1 #ifndef CRYPTOPP_ECCRYPTO_H
2 #define CRYPTOPP_ECCRYPTO_H
18 NAMESPACE_BEGIN(CryptoPP)
30 typedef EC EllipticCurve;
31 typedef typename EllipticCurve::Point Point;
32 typedef Point Element;
37 : m_compress(
false), m_encodeAsOID(
false) {Initialize(oid);}
39 : m_compress(
false), m_encodeAsOID(
false) {Initialize(ec, G, n, k);}
41 : m_compress(
false), m_encodeAsOID(
false) {BERDecode(bt);}
45 this->m_groupPrecomputation.SetCurve(ec);
46 this->SetSubgroupGenerator(G);
50 void Initialize(
const OID &oid);
53 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
64 const Integer & GetSubgroupOrder()
const {
return m_n;}
68 bool FastSubgroupCheckAvailable()
const {
return false;}
69 void EncodeElement(
bool reversible,
const Element &element, byte *encoded)
const
72 GetCurve().EncodePoint(encoded, element, m_compress);
74 element.x.Encode(encoded, GetEncodedElementSize(
false));
76 unsigned int GetEncodedElementSize(
bool reversible)
const
79 return GetCurve().EncodedPointSize(m_compress);
81 return GetCurve().GetField().MaxElementByteLength();
83 Element DecodeElement(
const byte *encoded,
bool checkForGroupMembership)
const
86 if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(
true)))
88 if (checkForGroupMembership && !ValidateElement(1, result, NULL))
92 Integer ConvertElementToInteger(
const Element &element)
const;
93 Integer GetMaxExponent()
const {
return GetSubgroupOrder()-1;}
94 bool IsIdentity(
const Element &element)
const {
return element.identity;}
95 void SimultaneousExponentiate(Element *results,
const Element &base,
const Integer *exponents,
unsigned int exponentsCount)
const;
96 static std::string CRYPTOPP_API StaticAlgorithmNamePrefix() {
return "EC";}
99 OID GetAlgorithmID()
const;
102 Element MultiplyElements(
const Element &a,
const Element &b)
const;
103 Element CascadeExponentiate(
const Element &element1,
const Integer &exponent1,
const Element &element2,
const Integer &exponent2)
const;
108 static OID CRYPTOPP_API GetNextRecommendedParametersOID(
const OID &oid);
113 void SetPointCompression(
bool compress) {m_compress = compress;}
114 bool GetPointCompression()
const {
return m_compress;}
116 void SetEncodeAsOID(
bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
117 bool GetEncodeAsOID()
const {
return m_encodeAsOID;}
119 const EllipticCurve& GetCurve()
const {
return this->m_groupPrecomputation.GetCurve();}
121 bool operator==(
const ThisClass &rhs)
const
122 {
return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
124 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
125 const Point& GetBasePoint()
const {
return GetSubgroupGenerator();}
126 const Integer& GetBasePointOrder()
const {
return GetSubgroupOrder();}
127 void LoadRecommendedParameters(
const OID &oid) {Initialize(oid);}
131 unsigned int FieldElementLength()
const {
return GetCurve().GetField().MaxElementByteLength();}
132 unsigned int ExponentLength()
const {
return m_n.ByteCount();}
136 bool m_compress, m_encodeAsOID;
145 typedef typename EC::Point Element;
148 {this->AccessGroupParameters() = params; this->SetPublicElement(Q);}
149 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Element &Q)
150 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPublicElement(Q);}
162 typedef typename EC::Point Element;
165 {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);}
166 void Initialize(
const EC &ec,
const Element &G,
const Integer &n,
const Integer &x)
167 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);}
179 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
186 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
200 template <
class EC,
class H>
216 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECDSA";}
224 static const char * CRYPTOPP_API StaticAlgorithmName() {
return "ECNR";}
228 template <
class EC,
class H>
229 struct ECDSA :
public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
234 template <
class EC,
class H = SHA>
235 struct ECNR :
public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
243 template <
class EC,
class COFACTOR_OPTION = NoCofactorMultiplication,
bool DHAES_MODE = false>
247 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
248 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
249 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
252 static std::string CRYPTOPP_API StaticAlgorithmName() {
return "ECIES";}
257 #ifdef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
258 #include "eccrypto.cpp"
261 NAMESPACE_BEGIN(CryptoPP)
implements the SHA-256 standard
Discrete Log Based Signature Scheme.
This file contains helper classes/functions for implementing public key algorithms.
Elliptic Curve over GF(p), where p is prime.
interface for random number generators
Discrete Log Based Encryption Scheme.
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
Elliptic Curve Menezes-Qu-Vanstone, AKA ECMQV
multiple precision integer and basic arithmetics
Elliptic Curve over GF(2^n)
Elliptic Curve Integrated Encryption Scheme, AKA ECIES
Implementation of schemes based on DL over GF(p)
void DEREncodePublicKey(BufferedTransformation &bt) const
encode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
Elliptic Curve Diffie-Hellman, AKA ECDH
Elliptic Curve Parameters.
static const Integer & Zero()
avoid calling constructors for these frequently used integers
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode subjectPublicKey part of subjectPublicKeyInfo, without the BIT STRING header ...
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
interface for retrieving values given their names