=1)
Verifies a prime number.
Definition: nbtheory.cpp:249
Classes for HexEncoder and HexDecoder.
const char * GroupOID()
OID.
Definition: argnames.h:41
void Encode(byte *output, size_t outputLen) const
encode in big-endian format
Definition: gf2n.cpp:150
Multiple precision integer with arithmetic operations.
Definition: integer.h:43
Elliptic Curve over GF(2^n)
Definition: ec2n.h:24
const char * SubgroupGenerator()
Integer, ECP::Point, or EC2N::Point.
Definition: argnames.h:39
void DEREncodePublicKey(BufferedTransformation &bt) const
encode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
Definition: eccrypto.cpp:661
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Definition: trap.h:62
Diffie-Hellman domain.
Definition: dh.h:25
void BERDecodeError()
Raises a BERDecodeErr.
Definition: asn.h:68
Classes and functions for working with ANS.1 objects.
Elliptic Curve Parameters.
Definition: eccrypto.h:31
Implementation of BufferedTransformation's attachment interface.
GF(2^n) with Pentanomial Basis.
Definition: gf2n.h:350
Classes and functions for number theoretic operations.
DER Sequence Encoder.
Definition: asn.h:312
const char * Cofactor()
Integer.
Definition: argnames.h:38
Exception thrown when an unknown object identifier is encountered.
Definition: asn.h:71
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
Definition: integer.cpp:3314
virtual lword MaxRetrievable() const
Provides the number of bytes ready for retrieval.
Definition: cryptlib.cpp:496
Multiple precision integer with arithmetic operations.
static const Integer & Zero()
Integer representing 0.
Definition: integer.cpp:3027
void Initialize(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k=Integer::Zero())
Initialize an EC GroupParameters using {EC,G,n,k}.
Definition: eccrypto.h:70
size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
DER decode bit string.
Definition: asn.cpp:182
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
Definition: integer.cpp:3398
Classes and functions for Elliptic Curves over prime and binary fields.
Crypto++ library namespace.
const char * Curve()
ECP or EC2N.
Definition: argnames.h:40
BER General Decoder.
Definition: asn.h:245
Integer GetCofactor() const
Retrieves the cofactor.
Definition: eccrypto.cpp:567
Object Identifier.
Definition: asn.h:165
const char * SubgroupOrder()
Integer.
Definition: argnames.h:37
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
Definition: eccrypto.cpp:650
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
Definition: eccrypto.cpp:669
Interface for retrieving values given their names.
Definition: cryptlib.h:279
Template implementing constructors for public key algorithm classes.
Definition: pubkey.h:1954