Crypto++
8.2
Free C++ class library of cryptographic schemes
|
Go to the documentation of this file.
7 #ifndef CRYPTOPP_ECCRYPTO_H
8 #define CRYPTOPP_ECCRYPTO_H
25 #if CRYPTOPP_MSC_VERSION
26 # pragma warning(push)
27 # pragma warning(disable: 4231 4275)
42 typedef EC EllipticCurve;
43 typedef typename EllipticCurve::Point Point;
44 typedef Point Element;
55 : m_compress(false), m_encodeAsOID(true) {
Initialize(oid);}
63 : m_compress(false), m_encodeAsOID(true) {
Initialize(ec, G, n, k);}
68 : m_compress(false), m_encodeAsOID(true) {BERDecode(bt);}
78 this->m_groupPrecomputation.SetCurve(ec);
90 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
101 const Integer & GetSubgroupOrder()
const {
return m_n;}
105 bool FastSubgroupCheckAvailable()
const {
return false;}
106 void EncodeElement(
bool reversible,
const Element &element,
byte *encoded)
const
109 GetCurve().EncodePoint(encoded, element, m_compress);
116 return GetCurve().EncodedPointSize(m_compress);
118 return GetCurve().GetField().MaxElementByteLength();
120 Element
DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const
125 if (checkForGroupMembership && !ValidateElement(1, result, NULLPTR))
129 Integer ConvertElementToInteger(
const Element &element)
const;
130 Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
131 bool IsIdentity(
const Element &element)
const {
return element.identity;}
132 void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
133 static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {
return "EC";}
136 OID GetAlgorithmID()
const;
139 Element MultiplyElements(
const Element &a,
const Element &b)
const;
140 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
145 static OID CRYPTOPP_API GetNextRecommendedParametersOID(
const OID &oid);
150 void SetPointCompression(
bool compress) {m_compress = compress;}
151 bool GetPointCompression()
const {
return m_compress;}
153 void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
154 bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
156 const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
158 bool operator==(
const ThisClass &rhs)
const
159 {
return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
162 unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
163 unsigned int ExponentLength()
const {
return m_n.
ByteCount();}
168 mutable bool m_compress, m_encodeAsOID;
177 typedef typename EC::Point Element;
195 {this->AccessGroupParameters().Initialize(ec, G, n); this->
SetPublicElement(Q);}
208 typedef typename EC::Point Element;
262 template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption>
272 template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption>
284 template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption,
class HASH =
SHA256>
302 template <class EC, class COFACTOR_OPTION = typename DL_GroupParameters_EC<EC>::DefaultCofactorOption,
class HASH =
SHA256>
323 template <
class EC,
class H>
343 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA";}
351 template <
class EC,
class H>
355 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA-RFC6979";}
364 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECNR";}
372 template <
class EC,
class H>
373 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
383 template <
class EC,
class H>
386 DL_Algorithm_ECDSA_RFC6979<EC, H>,
387 DL_SignatureMessageEncodingMethod_DSA,
389 ECDSA_RFC6979<EC,H> >
391 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(
"ECDSA-RFC6979/") + H::StaticAlgorithmName();}
397 template <
class EC,
class H = SHA1>
398 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
417 typedef typename EC::Point Element;
427 this->AccessGroupParameters() = params;
428 this->SetPrivateExponent(x);
440 this->AccessGroupParameters().Initialize(ec, G, n);
441 this->SetPrivateExponent(x);
442 CRYPTOPP_ASSERT(x>=1 && x<=this->AccessGroupParameters().GetSubgroupOrder()-1);
452 {this->GenerateRandom(rng, params);}
468 pub.AccessAbstractGroupParameters().AssignFrom(params);
474 virtual bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const
476 return GetValueHelper<DL_PrivateKey_ECGDSA<EC>,
482 AssignFromHelper<DL_PrivateKey_ECGDSA<EC>,
501 typedef typename EC::Point Element;
510 {this->AccessGroupParameters() = params; this->SetPublicElement(Q);}
519 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);}
525 pPrivateKey->MakePublicKey(*
this);
528 this->AccessAbstractGroupParameters().AssignFrom(source);
529 AssignFromHelper(
this, source)
535 virtual void SetPublicElement(
const Element &y)
536 {this->AccessPublicPrecomputation().SetBase(this->GetAbstractGroupParameters().GetGroupPrecomputation(), y);}
562 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECGDSA";}
572 template <
class EC,
class H>
575 DL_Algorithm_ECGDSA<EC>,
576 DL_SignatureMessageEncodingMethod_DSA,
579 static std::string CRYPTOPP_API StaticAlgorithmName() {
return std::string(
"ECGDSA-ISO15946/") + H::StaticAlgorithmName();}
617 template <
class EC,
class HASH = SHA1,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = true,
bool LABEL_OCTETS = false>
621 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
622 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<HASH> >,
623 DL_EncryptionAlgorithm_Xor<HMAC<HASH>, DHAES_MODE, LABEL_OCTETS>,
627 CRYPTOPP_STATIC_CONSTEXPR
const char* CRYPTOPP_API StaticAlgorithmName() {
return "ECIES";}
632 #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
633 #include "eccrypto.cpp"
659 #if CRYPTOPP_MSC_VERSION
660 # pragma warning(pop)
Classes for Fully Hashed Menezes-Qu-Vanstone key agreement in GF(p)
virtual void SetSubgroupGenerator(const Element &base)
Sets the subgroup generator.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q)
Initialize an EC Public Key using {EC,G,n,Q}.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
void SetPrivateExponent(const Integer &x)
Integer InverseMod(const Integer &n) const
Calculate multiplicative inverse.
Converts an enumeration to a type suitable for use as a template parameter.
Classes for Elliptic Curves over prime fields.
Discrete Log (DL) private key base implementation.
Elliptic Curve Discrete Log (DL) public key.
Elliptic Curve Menezes-Qu-Vanstone.
Elliptic Curve NR (ECNR) signature scheme.
bool NotZero() const
Determines if the Integer is non-0.
void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC< EC > ¶ms)
Create an EC private key.
bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const
Check the group for errors.
Discrete Log (DL) encryption scheme.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Element &Q)
Initialize an EC Public Key using {GP,Q}.
Elliptic Curve Integrated Encryption Scheme.
DL_GroupParameters_EC()
Construct an EC GroupParameters.
Discrete Log (DL) signature scheme.
DL_FixedBasePrecomputation< Element > & AccessBasePrecomputation()
Retrieves the group precomputation.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
this implementation doesn't actually generate a curve, it just initializes the parameters with existi...
Elliptic Curve DSA (ECDSA) signature scheme.
DL_FixedBasePrecomputation interface.
Fully Hashed Elliptic Curve Menezes-Qu-Vanstone.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
This file contains helper classes/functions for implementing public key algorithms.
Fully Hashed Menezes-Qu-Vanstone in GF(p)
Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x)
Initialize an EC Private Key using {EC,G,n,x}.
virtual void SetPublicElement(const Element &y)
Sets the public element.
void DEREncodePublicKey(BufferedTransformation &bt) const
encode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header
void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC< EC > ¶ms)
Create an EC private key.
Elliptic Curve Parameters.
Classes for Diffie-Hellman key exchange.
DL_GroupParameters_EC(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k=Integer::Zero())
Construct an EC GroupParameters.
Interface for random number generators.
unsigned int ByteCount() const
Determines the number of bytes required to represent the Integer.
Elliptic Curve DSA (ECDSA) signature algorithm.
const char * PublicElement()
Integer.
Hashed Elliptic Curve Menezes-Qu-Vanstone.
DSA signature algorithm based on RFC 6979.
Classes for SHA-1 and SHA-2 family of message digests.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q)
Initialize an EC Public Key using {EC,G,n,Q}.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
MQV domain for performing authenticated key agreement.
Hashed Menezes-Qu-Vanstone in GF(p)
virtual unsigned int GetEncodedElementSize(bool reversible) const
Retrieves the encoded element's size.
Classes and functions for working with ANS.1 objects.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Element &Q)
Initialize an EC Public Key using {GP,Q}.
Elliptic Curve DSA (ECDSA) deterministic signature scheme.
Elliptic Curve Discrete Log (DL) private key.
void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n)
Create an EC private key.
Elliptic Curve Diffie-Hellman.
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Integer &x)
Initialize an EC Private Key using {GP,x}.
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
void Initialize(const DL_GroupParameters_EC< EC > ¶ms, const Integer &x)
Initialize an EC Private Key using {GP,x}.
Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const
Decodes the element.
Classes for Menezes–Qu–Vanstone (MQV) key agreement.
DL_GroupParameters_EC(const OID &oid)
Construct an EC GroupParameters.
void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n)
Create an EC private key.
DL_GroupParameters_EC(BufferedTransformation &bt)
Construct an EC GroupParameters.
void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x)
Initialize an EC Private Key using {EC,G,n,x}.
void Initialize(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k=Integer::Zero())
Initialize an EC GroupParameters using {EC,G,n,k}.
static const Integer & Zero()
Integer representing 0.
Crypto++ library namespace.
Elliptic Curve German DSA signature algorithm.
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Elliptic Curve German DSA key for ISO/IEC 15946.
Elliptic Curve German DSA keys for ISO/IEC 15946.
Elliptic Curve Discrete Log (DL) keys.
Library configuration file.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
Elliptic Curve DSA (ECDSA) signature algorithm based on RFC 6979.
German Digital Signature Algorithm.
Interface for Discrete Log (DL) group parameters.
Exception thrown when an invalid group element is encountered.
Classes for Hashed Menezes-Qu-Vanstone key agreement in GF(p)
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
Base implementation of Discrete Log (DL) group parameters.
Classes for Elliptic Curves over binary fields.
Elliptic Curve German Digital Signature Algorithm signature scheme.
Interface for retrieving values given their names.
Abstract base classes that provide a uniform interface to this library.
bool GetThisPointer(T *&ptr) const
Get a pointer to this object.
Multiple precision integer with arithmetic operations.
Classes for HMAC message authentication codes.
Elliptic Curve German DSA key for ISO/IEC 15946.
Multiple precision integer with arithmetic operations.
Elliptic Curve NR (ECNR) signature algorithm.
Discrete Log (DL) public key base implementation.