Line | Count | Source (jump to first uncovered line) |
1 | | // eccrypto.h - originally written and placed in the public domain by Wei Dai |
2 | | // deterministic signatures added by by Douglas Roark |
3 | | |
4 | | /// \file eccrypto.h |
5 | | /// \brief Classes and functions for Elliptic Curves over prime and binary fields |
6 | | |
7 | | #ifndef CRYPTOPP_ECCRYPTO_H |
8 | | #define CRYPTOPP_ECCRYPTO_H |
9 | | |
10 | | #include "config.h" |
11 | | #include "cryptlib.h" |
12 | | #include "pubkey.h" |
13 | | #include "integer.h" |
14 | | #include "asn.h" |
15 | | #include "hmac.h" |
16 | | #include "sha.h" |
17 | | #include "gfpcrypt.h" |
18 | | #include "dh.h" |
19 | | #include "mqv.h" |
20 | | #include "hmqv.h" |
21 | | #include "fhmqv.h" |
22 | | #include "ecp.h" |
23 | | #include "ec2n.h" |
24 | | |
25 | | #include <iosfwd> |
26 | | |
27 | | #if CRYPTOPP_MSC_VERSION |
28 | | # pragma warning(push) |
29 | | # pragma warning(disable: 4231 4275) |
30 | | #endif |
31 | | |
32 | | NAMESPACE_BEGIN(CryptoPP) |
33 | | |
34 | | /// \brief Elliptic Curve Parameters |
35 | | /// \tparam EC elliptic curve field |
36 | | /// \details This class corresponds to the ASN.1 sequence of the same name |
37 | | /// in ANSI X9.62 and SEC 1. EC is currently defined for ECP and EC2N. |
38 | | template <class EC> |
39 | | class DL_GroupParameters_EC : public DL_GroupParametersImpl<EcPrecomputation<EC> > |
40 | | { |
41 | | typedef DL_GroupParameters_EC<EC> ThisClass; |
42 | | |
43 | | public: |
44 | | typedef EC EllipticCurve; |
45 | | typedef typename EllipticCurve::Point Point; |
46 | | typedef Point Element; |
47 | | typedef IncompatibleCofactorMultiplication DefaultCofactorOption; |
48 | | |
49 | 29.4k | virtual ~DL_GroupParameters_EC() {} CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::~DL_GroupParameters_EC() Line | Count | Source | 49 | 29.4k | virtual ~DL_GroupParameters_EC() {} |
Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::~DL_GroupParameters_EC() |
50 | | |
51 | | /// \brief Construct an EC GroupParameters |
52 | 2.24k | DL_GroupParameters_EC() : m_compress(false), m_encodeAsOID(true) {} CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC() Line | Count | Source | 52 | 2.24k | DL_GroupParameters_EC() : m_compress(false), m_encodeAsOID(true) {} |
Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC() Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC() Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC() |
53 | | |
54 | | /// \brief Construct an EC GroupParameters |
55 | | /// \param oid the OID of a curve |
56 | | DL_GroupParameters_EC(const OID &oid) |
57 | 28.4k | : m_compress(false), m_encodeAsOID(true) {Initialize(oid);} CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::OID const&) Line | Count | Source | 57 | 28.4k | : m_compress(false), m_encodeAsOID(true) {Initialize(oid);} |
Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::OID const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::OID const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::OID const&) |
58 | | |
59 | | /// \brief Construct an EC GroupParameters |
60 | | /// \param ec the elliptic curve |
61 | | /// \param G the base point |
62 | | /// \param n the order of the base point |
63 | | /// \param k the cofactor |
64 | | DL_GroupParameters_EC(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k = Integer::Zero()) |
65 | 0 | : m_compress(false), m_encodeAsOID(true) {Initialize(ec, G, n, k);} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) |
66 | | |
67 | | /// \brief Construct an EC GroupParameters |
68 | | /// \param bt BufferedTransformation with group parameters |
69 | | DL_GroupParameters_EC(BufferedTransformation &bt) |
70 | 0 | : m_compress(false), m_encodeAsOID(true) {BERDecode(bt);} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::BufferedTransformation&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DL_GroupParameters_EC(CryptoPP::BufferedTransformation&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::BufferedTransformation&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DL_GroupParameters_EC(CryptoPP::BufferedTransformation&) |
71 | | |
72 | | /// \brief Initialize an EC GroupParameters using {EC,G,n,k} |
73 | | /// \param ec the elliptic curve |
74 | | /// \param G the base point |
75 | | /// \param n the order of the base point |
76 | | /// \param k the cofactor |
77 | | /// \details This Initialize() function overload initializes group parameters from existing parameters. |
78 | | void Initialize(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k = Integer::Zero()) |
79 | 0 | { |
80 | 0 | this->m_groupPrecomputation.SetCurve(ec); |
81 | 0 | this->SetSubgroupGenerator(G); |
82 | 0 | m_n = n; |
83 | 0 | m_k = k; |
84 | 0 | } Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::Initialize(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::Initialize(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) |
85 | | |
86 | | /// \brief Initialize a DL_GroupParameters_EC {EC,G,n,k} |
87 | | /// \param oid the OID of a curve |
88 | | /// \details This Initialize() function overload initializes group parameters from existing parameters. |
89 | | void Initialize(const OID &oid); |
90 | | |
91 | | // NameValuePairs |
92 | | bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const; |
93 | | void AssignFrom(const NameValuePairs &source); |
94 | | |
95 | | // GeneratibleCryptoMaterial interface |
96 | | /// this implementation doesn't actually generate a curve, it just initializes the parameters with existing values |
97 | | /*! parameters: (Curve, SubgroupGenerator, SubgroupOrder, Cofactor (optional)), or (GroupOID) */ |
98 | | void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg); |
99 | | |
100 | | // DL_GroupParameters |
101 | 0 | const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation() const {return this->m_gpc;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetBasePrecomputation() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetBasePrecomputation() const |
102 | 27.1k | DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {return this->m_gpc;} CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::AccessBasePrecomputation() Line | Count | Source | 102 | 27.1k | DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {return this->m_gpc;} |
Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::AccessBasePrecomputation() |
103 | 0 | const Integer & GetSubgroupOrder() const {return m_n;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetSubgroupOrder() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetSubgroupOrder() const |
104 | | Integer GetCofactor() const; |
105 | | bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const; |
106 | | bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation<Element> *precomp) const; |
107 | 0 | bool FastSubgroupCheckAvailable() const {return false;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::FastSubgroupCheckAvailable() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::FastSubgroupCheckAvailable() const |
108 | | void EncodeElement(bool reversible, const Element &element, byte *encoded) const |
109 | 0 | { |
110 | 0 | if (reversible) |
111 | 0 | GetCurve().EncodePoint(encoded, element, m_compress); |
112 | 0 | else |
113 | 0 | element.x.Encode(encoded, GetEncodedElementSize(false)); |
114 | 0 | } Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::EncodeElement(bool, CryptoPP::ECPPoint const&, unsigned char*) const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::EncodeElement(bool, CryptoPP::EC2NPoint const&, unsigned char*) const |
115 | | virtual unsigned int GetEncodedElementSize(bool reversible) const |
116 | 0 | { |
117 | 0 | if (reversible) |
118 | 0 | return GetCurve().EncodedPointSize(m_compress); |
119 | 0 | else |
120 | 0 | return GetCurve().GetField().MaxElementByteLength(); |
121 | 0 | } Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetEncodedElementSize(bool) const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetEncodedElementSize(bool) const |
122 | | Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const |
123 | 0 | { |
124 | 0 | Point result; |
125 | 0 | if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(true))) |
126 | 0 | throw DL_BadElement(); |
127 | 0 | if (checkForGroupMembership && !ValidateElement(1, result, NULLPTR)) |
128 | 0 | throw DL_BadElement(); |
129 | 0 | return result; |
130 | 0 | } Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::DecodeElement(unsigned char const*, bool) const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::DecodeElement(unsigned char const*, bool) const |
131 | | Integer ConvertElementToInteger(const Element &element) const; |
132 | 0 | Integer GetMaxExponent() const {return GetSubgroupOrder()-1;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetMaxExponent() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetMaxExponent() const |
133 | 0 | bool IsIdentity(const Element &element) const {return element.identity;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::IsIdentity(CryptoPP::ECPPoint const&) const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::IsIdentity(CryptoPP::EC2NPoint const&) const |
134 | | void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const; |
135 | 0 | static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {return "EC";} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::StaticAlgorithmNamePrefix() Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::StaticAlgorithmNamePrefix() |
136 | | |
137 | | // ASN1Key |
138 | | OID GetAlgorithmID() const; |
139 | | |
140 | | // used by MQV |
141 | | Element MultiplyElements(const Element &a, const Element &b) const; |
142 | | Element CascadeExponentiate(const Element &element1, const Integer &exponent1, const Element &element2, const Integer &exponent2) const; |
143 | | |
144 | | // non-inherited |
145 | | |
146 | | // enumerate OIDs for recommended parameters, use OID() to get first one |
147 | | static OID CRYPTOPP_API GetNextRecommendedParametersOID(const OID &oid); |
148 | | |
149 | | void BERDecode(BufferedTransformation &bt); |
150 | | void DEREncode(BufferedTransformation &bt) const; |
151 | | |
152 | 0 | void SetPointCompression(bool compress) {m_compress = compress;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::SetPointCompression(bool) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::SetPointCompression(bool) |
153 | 0 | bool GetPointCompression() const {return m_compress;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetPointCompression() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetPointCompression() const |
154 | | |
155 | 0 | void SetEncodeAsOID(bool encodeAsOID) {m_encodeAsOID = encodeAsOID;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::SetEncodeAsOID(bool) Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::SetEncodeAsOID(bool) |
156 | 0 | bool GetEncodeAsOID() const {return m_encodeAsOID;} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetEncodeAsOID() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetEncodeAsOID() const |
157 | | |
158 | 27.1k | const EllipticCurve& GetCurve() const {return this->m_groupPrecomputation.GetCurve();} CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::GetCurve() const Line | Count | Source | 158 | 27.1k | const EllipticCurve& GetCurve() const {return this->m_groupPrecomputation.GetCurve();} |
Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::GetCurve() const |
159 | | |
160 | | bool operator==(const ThisClass &rhs) const |
161 | 0 | {return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::operator==(CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&) const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::operator==(CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&) const |
162 | | |
163 | | protected: |
164 | 0 | unsigned int FieldElementLength() const {return GetCurve().GetField().MaxElementByteLength();} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::FieldElementLength() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::FieldElementLength() const |
165 | 0 | unsigned int ExponentLength() const {return m_n.ByteCount();} Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>::ExponentLength() const Unexecuted instantiation: CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>::ExponentLength() const |
166 | | |
167 | | OID m_oid; // set if parameters loaded from a recommended curve |
168 | | Integer m_n; // order of base point |
169 | | mutable Integer m_k; // cofactor |
170 | | mutable bool m_compress, m_encodeAsOID; // presentation details |
171 | | }; |
172 | | |
173 | | inline std::ostream& operator<<(std::ostream& os, const DL_GroupParameters_EC<ECP>::Element& obj); |
174 | | |
175 | | /// \brief Elliptic Curve Discrete Log (DL) public key |
176 | | /// \tparam EC elliptic curve field |
177 | | template <class EC> |
178 | | class DL_PublicKey_EC : public DL_PublicKeyImpl<DL_GroupParameters_EC<EC> > |
179 | | { |
180 | | public: |
181 | | typedef typename EC::Point Element; |
182 | | |
183 | 1.26k | virtual ~DL_PublicKey_EC() {} CryptoPP::DL_PublicKey_EC<CryptoPP::ECP>::~DL_PublicKey_EC() Line | Count | Source | 183 | 1.26k | virtual ~DL_PublicKey_EC() {} |
Unexecuted instantiation: CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N>::~DL_PublicKey_EC() |
184 | | |
185 | | /// \brief Initialize an EC Public Key using {GP,Q} |
186 | | /// \param params group parameters |
187 | | /// \param Q the public point |
188 | | /// \details This Initialize() function overload initializes a public key from existing parameters. |
189 | | void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Element &Q) |
190 | 0 | {this->AccessGroupParameters() = params; this->SetPublicElement(Q);} Unexecuted instantiation: CryptoPP::DL_PublicKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&, CryptoPP::ECPPoint const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&, CryptoPP::EC2NPoint const&) |
191 | | |
192 | | /// \brief Initialize an EC Public Key using {EC,G,n,Q} |
193 | | /// \param ec the elliptic curve |
194 | | /// \param G the base point |
195 | | /// \param n the order of the base point |
196 | | /// \param Q the public point |
197 | | /// \details This Initialize() function overload initializes a public key from existing parameters. |
198 | | void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q) |
199 | 0 | {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);} Unexecuted instantiation: CryptoPP::DL_PublicKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::ECPPoint const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::EC2NPoint const&) |
200 | | |
201 | | // X509PublicKey |
202 | | void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size); |
203 | | void DEREncodePublicKey(BufferedTransformation &bt) const; |
204 | | }; |
205 | | |
206 | | /// \brief Elliptic Curve Discrete Log (DL) private key |
207 | | /// \tparam EC elliptic curve field |
208 | | template <class EC> |
209 | | class DL_PrivateKey_EC : public DL_PrivateKeyImpl<DL_GroupParameters_EC<EC> > |
210 | | { |
211 | | public: |
212 | | typedef typename EC::Point Element; |
213 | | |
214 | | virtual ~DL_PrivateKey_EC(); |
215 | | |
216 | | /// \brief Initialize an EC Private Key using {GP,x} |
217 | | /// \param params group parameters |
218 | | /// \param x the private exponent |
219 | | /// \details This Initialize() function overload initializes a private key from existing parameters. |
220 | | void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Integer &x) |
221 | 0 | {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);} Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&, CryptoPP::Integer const&) |
222 | | |
223 | | /// \brief Initialize an EC Private Key using {EC,G,n,x} |
224 | | /// \param ec the elliptic curve |
225 | | /// \param G the base point |
226 | | /// \param n the order of the base point |
227 | | /// \param x the private exponent |
228 | | /// \details This Initialize() function overload initializes a private key from existing parameters. |
229 | | void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x) |
230 | 0 | {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);} Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) |
231 | | |
232 | | /// \brief Create an EC private key |
233 | | /// \param rng a RandomNumberGenerator derived class |
234 | | /// \param params the EC group parameters |
235 | | /// \details This function overload of Initialize() creates a new private key because it |
236 | | /// takes a RandomNumberGenerator() as a parameter. If you have an existing keypair, |
237 | | /// then use one of the other Initialize() overloads. |
238 | | void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC<EC> ¶ms) |
239 | 0 | {this->GenerateRandom(rng, params);} Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&) |
240 | | |
241 | | /// \brief Create an EC private key |
242 | | /// \param rng a RandomNumberGenerator derived class |
243 | | /// \param ec the elliptic curve |
244 | | /// \param G the base point |
245 | | /// \param n the order of the base point |
246 | | /// \details This function overload of Initialize() creates a new private key because it |
247 | | /// takes a RandomNumberGenerator() as a parameter. If you have an existing keypair, |
248 | | /// then use one of the other Initialize() overloads. |
249 | | void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n) |
250 | 0 | {this->GenerateRandom(rng, DL_GroupParameters_EC<EC>(ec, G, n));} Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&) |
251 | | |
252 | | // PKCS8PrivateKey |
253 | | void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size); |
254 | | void DEREncodePrivateKey(BufferedTransformation &bt) const; |
255 | | }; |
256 | | |
257 | | // Out-of-line dtor due to AIX and GCC, http://github.com/weidai11/cryptopp/issues/499 |
258 | | template<class EC> |
259 | 982 | DL_PrivateKey_EC<EC>::~DL_PrivateKey_EC() {} CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>::~DL_PrivateKey_EC() Line | Count | Source | 259 | 982 | DL_PrivateKey_EC<EC>::~DL_PrivateKey_EC() {} |
Unexecuted instantiation: CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>::~DL_PrivateKey_EC() |
260 | | |
261 | | /// \brief Elliptic Curve Diffie-Hellman |
262 | | /// \tparam EC elliptic curve field |
263 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
264 | | /// \sa CofactorMultiplicationOption, <a href="http://www.weidai.com/scan-mirror/ka.html#ECDH">Elliptic Curve Diffie-Hellman, AKA ECDH</a> |
265 | | /// \since Crypto++ 3.0 |
266 | | template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption> |
267 | | struct ECDH |
268 | | { |
269 | | typedef DH_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain; |
270 | | }; |
271 | | |
272 | | /// \brief Elliptic Curve Menezes-Qu-Vanstone |
273 | | /// \tparam EC elliptic curve field |
274 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
275 | | /// \sa CofactorMultiplicationOption, <a href="http://www.weidai.com/scan-mirror/ka.html#ECMQV">Elliptic Curve Menezes-Qu-Vanstone, AKA ECMQV</a> |
276 | | template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption> |
277 | | struct ECMQV |
278 | | { |
279 | | typedef MQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain; |
280 | | }; |
281 | | |
282 | | /// \brief Hashed Elliptic Curve Menezes-Qu-Vanstone |
283 | | /// \tparam EC elliptic curve field |
284 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
285 | | /// \details This implementation follows Hugo Krawczyk's <a href="http://eprint.iacr.org/2005/176">HMQV: A High-Performance |
286 | | /// Secure Diffie-Hellman Protocol</a>. Note: this implements HMQV only. HMQV-C with Key Confirmation is not provided. |
287 | | /// \sa CofactorMultiplicationOption |
288 | | template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption, class HASH = SHA256> |
289 | | struct ECHMQV |
290 | | { |
291 | | typedef HMQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION, HASH> Domain; |
292 | | }; |
293 | | |
294 | | typedef ECHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA1 >::Domain ECHMQV160; |
295 | | typedef ECHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA256 >::Domain ECHMQV256; |
296 | | typedef ECHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA384 >::Domain ECHMQV384; |
297 | | typedef ECHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA512 >::Domain ECHMQV512; |
298 | | |
299 | | /// \brief Fully Hashed Elliptic Curve Menezes-Qu-Vanstone |
300 | | /// \tparam EC elliptic curve field |
301 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
302 | | /// \details This implementation follows Augustin P. Sarr and Philippe Elbaz–Vincent, and Jean–Claude Bajard's |
303 | | /// <a href="http://eprint.iacr.org/2009/408">A Secure and Efficient Authenticated Diffie-Hellman Protocol</a>. |
304 | | /// Note: this is FHMQV, Protocol 5, from page 11; and not FHMQV-C. |
305 | | /// \sa CofactorMultiplicationOption |
306 | | template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption, class HASH = SHA256> |
307 | | struct ECFHMQV |
308 | | { |
309 | | typedef FHMQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION, HASH> Domain; |
310 | | }; |
311 | | |
312 | | typedef ECFHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA1 >::Domain ECFHMQV160; |
313 | | typedef ECFHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA256 >::Domain ECFHMQV256; |
314 | | typedef ECFHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA384 >::Domain ECFHMQV384; |
315 | | typedef ECFHMQV< ECP, DL_GroupParameters_EC< ECP >::DefaultCofactorOption, SHA512 >::Domain ECFHMQV512; |
316 | | |
317 | | /// \brief Elliptic Curve Discrete Log (DL) keys |
318 | | /// \tparam EC elliptic curve field |
319 | | template <class EC> |
320 | | struct DL_Keys_EC |
321 | | { |
322 | | typedef DL_PublicKey_EC<EC> PublicKey; |
323 | | typedef DL_PrivateKey_EC<EC> PrivateKey; |
324 | | }; |
325 | | |
326 | | // Forward declaration; documented below |
327 | | template <class EC, class H> |
328 | | struct ECDSA; |
329 | | |
330 | | /// \brief Elliptic Curve DSA keys |
331 | | /// \tparam EC elliptic curve field |
332 | | /// \since Crypto++ 3.2 |
333 | | template <class EC> |
334 | | struct DL_Keys_ECDSA |
335 | | { |
336 | | typedef DL_PublicKey_EC<EC> PublicKey; |
337 | | typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC>, ECDSA<EC, SHA256> > PrivateKey; |
338 | | }; |
339 | | |
340 | | /// \brief Elliptic Curve DSA (ECDSA) signature algorithm |
341 | | /// \tparam EC elliptic curve field |
342 | | /// \since Crypto++ 3.2 |
343 | | template <class EC> |
344 | | class DL_Algorithm_ECDSA : public DL_Algorithm_GDSA<typename EC::Point> |
345 | | { |
346 | | public: |
347 | 0 | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECDSA";} Unexecuted instantiation: CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>::StaticAlgorithmName() Unexecuted instantiation: CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>::StaticAlgorithmName() |
348 | | }; |
349 | | |
350 | | /// \brief Elliptic Curve DSA (ECDSA) signature algorithm based on RFC 6979 |
351 | | /// \tparam EC elliptic curve field |
352 | | /// \sa <a href="http://tools.ietf.org/rfc/rfc6979.txt">RFC 6979, Deterministic Usage of the |
353 | | /// Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)</a> |
354 | | /// \since Crypto++ 6.0 |
355 | | template <class EC, class H> |
356 | | class DL_Algorithm_ECDSA_RFC6979 : public DL_Algorithm_DSA_RFC6979<typename EC::Point, H> |
357 | | { |
358 | | public: |
359 | | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECDSA-RFC6979";} |
360 | | }; |
361 | | |
362 | | /// \brief Elliptic Curve NR (ECNR) signature algorithm |
363 | | /// \tparam EC elliptic curve field |
364 | | template <class EC> |
365 | | class DL_Algorithm_ECNR : public DL_Algorithm_NR<typename EC::Point> |
366 | | { |
367 | | public: |
368 | | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECNR";} |
369 | | }; |
370 | | |
371 | | /// \brief Elliptic Curve DSA (ECDSA) signature scheme |
372 | | /// \tparam EC elliptic curve field |
373 | | /// \tparam H HashTransformation derived class |
374 | | /// \sa <a href="http://www.weidai.com/scan-mirror/sig.html#ECDSA">ECDSA</a> |
375 | | /// \since Crypto++ 3.2 |
376 | | template <class EC, class H> |
377 | | struct ECDSA : public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H> |
378 | | { |
379 | | }; |
380 | | |
381 | | /// \brief Elliptic Curve DSA (ECDSA) deterministic signature scheme |
382 | | /// \tparam EC elliptic curve field |
383 | | /// \tparam H HashTransformation derived class |
384 | | /// \sa <a href="http://tools.ietf.org/rfc/rfc6979.txt">Deterministic Usage of the |
385 | | /// Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)</a> |
386 | | /// \since Crypto++ 6.0 |
387 | | template <class EC, class H> |
388 | | struct ECDSA_RFC6979 : public DL_SS< |
389 | | DL_Keys_ECDSA<EC>, |
390 | | DL_Algorithm_ECDSA_RFC6979<EC, H>, |
391 | | DL_SignatureMessageEncodingMethod_DSA, |
392 | | H, |
393 | | ECDSA_RFC6979<EC,H> > |
394 | | { |
395 | | static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string("ECDSA-RFC6979/") + H::StaticAlgorithmName();} |
396 | | }; |
397 | | |
398 | | /// \brief Elliptic Curve NR (ECNR) signature scheme |
399 | | /// \tparam EC elliptic curve field |
400 | | /// \tparam H HashTransformation derived class |
401 | | template <class EC, class H = SHA1> |
402 | | struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H> |
403 | | { |
404 | | }; |
405 | | |
406 | | // ****************************************** |
407 | | |
408 | | template <class EC> |
409 | | class DL_PublicKey_ECGDSA; |
410 | | template <class EC> |
411 | | class DL_PrivateKey_ECGDSA; |
412 | | |
413 | | /// \brief Elliptic Curve German DSA key for ISO/IEC 15946 |
414 | | /// \tparam EC elliptic curve field |
415 | | /// \sa ECGDSA |
416 | | /// \since Crypto++ 6.0 |
417 | | template <class EC> |
418 | | class DL_PrivateKey_ECGDSA : public DL_PrivateKeyImpl<DL_GroupParameters_EC<EC> > |
419 | | { |
420 | | public: |
421 | | typedef typename EC::Point Element; |
422 | | |
423 | 0 | virtual ~DL_PrivateKey_ECGDSA() {} Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::~DL_PrivateKey_ECGDSA() Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::~DL_PrivateKey_ECGDSA() |
424 | | |
425 | | /// \brief Initialize an EC Private Key using {GP,x} |
426 | | /// \param params group parameters |
427 | | /// \param x the private exponent |
428 | | /// \details This Initialize() function overload initializes a private key from existing parameters. |
429 | | void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Integer &x) |
430 | 0 | { |
431 | 0 | this->AccessGroupParameters() = params; |
432 | 0 | this->SetPrivateExponent(x); |
433 | 0 | CRYPTOPP_ASSERT(x>=1 && x<=params.GetSubgroupOrder()-1); |
434 | 0 | } Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&, CryptoPP::Integer const&) |
435 | | |
436 | | /// \brief Initialize an EC Private Key using {EC,G,n,x} |
437 | | /// \param ec the elliptic curve |
438 | | /// \param G the base point |
439 | | /// \param n the order of the base point |
440 | | /// \param x the private exponent |
441 | | /// \details This Initialize() function overload initializes a private key from existing parameters. |
442 | | void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x) |
443 | 0 | { |
444 | 0 | this->AccessGroupParameters().Initialize(ec, G, n); |
445 | 0 | this->SetPrivateExponent(x); |
446 | 0 | CRYPTOPP_ASSERT(x>=1 && x<=this->AccessGroupParameters().GetSubgroupOrder()-1); |
447 | 0 | } Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::Integer const&) |
448 | | |
449 | | /// \brief Create an EC private key |
450 | | /// \param rng a RandomNumberGenerator derived class |
451 | | /// \param params the EC group parameters |
452 | | /// \details This function overload of Initialize() creates a new private key because it |
453 | | /// takes a RandomNumberGenerator() as a parameter. If you have an existing keypair, |
454 | | /// then use one of the other Initialize() overloads. |
455 | | void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC<EC> ¶ms) |
456 | 0 | {this->GenerateRandom(rng, params);} Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&) |
457 | | |
458 | | /// \brief Create an EC private key |
459 | | /// \param rng a RandomNumberGenerator derived class |
460 | | /// \param ec the elliptic curve |
461 | | /// \param G the base point |
462 | | /// \param n the order of the base point |
463 | | /// \details This function overload of Initialize() creates a new private key because it |
464 | | /// takes a RandomNumberGenerator() as a parameter. If you have an existing keypair, |
465 | | /// then use one of the other Initialize() overloads. |
466 | | void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n) |
467 | 0 | {this->GenerateRandom(rng, DL_GroupParameters_EC<EC>(ec, G, n));} Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::RandomNumberGenerator&, CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&) |
468 | | |
469 | | virtual void MakePublicKey(DL_PublicKey_ECGDSA<EC> &pub) const |
470 | 0 | { |
471 | 0 | const DL_GroupParameters<Element>& params = this->GetAbstractGroupParameters(); |
472 | 0 | pub.AccessAbstractGroupParameters().AssignFrom(params); |
473 | 0 | const Integer &xInv = this->GetPrivateExponent().InverseMod(params.GetSubgroupOrder()); |
474 | 0 | pub.SetPublicElement(params.ExponentiateBase(xInv)); |
475 | 0 | CRYPTOPP_ASSERT(xInv.NotZero()); |
476 | 0 | } Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::MakePublicKey(CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>&) const Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::MakePublicKey(CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>&) const |
477 | | |
478 | | virtual bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const |
479 | 0 | { |
480 | 0 | return GetValueHelper<DL_PrivateKey_ECGDSA<EC>, |
481 | 0 | DL_PrivateKey_ECGDSA<EC> >(this, name, valueType, pValue).Assignable(); |
482 | 0 | } Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::GetVoidValue(char const*, std::type_info const&, void*) const Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::GetVoidValue(char const*, std::type_info const&, void*) const |
483 | | |
484 | | virtual void AssignFrom(const NameValuePairs &source) |
485 | 0 | { |
486 | 0 | AssignFromHelper<DL_PrivateKey_ECGDSA<EC>, |
487 | 0 | DL_PrivateKey_ECGDSA<EC> >(this, source); |
488 | 0 | } Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::ECP>::AssignFrom(CryptoPP::NameValuePairs const&) Unexecuted instantiation: CryptoPP::DL_PrivateKey_ECGDSA<CryptoPP::EC2N>::AssignFrom(CryptoPP::NameValuePairs const&) |
489 | | |
490 | | // PKCS8PrivateKey |
491 | | void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size); |
492 | | void DEREncodePrivateKey(BufferedTransformation &bt) const; |
493 | | }; |
494 | | |
495 | | /// \brief Elliptic Curve German DSA key for ISO/IEC 15946 |
496 | | /// \tparam EC elliptic curve field |
497 | | /// \sa ECGDSA |
498 | | /// \since Crypto++ 6.0 |
499 | | template <class EC> |
500 | | class DL_PublicKey_ECGDSA : public DL_PublicKeyImpl<DL_GroupParameters_EC<EC> > |
501 | | { |
502 | | typedef DL_PublicKey_ECGDSA<EC> ThisClass; |
503 | | |
504 | | public: |
505 | | typedef typename EC::Point Element; |
506 | | |
507 | 0 | virtual ~DL_PublicKey_ECGDSA() {} Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>::~DL_PublicKey_ECGDSA() Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>::~DL_PublicKey_ECGDSA() |
508 | | |
509 | | /// \brief Initialize an EC Public Key using {GP,Q} |
510 | | /// \param params group parameters |
511 | | /// \param Q the public point |
512 | | /// \details This Initialize() function overload initializes a public key from existing parameters. |
513 | | void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Element &Q) |
514 | 0 | {this->AccessGroupParameters() = params; this->SetPublicElement(Q);} Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> const&, CryptoPP::ECPPoint const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> const&, CryptoPP::EC2NPoint const&) |
515 | | |
516 | | /// \brief Initialize an EC Public Key using {EC,G,n,Q} |
517 | | /// \param ec the elliptic curve |
518 | | /// \param G the base point |
519 | | /// \param n the order of the base point |
520 | | /// \param Q the public point |
521 | | /// \details This Initialize() function overload initializes a public key from existing parameters. |
522 | | void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q) |
523 | 0 | {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);} Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>::Initialize(CryptoPP::ECP const&, CryptoPP::ECPPoint const&, CryptoPP::Integer const&, CryptoPP::ECPPoint const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>::Initialize(CryptoPP::EC2N const&, CryptoPP::EC2NPoint const&, CryptoPP::Integer const&, CryptoPP::EC2NPoint const&) |
524 | | |
525 | | virtual void AssignFrom(const NameValuePairs &source) |
526 | 0 | { |
527 | 0 | DL_PrivateKey_ECGDSA<EC> *pPrivateKey = NULLPTR; |
528 | 0 | if (source.GetThisPointer(pPrivateKey)) |
529 | 0 | pPrivateKey->MakePublicKey(*this); |
530 | 0 | else |
531 | 0 | { |
532 | 0 | this->AccessAbstractGroupParameters().AssignFrom(source); |
533 | 0 | AssignFromHelper(this, source) |
534 | 0 | CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement); |
535 | 0 | } |
536 | 0 | } Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>::AssignFrom(CryptoPP::NameValuePairs const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>::AssignFrom(CryptoPP::NameValuePairs const&) |
537 | | |
538 | | // DL_PublicKey<T> |
539 | | virtual void SetPublicElement(const Element &y) |
540 | 0 | {this->AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);} Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::ECP>::SetPublicElement(CryptoPP::ECPPoint const&) Unexecuted instantiation: CryptoPP::DL_PublicKey_ECGDSA<CryptoPP::EC2N>::SetPublicElement(CryptoPP::EC2NPoint const&) |
541 | | |
542 | | // X509PublicKey |
543 | | void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size); |
544 | | void DEREncodePublicKey(BufferedTransformation &bt) const; |
545 | | }; |
546 | | |
547 | | /// \brief Elliptic Curve German DSA keys for ISO/IEC 15946 |
548 | | /// \tparam EC elliptic curve field |
549 | | /// \sa ECGDSA |
550 | | /// \since Crypto++ 6.0 |
551 | | template <class EC> |
552 | | struct DL_Keys_ECGDSA |
553 | | { |
554 | | typedef DL_PublicKey_ECGDSA<EC> PublicKey; |
555 | | typedef DL_PrivateKey_ECGDSA<EC> PrivateKey; |
556 | | }; |
557 | | |
558 | | /// \brief Elliptic Curve German DSA signature algorithm |
559 | | /// \tparam EC elliptic curve field |
560 | | /// \sa ECGDSA |
561 | | /// \since Crypto++ 6.0 |
562 | | template <class EC> |
563 | | class DL_Algorithm_ECGDSA : public DL_Algorithm_GDSA_ISO15946<typename EC::Point> |
564 | | { |
565 | | public: |
566 | | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECGDSA";} |
567 | | }; |
568 | | |
569 | | /// \brief Elliptic Curve German Digital Signature Algorithm signature scheme |
570 | | /// \tparam EC elliptic curve field |
571 | | /// \tparam H HashTransformation derived class |
572 | | /// \sa Erwin Hess, Marcus Schafheutle, and Pascale Serf <A |
573 | | /// HREF="http://www.teletrust.de/fileadmin/files/oid/ecgdsa_final.pdf">The Digital Signature Scheme |
574 | | /// ECGDSA (October 24, 2006)</A> |
575 | | /// \since Crypto++ 6.0 |
576 | | template <class EC, class H> |
577 | | struct ECGDSA : public DL_SS< |
578 | | DL_Keys_ECGDSA<EC>, |
579 | | DL_Algorithm_ECGDSA<EC>, |
580 | | DL_SignatureMessageEncodingMethod_DSA, |
581 | | H> |
582 | | { |
583 | | static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string("ECGDSA-ISO15946/") + H::StaticAlgorithmName();} |
584 | | }; |
585 | | |
586 | | // ****************************************** |
587 | | |
588 | | /// \brief Elliptic Curve Integrated Encryption Scheme |
589 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
590 | | /// \tparam HASH HashTransformation derived class used for key derivation and MAC computation |
591 | | /// \tparam DHAES_MODE flag indicating if the MAC includes additional context parameters such as <em>u·V</em>, <em>v·U</em> and label |
592 | | /// \tparam LABEL_OCTETS flag indicating if the label size is specified in octets or bits |
593 | | /// \details ECIES is an Elliptic Curve based Integrated Encryption Scheme (IES). The scheme combines a Key Encapsulation |
594 | | /// Method (KEM) with a Data Encapsulation Method (DEM) and a MAC tag. The scheme is |
595 | | /// <A HREF="http://en.wikipedia.org/wiki/ciphertext_indistinguishability">IND-CCA2</A>, which is a strong notion of security. |
596 | | /// You should prefer an Integrated Encryption Scheme over homegrown schemes. |
597 | | /// \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the ECIES_P1363. |
598 | | /// If you desire an Integrated Encryption Scheme compatible with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES |
599 | | /// template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>. |
600 | | /// \details The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of |
601 | | /// <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security. |
602 | | /// SHA1 is used for compatibility reasons, but it can be changed if desired. |
603 | | /// \sa DLIES, ECIES_P1363, <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES">Elliptic Curve Integrated Encryption Scheme (ECIES)</a>, |
604 | | /// Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic |
605 | | /// Curve Integrated Encryption Schemes</A> |
606 | | /// \since Crypto++ 4.0, Crypto++ 5.7 for Bouncy Castle and Botan compatibility |
607 | | template <class EC, class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS = false> |
608 | | struct ECIES |
609 | | : public DL_ES< |
610 | | DL_Keys_EC<EC>, |
611 | | DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>, |
612 | | DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<HASH> >, |
613 | | DL_EncryptionAlgorithm_Xor<HMAC<HASH>, DHAES_MODE, LABEL_OCTETS>, |
614 | | ECIES<EC> > |
615 | | { |
616 | | // TODO: fix this after name is standardized |
617 | | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECIES";} |
618 | | }; |
619 | | |
620 | | /// \brief Elliptic Curve Integrated Encryption Scheme for P1363 |
621 | | /// \tparam COFACTOR_OPTION cofactor multiplication option |
622 | | /// \tparam HASH HashTransformation derived class used for key derivation and MAC computation |
623 | | /// \details ECIES_P1363 is an Elliptic Curve based Integrated Encryption Scheme (IES) for P1363. The scheme combines a Key Encapsulation |
624 | | /// Method (KEM) with a Data Encapsulation Method (DEM) and a MAC tag. The scheme is |
625 | | /// <A HREF="http://en.wikipedia.org/wiki/ciphertext_indistinguishability">IND-CCA2</A>, which is a strong notion of security. |
626 | | /// You should prefer an Integrated Encryption Scheme over homegrown schemes. |
627 | | /// \details The library's original implementation is based on an early P1363 draft, which itself appears to be based on an early Certicom |
628 | | /// SEC-1 draft (or an early SEC-1 draft was based on a P1363 draft). Crypto++ 4.2 used the early draft in its Integrated Enryption |
629 | | /// Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>. |
630 | | /// \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the ECIES_P1363. |
631 | | /// If you desire an Integrated Encryption Scheme compatible with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES |
632 | | /// template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>. |
633 | | /// \details The default template parameters ensure compatibility with P1363. The combination of |
634 | | /// <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security. |
635 | | /// SHA1 is used for compatibility reasons, but it can be changed if desired. |
636 | | /// \sa DLIES, ECIES, <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES">Elliptic Curve Integrated Encryption Scheme (ECIES)</a>, |
637 | | /// Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic |
638 | | /// Curve Integrated Encryption Schemes</A> |
639 | | /// \since Crypto++ 4.0 |
640 | | template <class EC, class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication> |
641 | | struct ECIES_P1363 |
642 | | : public DL_ES< |
643 | | DL_Keys_EC<EC>, |
644 | | DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>, |
645 | | DL_KeyDerivationAlgorithm_P1363<typename EC::Point, false, P1363_KDF2<HASH> >, |
646 | | DL_EncryptionAlgorithm_Xor<HMAC<HASH>, false, true>, |
647 | | ECIES<EC> > |
648 | | { |
649 | | // TODO: fix this after name is standardized |
650 | | CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "ECIES-P1363";} |
651 | | }; |
652 | | |
653 | | NAMESPACE_END |
654 | | |
655 | | #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES |
656 | | #include "eccrypto.cpp" |
657 | | #endif |
658 | | |
659 | | NAMESPACE_BEGIN(CryptoPP) |
660 | | |
661 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupParameters_EC<ECP>; |
662 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupParameters_EC<EC2N>; |
663 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKeyImpl<DL_GroupParameters_EC<ECP> >; |
664 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKeyImpl<DL_GroupParameters_EC<EC2N> >; |
665 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_EC<ECP>; |
666 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_EC<EC2N>; |
667 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_ECGDSA<ECP>; |
668 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_ECGDSA<EC2N>; |
669 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl<DL_GroupParameters_EC<ECP> >; |
670 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl<DL_GroupParameters_EC<EC2N> >; |
671 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC<ECP>; |
672 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC<EC2N>; |
673 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_ECGDSA<ECP>; |
674 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_ECGDSA<EC2N>; |
675 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA<ECP::Point>; |
676 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA<EC2N::Point>; |
677 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<ECP>, ECDSA<ECP, SHA256> >; |
678 | | CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC2N>, ECDSA<EC2N, SHA256> >; |
679 | | |
680 | | NAMESPACE_END |
681 | | |
682 | | #if CRYPTOPP_MSC_VERSION |
683 | | # pragma warning(pop) |
684 | | #endif |
685 | | |
686 | | #endif |