Crypto++
8.4
Free C++ class library of cryptographic schemes
|
Go to the documentation of this file.
4 #ifndef CRYPTOPP_HMQV_H
5 #define CRYPTOPP_HMQV_H
22 template <
class GROUP_PARAMETERS,
class COFACTOR_OPTION =
typename GROUP_PARAMETERS::DefaultCofactorOption,
class HASH = SHA512>
26 typedef GROUP_PARAMETERS GroupParameters;
27 typedef typename GroupParameters::Element Element;
37 : m_role(clientRole ? RoleClient : RoleServer) {}
44 HMQV_Domain(
const GroupParameters ¶ms,
bool clientRole =
true)
45 : m_role(clientRole ? RoleClient : RoleServer), m_groupParameters(params) {}
53 : m_role(clientRole ? RoleClient : RoleServer)
54 {m_groupParameters.BERDecode(bt);}
65 : m_role(clientRole ? RoleClient : RoleServer)
66 {m_groupParameters.Initialize(v1);}
77 template <
class T1,
class T2>
79 : m_role(clientRole ? RoleClient : RoleServer)
80 {m_groupParameters.Initialize(v1, v2);}
93 template <
class T1,
class T2,
class T3>
95 : m_role(clientRole ? RoleClient : RoleServer)
96 {m_groupParameters.Initialize(v1, v2, v3);}
111 template <
class T1,
class T2,
class T3,
class T4>
113 : m_role(clientRole ? RoleClient : RoleServer)
114 {m_groupParameters.Initialize(v1, v2, v3, v4);}
137 {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
143 {
return GetAbstractGroupParameters().GetSubgroupOrder().ByteCount();}
152 {
return GetAbstractGroupParameters().GetEncodedElementSize(
true);}
176 CRYPTOPP_UNUSED(rng);
215 CRYPTOPP_UNUSED(rng);
243 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
244 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
245 bool validateStaticOtherPublicKey=
true)
const
247 const byte *XX = NULLPTR, *YY = NULLPTR, *AA = NULLPTR, *BB = NULLPTR;
248 size_t xxs = 0, yys = 0, aas = 0, bbs = 0;
259 if(m_role == RoleServer)
265 XX = ephemeralOtherPublicKey;
269 AA = staticOtherPublicKey;
282 YY = ephemeralOtherPublicKey;
286 BB = staticOtherPublicKey;
290 Element VV1 = params.
DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
291 Element VV2 = params.
DecodeElement(ephemeralOtherPublicKey,
true);
294 const unsigned int len = (((q.
BitCount()+1)/2 +7)/8);
298 Hash(NULLPTR, XX, xxs, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
299 Integer d(dd.BytePtr(), dd.SizeInBytes());
306 if(m_role == RoleServer)
316 Element t2 = m_groupParameters.MultiplyElements(X, t1);
331 Element t4 = m_groupParameters.MultiplyElements(Y, t3);
350 inline void Hash(
const Element* sigma,
351 const byte* e1,
size_t e1len,
352 const byte* s1,
size_t s1len,
353 byte* digest,
size_t dlen)
const
356 size_t idx = 0, req = dlen;
357 size_t blk =
STDMIN(dlen, (
size_t)HASH::DIGESTSIZE);
361 if (e1len != 0 || s1len != 0) {
367 SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(
false));
368 GetAbstractGroupParameters().EncodeElement(
false, *sigma, sbb);
369 hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
371 if (e1len == 0 || s1len == 0) {
374 hash.Update(e1, e1len);
375 hash.Update(s1, s1len);
378 hash.TruncatedFinal(digest, blk);
384 hash.Update(&digest[idx], (
size_t)HASH::DIGESTSIZE);
386 idx += (size_t)HASH::DIGESTSIZE;
387 blk =
STDMIN(req, (
size_t)HASH::DIGESTSIZE);
388 hash.TruncatedFinal(&digest[idx], blk);
397 enum KeyAgreementRole { RoleServer = 1, RoleClient };
400 {
return m_groupParameters;}
402 {
return m_groupParameters;}
404 GroupParameters m_groupParameters;
405 KeyAgreementRole m_role;
HMQV_Domain< DL_GroupParameters_GFP_DefaultSafePrime > HMQV
Hashed Menezes-Qu-Vanstone in GF(p)
unsigned int StaticPublicKeyLength() const
Provides the size of the static public key.
Interface for crypto prameters.
const CryptoMaterial & GetMaterial() const
Retrieves a reference to Crypto Parameters.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
virtual Element ExponentiateBase(const Integer &exponent) const
Exponentiates the base.
bool Agree(byte *agreedValue, const byte *staticPrivateKey, const byte *ephemeralPrivateKey, const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey, bool validateStaticOtherPublicKey=true) const
Derive agreed value or shared secret.
Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
byte * BytePtr()
Provides a byte pointer to the first element in the memory block.
void DoQuickSanityCheck() const
Perform a quick sanity check.
HMQV_Domain(T1 v1, T2 v2, T3 v3, bool clientRole=true)
Construct a HMQV domain.
Interface for domains of authenticated key agreement protocols.
unsigned int EphemeralPublicKeyLength() const
Provides the size of the ephemeral public key.
Interface for random number generators.
HMQV_Domain(T1 v1, T2 v2, T3 v3, T4 v4, bool clientRole=true)
Construct a HMQV domain.
size_type SizeInBytes() const
Provides the number of bytes in the SecBlock.
void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate static private key in this domain.
Classes for SHA-1 and SHA-2 family of message digests.
HMQV_Domain(const GroupParameters ¶ms, bool clientRole=true)
Construct a HMQV domain.
HMQV_Domain(T1 v1, T2 v2, bool clientRole=true)
Construct a HMQV domain.
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
Hashed Menezes-Qu-Vanstone in GF(p)
virtual Element DecodeElement(const byte *encoded, bool checkForGroupMembership) const =0
Decodes the element.
void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a static public key from a private key in this domain.
HMQV_Domain(bool clientRole=true)
Construct a HMQV domain.
void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate ephemeral private key in this domain.
CryptoParameters & AccessCryptoParameters()
Retrieves the crypto parameters for this domain.
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
unsigned int StaticPrivateKeyLength() const
Provides the size of the static private key.
unsigned int EphemeralPrivateKeyLength() const
Provides the size of the ephemeral private key.
virtual Integer GetMaxExponent() const =0
Retrieves the maximum exponent for the group.
virtual Element ExponentiateElement(const Element &base, const Integer &exponent) const
Exponentiates an element.
void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate ephemeral public key from a private key in this domain.
HMQV_Domain(T1 v1, bool clientRole=true)
Construct a HMQV domain.
Classes for performing mathematics over different fields.
Crypto++ library namespace.
const GroupParameters & GetGroupParameters() const
Retrieves the group parameters for this domain.
virtual const Integer & GetSubgroupOrder() const =0
Retrieves the subgroup order.
Interface for Discrete Log (DL) group parameters.
Exception thrown when an invalid group element is encountered.
static const Integer & One()
Integer representing 1.
virtual void EncodeElement(bool reversible, const Element &element, byte *encoded) const =0
Encodes the element.
GroupParameters & AccessGroupParameters()
Retrieves the group parameters for this domain.
Multiple precision integer with arithmetic operations.
HMQV_Domain(BufferedTransformation &bt, bool clientRole=true)
Construct a HMQV domain.