Coverage Report

Created: 2024-11-21 07:03

/src/cryptopp/pubkey.h
Line
Count
Source (jump to first uncovered line)
1
// pubkey.h - originally written and placed in the public domain by Wei Dai
2
3
/// \file pubkey.h
4
/// \brief This file contains helper classes/functions for implementing public key algorithms.
5
/// \details The class hierarchies in this header file tend to look like this:
6
///
7
/// <pre>
8
///                   x1
9
///                  +--+
10
///                  |  |
11
///                 y1  z1
12
///                  |  |
13
///             x2<y1>  x2<z1>
14
///                  |  |
15
///                 y2  z2
16
///                  |  |
17
///             x3<y2>  x3<z2>
18
///                  |  |
19
///                 y3  z3
20
/// </pre>
21
///
22
/// <ul>
23
///  <li>x1, y1, z1 are abstract interface classes defined in cryptlib.h
24
///  <li>x2, y2, z2 are implementations of the interfaces using "abstract policies", which
25
///      are pure virtual functions that should return interfaces to interchangeable algorithms.
26
///      These classes have Base suffixes.
27
///  <li>x3, y3, z3 hold actual algorithms and implement those virtual functions.
28
///      These classes have Impl suffixes.
29
/// </ul>
30
///
31
/// \details The TF_ prefix means an implementation using trapdoor functions on integers.
32
/// \details The DL_ prefix means an implementation using group operations in groups where discrete log is hard.
33
34
#ifndef CRYPTOPP_PUBKEY_H
35
#define CRYPTOPP_PUBKEY_H
36
37
#include "config.h"
38
39
#if CRYPTOPP_MSC_VERSION
40
# pragma warning(push)
41
# pragma warning(disable: 4702)
42
#endif
43
44
#include "cryptlib.h"
45
#include "integer.h"
46
#include "algebra.h"
47
#include "modarith.h"
48
#include "filters.h"
49
#include "eprecomp.h"
50
#include "fips140.h"
51
#include "argnames.h"
52
#include "smartptr.h"
53
#include "stdcpp.h"
54
55
#if defined(__SUNPRO_CC)
56
# define MAYBE_RETURN(x) return x
57
#else
58
0
# define MAYBE_RETURN(x) CRYPTOPP_UNUSED(x)
59
#endif
60
61
NAMESPACE_BEGIN(CryptoPP)
62
63
/// \brief Provides range for plaintext and ciphertext lengths
64
/// \details A trapdoor function is a function that is easy to compute in one direction,
65
///  but difficult to compute in the opposite direction without special knowledge.
66
///  The special knowledge is usually the private key.
67
/// \details Trapdoor functions only handle messages of a limited length or size.
68
///  MaxPreimage is the plaintext's maximum length, and MaxImage is the
69
///  ciphertext's maximum length.
70
/// \sa TrapdoorFunctionBounds(), RandomizedTrapdoorFunction(), TrapdoorFunction(),
71
///  RandomizedTrapdoorFunctionInverse() and TrapdoorFunctionInverse()
72
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TrapdoorFunctionBounds
73
{
74
public:
75
0
  virtual ~TrapdoorFunctionBounds() {}
76
77
  /// \brief Returns the maximum size of a message before the trapdoor function is applied
78
  /// \return the maximum size of a message before the trapdoor function is applied
79
  /// \details Derived classes must implement PreimageBound().
80
  virtual Integer PreimageBound() const =0;
81
  /// \brief Returns the maximum size of a representation after the trapdoor function is applied
82
  /// \return the maximum size of a representation after the trapdoor function is applied
83
  /// \details Derived classes must implement ImageBound().
84
  virtual Integer ImageBound() const =0;
85
  /// \brief Returns the maximum size of a message before the trapdoor function is applied bound to a public key
86
  /// \return the maximum size of a message before the trapdoor function is applied bound to a public key
87
  /// \details The default implementation returns <tt>PreimageBound() - 1</tt>.
88
0
  virtual Integer MaxPreimage() const {return --PreimageBound();}
89
  /// \brief Returns the maximum size of a representation after the trapdoor function is applied bound to a public key
90
  /// \return the maximum size of a representation after the trapdoor function is applied bound to a public key
91
  /// \details The default implementation returns <tt>ImageBound() - 1</tt>.
92
0
  virtual Integer MaxImage() const {return --ImageBound();}
93
};
94
95
/// \brief Applies the trapdoor function, using random data if required
96
/// \details ApplyFunction() is the foundation for encrypting a message under a public key.
97
///  Derived classes will override it at some point.
98
/// \sa TrapdoorFunctionBounds(), RandomizedTrapdoorFunction(), TrapdoorFunction(),
99
///  RandomizedTrapdoorFunctionInverse() and TrapdoorFunctionInverse()
100
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomizedTrapdoorFunction : public TrapdoorFunctionBounds
101
{
102
public:
103
0
  virtual ~RandomizedTrapdoorFunction() {}
104
105
  /// \brief Applies the trapdoor function, using random data if required
106
  /// \param rng a RandomNumberGenerator derived class
107
  /// \param x the message on which the encryption function is applied
108
  /// \return the message x encrypted under the public key
109
  /// \details ApplyRandomizedFunction is a generalization of encryption under a public key
110
  ///  cryptosystem. The RandomNumberGenerator may (or may not) be required.
111
  ///  Derived classes must implement it.
112
  virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0;
113
114
  /// \brief Determines if the encryption algorithm is randomized
115
  /// \return true if the encryption algorithm is randomized, false otherwise
116
  /// \details If IsRandomized() returns false, then NullRNG() can be used.
117
0
  virtual bool IsRandomized() const {return true;}
118
};
119
120
/// \brief Applies the trapdoor function
121
/// \details ApplyFunction() is the foundation for encrypting a message under a public key.
122
///  Derived classes will override it at some point.
123
/// \sa TrapdoorFunctionBounds(), RandomizedTrapdoorFunction(), TrapdoorFunction(),
124
///  RandomizedTrapdoorFunctionInverse() and TrapdoorFunctionInverse()
125
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TrapdoorFunction : public RandomizedTrapdoorFunction
126
{
127
public:
128
0
  virtual ~TrapdoorFunction() {}
129
130
  /// \brief Applies the trapdoor function
131
  /// \param rng a RandomNumberGenerator derived class
132
  /// \param x the message on which the encryption function is applied
133
  /// \details ApplyRandomizedFunction is a generalization of encryption under a public key
134
  ///  cryptosystem. The RandomNumberGenerator may (or may not) be required.
135
  /// \details Internally, ApplyRandomizedFunction() calls ApplyFunction()
136
  ///  without the RandomNumberGenerator.
137
  Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const
138
0
    {CRYPTOPP_UNUSED(rng); return ApplyFunction(x);}
139
0
  bool IsRandomized() const {return false;}
140
141
  /// \brief Applies the trapdoor
142
  /// \param x the message on which the encryption function is applied
143
  /// \return the message x encrypted under the public key
144
  /// \details ApplyFunction is a generalization of encryption under a public key
145
  ///  cryptosystem. Derived classes must implement it.
146
  virtual Integer ApplyFunction(const Integer &x) const =0;
147
};
148
149
/// \brief Applies the inverse of the trapdoor function, using random data if required
150
/// \details CalculateInverse() is the foundation for decrypting a message under a private key
151
///  in a public key cryptosystem. Derived classes will override it at some point.
152
/// \sa TrapdoorFunctionBounds(), RandomizedTrapdoorFunction(), TrapdoorFunction(),
153
///  RandomizedTrapdoorFunctionInverse() and TrapdoorFunctionInverse()
154
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomizedTrapdoorFunctionInverse
155
{
156
public:
157
0
  virtual ~RandomizedTrapdoorFunctionInverse() {}
158
159
  /// \brief Applies the inverse of the trapdoor function, using random data if required
160
  /// \param rng a RandomNumberGenerator derived class
161
  /// \param x the message on which the decryption function is applied
162
  /// \return the message x decrypted under the private key
163
  /// \details CalculateRandomizedInverse is a generalization of decryption using the private key
164
  ///  The RandomNumberGenerator may (or may not) be required. Derived classes must implement it.
165
  virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0;
166
167
  /// \brief Determines if the decryption algorithm is randomized
168
  /// \return true if the decryption algorithm is randomized, false otherwise
169
  /// \details If IsRandomized() returns false, then NullRNG() can be used.
170
0
  virtual bool IsRandomized() const {return true;}
171
};
172
173
/// \brief Applies the inverse of the trapdoor function
174
/// \details CalculateInverse() is the foundation for decrypting a message under a private key
175
///  in a public key cryptosystem. Derived classes will override it at some point.
176
/// \sa TrapdoorFunctionBounds(), RandomizedTrapdoorFunction(), TrapdoorFunction(),
177
///  RandomizedTrapdoorFunctionInverse() and TrapdoorFunctionInverse()
178
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TrapdoorFunctionInverse : public RandomizedTrapdoorFunctionInverse
179
{
180
public:
181
0
  virtual ~TrapdoorFunctionInverse() {}
182
183
  /// \brief Applies the inverse of the trapdoor function
184
  /// \param rng a RandomNumberGenerator derived class
185
  /// \param x the message on which the decryption function is applied
186
  /// \return the message x decrypted under the private key
187
  /// \details CalculateRandomizedInverse is a generalization of decryption using the private key
188
  /// \details Internally, CalculateRandomizedInverse() calls CalculateInverse()
189
  ///  without the RandomNumberGenerator.
190
  Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
191
0
    {return CalculateInverse(rng, x);}
192
193
  /// \brief Determines if the decryption algorithm is randomized
194
  /// \return true if the decryption algorithm is randomized, false otherwise
195
  /// \details If IsRandomized() returns false, then NullRNG() can be used.
196
0
  bool IsRandomized() const {return false;}
197
198
  /// \brief Calculates the inverse of an element
199
  /// \param rng a RandomNumberGenerator derived class
200
  /// \param x the element
201
  /// \return the inverse of the element in the group
202
  virtual Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const =0;
203
};
204
205
// ********************************************************
206
207
/// \brief Message encoding method for public key encryption
208
class CRYPTOPP_NO_VTABLE PK_EncryptionMessageEncodingMethod
209
{
210
public:
211
0
  virtual ~PK_EncryptionMessageEncodingMethod() {}
212
213
  virtual bool ParameterSupported(const char *name) const
214
0
    {CRYPTOPP_UNUSED(name); return false;}
215
216
  /// max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of modulus)
217
  virtual size_t MaxUnpaddedLength(size_t paddedLength) const =0;
218
219
  virtual void Pad(RandomNumberGenerator &rng, const byte *raw, size_t inputLength, byte *padded, size_t paddedBitLength, const NameValuePairs &parameters) const =0;
220
221
  virtual DecodingResult Unpad(const byte *padded, size_t paddedBitLength, byte *raw, const NameValuePairs &parameters) const =0;
222
};
223
224
// ********************************************************
225
226
/// \brief The base for trapdoor based cryptosystems
227
/// \tparam TFI trapdoor function interface derived class
228
/// \tparam MEI message encoding interface derived class
229
template <class TFI, class MEI>
230
class CRYPTOPP_NO_VTABLE TF_Base
231
{
232
protected:
233
0
  virtual ~TF_Base() {}
Unexecuted instantiation: CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod>::~TF_Base()
Unexecuted instantiation: CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod>::~TF_Base()
Unexecuted instantiation: CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod>::~TF_Base()
Unexecuted instantiation: CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod>::~TF_Base()
234
235
  virtual const TrapdoorFunctionBounds & GetTrapdoorFunctionBounds() const =0;
236
237
  typedef TFI TrapdoorFunctionInterface;
238
  virtual const TrapdoorFunctionInterface & GetTrapdoorFunctionInterface() const =0;
239
240
  typedef MEI MessageEncodingInterface;
241
  virtual const MessageEncodingInterface & GetMessageEncodingInterface() const =0;
242
};
243
244
// ********************************************************
245
246
/// \brief Public key trapdoor function default implementation
247
/// \tparam BASE public key cryptosystem with a fixed length
248
template <class BASE>
249
class CRYPTOPP_NO_VTABLE PK_FixedLengthCryptoSystemImpl : public BASE
250
{
251
public:
252
  virtual ~PK_FixedLengthCryptoSystemImpl() {}
253
254
  size_t MaxPlaintextLength(size_t ciphertextLength) const
255
0
    {return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
Unexecuted instantiation: CryptoPP::PK_FixedLengthCryptoSystemImpl<CryptoPP::PK_Decryptor>::MaxPlaintextLength(unsigned long) const
Unexecuted instantiation: CryptoPP::PK_FixedLengthCryptoSystemImpl<CryptoPP::PK_Encryptor>::MaxPlaintextLength(unsigned long) const
256
  size_t CiphertextLength(size_t plaintextLength) const
257
0
    {return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
Unexecuted instantiation: CryptoPP::PK_FixedLengthCryptoSystemImpl<CryptoPP::PK_Decryptor>::CiphertextLength(unsigned long) const
Unexecuted instantiation: CryptoPP::PK_FixedLengthCryptoSystemImpl<CryptoPP::PK_Encryptor>::CiphertextLength(unsigned long) const
258
259
  virtual size_t FixedMaxPlaintextLength() const =0;
260
  virtual size_t FixedCiphertextLength() const =0;
261
};
262
263
/// \brief Trapdoor function cryptosystem base class
264
/// \tparam INTFACE public key cryptosystem base interface
265
/// \tparam BASE public key cryptosystem implementation base
266
template <class INTFACE, class BASE>
267
class CRYPTOPP_NO_VTABLE TF_CryptoSystemBase : public PK_FixedLengthCryptoSystemImpl<INTFACE>, protected BASE
268
{
269
public:
270
0
  virtual ~TF_CryptoSystemBase() {}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::~TF_CryptoSystemBase()
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::~TF_CryptoSystemBase()
271
272
0
  bool ParameterSupported(const char *name) const {return this->GetMessageEncodingInterface().ParameterSupported(name);}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::ParameterSupported(char const*) const
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::ParameterSupported(char const*) const
273
0
  size_t FixedMaxPlaintextLength() const {return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::FixedMaxPlaintextLength() const
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::FixedMaxPlaintextLength() const
274
0
  size_t FixedCiphertextLength() const {return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::FixedCiphertextLength() const
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::FixedCiphertextLength() const
275
276
protected:
277
0
  size_t PaddedBlockByteLength() const {return BitsToBytes(PaddedBlockBitLength());}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::PaddedBlockByteLength() const
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::PaddedBlockByteLength() const
278
  // Coverity finding on potential overflow/underflow.
279
0
  size_t PaddedBlockBitLength() const {return SaturatingSubtract(this->GetTrapdoorFunctionBounds().PreimageBound().BitCount(),1U);}
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Decryptor, CryptoPP::TF_Base<CryptoPP::TrapdoorFunctionInverse, CryptoPP::PK_EncryptionMessageEncodingMethod> >::PaddedBlockBitLength() const
Unexecuted instantiation: CryptoPP::TF_CryptoSystemBase<CryptoPP::PK_Encryptor, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunction, CryptoPP::PK_EncryptionMessageEncodingMethod> >::PaddedBlockBitLength() const
280
};
281
282
/// \brief Trapdoor function cryptosystems decryption base class
283
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_DecryptorBase : public TF_CryptoSystemBase<PK_Decryptor, TF_Base<TrapdoorFunctionInverse, PK_EncryptionMessageEncodingMethod> >
284
{
285
public:
286
0
  virtual ~TF_DecryptorBase() {}
287
288
  DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
289
};
290
291
/// \brief Trapdoor function cryptosystems encryption base class
292
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_EncryptorBase : public TF_CryptoSystemBase<PK_Encryptor, TF_Base<RandomizedTrapdoorFunction, PK_EncryptionMessageEncodingMethod> >
293
{
294
public:
295
0
  virtual ~TF_EncryptorBase() {}
296
297
  void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
298
};
299
300
// ********************************************************
301
302
// Typedef change due to Clang, http://github.com/weidai11/cryptopp/issues/300
303
typedef std::pair<const byte *, unsigned int> HashIdentifier;
304
305
/// \brief Interface for message encoding method for public key signature schemes.
306
/// \details PK_SignatureMessageEncodingMethod provides interfaces for message
307
///  encoding method for public key signature schemes. The methods support both
308
///  trapdoor functions (<tt>TF_*</tt>) and discrete logarithm (<tt>DL_*</tt>)
309
///  based schemes.
310
class CRYPTOPP_NO_VTABLE PK_SignatureMessageEncodingMethod
311
{
312
public:
313
0
  virtual ~PK_SignatureMessageEncodingMethod() {}
314
315
  virtual size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const
316
0
    {CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength); return 0;}
317
  virtual size_t MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const
318
0
    {CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(hashIdentifierLength); CRYPTOPP_UNUSED(digestLength); return 0;}
319
320
  /// \brief Determines whether an encoding method requires a random number generator
321
  /// \return true if the encoding method requires a RandomNumberGenerator()
322
  /// \details if IsProbabilistic() returns false, then NullRNG() can be passed to functions that take
323
  ///  RandomNumberGenerator().
324
  /// \sa Bellare and Rogaway<a href="http://grouper.ieee.org/groups/1363/P1363a/contributions/pss-submission.pdf">PSS:
325
  ///  Provably Secure Encoding Method for Digital Signatures</a>
326
  bool IsProbabilistic() const
327
0
    {return true;}
328
  bool AllowNonrecoverablePart() const
329
0
    {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
330
  virtual bool RecoverablePartFirst() const
331
0
    {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
332
333
  // for verification, DL
334
  virtual void ProcessSemisignature(HashTransformation &hash, const byte *semisignature, size_t semisignatureLength) const
335
0
    {CRYPTOPP_UNUSED(hash); CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength);}
336
337
  // for signature
338
  virtual void ProcessRecoverableMessage(HashTransformation &hash,
339
    const byte *recoverableMessage, size_t recoverableMessageLength,
340
    const byte *presignature, size_t presignatureLength,
341
    SecByteBlock &semisignature) const
342
0
  {
343
0
    CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(recoverableMessage); CRYPTOPP_UNUSED(recoverableMessageLength);
344
0
    CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength); CRYPTOPP_UNUSED(semisignature);
345
0
    if (RecoverablePartFirst())
346
0
      CRYPTOPP_ASSERT(!"ProcessRecoverableMessage() not implemented");
347
0
  }
348
349
  virtual void ComputeMessageRepresentative(RandomNumberGenerator &rng,
350
    const byte *recoverableMessage, size_t recoverableMessageLength,
351
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
352
    byte *representative, size_t representativeBitLength) const =0;
353
354
  virtual bool VerifyMessageRepresentative(
355
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
356
    byte *representative, size_t representativeBitLength) const =0;
357
358
  virtual DecodingResult RecoverMessageFromRepresentative(  // for TF
359
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
360
    byte *representative, size_t representativeBitLength,
361
    byte *recoveredMessage) const
362
0
    {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(messageEmpty);
363
0
    CRYPTOPP_UNUSED(representative); CRYPTOPP_UNUSED(representativeBitLength); CRYPTOPP_UNUSED(recoveredMessage);
364
0
    throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
365
366
  virtual DecodingResult RecoverMessageFromSemisignature(   // for DL
367
    HashTransformation &hash, HashIdentifier hashIdentifier,
368
    const byte *presignature, size_t presignatureLength,
369
    const byte *semisignature, size_t semisignatureLength,
370
    byte *recoveredMessage) const
371
0
    {CRYPTOPP_UNUSED(hash);CRYPTOPP_UNUSED(hashIdentifier); CRYPTOPP_UNUSED(presignature); CRYPTOPP_UNUSED(presignatureLength);
372
0
    CRYPTOPP_UNUSED(semisignature); CRYPTOPP_UNUSED(semisignatureLength); CRYPTOPP_UNUSED(recoveredMessage);
373
0
    throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
374
375
  // VC60 workaround
376
  struct HashIdentifierLookup
377
  {
378
    template <class H> struct HashIdentifierLookup2
379
    {
380
      static HashIdentifier CRYPTOPP_API Lookup()
381
0
      {
382
0
        return HashIdentifier(static_cast<const byte *>(NULLPTR), 0);
383
0
      }
Unexecuted instantiation: CryptoPP::PK_SignatureMessageEncodingMethod::HashIdentifierLookup::HashIdentifierLookup2<CryptoPP::SHA1>::Lookup()
Unexecuted instantiation: CryptoPP::PK_SignatureMessageEncodingMethod::HashIdentifierLookup::HashIdentifierLookup2<CryptoPP::SHA256>::Lookup()
384
    };
385
  };
386
};
387
388
/// \brief Interface for message encoding method for public key signature schemes.
389
/// \details PK_DeterministicSignatureMessageEncodingMethod provides interfaces
390
///  for message encoding method for public key signature schemes.
391
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_DeterministicSignatureMessageEncodingMethod : public PK_SignatureMessageEncodingMethod
392
{
393
public:
394
  bool VerifyMessageRepresentative(
395
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
396
    byte *representative, size_t representativeBitLength) const;
397
};
398
399
/// \brief Interface for message encoding method for public key signature schemes.
400
/// \details PK_RecoverableSignatureMessageEncodingMethod provides interfaces
401
///  for message encoding method for public key signature schemes.
402
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_RecoverableSignatureMessageEncodingMethod : public PK_SignatureMessageEncodingMethod
403
{
404
public:
405
  bool VerifyMessageRepresentative(
406
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
407
    byte *representative, size_t representativeBitLength) const;
408
};
409
410
/// \brief Interface for message encoding method for public key signature schemes.
411
/// \details DL_SignatureMessageEncodingMethod_DSA provides interfaces
412
///  for message encoding method for DSA.
413
class CRYPTOPP_DLL DL_SignatureMessageEncodingMethod_DSA : public PK_DeterministicSignatureMessageEncodingMethod
414
{
415
public:
416
  void ComputeMessageRepresentative(RandomNumberGenerator &rng,
417
    const byte *recoverableMessage, size_t recoverableMessageLength,
418
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
419
    byte *representative, size_t representativeBitLength) const;
420
};
421
422
/// \brief Interface for message encoding method for public key signature schemes.
423
/// \details DL_SignatureMessageEncodingMethod_NR provides interfaces
424
///  for message encoding method for Nyberg-Rueppel.
425
class CRYPTOPP_DLL DL_SignatureMessageEncodingMethod_NR : public PK_DeterministicSignatureMessageEncodingMethod
426
{
427
public:
428
  void ComputeMessageRepresentative(RandomNumberGenerator &rng,
429
    const byte *recoverableMessage, size_t recoverableMessageLength,
430
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
431
    byte *representative, size_t representativeBitLength) const;
432
};
433
434
#if 0
435
/// \brief Interface for message encoding method for public key signature schemes.
436
/// \details DL_SignatureMessageEncodingMethod_SM2 provides interfaces
437
///  for message encoding method for SM2.
438
class CRYPTOPP_DLL DL_SignatureMessageEncodingMethod_SM2 : public PK_DeterministicSignatureMessageEncodingMethod
439
{
440
public:
441
  void ComputeMessageRepresentative(RandomNumberGenerator &rng,
442
    const byte *recoverableMessage, size_t recoverableMessageLength,
443
    HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
444
    byte *representative, size_t representativeBitLength) const;
445
};
446
#endif
447
448
/// \brief Interface for message encoding method for public key signature schemes.
449
/// \details PK_MessageAccumulatorBase provides interfaces
450
///  for message encoding method.
451
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_MessageAccumulatorBase : public PK_MessageAccumulator
452
{
453
public:
454
0
  PK_MessageAccumulatorBase() : m_empty(true) {}
455
456
  virtual HashTransformation & AccessHash() =0;
457
458
  void Update(const byte *input, size_t length)
459
0
  {
460
0
    AccessHash().Update(input, length);
461
0
    m_empty = m_empty && length == 0;
462
0
  }
463
464
  SecByteBlock m_recoverableMessage, m_representative, m_presignature, m_semisignature;
465
  Integer m_k, m_s;
466
  bool m_empty;
467
};
468
469
/// \brief Interface for message encoding method for public key signature schemes.
470
/// \details PK_MessageAccumulatorBase provides interfaces
471
///  for message encoding method.
472
template <class HASH_ALGORITHM>
473
class PK_MessageAccumulatorImpl : public PK_MessageAccumulatorBase, protected ObjectHolder<HASH_ALGORITHM>
474
{
475
public:
476
0
  HashTransformation & AccessHash() {return this->m_object;}
Unexecuted instantiation: CryptoPP::PK_MessageAccumulatorImpl<CryptoPP::SHA1>::AccessHash()
Unexecuted instantiation: CryptoPP::PK_MessageAccumulatorImpl<CryptoPP::SHA256>::AccessHash()
477
};
478
479
/// \brief Trapdoor Function (TF) Signature Scheme base class
480
/// \tparam INTFACE interface
481
/// \tparam BASE base class
482
template <class INTFACE, class BASE>
483
class CRYPTOPP_NO_VTABLE TF_SignatureSchemeBase : public INTFACE, protected BASE
484
{
485
public:
486
0
  virtual ~TF_SignatureSchemeBase() {}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::~TF_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::~TF_SignatureSchemeBase()
487
488
  size_t SignatureLength() const
489
0
    {return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::SignatureLength() const
490
  size_t MaxRecoverableLength() const
491
0
    {return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::MaxRecoverableLength() const
492
  size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
493
0
    {CRYPTOPP_UNUSED(signatureLength); return this->MaxRecoverableLength();}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
494
495
  bool IsProbabilistic() const
496
0
    {return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::IsProbabilistic() const
497
  bool AllowNonrecoverablePart() const
498
0
    {return this->GetMessageEncodingInterface().AllowNonrecoverablePart();}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::AllowNonrecoverablePart() const
499
  bool RecoverablePartFirst() const
500
0
    {return this->GetMessageEncodingInterface().RecoverablePartFirst();}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::RecoverablePartFirst() const
501
502
protected:
503
0
  size_t MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::MessageRepresentativeLength() const
504
  // Coverity finding on potential overflow/underflow.
505
0
  size_t MessageRepresentativeBitLength() const {return SaturatingSubtract(this->GetTrapdoorFunctionBounds().ImageBound().BitCount(),1U);}
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::TF_Base<CryptoPP::RandomizedTrapdoorFunctionInverse, CryptoPP::PK_SignatureMessageEncodingMethod> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::TF_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::TF_Base<CryptoPP::TrapdoorFunction, CryptoPP::PK_SignatureMessageEncodingMethod> >::MessageRepresentativeBitLength() const
506
  virtual HashIdentifier GetHashIdentifier() const =0;
507
  virtual size_t GetDigestSize() const =0;
508
};
509
510
/// \brief Trapdoor Function (TF) Signer base class
511
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_SignerBase : public TF_SignatureSchemeBase<PK_Signer, TF_Base<RandomizedTrapdoorFunctionInverse, PK_SignatureMessageEncodingMethod> >
512
{
513
public:
514
0
  virtual ~TF_SignerBase() {}
515
516
  void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const;
517
  size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const;
518
};
519
520
/// \brief Trapdoor Function (TF) Verifier base class
521
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_VerifierBase : public TF_SignatureSchemeBase<PK_Verifier, TF_Base<TrapdoorFunction, PK_SignatureMessageEncodingMethod> >
522
{
523
public:
524
0
  virtual ~TF_VerifierBase() {}
525
526
  void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const;
527
  bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const;
528
  DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &recoveryAccumulator) const;
529
};
530
531
// ********************************************************
532
533
/// \brief Trapdoor Function (TF) scheme options
534
/// \tparam T1 algorithm info class
535
/// \tparam T2 keys class with public and private key
536
/// \tparam T3 message encoding class
537
template <class T1, class T2, class T3>
538
struct TF_CryptoSchemeOptions
539
{
540
  typedef T1 AlgorithmInfo;
541
  typedef T2 Keys;
542
  typedef typename Keys::PrivateKey PrivateKey;
543
  typedef typename Keys::PublicKey PublicKey;
544
  typedef T3 MessageEncodingMethod;
545
};
546
547
/// \brief Trapdoor Function (TF) signature scheme options
548
/// \tparam T1 algorithm info class
549
/// \tparam T2 keys class with public and private key
550
/// \tparam T3 message encoding class
551
/// \tparam T4 HashTransformation class
552
template <class T1, class T2, class T3, class T4>
553
struct TF_SignatureSchemeOptions : public TF_CryptoSchemeOptions<T1, T2, T3>
554
{
555
  typedef T4 HashFunction;
556
};
557
558
/// \brief Trapdoor Function (TF) base implementation
559
/// \tparam BASE base class
560
/// \tparam SCHEME_OPTIONS scheme options class
561
/// \tparam KEY_CLASS key class
562
template <class BASE, class SCHEME_OPTIONS, class KEY_CLASS>
563
class CRYPTOPP_NO_VTABLE TF_ObjectImplBase : public AlgorithmImpl<BASE, typename SCHEME_OPTIONS::AlgorithmInfo>
564
{
565
public:
566
  typedef SCHEME_OPTIONS SchemeOptions;
567
  typedef KEY_CLASS KeyClass;
568
569
  virtual ~TF_ObjectImplBase() {}
570
571
  PublicKey & AccessPublicKey() {return AccessKey();}
572
  const PublicKey & GetPublicKey() const {return GetKey();}
573
574
  PrivateKey & AccessPrivateKey() {return AccessKey();}
575
  const PrivateKey & GetPrivateKey() const {return GetKey();}
576
577
  virtual const KeyClass & GetKey() const =0;
578
  virtual KeyClass & AccessKey() =0;
579
580
  const KeyClass & GetTrapdoorFunction() const {return GetKey();}
581
582
  PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const
583
  {
584
    CRYPTOPP_UNUSED(rng);
585
    return new PK_MessageAccumulatorImpl<typename SCHEME_OPTIONS::HashFunction>;
586
  }
587
  PK_MessageAccumulator * NewVerificationAccumulator() const
588
  {
589
    return new PK_MessageAccumulatorImpl<typename SCHEME_OPTIONS::HashFunction>;
590
  }
591
592
protected:
593
  const typename BASE::MessageEncodingInterface & GetMessageEncodingInterface() const
594
    {return Singleton<typename SCHEME_OPTIONS::MessageEncodingMethod>().Ref();}
595
  const TrapdoorFunctionBounds & GetTrapdoorFunctionBounds() const
596
    {return GetKey();}
597
  const typename BASE::TrapdoorFunctionInterface & GetTrapdoorFunctionInterface() const
598
    {return GetKey();}
599
600
  // for signature scheme
601
  HashIdentifier GetHashIdentifier() const
602
  {
603
        typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction> L;
604
        return L::Lookup();
605
  }
606
  size_t GetDigestSize() const
607
  {
608
    typedef typename SchemeOptions::HashFunction H;
609
    return H::DIGESTSIZE;
610
  }
611
};
612
613
/// \brief Trapdoor Function (TF) signature with external reference
614
/// \tparam BASE base class
615
/// \tparam SCHEME_OPTIONS scheme options class
616
/// \tparam KEY key class
617
/// \details TF_ObjectImplExtRef() holds a pointer to an external key structure
618
template <class BASE, class SCHEME_OPTIONS, class KEY>
619
class TF_ObjectImplExtRef : public TF_ObjectImplBase<BASE, SCHEME_OPTIONS, KEY>
620
{
621
public:
622
  virtual ~TF_ObjectImplExtRef() {}
623
624
  TF_ObjectImplExtRef(const KEY *pKey = NULLPTR) : m_pKey(pKey) {}
625
  void SetKeyPtr(const KEY *pKey) {m_pKey = pKey;}
626
627
  const KEY & GetKey() const {return *m_pKey;}
628
  KEY & AccessKey() {throw NotImplemented("TF_ObjectImplExtRef: cannot modify refererenced key");}
629
630
private:
631
  const KEY * m_pKey;
632
};
633
634
/// \brief Trapdoor Function (TF) signature scheme options
635
/// \tparam BASE base class
636
/// \tparam SCHEME_OPTIONS scheme options class
637
/// \tparam KEY_CLASS key class
638
/// \details TF_ObjectImpl() holds a reference to a trapdoor function
639
template <class BASE, class SCHEME_OPTIONS, class KEY_CLASS>
640
class CRYPTOPP_NO_VTABLE TF_ObjectImpl : public TF_ObjectImplBase<BASE, SCHEME_OPTIONS, KEY_CLASS>
641
{
642
public:
643
  typedef KEY_CLASS KeyClass;
644
645
  virtual ~TF_ObjectImpl() {}
646
647
  const KeyClass & GetKey() const {return m_trapdoorFunction;}
648
  KeyClass & AccessKey() {return m_trapdoorFunction;}
649
650
private:
651
  KeyClass m_trapdoorFunction;
652
};
653
654
/// \brief Trapdoor Function (TF) decryptor options
655
/// \tparam SCHEME_OPTIONS scheme options class
656
template <class SCHEME_OPTIONS>
657
class TF_DecryptorImpl : public TF_ObjectImpl<TF_DecryptorBase, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PrivateKey>
658
{
659
};
660
661
/// \brief Trapdoor Function (TF) encryptor options
662
/// \tparam SCHEME_OPTIONS scheme options class
663
template <class SCHEME_OPTIONS>
664
class TF_EncryptorImpl : public TF_ObjectImpl<TF_EncryptorBase, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PublicKey>
665
{
666
};
667
668
/// \brief Trapdoor Function (TF) encryptor options
669
/// \tparam SCHEME_OPTIONS scheme options class
670
template <class SCHEME_OPTIONS>
671
class TF_SignerImpl : public TF_ObjectImpl<TF_SignerBase, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PrivateKey>
672
{
673
};
674
675
/// \brief Trapdoor Function (TF) encryptor options
676
/// \tparam SCHEME_OPTIONS scheme options class
677
template <class SCHEME_OPTIONS>
678
class TF_VerifierImpl : public TF_ObjectImpl<TF_VerifierBase, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PublicKey>
679
{
680
};
681
682
// ********************************************************
683
684
/// \brief Mask generation function interface
685
/// \sa P1363_KDF2, P1363_MGF1
686
/// \since Crypto++ 2.0
687
class CRYPTOPP_NO_VTABLE MaskGeneratingFunction
688
{
689
public:
690
0
  virtual ~MaskGeneratingFunction() {}
691
692
  /// \brief Generate and apply mask
693
  /// \param hash HashTransformation derived class
694
  /// \param output the destination byte array
695
  /// \param outputLength the size of the destination byte array
696
  /// \param input the message to hash
697
  /// \param inputLength the size of the message
698
  /// \param mask flag indicating whether to apply the mask
699
  virtual void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask = true) const =0;
700
};
701
702
/// \fn P1363_MGF1KDF2_Common
703
/// \brief P1363 mask generation function
704
/// \param hash HashTransformation derived class
705
/// \param output the destination byte array
706
/// \param outputLength the size of the destination byte array
707
/// \param input the message to hash
708
/// \param inputLength the size of the message
709
/// \param derivationParams additional derivation parameters
710
/// \param derivationParamsLength the size of the additional derivation parameters
711
/// \param mask flag indicating whether to apply the mask
712
/// \param counterStart starting counter value used in generation function
713
CRYPTOPP_DLL void CRYPTOPP_API P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength, bool mask, unsigned int counterStart);
714
715
/// \brief P1363 mask generation function
716
/// \sa P1363_KDF2, MaskGeneratingFunction
717
/// \since Crypto++ 2.0
718
class P1363_MGF1 : public MaskGeneratingFunction
719
{
720
public:
721
  /// \brief The algorithm name
722
  /// \return the algorithm name
723
  /// \details StaticAlgorithmName returns the algorithm's name as a static
724
  ///  member function.
725
0
  CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "MGF1";}
726
727
  /// \brief P1363 mask generation function
728
  /// \param hash HashTransformation derived class
729
  /// \param output the destination byte array
730
  /// \param outputLength the size of the destination byte array
731
  /// \param input the message to hash
732
  /// \param inputLength the size of the message
733
  /// \param mask flag indicating whether to apply the mask
734
  void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask = true) const
735
0
  {
736
0
    P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULLPTR, 0, mask, 0);
737
0
  }
738
};
739
740
// ********************************************************
741
742
/// \brief P1363 key derivation function
743
/// \tparam H hash function used in the derivation
744
/// \sa P1363_MGF1, KeyDerivationFunction, <A
745
///  HREF="https://www.cryptopp.com/wiki/P1363_KDF2">P1363_KDF2</A>
746
///  on the Crypto++ wiki
747
/// \since Crypto++ 2.0
748
template <class H>
749
class P1363_KDF2
750
{
751
public:
752
  /// \brief P1363 key derivation function
753
  /// \param output the destination byte array
754
  /// \param outputLength the size of the destination byte array
755
  /// \param input the message to hash
756
  /// \param inputLength the size of the message
757
  /// \param derivationParams additional derivation parameters
758
  /// \param derivationParamsLength the size of the additional derivation parameters
759
  /// \details DeriveKey calls P1363_MGF1KDF2_Common
760
  static void CRYPTOPP_API DeriveKey(byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength)
761
0
  {
762
0
    H h;
763
0
    P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength, false, 1);
764
0
  }
765
};
766
767
// ********************************************************
768
769
/// \brief Exception thrown when an invalid group element is encountered
770
/// \details Thrown by DecodeElement and AgreeWithStaticPrivateKey
771
class DL_BadElement : public InvalidDataFormat
772
{
773
public:
774
0
  DL_BadElement() : InvalidDataFormat("CryptoPP: invalid group element") {}
775
};
776
777
/// \brief Interface for Discrete Log (DL) group parameters
778
/// \tparam T element in the group
779
/// \details The element is usually an Integer, \ref ECP "ECP::Point" or \ref EC2N "EC2N::Point"
780
template <class T>
781
class CRYPTOPP_NO_VTABLE DL_GroupParameters : public CryptoParameters
782
{
783
  typedef DL_GroupParameters<T> ThisClass;
784
785
public:
786
  typedef T Element;
787
788
30.6k
  virtual ~DL_GroupParameters() {}
CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::~DL_GroupParameters()
Line
Count
Source
788
30.6k
  virtual ~DL_GroupParameters() {}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::~DL_GroupParameters()
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::~DL_GroupParameters()
789
790
30.6k
  DL_GroupParameters() : m_validationLevel(0) {}
CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::DL_GroupParameters()
Line
Count
Source
790
30.6k
  DL_GroupParameters() : m_validationLevel(0) {}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::DL_GroupParameters()
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::DL_GroupParameters()
791
792
  // CryptoMaterial
793
  bool Validate(RandomNumberGenerator &rng, unsigned int level) const
794
0
  {
795
0
    if (!GetBasePrecomputation().IsInitialized())
796
0
      return false;
797
798
0
    if (m_validationLevel > level)
799
0
      return true;
800
801
0
    CRYPTOPP_ASSERT(ValidateGroup(rng, level));
802
0
    bool pass = ValidateGroup(rng, level);
803
0
    CRYPTOPP_ASSERT(ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation()));
804
0
    pass = pass && ValidateElement(level, GetSubgroupGenerator(), &GetBasePrecomputation());
805
806
0
    m_validationLevel = pass ? level+1 : 0;
807
808
0
    return pass;
809
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
810
811
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
812
0
  {
813
0
    return GetValueHelper(this, name, valueType, pValue)
814
0
      CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupOrder)
815
0
      CRYPTOPP_GET_FUNCTION_ENTRY(SubgroupGenerator)
816
0
      ;
817
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
818
819
  /// \brief Determines whether the object supports precomputation
820
  /// \return true if the object supports precomputation, false otherwise
821
  /// \sa Precompute()
822
0
  bool SupportsPrecomputation() const {return true;}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::SupportsPrecomputation() const
823
824
  /// \brief Perform precomputation
825
  /// \param precomputationStorage the suggested number of objects for the precompute table
826
  /// \throw NotImplemented
827
  /// \details The exact semantics of Precompute() varies, but it typically means calculate
828
  ///  a table of n objects that can be used later to speed up computation.
829
  /// \details If a derived class does not override Precompute(), then the base class throws
830
  ///  NotImplemented.
831
  /// \sa SupportsPrecomputation(), LoadPrecomputation(), SavePrecomputation()
832
  void Precompute(unsigned int precomputationStorage=16)
833
0
  {
834
0
    AccessBasePrecomputation().Precompute(GetGroupPrecomputation(), GetSubgroupOrder().BitCount(), precomputationStorage);
835
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::Precompute(unsigned int)
836
837
  /// \brief Retrieve previously saved precomputation
838
  /// \param storedPrecomputation BufferedTransformation with the saved precomputation
839
  /// \throw NotImplemented
840
  /// \sa SupportsPrecomputation(), Precompute()
841
  void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
842
0
  {
843
0
    AccessBasePrecomputation().Load(GetGroupPrecomputation(), storedPrecomputation);
844
0
    m_validationLevel = 0;
845
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::LoadPrecomputation(CryptoPP::BufferedTransformation&)
846
847
  /// \brief Save precomputation for later use
848
  /// \param storedPrecomputation BufferedTransformation to write the precomputation
849
  /// \throw NotImplemented
850
  /// \sa SupportsPrecomputation(), Precompute()
851
  void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
852
0
  {
853
0
    GetBasePrecomputation().Save(GetGroupPrecomputation(), storedPrecomputation);
854
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::SavePrecomputation(CryptoPP::BufferedTransformation&) const
855
856
  /// \brief Retrieves the subgroup generator
857
  /// \return the subgroup generator
858
  /// \details The subgroup generator is retrieved from the base precomputation
859
0
  virtual const Element & GetSubgroupGenerator() const {return GetBasePrecomputation().GetBase(GetGroupPrecomputation());}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::GetSubgroupGenerator() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::GetSubgroupGenerator() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::GetSubgroupGenerator() const
860
861
  /// \brief Sets the subgroup generator
862
  /// \param base the new subgroup generator
863
  /// \details The subgroup generator is set in the base precomputation
864
27.1k
  virtual void SetSubgroupGenerator(const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::SetSubgroupGenerator(CryptoPP::ECPPoint const&)
Line
Count
Source
864
27.1k
  virtual void SetSubgroupGenerator(const Element &base) {AccessBasePrecomputation().SetBase(GetGroupPrecomputation(), base);}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::SetSubgroupGenerator(CryptoPP::Integer const&)
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::SetSubgroupGenerator(CryptoPP::EC2NPoint const&)
865
866
  /// \brief Exponentiates the base
867
  /// \return the element after exponentiation
868
  /// \details ExponentiateBase() calls GetBasePrecomputation() and then exponentiates.
869
  virtual Element ExponentiateBase(const Integer &exponent) const
870
0
  {
871
0
    return GetBasePrecomputation().Exponentiate(GetGroupPrecomputation(), exponent);
872
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::ExponentiateBase(CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::ExponentiateBase(CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::ExponentiateBase(CryptoPP::Integer const&) const
873
874
  /// \brief Exponentiates an element
875
  /// \param base the base element
876
  /// \param exponent the exponent to raise the base
877
  /// \return the result of the exponentiation
878
  /// \details Internally, ExponentiateElement() calls SimultaneousExponentiate().
879
  virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
880
0
  {
881
0
    Element result;
882
0
    SimultaneousExponentiate(&result, base, &exponent, 1);
883
0
    return result;
884
0
  }
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::ExponentiateElement(CryptoPP::ECPPoint const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::ExponentiateElement(CryptoPP::Integer const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::ExponentiateElement(CryptoPP::EC2NPoint const&, CryptoPP::Integer const&) const
885
886
  /// \brief Retrieves the group precomputation
887
  /// \return a const reference to the group precomputation
888
  virtual const DL_GroupPrecomputation<Element> & GetGroupPrecomputation() const =0;
889
890
  /// \brief Retrieves the group precomputation
891
  /// \return a const reference to the group precomputation using a fixed base
892
  virtual const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation() const =0;
893
894
  /// \brief Retrieves the group precomputation
895
  /// \return a non-const reference to the group precomputation using a fixed base
896
  virtual DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() =0;
897
898
  /// \brief Retrieves the subgroup order
899
  /// \return the order of subgroup generated by the base element
900
  virtual const Integer & GetSubgroupOrder() const =0;
901
902
  /// \brief Retrieves the maximum exponent for the group
903
  /// \return the maximum exponent for the group
904
  virtual Integer GetMaxExponent() const =0;
905
906
  /// \brief Retrieves the order of the group
907
  /// \return the order of the group
908
  /// \details Either GetGroupOrder() or GetCofactor() must be overridden in a derived class.
909
0
  virtual Integer GetGroupOrder() const {return GetSubgroupOrder()*GetCofactor();}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::GetGroupOrder() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::GetGroupOrder() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::GetGroupOrder() const
910
911
  /// \brief Retrieves the cofactor
912
  /// \return the cofactor
913
  /// \details Either GetGroupOrder() or GetCofactor() must be overridden in a derived class.
914
0
  virtual Integer GetCofactor() const {return GetGroupOrder()/GetSubgroupOrder();}
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::Integer>::GetCofactor() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint>::GetCofactor() const
Unexecuted instantiation: CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint>::GetCofactor() const
915
916
  /// \brief Retrieves the encoded element's size
917
  /// \param reversible flag indicating the encoding format
918
  /// \return encoded element's size, in bytes
919
  /// \details The format of the encoded element varies by the underlying type of the element and the
920
  ///  reversible flag. GetEncodedElementSize() must be implemented in a derived class.
921
  /// \sa GetEncodedElementSize(), EncodeElement(), DecodeElement()
922
  virtual unsigned int GetEncodedElementSize(bool reversible) const =0;
923
924
  /// \brief Encodes the element
925
  /// \param reversible flag indicating the encoding format
926
  /// \param element reference to the element to encode
927
  /// \param encoded destination byte array for the encoded element
928
  /// \details EncodeElement() must be implemented in a derived class.
929
  /// \pre <tt>COUNTOF(encoded) == GetEncodedElementSize()</tt>
930
  virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0;
931
932
  /// \brief Decodes the element
933
  /// \param encoded byte array with the encoded element
934
  /// \param checkForGroupMembership flag indicating if the element should be validated
935
  /// \return Element after decoding
936
  /// \details DecodeElement() must be implemented in a derived class.
937
  /// \pre <tt>COUNTOF(encoded) == GetEncodedElementSize()</tt>
938
  virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0;
939
940
  /// \brief Converts an element to an Integer
941
  /// \param element the element to convert to an Integer
942
  /// \return Element after converting to an Integer
943
  /// \details ConvertElementToInteger() must be implemented in a derived class.
944
  virtual Integer ConvertElementToInteger(const Element &element) const =0;
945
946
  /// \brief Check the group for errors
947
  /// \param rng RandomNumberGenerator for objects which use randomized testing
948
  /// \param level level of thoroughness
949
  /// \return true if the tests succeed, false otherwise
950
  /// \details There are four levels of thoroughness:
951
  ///  <ul>
952
  ///  <li>0 - using this object won't cause a crash or exception
953
  ///  <li>1 - this object will probably function, and encrypt, sign, other operations correctly
954
  ///  <li>2 - ensure this object will function correctly, and perform reasonable security checks
955
  ///  <li>3 - perform reasonable security checks, and do checks that may take a long time
956
  ///  </ul>
957
  /// \details Level 0 does not require a RandomNumberGenerator. A NullRNG() can be used for level 0.
958
  ///  Level 1 may not check for weak keys and such. Levels 2 and 3 are recommended.
959
  /// \details ValidateGroup() must be implemented in a derived class.
960
  virtual bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const =0;
961
962
  /// \brief Check the element for errors
963
  /// \param level level of thoroughness
964
  /// \param element element to check
965
  /// \param precomp optional pointer to DL_FixedBasePrecomputation
966
  /// \return true if the tests succeed, false otherwise
967
  /// \details There are four levels of thoroughness:
968
  ///  <ul>
969
  ///  <li>0 - using this object won't cause a crash or exception
970
  ///  <li>1 - this object will probably function, and encrypt, sign, other operations correctly
971
  ///  <li>2 - ensure this object will function correctly, and perform reasonable security checks
972
  ///  <li>3 - perform reasonable security checks, and do checks that may take a long time
973
  ///  </ul>
974
  /// \details Level 0 performs group membership checks. Level 1 may not check for weak keys and such.
975
  ///  Levels 2 and 3 are recommended.
976
  /// \details ValidateElement() must be implemented in a derived class.
977
  virtual bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation<Element> *precomp) const =0;
978
979
  virtual bool FastSubgroupCheckAvailable() const =0;
980
981
  /// \brief Determines if an element is an identity
982
  /// \param element element to check
983
  /// \return true if the element is an identity, false otherwise
984
  /// \details The identity element or or neutral element is a special element in a group that leaves
985
  ///  other elements unchanged when combined with it.
986
  /// \details IsIdentity() must be implemented in a derived class.
987
  virtual bool IsIdentity(const Element &element) const =0;
988
989
  /// \brief Exponentiates a base to multiple exponents
990
  /// \param results an array of Elements
991
  /// \param base the base to raise to the exponents
992
  /// \param exponents an array of exponents
993
  /// \param exponentsCount the number of exponents in the array
994
  /// \details SimultaneousExponentiate() raises the base to each exponent in the exponents array and stores the
995
  ///  result at the respective position in the results array.
996
  /// \details SimultaneousExponentiate() must be implemented in a derived class.
997
  /// \pre <tt>COUNTOF(results) == exponentsCount</tt>
998
  /// \pre <tt>COUNTOF(exponents) == exponentsCount</tt>
999
  virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const =0;
1000
1001
protected:
1002
0
  void ParametersChanged() {m_validationLevel = 0;}
1003
1004
private:
1005
  mutable unsigned int m_validationLevel;
1006
};
1007
1008
/// \brief Base implementation of Discrete Log (DL) group parameters
1009
/// \tparam GROUP_PRECOMP group precomputation class
1010
/// \tparam BASE_PRECOMP fixed base precomputation class
1011
/// \tparam BASE class or type of an element
1012
template <class GROUP_PRECOMP, class BASE_PRECOMP = DL_FixedBasePrecomputationImpl<typename GROUP_PRECOMP::Element>, class BASE = DL_GroupParameters<typename GROUP_PRECOMP::Element> >
1013
class DL_GroupParametersImpl : public BASE
1014
{
1015
public:
1016
  typedef GROUP_PRECOMP GroupPrecomputation;
1017
  typedef typename GROUP_PRECOMP::Element Element;
1018
  typedef BASE_PRECOMP BasePrecomputation;
1019
1020
30.6k
  virtual ~DL_GroupParametersImpl() {}
CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::ECP>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::ECPPoint>, CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> >::~DL_GroupParametersImpl()
Line
Count
Source
1020
30.6k
  virtual ~DL_GroupParametersImpl() {}
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::ModExpPrecomputation, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::Integer>, CryptoPP::DL_GroupParameters_IntegerBased>::~DL_GroupParametersImpl()
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::EC2N>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::EC2NPoint>, CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> >::~DL_GroupParametersImpl()
1021
1022
  /// \brief Retrieves the group precomputation
1023
  /// \return a const reference to the group precomputation
1024
27.1k
  const DL_GroupPrecomputation<Element> & GetGroupPrecomputation() const {return m_groupPrecomputation;}
CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::ECP>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::ECPPoint>, CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> >::GetGroupPrecomputation() const
Line
Count
Source
1024
27.1k
  const DL_GroupPrecomputation<Element> & GetGroupPrecomputation() const {return m_groupPrecomputation;}
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::ModExpPrecomputation, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::Integer>, CryptoPP::DL_GroupParameters_IntegerBased>::GetGroupPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::EC2N>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::EC2NPoint>, CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> >::GetGroupPrecomputation() const
1025
1026
  /// \brief Retrieves the group precomputation
1027
  /// \return a const reference to the group precomputation using a fixed base
1028
0
  const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation() const {return m_gpc;}
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::ECP>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::ECPPoint>, CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> >::GetBasePrecomputation() const
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::ModExpPrecomputation, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::Integer>, CryptoPP::DL_GroupParameters_IntegerBased>::GetBasePrecomputation() const
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::EC2N>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::EC2NPoint>, CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> >::GetBasePrecomputation() const
1029
1030
  /// \brief Retrieves the group precomputation
1031
  /// \return a non-const reference to the group precomputation using a fixed base
1032
0
  DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {return m_gpc;}
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::ECP>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::ECPPoint>, CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> >::AccessBasePrecomputation()
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::ModExpPrecomputation, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::Integer>, CryptoPP::DL_GroupParameters_IntegerBased>::AccessBasePrecomputation()
Unexecuted instantiation: CryptoPP::DL_GroupParametersImpl<CryptoPP::EcPrecomputation<CryptoPP::EC2N>, CryptoPP::DL_FixedBasePrecomputationImpl<CryptoPP::EC2NPoint>, CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> >::AccessBasePrecomputation()
1033
1034
protected:
1035
  GROUP_PRECOMP m_groupPrecomputation;
1036
  BASE_PRECOMP m_gpc;
1037
};
1038
1039
/// \brief Base class for a Discrete Log (DL) key
1040
/// \tparam T class or type of an element
1041
/// \details The element is usually an Integer, \ref ECP "ECP::Point" or \ref EC2N "EC2N::Point"
1042
template <class T>
1043
class CRYPTOPP_NO_VTABLE DL_Key
1044
{
1045
public:
1046
2.24k
  virtual ~DL_Key() {}
CryptoPP::DL_Key<CryptoPP::ECPPoint>::~DL_Key()
Line
Count
Source
1046
2.24k
  virtual ~DL_Key() {}
Unexecuted instantiation: CryptoPP::DL_Key<CryptoPP::Integer>::~DL_Key()
Unexecuted instantiation: CryptoPP::DL_Key<CryptoPP::EC2NPoint>::~DL_Key()
1047
1048
  /// \brief Retrieves abstract group parameters
1049
  /// \return a const reference to the group parameters
1050
  virtual const DL_GroupParameters<T> & GetAbstractGroupParameters() const =0;
1051
  /// \brief Retrieves abstract group parameters
1052
  /// \return a non-const reference to the group parameters
1053
  virtual DL_GroupParameters<T> & AccessAbstractGroupParameters() =0;
1054
};
1055
1056
/// \brief Interface for Discrete Log (DL) public keys
1057
template <class T>
1058
class CRYPTOPP_NO_VTABLE DL_PublicKey : public DL_Key<T>
1059
{
1060
  typedef DL_PublicKey<T> ThisClass;
1061
1062
public:
1063
  typedef T Element;
1064
1065
  virtual ~DL_PublicKey();
1066
1067
  /// \brief Get a named value
1068
  /// \param name the name of the object or value to retrieve
1069
  /// \param valueType reference to a variable that receives the value
1070
  /// \param pValue void pointer to a variable that receives the value
1071
  /// \return true if the value was retrieved, false otherwise
1072
  /// \details GetVoidValue() retrieves the value of name if it exists.
1073
  /// \note GetVoidValue() is an internal function and should be implemented
1074
  ///  by derived classes. Users should use one of the other functions instead.
1075
  /// \sa GetValue(), GetValueWithDefault(), GetIntValue(), GetIntValueWithDefault(),
1076
  ///  GetRequiredParameter() and GetRequiredIntParameter()
1077
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
1078
0
  {
1079
0
    return GetValueHelper(this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1080
0
        CRYPTOPP_GET_FUNCTION_ENTRY(PublicElement);
1081
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::GetVoidValue(char const*, std::type_info const&, void*) const
1082
1083
  /// \brief Initialize or reinitialize this key
1084
  /// \param source NameValuePairs to assign
1085
  void AssignFrom(const NameValuePairs &source);
1086
1087
  /// \brief Retrieves the public element
1088
  /// \return the public element
1089
0
  virtual const Element & GetPublicElement() const {return GetPublicPrecomputation().GetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation());}
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::GetPublicElement() const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::GetPublicElement() const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::GetPublicElement() const
1090
1091
  /// \brief Sets the public element
1092
  /// \param y the public element
1093
0
  virtual void SetPublicElement(const Element &y) {AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::SetPublicElement(CryptoPP::ECPPoint const&)
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::SetPublicElement(CryptoPP::Integer const&)
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::SetPublicElement(CryptoPP::EC2NPoint const&)
1094
1095
  /// \brief Exponentiates this element
1096
  /// \param exponent the exponent to raise the base
1097
  /// \return the public element raised to the exponent
1098
  virtual Element ExponentiatePublicElement(const Integer &exponent) const
1099
0
  {
1100
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1101
0
    return GetPublicPrecomputation().Exponentiate(params.GetGroupPrecomputation(), exponent);
1102
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::ExponentiatePublicElement(CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::ExponentiatePublicElement(CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::ExponentiatePublicElement(CryptoPP::Integer const&) const
1103
1104
  /// \brief Exponentiates an element
1105
  /// \param baseExp the first exponent
1106
  /// \param publicExp the second exponent
1107
  /// \return the public element raised to the exponent
1108
  /// \details CascadeExponentiateBaseAndPublicElement raises the public element to
1109
  ///  the base element and precomputation.
1110
  virtual Element CascadeExponentiateBaseAndPublicElement(const Integer &baseExp, const Integer &publicExp) const
1111
0
  {
1112
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1113
0
    return params.GetBasePrecomputation().CascadeExponentiate(params.GetGroupPrecomputation(), baseExp, GetPublicPrecomputation(), publicExp);
1114
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::CascadeExponentiateBaseAndPublicElement(CryptoPP::Integer const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::CascadeExponentiateBaseAndPublicElement(CryptoPP::Integer const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::CascadeExponentiateBaseAndPublicElement(CryptoPP::Integer const&, CryptoPP::Integer const&) const
1115
1116
  /// \brief Accesses the public precomputation
1117
  /// \details GetPublicPrecomputation returns a const reference, while
1118
  ///  AccessPublicPrecomputation returns a non-const reference. Must be
1119
  ///  overridden in derived classes.
1120
  virtual const DL_FixedBasePrecomputation<T> & GetPublicPrecomputation() const =0;
1121
1122
  /// \brief Accesses the public precomputation
1123
  /// \details GetPublicPrecomputation returns a const reference, while
1124
  ///  AccessPublicPrecomputation returns a non-const reference. Must be
1125
  ///  overridden in derived classes.
1126
  virtual DL_FixedBasePrecomputation<T> & AccessPublicPrecomputation() =0;
1127
};
1128
1129
// Out-of-line dtor due to AIX and GCC, http://github.com/weidai11/cryptopp/issues/499
1130
template<class T>
1131
DL_PublicKey<T>::~DL_PublicKey() {}
1132
1133
/// \brief Interface for Discrete Log (DL) private keys
1134
template <class T>
1135
class CRYPTOPP_NO_VTABLE DL_PrivateKey : public DL_Key<T>
1136
{
1137
  typedef DL_PrivateKey<T> ThisClass;
1138
1139
public:
1140
  typedef T Element;
1141
1142
  virtual ~DL_PrivateKey();
1143
1144
  /// \brief Initializes a public key from this key
1145
  /// \param pub reference to a public key
1146
  void MakePublicKey(DL_PublicKey<T> &pub) const
1147
0
  {
1148
0
    pub.AccessAbstractGroupParameters().AssignFrom(this->GetAbstractGroupParameters());
1149
0
    pub.SetPublicElement(this->GetAbstractGroupParameters().ExponentiateBase(GetPrivateExponent()));
1150
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint>::MakePublicKey(CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint>::MakePublicKey(CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::Integer>::MakePublicKey(CryptoPP::DL_PublicKey<CryptoPP::Integer>&) const
1151
1152
  /// \brief Get a named value
1153
  /// \param name the name of the object or value to retrieve
1154
  /// \param valueType reference to a variable that receives the value
1155
  /// \param pValue void pointer to a variable that receives the value
1156
  /// \return true if the value was retrieved, false otherwise
1157
  /// \details GetVoidValue() retrieves the value of name if it exists.
1158
  /// \note GetVoidValue() is an internal function and should be implemented
1159
  ///  by derived classes. Users should use one of the other functions instead.
1160
  /// \sa GetValue(), GetValueWithDefault(), GetIntValue(), GetIntValueWithDefault(),
1161
  ///  GetRequiredParameter() and GetRequiredIntParameter()
1162
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
1163
0
  {
1164
0
    return GetValueHelper(this, name, valueType, pValue, &this->GetAbstractGroupParameters())
1165
0
        CRYPTOPP_GET_FUNCTION_ENTRY(PrivateExponent);
1166
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint>::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::Integer>::GetVoidValue(char const*, std::type_info const&, void*) const
1167
1168
  /// \brief Initialize or reinitialize this key
1169
  /// \param source NameValuePairs to assign
1170
  void AssignFrom(const NameValuePairs &source)
1171
0
  {
1172
0
    this->AccessAbstractGroupParameters().AssignFrom(source);
1173
0
    AssignFromHelper(this, source)
1174
0
      CRYPTOPP_SET_FUNCTION_ENTRY(PrivateExponent);
1175
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint>::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint>::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKey<CryptoPP::Integer>::AssignFrom(CryptoPP::NameValuePairs const&)
1176
1177
  /// \brief Retrieves the private exponent
1178
  /// \return the private exponent
1179
  /// \details Must be overridden in derived classes.
1180
  virtual const Integer & GetPrivateExponent() const =0;
1181
  /// \brief Sets the private exponent
1182
  /// \param x the private exponent
1183
  /// \details Must be overridden in derived classes.
1184
  virtual void SetPrivateExponent(const Integer &x) =0;
1185
};
1186
1187
// Out-of-line dtor due to AIX and GCC, http://github.com/weidai11/cryptopp/issues/499
1188
template<class T>
1189
DL_PrivateKey<T>::~DL_PrivateKey() {}
1190
1191
template <class T>
1192
void DL_PublicKey<T>::AssignFrom(const NameValuePairs &source)
1193
0
{
1194
0
  DL_PrivateKey<T> *pPrivateKey = NULLPTR;
1195
0
  if (source.GetThisPointer(pPrivateKey))
1196
0
    pPrivateKey->MakePublicKey(*this);
1197
0
  else
1198
0
  {
1199
0
    this->AccessAbstractGroupParameters().AssignFrom(source);
1200
0
    AssignFromHelper(this, source)
1201
0
      CRYPTOPP_SET_FUNCTION_ENTRY(PublicElement);
1202
0
  }
1203
0
}
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::ECPPoint>::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint>::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PublicKey<CryptoPP::Integer>::AssignFrom(CryptoPP::NameValuePairs const&)
1204
1205
class OID;
1206
1207
/// \brief Discrete Log (DL) key base implementation
1208
/// \tparam PK Key class
1209
/// \tparam GP GroupParameters class
1210
/// \tparam O OID class
1211
template <class PK, class GP, class O = OID>
1212
class DL_KeyImpl : public PK
1213
{
1214
public:
1215
  typedef GP GroupParameters;
1216
1217
2.24k
  virtual ~DL_KeyImpl() {}
CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::~DL_KeyImpl()
Line
Count
Source
1217
982
  virtual ~DL_KeyImpl() {}
CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::~DL_KeyImpl()
Line
Count
Source
1217
1.26k
  virtual ~DL_KeyImpl() {}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::~DL_KeyImpl()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::~DL_KeyImpl()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::~DL_KeyImpl()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::~DL_KeyImpl()
1218
1219
0
  O GetAlgorithmID() const {return GetGroupParameters().GetAlgorithmID();}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::GetAlgorithmID() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::GetAlgorithmID() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::GetAlgorithmID() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::GetAlgorithmID() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::GetAlgorithmID() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::GetAlgorithmID() const
1220
  bool BERDecodeAlgorithmParameters(BufferedTransformation &bt)
1221
0
    {AccessGroupParameters().BERDecode(bt); return true;}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::BERDecodeAlgorithmParameters(CryptoPP::BufferedTransformation&)
1222
  bool DEREncodeAlgorithmParameters(BufferedTransformation &bt) const
1223
0
    {GetGroupParameters().DEREncode(bt); return true;}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::DEREncodeAlgorithmParameters(CryptoPP::BufferedTransformation&) const
1224
1225
0
  const GP & GetGroupParameters() const {return m_groupParameters;}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::GetGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::GetGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::GetGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::GetGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::GetGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::GetGroupParameters() const
1226
0
  GP & AccessGroupParameters() {return m_groupParameters;}
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::AccessGroupParameters()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP>, CryptoPP::OID>::AccessGroupParameters()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::AccessGroupParameters()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_DSA, CryptoPP::OID>::AccessGroupParameters()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::X509PublicKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::AccessGroupParameters()
Unexecuted instantiation: CryptoPP::DL_KeyImpl<CryptoPP::PKCS8PrivateKey, CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N>, CryptoPP::OID>::AccessGroupParameters()
1227
1228
private:
1229
  GP m_groupParameters;
1230
};
1231
1232
class X509PublicKey;
1233
class PKCS8PrivateKey;
1234
1235
/// \brief Discrete Log (DL) private key base implementation
1236
/// \tparam GP GroupParameters class
1237
template <class GP>
1238
class DL_PrivateKeyImpl : public DL_PrivateKey<typename GP::Element>, public DL_KeyImpl<PKCS8PrivateKey, GP>
1239
{
1240
public:
1241
  typedef typename GP::Element Element;
1242
1243
982
  virtual ~DL_PrivateKeyImpl() {}
CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::~DL_PrivateKeyImpl()
Line
Count
Source
1243
982
  virtual ~DL_PrivateKeyImpl() {}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::~DL_PrivateKeyImpl()
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::~DL_PrivateKeyImpl()
1244
1245
  // GeneratableCryptoMaterial
1246
  bool Validate(RandomNumberGenerator &rng, unsigned int level) const
1247
0
  {
1248
0
    CRYPTOPP_ASSERT(GetAbstractGroupParameters().Validate(rng, level));
1249
0
    bool pass = GetAbstractGroupParameters().Validate(rng, level);
1250
1251
0
    const Integer &q = GetAbstractGroupParameters().GetSubgroupOrder();
1252
0
    const Integer &x = GetPrivateExponent();
1253
1254
0
    CRYPTOPP_ASSERT(x.IsPositive());
1255
0
    CRYPTOPP_ASSERT(x < q);
1256
0
    pass = pass && x.IsPositive() && x < q;
1257
1258
0
    if (level >= 1)
1259
0
    {
1260
0
      CRYPTOPP_ASSERT(Integer::Gcd(x, q) == Integer::One());
1261
0
      pass = pass && Integer::Gcd(x, q) == Integer::One();
1262
0
    }
1263
0
    return pass;
1264
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
1265
1266
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
1267
0
  {
1268
0
    return GetValueHelper<DL_PrivateKey<Element> >(this, name, valueType, pValue).Assignable();
1269
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetVoidValue(char const*, std::type_info const&, void*) const
1270
1271
  void AssignFrom(const NameValuePairs &source)
1272
0
  {
1273
0
    AssignFromHelper<DL_PrivateKey<Element> >(this, source);
1274
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::AssignFrom(CryptoPP::NameValuePairs const&)
1275
1276
  void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &params)
1277
0
  {
1278
0
    if (!params.GetThisObject(this->AccessGroupParameters()))
1279
0
      this->AccessGroupParameters().GenerateRandom(rng, params);
1280
0
    Integer x(rng, Integer::One(), GetAbstractGroupParameters().GetMaxExponent());
1281
0
    SetPrivateExponent(x);
1282
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
1283
1284
0
  bool SupportsPrecomputation() const {return true;}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::SupportsPrecomputation() const
1285
1286
  void Precompute(unsigned int precomputationStorage=16)
1287
0
    {AccessAbstractGroupParameters().Precompute(precomputationStorage);}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::Precompute(unsigned int)
1288
1289
  void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
1290
0
    {AccessAbstractGroupParameters().LoadPrecomputation(storedPrecomputation);}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::LoadPrecomputation(CryptoPP::BufferedTransformation&)
1291
1292
  void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
1293
0
    {GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::SavePrecomputation(CryptoPP::BufferedTransformation&) const
1294
1295
  // DL_Key
1296
0
  const DL_GroupParameters<Element> & GetAbstractGroupParameters() const {return this->GetGroupParameters();}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetAbstractGroupParameters() const
1297
0
  DL_GroupParameters<Element> & AccessAbstractGroupParameters() {return this->AccessGroupParameters();}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::AccessAbstractGroupParameters()
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::AccessAbstractGroupParameters()
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::AccessAbstractGroupParameters()
1298
1299
  // DL_PrivateKey
1300
0
  const Integer & GetPrivateExponent() const {return m_x;}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetPrivateExponent() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetPrivateExponent() const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetPrivateExponent() const
1301
0
  void SetPrivateExponent(const Integer &x) {m_x = x;}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::SetPrivateExponent(CryptoPP::Integer const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::SetPrivateExponent(CryptoPP::Integer const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::SetPrivateExponent(CryptoPP::Integer const&)
1302
1303
  // PKCS8PrivateKey
1304
  void BERDecodePrivateKey(BufferedTransformation &bt, bool, size_t)
1305
0
    {m_x.BERDecode(bt);}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::BERDecodePrivateKey(CryptoPP::BufferedTransformation&, bool, unsigned long)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::BERDecodePrivateKey(CryptoPP::BufferedTransformation&, bool, unsigned long)
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::BERDecodePrivateKey(CryptoPP::BufferedTransformation&, bool, unsigned long)
1306
  void DEREncodePrivateKey(BufferedTransformation &bt) const
1307
0
    {m_x.DEREncode(bt);}
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::DEREncodePrivateKey(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::DEREncodePrivateKey(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PrivateKeyImpl<CryptoPP::DL_GroupParameters_DSA>::DEREncodePrivateKey(CryptoPP::BufferedTransformation&) const
1308
1309
private:
1310
  Integer m_x;
1311
};
1312
1313
template <class BASE, class SIGNATURE_SCHEME>
1314
class DL_PrivateKey_WithSignaturePairwiseConsistencyTest : public BASE
1315
{
1316
public:
1317
982
  virtual ~DL_PrivateKey_WithSignaturePairwiseConsistencyTest() {}
CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> >::~DL_PrivateKey_WithSignaturePairwiseConsistencyTest()
Line
Count
Source
1317
982
  virtual ~DL_PrivateKey_WithSignaturePairwiseConsistencyTest() {}
Unexecuted instantiation: CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> >::~DL_PrivateKey_WithSignaturePairwiseConsistencyTest()
Unexecuted instantiation: CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> >::~DL_PrivateKey_WithSignaturePairwiseConsistencyTest()
1318
1319
  void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &params)
1320
0
  {
1321
0
    BASE::GenerateRandom(rng, params);
1322
1323
0
    if (FIPS_140_2_ComplianceEnabled())
1324
0
    {
1325
0
      typename SIGNATURE_SCHEME::Signer signer(*this);
1326
0
      typename SIGNATURE_SCHEME::Verifier verifier(signer);
1327
0
      SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
1328
0
    }
1329
0
  }
Unexecuted instantiation: CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> >::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> >::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> >::GenerateRandom(CryptoPP::RandomNumberGenerator&, CryptoPP::NameValuePairs const&)
1330
};
1331
1332
/// \brief Discrete Log (DL) public key base implementation
1333
/// \tparam GP GroupParameters class
1334
template <class GP>
1335
class DL_PublicKeyImpl : public DL_PublicKey<typename GP::Element>, public DL_KeyImpl<X509PublicKey, GP>
1336
{
1337
public:
1338
  typedef typename GP::Element Element;
1339
1340
  virtual ~DL_PublicKeyImpl();
1341
1342
  // CryptoMaterial
1343
  bool Validate(RandomNumberGenerator &rng, unsigned int level) const
1344
0
  {
1345
0
    CRYPTOPP_ASSERT(GetAbstractGroupParameters().Validate(rng, level));
1346
0
    bool pass = GetAbstractGroupParameters().Validate(rng, level);
1347
0
    CRYPTOPP_ASSERT(GetAbstractGroupParameters().ValidateElement(level, this->GetPublicElement(), &GetPublicPrecomputation()));
1348
0
    pass = pass && GetAbstractGroupParameters().ValidateElement(level, this->GetPublicElement(), &GetPublicPrecomputation());
1349
0
    return pass;
1350
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::Validate(CryptoPP::RandomNumberGenerator&, unsigned int) const
1351
1352
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
1353
0
  {
1354
0
    return GetValueHelper<DL_PublicKey<Element> >(this, name, valueType, pValue).Assignable();
1355
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetVoidValue(char const*, std::type_info const&, void*) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetVoidValue(char const*, std::type_info const&, void*) const
1356
1357
  void AssignFrom(const NameValuePairs &source)
1358
0
  {
1359
0
    AssignFromHelper<DL_PublicKey<Element> >(this, source);
1360
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::AssignFrom(CryptoPP::NameValuePairs const&)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::AssignFrom(CryptoPP::NameValuePairs const&)
1361
1362
0
  bool SupportsPrecomputation() const {return true;}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::SupportsPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::SupportsPrecomputation() const
1363
1364
  void Precompute(unsigned int precomputationStorage=16)
1365
0
  {
1366
0
    AccessAbstractGroupParameters().Precompute(precomputationStorage);
1367
0
    AccessPublicPrecomputation().Precompute(GetAbstractGroupParameters().GetGroupPrecomputation(), GetAbstractGroupParameters().GetSubgroupOrder().BitCount(), precomputationStorage);
1368
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::Precompute(unsigned int)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::Precompute(unsigned int)
1369
1370
  void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
1371
0
  {
1372
0
    AccessAbstractGroupParameters().LoadPrecomputation(storedPrecomputation);
1373
0
    AccessPublicPrecomputation().Load(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1374
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::LoadPrecomputation(CryptoPP::BufferedTransformation&)
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::LoadPrecomputation(CryptoPP::BufferedTransformation&)
1375
1376
  void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
1377
0
  {
1378
0
    GetAbstractGroupParameters().SavePrecomputation(storedPrecomputation);
1379
0
    GetPublicPrecomputation().Save(GetAbstractGroupParameters().GetGroupPrecomputation(), storedPrecomputation);
1380
0
  }
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::SavePrecomputation(CryptoPP::BufferedTransformation&) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::SavePrecomputation(CryptoPP::BufferedTransformation&) const
1381
1382
  // DL_Key
1383
0
  const DL_GroupParameters<Element> & GetAbstractGroupParameters() const {return this->GetGroupParameters();}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetAbstractGroupParameters() const
1384
0
  DL_GroupParameters<Element> & AccessAbstractGroupParameters() {return this->AccessGroupParameters();}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::AccessAbstractGroupParameters()
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::AccessAbstractGroupParameters()
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::AccessAbstractGroupParameters()
1385
1386
  // DL_PublicKey
1387
0
  const DL_FixedBasePrecomputation<Element> & GetPublicPrecomputation() const {return m_ypc;}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::GetPublicPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::GetPublicPrecomputation() const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::GetPublicPrecomputation() const
1388
0
  DL_FixedBasePrecomputation<Element> & AccessPublicPrecomputation() {return m_ypc;}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::AccessPublicPrecomputation()
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::AccessPublicPrecomputation()
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::AccessPublicPrecomputation()
1389
1390
  // non-inherited
1391
  bool operator==(const DL_PublicKeyImpl<GP> &rhs) const
1392
0
    {return this->GetGroupParameters() == rhs.GetGroupParameters() && this->GetPublicElement() == rhs.GetPublicElement();}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::operator==(CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> > const&) const
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::operator==(CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> > const&) const
1393
1394
private:
1395
  typename GP::BasePrecomputation m_ypc;
1396
};
1397
1398
// Out-of-line dtor due to AIX and GCC, http://github.com/weidai11/cryptopp/issues/499
1399
template<class GP>
1400
1.26k
DL_PublicKeyImpl<GP>::~DL_PublicKeyImpl() {}
CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::ECP> >::~DL_PublicKeyImpl()
Line
Count
Source
1400
1.26k
DL_PublicKeyImpl<GP>::~DL_PublicKeyImpl() {}
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_EC<CryptoPP::EC2N> >::~DL_PublicKeyImpl()
Unexecuted instantiation: CryptoPP::DL_PublicKeyImpl<CryptoPP::DL_GroupParameters_DSA>::~DL_PublicKeyImpl()
1401
1402
/// \brief Interface for Elgamal-like signature algorithms
1403
/// \tparam T Field element type or class
1404
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1405
template <class T>
1406
class CRYPTOPP_NO_VTABLE DL_ElgamalLikeSignatureAlgorithm
1407
{
1408
public:
1409
0
  virtual ~DL_ElgamalLikeSignatureAlgorithm() {}
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::Integer>::~DL_ElgamalLikeSignatureAlgorithm()
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::ECPPoint>::~DL_ElgamalLikeSignatureAlgorithm()
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::EC2NPoint>::~DL_ElgamalLikeSignatureAlgorithm()
1410
1411
  /// \brief Sign a message using a private key
1412
  /// \param params GroupParameters
1413
  /// \param privateKey private key
1414
  /// \param k signing exponent
1415
  /// \param e encoded message
1416
  /// \param r r part of signature
1417
  /// \param s s part of signature
1418
  virtual void Sign(const DL_GroupParameters<T> &params, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0;
1419
1420
  /// \brief Verify a message using a public key
1421
  /// \param params GroupParameters
1422
  /// \param publicKey public key
1423
  /// \param e encoded message
1424
  /// \param r r part of signature
1425
  /// \param s s part of signature
1426
  virtual bool Verify(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0;
1427
1428
  /// \brief Recover a Presignature
1429
  /// \param params GroupParameters
1430
  /// \param publicKey public key
1431
  /// \param r r part of signature
1432
  /// \param s s part of signature
1433
  virtual Integer RecoverPresignature(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &r, const Integer &s) const
1434
0
  {
1435
0
    CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s);
1436
0
    throw NotImplemented("DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");
1437
0
    MAYBE_RETURN(Integer::Zero());
1438
0
  }
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::Integer>::RecoverPresignature(CryptoPP::DL_GroupParameters<CryptoPP::Integer> const&, CryptoPP::DL_PublicKey<CryptoPP::Integer> const&, CryptoPP::Integer const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::ECPPoint>::RecoverPresignature(CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> const&, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> const&, CryptoPP::Integer const&, CryptoPP::Integer const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::EC2NPoint>::RecoverPresignature(CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> const&, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> const&, CryptoPP::Integer const&, CryptoPP::Integer const&) const
1439
1440
  /// \brief Retrieve R length
1441
  /// \param params GroupParameters
1442
  virtual size_t RLen(const DL_GroupParameters<T> &params) const
1443
0
    {return params.GetSubgroupOrder().ByteCount();}
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::Integer>::RLen(CryptoPP::DL_GroupParameters<CryptoPP::Integer> const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::ECPPoint>::RLen(CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::EC2NPoint>::RLen(CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> const&) const
1444
1445
  /// \brief Retrieve S length
1446
  /// \param params GroupParameters
1447
  virtual size_t SLen(const DL_GroupParameters<T> &params) const
1448
0
    {return params.GetSubgroupOrder().ByteCount();}
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::Integer>::SLen(CryptoPP::DL_GroupParameters<CryptoPP::Integer> const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::ECPPoint>::SLen(CryptoPP::DL_GroupParameters<CryptoPP::ECPPoint> const&) const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::EC2NPoint>::SLen(CryptoPP::DL_GroupParameters<CryptoPP::EC2NPoint> const&) const
1449
1450
  /// \brief Signature scheme flag
1451
  /// \return true if the signature scheme is deterministic, false otherwise
1452
  /// \details IsDeterministic() is provided for DL signers. It is used by RFC 6979 signature schemes.
1453
  virtual bool IsDeterministic() const
1454
0
    {return false;}
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::Integer>::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::ECPPoint>::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_ElgamalLikeSignatureAlgorithm<CryptoPP::EC2NPoint>::IsDeterministic() const
1455
};
1456
1457
/// \brief Interface for deterministic signers
1458
/// \details RFC 6979 signers which generate k based on the encoded message and private key
1459
class CRYPTOPP_NO_VTABLE DeterministicSignatureAlgorithm
1460
{
1461
public:
1462
0
  virtual ~DeterministicSignatureAlgorithm() {}
1463
1464
  /// \brief Generate k
1465
  /// \param x private key
1466
  /// \param q subgroup generator
1467
  /// \param e encoded message
1468
  virtual Integer GenerateRandom(const Integer &x, const Integer &q, const Integer &e) const =0;
1469
};
1470
1471
/// \brief Interface for DL key agreement algorithms
1472
/// \tparam T Field element type or class
1473
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1474
/// \sa DLIES, ECIES, ECIES_P1363
1475
template <class T>
1476
class CRYPTOPP_NO_VTABLE DL_KeyAgreementAlgorithm
1477
{
1478
public:
1479
  typedef T Element;
1480
1481
0
  virtual ~DL_KeyAgreementAlgorithm() {}
1482
1483
  virtual Element AgreeWithEphemeralPrivateKey(const DL_GroupParameters<Element> &params, const DL_FixedBasePrecomputation<Element> &publicPrecomputation, const Integer &privateExponent) const =0;
1484
  virtual Element AgreeWithStaticPrivateKey(const DL_GroupParameters<Element> &params, const Element &publicElement, bool validateOtherPublicKey, const Integer &privateExponent) const =0;
1485
};
1486
1487
/// \brief Interface for key derivation algorithms used in DL cryptosystems
1488
/// \tparam T Field element type or class
1489
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1490
/// \sa DLIES, ECIES, ECIES_P1363
1491
template <class T>
1492
class CRYPTOPP_NO_VTABLE DL_KeyDerivationAlgorithm
1493
{
1494
public:
1495
  virtual ~DL_KeyDerivationAlgorithm() {}
1496
1497
  virtual bool ParameterSupported(const char *name) const
1498
    {CRYPTOPP_UNUSED(name); return false;}
1499
  virtual void Derive(const DL_GroupParameters<T> &groupParams, byte *derivedKey, size_t derivedLength, const T &agreedElement, const T &ephemeralPublicKey, const NameValuePairs &derivationParams) const =0;
1500
};
1501
1502
/// \brief Interface for symmetric encryption algorithms used in DL cryptosystems
1503
/// \sa DLIES, ECIES, ECIES_P1363
1504
class CRYPTOPP_NO_VTABLE DL_SymmetricEncryptionAlgorithm
1505
{
1506
public:
1507
0
  virtual ~DL_SymmetricEncryptionAlgorithm() {}
1508
1509
  virtual bool ParameterSupported(const char *name) const
1510
0
    {CRYPTOPP_UNUSED(name); return false;}
1511
  virtual size_t GetSymmetricKeyLength(size_t plaintextLength) const =0;
1512
  virtual size_t GetSymmetricCiphertextLength(size_t plaintextLength) const =0;
1513
  virtual size_t GetMaxSymmetricPlaintextLength(size_t ciphertextLength) const =0;
1514
  virtual void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const =0;
1515
  virtual DecodingResult SymmetricDecrypt(const byte *key, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const =0;
1516
};
1517
1518
/// \brief Discrete Log (DL) base interface
1519
/// \tparam KI public or private key interface
1520
template <class KI>
1521
class CRYPTOPP_NO_VTABLE DL_Base
1522
{
1523
protected:
1524
  typedef KI KeyInterface;
1525
  typedef typename KI::Element Element;
1526
1527
0
  virtual ~DL_Base() {}
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::Integer> >::~DL_Base()
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::~DL_Base()
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::~DL_Base()
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::~DL_Base()
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::~DL_Base()
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::~DL_Base()
1528
1529
0
  const DL_GroupParameters<Element> & GetAbstractGroupParameters() const {return GetKeyInterface().GetAbstractGroupParameters();}
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::Integer> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::GetAbstractGroupParameters() const
Unexecuted instantiation: CryptoPP::DL_Base<CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::GetAbstractGroupParameters() const
1530
  DL_GroupParameters<Element> & AccessAbstractGroupParameters() {return AccessKeyInterface().AccessAbstractGroupParameters();}
1531
1532
  virtual KeyInterface & AccessKeyInterface() =0;
1533
  virtual const KeyInterface & GetKeyInterface() const =0;
1534
};
1535
1536
/// \brief Discrete Log (DL) signature scheme base implementation
1537
/// \tparam INTFACE PK_Signer or PK_Verifier derived class
1538
/// \tparam KEY_INTFACE DL_Base key base used in the scheme
1539
/// \details DL_SignatureSchemeBase provides common functions for signers and verifiers.
1540
///  DL_Base<DL_PrivateKey> is used for signers, and DL_Base<DL_PublicKey> is used for verifiers.
1541
template <class INTFACE, class KEY_INTFACE>
1542
class CRYPTOPP_NO_VTABLE DL_SignatureSchemeBase : public INTFACE, public DL_Base<KEY_INTFACE>
1543
{
1544
public:
1545
0
  virtual ~DL_SignatureSchemeBase() {}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::~DL_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::~DL_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::~DL_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::~DL_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::~DL_SignatureSchemeBase()
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::~DL_SignatureSchemeBase()
1546
1547
  /// \brief Provides the signature length
1548
  /// \return signature length, in bytes
1549
  /// \details SignatureLength returns the size required for <tt>r+s</tt>.
1550
  size_t SignatureLength() const
1551
0
  {
1552
0
    return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
1553
0
      + GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
1554
0
  }
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::SignatureLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::SignatureLength() const
1555
1556
  /// \brief Provides the maximum recoverable length
1557
  /// \return maximum recoverable length, in bytes
1558
  size_t MaxRecoverableLength() const
1559
0
    {return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::MaxRecoverableLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::MaxRecoverableLength() const
1560
1561
  /// \brief Provides the maximum recoverable length
1562
  /// \param signatureLength the size of the signature
1563
  /// \return maximum recoverable length based on signature length, in bytes
1564
  /// \details this function is not implemented and always returns 0.
1565
  size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
1566
0
    {CRYPTOPP_UNUSED(signatureLength); CRYPTOPP_ASSERT(false); return 0;}  // TODO
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::MaxRecoverableLengthFromSignatureLength(unsigned long) const
1567
1568
  /// \brief Determines if the scheme is probabilistic
1569
  /// \return true if the scheme is probabilistic, false otherwise
1570
  bool IsProbabilistic() const
1571
0
    {return true;}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::IsProbabilistic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::IsProbabilistic() const
1572
1573
  /// \brief Determines if the scheme has non-recoverable part
1574
  /// \return true if the message encoding has a non-recoverable part, false otherwise.
1575
  bool AllowNonrecoverablePart() const
1576
0
    {return GetMessageEncodingInterface().AllowNonrecoverablePart();}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::AllowNonrecoverablePart() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::AllowNonrecoverablePart() const
1577
1578
  /// \brief Determines if the scheme allows recoverable part first
1579
  /// \return true if the message encoding allows the recoverable part, false otherwise.
1580
  bool RecoverablePartFirst() const
1581
0
    {return GetMessageEncodingInterface().RecoverablePartFirst();}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::RecoverablePartFirst() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::RecoverablePartFirst() const
1582
1583
protected:
1584
0
  size_t MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::MessageRepresentativeLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::MessageRepresentativeLength() const
1585
0
  size_t MessageRepresentativeBitLength() const {return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::MessageRepresentativeBitLength() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::MessageRepresentativeBitLength() const
1586
1587
  // true if the scheme conforms to RFC 6979
1588
0
  virtual bool IsDeterministic() const {return false;}
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::Integer> >::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::Integer> >::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::ECPPoint> >::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::ECPPoint> >::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Verifier, CryptoPP::DL_PublicKey<CryptoPP::EC2NPoint> >::IsDeterministic() const
Unexecuted instantiation: CryptoPP::DL_SignatureSchemeBase<CryptoPP::PK_Signer, CryptoPP::DL_PrivateKey<CryptoPP::EC2NPoint> >::IsDeterministic() const
1589
1590
  virtual const DL_ElgamalLikeSignatureAlgorithm<typename KEY_INTFACE::Element> & GetSignatureAlgorithm() const =0;
1591
  virtual const PK_SignatureMessageEncodingMethod & GetMessageEncodingInterface() const =0;
1592
  virtual HashIdentifier GetHashIdentifier() const =0;
1593
  virtual size_t GetDigestSize() const =0;
1594
};
1595
1596
/// \brief Discrete Log (DL) signature scheme signer base implementation
1597
/// \tparam T Field element type or class
1598
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1599
template <class T>
1600
class CRYPTOPP_NO_VTABLE DL_SignerBase : public DL_SignatureSchemeBase<PK_Signer, DL_PrivateKey<T> >
1601
{
1602
public:
1603
  virtual ~DL_SignerBase() {}
1604
1605
  /// \brief Testing interface
1606
  /// \param k Integer
1607
  /// \param e Integer
1608
  /// \param r Integer
1609
  /// \param s Integer
1610
  void RawSign(const Integer &k, const Integer &e, Integer &r, Integer &s) const
1611
  {
1612
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1613
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1614
    const DL_PrivateKey<T> &key = this->GetKeyInterface();
1615
1616
    r = params.ConvertElementToInteger(params.ExponentiateBase(k));
1617
    alg.Sign(params, key.GetPrivateExponent(), k, e, r, s);
1618
  }
1619
1620
  void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
1621
0
  {
1622
0
    PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
1623
0
    ma.m_recoverableMessage.Assign(recoverableMessage, recoverableMessageLength);
1624
0
    this->GetMessageEncodingInterface().ProcessRecoverableMessage(ma.AccessHash(),
1625
0
      recoverableMessage, recoverableMessageLength,
1626
0
      ma.m_presignature, ma.m_presignature.size(),
1627
0
      ma.m_semisignature);
1628
0
  }
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::Integer>::InputRecoverableMessage(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>::InputRecoverableMessage(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>::InputRecoverableMessage(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
1629
1630
  size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
1631
0
  {
1632
0
    this->GetMaterial().DoQuickSanityCheck();
1633
1634
0
    PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
1635
0
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1636
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1637
0
    const DL_PrivateKey<T> &key = this->GetKeyInterface();
1638
1639
0
    SecByteBlock representative(this->MessageRepresentativeLength());
1640
0
    this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1641
0
      rng,
1642
0
      ma.m_recoverableMessage, ma.m_recoverableMessage.size(),
1643
0
      ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1644
0
      representative, this->MessageRepresentativeBitLength());
1645
0
    ma.m_empty = true;
1646
0
    Integer e(representative, representative.size());
1647
1648
    // hash message digest into random number k to prevent reusing the same k on
1649
    // different messages after virtual machine rollback
1650
0
    if (rng.CanIncorporateEntropy())
1651
0
      rng.IncorporateEntropy(representative, representative.size());
1652
1653
0
    Integer k, ks;
1654
0
    const Integer& q = params.GetSubgroupOrder();
1655
0
    if (alg.IsDeterministic())
1656
0
    {
1657
0
      const Integer& x = key.GetPrivateExponent();
1658
0
      const DeterministicSignatureAlgorithm& det = dynamic_cast<const DeterministicSignatureAlgorithm&>(alg);
1659
0
      k = det.GenerateRandom(x, q, e);
1660
0
    }
1661
0
    else
1662
0
    {
1663
0
      k.Randomize(rng, 1, params.GetSubgroupOrder()-1);
1664
0
    }
1665
1666
    // Due to timing attack on nonce length by Jancar
1667
    // https://github.com/weidai11/cryptopp/issues/869
1668
0
    ks = k + q;
1669
0
    if (ks.BitCount() == q.BitCount()) {
1670
0
      ks += q;
1671
0
    }
1672
1673
0
    Integer r, s;
1674
0
    r = params.ConvertElementToInteger(params.ExponentiateBase(ks));
1675
0
    alg.Sign(params, key.GetPrivateExponent(), k, e, r, s);
1676
1677
    /*
1678
    Integer r, s;
1679
    if (this->MaxRecoverableLength() > 0)
1680
      r.Decode(ma.m_semisignature, ma.m_semisignature.size());
1681
    else
1682
      r.Decode(ma.m_presignature, ma.m_presignature.size());
1683
    alg.Sign(params, key.GetPrivateExponent(), ma.m_k, e, r, s);
1684
    */
1685
1686
0
    const size_t rLen = alg.RLen(params);
1687
0
    r.Encode(signature, rLen);
1688
0
    s.Encode(signature+rLen, alg.SLen(params));
1689
1690
0
    if (restart)
1691
0
      RestartMessageAccumulator(rng, ma);
1692
1693
0
    return this->SignatureLength();
1694
0
  }
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::Integer>::SignAndRestart(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulator&, unsigned char*, bool) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>::SignAndRestart(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulator&, unsigned char*, bool) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>::SignAndRestart(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulator&, unsigned char*, bool) const
1695
1696
protected:
1697
  void RestartMessageAccumulator(RandomNumberGenerator &rng, PK_MessageAccumulatorBase &ma) const
1698
0
  {
1699
    // k needs to be generated before hashing for signature schemes with recovery
1700
    // but to defend against VM rollbacks we need to generate k after hashing.
1701
    // so this code is commented out, since no DL-based signature scheme with recovery
1702
    // has been implemented in Crypto++ anyway
1703
    /*
1704
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1705
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1706
    ma.m_k.Randomize(rng, 1, params.GetSubgroupOrder()-1);
1707
    ma.m_presignature.New(params.GetEncodedElementSize(false));
1708
    params.ConvertElementToInteger(params.ExponentiateBase(ma.m_k)).Encode(ma.m_presignature, ma.m_presignature.size());
1709
    */
1710
0
    CRYPTOPP_UNUSED(rng); CRYPTOPP_UNUSED(ma);
1711
0
  }
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::Integer>::RestartMessageAccumulator(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulatorBase&) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>::RestartMessageAccumulator(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulatorBase&) const
Unexecuted instantiation: CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>::RestartMessageAccumulator(CryptoPP::RandomNumberGenerator&, CryptoPP::PK_MessageAccumulatorBase&) const
1712
};
1713
1714
/// \brief Discret Log (DL) Verifier base class
1715
/// \tparam T Field element type or class
1716
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1717
template <class T>
1718
class CRYPTOPP_NO_VTABLE DL_VerifierBase : public DL_SignatureSchemeBase<PK_Verifier, DL_PublicKey<T> >
1719
{
1720
public:
1721
  virtual ~DL_VerifierBase() {}
1722
1723
  void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
1724
0
  {
1725
0
    PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
1726
0
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1727
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1728
1729
    // Validation due to https://github.com/weidai11/cryptopp/issues/981
1730
    // We allow a caller to provide R and S in oversized buffer. R and S
1731
    // are read based on the field element size, and not the buffer size.
1732
0
    const size_t rLen = alg.RLen(params);
1733
0
    const size_t sLen = alg.SLen(params);
1734
0
    CRYPTOPP_ASSERT(signatureLength >= rLen + sLen);
1735
0
    if (signatureLength < rLen + sLen)
1736
0
      throw InvalidDataFormat("DL_VerifierBase: signature length is not valid.");
1737
1738
0
    ma.m_semisignature.Assign(signature, rLen);
1739
0
    ma.m_s.Decode(signature+rLen, sLen);
1740
1741
0
    this->GetMessageEncodingInterface().ProcessSemisignature(ma.AccessHash(), ma.m_semisignature, ma.m_semisignature.size());
1742
0
  }
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::Integer>::InputSignature(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>::InputSignature(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>::InputSignature(CryptoPP::PK_MessageAccumulator&, unsigned char const*, unsigned long) const
1743
1744
  bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
1745
0
  {
1746
0
    this->GetMaterial().DoQuickSanityCheck();
1747
1748
0
    PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
1749
0
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1750
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1751
0
    const DL_PublicKey<T> &key = this->GetKeyInterface();
1752
1753
0
    SecByteBlock representative(this->MessageRepresentativeLength());
1754
0
    this->GetMessageEncodingInterface().ComputeMessageRepresentative(NullRNG(), ma.m_recoverableMessage, ma.m_recoverableMessage.size(),
1755
0
      ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1756
0
      representative, this->MessageRepresentativeBitLength());
1757
0
    ma.m_empty = true;
1758
0
    Integer e(representative, representative.size());
1759
1760
0
    Integer r(ma.m_semisignature, ma.m_semisignature.size());
1761
0
    return alg.Verify(params, key, e, r, ma.m_s);
1762
0
  }
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::Integer>::VerifyAndRestart(CryptoPP::PK_MessageAccumulator&) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>::VerifyAndRestart(CryptoPP::PK_MessageAccumulator&) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>::VerifyAndRestart(CryptoPP::PK_MessageAccumulator&) const
1763
1764
  DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
1765
0
  {
1766
0
    this->GetMaterial().DoQuickSanityCheck();
1767
1768
0
    PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
1769
0
    const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
1770
0
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1771
0
    const DL_PublicKey<T> &key = this->GetKeyInterface();
1772
1773
0
    SecByteBlock representative(this->MessageRepresentativeLength());
1774
0
    this->GetMessageEncodingInterface().ComputeMessageRepresentative(
1775
0
      NullRNG(),
1776
0
      ma.m_recoverableMessage, ma.m_recoverableMessage.size(),
1777
0
      ma.AccessHash(), this->GetHashIdentifier(), ma.m_empty,
1778
0
      representative, this->MessageRepresentativeBitLength());
1779
0
    ma.m_empty = true;
1780
0
    Integer e(representative, representative.size());
1781
1782
0
    ma.m_presignature.New(params.GetEncodedElementSize(false));
1783
0
    Integer r(ma.m_semisignature, ma.m_semisignature.size());
1784
0
    alg.RecoverPresignature(params, key, r, ma.m_s).Encode(ma.m_presignature, ma.m_presignature.size());
1785
1786
0
    return this->GetMessageEncodingInterface().RecoverMessageFromSemisignature(
1787
0
      ma.AccessHash(), this->GetHashIdentifier(),
1788
0
      ma.m_presignature, ma.m_presignature.size(),
1789
0
      ma.m_semisignature, ma.m_semisignature.size(),
1790
0
      recoveredMessage);
1791
0
  }
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::Integer>::RecoverAndRestart(unsigned char*, CryptoPP::PK_MessageAccumulator&) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>::RecoverAndRestart(unsigned char*, CryptoPP::PK_MessageAccumulator&) const
Unexecuted instantiation: CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>::RecoverAndRestart(unsigned char*, CryptoPP::PK_MessageAccumulator&) const
1792
};
1793
1794
/// \brief Discrete Log (DL) cryptosystem base implementation
1795
/// \tparam PK field element type
1796
/// \tparam KI public or private key interface
1797
template <class PK, class KI>
1798
class CRYPTOPP_NO_VTABLE DL_CryptoSystemBase : public PK, public DL_Base<KI>
1799
{
1800
public:
1801
  typedef typename DL_Base<KI>::Element Element;
1802
1803
  virtual ~DL_CryptoSystemBase() {}
1804
1805
  size_t MaxPlaintextLength(size_t ciphertextLength) const
1806
  {
1807
    unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(true);
1808
    return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
1809
  }
1810
1811
  size_t CiphertextLength(size_t plaintextLength) const
1812
  {
1813
    size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
1814
    return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(true) + len;
1815
  }
1816
1817
  bool ParameterSupported(const char *name) const
1818
    {return GetKeyDerivationAlgorithm().ParameterSupported(name) || GetSymmetricEncryptionAlgorithm().ParameterSupported(name);}
1819
1820
protected:
1821
  virtual const DL_KeyAgreementAlgorithm<Element> & GetKeyAgreementAlgorithm() const =0;
1822
  virtual const DL_KeyDerivationAlgorithm<Element> & GetKeyDerivationAlgorithm() const =0;
1823
  virtual const DL_SymmetricEncryptionAlgorithm & GetSymmetricEncryptionAlgorithm() const =0;
1824
};
1825
1826
/// \brief Discrete Log (DL) decryptor base implementation
1827
/// \tparam T Field element type or class
1828
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1829
template <class T>
1830
class CRYPTOPP_NO_VTABLE DL_DecryptorBase : public DL_CryptoSystemBase<PK_Decryptor, DL_PrivateKey<T> >
1831
{
1832
public:
1833
  typedef T Element;
1834
1835
  virtual ~DL_DecryptorBase() {}
1836
1837
  DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const
1838
  {
1839
    try
1840
    {
1841
      CRYPTOPP_UNUSED(rng);
1842
      const DL_KeyAgreementAlgorithm<T> &agreeAlg = this->GetKeyAgreementAlgorithm();
1843
      const DL_KeyDerivationAlgorithm<T> &derivAlg = this->GetKeyDerivationAlgorithm();
1844
      const DL_SymmetricEncryptionAlgorithm &encAlg = this->GetSymmetricEncryptionAlgorithm();
1845
      const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1846
      const DL_PrivateKey<T> &key = this->GetKeyInterface();
1847
1848
      Element q = params.DecodeElement(ciphertext, true);
1849
      size_t elementSize = params.GetEncodedElementSize(true);
1850
      ciphertext += elementSize;
1851
      ciphertextLength -= elementSize;
1852
1853
      Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, key.GetPrivateExponent());
1854
1855
      SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
1856
      derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
1857
1858
      return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
1859
    }
1860
    catch (DL_BadElement &)
1861
    {
1862
      return DecodingResult();
1863
    }
1864
  }
1865
};
1866
1867
/// \brief Discrete Log (DL) encryptor base implementation
1868
/// \tparam T Field element type or class
1869
/// \details Field element <tt>T</tt> can be Integer, ECP or EC2N.
1870
template <class T>
1871
class CRYPTOPP_NO_VTABLE DL_EncryptorBase : public DL_CryptoSystemBase<PK_Encryptor, DL_PublicKey<T> >
1872
{
1873
public:
1874
  typedef T Element;
1875
1876
  virtual ~DL_EncryptorBase() {}
1877
1878
  void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const
1879
  {
1880
    const DL_KeyAgreementAlgorithm<T> &agreeAlg = this->GetKeyAgreementAlgorithm();
1881
    const DL_KeyDerivationAlgorithm<T> &derivAlg = this->GetKeyDerivationAlgorithm();
1882
    const DL_SymmetricEncryptionAlgorithm &encAlg = this->GetSymmetricEncryptionAlgorithm();
1883
    const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
1884
    const DL_PublicKey<T> &key = this->GetKeyInterface();
1885
1886
    Integer x(rng, Integer::One(), params.GetMaxExponent());
1887
    Element q = params.ExponentiateBase(x);
1888
    params.EncodeElement(true, q, ciphertext);
1889
    unsigned int elementSize = params.GetEncodedElementSize(true);
1890
    ciphertext += elementSize;
1891
1892
    Element z = agreeAlg.AgreeWithEphemeralPrivateKey(params, key.GetPublicPrecomputation(), x);
1893
1894
    SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(plaintextLength));
1895
    derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
1896
1897
    encAlg.SymmetricEncrypt(rng, derivedKey, plaintext, plaintextLength, ciphertext, parameters);
1898
  }
1899
};
1900
1901
/// \brief Discrete Log (DL) scheme options
1902
/// \tparam T1 algorithm information
1903
/// \tparam T2 group parameters for the scheme
1904
template <class T1, class T2>
1905
struct DL_SchemeOptionsBase
1906
{
1907
  typedef T1 AlgorithmInfo;
1908
  typedef T2 GroupParameters;
1909
  typedef typename GroupParameters::Element Element;
1910
};
1911
1912
/// \brief Discrete Log (DL) key options
1913
/// \tparam T1 algorithm information
1914
/// \tparam T2 keys used in the scheme
1915
template <class T1, class T2>
1916
struct DL_KeyedSchemeOptions : public DL_SchemeOptionsBase<T1, typename T2::PublicKey::GroupParameters>
1917
{
1918
  typedef T2 Keys;
1919
  typedef typename Keys::PrivateKey PrivateKey;
1920
  typedef typename Keys::PublicKey PublicKey;
1921
};
1922
1923
/// \brief Discrete Log (DL) signature scheme options
1924
/// \tparam T1 algorithm information
1925
/// \tparam T2 keys used in the scheme
1926
/// \tparam T3 signature algorithm
1927
/// \tparam T4 message encoding method
1928
/// \tparam T5 hash function
1929
template <class T1, class T2, class T3, class T4, class T5>
1930
struct DL_SignatureSchemeOptions : public DL_KeyedSchemeOptions<T1, T2>
1931
{
1932
  typedef T3 SignatureAlgorithm;
1933
  typedef T4 MessageEncodingMethod;
1934
  typedef T5 HashFunction;
1935
};
1936
1937
/// \brief Discrete Log (DL) crypto scheme options
1938
/// \tparam T1 algorithm information
1939
/// \tparam T2 keys used in the scheme
1940
/// \tparam T3 key agreement algorithm
1941
/// \tparam T4 key derivation algorithm
1942
/// \tparam T5 symmetric encryption algorithm
1943
template <class T1, class T2, class T3, class T4, class T5>
1944
struct DL_CryptoSchemeOptions : public DL_KeyedSchemeOptions<T1, T2>
1945
{
1946
  typedef T3 KeyAgreementAlgorithm;
1947
  typedef T4 KeyDerivationAlgorithm;
1948
  typedef T5 SymmetricEncryptionAlgorithm;
1949
};
1950
1951
/// \brief Discrete Log (DL) base object implementation
1952
/// \tparam BASE TODO
1953
/// \tparam SCHEME_OPTIONS options for the scheme
1954
/// \tparam KEY key used in the scheme
1955
template <class BASE, class SCHEME_OPTIONS, class KEY>
1956
class CRYPTOPP_NO_VTABLE DL_ObjectImplBase : public AlgorithmImpl<BASE, typename SCHEME_OPTIONS::AlgorithmInfo>
1957
{
1958
public:
1959
  typedef SCHEME_OPTIONS SchemeOptions;
1960
  typedef typename KEY::Element Element;
1961
1962
0
  virtual ~DL_ObjectImplBase() {}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::~DL_ObjectImplBase()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::~DL_ObjectImplBase()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::~DL_ObjectImplBase()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::~DL_ObjectImplBase()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::~DL_ObjectImplBase()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::~DL_ObjectImplBase()
1963
1964
0
  PrivateKey & AccessPrivateKey() {return m_key;}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::AccessPrivateKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::AccessPrivateKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::AccessPrivateKey()
1965
0
  PublicKey & AccessPublicKey() {return m_key;}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::AccessPublicKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::AccessPublicKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::AccessPublicKey()
1966
1967
  // KeyAccessor
1968
  const KEY & GetKey() const {return m_key;}
1969
0
  KEY & AccessKey() {return m_key;}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::AccessKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::AccessKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::AccessKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::AccessKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::AccessKey()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::AccessKey()
1970
1971
protected:
1972
0
  typename BASE::KeyInterface & AccessKeyInterface() {return m_key;}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::AccessKeyInterface()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::AccessKeyInterface()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::AccessKeyInterface()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::AccessKeyInterface()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::AccessKeyInterface()
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::AccessKeyInterface()
1973
0
  const typename BASE::KeyInterface & GetKeyInterface() const {return m_key;}
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetKeyInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetKeyInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetKeyInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetKeyInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetKeyInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetKeyInterface() const
1974
1975
  // for signature scheme
1976
  HashIdentifier GetHashIdentifier() const
1977
0
  {
1978
0
    typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
1979
0
    return HashLookup::template HashIdentifierLookup2<typename SchemeOptions::HashFunction>::Lookup();
1980
0
  }
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetHashIdentifier() const
1981
  size_t GetDigestSize() const
1982
0
  {
1983
0
    typedef typename SchemeOptions::HashFunction H;
1984
0
    return H::DIGESTSIZE;
1985
0
  }
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetDigestSize() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetDigestSize() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetDigestSize() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetDigestSize() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetDigestSize() const
Unexecuted instantiation: CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetDigestSize() const
1986
1987
private:
1988
  KEY m_key;
1989
};
1990
1991
/// \brief Discrete Log (DL) object implementation
1992
/// \tparam BASE TODO
1993
/// \tparam SCHEME_OPTIONS options for the scheme
1994
/// \tparam KEY key used in the scheme
1995
template <class BASE, class SCHEME_OPTIONS, class KEY>
1996
class CRYPTOPP_NO_VTABLE DL_ObjectImpl : public DL_ObjectImplBase<BASE, SCHEME_OPTIONS, KEY>
1997
{
1998
public:
1999
  typedef typename KEY::Element Element;
2000
2001
  virtual ~DL_ObjectImpl() {}
2002
2003
protected:
2004
  const DL_ElgamalLikeSignatureAlgorithm<Element> & GetSignatureAlgorithm() const
2005
0
    {return Singleton<typename SCHEME_OPTIONS::SignatureAlgorithm>().Ref();}
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetSignatureAlgorithm() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetSignatureAlgorithm() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetSignatureAlgorithm() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetSignatureAlgorithm() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetSignatureAlgorithm() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetSignatureAlgorithm() const
2006
  const DL_KeyAgreementAlgorithm<Element> & GetKeyAgreementAlgorithm() const
2007
    {return Singleton<typename SCHEME_OPTIONS::KeyAgreementAlgorithm>().Ref();}
2008
  const DL_KeyDerivationAlgorithm<Element> & GetKeyDerivationAlgorithm() const
2009
    {return Singleton<typename SCHEME_OPTIONS::KeyDerivationAlgorithm>().Ref();}
2010
  const DL_SymmetricEncryptionAlgorithm & GetSymmetricEncryptionAlgorithm() const
2011
    {return Singleton<typename SCHEME_OPTIONS::SymmetricEncryptionAlgorithm>().Ref();}
2012
  HashIdentifier GetHashIdentifier() const
2013
0
    {return HashIdentifier();}
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetHashIdentifier() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetHashIdentifier() const
2014
  const PK_SignatureMessageEncodingMethod & GetMessageEncodingInterface() const
2015
0
    {return Singleton<typename SCHEME_OPTIONS::MessageEncodingMethod>().Ref();}
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_GFP<CryptoPP::DL_GroupParameters_DSA>, CryptoPP::DSA2<CryptoPP::SHA1> > >::GetMessageEncodingInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::Integer>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>, CryptoPP::DL_PublicKey_GFP<CryptoPP::DL_GroupParameters_DSA> >::GetMessageEncodingInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>, CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::GetMessageEncodingInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::ECPPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::ECP> >::GetMessageEncodingInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_SignerBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::EC2N>, CryptoPP::ECDSA<CryptoPP::EC2N, CryptoPP::SHA256> > >::GetMessageEncodingInterface() const
Unexecuted instantiation: CryptoPP::DL_ObjectImpl<CryptoPP::DL_VerifierBase<CryptoPP::EC2NPoint>, CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256>, CryptoPP::DL_PublicKey_EC<CryptoPP::EC2N> >::GetMessageEncodingInterface() const
2016
};
2017
2018
/// \brief Discrete Log (DL) signer implementation
2019
/// \tparam SCHEME_OPTIONS options for the scheme
2020
template <class SCHEME_OPTIONS>
2021
class DL_SignerImpl : public DL_ObjectImpl<DL_SignerBase<typename SCHEME_OPTIONS::Element>, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PrivateKey>
2022
{
2023
public:
2024
  PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const
2025
0
  {
2026
0
    member_ptr<PK_MessageAccumulatorBase> p(new PK_MessageAccumulatorImpl<typename SCHEME_OPTIONS::HashFunction>);
2027
0
    this->RestartMessageAccumulator(rng, *p);
2028
0
    return p.release();
2029
0
  }
Unexecuted instantiation: CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1> >::NewSignatureAccumulator(CryptoPP::RandomNumberGenerator&) const
Unexecuted instantiation: CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> >::NewSignatureAccumulator(CryptoPP::RandomNumberGenerator&) const
Unexecuted instantiation: CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> >::NewSignatureAccumulator(CryptoPP::RandomNumberGenerator&) const
2030
};
2031
2032
/// \brief Discrete Log (DL) verifier implementation
2033
/// \tparam SCHEME_OPTIONS options for the scheme
2034
template <class SCHEME_OPTIONS>
2035
class DL_VerifierImpl : public DL_ObjectImpl<DL_VerifierBase<typename SCHEME_OPTIONS::Element>, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PublicKey>
2036
{
2037
public:
2038
  PK_MessageAccumulator * NewVerificationAccumulator() const
2039
0
  {
2040
0
    return new PK_MessageAccumulatorImpl<typename SCHEME_OPTIONS::HashFunction>;
2041
0
  }
Unexecuted instantiation: CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1> >::NewVerificationAccumulator() const
Unexecuted instantiation: CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> >::NewVerificationAccumulator() const
Unexecuted instantiation: CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> >::NewVerificationAccumulator() const
2042
};
2043
2044
/// \brief Discrete Log (DL) encryptor implementation
2045
/// \tparam SCHEME_OPTIONS options for the scheme
2046
template <class SCHEME_OPTIONS>
2047
class DL_EncryptorImpl : public DL_ObjectImpl<DL_EncryptorBase<typename SCHEME_OPTIONS::Element>, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PublicKey>
2048
{
2049
};
2050
2051
/// \brief Discrete Log (DL) decryptor implementation
2052
/// \tparam SCHEME_OPTIONS options for the scheme
2053
template <class SCHEME_OPTIONS>
2054
class DL_DecryptorImpl : public DL_ObjectImpl<DL_DecryptorBase<typename SCHEME_OPTIONS::Element>, SCHEME_OPTIONS, typename SCHEME_OPTIONS::PrivateKey>
2055
{
2056
};
2057
2058
// ********************************************************
2059
2060
/// \brief Discrete Log (DL) simple key agreement base implementation
2061
/// \tparam T class or type
2062
template <class T>
2063
class CRYPTOPP_NO_VTABLE DL_SimpleKeyAgreementDomainBase : public SimpleKeyAgreementDomain
2064
{
2065
public:
2066
  typedef T Element;
2067
2068
  virtual ~DL_SimpleKeyAgreementDomainBase() {}
2069
2070
0
  CryptoParameters & AccessCryptoParameters() {return AccessAbstractGroupParameters();}
2071
0
  unsigned int AgreedValueLength() const {return GetAbstractGroupParameters().GetEncodedElementSize(false);}
2072
0
  unsigned int PrivateKeyLength() const {return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
2073
0
  unsigned int PublicKeyLength() const {return GetAbstractGroupParameters().GetEncodedElementSize(true);}
2074
2075
  void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
2076
0
  {
2077
0
    Integer x(rng, Integer::One(), GetAbstractGroupParameters().GetMaxExponent());
2078
0
    x.Encode(privateKey, PrivateKeyLength());
2079
0
  }
2080
2081
  void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
2082
0
  {
2083
0
    CRYPTOPP_UNUSED(rng);
2084
0
    const DL_GroupParameters<T> &params = GetAbstractGroupParameters();
2085
0
    Integer x(privateKey, PrivateKeyLength());
2086
0
    Element y = params.ExponentiateBase(x);
2087
0
    params.EncodeElement(true, y, publicKey);
2088
0
  }
2089
2090
  bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
2091
0
  {
2092
0
    try
2093
0
    {
2094
0
      const DL_GroupParameters<T> &params = GetAbstractGroupParameters();
2095
0
      Integer x(privateKey, PrivateKeyLength());
2096
0
      Element w = params.DecodeElement(otherPublicKey, validateOtherPublicKey);
2097
2098
0
      Element z = GetKeyAgreementAlgorithm().AgreeWithStaticPrivateKey(
2099
0
        GetAbstractGroupParameters(), w, validateOtherPublicKey, x);
2100
0
      params.EncodeElement(false, z, agreedValue);
2101
0
    }
2102
0
    catch (DL_BadElement &)
2103
0
    {
2104
0
      return false;
2105
0
    }
2106
0
    return true;
2107
0
  }
2108
2109
  /// \brief Retrieves a reference to the group generator
2110
  /// \return const reference to the group generator
2111
  const Element &GetGenerator() const {return GetAbstractGroupParameters().GetSubgroupGenerator();}
2112
2113
protected:
2114
  virtual const DL_KeyAgreementAlgorithm<Element> & GetKeyAgreementAlgorithm() const =0;
2115
  virtual DL_GroupParameters<Element> & AccessAbstractGroupParameters() =0;
2116
0
  const DL_GroupParameters<Element> & GetAbstractGroupParameters() const {return const_cast<DL_SimpleKeyAgreementDomainBase<Element> *>(this)->AccessAbstractGroupParameters();}
2117
};
2118
2119
/// \brief Methods for avoiding "Small-Subgroup" attacks on Diffie-Hellman Key Agreement
2120
/// \details Additional methods exist and include public key validation and choice of prime p.
2121
/// \sa <A HREF="http://tools.ietf.org/html/rfc2785">Methods for Avoiding the "Small-Subgroup" Attacks on the
2122
///  Diffie-Hellman Key Agreement Method for S/MIME</A>
2123
enum CofactorMultiplicationOption {
2124
  /// \brief No cofactor multiplication applied
2125
  NO_COFACTOR_MULTIPLICTION,
2126
  /// \brief Cofactor multiplication compatible with ordinary Diffie-Hellman
2127
  /// \details Modifies the computation of ZZ by including j (the cofactor) in the computations and is
2128
  ///  compatible with ordinary Diffie-Hellman.
2129
  COMPATIBLE_COFACTOR_MULTIPLICTION,
2130
  /// \brief Cofactor multiplication incompatible with ordinary Diffie-Hellman
2131
  /// \details Modifies the computation of ZZ by including j (the cofactor) in the computations but is
2132
  ///  not compatible with ordinary Diffie-Hellman.
2133
  INCOMPATIBLE_COFACTOR_MULTIPLICTION};
2134
2135
typedef EnumToType<CofactorMultiplicationOption, NO_COFACTOR_MULTIPLICTION> NoCofactorMultiplication;
2136
typedef EnumToType<CofactorMultiplicationOption, COMPATIBLE_COFACTOR_MULTIPLICTION> CompatibleCofactorMultiplication;
2137
typedef EnumToType<CofactorMultiplicationOption, INCOMPATIBLE_COFACTOR_MULTIPLICTION> IncompatibleCofactorMultiplication;
2138
2139
/// \brief Diffie-Hellman key agreement algorithm
2140
template <class ELEMENT, class COFACTOR_OPTION>
2141
class DL_KeyAgreementAlgorithm_DH : public DL_KeyAgreementAlgorithm<ELEMENT>
2142
{
2143
public:
2144
  typedef ELEMENT Element;
2145
2146
  CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName()
2147
0
    {return COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION ? "DHC" : "DH";}
2148
2149
  virtual ~DL_KeyAgreementAlgorithm_DH() {}
2150
2151
  Element AgreeWithEphemeralPrivateKey(const DL_GroupParameters<Element> &params, const DL_FixedBasePrecomputation<Element> &publicPrecomputation, const Integer &privateExponent) const
2152
0
  {
2153
0
    return publicPrecomputation.Exponentiate(params.GetGroupPrecomputation(),
2154
0
      COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION ? privateExponent*params.GetCofactor() : privateExponent);
2155
0
  }
2156
2157
  Element AgreeWithStaticPrivateKey(const DL_GroupParameters<Element> &params, const Element &publicElement, bool validateOtherPublicKey, const Integer &privateExponent) const
2158
0
  {
2159
0
    if (COFACTOR_OPTION::ToEnum() == COMPATIBLE_COFACTOR_MULTIPLICTION)
2160
0
    {
2161
0
      const Integer &k = params.GetCofactor();
2162
0
      return params.ExponentiateElement(publicElement,
2163
0
        ModularArithmetic(params.GetSubgroupOrder()).Divide(privateExponent, k)*k);
2164
0
    }
2165
0
    else if (COFACTOR_OPTION::ToEnum() == INCOMPATIBLE_COFACTOR_MULTIPLICTION)
2166
0
      return params.ExponentiateElement(publicElement, privateExponent*params.GetCofactor());
2167
0
    else
2168
0
    {
2169
0
      CRYPTOPP_ASSERT(COFACTOR_OPTION::ToEnum() == NO_COFACTOR_MULTIPLICTION);
2170
2171
0
      if (!validateOtherPublicKey)
2172
0
        return params.ExponentiateElement(publicElement, privateExponent);
2173
2174
0
      if (params.FastSubgroupCheckAvailable())
2175
0
      {
2176
0
        if (!params.ValidateElement(2, publicElement, NULLPTR))
2177
0
          throw DL_BadElement();
2178
0
        return params.ExponentiateElement(publicElement, privateExponent);
2179
0
      }
2180
0
      else
2181
0
      {
2182
0
        const Integer e[2] = {params.GetSubgroupOrder(), privateExponent};
2183
0
        Element r[2];
2184
0
        params.SimultaneousExponentiate(r, publicElement, e, 2);
2185
0
        if (!params.IsIdentity(r[0]))
2186
0
          throw DL_BadElement();
2187
0
        return r[1];
2188
0
      }
2189
0
    }
2190
0
  }
2191
};
2192
2193
// ********************************************************
2194
2195
/// \brief Template implementing constructors for public key algorithm classes
2196
template <class BASE>
2197
class CRYPTOPP_NO_VTABLE PK_FinalTemplate : public BASE
2198
{
2199
public:
2200
  PK_FinalTemplate() {}
2201
2202
  PK_FinalTemplate(const CryptoMaterial &key)
2203
0
    {this->AccessKey().AssignFrom(key);}
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1> > >::PK_FinalTemplate(CryptoPP::CryptoMaterial const&)
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> > >::PK_FinalTemplate(CryptoPP::CryptoMaterial const&)
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_SignerImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> > >::PK_FinalTemplate(CryptoPP::CryptoMaterial const&)
2204
2205
  PK_FinalTemplate(BufferedTransformation &bt)
2206
    {this->AccessKey().BERDecode(bt);}
2207
2208
  PK_FinalTemplate(const AsymmetricAlgorithm &algorithm)
2209
0
    {this->AccessKey().AssignFrom(algorithm.GetMaterial());}
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DSA2<CryptoPP::SHA1>, CryptoPP::DL_Keys_DSA, CryptoPP::DL_Algorithm_GDSA<CryptoPP::Integer>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1> > >::PK_FinalTemplate(CryptoPP::AsymmetricAlgorithm const&)
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> > >::PK_FinalTemplate(CryptoPP::AsymmetricAlgorithm const&)
Unexecuted instantiation: CryptoPP::PK_FinalTemplate<CryptoPP::DL_VerifierImpl<CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>, CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256> > >::PK_FinalTemplate(CryptoPP::AsymmetricAlgorithm const&)
2210
2211
  PK_FinalTemplate(const Integer &v1)
2212
    {this->AccessKey().Initialize(v1);}
2213
2214
  template <class T1, class T2>
2215
  PK_FinalTemplate(const T1 &v1, const T2 &v2)
2216
    {this->AccessKey().Initialize(v1, v2);}
2217
2218
  template <class T1, class T2, class T3>
2219
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3)
2220
    {this->AccessKey().Initialize(v1, v2, v3);}
2221
2222
  template <class T1, class T2, class T3, class T4>
2223
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4)
2224
    {this->AccessKey().Initialize(v1, v2, v3, v4);}
2225
2226
  template <class T1, class T2, class T3, class T4, class T5>
2227
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5)
2228
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2229
2230
  template <class T1, class T2, class T3, class T4, class T5, class T6>
2231
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6)
2232
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2233
2234
  template <class T1, class T2, class T3, class T4, class T5, class T6, class T7>
2235
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7)
2236
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2237
2238
  template <class T1, class T2, class T3, class T4, class T5, class T6, class T7, class T8>
2239
  PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7, const T8 &v8)
2240
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2241
2242
  template <class T1, class T2>
2243
  PK_FinalTemplate(T1 &v1, const T2 &v2)
2244
    {this->AccessKey().Initialize(v1, v2);}
2245
2246
  template <class T1, class T2, class T3>
2247
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3)
2248
    {this->AccessKey().Initialize(v1, v2, v3);}
2249
2250
  template <class T1, class T2, class T3, class T4>
2251
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4)
2252
    {this->AccessKey().Initialize(v1, v2, v3, v4);}
2253
2254
  template <class T1, class T2, class T3, class T4, class T5>
2255
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5)
2256
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5);}
2257
2258
  template <class T1, class T2, class T3, class T4, class T5, class T6>
2259
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6)
2260
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6);}
2261
2262
  template <class T1, class T2, class T3, class T4, class T5, class T6, class T7>
2263
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7)
2264
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7);}
2265
2266
  template <class T1, class T2, class T3, class T4, class T5, class T6, class T7, class T8>
2267
  PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7, const T8 &v8)
2268
    {this->AccessKey().Initialize(v1, v2, v3, v4, v5, v6, v7, v8);}
2269
};
2270
2271
/// \brief Base class for public key encryption standard classes.
2272
/// \details These classes are used to select from variants of algorithms.
2273
///  Not all standards apply to all algorithms.
2274
struct EncryptionStandard {};
2275
2276
/// \brief Base class for public key signature standard classes.
2277
/// \details These classes are used to select from variants of algorithms.
2278
///  Not all standards apply to all algorithms.
2279
struct SignatureStandard {};
2280
2281
/// \brief Trapdoor Function (TF) encryption scheme
2282
/// \tparam STANDARD standard
2283
/// \tparam KEYS keys used in the encryption scheme
2284
/// \tparam ALG_INFO algorithm information
2285
template <class KEYS, class STANDARD, class ALG_INFO>
2286
class TF_ES;
2287
2288
template <class KEYS, class STANDARD, class ALG_INFO = TF_ES<KEYS, STANDARD, int> >
2289
class TF_ES : public KEYS
2290
{
2291
  typedef typename STANDARD::EncryptionMessageEncodingMethod MessageEncodingMethod;
2292
2293
public:
2294
  /// see EncryptionStandard for a list of standards
2295
  typedef STANDARD Standard;
2296
  typedef TF_CryptoSchemeOptions<ALG_INFO, KEYS, MessageEncodingMethod> SchemeOptions;
2297
2298
  static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string(KEYS::StaticAlgorithmName()) + "/" + MessageEncodingMethod::StaticAlgorithmName();}
2299
2300
  /// implements PK_Decryptor interface
2301
  typedef PK_FinalTemplate<TF_DecryptorImpl<SchemeOptions> > Decryptor;
2302
  /// implements PK_Encryptor interface
2303
  typedef PK_FinalTemplate<TF_EncryptorImpl<SchemeOptions> > Encryptor;
2304
};
2305
2306
/// \brief Trapdoor Function (TF) Signature Scheme
2307
/// \tparam STANDARD standard
2308
/// \tparam H hash function
2309
/// \tparam KEYS keys used in the signature scheme
2310
/// \tparam ALG_INFO algorithm information
2311
template <class KEYS, class STANDARD, class H, class ALG_INFO>
2312
class TF_SS;
2313
2314
template <class KEYS, class STANDARD, class H, class ALG_INFO = TF_SS<KEYS, STANDARD, H, int> >
2315
class TF_SS : public KEYS
2316
{
2317
public:
2318
  /// see SignatureStandard for a list of standards
2319
  typedef STANDARD Standard;
2320
  typedef typename Standard::SignatureMessageEncodingMethod MessageEncodingMethod;
2321
  typedef TF_SignatureSchemeOptions<ALG_INFO, KEYS, MessageEncodingMethod, H> SchemeOptions;
2322
2323
  static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string(KEYS::StaticAlgorithmName()) + "/" + MessageEncodingMethod::StaticAlgorithmName() + "(" + H::StaticAlgorithmName() + ")";}
2324
2325
  /// implements PK_Signer interface
2326
  typedef PK_FinalTemplate<TF_SignerImpl<SchemeOptions> > Signer;
2327
  /// implements PK_Verifier interface
2328
  typedef PK_FinalTemplate<TF_VerifierImpl<SchemeOptions> > Verifier;
2329
};
2330
2331
/// \brief Discrete Log (DL) signature scheme
2332
/// \tparam KEYS keys used in the signature scheme
2333
/// \tparam SA signature algorithm
2334
/// \tparam MEM message encoding method
2335
/// \tparam H hash function
2336
/// \tparam ALG_INFO algorithm information
2337
template <class KEYS, class SA, class MEM, class H, class ALG_INFO>
2338
class DL_SS;
2339
2340
template <class KEYS, class SA, class MEM, class H, class ALG_INFO = DL_SS<KEYS, SA, MEM, H, int> >
2341
class DL_SS : public KEYS
2342
{
2343
  typedef DL_SignatureSchemeOptions<ALG_INFO, KEYS, SA, MEM, H> SchemeOptions;
2344
2345
public:
2346
0
  static std::string StaticAlgorithmName() {return SA::StaticAlgorithmName() + std::string("/EMSA1(") + H::StaticAlgorithmName() + ")";}
Unexecuted instantiation: CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>::StaticAlgorithmName()
Unexecuted instantiation: CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_Algorithm_ECDSA<CryptoPP::EC2N>, CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA256, int>::StaticAlgorithmName()
2347
2348
  /// implements PK_Signer interface
2349
  typedef PK_FinalTemplate<DL_SignerImpl<SchemeOptions> > Signer;
2350
  /// implements PK_Verifier interface
2351
  typedef PK_FinalTemplate<DL_VerifierImpl<SchemeOptions> > Verifier;
2352
};
2353
2354
/// \brief Discrete Log (DL) encryption scheme
2355
/// \tparam KEYS keys used in the encryption scheme
2356
/// \tparam AA key agreement algorithm
2357
/// \tparam DA key derivation algorithm
2358
/// \tparam EA encryption algorithm
2359
/// \tparam ALG_INFO algorithm information
2360
template <class KEYS, class AA, class DA, class EA, class ALG_INFO>
2361
class DL_ES : public KEYS
2362
{
2363
  typedef DL_CryptoSchemeOptions<ALG_INFO, KEYS, AA, DA, EA> SchemeOptions;
2364
2365
public:
2366
  /// implements PK_Decryptor interface
2367
  typedef PK_FinalTemplate<DL_DecryptorImpl<SchemeOptions> > Decryptor;
2368
  /// implements PK_Encryptor interface
2369
  typedef PK_FinalTemplate<DL_EncryptorImpl<SchemeOptions> > Encryptor;
2370
};
2371
2372
NAMESPACE_END
2373
2374
#if CRYPTOPP_MSC_VERSION
2375
# pragma warning(pop)
2376
#endif
2377
2378
#endif