34 #ifndef CRYPTOPP_PUBKEY_H
35 #define CRYPTOPP_PUBKEY_H
39 #if CRYPTOPP_MSC_VERSION
40 # pragma warning(push)
41 # pragma warning(disable: 4702)
55 #if defined(__SUNPRO_CC)
56 # define MAYBE_RETURN(x) return x
58 # define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
80 virtual Integer PreimageBound()
const =0;
84 virtual Integer ImageBound()
const =0;
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const
214 {CRYPTOPP_UNUSED(name);
return false;}
217 virtual size_t MaxUnpaddedLength(
size_t paddedLength)
const =0;
229 template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
248 template <
class BASE>
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const
257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266 template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303 typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const
316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const
318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const
329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const
331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const
335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const
362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const
371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
382 return HashIdentifier(
static_cast<const byte *
>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
458 void Update(
const byte *input,
size_t length)
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472 template <
class HASH_ALGORITHM>
482 template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const
489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const
491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const
493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const
496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const
498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const
500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
516 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
526 void InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
size_t signatureLength)
const;
537 template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552 template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const
597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const
601 HashIdentifier GetHashIdentifier()
const
603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const
608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
670 template <
class SCHEME_OPTIONS>
677 template <
class SCHEME_OPTIONS>
699 virtual void GenerateAndMask(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
bool mask =
true)
const =0;
713 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
736 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
760 static void CRYPTOPP_API DeriveKey(
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength)
763 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
795 if (!GetBasePrecomputation().IsInitialized())
798 if (m_validationLevel > level)
802 bool pass = ValidateGroup(rng, level);
803 CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
806 m_validationLevel = pass ? level+1 : 0;
811 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
813 return GetValueHelper(
this, name, valueType, pValue)
814 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupOrder)
815 CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupGenerator)
834 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
843 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844 m_validationLevel = 0;
853 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
859 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
864 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
871 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
882 SimultaneousExponentiate(&result, base, &exponent, 1);
900 virtual const Integer & GetSubgroupOrder()
const =0;
904 virtual Integer GetMaxExponent()
const =0;
922 virtual unsigned int GetEncodedElementSize(
bool reversible)
const =0;
930 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
938 virtual Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
944 virtual Integer ConvertElementToInteger(
const Element &element)
const =0;
979 virtual bool FastSubgroupCheckAvailable()
const =0;
987 virtual bool IsIdentity(
const Element &element)
const =0;
999 virtual void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const =0;
1002 void ParametersChanged() {m_validationLevel = 0;}
1005 mutable unsigned int m_validationLevel;
1012 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
1016 typedef GROUP_PRECOMP GroupPrecomputation;
1017 typedef typename GROUP_PRECOMP::Element Element;
1018 typedef BASE_PRECOMP BasePrecomputation;
1035 GROUP_PRECOMP m_groupPrecomputation;
1077 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1080 CRYPTOPP_GET_FUNCTION_ENTRY(PublicElement);
1162 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1165 CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent);
1173 AssignFromHelper(
this, source)
1174 CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent);
1180 virtual const Integer & GetPrivateExponent()
const =0;
1184 virtual void SetPrivateExponent(
const Integer &x) =0;
1199 this->AccessAbstractGroupParameters().AssignFrom(source);
1200 AssignFromHelper(
this, source)
1201 CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
1211 template <
class PK,
class GP,
class O = OID>
1215 typedef GP GroupParameters;
1219 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1221 {AccessGroupParameters().BERDecode(bt);
return true;}
1223 {GetGroupParameters().DEREncode(bt);
return true;}
1225 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1226 GP & AccessGroupParameters() {
return m_groupParameters;}
1229 GP m_groupParameters;
1241 typedef typename GP::Element Element;
1249 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1251 const Integer &q = GetAbstractGroupParameters().GetSubgroupOrder();
1252 const Integer &x = GetPrivateExponent();
1256 pass = pass && x.IsPositive() && x < q;
1266 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1268 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1273 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1279 this->AccessGroupParameters().GenerateRandom(rng, params);
1293 {GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);}
1300 const Integer & GetPrivateExponent()
const {
return m_x;}
1313 template <
class BASE,
class SIGNATURE_SCHEME>
1321 BASE::GenerateRandom(rng, params);
1325 typename SIGNATURE_SCHEME::Signer signer(*
this);
1326 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1338 typedef typename GP::Element Element;
1346 bool pass = GetAbstractGroupParameters().Validate(rng, level);
1348 pass = pass && GetAbstractGroupParameters().ValidateElement(level, this->
GetPublicElement(), &GetPublicPrecomputation());
1352 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
1354 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1359 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1367 AccessPublicPrecomputation().Precompute(GetAbstractGroupParameters().GetGroupPrecomputation(), GetAbstractGroupParameters().GetSubgroupOrder().BitCount(), precomputationStorage);
1378 GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);
1379 GetPublicPrecomputation().Save(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1395 typename GP::BasePrecomputation m_ypc;
1435 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1436 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1484 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1497 virtual bool ParameterSupported(
const char *name)
const
1498 {CRYPTOPP_UNUSED(name);
return false;}
1499 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1509 virtual bool ParameterSupported(
const char *name)
const
1510 {CRYPTOPP_UNUSED(name);
return false;}
1511 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1512 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1513 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1514 virtual void SymmetricEncrypt(
RandomNumberGenerator &rng,
const byte *key,
const byte *plaintext,
size_t plaintextLength,
byte *ciphertext,
const NameValuePairs ¶meters)
const =0;
1515 virtual DecodingResult SymmetricDecrypt(
const byte *key,
const byte *ciphertext,
size_t ciphertextLength,
byte *plaintext,
const NameValuePairs ¶meters)
const =0;
1524 typedef KI KeyInterface;
1525 typedef typename KI::Element Element;
1532 virtual KeyInterface & AccessKeyInterface() =0;
1533 virtual const KeyInterface & GetKeyInterface()
const =0;
1541 template <
class INTFACE,
class KEY_INTFACE>
1552 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1553 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1559 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1576 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1581 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1584 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1585 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1588 virtual bool IsDeterministic()
const {
return false;}
1592 virtual HashIdentifier GetHashIdentifier()
const =0;
1593 virtual size_t GetDigestSize()
const =0;
1623 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1624 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1625 recoverableMessage, recoverableMessageLength,
1626 ma.m_presignature, ma.m_presignature.
size(),
1627 ma.m_semisignature);
1632 this->GetMaterial().DoQuickSanityCheck();
1639 SecByteBlock representative(this->MessageRepresentativeLength());
1640 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1642 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1643 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1644 representative, this->MessageRepresentativeBitLength());
1669 if (ks.
BitCount() == q.BitCount()) {
1686 const size_t rLen = alg.
RLen(params);
1687 r.Encode(signature, rLen);
1691 RestartMessageAccumulator(rng, ma);
1710 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1732 const size_t rLen = alg.
RLen(params);
1733 const size_t sLen = alg.
SLen(params);
1735 if (signatureLength < rLen + sLen)
1738 ma.m_semisignature.
Assign(signature, rLen);
1739 ma.m_s.
Decode(signature+rLen, sLen);
1741 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1746 this->GetMaterial().DoQuickSanityCheck();
1753 SecByteBlock representative(this->MessageRepresentativeLength());
1754 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1755 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1756 representative, this->MessageRepresentativeBitLength());
1760 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1761 return alg.
Verify(params, key, e, r, ma.m_s);
1766 this->GetMaterial().DoQuickSanityCheck();
1773 SecByteBlock representative(this->MessageRepresentativeLength());
1774 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1776 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1777 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1778 representative, this->MessageRepresentativeBitLength());
1783 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1786 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1787 ma.AccessHash(), this->GetHashIdentifier(),
1788 ma.m_presignature, ma.m_presignature.
size(),
1789 ma.m_semisignature, ma.m_semisignature.
size(),
1797 template <
class PK,
class KI>
1801 typedef typename DL_Base<KI>::Element Element;
1805 size_t MaxPlaintextLength(
size_t ciphertextLength)
const
1807 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1808 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1811 size_t CiphertextLength(
size_t plaintextLength)
const
1813 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1814 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1817 bool ParameterSupported(
const char *name)
const
1818 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1841 CRYPTOPP_UNUSED(rng);
1850 ciphertext += elementSize;
1851 ciphertextLength -= elementSize;
1853 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1855 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1856 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1858 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1890 ciphertext += elementSize;
1894 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1895 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1897 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1904 template <
class T1,
class T2>
1907 typedef T1 AlgorithmInfo;
1908 typedef T2 GroupParameters;
1909 typedef typename GroupParameters::Element Element;
1915 template <
class T1,
class T2>
1919 typedef typename Keys::PrivateKey
PrivateKey;
1920 typedef typename Keys::PublicKey
PublicKey;
1929 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1932 typedef T3 SignatureAlgorithm;
1933 typedef T4 MessageEncodingMethod;
1934 typedef T5 HashFunction;
1943 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1947 typedef T4 KeyDerivationAlgorithm;
1948 typedef T5 SymmetricEncryptionAlgorithm;
1955 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1959 typedef SCHEME_OPTIONS SchemeOptions;
1960 typedef typename KEY::Element Element;
1964 PrivateKey & AccessPrivateKey() {
return m_key;}
1965 PublicKey & AccessPublicKey() {
return m_key;}
1968 const KEY & GetKey()
const {
return m_key;}
1969 KEY & AccessKey() {
return m_key;}
1972 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1973 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1976 HashIdentifier GetHashIdentifier()
const
1978 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1979 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1981 size_t GetDigestSize()
const
1983 typedef typename SchemeOptions::HashFunction H;
1984 return H::DIGESTSIZE;
1995 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1999 typedef typename KEY::Element Element;
2012 HashIdentifier GetHashIdentifier()
const
2013 {
return HashIdentifier();}
2020 template <
class SCHEME_OPTIONS>
2027 this->RestartMessageAccumulator(rng, *p);
2034 template <
class SCHEME_OPTIONS>
2046 template <
class SCHEME_OPTIONS>
2053 template <
class SCHEME_OPTIONS>
2071 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2072 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2073 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2083 CRYPTOPP_UNUSED(rng);
2090 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const
2096 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2098 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2099 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2111 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2140 template <
class ELEMENT,
class COFACTOR_OPTION>
2144 typedef ELEMENT Element;
2146 CRYPTOPP_STATIC_CONSTEXPR
const char*
CRYPTOPP_API StaticAlgorithmName()
2157 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const
2171 if (!validateOtherPublicKey)
2174 if (params.FastSubgroupCheckAvailable())
2196 template <
class BASE>
2203 {this->AccessKey().AssignFrom(key);}
2206 {this->AccessKey().BERDecode(bt);}
2209 {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
2212 {this->AccessKey().Initialize(v1);}
2214 template <
class T1,
class T2>
2216 {this->AccessKey().Initialize(v1, v2);}
2218 template <
class T1,
class T2,
class T3>
2220 {this->AccessKey().Initialize(v1, v2, v3);}
2222 template <
class T1,
class T2,
class T3,
class T4>
2224 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2226 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2227 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2228 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2230 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2231 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2232 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2234 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2235 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2236 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2238 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2239 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2240 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2242 template <
class T1,
class T2>
2244 {this->AccessKey().Initialize(v1, v2);}
2246 template <
class T1,
class T2,
class T3>
2248 {this->AccessKey().Initialize(v1, v2, v3);}
2250 template <
class T1,
class T2,
class T3,
class T4>
2252 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2254 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2255 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2256 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2258 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2259 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2260 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2262 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2263 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2264 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2266 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2267 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2268 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2285 template <
class KEYS,
class STANDARD,
class ALG_INFO>
2288 template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2289 class TF_ES :
public KEYS
2291 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2298 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2311 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2314 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2315 class TF_SS :
public KEYS
2323 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2337 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2340 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2341 class DL_SS :
public KEYS
2346 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2360 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2374 #if CRYPTOPP_MSC_VERSION
2375 # pragma warning(pop)