Coverage Report

Created: 2024-11-21 07:03

/src/cryptopp/pssr.h
Line
Count
Source (jump to first uncovered line)
1
// pssr.h - originally written and placed in the public domain by Wei Dai
2
3
/// \file pssr.h
4
/// \brief Classes for probabilistic signature schemes
5
/// \since Crypto++ 2.1
6
7
#ifndef CRYPTOPP_PSSR_H
8
#define CRYPTOPP_PSSR_H
9
10
#include "cryptlib.h"
11
#include "pubkey.h"
12
#include "emsa2.h"
13
14
#ifdef CRYPTOPP_IS_DLL
15
#include "sha.h"
16
#endif
17
18
NAMESPACE_BEGIN(CryptoPP)
19
20
/// \brief PSSR Message Encoding Method interface
21
/// \since Crypto++ 2.1
22
class CRYPTOPP_DLL PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod
23
{
24
public:
25
0
  virtual ~PSSR_MEM_Base() {}
26
27
protected:
28
  virtual bool AllowRecovery() const =0;
29
  virtual size_t SaltLen(size_t hashLen) const =0;
30
  virtual size_t MinPadLen(size_t hashLen) const =0;
31
  virtual const MaskGeneratingFunction & GetMGF() const =0;
32
33
private:
34
  size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const;
35
  size_t MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const;
36
  bool IsProbabilistic() const;
37
  bool AllowNonrecoverablePart() const;
38
  bool RecoverablePartFirst() const;
39
  void ComputeMessageRepresentative(RandomNumberGenerator &rng,
40
    const byte *recoverableMessage, size_t recoverableMessageLength,
41
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
42
    byte *representative, size_t representativeBitLength) const;
43
  DecodingResult RecoverMessageFromRepresentative(
44
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
45
    byte *representative, size_t representativeBitLength,
46
    byte *recoverableMessage) const;
47
};
48
49
/// \brief PSSR Message Encoding Method with Hash Identifier
50
/// \tparam USE_HASH_ID flag indicating whether the HashId is used
51
/// \since Crypto++ 2.1
52
template <bool USE_HASH_ID> class PSSR_MEM_BaseWithHashId;
53
54
/// \brief PSSR Message Encoding Method with Hash Identifier
55
/// \details If USE_HASH_ID is true, then EMSA2HashIdLookup<PSSR_MEM_Base> is used for the base class
56
template<> class PSSR_MEM_BaseWithHashId<true> : public EMSA2HashIdLookup<PSSR_MEM_Base> {};
57
58
/// \brief PSSR Message Encoding Method without Hash Identifier
59
/// \details If USE_HASH_ID is false, then PSSR_MEM_Base is used for the base class
60
/// \since Crypto++ 2.1
61
template<> class PSSR_MEM_BaseWithHashId<false> : public PSSR_MEM_Base {};
62
63
/// \brief PSSR Message Encoding Method
64
/// \tparam ALLOW_RECOVERY flag indicating whether the scheme provides message recovery
65
/// \tparam MGF mask generation function
66
/// \tparam SALT_LEN length of the salt
67
/// \tparam MIN_PAD_LEN minimum length of the pad
68
/// \tparam USE_HASH_ID flag indicating whether the HashId is used
69
/// \details If ALLOW_RECOVERY is true, the signature scheme provides message recovery. If
70
///  ALLOW_RECOVERY is false, the signature scheme is appendix, and the message must be
71
///  provided during verification.
72
/// \since Crypto++ 2.1
73
template <bool ALLOW_RECOVERY, class MGF=P1363_MGF1, int SALT_LEN=-1, int MIN_PAD_LEN=0, bool USE_HASH_ID=false>
74
class PSSR_MEM : public PSSR_MEM_BaseWithHashId<USE_HASH_ID>
75
{
76
  virtual bool AllowRecovery() const {return ALLOW_RECOVERY;}
77
  virtual size_t SaltLen(size_t hashLen) const {return SALT_LEN < 0 ? hashLen : SALT_LEN;}
78
  virtual size_t MinPadLen(size_t hashLen) const {return MIN_PAD_LEN < 0 ? hashLen : MIN_PAD_LEN;}
79
  virtual const MaskGeneratingFunction & GetMGF() const {static MGF mgf; return mgf;}
80
81
public:
82
  static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string(ALLOW_RECOVERY ? "PSSR-" : "PSS-") + MGF::StaticAlgorithmName();}
83
};
84
85
/// \brief Probabilistic Signature Scheme with Recovery
86
/// \details Signature Schemes with Recovery encode the message with the signature.
87
/// \sa <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSSR-MGF1">PSSR-MGF1</a>
88
/// \since Crypto++ 2.1
89
struct PSSR : public SignatureStandard
90
{
91
  typedef PSSR_MEM<true> SignatureMessageEncodingMethod;
92
};
93
94
/// \brief Probabilistic Signature Scheme with Appendix
95
/// \details Signature Schemes with Appendix require the message to be provided during verification.
96
/// \sa <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSS-MGF1">PSS-MGF1</a>
97
/// \since Crypto++ 2.1
98
struct PSS : public SignatureStandard
99
{
100
  typedef PSSR_MEM<false> SignatureMessageEncodingMethod;
101
};
102
103
NAMESPACE_END
104
105
#endif