00001
#ifndef CRYPTOPP_ECCRYPTO_H
00002
#define CRYPTOPP_ECCRYPTO_H
00003
00004
00005
00006
00007
#include "pubkey.h"
00008
#include "integer.h"
00009
#include "asn.h"
00010
#include "hmac.h"
00011
#include "sha.h"
00012
#include "gfpcrypt.h"
00013
#include "dh.h"
00014
#include "mqv.h"
00015
#include "ecp.h"
00016
#include "ec2n.h"
00017
00018 NAMESPACE_BEGIN(CryptoPP)
00019
00020
00021
00022
00023
00024 template <class EC>
00025 class
DL_GroupParameters_EC : public
DL_GroupParametersImpl<EcPrecomputation<EC> >
00026 {
00027
typedef DL_GroupParameters_EC<EC> ThisClass;
00028
00029
public:
00030
typedef EC EllipticCurve;
00031
typedef typename EllipticCurve::Point Point;
00032
typedef Point Element;
00033
typedef IncompatibleCofactorMultiplication DefaultCofactorOption;
00034
00035
DL_GroupParameters_EC() : m_compress(
false), m_encodeAsOID(
false) {}
00036
DL_GroupParameters_EC(
const OID &oid)
00037 : m_compress(
false), m_encodeAsOID(
false) {Initialize(oid);}
00038
DL_GroupParameters_EC(
const EllipticCurve &ec,
const Point &G,
const Integer &n,
const Integer &k = Integer::Zero())
00039 : m_compress(
false), m_encodeAsOID(
false) {Initialize(ec, G, n, k);}
00040
DL_GroupParameters_EC(
BufferedTransformation &bt)
00041 : m_compress(
false), m_encodeAsOID(
false) {BERDecode(bt);}
00042
00043
void Initialize(
const EllipticCurve &ec,
const Point &G,
const Integer &n,
const Integer &k = Integer::Zero())
00044 {
00045 this->m_groupPrecomputation.SetCurve(ec);
00046 SetSubgroupGenerator(G);
00047 m_n = n;
00048 m_k = k;
00049 }
00050
void Initialize(
const OID &oid);
00051
00052
00053
bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
00054
void AssignFrom(
const NameValuePairs &source);
00055
00056
00057
00058
00059
void GenerateRandom(
RandomNumberGenerator &rng,
const NameValuePairs &alg);
00060
00061
00062
const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation()
const {
return this->m_gpc;}
00063 DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {
return this->m_gpc;}
00064
const Integer & GetSubgroupOrder()
const {
return m_n;}
00065
Integer GetCofactor()
const;
00066
bool ValidateGroup(
RandomNumberGenerator &rng,
unsigned int level)
const;
00067
bool ValidateElement(
unsigned int level,
const Element &element,
const DL_FixedBasePrecomputation<Element> *precomp)
const;
00068
bool FastSubgroupCheckAvailable()
const {
return false;}
00069
void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const
00070
{
00071
if (reversible)
00072 GetCurve().EncodePoint(encoded, element, m_compress);
00073
else
00074 element.x.Encode(encoded, GetEncodedElementSize(
false));
00075 }
00076
unsigned int GetEncodedElementSize(
bool reversible)
const
00077
{
00078
if (reversible)
00079
return GetCurve().EncodedPointSize(m_compress);
00080
else
00081
return GetCurve().GetField().MaxElementByteLength();
00082 }
00083 Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const
00084
{
00085 Point result;
00086
if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(
true)))
00087
throw DL_BadElement();
00088
if (checkForGroupMembership && !ValidateElement(1, result, NULL))
00089
throw DL_BadElement();
00090
return result;
00091 }
00092
Integer ConvertElementToInteger(
const Element &element)
const;
00093
Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
00094
bool IsIdentity(
const Element &element)
const {
return element.identity;}
00095
void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
00096
static std::string StaticAlgorithmNamePrefix() {
return "EC";}
00097
00098
00099
OID GetAlgorithmID()
const;
00100
00101
00102 Element MultiplyElements(
const Element &a,
const Element &b)
const;
00103 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
00104
00105
00106
00107
00108
static OID GetNextRecommendedParametersOID(
const OID &oid);
00109
00110
void BERDecode(
BufferedTransformation &bt);
00111
void DEREncode(
BufferedTransformation &bt)
const;
00112
00113
void SetPointCompression(
bool compress) {m_compress = compress;}
00114
bool GetPointCompression()
const {
return m_compress;}
00115
00116
void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
00117
bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
00118
00119
const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
00120
00121
bool operator==(
const ThisClass &rhs)
const
00122
{
return this->m_groupPrecomputation.GetCurve() == rhs.
m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.
m_gpc.GetBase(rhs.
m_groupPrecomputation);}
00123
00124
#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00125
const Point& GetBasePoint()
const {
return GetSubgroupGenerator();}
00126
const Integer& GetBasePointOrder()
const {
return GetSubgroupOrder();}
00127
void LoadRecommendedParameters(
const OID &oid) {Initialize(oid);}
00128
#endif
00129
00130
protected:
00131
unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
00132
unsigned int ExponentLength()
const {
return m_n.ByteCount();}
00133
00134
OID m_oid;
00135
Integer m_n;
00136
bool m_compress, m_encodeAsOID;
00137
mutable Integer m_k;
00138 };
00139
00140 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_GroupParameters_EC<ECP>;
00141 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_GroupParameters_EC<EC2N>;
00142 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PublicKeyImpl<DL_GroupParameters_EC<ECP> >;
00143 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PublicKeyImpl<DL_GroupParameters_EC<EC2N> >;
00144
00145
00146
template <
class EC>
00147 class DL_PublicKey_EC :
public DL_PublicKeyImpl<DL_GroupParameters_EC<EC> >
00148 {
00149
public:
00150
typedef typename EC::Point Element;
00151
00152
void Initialize(
const DL_GroupParameters_EC<EC> ¶ms,
const Element &Q)
00153 {this->AccessGroupParameters() = params; SetPublicElement(Q);}
00154
void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Element &Q)
00155 {this->AccessGroupParameters().Initialize(ec, G, n); SetPublicElement(Q);}
00156
00157
00158
void BERDecodeKey2(
BufferedTransformation &bt,
bool parametersPresent,
unsigned int size);
00159
void DEREncodeKey(
BufferedTransformation &bt)
const;
00160 };
00161
00162 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PublicKey_EC<ECP>;
00163 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PublicKey_EC<EC2N>;
00164 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKeyImpl<DL_GroupParameters_EC<ECP> >;
00165 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKeyImpl<DL_GroupParameters_EC<EC2N> >;
00166
00167
00168
template <
class EC>
00169 class DL_PrivateKey_EC :
public DL_PrivateKeyImpl<DL_GroupParameters_EC<EC> >
00170 {
00171
public:
00172
typedef typename EC::Point Element;
00173
00174
void Initialize(
const DL_GroupParameters_EC<EC> ¶ms,
const Integer &x)
00175 {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);}
00176
void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Integer &x)
00177 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);}
00178
void Initialize(
RandomNumberGenerator &rng,
const DL_GroupParameters_EC<EC> ¶ms)
00179 {
GenerateRandom(rng, params);}
00180
void Initialize(
RandomNumberGenerator &rng,
const EC &ec,
const Element &G,
const Integer &n)
00181 {
GenerateRandom(rng,
DL_GroupParameters_EC<EC>(ec, G, n));}
00182
00183
00184
void BERDecodeKey2(
BufferedTransformation &bt,
bool parametersPresent,
unsigned int size);
00185
void DEREncodeKey(
BufferedTransformation &bt)
const;
00186 };
00187
00188 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKey_EC<ECP>;
00189 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKey_EC<EC2N>;
00190
00191
00192
template <
class EC,
class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00193 struct ECDH
00194 {
00195
typedef DH_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION>
Domain;
00196 };
00197
00198
00199
template <
class EC,
class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00200 struct ECMQV
00201 {
00202
typedef MQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION>
Domain;
00203 };
00204
00205
00206
template <
class EC>
00207 struct DL_Keys_EC
00208 {
00209
typedef DL_PublicKey_EC<EC> PublicKey;
00210
typedef DL_PrivateKey_EC<EC> PrivateKey;
00211 };
00212
00213
template <
class EC,
class H = SHA>
00214
struct ECDSA;
00215
00216
00217
template <
class EC>
00218 struct DL_Keys_ECDSA
00219 {
00220
typedef DL_PublicKey_EC<EC> PublicKey;
00221
typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC>,
ECDSA<EC> >
PrivateKey;
00222 };
00223
00224 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_Algorithm_GDSA<ECP::Point>;
00225 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_Algorithm_GDSA<EC2N::Point>;
00226
00227
00228
template <
class EC>
00229 class DL_Algorithm_ECDSA :
public DL_Algorithm_GDSA<typename EC::Point>
00230 {
00231
public:
00232
static const char * StaticAlgorithmName() {
return "ECDSA";}
00233 };
00234
00235
00236
template <
class EC>
00237 class DL_Algorithm_ECNR :
public DL_Algorithm_NR<typename EC::Point>
00238 {
00239
public:
00240
static const char * StaticAlgorithmName() {
return "ECNR";}
00241 };
00242
00243
00244
template <
class EC,
class H>
00245 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
00246 {
00247 };
00248
00249 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<ECP>,
ECDSA<ECP> >;
00250 CRYPTOPP_DLL_TEMPLATE_CLASS
DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC2N>,
ECDSA<EC2N> >;
00251
00252
00253
template <
class EC,
class H = SHA>
00254 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
00255 {
00256 };
00257
00258
00259
00260
00261
00262
template <
class EC,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = false>
00263 struct ECIES
00264 :
public DL_ES<
00265 DL_Keys_EC<EC>,
00266 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
00267 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
00268 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
00269 ECIES<EC> >
00270 {
00271
static std::string StaticAlgorithmName() {
return "ECIES";}
00272 };
00273
00274 NAMESPACE_END
00275
00276
#endif