Crypto++
8.6
Free C++ class library of cryptographic schemes
|
Go to the documentation of this file.
4 #ifndef CRYPTOPP_FHMQV_H
5 #define CRYPTOPP_FHMQV_H
23 template <
class GROUP_PARAMETERS,
class COFACTOR_OPTION =
typename GROUP_PARAMETERS::DefaultCofactorOption,
class HASH = SHA512>
27 typedef GROUP_PARAMETERS GroupParameters;
28 typedef typename GroupParameters::Element Element;
38 : m_role(clientRole ? RoleClient : RoleServer) {}
45 FHMQV_Domain(
const GroupParameters ¶ms,
bool clientRole =
true)
46 : m_role(clientRole ? RoleClient : RoleServer), m_groupParameters(params) {}
54 : m_role(clientRole ? RoleClient : RoleServer)
55 {m_groupParameters.BERDecode(bt);}
66 : m_role(clientRole ? RoleClient : RoleServer)
67 {m_groupParameters.Initialize(v1);}
78 template <
class T1,
class T2>
80 : m_role(clientRole ? RoleClient : RoleServer)
81 {m_groupParameters.Initialize(v1, v2);}
94 template <
class T1,
class T2,
class T3>
96 : m_role(clientRole ? RoleClient : RoleServer)
97 {m_groupParameters.Initialize(v1, v2, v3);}
112 template <
class T1,
class T2,
class T3,
class T4>
114 : m_role(clientRole ? RoleClient : RoleServer)
115 {m_groupParameters.Initialize(v1, v2, v3, v4);}
138 {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
144 {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
153 {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
177 CRYPTOPP_UNUSED(rng);
216 CRYPTOPP_UNUSED(rng);
244 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
245 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
246 bool validateStaticOtherPublicKey=
true)
const
248 const byte *XX = NULLPTR, *YY = NULLPTR, *AA = NULLPTR, *BB = NULLPTR;
249 size_t xxs = 0, yys = 0, aas = 0, bbs = 0;
260 if(m_role == RoleServer)
266 XX = ephemeralOtherPublicKey;
270 AA = staticOtherPublicKey;
283 YY = ephemeralOtherPublicKey;
287 BB = staticOtherPublicKey;
291 Element VV1 = params.
DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
292 Element VV2 = params.
DecodeElement(ephemeralOtherPublicKey,
true);
295 const unsigned int len = (((q.
BitCount()+1)/2 +7)/8);
298 Hash(NULLPTR, XX, xxs, YY, yys, AA, aas, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
299 Integer d(dd.BytePtr(), dd.SizeInBytes());
301 Hash(NULLPTR, YY, yys, XX, xxs, AA, aas, BB, bbs, ee.
BytePtr(), ee.
SizeInBytes());
305 if(m_role == RoleServer)
315 Element t2 = m_groupParameters.MultiplyElements(X, t1);
329 Element t2 = m_groupParameters.MultiplyElements(Y, t1);
334 Hash(&sigma, XX, xxs, YY, yys, AA, aas, BB, bbs, agreedValue,
AgreedValueLength());
346 inline void Hash(
const Element* sigma,
347 const byte* e1,
size_t e1len,
const byte* e2,
size_t e2len,
348 const byte* s1,
size_t s1len,
const byte* s2,
size_t s2len,
349 byte* digest,
size_t dlen)
const
352 size_t idx = 0, req = dlen;
353 size_t blk =
STDMIN(dlen, (
size_t)HASH::DIGESTSIZE);
360 SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(
false));
361 GetAbstractGroupParameters().EncodeElement(
false, *sigma, sbb);
362 hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
365 hash.Update(e1, e1len);
366 hash.Update(e2, e2len);
367 hash.Update(s1, s1len);
368 hash.Update(s2, s2len);
370 hash.TruncatedFinal(digest, blk);
376 hash.Update(&digest[idx], (
size_t)HASH::DIGESTSIZE);
378 idx += (size_t)HASH::DIGESTSIZE;
379 blk =
STDMIN(req, (
size_t)HASH::DIGESTSIZE);
380 hash.TruncatedFinal(&digest[idx], blk);
389 enum KeyAgreementRole { RoleServer = 1, RoleClient };
394 GroupParameters m_groupParameters;
395 KeyAgreementRole m_role;
CryptoParameters & AccessCryptoParameters()
Retrieves the crypto parameters for this domain.
const GroupParameters & GetGroupParameters() const
Retrieves the group parameters for this domain.
Interface for crypto parameters.
void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate static private key in this domain.
const CryptoMaterial & GetMaterial() const
Retrieves a reference to Crypto Parameters.
FHMQV_Domain(T1 v1, T2 v2, bool clientRole=true)
Construct a FHMQV domain.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
Fully Hashed Menezes-Qu-Vanstone in GF(p)
Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
FHMQV_Domain(T1 v1, T2 v2, T3 v3, T4 v4, bool clientRole=true)
Construct a FHMQV domain.
byte * BytePtr()
Provides a byte pointer to the first element in the memory block.
void DoQuickSanityCheck() const
Perform a quick sanity check.
Interface for domains of authenticated key agreement protocols.
Interface for random number generators.
size_type SizeInBytes() const
Provides the number of bytes in the SecBlock.
FHMQV_Domain(bool clientRole=true)
Construct a FHMQV domain.
FHMQV_Domain(BufferedTransformation &bt, bool clientRole=true)
Construct a FHMQV domain.
unsigned int EphemeralPublicKeyLength() const
Provides the size of the ephemeral public key.
Classes for SHA-1 and SHA-2 family of message digests.
FHMQV_Domain(const GroupParameters ¶ms, bool clientRole=true)
Construct a FHMQV domain.
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
FHMQV_Domain< DL_GroupParameters_GFP_DefaultSafePrime > FHMQV
Fully Hashed Menezes-Qu-Vanstone in GF(p)
void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a static public key from a private key in this domain.
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
unsigned int EphemeralPrivateKeyLength() const
Provides the size of the ephemeral private key.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
unsigned int StaticPublicKeyLength() const
Provides the size of the static public key.
void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate ephemeral public key from a private key in this domain.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
bool Agree(byte *agreedValue, const byte *staticPrivateKey, const byte *ephemeralPrivateKey, const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey, bool validateStaticOtherPublicKey=true) const
Derive agreed value or shared secret.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
Classes for performing mathematics over different fields.
Crypto++ library namespace.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
unsigned int StaticPrivateKeyLength() const
Provides the size of the static private key.
Interface for Discrete Log (DL) group parameters.
Exception thrown when an invalid group element is encountered.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
static const Integer & One()
Integer representing 1.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
FHMQV_Domain(T1 v1, bool clientRole=true)
Construct a FHMQV domain.
GroupParameters & AccessGroupParameters()
Retrieves the group parameters for this domain.
Multiple precision integer with arithmetic operations.
FHMQV_Domain(T1 v1, T2 v2, T3 v3, bool clientRole=true)
Construct a FHMQV domain.
void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate ephemeral private key in this domain.