00001 #ifndef CRYPTOPP_ECCRYPTO_H
00002 #define CRYPTOPP_ECCRYPTO_H
00003
00004
00005
00006
00007 #include "pubkey.h"
00008 #include "integer.h"
00009 #include "asn.h"
00010 #include "hmac.h"
00011 #include "sha.h"
00012 #include "gfpcrypt.h"
00013 #include "dh.h"
00014 #include "mqv.h"
00015 #include "ecp.h"
00016 #include "ec2n.h"
00017
00018 NAMESPACE_BEGIN(CryptoPP)
00019
00020
00021
00022
00023
00024 template <class EC>
00025 class DL_GroupParameters_EC : public DL_GroupParametersImpl<EcPrecomputation<EC> >
00026 {
00027 typedef DL_GroupParameters_EC<EC> ThisClass;
00028
00029 public:
00030 typedef EC EllipticCurve;
00031 typedef typename EllipticCurve::Point Point;
00032 typedef Point Element;
00033 typedef IncompatibleCofactorMultiplication DefaultCofactorOption;
00034
00035 DL_GroupParameters_EC() : m_compress(false), m_encodeAsOID(false) {}
00036 DL_GroupParameters_EC(const OID &oid)
00037 : m_compress(false), m_encodeAsOID(false) {Initialize(oid);}
00038 DL_GroupParameters_EC(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k = Integer::Zero())
00039 : m_compress(false), m_encodeAsOID(false) {Initialize(ec, G, n, k);}
00040 DL_GroupParameters_EC(BufferedTransformation &bt)
00041 : m_compress(false), m_encodeAsOID(false) {BERDecode(bt);}
00042
00043 void Initialize(const EllipticCurve &ec, const Point &G, const Integer &n, const Integer &k = Integer::Zero())
00044 {
00045 this->m_groupPrecomputation.SetCurve(ec);
00046 SetSubgroupGenerator(G);
00047 m_n = n;
00048 m_k = k;
00049 }
00050 void Initialize(const OID &oid);
00051
00052
00053 bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
00054 void AssignFrom(const NameValuePairs &source);
00055
00056
00057
00058
00059 void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg);
00060
00061
00062 const DL_FixedBasePrecomputation<Element> & GetBasePrecomputation() const {return this->m_gpc;}
00063 DL_FixedBasePrecomputation<Element> & AccessBasePrecomputation() {return this->m_gpc;}
00064 const Integer & GetSubgroupOrder() const {return m_n;}
00065 Integer GetCofactor() const;
00066 bool ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const;
00067 bool ValidateElement(unsigned int level, const Element &element, const DL_FixedBasePrecomputation<Element> *precomp) const;
00068 bool FastSubgroupCheckAvailable() const {return false;}
00069 void EncodeElement(bool reversible, const Element &element, byte *encoded) const
00070 {
00071 if (reversible)
00072 GetCurve().EncodePoint(encoded, element, m_compress);
00073 else
00074 element.x.Encode(encoded, GetEncodedElementSize(false));
00075 }
00076 unsigned int GetEncodedElementSize(bool reversible) const
00077 {
00078 if (reversible)
00079 return GetCurve().EncodedPointSize(m_compress);
00080 else
00081 return GetCurve().GetField().MaxElementByteLength();
00082 }
00083 Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const
00084 {
00085 Point result;
00086 if (!GetCurve().DecodePoint(result, encoded, GetEncodedElementSize(true)))
00087 throw DL_BadElement();
00088 if (checkForGroupMembership && !ValidateElement(1, result, NULL))
00089 throw DL_BadElement();
00090 return result;
00091 }
00092 Integer ConvertElementToInteger(const Element &element) const;
00093 Integer GetMaxExponent() const {return GetSubgroupOrder()-1;}
00094 bool IsIdentity(const Element &element) const {return element.identity;}
00095 void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const;
00096 static std::string StaticAlgorithmNamePrefix() {return "EC";}
00097
00098
00099 OID GetAlgorithmID() const;
00100
00101
00102 Element MultiplyElements(const Element &a, const Element &b) const;
00103 Element CascadeExponentiate(const Element &element1, const Integer &exponent1, const Element &element2, const Integer &exponent2) const;
00104
00105
00106
00107
00108 static OID GetNextRecommendedParametersOID(const OID &oid);
00109
00110 void BERDecode(BufferedTransformation &bt);
00111 void DEREncode(BufferedTransformation &bt) const;
00112
00113 void SetPointCompression(bool compress) {m_compress = compress;}
00114 bool GetPointCompression() const {return m_compress;}
00115
00116 void SetEncodeAsOID(bool encodeAsOID) {m_encodeAsOID = encodeAsOID;}
00117 bool GetEncodeAsOID() const {return m_encodeAsOID;}
00118
00119 const EllipticCurve& GetCurve() const {return this->m_groupPrecomputation.GetCurve();}
00120
00121 bool operator==(const ThisClass &rhs) const
00122 {return this->m_groupPrecomputation.GetCurve() == rhs.m_groupPrecomputation.GetCurve() && this->m_gpc.GetBase(this->m_groupPrecomputation) == rhs.m_gpc.GetBase(rhs.m_groupPrecomputation);}
00123
00124 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00125 const Point& GetBasePoint() const {return GetSubgroupGenerator();}
00126 const Integer& GetBasePointOrder() const {return GetSubgroupOrder();}
00127 void LoadRecommendedParameters(const OID &oid) {Initialize(oid);}
00128 #endif
00129
00130 protected:
00131 unsigned int FieldElementLength() const {return GetCurve().GetField().MaxElementByteLength();}
00132 unsigned int ExponentLength() const {return m_n.ByteCount();}
00133
00134 OID m_oid;
00135 Integer m_n;
00136 bool m_compress, m_encodeAsOID;
00137 mutable Integer m_k;
00138 };
00139
00140 #ifndef SKIP_EXPLICIT_INSTANTIATION
00141 CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupParameters_EC<ECP>;
00142 CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupParameters_EC<EC2N>;
00143 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKeyImpl<DL_GroupParameters_EC<ECP> >;
00144 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKeyImpl<DL_GroupParameters_EC<EC2N> >;
00145 #endif // SKIP_EXPLICIT_INSTANTIATION
00146
00147
00148 template <class EC>
00149 class DL_PublicKey_EC : public DL_PublicKeyImpl<DL_GroupParameters_EC<EC> >
00150 {
00151 public:
00152 typedef typename EC::Point Element;
00153
00154 void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Element &Q)
00155 {this->AccessGroupParameters() = params; SetPublicElement(Q);}
00156 void Initialize(const EC &ec, const Element &G, const Integer &n, const Element &Q)
00157 {this->AccessGroupParameters().Initialize(ec, G, n); SetPublicElement(Q);}
00158
00159
00160 void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size);
00161 void DEREncodeKey(BufferedTransformation &bt) const;
00162 };
00163
00164 #ifndef SKIP_EXPLICIT_INSTANTIATION
00165 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_EC<ECP>;
00166 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_EC<EC2N>;
00167 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl<DL_GroupParameters_EC<ECP> >;
00168 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl<DL_GroupParameters_EC<EC2N> >;
00169 #endif // SKIP_EXPLICIT_INSTANTIATION
00170
00171
00172 template <class EC>
00173 class DL_PrivateKey_EC : public DL_PrivateKeyImpl<DL_GroupParameters_EC<EC> >
00174 {
00175 public:
00176 typedef typename EC::Point Element;
00177
00178 void Initialize(const DL_GroupParameters_EC<EC> ¶ms, const Integer &x)
00179 {this->AccessGroupParameters() = params; this->SetPrivateExponent(x);}
00180 void Initialize(const EC &ec, const Element &G, const Integer &n, const Integer &x)
00181 {this->AccessGroupParameters().Initialize(ec, G, n); this->SetPrivateExponent(x);}
00182 void Initialize(RandomNumberGenerator &rng, const DL_GroupParameters_EC<EC> ¶ms)
00183 {GenerateRandom(rng, params);}
00184 void Initialize(RandomNumberGenerator &rng, const EC &ec, const Element &G, const Integer &n)
00185 {GenerateRandom(rng, DL_GroupParameters_EC<EC>(ec, G, n));}
00186
00187
00188 void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size);
00189 void DEREncodeKey(BufferedTransformation &bt) const;
00190 };
00191
00192 #ifndef SKIP_EXPLICIT_INSTANTIATION
00193 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC<ECP>;
00194 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC<EC2N>;
00195 #endif // SKIP_EXPLICIT_INSTANTIATION
00196
00197
00198 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00199 struct ECDH
00200 {
00201 typedef DH_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain;
00202 };
00203
00204
00205 template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
00206 struct ECMQV
00207 {
00208 typedef MQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain;
00209 };
00210
00211
00212 template <class EC>
00213 struct DL_Keys_EC
00214 {
00215 typedef DL_PublicKey_EC<EC> PublicKey;
00216 typedef DL_PrivateKey_EC<EC> PrivateKey;
00217 };
00218
00219 template <class EC, class H = SHA>
00220 struct ECDSA;
00221
00222
00223 template <class EC>
00224 struct DL_Keys_ECDSA
00225 {
00226 typedef DL_PublicKey_EC<EC> PublicKey;
00227 typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC>, ECDSA<EC> > PrivateKey;
00228 };
00229
00230 #ifndef SKIP_EXPLICIT_INSTANTIATION
00231 CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA<ECP::Point>;
00232 CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA<EC2N::Point>;
00233 #endif // SKIP_EXPLICIT_INSTANTIATION
00234
00235
00236 template <class EC>
00237 class DL_Algorithm_ECDSA : public DL_Algorithm_GDSA<typename EC::Point>
00238 {
00239 public:
00240 static const char * StaticAlgorithmName() {return "ECDSA";}
00241 };
00242
00243
00244 template <class EC>
00245 class DL_Algorithm_ECNR : public DL_Algorithm_NR<typename EC::Point>
00246 {
00247 public:
00248 static const char * StaticAlgorithmName() {return "ECNR";}
00249 };
00250
00251
00252 template <class EC, class H>
00253 struct ECDSA : public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
00254 {
00255 };
00256
00257 #ifndef SKIP_EXPLICIT_INSTANTIATION
00258 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<ECP>, ECDSA<ECP> >;
00259 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_EC<EC2N>, ECDSA<EC2N> >;
00260 #endif // SKIP_EXPLICIT_INSTANTIATION
00261
00262
00263 template <class EC, class H = SHA>
00264 struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
00265 {
00266 };
00267
00268
00269
00270
00271
00272 template <class EC, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = false>
00273 struct ECIES
00274 : public DL_ES<
00275 DL_Keys_EC<EC>,
00276 DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>,
00277 DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >,
00278 DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>,
00279 ECIES<EC> >
00280 {
00281 static std::string StaticAlgorithmName() {return "ECIES";}
00282 };
00283
00284 NAMESPACE_END
00285
00286 #endif