00001
#ifndef CRYPTOPP_ECCRYPTO_H
00002
#define CRYPTOPP_ECCRTPTO_H
00003
00004
00005
00006
00007
#include "pubkey.h"
00008
#include "integer.h"
00009
#include "asn.h"
00010
#include "hmac.h"
00011
#include "sha.h"
00012
#include "gfpcrypt.h"
00013
#include "dh.h"
00014
#include "mqv.h"
00015
00016 NAMESPACE_BEGIN(CryptoPP)
00017
00018 template <class T> class EcPrecomputation;
00019
00020
00021
00022
00023
00024 template <class EC>
00025 class
DL_GroupParameters_EC : public
DL_GroupParametersImpl<EcPrecomputation<EC> >
00026 {
00027
typedef DL_GroupParameters_EC<EC> ThisClass;
00028
00029
public:
00030
typedef EC EllipticCurve;
00031
typedef typename EllipticCurve::Point Point;
00032
typedef Point Element;
00033
typedef IncompatibleCofactorMultiplication DefaultCofactorOption;
00034
00035
DL_GroupParameters_EC() : m_compress(
false), m_encodeAsOID(
false) {}
00036
DL_GroupParameters_EC(
const OID &oid)
00037 : m_compress(
false), m_encodeAsOID(
false) {Initialize(oid);}
00038
DL_GroupParameters_EC(
const EllipticCurve &ec,
const Point &G,
const Integer &n,
const Integer &k = Integer::Zero())
00039 : m_compress(
false), m_encodeAsOID(
false) {Initialize(ec, G, n, k);}
00040
DL_GroupParameters_EC(
BufferedTransformation &bt)
00041 : m_compress(
false), m_encodeAsOID(
false) {BERDecode(bt);}
00042
00043
void Initialize(
const EllipticCurve &ec,
const Point &G,
const Integer &n,
const Integer &k = Integer::Zero())
00044 {
00045 m_groupPrecomputation.SetCurve(ec);
00046 SetSubgroupGenerator(G);
00047 m_n = n;
00048 m_k = k;
00049 }
00050
void Initialize(
const OID &oid);
00051
00052
00053
bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
00054
void AssignFrom(
const NameValuePairs &source);
00055
00056
00057
00058
00059
void GenerateRandom(
RandomNumberGenerator &rng,
const NameValuePairs &alg);
00060
00061
00062
const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation()
const {
return m_gpc;}
00063 DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {
return m_gpc;}
00064
const Integer & GetSubgroupOrder()
const {
return m_n;}
00065
Integer GetCofactor()
const;
00066
bool ValidateGroup(
RandomNumberGenerator &rng,
unsigned int level)
const;
00067
bool ValidateElement(
unsigned int level,
const Element &element,
const DL_FixedBasePrecomputation<Element> *precomp)
const;
00068
bool FastSubgroupCheckAvailable()
const {
return false;}
00069
void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const
00070
{
00071
if (reversible)
00072 GetCurve().EncodePoint(encoded, element, m_compress);
00073
else
00074 element.x.Encode(encoded, GetEncodedElementSize(
false));
00075 }
00076
unsigned int GetEncodedElementSize(
bool reversible)
const
00077
{
00078
if (reversible)
00079
return GetCurve().EncodedPointSize(m_compress);
00080
else
00081
return GetCurve().GetField().MaxElementByteLength();
00082 }
00083 Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const
00084
{
00085 Point result;
00086
if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(
true)))
00087
throw DL_BadElement();
00088
if (checkForGroupMembership && !ValidateElement(1, result, NULL))
00089
throw DL_BadElement();
00090
return result;
00091 }
00092
Integer ConvertElementToInteger(
const Element &element)
const;
00093
Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
00094
bool IsIdentity(
const Element &element)
const {
return element.identity;}
00095
void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
00096
00097
00098
OID GetAlgorithmID()
const;
00099
00100
00101 Element MultiplyElements(
const Element &a,
const Element &b)
const;
00102 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
00103
00104
00105
00106
00107
static OID GetNextRecommendedParametersOID(
const OID &oid);
00108
00109
void BERDecode(
BufferedTransformation &bt);
00110
void DEREncode(
BufferedTransformation &bt)
const;
00111
00112
void SetPointCompression(
bool compress) {m_compress = compress;}
00113
bool GetPointCompression()
const {
return m_compress;}
00114
00115
void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
00116
bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
00117
00118
const EllipticCurve& GetCurve()
const {
return m_groupPrecomputation.GetCurve();}
00119
00120
#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00121
const Point& GetBasePoint()
const {
return GetSubgroupGenerator();}
00122
const Integer& GetBasePointOrder()
const {
return GetSubgroupOrder();}
00123
void LoadRecommendedParameters(
const OID &oid) {Initialize(oid);}
00124
#endif
00125
00126
protected:
00127
unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
00128
unsigned int ExponentLength()
const {
return m_n.ByteCount();}
00129
00130
OID m_oid;
00131
Integer m_n;
00132
bool m_compress, m_encodeAsOID;
00133
mutable Integer m_k;
00134 };
00135
00136
00137
template <
class EC>
00138 class DL_PublicKey_EC :
public DL_PublicKeyImpl<DL_GroupParameters_EC<EC> >
00139 {
00140
public:
00141
typedef typename EC::Point Element;
00142
00143
void Initialize(
const DL_GroupParameters_EC<EC> ¶ms,
const Element &Q)
00144 {AccessGroupParameters() = params; SetPublicElement(Q);}
00145
void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Element &Q)
00146 {AccessGroupParameters().Initialize(ec, G, n); SetPublicElement(Q);}
00147
00148
00149
void BERDecodeKey2(
BufferedTransformation &bt,
bool parametersPresent,
unsigned int size);
00150
void DEREncodeKey(
BufferedTransformation &bt)
const;
00151 };
00152
00153
00154
template <
class EC>
00155 class DL_PrivateKey_EC :
public DL_PrivateKeyImpl<DL_GroupParameters_EC<EC> >
00156 {
00157
public:
00158
typedef typename EC::Point Element;
00159
00160
void Initialize(
const DL_GroupParameters_EC<EC> ¶ms,
const Integer &x)
00161 {AccessGroupParameters() = params; SetPrivateExponent(x);}
00162
void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Integer &x)
00163 {AccessGroupParameters().Initialize(ec, G, n); SetPrivateExponent(x);}
00164
void Initialize(
RandomNumberGenerator &rng,
const DL_GroupParameters_EC<EC> ¶ms)
00165 {GenerateRandom(rng, params);}
00166
void Initialize(
RandomNumberGenerator &rng,
const EC &ec,
const Element &G,
const Integer &n)
00167 {GenerateRandom(rng,
DL_GroupParameters_EC<EC>(ec, G, n));}
00168
00169
00170
void BERDecodeKey2(
BufferedTransformation &bt,
bool parametersPresent,
unsigned int size);
00171
void DEREncodeKey(
BufferedTransformation &bt)
const;
00172 };
00173
00174
00175
template <
class EC,
class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00176 struct ECDH
00177 {
00178
typedef DH_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION>
Domain;
00179 };
00180
00181
00182
template <
class EC,
class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00183 struct ECMQV
00184 {
00185
typedef MQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION>
Domain;
00186 };
00187
00188
00189
template <
class EC>
00190 struct DL_Keys_EC
00191 {
00192
typedef DL_PublicKey_EC<EC> PublicKey;
00193
typedef DL_PrivateKey_EC<EC> PrivateKey;
00194 };
00195
00196
template <
class EC,
class H = SHA>
00197
struct ECDSA;
00198
00199
00200
template <
class EC>
00201 struct DL_Keys_ECDSA
00202 {
00203
typedef DL_PublicKey_EC<EC> PublicKey;
00204
typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC>,
ECDSA<EC> >
PrivateKey;
00205 };
00206
00207
00208
template <
class EC>
00209 class DL_Algorithm_ECDSA :
public DL_Algorithm_GDSA<typename EC::Point>
00210 {
00211
public:
00212
static const char * StaticAlgorithmName() {
return "ECDSA";}
00213 };
00214
00215
00216
template <
class EC>
00217 class DL_Algorithm_ECNR :
public DL_Algorithm_NR<typename EC::Point>
00218 {
00219
public:
00220
static const char * StaticAlgorithmName() {
return "ECNR";}
00221 };
00222
00223
00224
template <
class EC,
class H>
00225 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
00226 {
00227 };
00228
00229
00230
template <
class EC,
class H = SHA>
00231 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
00232 {
00233 };
00234
00235
00236
00237
00238
00239
template <
class EC,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = false>
00240 struct ECIES
00241 :
public DL_ES<
00242 DL_Keys_EC<EC>,
00243 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
00244 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
00245 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
00246 ECIES<EC> >
00247 {
00248
static std::string StaticAlgorithmName() {
return "ECIES";}
00249 };
00250
00251 NAMESPACE_END
00252
00253
#endif