34 #ifndef CRYPTOPP_PUBKEY_H 35 #define CRYPTOPP_PUBKEY_H 39 #if CRYPTOPP_MSC_VERSION 40 # pragma warning(push) 41 # pragma warning(disable: 4702) 55 #if defined(__SUNPRO_CC) 56 # define MAYBE_RETURN(x) return x 58 # define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x) 80 virtual Integer PreimageBound()
const =0;
84 virtual Integer ImageBound()
const =0;
138 {CRYPTOPP_UNUSED(rng);
return ApplyFunction(x);}
191 {
return CalculateInverse(rng, x);}
213 virtual bool ParameterSupported(
const char *name)
const 214 {CRYPTOPP_UNUSED(name);
return false;}
217 virtual size_t MaxUnpaddedLength(
size_t paddedLength)
const =0;
229 template <
class TFI,
class MEI>
237 typedef TFI TrapdoorFunctionInterface;
238 virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const =0;
240 typedef MEI MessageEncodingInterface;
241 virtual const MessageEncodingInterface & GetMessageEncodingInterface()
const =0;
248 template <
class BASE>
254 size_t MaxPlaintextLength(
size_t ciphertextLength)
const 255 {
return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
256 size_t CiphertextLength(
size_t plaintextLength)
const 257 {
return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
259 virtual size_t FixedMaxPlaintextLength()
const =0;
260 virtual size_t FixedCiphertextLength()
const =0;
266 template <
class INTFACE,
class BASE>
272 bool ParameterSupported(
const char *name)
const {
return this->GetMessageEncodingInterface().ParameterSupported(name);}
273 size_t FixedMaxPlaintextLength()
const {
return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
274 size_t FixedCiphertextLength()
const {
return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
277 size_t PaddedBlockByteLength()
const {
return BitsToBytes(PaddedBlockBitLength());}
279 size_t PaddedBlockBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
303 typedef std::pair<const byte *, unsigned int> HashIdentifier;
315 virtual size_t MinRepresentativeBitLength(
size_t hashIdentifierLength,
size_t digestLength)
const 316 {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
317 virtual size_t MaxRecoverableLength(
size_t representativeBitLength,
size_t hashIdentifierLength,
size_t digestLength)
const 318 {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength);
return 0;}
328 bool AllowNonrecoverablePart()
const 329 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330 virtual bool RecoverablePartFirst()
const 331 {
throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
334 virtual void ProcessSemisignature(
HashTransformation &hash,
const byte *semisignature,
size_t semisignatureLength)
const 335 {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
339 const byte *recoverableMessage,
size_t recoverableMessageLength,
340 const byte *presignature,
size_t presignatureLength,
343 CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344 CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345 if (RecoverablePartFirst())
350 const byte *recoverableMessage,
size_t recoverableMessageLength,
352 byte *representative,
size_t representativeBitLength)
const =0;
354 virtual bool VerifyMessageRepresentative(
356 byte *representative,
size_t representativeBitLength)
const =0;
360 byte *representative,
size_t representativeBitLength,
361 byte *recoveredMessage)
const 362 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363 CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
368 const byte *presignature,
size_t presignatureLength,
369 const byte *semisignature,
size_t semisignatureLength,
370 byte *recoveredMessage)
const 371 {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372 CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373 throw NotImplemented(
"PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
382 return HashIdentifier(static_cast<const byte *>(NULLPTR), 0);
394 bool VerifyMessageRepresentative(
396 byte *representative,
size_t representativeBitLength)
const;
405 bool VerifyMessageRepresentative(
407 byte *representative,
size_t representativeBitLength)
const;
417 const byte *recoverableMessage,
size_t recoverableMessageLength,
419 byte *representative,
size_t representativeBitLength)
const;
429 const byte *recoverableMessage,
size_t recoverableMessageLength,
431 byte *representative,
size_t representativeBitLength)
const;
442 const byte *recoverableMessage,
size_t recoverableMessageLength,
444 byte *representative,
size_t representativeBitLength)
const;
460 AccessHash().Update(input, length);
461 m_empty = m_empty && length == 0;
464 SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
472 template <
class HASH_ALGORITHM>
482 template <
class INTFACE,
class BASE>
488 size_t SignatureLength()
const 489 {
return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
490 size_t MaxRecoverableLength()
const 491 {
return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
492 size_t MaxRecoverableLengthFromSignatureLength(
size_t signatureLength)
const 493 {CRYPTOPP_UNUSED(signatureLength);
return this->MaxRecoverableLength();}
495 bool IsProbabilistic()
const 496 {
return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
497 bool AllowNonrecoverablePart()
const 498 {
return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
499 bool RecoverablePartFirst()
const 500 {
return this->GetMessageEncodingInterface().RecoverablePartFirst();}
503 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
505 size_t MessageRepresentativeBitLength()
const {
return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
506 virtual HashIdentifier GetHashIdentifier()
const =0;
507 virtual size_t GetDigestSize()
const =0;
516 void InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
size_t recoverableMessageLength)
const;
537 template <
class T1,
class T2,
class T3>
540 typedef T1 AlgorithmInfo;
543 typedef typename Keys::PublicKey
PublicKey;
544 typedef T3 MessageEncodingMethod;
552 template <
class T1,
class T2,
class T3,
class T4>
555 typedef T4 HashFunction;
562 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
566 typedef SCHEME_OPTIONS SchemeOptions;
567 typedef KEY_CLASS KeyClass;
571 PublicKey & AccessPublicKey() {
return AccessKey();}
572 const PublicKey & GetPublicKey()
const {
return GetKey();}
574 PrivateKey & AccessPrivateKey() {
return AccessKey();}
575 const PrivateKey & GetPrivateKey()
const {
return GetKey();}
577 virtual const KeyClass & GetKey()
const =0;
578 virtual KeyClass & AccessKey() =0;
580 const KeyClass & GetTrapdoorFunction()
const {
return GetKey();}
584 CRYPTOPP_UNUSED(rng);
593 const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface()
const 597 const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface()
const 601 HashIdentifier GetHashIdentifier()
const 603 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
606 size_t GetDigestSize()
const 608 typedef typename SchemeOptions::HashFunction H;
609 return H::DIGESTSIZE;
618 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
625 void SetKeyPtr(
const KEY *pKey) {m_pKey = pKey;}
627 const KEY & GetKey()
const {
return *m_pKey;}
628 KEY & AccessKey() {
throw NotImplemented(
"TF_ObjectImplExtRef: cannot modify refererenced key");}
639 template <
class BASE,
class SCHEME_OPTIONS,
class KEY_CLASS>
643 typedef KEY_CLASS KeyClass;
647 const KeyClass & GetKey()
const {
return m_trapdoorFunction;}
648 KeyClass & AccessKey() {
return m_trapdoorFunction;}
651 KeyClass m_trapdoorFunction;
656 template <
class SCHEME_OPTIONS>
663 template <
class SCHEME_OPTIONS>
670 template <
class SCHEME_OPTIONS>
677 template <
class SCHEME_OPTIONS>
699 virtual void GenerateAndMask(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
bool mask =
true)
const =0;
713 CRYPTOPP_DLL
void CRYPTOPP_API P1363_MGF1KDF2_Common(
HashTransformation &hash,
byte *output,
size_t outputLength,
const byte *input,
size_t inputLength,
const byte *derivationParams,
size_t derivationParamsLength,
bool mask,
unsigned int counterStart);
736 P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
763 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength,
false, 1);
795 if (!GetBasePrecomputation().IsInitialized())
798 if (m_validationLevel > level)
802 bool pass = ValidateGroup(rng, level);
803 CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804 pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
806 m_validationLevel = pass ? level+1 : 0;
811 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 813 return GetValueHelper(
this, name, valueType, pValue)
834 AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
843 AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844 m_validationLevel = 0;
853 GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
859 virtual const Element &
GetSubgroupGenerator()
const {
return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
864 virtual void SetSubgroupGenerator(
const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
871 return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
882 SimultaneousExponentiate(&result, base, &exponent, 1);
900 virtual const Integer & GetSubgroupOrder()
const =0;
904 virtual Integer GetMaxExponent()
const =0;
922 virtual unsigned int GetEncodedElementSize(
bool reversible)
const =0;
930 virtual void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const =0;
938 virtual Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const =0;
944 virtual Integer ConvertElementToInteger(
const Element &element)
const =0;
979 virtual bool FastSubgroupCheckAvailable()
const =0;
987 virtual bool IsIdentity(
const Element &element)
const =0;
999 virtual void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const =0;
1002 void ParametersChanged() {m_validationLevel = 0;}
1005 mutable unsigned int m_validationLevel;
1012 template <
class GROUP_PRECOMP,
class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<
typename GROUP_PRECOMP::Element>,
class BASE = DL_GroupParameters<
typename GROUP_PRECOMP::Element> >
1016 typedef GROUP_PRECOMP GroupPrecomputation;
1017 typedef typename GROUP_PRECOMP::Element Element;
1018 typedef BASE_PRECOMP BasePrecomputation;
1035 GROUP_PRECOMP m_groupPrecomputation;
1077 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 1162 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 1173 AssignFromHelper(
this, source)
1180 virtual const Integer & GetPrivateExponent()
const =0;
1184 virtual void SetPrivateExponent(
const Integer &x) =0;
1199 this->AccessAbstractGroupParameters().AssignFrom(source);
1200 AssignFromHelper(
this, source)
1211 template <
class PK,
class GP,
class O = OID>
1215 typedef GP GroupParameters;
1219 O GetAlgorithmID()
const {
return GetGroupParameters().GetAlgorithmID();}
1221 {AccessGroupParameters().BERDecode(bt);
return true;}
1223 {GetGroupParameters().DEREncode(bt);
return true;}
1225 const GP & GetGroupParameters()
const {
return m_groupParameters;}
1226 GP & AccessGroupParameters() {
return m_groupParameters;}
1229 GP m_groupParameters;
1241 typedef typename GP::Element Element;
1256 pass = pass && x.IsPositive() && x < q;
1266 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 1268 return GetValueHelper<DL_PrivateKey<Element> >(
this, name, valueType, pValue).Assignable();
1273 AssignFromHelper<DL_PrivateKey<Element> >(
this, source);
1279 this->AccessGroupParameters().GenerateRandom(rng, params);
1313 template <
class BASE,
class SIGNATURE_SCHEME>
1321 BASE::GenerateRandom(rng, params);
1325 typename SIGNATURE_SCHEME::Signer signer(*
this);
1326 typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327 SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1338 typedef typename GP::Element Element;
1352 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const 1354 return GetValueHelper<DL_PublicKey<Element> >(
this, name, valueType, pValue).Assignable();
1359 AssignFromHelper<DL_PublicKey<Element> >(
this, source);
1395 typename GP::BasePrecomputation m_ypc;
1435 CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1436 throw NotImplemented(
"DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1484 virtual Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const =0;
1497 virtual bool ParameterSupported(
const char *name)
const 1498 {CRYPTOPP_UNUSED(name);
return false;}
1499 virtual void Derive(
const DL_GroupParameters<T> &groupParams,
byte *derivedKey,
size_t derivedLength,
const T &agreedElement,
const T &ephemeralPublicKey,
const NameValuePairs &derivationParams)
const =0;
1509 virtual bool ParameterSupported(
const char *name)
const 1510 {CRYPTOPP_UNUSED(name);
return false;}
1511 virtual size_t GetSymmetricKeyLength(
size_t plaintextLength)
const =0;
1512 virtual size_t GetSymmetricCiphertextLength(
size_t plaintextLength)
const =0;
1513 virtual size_t GetMaxSymmetricPlaintextLength(
size_t ciphertextLength)
const =0;
1524 typedef KI KeyInterface;
1525 typedef typename KI::Element Element;
1532 virtual KeyInterface & AccessKeyInterface() =0;
1533 virtual const KeyInterface & GetKeyInterface()
const =0;
1541 template <
class INTFACE,
class KEY_INTFACE>
1552 return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1553 + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1559 {
return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
1576 {
return GetMessageEncodingInterface().AllowNonrecoverablePart();}
1581 {
return GetMessageEncodingInterface().RecoverablePartFirst();}
1584 size_t MessageRepresentativeLength()
const {
return BitsToBytes(MessageRepresentativeBitLength());}
1585 size_t MessageRepresentativeBitLength()
const {
return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
1588 virtual bool IsDeterministic()
const {
return false;}
1592 virtual HashIdentifier GetHashIdentifier()
const =0;
1593 virtual size_t GetDigestSize()
const =0;
1623 ma.m_recoverableMessage.
Assign(recoverableMessage, recoverableMessageLength);
1624 this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1625 recoverableMessage, recoverableMessageLength,
1626 ma.m_presignature, ma.m_presignature.
size(),
1627 ma.m_semisignature);
1632 this->GetMaterial().DoQuickSanityCheck();
1639 SecByteBlock representative(this->MessageRepresentativeLength());
1640 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1642 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1643 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1644 representative, this->MessageRepresentativeBitLength());
1669 if (ks.
BitCount() == q.BitCount()) {
1686 const size_t rLen = alg.
RLen(params);
1687 r.Encode(signature, rLen);
1691 RestartMessageAccumulator(rng, ma);
1710 CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1732 const size_t rLen = alg.
RLen(params);
1733 const size_t sLen = alg.
SLen(params);
1735 if (signatureLength < rLen + sLen)
1738 ma.m_semisignature.
Assign(signature, rLen);
1739 ma.m_s.
Decode(signature+rLen, sLen);
1741 this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.
size());
1746 this->GetMaterial().DoQuickSanityCheck();
1753 SecByteBlock representative(this->MessageRepresentativeLength());
1754 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1755 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1756 representative, this->MessageRepresentativeBitLength());
1760 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1761 return alg.
Verify(params, key, e, r, ma.m_s);
1766 this->GetMaterial().DoQuickSanityCheck();
1773 SecByteBlock representative(this->MessageRepresentativeLength());
1774 this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1776 ma.m_recoverableMessage, ma.m_recoverableMessage.
size(),
1777 ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1778 representative, this->MessageRepresentativeBitLength());
1783 Integer r(ma.m_semisignature, ma.m_semisignature.
size());
1786 return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1787 ma.AccessHash(), this->GetHashIdentifier(),
1788 ma.m_presignature, ma.m_presignature.
size(),
1789 ma.m_semisignature, ma.m_semisignature.
size(),
1797 template <
class PK,
class KI>
1801 typedef typename DL_Base<KI>::Element Element;
1805 size_t MaxPlaintextLength(
size_t ciphertextLength)
const 1807 unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(
true);
1808 return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1811 size_t CiphertextLength(
size_t plaintextLength)
const 1813 size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1814 return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(
true) + len;
1817 bool ParameterSupported(
const char *name)
const 1818 {
return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1841 CRYPTOPP_UNUSED(rng);
1850 ciphertext += elementSize;
1851 ciphertextLength -= elementSize;
1853 Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q,
true, key.
GetPrivateExponent());
1855 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1856 derivAlg.Derive(params, derivedKey, derivedKey.
size(), z, q, parameters);
1858 return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1890 ciphertext += elementSize;
1894 SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1895 derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
1897 encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1904 template <
class T1,
class T2>
1907 typedef T1 AlgorithmInfo;
1908 typedef T2 GroupParameters;
1909 typedef typename GroupParameters::Element Element;
1915 template <
class T1,
class T2>
1919 typedef typename Keys::PrivateKey
PrivateKey;
1920 typedef typename Keys::PublicKey
PublicKey;
1929 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1932 typedef T3 SignatureAlgorithm;
1933 typedef T4 MessageEncodingMethod;
1934 typedef T5 HashFunction;
1943 template <
class T1,
class T2,
class T3,
class T4,
class T5>
1947 typedef T4 KeyDerivationAlgorithm;
1948 typedef T5 SymmetricEncryptionAlgorithm;
1955 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1959 typedef SCHEME_OPTIONS SchemeOptions;
1960 typedef typename KEY::Element Element;
1964 PrivateKey & AccessPrivateKey() {
return m_key;}
1965 PublicKey & AccessPublicKey() {
return m_key;}
1968 const KEY & GetKey()
const {
return m_key;}
1969 KEY & AccessKey() {
return m_key;}
1972 typename BASE::KeyInterface & AccessKeyInterface() {
return m_key;}
1973 const typename BASE::KeyInterface & GetKeyInterface()
const {
return m_key;}
1976 HashIdentifier GetHashIdentifier()
const 1978 typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1979 return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1981 size_t GetDigestSize()
const 1983 typedef typename SchemeOptions::HashFunction H;
1984 return H::DIGESTSIZE;
1995 template <
class BASE,
class SCHEME_OPTIONS,
class KEY>
1999 typedef typename KEY::Element Element;
2012 HashIdentifier GetHashIdentifier()
const 2013 {
return HashIdentifier();}
2020 template <
class SCHEME_OPTIONS>
2027 this->RestartMessageAccumulator(rng, *p);
2034 template <
class SCHEME_OPTIONS>
2046 template <
class SCHEME_OPTIONS>
2053 template <
class SCHEME_OPTIONS>
2071 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
2072 unsigned int PrivateKeyLength()
const {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2073 unsigned int PublicKeyLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
2083 CRYPTOPP_UNUSED(rng);
2090 bool Agree(
byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const 2096 Element w = params.
DecodeElement(otherPublicKey, validateOtherPublicKey);
2098 Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2099 GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2111 const Element &
GetGenerator()
const {
return GetAbstractGroupParameters().GetSubgroupGenerator();}
2140 template <
class ELEMENT,
class COFACTOR_OPTION>
2144 typedef ELEMENT Element;
2146 CRYPTOPP_STATIC_CONSTEXPR
const char*
CRYPTOPP_API StaticAlgorithmName()
2157 Element AgreeWithStaticPrivateKey(
const DL_GroupParameters<Element> ¶ms,
const Element &publicElement,
bool validateOtherPublicKey,
const Integer &privateExponent)
const 2171 if (!validateOtherPublicKey)
2174 if (params.FastSubgroupCheckAvailable())
2196 template <
class BASE>
2203 {this->AccessKey().AssignFrom(key);}
2206 {this->AccessKey().BERDecode(bt);}
2209 {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
2212 {this->AccessKey().Initialize(v1);}
2214 template <
class T1,
class T2>
2216 {this->AccessKey().Initialize(v1, v2);}
2218 template <
class T1,
class T2,
class T3>
2220 {this->AccessKey().Initialize(v1, v2, v3);}
2222 template <
class T1,
class T2,
class T3,
class T4>
2224 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2226 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2227 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2228 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2230 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2231 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2232 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2234 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2235 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2236 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2238 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2239 PK_FinalTemplate(
const T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2240 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2242 template <
class T1,
class T2>
2244 {this->AccessKey().Initialize(v1, v2);}
2246 template <
class T1,
class T2,
class T3>
2248 {this->AccessKey().Initialize(v1, v2, v3);}
2250 template <
class T1,
class T2,
class T3,
class T4>
2252 {this->AccessKey().Initialize(v1, v2, v3, v4);}
2254 template <
class T1,
class T2,
class T3,
class T4,
class T5>
2255 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5)
2256 {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2258 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6>
2259 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6)
2260 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2262 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7>
2263 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7)
2264 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2266 template <
class T1,
class T2,
class T3,
class T4,
class T5,
class T6,
class T7,
class T8>
2267 PK_FinalTemplate(T1 &v1,
const T2 &v2,
const T3 &v3,
const T4 &v4,
const T5 &v5,
const T6 &v6,
const T7 &v7,
const T8 &v8)
2268 {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2285 template <
class KEYS,
class STANDARD,
class ALG_INFO>
2288 template <
class KEYS,
class STANDARD,
class ALG_INFO = TF_ES<KEYS, STANDARD,
int> >
2289 class TF_ES :
public KEYS
2291 typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2298 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName();}
2311 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO>
2314 template <
class KEYS,
class STANDARD,
class H,
class ALG_INFO = TF_SS<KEYS, STANDARD, H,
int> >
2315 class TF_SS :
public KEYS
2323 static std::string
CRYPTOPP_API StaticAlgorithmName() {
return std::string(KEYS::StaticAlgorithmName()) +
"/" + MessageEncodingMethod::StaticAlgorithmName() +
"(" + H::StaticAlgorithmName() +
")";}
2337 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO>
2340 template <
class KEYS,
class SA,
class MEM,
class H,
class ALG_INFO = DL_SS<KEYS, SA, MEM, H,
int> >
2341 class DL_SS :
public KEYS
2346 static std::string StaticAlgorithmName() {
return SA::StaticAlgorithmName() + std::string(
"/EMSA1(") + H::StaticAlgorithmName() +
")";}
2360 template <
class KEYS,
class AA,
class DA,
class EA,
class ALG_INFO>
2374 #if CRYPTOPP_MSC_VERSION 2375 # pragma warning(pop) Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
Applies the trapdoor function.
Standard names for retrieving values by name when working with NameValuePairs.
Discrete Log (DL) key options.
Applies the trapdoor function, using random data if required.
const Element & GetGenerator() const
Retrieves a reference to the group generator.
PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
virtual Element Exponentiate(const DL_GroupPrecomputation< Element > &group, const Integer &exponent) const =0
Exponentiates an element.
size_t SignatureLength() const
Provides the signature length.
#define CRYPTOPP_API
Win32 calling convention.
Interface for asymmetric algorithms.
virtual Integer GetCofactor() const
Retrieves the cofactor.
Interface for message encoding method for public key signature schemes.
Trapdoor Function (TF) encryption scheme.
Diffie-Hellman key agreement algorithm.
void SetPrivateExponent(const Integer &x)
Sets the private exponent.
const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const
Retrieves the group precomputation.
static const Integer & One()
Integer representing 1.
Restricts the instantiation of a class to one static object without locks.
Discrete Log (DL) signer implementation.
DL_GroupPrecomputation interface.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
size_t BitsToBytes(size_t bitCount)
Returns the number of 8-bit bytes or octets required for the specified number of bits.
bool IsProbabilistic() const
Determines if the scheme is probabilistic.
Interface for deterministic signers.
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the maximum recoverable length.
void DEREncodePrivateKey(BufferedTransformation &bt) const
Encode privateKey part of privateKeyInfo.
PK_FinalTemplate< TF_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
Encodes and Decodes privateKeyInfo.
Trapdoor Function (TF) Signer base class.
void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
Decode privateKey part of privateKeyInfo.
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
The base for trapdoor based cryptosystems.
Interface for Discrete Log (DL) group parameters.
Trapdoor Function (TF) base implementation.
Trapdoor Function (TF) Signature Scheme base class.
Discrete Log (DL) key base implementation.
Converts an enumeration to a type suitable for use as a template parameter.
static Integer Gcd(const Integer &a, const Integer &n)
Calculate greatest common divisor.
bool GetThisObject(T &object) const
Get a copy of this object or subobject.
Interface for message encoding method for public key signature schemes.
Trapdoor Function (TF) signature with external reference.
Abstract base classes that provide a uniform interface to this library.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
virtual Integer ConvertElementToInteger(const Element &element) const =0
Converts an element to an Integer.
void MakePublicKey(DL_PublicKey< T > &pub) const
Initializes a public key from this key.
void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask=true) const
P1363 mask generation function.
virtual unsigned int PrivateKeyLength() const =0
Provides the size of the private key.
Message encoding method for public key encryption.
Interface for key derivation algorithms used in DL cryptosystems.
virtual void Sign(const DL_GroupParameters< T > ¶ms, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0
Sign a message using a private key.
Classes for automatic resource management.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
Library configuration file.
Interface for Discrete Log (DL) private keys.
virtual Integer GetGroupOrder() const
Retrieves the order of the group.
Ring of congruence classes modulo n.
Interface for random number generators.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
void Randomize(RandomNumberGenerator &rng, size_t bitCount)
Set this Integer to random integer.
virtual Integer MaxPreimage() const
Returns the maximum size of a message before the trapdoor function is applied bound to a public key...
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Discrete Log (DL) base interface.
void New(size_type newSize)
Change size without preserving contents.
Trapdoor function cryptosystems decryption base class.
Discrete Log (DL) scheme options.
bool IsProbabilistic() const
Determines whether an encoding method requires a random number generator.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Discrete Log (DL) encryption scheme.
Discrete Log (DL) crypto scheme options.
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate private key in this domain.
Classes for performing mathematics over different fields.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
STANDARD Standard
see SignatureStandard for a list of standards
void RawSign(const Integer &k, const Integer &e, Integer &r, Integer &s) const
Testing interface.
Provides range for plaintext and ciphertext lengths.
Interface for private keys.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const
Retrieves the group precomputation.
Interface for Discrete Log (DL) public keys.
Discret Log (DL) Verifier base class.
static void DeriveKey(byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength)
P1363 key derivation function.
P1363 key derivation function.
Base class for public key signature standard classes.
const char * PrivateExponent()
Integer.
CryptoParameters & AccessCryptoParameters()
Retrieves a reference to Crypto Parameters.
Pointer that overloads operator ->
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
virtual void SetPublicElement(const Element &y)
Sets the public element.
Discrete Log (DL) signature scheme.
unsigned int ByteCount() const
Determines the number of bytes required to represent the Integer.
virtual bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Base class for a Discrete Log (DL) key.
Interface for domains of simple key agreement protocols.
Trapdoor Function (TF) encryptor options.
Applies the inverse of the trapdoor function.
Returns a decoding results.
Trapdoor Function (TF) decryptor options.
Uses encapsulation to hide an object in derived classes.
Discrete Log (DL) private key base implementation.
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a public key from a private key in this domain.
virtual const DL_GroupParameters< T > & GetAbstractGroupParameters() const =0
Retrieves abstract group parameters.
virtual const DL_FixedBasePrecomputation< T > & GetPublicPrecomputation() const =0
Accesses the public precomputation.
void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Encrypt a byte string.
CRYPTOPP_DLL RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
P1363 mask generation function.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
Cofactor multiplication compatible with ordinary Diffie-Hellman.
Trapdoor Function (TF) encryptor options.
PK_FinalTemplate< TF_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
A method was called which was not implemented.
bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulat...
bool RecoverablePartFirst() const
Determines if the scheme allows recoverable part first.
Trapdoor Function (TF) signature scheme options.
No cofactor multiplication applied.
Interface for Elgamal-like signature algorithms.
Discrete Log (DL) signature scheme signer base implementation.
Interface for message encoding method for public key signature schemes.
virtual bool Verify(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0
Verify a message using a public key.
virtual size_t RLen(const DL_GroupParameters< T > ¶ms) const
Retrieve R length.
PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const
Create a new HashTransformation to accumulate the message to be signed.
virtual const DL_FixedBasePrecomputation< Element > & GetBasePrecomputation() const =0
Retrieves the group precomputation.
bool IsRandomized() const
Determines if the encryption algorithm is randomized.
Interface for message encoding method for public key signature schemes.
virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const =0
Exponentiates a base to multiple exponents.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
Base class for public key encryption standard classes.
virtual Integer MaxImage() const
Returns the maximum size of a message after the trapdoor function is applied bound to a public key...
virtual const Element & GetSubgroupGenerator() const
Retrieves the subgroup generator.
Discrete Log (DL) object implementation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
bool AllowNonrecoverablePart() const
Determines if the scheme has non-recoverable part.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
Multiple precision integer with arithmetic operations.
const DL_FixedBasePrecomputation< Element > & GetPublicPrecomputation() const
Accesses the public precomputation.
Discrete Log (DL) verifier implementation.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
T1 SaturatingSubtract(const T1 &a, const T2 &b)
Performs a saturating subtract clamped at 0.
Discrete Log (DL) signature scheme base implementation.
Trapdoor function cryptosystems encryption base class.
Discrete Log (DL) base object implementation.
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function.
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
const char * SubgroupGenerator()
Integer, ECP::Point, or EC2N::Point.
Applies the trapdoor function.
virtual bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
bool IsRandomized() const
Determines if the decryption algorithm is randomized.
unsigned int PublicKeyLength() const
Provides the size of the public key.
Discrete Log (DL) cryptosystem base implementation.
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
void Precompute(unsigned int precomputationStorage=16)
Perform precomputation.
Mask generation function interface.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
Derive agreed value.
PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
implements PK_Encryptor interface
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
Public key trapdoor function default implementation.
Trapdoor Function (TF) encryptor options.
virtual Element ExponentiatePublicElement(const Integer &exponent) const
Exponentiates this element.
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Exception thrown when an invalid group element is encountered.
Trapdoor Function (TF) signature scheme options.
void AssignFrom(const NameValuePairs &source)
Initialize or reinitialize this key.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
virtual bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation< Element > *precomp) const =0
Check the element for errors.
static const char * StaticAlgorithmName()
The algorithm name.
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs ¶meters=g_nullNameValuePairs) const
Decrypt a byte string.
DL_FixedBasePrecomputation interface.
virtual Integer GenerateRandom(const Integer &x, const Integer &q, const Integer &e) const =0
Generate k.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
Implementation of BufferedTransformation's attachment interface.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
CRYPTOPP_DLL bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
DL_FixedBasePrecomputation< Element > & AccessPublicPrecomputation()
Accesses the public precomputation.
Interface for accumulating messages to be signed or verified.
Interface for key agreement algorithms.
Discrete Log (DL) encryptor base implementation.
unsigned char byte
8-bit unsigned datatype
virtual Element CascadeExponentiateBaseAndPublicElement(const Integer &baseExp, const Integer &publicExp) const
Exponentiates an element.
Classes for precomputation in a group.
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Trapdoor Function (TF) Verifier base class.
virtual const Integer & GetPrivateExponent() const =0
Retrieves the private exponent.
PK_FinalTemplate< DL_SignerImpl< SchemeOptions > > Signer
implements PK_Signer interface
virtual const DL_GroupPrecomputation< Element > & GetGroupPrecomputation() const =0
Retrieves the group precomputation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Classes and functions for the FIPS 140-2 validated library.
virtual Integer RecoverPresignature(const DL_GroupParameters< T > ¶ms, const DL_PublicKey< T > &publicKey, const Integer &r, const Integer &s) const
Recover a Presignature.
size_t MaxRecoverableLength() const
Provides the maximum recoverable length.
PK_FinalTemplate< TF_DecryptorImpl< SchemeOptions > > Decryptor
implements PK_Decryptor interface
Interface for crypto material.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
CofactorMultiplicationOption
Methods for avoiding "Small-Subgroup" attacks on Diffie-Hellman Key Agreement.
unsigned int PrivateKeyLength() const
Provides the size of the private key.
DL_GroupParameters< Element > & AccessAbstractGroupParameters()
Retrieves abstract group parameters.
virtual unsigned int GetEncodedElementSize(bool reversible) const =0
Retrieves the encoded element's size.
void Decode(const byte *input, size_t inputLen, Signedness sign=UNSIGNED)
Decode from big-endian byte array.
Discrete Log (DL) encryptor implementation.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
Discrete Log (DL) public key base implementation.
Multiple precision integer with arithmetic operations.
Cofactor multiplication incompatible with ordinary Diffie-Hellman.
Interface for crypto prameters.
static const Integer & Zero()
Integer representing 0.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
Discrete Log (DL) decryptor implementation.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
Sign and restart messageAccumulator.
Class file for performing modular arithmetic.
Interface for public keys.
Crypto++ library namespace.
PK_MessageAccumulator * NewVerificationAccumulator() const
Create a new HashTransformation to accumulate the message to be verified.
Applies the inverse of the trapdoor function, using random data if required.
virtual const Element & GetPublicElement() const
Retrieves the public element.
Interface for symmetric encryption algorithms used in DL cryptosystems.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Base implementation of Discrete Log (DL) group parameters.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
virtual bool IsRandomized() const
Determines if the decryption algorithm is randomized.
Encodes and decodes subjectPublicKeyInfo.
Trapdoor function cryptosystem base class.
virtual DL_GroupParameters< T > & AccessAbstractGroupParameters()=0
Retrieves abstract group parameters.
Trapdoor Function (TF) scheme options.
void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
Retrieve previously saved precomputation.
bool SupportsPrecomputation() const
Determines whether the object supports precomputation.
PK_FinalTemplate< DL_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Discrete Log (DL) signature scheme options.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
Interface for message encoding method for public key signature schemes.
virtual bool IsDeterministic() const
Signature scheme flag.
const char * SubgroupOrder()
Integer.
Discrete Log (DL) decryptor base implementation.
Interface for message encoding method for public key signature schemes.
const char * PublicElement()
Integer.
Interface for DL key agreement algorithms.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
Recover a message from its signature.
const Integer & GetPrivateExponent() const
Retrieves the private exponent.
size_type size() const
Provides the count of elements in the SecBlock.
Discrete Log (DL) simple key agreement base implementation.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
virtual bool IsIdentity(const Element &element) const =0
Determines if an element is an identity.
virtual size_t SLen(const DL_GroupParameters< T > ¶ms) const
Retrieve S length.
STANDARD Standard
see EncryptionStandard for a list of standards
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
Save precomputation for later use.
Interface for message encoding method for public key signature schemes.
const DL_GroupParameters< Element > & GetAbstractGroupParameters() const
Retrieves abstract group parameters.
Interface for retrieving values given their names.
Template implementing constructors for public key algorithm classes.
Trapdoor Function (TF) Signature Scheme.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.