Coverage Report

Created: 2024-11-21 07:03

/src/cryptopp/rw.h
Line
Count
Source (jump to first uncovered line)
1
// rw.h - originally written and placed in the public domain by Wei Dai
2
3
/// \file rw.h
4
/// \brief Classes for Rabin-Williams signature scheme
5
/// \details The implementation provides Rabin-Williams signature schemes as defined in
6
///   IEEE P1363. It uses Bernstein's tweaked square roots in place of square roots to
7
///   speedup calculations.
8
/// \sa <A HREF="http://cr.yp.to/sigs/rwsota-20080131.pdf">RSA signatures and Rabin–Williams
9
///   signatures: the state of the art (20080131)</A>, Section 6, <em>The tweaks e and f</em>.
10
/// \since Crypto++ 3.0
11
12
#ifndef CRYPTOPP_RW_H
13
#define CRYPTOPP_RW_H
14
15
#include "cryptlib.h"
16
#include "pubkey.h"
17
#include "integer.h"
18
19
NAMESPACE_BEGIN(CryptoPP)
20
21
/// \brief Rabin-Williams trapdoor function using the public key
22
/// \since Crypto++ 3.0, Tweaked roots using <em>e</em> and <em>f</em> since Crypto++ 5.6.4
23
class CRYPTOPP_DLL RWFunction : public TrapdoorFunction, public PublicKey
24
{
25
  typedef RWFunction ThisClass;
26
27
public:
28
29
  /// \brief Initialize a Rabin-Williams public key
30
  /// \param n the modulus
31
  void Initialize(const Integer &n)
32
0
    {m_n = n;}
33
34
  void BERDecode(BufferedTransformation &bt);
35
  void DEREncode(BufferedTransformation &bt) const;
36
37
  void Save(BufferedTransformation &bt) const
38
0
    {DEREncode(bt);}
39
  void Load(BufferedTransformation &bt)
40
0
    {BERDecode(bt);}
41
42
  Integer ApplyFunction(const Integer &x) const;
43
0
  Integer PreimageBound() const {return ++(m_n>>1);}
44
0
  Integer ImageBound() const {return m_n;}
45
46
  bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
47
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
48
  void AssignFrom(const NameValuePairs &source);
49
50
0
  const Integer& GetModulus() const {return m_n;}
51
0
  void SetModulus(const Integer &n) {m_n = n;}
52
53
protected:
54
  Integer m_n;
55
};
56
57
/// \brief Rabin-Williams trapdoor function using the private key
58
/// \since Crypto++ 3.0, Tweaked roots using <em>e</em> and <em>f</em> since Crypto++ 5.6.4
59
class CRYPTOPP_DLL InvertibleRWFunction : public RWFunction, public TrapdoorFunctionInverse, public PrivateKey
60
{
61
  typedef InvertibleRWFunction ThisClass;
62
63
public:
64
  /// \brief Construct an InvertibleRWFunction
65
0
  InvertibleRWFunction() : m_precompute(false) {}
66
67
  /// \brief Initialize a Rabin-Williams private key
68
  /// \param n modulus
69
  /// \param p first prime factor
70
  /// \param q second prime factor
71
  /// \param u q<sup>-1</sup> mod p
72
  /// \details This Initialize() function overload initializes a private key from existing parameters.
73
  void Initialize(const Integer &n, const Integer &p, const Integer &q, const Integer &u);
74
75
  /// \brief Create a Rabin-Williams private key
76
  /// \param rng a RandomNumberGenerator derived class
77
  /// \param modulusBits the size of the modulus, in bits
78
  /// \details This function overload of Initialize() creates a new private key because it
79
  ///   takes a RandomNumberGenerator() as a parameter. If you have an existing keypair,
80
  ///   then use one of the other Initialize() overloads.
81
  void Initialize(RandomNumberGenerator &rng, unsigned int modulusBits)
82
0
    {GenerateRandomWithKeySize(rng, modulusBits);}
83
84
  void BERDecode(BufferedTransformation &bt);
85
  void DEREncode(BufferedTransformation &bt) const;
86
87
  void Save(BufferedTransformation &bt) const
88
0
    {DEREncode(bt);}
89
  void Load(BufferedTransformation &bt)
90
0
    {BERDecode(bt);}
91
92
  Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
93
94
  // GeneratibleCryptoMaterial
95
  bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
96
  bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
97
  void AssignFrom(const NameValuePairs &source);
98
  /*! parameters: (ModulusSize) */
99
  void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg);
100
101
0
  const Integer& GetPrime1() const {return m_p;}
102
0
  const Integer& GetPrime2() const {return m_q;}
103
0
  const Integer& GetMultiplicativeInverseOfPrime2ModPrime1() const {return m_u;}
104
105
0
  void SetPrime1(const Integer &p) {m_p = p;}
106
0
  void SetPrime2(const Integer &q) {m_q = q;}
107
0
  void SetMultiplicativeInverseOfPrime2ModPrime1(const Integer &u) {m_u = u;}
108
109
0
  virtual bool SupportsPrecomputation() const {return true;}
110
0
  virtual void Precompute(unsigned int unused = 0) {CRYPTOPP_UNUSED(unused); PrecomputeTweakedRoots();}
111
0
  virtual void Precompute(unsigned int unused = 0) const {CRYPTOPP_UNUSED(unused); PrecomputeTweakedRoots();}
112
113
  virtual void LoadPrecomputation(BufferedTransformation &storedPrecomputation);
114
  virtual void SavePrecomputation(BufferedTransformation &storedPrecomputation) const;
115
116
protected:
117
  void PrecomputeTweakedRoots() const;
118
119
protected:
120
  Integer m_p, m_q, m_u;
121
122
  mutable Integer m_pre_2_9p, m_pre_2_3q, m_pre_q_p;
123
  mutable bool m_precompute;
124
};
125
126
/// \brief Rabin-Williams keys
127
/// \since Crypto++ 3.0
128
struct RW
129
{
130
0
  CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "RW";}
131
  typedef RWFunction PublicKey;
132
  typedef InvertibleRWFunction PrivateKey;
133
};
134
135
/// \brief Rabin-Williams signature scheme
136
/// \tparam STANDARD signature standard
137
/// \tparam H hash transformation
138
/// \since Crypto++ 3.0
139
template <class STANDARD, class H>
140
struct RWSS : public TF_SS<RW, STANDARD, H>
141
{
142
};
143
144
NAMESPACE_END
145
146
#endif