| blob | 775a8989ce48262047c45aca6be2949e6440d231 |
1 ////////////////////////////////////////////////////////////////////////////////
2 //
3 // This file contains a subset of the Crypto++ library (version 5.2.1), with
4 // kind permission from Wei Dai. Please note that this file should not reflect
5 // on the real Crypto++ library in any way, as this file been greatly mangled to
6 // reduce the code-size, since this app only makes use of RSA classes (for Secure
7 // Identification) and the MD4 hashing class (for FileIDs).
8 //
9 // For the full Crypto++ library, please refer to the official Crypto++ website,
10 // which can be found at, http://www.cryptopp.com
11 //
12 ////////////////////////////////////////////////////////////////////////////////
13 //
14 // Compilation Copyright (c) 1995-2004 by Wei Dai. All rights reserved.
15 // This copyright applies only to this software distribution package
16 // as a compilation, and does not imply a copyright on any particular
17 // file in the package.
18 //
19 // The following files are copyrighted by their respective original authors,
20 // and their use is subject to additional licenses included in these files.
21 //
22 // mars.cpp - Copyright 1998 Brian Gladman.
24 // All other files in this compilation are placed in the public domain by
25 // Wei Dai and other contributors.
26 //
27 // I would like to thank the following authors for placing their works into
28 // the public domain:
29 //
30 // Joan Daemen - 3way.cpp
31 // Leonard Janke - cast.cpp, seal.cpp
32 // Steve Reid - cast.cpp
33 // Phil Karn - des.cpp
34 // Michael Paul Johnson - diamond.cpp
35 // Andrew M. Kuchling - md2.cpp, md4.cpp
36 // Colin Plumb - md5.cpp, md5mac.cpp
37 // Seal Woods - rc6.cpp
38 // Chris Morgan - rijndael.cpp
39 // Paulo Baretto - rijndael.cpp, skipjack.cpp, square.cpp
40 // Richard De Moliner - safer.cpp
41 // Matthew Skala - twofish.cpp
42 // Kevin Springle - camellia.cpp, shacal2.cpp, ttmac.cpp, whrlpool.cpp, ripemd.cpp
43 //
44 // Permission to use, copy, modify, and distribute this compilation for
45 // any purpose, including commercial applications, is hereby granted
46 // without fee, subject to the following restrictions:
47 //
48 // 1. Any copy or modification of this compilation in any form, except
49 // in object code form as part of an application software, must include
50 // the above copyright notice and this license.
51 //
52 // 2. Users of this software agree that any modification or extension
53 // they provide to Wei Dai will be considered public domain and not
54 // copyrighted unless it includes an explicit copyright notice.
55 //
56 // 3. Wei Dai makes no warranty or representation that the operation of the
57 // software in this compilation will be error-free, and Wei Dai is under no
58 // obligation to provide any services, by way of maintenance, update, or
59 // otherwise. THE SOFTWARE AND ANY DOCUMENTATION ARE PROVIDED "AS IS"
60 // WITHOUT EXPRESS OR IMPLIED WARRANTY INCLUDING, BUT NOT LIMITED TO,
61 // THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
62 // PURPOSE. IN NO EVENT WILL WEI DAI OR ANY OTHER CONTRIBUTOR BE LIABLE FOR
63 // DIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, EVEN IF
64 // ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
65 //
66 // 4. Users will not use Wei Dai or any other contributor's name in any
67 // publicity or advertising, without prior written consent in each case.
68 //
69 // 5. Export of this software from the United States may require a
70 // specific license from the United States Government. It is the
71 // responsibility of any person or organization contemplating export
72 // to obtain such a license before exporting.
73 //
74 // 6. Certain parts of this software may be protected by patents. It
75 // is the users' responsibility to obtain the appropriate
76 // licenses before using those parts.
77 //
78 // If this compilation is used in object code form in an application
79 // software, acknowledgement of the author is not required but would be
80 // appreciated. The contribution of any useful modifications or extensions
81 // to Wei Dai is not required but would also be appreciated.
82 //
83 ////////////////////////////////////////////////////////////////////////////////
85 #ifndef CRYPTOPP_H
86 #define CRYPTOPP_H
88 #include <inttypes.h>
89 #include <caml/config.h>
90 #include <stdio.h>
92 ////////////////////////////////////////////////////////////////////////////////
93 #ifndef CRYPTOPP_CONFIG_H5392
94 #define CRYPTOPP_CONFIG_H
96 // ***************** Important Settings ********************
98 // define this if running on a little-endian CPU
99 // big endian will be assumed if IS_LITTLE_ENDIAN is not defined
100 #ifndef ARCH_BIG_ENDIAN
101 # define IS_LITTLE_ENDIAN
102 #endif
104 // override #define in caml/compatibility.h
105 #undef flush
107 // define this if you want to disable all OS-dependent features,
108 // such as sockets and OS-provided random number generators
109 // #define NO_OS_DEPENDENCE
111 // Define this to use features provided by Microsoft's CryptoAPI.
112 // Currently the only feature used is random number generation.
113 // This macro will be ignored if NO_OS_DEPENDENCE is defined.
114 #define USE_MS_CRYPTOAPI
116 // Define this to 1 to enforce the requirement in FIPS 186-2 Change Notice 1 that only 1024 bit moduli be used
117 #ifndef DSA_1024_BIT_MODULUS_ONLY
118 # define DSA_1024_BIT_MODULUS_ONLY 1
119 #endif
121 // ***************** Less Important Settings ***************
123 #define GZIP_OS_CODE 0
125 // Try this if your CPU has 256K internal cache or a slow multiply instruction
126 // and you want a (possibly) faster IDEA implementation using log tables
127 // #define IDEA_LARGECACHE
129 // Define this if, for the linear congruential RNG, you want to use
130 // the original constants as specified in S.K. Park and K.W. Miller's
131 // CACM paper.
132 // #define LCRNG_ORIGINAL_NUMBERS
134 // choose which style of sockets to wrap (mostly useful for cygwin which has both)
135 #define PREFER_BERKELEY_STYLE_SOCKETS
136 // #define PREFER_WINDOWS_STYLE_SOCKETS
138 // ***************** Important Settings Again ********************
139 // But the defaults should be ok.
141 // namespace support is now required
142 #ifdef NO_NAMESPACE
143 # error namespace support is now required
144 #endif
146 // Define this to workaround a Microsoft CryptoAPI bug where
147 // each call to CryptAcquireContext causes a 100 KB memory leak.
148 // Defining this will cause Crypto++ to make only one call to CryptAcquireContext.
149 #define WORKAROUND_MS_BUG_Q258000
151 #ifdef CRYPTOPP_DOXYGEN_PROCESSING
152 // Avoid putting "CryptoPP::" in front of everything in Doxygen output
153 # define CryptoPP
154 # define NAMESPACE_BEGIN(x)
155 # define NAMESPACE_END
156 // Get Doxygen to generate better documentation for these typedefs
157 # define DOCUMENTED_TYPEDEF(x, y) class y : public x {};
158 #else
159 # define NAMESPACE_BEGIN(x) namespace x {
160 # define NAMESPACE_END }
161 # define DOCUMENTED_TYPEDEF(x, y) typedef x y;
162 #endif
163 #define ANONYMOUS_NAMESPACE_BEGIN namespace {
164 #define USING_NAMESPACE(x) using namespace x;
165 #define DOCUMENTED_NAMESPACE_BEGIN(x) namespace x {
166 #define DOCUMENTED_NAMESPACE_END }
168 // What is the type of the third parameter to bind?
169 // For Unix, the new standard is ::socklen_t (typically unsigned int), and the old standard is int.
170 // Unfortunately there is no way to tell whether or not socklen_t is defined.
171 // To work around this, TYPE_OF_SOCKLEN_T is a macro so that you can change it from the makefile.
172 #ifndef TYPE_OF_SOCKLEN_T
173 # if defined(_WIN32) || defined(__CYGWIN__) || defined(__MACH__)
174 # define TYPE_OF_SOCKLEN_T int
175 # else
176 # define TYPE_OF_SOCKLEN_T ::socklen_t
177 # endif
178 #endif
180 #if defined(__CYGWIN__) && defined(PREFER_WINDOWS_STYLE_SOCKETS)
181 # define __USE_W32_SOCKETS
182 #endif
184 typedef unsigned char byte; // put in global namespace to avoid ambiguity with other byte typedefs
191 #if defined(__GNUC__) || defined(__MWERKS__)
192 #define WORD64_AVAILABLE
194 #define W64LIT(x) x##LL
195 #elif defined(_MSC_VER) || defined(__BCPLUSPLUS__)
196 #define WORD64_AVAILABLE
198 #define W64LIT(x) x##ui64
199 #endif
201 // define largest word type
202 #ifdef WORD64_AVAILABLE
204 #else
206 #endif
208 #if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64)
209 // These platforms have 64-bit CPU registers. Unfortunately most C++ compilers doesn't
210 // allow any way to access the 64-bit by 64-bit multiply instruction without using
211 // assembly, so in order to use word64 as word, the assembly instruction must be defined
212 // in Dword::Multiply().
215 #else
216 #define CRYPTOPP_NATIVE_DWORD_AVAILABLE
217 #ifdef WORD64_AVAILABLE
218 #define CRYPTOPP_SLOW_WORD64 // defined this if your CPU is not 64-bit to use alternative code that avoids word64
222 #else
226 #endif
227 #endif
232 #if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
233 #define INTEL_INTRINSICS
234 #define FAST_ROTATE
235 #elif defined(__MWERKS__) && TARGET_CPU_PPC
236 #define PPC_INTRINSICS
237 #define FAST_ROTATE
238 #elif defined(__GNUC__) && defined(__i386__)
239 // GCC does peephole optimizations which should result in using rotate instructions
240 #define FAST_ROTATE
241 #endif
243 NAMESPACE_END
245 // VC60 workaround: it doesn't allow typename in some places
246 #if defined(_MSC_VER) && (_MSC_VER < 1300)
247 #define CPP_TYPENAME
248 #else
249 #define CPP_TYPENAME typename
250 #endif
252 #define CRYPTOPP_NO_VTABLE
254 #ifdef _MSC_VER
255 // 4231: nonstandard extension used : 'extern' before template explicit instantiation
256 // 4250: dominance
257 // 4251: member needs to have dll-interface
258 // 4275: base needs to have dll-interface
259 // 4660: explicitly instantiating a class that's already implicitly instantiated
260 // 4661: no suitable definition provided for explicit template instantiation request
261 // 4786: identifer was truncated in debug information
262 // 4355: 'this' : used in base member initializer list
263 # pragma warning(disable: 4231 4250 4251 4275 4660 4661 4786 4355)
264 #endif
266 #if (defined(_MSC_VER) && _MSC_VER <= 1300) || defined(__MWERKS__) || defined(_STLPORT_VERSION)
267 #define CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION
268 #endif
270 #ifndef CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION
271 #define CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE
272 #endif
274 // CodeWarrior defines _MSC_VER
275 #if !defined(CRYPTOPP_DISABLE_X86ASM) && ((defined(_MSC_VER) && !defined(__MWERKS__) && defined(_M_IX86)) || (defined(__GNUC__) && defined(__i386__)))
276 // The x86 version of MacOSX fails when asm is enabled.
277 #if !defined(__i386__) || !defined(__APPLE__)
278 #define CRYPTOPP_X86ASM_AVAILABLE
279 #endif
280 #endif
282 // ***************** determine availability of OS features ********************
284 #ifndef NO_OS_DEPENDENCE
286 #if defined(_WIN32) || defined(__CYGWIN__)
287 #define CRYPTOPP_WIN32_AVAILABLE
288 #endif
290 #if defined(__unix__) || defined(__MACH__) || defined(__NetBSD__) || defined(__BEOS__) || defined(__MORPHOS__)
291 #define CRYPTOPP_UNIX_AVAILABLE
292 #endif
294 #if defined(WORD64_AVAILABLE) && (defined(CRYPTOPP_WIN32_AVAILABLE) || defined(CRYPTOPP_UNIX_AVAILABLE))
295 # define HIGHRES_TIMER_AVAILABLE
296 #endif
298 #ifdef CRYPTOPP_UNIX_AVAILABLE
299 # define HAS_BERKELEY_STYLE_SOCKETS
300 #endif
302 #ifdef CRYPTOPP_WIN32_AVAILABLE
303 # define HAS_WINDOWS_STYLE_SOCKETS
304 #endif
306 #if defined(HIGHRES_TIMER_AVAILABLE) && (defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(HAS_WINDOWS_STYLE_SOCKETS))
307 # define SOCKETS_AVAILABLE
308 #endif
310 #if defined(HAS_WINDOWS_STYLE_SOCKETS) && (!defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(PREFER_WINDOWS_STYLE_SOCKETS))
311 # define USE_WINDOWS_STYLE_SOCKETS
312 #else
313 # define USE_BERKELEY_STYLE_SOCKETS
314 #endif
316 #if defined(CRYPTOPP_WIN32_AVAILABLE) && !defined(USE_BERKELEY_STYLE_SOCKETS)
317 # define WINDOWS_PIPES_AVAILABLE
318 #endif
320 #if defined(CRYPTOPP_WIN32_AVAILABLE) && defined(USE_MS_CRYPTOAPI)
321 # define NONBLOCKING_RNG_AVAILABLE
322 # define OS_RNG_AVAILABLE
323 #endif
325 #if defined(CRYPTOPP_UNIX_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
326 # define NONBLOCKING_RNG_AVAILABLE
327 # define BLOCKING_RNG_AVAILABLE
328 # define OS_RNG_AVAILABLE
329 # define HAS_PTHREADS
330 # define THREADS_AVAILABLE
331 #endif
333 #ifdef CRYPTOPP_WIN32_AVAILABLE
334 # define HAS_WINTHREADS
335 # define THREADS_AVAILABLE
336 #endif
338 #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
339 # define CRYPTOPP_MALLOC_ALIGNMENT_IS_16
340 #endif
342 #if defined(__linux__) || defined(__sun__) || defined(__CYGWIN__)
343 # define CRYPTOPP_MEMALIGN_AVAILABLE
344 #endif
348 // ***************** DLL related ********************
350 #define CRYPTOPP_DLL
351 #define CRYPTOPP_API
352 #define CRYPTOPP_CDECL
354 #if defined(CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES) && !defined(CRYPTOPP_EXPORTS)
355 #define CRYPTOPP_STATIC_TEMPLATE_CLASS template class
356 #elif defined(__MWERKS__)
357 #define CRYPTOPP_STATIC_TEMPLATE_CLASS extern class
358 #else
359 #define CRYPTOPP_STATIC_TEMPLATE_CLASS extern template class
360 #endif
362 #endif
363 ////////////////////////////////////////////////////////////////////////////////
367 ////////////////////////////////////////////////////////////////////////////////
368 #ifndef CRYPTOPP_STDCPP_H
369 #define CRYPTOPP_STDCPP_H
371 #include <stddef.h>
372 #include <assert.h>
373 #include <limits.h>
374 #include <memory>
375 #include <string>
376 #include <exception>
377 #include <typeinfo>
378 #include <string.h>
381 #ifdef _MSC_VER
382 #include <algorithm>
383 #include <map>
384 #include <vector>
385 #include <locale>
387 // re-disable this
388 #pragma warning(disable: 4231)
389 #endif
391 #if defined(_MSC_VER) && defined(_CRTAPI1)
392 #define CRYPTOPP_MSVCRT6
393 #endif
395 #endif
396 ////////////////////////////////////////////////////////////////////////////////
400 ////////////////////////////////////////////////////////////////////////////////
401 // cryptlib.h - written and placed in the public domain by Wei Dai
402 /*! \file
403 This file contains the declarations for the abstract base
404 classes that provide a uniform interface to this library.
405 */
407 /*! \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>TM</small></sup> Library 5.2.1 Reference Manual
408 <dl>
409 <dt>Abstract Base Classes<dd>
410 cryptlib.h
411 <dt>Symmetric Ciphers<dd>
412 SymmetricCipherDocumentation
413 <dt>Hash Functions<dd>
414 HAVAL, MD2, MD4, MD5, PanamaHash, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, SHA, SHA256, SHA384, SHA512, Tiger, Whirlpool
415 <dt>Non-Cryptographic Checksums<dd>
416 CRC32, Adler32
417 <dt>Message Authentication Codes<dd>
418 #MD5MAC, XMACC, HMAC, CBC_MAC, DMAC, PanamaMAC, TTMAC
419 <dt>Random Number Generators<dd>
420 NullRNG(), LC_RNG, RandomPool, BlockingRng, NonblockingRng, AutoSeededRandomPool, AutoSeededX917RNG
421 <dt>Password-based Cryptography<dd>
422 PasswordBasedKeyDerivationFunction
423 <dt>Public Key Cryptosystems<dd>
424 DLIES, ECIES, LUCES, RSAES, RabinES, LUC_IES
425 <dt>Public Key Signature Schemes<dd>
426 DSA, GDSA, ECDSA, NR, ECNR, LUCSS, RSASS, RabinSS, RWSS, ESIGN
427 <dt>Key Agreement<dd>
428 #DH, DH2, #MQV, ECDH, ECMQV, XTR_DH
429 <dt>Algebraic Structures<dd>
430 Integer, PolynomialMod2, PolynomialOver, RingOfPolynomialsOver,
431 ModularArithmetic, MontgomeryRepresentation, GFP2_ONB,
432 GF2NP, GF256, GF2_32, EC2N, ECP
433 <dt>Secret Sharing and Information Dispersal<dd>
434 SecretSharing, SecretRecovery, InformationDispersal, InformationRecovery
435 <dt>Compression<dd>
436 Deflator, Inflator, Gzip, Gunzip, ZlibCompressor, ZlibDecompressor
437 <dt>Input Source Classes<dd>
438 StringSource, FileSource, SocketSource, WindowsPipeSource, RandomNumberSource
439 <dt>Output Sink Classes<dd>
440 StringSinkTemplate, ArraySink, FileSink, SocketSink, WindowsPipeSink
441 <dt>Filter Wrappers<dd>
442 StreamTransformationFilter, HashFilter, HashVerificationFilter, SignerFilter, SignatureVerificationFilter
443 <dt>Binary to Text Encoders and Decoders<dd>
444 HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base32Encoder, Base32Decoder
445 <dt>Wrappers for OS features<dd>
446 Timer, Socket, WindowsHandle, ThreadLocalStorage, ThreadUserTimer
447 <dt>FIPS 140 related<dd>
448 fips140.h
449 </dl>
451 In the FIPS 140-2 validated DLL version of Crypto++, only the following implementation class are available.
452 <dl>
453 <dt>Block Ciphers<dd>
454 AES, DES_EDE2, DES_EDE3, SKIPJACK
455 <dt>Cipher Modes (replace template parameter BC with one of the block ciphers above)<dd>
456 ECB_Mode\<BC\>, CTR_Mode\<BC\>, CBC_Mode\<BC\>, CFB_Mode\<BC\>, OFB_Mode\<BC\>
457 <dt>Hash Functions<dd>
458 SHA
459 <dt>Public Key Signature Schemes<dd>
460 RSASS\<PKCS1v15, SHA\>, DSA, ECDSA\<ECP, SHA\>, ECDSA\<EC2N, SHA\>
461 <dt>Message Authentication Codes<dd>
462 HMAC\<SHA\>, CBC_MAC\<DES_EDE2\>, CBC_MAC\<DES_EDE3\>
463 <dt>Random Number Generators<dd>
464 AutoSeededX917RNG\<DES_EDE3\>
465 <dt>Key Agreement<dd>
466 #DH
467 <dt>Public Key Cryptosystems<dd>
468 RSAES\<OAEP\<SHA\> \>
469 </dl>
471 <p>This reference manual is a work in progress. Some classes are still lacking detailed descriptions.
472 <p>Click <a href="CryptoPPRef.zip">here</a> to download a zip archive containing this manual.
473 <p>Thanks to Ryan Phillips for providing the Doxygen configuration file
474 and getting me started with this manual.
475 */
477 #ifndef CRYPTOPP_CRYPTLIB_H
478 #define CRYPTOPP_CRYPTLIB_H
480 //- #include "config.h"
481 //- #include "stdcpp.h"
485 // forward declarations
488 //! used to specify a direction for a cipher to operate in (encrypt or decrypt)
491 // VC60 workaround: using enums as template parameters causes problems
493 struct EnumToType
494 {
496 };
502 //! base class for all exceptions thrown by Crypto++
504 {
506 //! error types
508 //! a method is not implemented
509 NOT_IMPLEMENTED,
510 //! invalid function argument
511 INVALID_ARGUMENT,
512 //! BufferedTransformation received a Flush(true) signal but can't flush buffers
513 CANNOT_FLUSH,
514 //! data integerity check (such as CRC or MAC) failed
515 DATA_INTEGRITY_CHECK_FAILED,
516 //! received input data that doesn't conform to expected format
517 INVALID_DATA_FORMAT,
518 //! error reading from input device or writing to output device
519 IO_ERROR,
520 //! some error not belong to any of the above categories
521 OTHER_ERROR
522 };
524 explicit Exception(ErrorType errorType, const std::string &s) : m_errorType(errorType), m_what(s) {}
533 ErrorType m_errorType;
535 };
537 //! exception thrown when an invalid argument is detected
539 {
542 };
544 //! exception thrown by decryption filters when trying to decrypt an invalid ciphertext
546 {
549 };
551 //! exception thrown by a class if a non-implemented method is called
553 {
556 };
558 //! exception thrown by a class when Flush(true) is called but it can't completely flush its buffers
560 {
563 };
565 //! error reported by the operating system
567 {
569 OS_Error(ErrorType errorType, const std::string &s, const std::string& operation, int errorCode)
573 // the operating system API that reported the error
575 // the error code return by the operating system
581 };
583 //! used to return decoding results
584 struct CRYPTOPP_DLL DecodingResult
585 {
589 bool operator==(const DecodingResult &rhs) const {return isValidCoding == rhs.isValidCoding && messageLength == rhs.messageLength;}
595 };
597 //! interface for retrieving values given their names
598 /*! \note This class is used to safely pass a variable number of arbitrarily typed arguments to functions
599 and to read values from keys and crypto parameters.
600 \note To obtain an object that implements NameValuePairs for the purpose of parameter
601 passing, use the MakeParameters() function.
602 \note To get a value from NameValuePairs, you need to know the name and the type of the value.
603 Call GetValueNames() on a NameValuePairs object to obtain a list of value names that it supports.
604 Then look at the Name namespace documentation to see what the type of each value is, or
605 alternatively, call GetIntValue() with the value name, and if the type is not int, a
606 ValueTypeMismatch exception will be thrown and you can get the actual type from the exception object.
607 */
608 class CRYPTOPP_NO_VTABLE NameValuePairs
609 {
613 //! exception thrown when trying to retrieve a value using a different type than expected
615 {
617 ValueTypeMismatch(const std::string &name, const std::type_info &stored, const std::type_info &retrieving)
618 : InvalidArgument("NameValuePairs: type mismatch for '" + name + "', stored '" + stored.name() + "', trying to retrieve '" + retrieving.name() + "'")
627 };
629 //! get a copy of this object or a subobject of it
632 {
634 }
636 //! get a pointer to this object, as a pointer to T
639 {
641 }
643 //! get a named value, returns true if the name exists
646 {
648 }
650 //! get a named value, returns the default if the name doesn't exist
653 {
656 }
658 //! get a list of value names that can be retrieved
662 //! get a named value with type int
663 /*! used to ensure we don't accidentally try to get an unsigned int
664 or some other type when we mean int (which is the most common case) */
668 //! get a named value with type int, with default
672 //! used by derived classes to check for type mismatch
673 CRYPTOPP_DLL static void ThrowIfTypeMismatch(const char *name, const std::type_info &stored, const std::type_info &retrieving)
678 {
681 }
683 CRYPTOPP_DLL void GetRequiredIntParameter(const char *className, const char *name, int &value) const
684 {
687 }
689 //! to be implemented by derived classes, users should use one of the above functions instead
690 CRYPTOPP_DLL virtual bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const =0;
691 };
693 //! empty set of name-value pairs
695 {
697 bool GetVoidValue(const char* /* name */, const std::type_info& /* valueType */, void* /* pValue */) const {return false;}
698 };
700 //! _
703 // ********************************************************
705 //! interface for cloning objects, this is not implemented by most classes yet
706 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Clonable
707 {
710 //! this is not implemented by most classes yet
711 virtual Clonable* Clone() const {throw NotImplemented("Clone() is not implemented yet.");} // TODO: make this =0
712 };
714 //! interface for all crypto algorithms
717 {
719 /*! When FIPS 140-2 compliance is enabled and checkSelfTestStatus == true,
720 this constructor throws SelfTestFailure if the self test hasn't been run or fails. */
722 //! returns name of this algorithm, not universally implemented yet
724 };
726 //! keying interface for crypto algorithms that take byte strings as keys
728 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyingInterface
729 {
733 //! returns smallest valid key length in bytes */
735 //! returns largest valid key length in bytes */
737 //! returns default (recommended) key length in bytes */
740 //! returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength())
743 //! returns whether n is a valid key length
747 //! set or reset the key of this object
748 /*! \param params is used to specify Rounds, BlockSize, etc */
749 virtual void SetKey(const byte *key, unsigned int length, const NameValuePairs ¶ms = g_nullNameValuePairs) =0;
751 //! calls SetKey() with an NameValuePairs object that just specifies "Rounds"
754 //! calls SetKey() with an NameValuePairs object that just specifies "IV"
757 enum IV_Requirement {STRUCTURED_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV, NOT_RESYNCHRONIZABLE};
758 //! returns the minimal requirement for secure IVs
761 //! returns whether this object can be resynchronized (i.e. supports initialization vectors)
762 /*! If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed. */
764 //! returns whether this object can use random IVs (in addition to ones returned by GetNextIV)
766 //! returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
768 //! returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
771 //! returns size of IVs used by this object
772 virtual unsigned int IVSize() const {throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
773 //! resynchronize with an IV
774 virtual void Resynchronize(const byte* /* IV */) {throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
775 //! get a secure IV for the next message
776 /*! This method should be called after you finish encrypting one message and are ready to start the next one.
777 After calling it, you must call SetKey() or Resynchronize() before using this object again.
778 This method is not implemented on decryption objects. */
779 virtual void GetNextIV(byte* /* IV */) {throw NotImplemented("SimpleKeyingInterface: this object doesn't support GetNextIV()");}
788 {
790 }
791 };
793 //! interface for the data processing part of block ciphers
795 /*! Classes derived from BlockTransformation are block ciphers
796 in ECB mode (for example the DES::Encryption class), which are stateless,
797 and they can make assumptions about the memory alignment of their inputs and outputs.
798 These classes should not be used directly, but only in combination with
799 a mode class (see CipherModeDocumentation in modes.h).
800 */
802 {
804 //! encrypt or decrypt inBlock, xor with xorBlock, and write to outBlock
805 virtual void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const =0;
807 //! encrypt or decrypt one block
808 /*! \pre size of inBlock and outBlock == BlockSize() */
812 //! encrypt or decrypt one block in place
816 //! block size of the cipher in bytes
819 //! block pointers must be divisible by this
822 //! returns true if this is a permutation (i.e. there is an inverse transformation)
825 //! returns true if this is an encryption object
828 //! return number of blocks that can be processed in parallel, for bit-slicing implementations
831 //! encrypt or decrypt multiple blocks, for bit-slicing implementations
832 virtual void ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, unsigned int numberOfBlocks) const;
833 };
835 //! interface for the data processing part of stream ciphers
838 {
840 //! return a reference to this object,
841 /*! This function is useful for passing a temporary StreamTransformation object to a
842 function that takes a non-const reference. */
845 //! returns block size, if input must be processed in blocks, otherwise 1
848 //! returns the input block size that is most efficient for this cipher
849 /*! \note optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0 */
851 //! returns how much of the current block is used up
854 //! returns how input should be aligned for optimal performance
857 //! encrypt or decrypt an array of bytes of specified length
858 /*! \note either inString == outString, or they don't overlap */
861 //! for ciphers where the last block of data is special, encrypt or decrypt the last block of data
862 /*! For now the only use of this function is for CBC-CTS mode. */
864 //! returns the minimum size of the last block, 0 indicating the last block is not special
867 //! same as ProcessData(inoutString, inoutString, length)
870 //! same as ProcessData(outString, inString, length)
873 //! implemented as {ProcessData(&input, &input, 1); return input;}
877 //! returns whether this cipher supports random access
879 //! for random access ciphers, seek to an absolute position
881 {
884 }
886 //! returns whether this transformation is self-inverting (e.g. xor with a keystream)
888 //! returns whether this is an encryption object
890 };
892 //! interface for hash functions and data processing part of MACs
894 /*! HashTransformation objects are stateful. They are created in an initial state,
895 change state as Update() is called, and return to the initial
896 state when Final() is called. This interface allows a large message to
897 be hashed in pieces by calling Update() on each piece followed by
898 calling Final().
899 */
901 {
903 //! process more input
906 //! request space to write input into
909 //! compute hash for current message, then restart for a new message
910 /*! \pre size of digest == DigestSize(). */
914 //! discard the current state, and restart with a new message
918 //! size of the hash returned by Final()
921 //! block size of underlying compression function, or 0 if not block based
924 //! input to Update() should have length a multiple of this for optimal speed
927 //! returns how input should be aligned for optimal performance
930 //! use this if your input is in one piece and you don't want to call Update() and Final() separately
934 //! verify that digest is a valid digest for the current message, then reinitialize the object
935 /*! Default implementation is to call Final() and do a bitwise comparison
936 between its output and digest. */
940 //! use this if your input is in one piece and you don't want to call Update() and Verify() separately
944 //! truncated version of Final()
947 //! truncated version of CalculateDigest()
948 virtual void CalculateTruncatedDigest(byte *digest, unsigned int digestSize, const byte *input, unsigned int length)
951 //! truncated version of Verify()
954 //! truncated version of VerifyDigest()
955 virtual bool VerifyTruncatedDigest(const byte *digest, unsigned int digestLength, const byte *input, unsigned int length)
960 };
965 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyedTransformation : public T, public SimpleKeyingInterface
966 {
970 };
976 //! interface for random number generators
977 /*! All return values are uniformly distributed over the range specified.
978 */
980 {
982 //! generate new random byte and return it
985 //! generate new random bit and return it
986 /*! Default implementation is to call GenerateByte() and return its parity. */
989 //! generate a random 32 bit word in the range min to max, inclusive
992 //! generate random array of bytes
993 /*! Default implementation is to call GenerateByte() size times. */
996 //! generate and discard n bytes
997 /*! Default implementation is to call GenerateByte() n times. */
1000 //! randomly shuffle the specified array, resulting permutation is uniformly distributed
1002 {
1005 }
1007 };
1009 //! returns a reference that can be passed to functions that ask for a RNG but doesn't actually use it
1014 //! interface for objects that you can wait for
1016 class CRYPTOPP_NO_VTABLE Waitable
1017 {
1021 //! maximum number of wait objects that this object can return
1023 //! put wait objects into container
1025 //! wait on this object
1026 /*! same as creating an empty container, calling GetWaitObjects(), and calling Wait() on the container */
1028 };
1030 //! interface for buffered transformations
1032 /*! BufferedTransformation is a generalization of BlockTransformation,
1033 StreamTransformation, and HashTransformation.
1035 A buffered transformation is an object that takes a stream of bytes
1036 as input (this may be done in stages), does some computation on them, and
1037 then places the result into an internal buffer for later retrieval. Any
1038 partial result already in the output buffer is not modified by further
1039 input.
1041 If a method takes a "blocking" parameter, and you
1042 pass "false" for it, the method will return before all input has been processed if
1043 the input cannot be processed without waiting (for network buffers to become available, for example).
1044 In this case the method will return true
1045 or a non-zero integer value. When this happens you must continue to call the method with the same
1046 parameters until it returns false or zero, before calling any other method on it or
1047 attached BufferedTransformation. The integer return value in this case is approximately
1048 the number of bytes left to be processed, and can be used to implement a progress bar.
1050 For functions that take a "propagation" parameter, propagation != 0 means pass on the signal to attached
1051 BufferedTransformation objects, with propagation decremented at each step until it reaches 0.
1052 -1 means unlimited propagation.
1054 \nosubgrouping
1055 */
1056 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE BufferedTransformation : public Algorithm, public Waitable
1057 {
1059 // placed up here for CW8
1064 //! return a reference to this object
1065 /*! This function is useful for passing a temporary BufferedTransformation object to a
1066 function that takes a non-const reference. */
1069 //! \name INPUT
1070 //@{
1071 //! input a byte for processing
1074 //! input multiple bytes
1078 //! input a 16-bit word
1080 //! input a 32-bit word
1083 //! request space which can be written into by the caller, and then used as input to Put()
1084 /*! \param size is requested size (as a hint) for input, and size of the returned space for output */
1085 /*! \note The purpose of this method is to help avoid doing extra memory allocations. */
1090 //! input multiple bytes that may be modified by callee
1096 unsigned int PutMessageEnd(const byte *inString, unsigned int length, int propagation=-1, bool blocking=true)
1099 //! input multiple bytes for blocking or non-blocking processing
1100 /*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
1101 virtual unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking) =0;
1102 //! input multiple bytes that may be modified by callee for blocking or non-blocking processing
1103 /*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
1104 virtual unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking)
1107 //! thrown by objects that have not implemented nonblocking input processing
1109 {BlockingInputOnly(const std::string &s) : NotImplemented(s + ": Nonblocking input is not implemented by this object.") {}};
1110 //@}
1112 //! \name WAITING
1113 //@{
1116 //@}
1118 //! \name SIGNALS
1119 //@{
1120 virtual void IsolatedInitialize(const NameValuePairs& /* parameters */) {throw NotImplemented("BufferedTransformation: this object can't be reinitialized");}
1124 //! initialize or reinitialize this object
1125 virtual void Initialize(const NameValuePairs ¶meters=g_nullNameValuePairs, int propagation=-1);
1126 //! flush buffered input and/or output
1127 /*! \param hardFlush is used to indicate whether all data should be flushed
1128 \note Hard flushes must be used with care. It means try to process and output everything, even if
1129 there may not be enough data to complete the action. For example, hard flushing a HexDecoder would
1130 cause an error if you do it after inputing an odd number of hex encoded characters.
1131 For some types of filters, for example ZlibDecompressor, hard flushes can only
1132 be done at "synchronization points". These synchronization points are positions in the data
1133 stream that are created by hard flushes on the corresponding reverse filters, in this
1134 example ZlibCompressor. This is useful when zlib compressed data is moved across a
1135 network in packets and compression state is preserved across packets, as in the ssh2 protocol.
1136 */
1138 //! mark end of a series of messages
1139 /*! There should be a MessageEnd immediately before MessageSeriesEnd. */
1142 //! set propagation of automatically generated and transferred signals
1143 /*! propagation == 0 means do not automaticly generate signals */
1146 //!
1150 //@}
1152 //! \name RETRIEVAL OF ONE MESSAGE
1153 //@{
1154 //! returns number of bytes that is currently ready for retrieval
1155 /*! All retrieval functions return the actual number of bytes
1156 retrieved, which is the lesser of the request number and
1157 MaxRetrievable(). */
1160 //! returns whether any bytes are currently ready for retrieval
1163 //! try to retrieve a single byte
1165 //! try to retrieve multiple bytes
1168 //! peek at the next byte without removing it from the output buffer
1170 //! peek at multiple bytes without removing them from the output buffer
1173 //! try to retrieve a 16-bit word
1175 //! try to retrieve a 32-bit word
1178 //! try to peek at a 16-bit word
1180 //! try to peek at a 32-bit word
1183 //! move transferMax bytes of the buffered output to target as input
1184 unsigned long TransferTo(BufferedTransformation &target, unsigned long transferMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL)
1187 //! discard skipMax bytes from the output buffer
1190 //! copy copyMax bytes of the buffered output to target as input
1191 unsigned long CopyTo(BufferedTransformation &target, unsigned long copyMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL) const
1194 //! copy copyMax bytes of the buffered output, starting at position (relative to current position), to target as input
1195 unsigned long CopyRangeTo(BufferedTransformation &target, unsigned long position, unsigned long copyMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL) const
1198 //@}
1200 //! \name RETRIEVAL OF MULTIPLE MESSAGES
1201 //@{
1202 //!
1204 //! number of times MessageEnd() has been received minus messages retrieved or skipped
1206 //! returns true if NumberOfMessages() > 0
1208 //! start retrieving the next message
1209 /*!
1210 Returns false if no more messages exist or this message
1211 is not completely retrieved.
1212 */
1214 //! skip count number of messages
1216 //!
1217 unsigned int TransferMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL)
1219 //!
1220 unsigned int CopyMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL) const;
1222 //!
1224 //!
1227 //!
1233 //@}
1235 //! \name NON-BLOCKING TRANSFER OF OUTPUT
1236 //@{
1237 virtual unsigned int TransferTo2(BufferedTransformation &target, unsigned long &byteCount, const std::string &channel=NULL_CHANNEL, bool blocking=true) =0;
1238 virtual unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const =0;
1239 unsigned int TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel=NULL_CHANNEL, bool blocking=true);
1240 unsigned int TransferAllTo2(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL, bool blocking=true);
1241 //@}
1243 //! \name CHANNELS
1244 //@{
1246 {NoChannelSupport() : NotImplemented("BufferedTransformation: this object doesn't support multiple channels") {}};
1250 unsigned int ChannelPut(const std::string &channel, const byte *inString, unsigned int length, bool blocking=true)
1253 unsigned int ChannelPutModifiable(const std::string &channel, byte *inString, unsigned int length, bool blocking=true)
1256 unsigned int ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
1257 unsigned int ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
1261 unsigned int ChannelPutMessageEnd(const std::string &channel, const byte *inString, unsigned int length, int propagation=-1, bool blocking=true)
1262 {return ChannelPut2(channel, inString, length, propagation < 0 ? -1 : propagation+1, blocking);}
1266 virtual unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking);
1267 virtual unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking);
1269 virtual bool ChannelFlush(const std::string &channel, bool hardFlush, int propagation=-1, bool blocking=true);
1270 virtual bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true);
1273 //@}
1275 //! \name ATTACHMENT
1276 /*! Some BufferedTransformation objects (e.g. Filter objects)
1277 allow other BufferedTransformation objects to be attached. When
1278 this is done, the first object instead of buffering its output,
1279 sents that output to the attached object as input. The entire
1280 attachment chain is deleted when the anchor object is destructed.
1281 */
1282 //@{
1283 //! returns whether this object allows attachment
1285 //! returns the object immediately attached to this object or NULL for no attachment
1287 //!
1290 //! delete the current attachment chain and replace it with newAttachment
1292 {assert(!Attachable()); throw NotImplemented("BufferedTransformation: this object is not attachable");}
1293 //! add newAttachment to the end of attachment chain
1295 //@}
1300 };
1302 //! returns a reference to a BufferedTransformation object that discards all input
1305 //! interface for crypto material, such as public and private keys, and crypto parameters
1308 {
1310 //! exception thrown when invalid crypto material is detected
1312 {
1315 };
1317 //! assign values from source to this object
1318 /*! \note This function can be used to create a public key from a private key. */
1321 //! check this object for errors
1322 /*! \param level denotes the level of thoroughness:
1323 0 - using this object won't cause a crash or exception (rng is ignored)
1324 1 - this object will probably function (encrypt, sign, etc.) correctly (but may not check for weak keys and such)
1325 2 - make sure this object will function correctly, and do reasonable security checks
1326 3 - do checks that may take a long time
1327 \return true if the tests pass */
1330 //! throws InvalidMaterial if this object fails Validate() test
1332 {if (!Validate(rng, level)) throw InvalidMaterial("CryptoMaterial: this object contains invalid values");}
1334 // virtual std::vector<std::string> GetSupportedFormats(bool includeSaveOnly=false, bool includeLoadOnly=false);
1336 //! save key into a BufferedTransformation
1340 //! load key from a BufferedTransformation
1341 /*! \throws KeyingErr if decode fails
1342 \note Generally does not check that the key is valid.
1343 Call ValidateKey() or ThrowIfInvalidKey() to check that. */
1347 //! \return whether this object supports precomputation
1349 //! do precomputation
1350 /*! The exact semantics of Precompute() is varies, but
1351 typically it means calculate a table of n objects
1352 that can be used later to speed up computation. */
1354 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
1355 //! retrieve previously saved precomputation
1357 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
1358 //! save precomputation for later use
1360 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
1362 // for internal library use
1364 };
1366 //! interface for generatable crypto material, such as private keys and crypto parameters
1368 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE GeneratableCryptoMaterial : virtual public CryptoMaterial
1369 {
1371 //! generate a random key or crypto parameters
1372 /*! \throws KeyingErr if algorithm parameters are invalid, or if a key can't be generated
1373 (e.g., if this is a public key object) */
1374 virtual void GenerateRandom(RandomNumberGenerator& /* rng */, const NameValuePairs& /* params */ = g_nullNameValuePairs)
1375 {throw NotImplemented("GeneratableCryptoMaterial: this object does not support key/parameter generation");}
1377 //! calls the above function with a NameValuePairs object that just specifies "KeySize"
1379 };
1381 //! interface for public keys
1384 {
1385 };
1387 //! interface for private keys
1390 {
1391 };
1393 //! interface for asymmetric algorithms
1396 {
1398 //! returns a reference to the crypto material used by this object
1400 //! returns a const reference to the crypto material used by this object
1403 //! for backwards compatibility, calls AccessMaterial().Load(bt)
1406 //! for backwards compatibility, calls GetMaterial().Save(bt)
1409 };
1411 //! interface for asymmetric algorithms using public keys
1414 {
1416 // VC60 workaround: no co-variant return type
1421 virtual const PublicKey & GetPublicKey() const {return const_cast<PublicKeyAlgorithm *>(this)->AccessPublicKey();}
1422 };
1424 //! interface for asymmetric algorithms using private keys
1427 {
1433 virtual const PrivateKey & GetPrivateKey() const {return const_cast<PrivateKeyAlgorithm *>(this)->AccessPrivateKey();}
1434 };
1436 /*! This class provides an interface common to encryptors and decryptors
1437 for querying their plaintext and ciphertext lengths.
1438 */
1439 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_CryptoSystem
1440 {
1444 //! maximum length of plaintext for a given ciphertext length
1445 /*! \note This function returns 0 if ciphertextLength is not valid (too long or too short). */
1448 //! calculate length of ciphertext given length of plaintext
1449 /*! \note This function returns 0 if plaintextLength is not valid (too long). */
1452 //! this object supports the use of the parameter with the given name
1453 /*! some possible parameter names: EncodingParameters, KeyDerivationParameters */
1456 //! return fixed ciphertext length, if one exists, otherwise return 0
1457 /*! \note "Fixed" here means length of ciphertext does not depend on length of plaintext.
1458 It usually does depend on the key length. */
1461 //! return maximum plaintext length given the fixed ciphertext length, if one exists, otherwise return 0
1464 };
1466 //! interface for public-key encryptors
1467 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Encryptor : virtual public PK_CryptoSystem, public PublicKeyAlgorithm
1468 {
1470 //! exception thrown when trying to encrypt plaintext of invalid length
1472 {
1475 };
1477 //! encrypt a byte string
1478 /*! \pre CiphertextLength(plaintextLength) != 0 (i.e., plaintext isn't too long)
1479 \pre size of ciphertext == CiphertextLength(plaintextLength)
1480 */
1485 //! create a new encryption filter
1486 /*! \note The caller is responsible for deleting the returned pointer.
1487 \note Encoding parameters should be passed in the "EP" channel.
1488 */
1490 BufferedTransformation *attachment=NULL, const NameValuePairs ¶meters = g_nullNameValuePairs) const;
1491 };
1493 //! interface for public-key signers and verifiers
1495 /*! This class provides an interface common to signers and verifiers
1496 for querying scheme properties.
1497 */
1498 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_SignatureScheme
1499 {
1501 //! invalid key exception, may be thrown by any function in this class if the private or public key has a length that can't be used
1503 {
1506 };
1508 //! key too short exception, may be thrown by any function in this class if the private or public key is too short to sign or verify anything
1510 {
1513 };
1517 //! signature length if it only depends on the key, otherwise 0
1520 //! maximum signature length produced for a given length of recoverable message part
1521 virtual unsigned int MaxSignatureLength(unsigned int /* recoverablePartLength */ = 0) const {return SignatureLength();}
1523 //! length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery
1526 //! length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery
1527 virtual unsigned int MaxRecoverableLengthFromSignatureLength(unsigned int signatureLength) const =0;
1529 //! requires a random number generator to sign
1530 /*! if this returns false, NullRNG() can be passed to functions that take RandomNumberGenerator & */
1533 //! whether or not a non-recoverable message part can be signed
1536 //! if this function returns true, during verification you must input the signature before the message, otherwise you can input it at anytime */
1539 //! whether you must input the recoverable part before the non-recoverable part during signing
1541 };
1543 //! interface for accumulating messages to be signed or verified
1544 /*! Only Update() should be called
1545 on this class. No other functions inherited from HashTransformation should be called.
1546 */
1548 {
1550 //! should not be called on PK_MessageAccumulator
1553 //! should not be called on PK_MessageAccumulator
1556 };
1558 //! interface for public-key signers
1560 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Signer : public PK_SignatureScheme, public PrivateKeyAlgorithm
1561 {
1563 //! create a new HashTransformation to accumulate the message to be signed
1566 virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const =0;
1568 //! sign and delete messageAccumulator (even in case of exception thrown)
1569 /*! \pre size of signature == MaxSignatureLength()
1570 \return actual signature length
1571 */
1572 virtual unsigned int Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
1574 //! sign and restart messageAccumulator
1575 /*! \pre size of signature == MaxSignatureLength()
1576 \return actual signature length
1577 */
1578 virtual unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
1580 //! sign a message
1581 /*! \pre size of signature == MaxSignatureLength()
1582 \return actual signature length
1583 */
1584 virtual unsigned int SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const;
1586 //! sign a recoverable message
1587 /*! \pre size of signature == MaxSignatureLength(recoverableMessageLength)
1588 \return actual signature length
1589 */
1590 virtual unsigned int SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, unsigned int recoverableMessageLength,
1591 const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, byte *signature) const;
1592 };
1594 //! interface for public-key signature verifiers
1595 /*! The Recover* functions throw NotImplemented if the signature scheme does not support
1596 message recovery.
1597 The Verify* functions throw InvalidDataFormat if the scheme does support message
1598 recovery and the signature contains a non-empty recoverable message part. The
1599 Recovery* functions should be used in that case.
1600 */
1601 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Verifier : public PK_SignatureScheme, public PublicKeyAlgorithm
1602 {
1604 //! create a new HashTransformation to accumulate the message to be verified
1607 //! input signature into a message accumulator
1608 virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const =0;
1610 //! check whether messageAccumulator contains a valid signature and message, and delete messageAccumulator (even in case of exception thrown)
1613 //! check whether messageAccumulator contains a valid signature and message, and restart messageAccumulator
1616 //! check whether input signature is a valid signature for input message
1620 //! recover a message from its signature
1621 /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
1622 */
1623 virtual DecodingResult Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const;
1625 //! recover a message from its signature
1626 /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
1627 */
1628 virtual DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const =0;
1630 //! recover a message from its signature
1631 /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
1632 */
1636 };
1638 //! interface for domains of authenticated key agreement protocols
1640 //! BER Decode Exception Class, may be thrown during an ASN1 BER decode operation
1642 {
1646 };
1648 //! interface for encoding and decoding ASN1 objects
1649 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE ASN1Object
1650 {
1653 //! decode this object from a BufferedTransformation, using BER (Basic Encoding Rules)
1655 //! encode this object into a BufferedTransformation, using DER (Distinguished Encoding Rules)
1657 //! encode this object into a BufferedTransformation, using BER
1658 /*! this may be useful if DEREncode() would be too inefficient */
1660 };
1662 NAMESPACE_END
1664 #endif
1665 ////////////////////////////////////////////////////////////////////////////////
1668 ////////////////////////////////////////////////////////////////////////////////
1669 #ifndef CRYPTOPP_SMARTPTR_H
1670 #define CRYPTOPP_SMARTPTR_H
1672 //- #include "config.h"
1673 #include <algorithm>
1678 {
1683 };
1686 {
1702 {
1706 }
1715 };
1720 NAMESPACE_END
1722 #endif
1723 ////////////////////////////////////////////////////////////////////////////////
1726 ////////////////////////////////////////////////////////////////////////////////
1727 #ifndef CRYPTOPP_MISC_H
1728 #define CRYPTOPP_MISC_H
1730 //- #include "cryptlib.h"
1731 //- #include "smartptr.h"
1733 #ifdef INTEL_INTRINSICS
1734 #include <stdlib.h>
1735 #endif
1739 // ************** compile-time assertion ***************
1747 #if defined(_WIN32) || defined(__CYGWIN__)
1748 #define CRYPTOPP_COMPILE_ASSERT( x )
1749 #define CRYPTOPP_COMPILE_ASSERT_GLOBAL(assertion)
1750 #define CRYPTOPP_COMPILE_ASSERT_INSTANCE(assertion, instance)
1751 #define CRYPTOPP_ASSERT_JOIN(X, Y)
1752 #define CRYPTOPP_DO_ASSERT_JOIN(X, Y)
1754 #else
1755 #define CRYPTOPP_COMPILE_ASSERT( x ) \
1756 { CompileTimeAssert<((x) != 0)> ERROR; (void)ERROR; }
1758 #define CRYPTOPP_COMPILE_ASSERT_GLOBAL(assertion) CRYPTOPP_COMPILE_ASSERT_INSTANCE(assertion, __LINE__)
1759 #if defined(CRYPTOPP_EXPORTS) || defined(CRYPTOPP_IMPORTS)
1760 #define CRYPTOPP_COMPILE_ASSERT_INSTANCE(assertion, instance)
1761 #else
1762 #define CRYPTOPP_COMPILE_ASSERT_INSTANCE(assertion, instance) \
1763 CompileTimeAssert<(assertion)> CRYPTOPP_ASSERT_JOIN(cryptopp_assert_, instance)
1764 #endif
1765 #define CRYPTOPP_ASSERT_JOIN(X, Y) CRYPTOPP_DO_ASSERT_JOIN(X, Y)
1766 #define CRYPTOPP_DO_ASSERT_JOIN(X, Y) X##Y
1767 #endif
1769 // ************** misc classes ***************
1771 class CRYPTOPP_DLL Empty
1772 {
1773 };
1775 //! _
1778 {
1779 };
1782 class ObjectHolder
1783 {
1785 T m_object;
1786 };
1788 class NotCopyable
1789 {
1795 };
1798 struct NewObject
1799 {
1801 };
1803 /*! This function safely initializes a static object in a multithreaded environment without using locks.
1804 It may leak memory when two threads try to initialize the static object at the same time
1805 but this should be acceptable since each static object is only initialized once per session.
1806 */
1808 class Singleton
1809 {
1813 // VC60 workaround: use "..." to prevent this function from being inlined
1817 F m_objectFactory;
1818 };
1822 {
1826 retry:
1828 {
1831 try
1832 {
1834 }
1836 {
1839 }
1846 }
1848 }
1850 // ************** misc functions ***************
1852 // can't use std::min or std::max in MSVC60 or Cygwin 1.1.0
1854 {
1856 }
1859 {
1861 }
1863 #define RETURN_IF_NONZERO(x) unsigned int returnedValue = x; if (returnedValue) return returnedValue
1865 // this version of the macro is fastest on Pentium 3 and Pentium 4 with MSVC 6 SP5 w/ Processor Pack
1866 #define GETBYTE(x, y) (unsigned int)byte((x)>>(8*(y)))
1867 // these may be faster on other CPUs/compilers
1868 // #define GETBYTE(x, y) (unsigned int)(((x)>>(8*(y)))&255)
1869 // #define GETBYTE(x, y) (((byte *)&(x))[y])
1876 {
1883 {
1887 else
1889 }
1892 }
1896 {
1903 }
1906 {
1908 }
1911 {
1913 }
1916 {
1918 }
1921 {
1923 }
1926 CRYPTOPP_DLL void xorbuf(byte *output, const byte *input, const byte *mask, unsigned int count);
1930 {
1932 }
1936 {
1939 }
1943 {
1945 }
1949 {
1951 }
1955 {
1956 #if defined(__GNUC__)
1958 #elif defined(_MSC_VER) and (_MSC_VER >= 1300)
1960 #else
1962 #endif
1963 }
1966 {
1967 return IsPowerOf2(alignment) ? ModPowerOf2((size_t)p, alignment) == 0 : (size_t)p % alignment == 0;
1968 }
1972 {
1974 }
1976 #ifdef IS_LITTLE_ENDIAN
1978 #else
1980 #endif
1983 {
1985 }
1988 {
1990 }
1994 {
1999 {
2002 }
2005 {
2009 }
2013 }
2015 // Avoid warnings about compare against zero for unsigned
2018 {
2023 {
2027 }
2029 }
2033 {
2037 }
2041 {
2043 }
2047 // ************** rotate functions ***************
2050 {
2053 }
2056 {
2059 }
2062 {
2065 }
2068 {
2071 }
2074 {
2077 }
2080 {
2083 }
2085 #ifdef INTEL_INTRINSICS
2087 #pragma intrinsic(_lrotl, _lrotr)
2090 {
2093 }
2096 {
2099 }
2102 {
2105 }
2108 {
2111 }
2114 {
2116 }
2119 {
2121 }
2125 #ifdef PPC_INTRINSICS
2128 {
2131 }
2134 {
2137 }
2140 {
2143 }
2146 {
2149 }
2152 {
2154 }
2157 {
2159 }
2163 // ************** endian reversal ***************
2167 {
2170 else
2172 }
2175 {
2177 }
2180 {
2182 }
2185 {
2186 #ifdef PPC_INTRINSICS
2187 // PPC: load reverse indexed instruction
2189 #elif defined(FAST_ROTATE)
2190 // 5 instructions with rotate instruction, 9 without
2192 #else
2193 // 6 instructions with rotate instruction, 8 without
2196 #endif
2197 }
2199 #ifdef WORD64_AVAILABLE
2201 {
2202 #ifdef CRYPTOPP_SLOW_WORD64
2204 #else
2205 value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) | ((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
2206 value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) | ((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
2208 #endif
2209 }
2210 #endif
2213 {
2217 }
2220 {
2225 }
2228 {
2233 }
2235 #ifdef WORD64_AVAILABLE
2237 {
2238 #ifdef CRYPTOPP_SLOW_WORD64
2240 #else
2241 value = ((value & W64LIT(0xAAAAAAAAAAAAAAAA)) >> 1) | ((value & W64LIT(0x5555555555555555)) << 1);
2242 value = ((value & W64LIT(0xCCCCCCCCCCCCCCCC)) >> 2) | ((value & W64LIT(0x3333333333333333)) << 2);
2243 value = ((value & W64LIT(0xF0F0F0F0F0F0F0F0)) >> 4) | ((value & W64LIT(0x0F0F0F0F0F0F0F0F)) << 4);
2245 #endif
2246 }
2247 #endif
2251 {
2258 else
2259 {
2260 #ifdef WORD64_AVAILABLE
2263 #else
2266 #endif
2267 }
2268 }
2272 {
2274 }
2278 {
2283 }
2286 inline void ConditionalByteReverse(ByteOrder order, T *out, const T *in, unsigned int byteCount)
2287 {
2292 }
2295 inline void GetUserKey(ByteOrder order, T *out, unsigned int outlen, const byte *in, unsigned int inlen)
2296 {
2302 }
2305 {
2307 }
2310 {
2314 }
2317 {
2319 ? word32(block[3]) | (word32(block[2]) << 8) | (word32(block[1]) << 16) | (word32(block[0]) << 24)
2320 : word32(block[0]) | (word32(block[1]) << 8) | (word32(block[2]) << 16) | (word32(block[3]) << 24);
2321 }
2323 #ifdef WORD64_AVAILABLE
2325 {
2327 ?
2336 :
2345 }
2346 #endif
2350 {
2352 }
2354 inline void UnalignedPutWord(ByteOrder /*order*/, byte *block, byte value, const byte *xorBlock = NULL)
2355 {
2357 }
2359 inline void UnalignedPutWord(ByteOrder order, byte *block, word16 value, const byte *xorBlock = NULL)
2360 {
2362 {
2365 }
2366 else
2367 {
2370 }
2373 {
2376 }
2377 }
2379 inline void UnalignedPutWord(ByteOrder order, byte *block, word32 value, const byte *xorBlock = NULL)
2380 {
2382 {
2387 }
2388 else
2389 {
2394 }
2397 {
2402 }
2403 }
2405 #ifdef WORD64_AVAILABLE
2406 inline void UnalignedPutWord(ByteOrder order, byte *block, word64 value, const byte *xorBlock = NULL)
2407 {
2409 {
2418 }
2419 else
2420 {
2429 }
2432 {
2441 }
2442 }
2443 #endif
2447 {
2449 {
2452 }
2453 else
2455 }
2459 {
2461 }
2464 inline void PutWord(bool assumeAligned, ByteOrder order, byte *block, T value, const byte *xorBlock = NULL)
2465 {
2467 {
2470 *reinterpret_cast<T *>(block) = ConditionalByteReverse(order, value) ^ *reinterpret_cast<const T *>(xorBlock);
2471 else
2473 }
2474 else
2476 }
2479 class GetBlock
2480 {
2487 {
2492 }
2496 };
2498 // ************** help remove warning on g++ ***************
2503 {
2506 {
2508 }
2512 {
2514 }
2515 };
2518 {
2521 {
2523 }
2527 {
2529 }
2530 };
2534 {
2536 }
2540 {
2542 }
2544 NAMESPACE_END
2547 ////////////////////////////////////////////////////////////////////////////////
2551 ////////////////////////////////////////////////////////////////////////////////
2552 // secblock.h - written and placed in the public domain by Wei Dai
2554 #ifndef CRYPTOPP_SECBLOCK_H
2555 #define CRYPTOPP_SECBLOCK_H
2557 //- #include "config.h"
2558 //- #include "misc.h"
2560 #include <assert.h>
2564 // ************** secure memory allocation ***************
2567 class AllocatorBase
2568 {
2572 #ifdef CRYPTOPP_MSVCRT6
2574 #else
2576 #endif
2586 size_type max_size() const {return ~size_type(0)/sizeof(T);} // switch to std::numeric_limits<T>::max later
2590 {
2593 }
2594 };
2596 #define CRYPTOPP_INHERIT_ALLOCATOR_TYPES \
2597 typedef typename AllocatorBase<T>::value_type value_type;\
2598 typedef typename AllocatorBase<T>::size_type size_type;\
2599 typedef typename AllocatorBase<T>::difference_type difference_type;\
2600 typedef typename AllocatorBase<T>::pointer pointer;\
2601 typedef typename AllocatorBase<T>::const_pointer const_pointer;\
2602 typedef typename AllocatorBase<T>::reference reference;\
2603 typedef typename AllocatorBase<T>::const_reference const_reference;
2606 typename A::pointer StandardReallocate(A& a, T *p, typename A::size_type oldSize, typename A::size_type newSize, bool preserve)
2607 {
2612 {
2613 A b;
2619 }
2620 else
2621 {
2624 }
2625 }
2629 {
2631 CRYPTOPP_INHERIT_ALLOCATOR_TYPES
2634 {
2639 }
2642 {
2645 }
2648 {
2650 }
2652 // VS.NET STL enforces the policy of "All STL-compliant allocators have to provide a
2653 // template class member called rebind".
2655 };
2659 {
2661 CRYPTOPP_INHERIT_ALLOCATOR_TYPES
2664 {
2667 }
2670 {
2672 }
2675 };
2677 // This allocator can't be used with standard collections because
2678 // they require that all objects of the same allocator type are equivalent.
2679 // So this is for use with SecBlock only.
2682 {
2684 CRYPTOPP_INHERIT_ALLOCATOR_TYPES
2689 {
2691 {
2694 }
2695 else
2697 }
2700 {
2702 {
2705 }
2706 else
2708 }
2711 {
2713 {
2718 }
2719 else
2721 }
2724 {
2726 {
2731 }
2738 }
2744 A m_fallbackAllocator;
2746 };
2748 //! a block of memory allocated using A
2750 class SecBlock
2751 {
2756 : m_size(t.m_size) {m_ptr = m_alloc.allocate(m_size, NULL); memcpy(m_ptr, t.m_ptr, m_size*sizeof(T));}
2759 {
2763 else
2765 }
2777 #endif
2786 #endif
2825 {
2828 }
2831 {
2834 }
2837 {
2840 }
2843 {
2845 }
2848 {
2850 }
2853 {
2856 }
2859 {
2862 }
2865 {
2867 {
2870 }
2871 }
2874 {
2876 {
2880 }
2881 }
2884 {
2887 }
2890 {
2894 }
2896 //private:
2897 A m_alloc;
2900 };
2907 {
2910 };
2913 inline bool operator==(const CryptoPP::AllocatorWithCleanup<T>&, const CryptoPP::AllocatorWithCleanup<U>&) {return (true);}
2915 inline bool operator!=(const CryptoPP::AllocatorWithCleanup<T>&, const CryptoPP::AllocatorWithCleanup<U>&) {return (false);}
2917 NAMESPACE_END
2922 {
2924 }
2926 #if defined(_STLPORT_VERSION) && !defined(_STLP_MEMBER_TEMPLATE_CLASSES)
2930 {
2932 }
2933 #endif
2935 NAMESPACE_END
2937 #endif
2938 ////////////////////////////////////////////////////////////////////////////////
2942 ////////////////////////////////////////////////////////////////////////////////
2943 #ifndef CRYPTOPP_INTEGER_H
2944 #define CRYPTOPP_INTEGER_H
2946 /** \file */
2948 //- #include "cryptlib.h"
2949 //- #include "secblock.h"
2951 #include <iosfwd>
2952 #include <algorithm>
2954 #ifdef CRYPTOPP_X86ASM_AVAILABLE
2956 #ifdef _M_IX86
2957 #if (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 500)) || (defined(__ICL) && (__ICL >= 500))
2958 #define SSE2_INTRINSICS_AVAILABLE
2959 #define CRYPTOPP_MM_MALLOC_AVAILABLE
2960 #elif defined(_MSC_VER)
2961 // _mm_free seems to be the only way to tell if the Processor Pack is installed or not
2962 #include <malloc.h>
2963 #if defined(_mm_free)
2964 #define SSE2_INTRINSICS_AVAILABLE
2965 #define CRYPTOPP_MM_MALLOC_AVAILABLE
2966 #endif
2967 #endif
2968 #endif
2970 // SSE2 intrinsics work in GCC 3.3 or later
2971 #if defined(__SSE2__) && (__GNUC__ > 3 || __GNUC_MINOR__ > 2)
2972 #define SSE2_INTRINSICS_AVAILABLE
2973 #endif
2975 #endif
2979 #if defined(SSE2_INTRINSICS_AVAILABLE)
2982 {
2984 CRYPTOPP_INHERIT_ALLOCATOR_TYPES
2989 {
2991 }
2993 #if !(defined(CRYPTOPP_MALLOC_ALIGNMENT_IS_16) || defined(CRYPTOPP_MEMALIGN_AVAILABLE) || defined(CRYPTOPP_MM_MALLOC_AVAILABLE))
2994 #define CRYPTOPP_NO_ALIGNED_ALLOC
2998 #endif
2999 };
3003 #else
3005 #endif
3009 //! multiple precision integer and basic arithmetics
3010 /*! This class can represent positive and negative integers
3011 with absolute value less than (256**sizeof(word)) ** (256**sizeof(int)).
3012 \nosubgrouping
3013 */
3015 {
3017 //! \name ENUMS, EXCEPTIONS, and TYPEDEFS
3018 //@{
3019 //! division by zero exception
3021 {
3024 };
3026 //!
3028 {
3030 RandomNumberNotFound() : Exception(OTHER_ERROR, "Integer: no integer satisfies the given parameters") {}
3031 };
3033 //!
3036 //!
3038 //!
3039 UNSIGNED,
3040 //!
3041 SIGNED};
3043 //!
3045 //!
3046 ANY,
3047 //!
3048 PRIME};
3049 //@}
3051 //! \name CREATORS
3052 //@{
3053 //! creates the zero integer
3056 //! copy constructor
3059 //! convert from signed long
3062 //! convert from lword
3065 //! convert from two words
3068 //! convert from string
3069 /*! str can be in base 2, 8, 10, or 16. Base is determined by a
3070 case insensitive suffix of 'h', 'o', or 'b'. No suffix means base 10.
3071 */
3075 //! convert from big-endian byte array
3078 //! convert from big-endian form stored in a BufferedTransformation
3081 //! convert from BER encoded byte array stored in a BufferedTransformation object
3084 //! create a random integer
3085 /*! The random integer created is uniformly distributed over [0, 2**bitcount). */
3088 //! avoid calling constructors for these frequently used integers
3090 //! avoid calling constructors for these frequently used integers
3092 //! avoid calling constructors for these frequently used integers
3095 //! create a random integer of special type
3096 /*! Ideally, the random integer created should be uniformly distributed
3097 over {x | min <= x <= max and x is of rnType and x % mod == equiv}.
3098 However the actual distribution may not be uniform because sequential
3099 search is used to find an appropriate number from a random starting
3100 point.
3101 May return (with very small probability) a pseudoprime when a prime
3102 is requested and max > lastSmallPrime*lastSmallPrime (lastSmallPrime
3103 is declared in nbtheory.h).
3104 \throw RandomNumberNotFound if the set is empty.
3105 */
3106 Integer(RandomNumberGenerator &rng, const Integer &min, const Integer &max, RandomNumberType rnType=ANY, const Integer &equiv=Zero(), const Integer &mod=One());
3108 //! return the integer 2**e
3110 //@}
3112 //! \name ENCODE/DECODE
3113 //@{
3114 //! minimum number of bytes to encode this integer
3115 /*! MinEncodedSize of 0 is 1 */
3117 //! encode in big-endian format
3118 /*! unsigned means encode absolute value, signed means encode two's complement if negative.
3119 if outputLen < MinEncodedSize, the most significant bytes will be dropped
3120 if outputLen > MinEncodedSize, the most significant bytes will be padded
3121 */
3123 //!
3124 unsigned int Encode(BufferedTransformation &bt, unsigned int outputLen, Signedness=UNSIGNED) const;
3126 //! encode using Distinguished Encoding Rules, put result into a BufferedTransformation object
3129 //! encode absolute value as big-endian octet string
3132 //! encode absolute value in OpenPGP format, return length of output
3134 //! encode absolute value in OpenPGP format, put result into a BufferedTransformation object
3137 //!
3139 //!
3140 //* Precondition: bt.MaxRetrievable() >= inputLen
3143 //!
3145 //!
3148 //! decode nonnegative value as big-endian octet string
3152 {
3155 };
3157 //!
3159 //!
3161 //@}
3163 //! \name ACCESSORS
3164 //@{
3165 //! return true if *this can be represented as a signed long
3167 //! return equivalent signed long if possible, otherwise undefined
3170 //! number of significant bits = floor(log2(abs(*this))) + 1
3172 //! number of significant bytes = ceiling(BitCount()/8)
3174 //! number of significant words = ceiling(ByteCount()/sizeof(word))
3177 //! return the i-th bit, i=0 being the least significant bit
3179 //! return the i-th byte
3181 //! return n lowest bits of *this >> i
3184 //!
3186 //!
3188 //!
3190 //!
3192 //!
3194 //!
3196 //!
3198 //!
3200 //@}
3202 //! \name MANIPULATORS
3203 //@{
3204 //!
3207 //!
3209 //!
3211 //!
3213 //!
3215 //!
3217 //!
3219 //!
3222 //!
3224 //!
3227 //!
3229 //!
3231 //! set this Integer to a random element of {x | min <= x <= max and x is of rnType and x % mod == equiv}
3232 /*! returns false if the set is empty */
3233 bool Randomize(RandomNumberGenerator &rng, const Integer &min, const Integer &max, RandomNumberType rnType, const Integer &equiv=Zero(), const Integer &mod=One());
3235 bool GenerateRandomNoThrow(RandomNumberGenerator &rng, const NameValuePairs ¶ms = g_nullNameValuePairs);
3236 void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms = g_nullNameValuePairs)
3237 {
3240 }
3242 //! set the n-th bit to value
3244 //! set the n-th byte to value
3247 //!
3249 //!
3251 //!
3254 //!
3256 //@}
3258 //! \name UNARY OPERATORS
3259 //@{
3260 //!
3262 //!
3264 //!
3266 //!
3268 //!
3270 //!
3272 //!
3274 //@}
3276 //! \name BINARY OPERATORS
3277 //@{
3278 //! signed comparison
3279 /*! \retval -1 if *this < a
3280 \retval 0 if *this = a
3281 \retval 1 if *this > a
3282 */
3285 //!
3287 //!
3289 //!
3291 //!
3293 //!
3295 //!
3297 //!
3300 //!
3302 //!
3304 //@}
3306 //! \name OTHER ARITHMETIC FUNCTIONS
3307 //@{
3308 //!
3310 //!
3312 //!
3314 //! extract square root, if negative return 0, else return floor of square root
3316 //! return whether this integer is a perfect square
3319 //! is 1 or -1
3321 //! return inverse if 1 or -1, otherwise return 0
3324 //! modular multiplication
3325 CRYPTOPP_DLL friend Integer a_times_b_mod_c(const Integer &x, const Integer& y, const Integer& m);
3326 //! modular exponentiation
3327 CRYPTOPP_DLL friend Integer a_exp_b_mod_c(const Integer &x, const Integer& e, const Integer& m);
3329 //! calculate r and q such that (a == d*q + r) && (0 <= r < abs(d))
3331 //! use a faster division algorithm when divisor is short
3334 //! returns same result as Divide(r, q, a, Power2(n)), but faster
3337 //! greatest common divisor
3339 //! calculate multiplicative inverse of *this mod n
3341 //!
3343 //@}
3345 //! \name INPUT/OUTPUT
3346 //@{
3347 //!
3349 //!
3351 //@}
3364 friend void PositiveDivide(Integer &remainder, Integer "ient, const Integer ÷nd, const Integer &divisor);
3366 SecAlignedWordBlock reg;
3367 Sign sign;
3368 };
3370 //!
3371 inline bool operator==(const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)==0;}
3372 //!
3373 inline bool operator!=(const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)!=0;}
3374 //!
3375 inline bool operator> (const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)> 0;}
3376 //!
3377 inline bool operator>=(const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)>=0;}
3378 //!
3379 inline bool operator< (const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)< 0;}
3380 //!
3381 inline bool operator<=(const CryptoPP::Integer& a, const CryptoPP::Integer& b) {return a.Compare(b)<=0;}
3382 //!
3383 inline CryptoPP::Integer operator+(const CryptoPP::Integer &a, const CryptoPP::Integer &b) {return a.Plus(b);}
3384 //!
3385 inline CryptoPP::Integer operator-(const CryptoPP::Integer &a, const CryptoPP::Integer &b) {return a.Minus(b);}
3386 //!
3387 inline CryptoPP::Integer operator*(const CryptoPP::Integer &a, const CryptoPP::Integer &b) {return a.Times(b);}
3388 //!
3389 inline CryptoPP::Integer operator/(const CryptoPP::Integer &a, const CryptoPP::Integer &b) {return a.DividedBy(b);}
3390 //!
3391 inline CryptoPP::Integer operator%(const CryptoPP::Integer &a, const CryptoPP::Integer &b) {return a.Modulo(b);}
3392 //!
3393 inline CryptoPP::Integer operator/(const CryptoPP::Integer &a, CryptoPP::word b) {return a.DividedBy(b);}
3394 //!
3395 inline CryptoPP::word operator%(const CryptoPP::Integer &a, CryptoPP::word b) {return a.Modulo(b);}
3397 NAMESPACE_END
3401 {
3403 }
3404 NAMESPACE_END
3406 #endif
3407 ////////////////////////////////////////////////////////////////////////////////
3410 ////////////////////////////////////////////////////////////////////////////////
3411 #ifndef CRYPTOPP_ALGEBRA_H
3412 #define CRYPTOPP_ALGEBRA_H
3414 //- #include "config.h"
3420 // "const Element&" returned by member functions are references
3421 // to internal data members. Since each object may have only
3422 // one such data member for holding results, the following code
3423 // will produce incorrect results:
3424 // abcd = group.Add(group.Add(a,b), group.Add(c,d));
3425 // But this should be fine:
3426 // abcd = group.Add(a, group.Add(b, group.Add(c,d));
3428 //! Abstract Group
3430 {
3448 virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1, const Element &y, const Integer &e2) const;
3450 virtual void SimultaneousMultiply(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const;
3451 };
3453 //! Abstract Ring
3455 {
3472 virtual Element CascadeExponentiate(const Element &x, const Integer &e1, const Element &y, const Integer &e2) const;
3474 virtual void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const;
3481 {
3513 Element CascadeScalarMultiply(const Element &x, const Integer &e1, const Element &y, const Integer &e2) const
3516 void SimultaneousMultiply(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const
3520 };
3522 MultiplicativeGroupT m_mg;
3523 };
3525 // ********************************************************
3527 //! Abstract Euclidean Domain
3529 {
3533 virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a, const Element &d) const =0;
3540 };
3542 // ********************************************************
3544 //! EuclideanDomainOf
3546 {
3605 };
3607 NAMESPACE_END
3609 #endif
3610 ////////////////////////////////////////////////////////////////////////////////
3613 ////////////////////////////////////////////////////////////////////////////////
3614 #ifndef CRYPTOPP_MODARITH_H
3615 #define CRYPTOPP_MODARITH_H
3617 // implementations are in integer.cpp
3619 //- #include "cryptlib.h"
3620 //- #include "misc.h"
3621 //- #include "integer.h"
3622 //- #include "algebra.h"
3626 //! ring of congruence classes modulo n
3627 /*! \note this implementation represents each congruence class as the smallest non-negative integer in that class */
3629 {
3653 void SetModulus(const Integer &newModulus) {modulus = newModulus; result.reg.resize(modulus.reg.size());}
3702 Integer CascadeExponentiate(const Integer &x, const Integer &e1, const Integer &y, const Integer &e2) const;
3704 void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const;
3712 Element RandomElement( RandomNumberGenerator &rng , const RandomizationParameter& /*ignore_for_now*/ = 0 ) const
3713 // left RandomizationParameter arg as ref in case RandomizationParameter becomes a more complicated struct
3714 {
3716 }
3724 Integer modulus;
3727 };
3729 // const ModularArithmetic::RandomizationParameter ModularArithmetic::DefaultRandomizationParameter = 0 ;
3731 //! do modular arithmetics in Montgomery representation for increased speed
3732 /*! \note the Montgomery representation represents each congruence class [a] as a*r%n, where r is a convenient power of 2 */
3734 {
3756 Integer CascadeExponentiate(const Integer &x, const Integer &e1, const Integer &y, const Integer &e2) const
3759 void SimultaneousExponentiate(Element *results, const Element &base, const Integer *exponents, unsigned int exponentsCount) const
3763 Integer u;
3765 };
3767 NAMESPACE_END
3769 #endif
3770 ////////////////////////////////////////////////////////////////////////////////
3773 ////////////////////////////////////////////////////////////////////////////////
3774 // simple.h - written and placed in the public domain by Wei Dai
3775 /*! \file
3776 Simple non-interface classes derived from classes in cryptlib.h.
3777 */
3779 #ifndef CRYPTOPP_SIMPLE_H
3780 #define CRYPTOPP_SIMPLE_H
3782 //- #include "cryptlib.h"
3783 //- #include "misc.h"
3787 //! _
3790 {
3793 };
3795 //! _
3798 {
3802 };
3804 //! _
3806 {
3808 explicit InvalidKeyLength(const std::string &algorithm, unsigned int length) : InvalidArgument(algorithm + ": " + IntToString(length, 10) + " is not a valid key length") {}
3809 };
3811 //! _
3812 // TODO: look into this virtual inheritance
3813 class CRYPTOPP_DLL ASN1CryptoMaterial : virtual public ASN1Object, virtual public CryptoMaterial
3814 {
3820 };
3822 // *****************************
3824 //! _
3827 {
3830 };
3832 //! _
3835 {
3841 bool ChannelFlush(const std::string &channel, bool hardFlush, int propagation=-1, bool blocking=true)
3842 {
3845 else
3846 {
3848 return attached && propagation ? attached->ChannelFlush(channel, hardFlush, propagation-1, blocking) : false;
3849 }
3850 }
3854 };
3856 //! _
3859 {
3862 {InputRejected() : NotImplemented("BufferedTransformation: this object doesn't allow input") {}};
3864 // shouldn't be calling these functions on this class
3865 unsigned int Put2(const byte* /* begin */, unsigned int /* length */, int /* messageEnd */, bool /* blocking */)
3870 unsigned int ChannelPut2(const std::string& /* channel */, const byte* /* begin */, unsigned int /* length */, int /* messageEnd */, bool /* blocking */)
3873 };
3875 //! _
3878 {
3884 };
3886 //! _
3889 {
3891 virtual void Initialize(const NameValuePairs ¶meters=g_nullNameValuePairs, int propagation=-1) =0;
3895 };
3897 //! _
3900 {
3911 };
3913 //! A BufferedTransformation that only contains pre-existing data as "output"
3914 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Store : public AutoSignaling<InputRejecting<BufferedTransformation> >
3915 {
3920 {
3923 }
3927 unsigned int CopyMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL) const;
3933 };
3935 //! A BufferedTransformation that doesn't produce any retrievable output
3937 {
3939 // make these functions protected to help prevent unintentional calls to them
3949 unsigned int TransferTo2(BufferedTransformation& /* target */, unsigned long &transferBytes, const std::string& /* channel */ = NULL_CHANNEL, bool /* blocking */ = true)
3951 unsigned int CopyRangeTo2(BufferedTransformation& /* target */, unsigned long& /* begin */, unsigned long /* end */ = ULONG_MAX, const std::string& /* channel */ = NULL_CHANNEL, bool /* blocking */ = true) const
3953 };
3956 {
3960 unsigned int Put2(const byte* /* begin */, unsigned int /* length */, int /* messageEnd */, bool /* blocking */)
3962 };
3964 NAMESPACE_END
3966 #endif
3967 ////////////////////////////////////////////////////////////////////////////////
3970 ////////////////////////////////////////////////////////////////////////////////
3971 // specification file for an unlimited queue for storing bytes
3973 #ifndef CRYPTOPP_QUEUE_H
3974 #define CRYPTOPP_QUEUE_H
3976 //- #include "simple.h"
3977 //#include <algorithm>
3981 /** The queue is implemented as a linked list of byte arrays, but you don't need to
3982 know about that. So just ignore this next line. :) */
3985 //! Byte Queue
3987 {
4008 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
4009 unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
4011 // these member functions are not inherited
4035 {
4053 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
4054 unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
4063 };
4078 };
4080 NAMESPACE_END
4084 {
4086 }
4087 NAMESPACE_END
4089 #endif
4090 ////////////////////////////////////////////////////////////////////////////////
4093 ////////////////////////////////////////////////////////////////////////////////
4094 #ifndef CRYPTOPP_ALGPARAM_H
4095 #define CRYPTOPP_ALGPARAM_H
4097 //- #include "cryptlib.h"
4098 //- #include "smartptr.h"
4099 //- #include "secblock.h"
4103 //! used to pass byte array input as part of a NameValuePairs object
4104 /*! the deepCopy option is used when the NameValuePairs object can't
4105 keep a copy of the data available */
4106 class ConstByteArrayParameter
4107 {
4110 {
4112 }
4114 {
4116 }
4118 {
4121 }
4124 {
4127 else
4128 {
4131 }
4133 }
4143 SecByteBlock m_block;
4144 };
4146 class ByteArrayParameter
4147 {
4161 };
4164 {
4173 };
4176 class GetValueHelperClass
4177 {
4179 GetValueHelperClass(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst)
4180 : m_pObject(pObject), m_name(name), m_valueType(&valueType), m_pValue(pValue), m_found(false), m_getValueNames(false)
4181 {
4183 {
4191 }
4193 if (!m_found && strncmp(m_name, "ThisPointer:", 12) == 0 && strcmp(m_name+12, typeid(T).name()) == 0)
4194 {
4199 }
4206 }
4212 {
4216 {
4220 }
4222 }
4225 {
4228 if (!m_found && strncmp(m_name, "ThisObject:", 11) == 0 && strcmp(m_name+11, typeid(T).name()) == 0)
4229 {
4233 }
4235 }
4243 };
4246 GetValueHelperClass<T, BASE> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL, BASE* /* dummy */ = NULL)
4247 {
4249 }
4252 GetValueHelperClass<T, T> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL)
4253 {
4255 }
4257 // ********************************************************
4261 {
4263 }
4266 bool Hack_GetValueIntoConstReference(const NameValuePairs &source, const char *name, const R &value)
4267 {
4269 }
4272 class AssignFromHelperClass
4273 {
4277 {
4282 }
4285 AssignFromHelperClass & operator()(const char *name, void (T::*pm)(R)) // VC60 workaround: "const R &" here causes compiler error
4286 {
4288 {
4291 throw InvalidArgument(std::string(typeid(T).name()) + ": Missing required parameter '" + name + "'");
4293 }
4295 }
4298 AssignFromHelperClass & operator()(const char *name1, const char *name2, void (T::*pm)(R, S)) // VC60 workaround: "const R &" here causes compiler error
4299 {
4301 {
4304 throw InvalidArgument(std::string(typeid(T).name()) + ": Missing required parameter '" + name1 + "'");
4307 throw InvalidArgument(std::string(typeid(T).name()) + ": Missing required parameter '" + name2 + "'");
4309 }
4311 }
4317 };
4320 AssignFromHelperClass<T, BASE> AssignFromHelper(T *pObject, const NameValuePairs &source, BASE* /* dummy */ = NULL)
4321 {
4323 }
4327 {
4329 }
4331 // ********************************************************
4333 // This should allow the linker to discard Integer code if not needed.
4334 CRYPTOPP_DLL extern bool (*AssignIntToInteger)(const std::type_info &valueType, void *pInteger, const void *pInt);
4339 {
4342 {
4344 ParameterNotUsed(const char *name) : Exception(OTHER_ERROR, std::string("AlgorithmParametersBase: parameter \"") + name + "\" not used") {}
4345 };
4351 {
4352 #ifdef CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE
4354 #else
4355 try
4356 #endif
4357 {
4360 }
4361 #ifndef CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE
4363 {
4364 }
4365 #endif
4366 }
4371 virtual void AssignValue(const char *name, const std::type_info &valueType, void *pValue) const =0;
4377 };
4381 {
4383 AlgorithmParametersBase2(const char *name, const T &value, bool throwIfNotUsed) : AlgorithmParametersBase(name, throwIfNotUsed), m_value(value) {}
4386 {
4387 // special case for retrieving an Integer parameter when an int was passed in
4388 if (!(AssignIntToInteger != NULL && typeid(T) == typeid(int) && AssignIntToInteger(valueType, pValue, &m_value)))
4389 {
4392 }
4393 }
4396 T m_value;
4397 };
4401 {
4403 AlgorithmParameters(const PARENT &parent, const char *name, const T &value, bool throwIfNotUsed)
4405 {}
4409 {
4411 }
4414 AlgorithmParameters<AlgorithmParameters<PARENT,T>, R> operator()(const char *name, const R &value) const
4415 {
4416 return AlgorithmParameters<AlgorithmParameters<PARENT,T>, R>(*this, name, value, this->m_throwIfNotUsed);
4417 }
4420 AlgorithmParameters<AlgorithmParameters<PARENT,T>, R> operator()(const char *name, const R &value, bool throwIfNotUsed) const
4421 {
4422 return AlgorithmParameters<AlgorithmParameters<PARENT,T>, R>(*this, name, value, throwIfNotUsed);
4423 }
4427 PARENT m_parent;
4428 };
4430 //! Create an object that implements NameValuePairs for passing parameters
4431 /*! \param throwIfNotUsed if true, the object will throw an exception if the value is not accessed
4432 \note throwIfNotUsed is ignored if using a compiler that does not support std::uncaught_exception(),
4433 such as MSVC 7.0 and earlier.
4434 \note A NameValuePairs object containing an arbitrary number of name value pairs may be constructed by
4435 repeatedly using operator() on the object returned by MakeParameters, for example:
4436 const NameValuePairs ¶meters = MakeParameters(name1, value1)(name2, value2)(name3, value3);
4437 */
4439 AlgorithmParameters<NullNameValuePairs,T> MakeParameters(const char *name, const T &value, bool throwIfNotUsed = true)
4440 {
4441 return AlgorithmParameters<NullNameValuePairs,T>(g_nullNameValuePairs, name, value, throwIfNotUsed);
4442 }
4444 #define CRYPTOPP_GET_FUNCTION_ENTRY(name) (Name::name(), &ThisClass::Get##name)
4445 #define CRYPTOPP_SET_FUNCTION_ENTRY(name) (Name::name(), &ThisClass::Set##name)
4446 #define CRYPTOPP_SET_FUNCTION_ENTRY2(name1, name2) (Name::name1(), Name::name2(), &ThisClass::Set##name1##And##name2)
4448 NAMESPACE_END
4450 #endif
4451 ////////////////////////////////////////////////////////////////////////////////
4454 ////////////////////////////////////////////////////////////////////////////////
4455 #ifndef CRYPTOPP_FILTERS_H
4456 #define CRYPTOPP_FILTERS_H
4458 //- #include "simple.h"
4459 //- #include "secblock.h"
4460 //- #include "misc.h"
4461 //- #include "smartptr.h"
4462 //- #include "queue.h"
4463 //- #include "algparam.h"
4467 /// provides an implementation of BufferedTransformation's attachment interface
4468 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Filter : public BufferedTransformation, public NotCopyable
4469 {
4478 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
4479 unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
4494 unsigned int Output(int outputSite, const byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
4495 unsigned int OutputModifiable(int outputSite, byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
4496 bool OutputMessageEnd(int outputSite, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
4497 bool OutputFlush(int outputSite, bool hardFlush, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
4498 bool OutputMessageSeriesEnd(int outputSite, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
4506 };
4508 struct CRYPTOPP_DLL FilterPutSpaceHelper
4509 {
4510 // desiredSize is how much to ask target, bufferSize is how much to allocate in m_tempSpace
4511 byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize, unsigned int desiredSize, unsigned int &bufferSize)
4512 {
4515 {
4518 {
4521 }
4523 }
4527 }
4528 byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize)
4530 byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize, unsigned int bufferSize)
4532 SecByteBlock m_tempSpace;
4533 };
4535 /*! FilterWithBufferedInput divides up the input stream into
4536 a first block, a number of middle blocks, and a last block.
4537 First and last blocks are optional, and middle blocks may
4538 be a stream instead (i.e. blockSize == 1).
4539 */
4541 {
4544 //! firstSize and lastSize may be 0, blockSize must be at least 1
4545 FilterWithBufferedInput(unsigned int firstSize, unsigned int blockSize, unsigned int lastSize, BufferedTransformation *attachment);
4549 {
4551 }
4552 unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking)
4553 {
4555 }
4556 /*! calls ForceNextPut() if hardFlush is true */
4559 /*! The input buffer may contain more than blockSize bytes if lastSize != 0.
4560 ForceNextPut() forces a call to NextPut() if this is the case.
4561 */
4567 virtual void InitializeDerivedAndReturnNewSizes(const NameValuePairs& parameters, unsigned int& /* firstSize */, unsigned int& /* blockSize */, unsigned int& /* lastSize */)
4570 // FirstPut() is called if (firstSize != 0 and totalLength >= firstSize)
4571 // or (firstSize == 0 and (totalLength > 0 or a MessageEnd() is received))
4573 // NextPut() is called if totalLength >= firstSize+blockSize+lastSize
4575 // Same as NextPut() except length can be a multiple of blockSize
4576 // Either NextPut() or NextPutMultiple() must be overriden
4578 // Same as NextPutMultiple(), but inString can be modified
4581 // LastPut() is always called
4582 // if totalLength < firstSize then length == totalLength
4583 // else if totalLength <= firstSize+lastSize then length == totalLength-firstSize
4584 // else lastSize <= length < lastSize+blockSize
4589 unsigned int PutMaybeModifiable(byte *begin, unsigned int length, int messageEnd, bool blocking, bool modifiable);
4591 {
4594 }
4596 // This function should no longer be used, put this here to cause a compiler error
4597 // if someone tries to override NextPut().
4598 virtual int NextPut(const byte* /* inString */, unsigned int /* length */) {assert(false); return 0;}
4600 class BlockQueue
4601 {
4612 SecByteBlock m_buffer;
4615 };
4619 BlockQueue m_queue;
4620 };
4622 //! Filter Wrapper for HashTransformation
4624 {
4626 HashFilter(HashTransformation &hm, BufferedTransformation *attachment = NULL, bool putMessage=false)
4638 };
4640 // Used By ProxyFilter
4642 {
4644 OutputProxy(BufferedTransformation &owner, bool passSignal) : m_owner(owner), m_passSignal(passSignal) {}
4652 {return m_owner.AttachedTransformation()->Put2(begin, length, m_passSignal ? messageEnd : 0, blocking);}
4654 {return m_owner.AttachedTransformation()->PutModifiable2(begin, length, m_passSignal ? messageEnd : 0, blocking);}
4658 {return m_passSignal ? m_owner.AttachedTransformation()->Flush(hardFlush, propagation, blocking) : false;}
4660 {return m_passSignal ? m_owner.AttachedTransformation()->MessageSeriesEnd(propagation, blocking) : false;}
4662 unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
4663 {return m_owner.AttachedTransformation()->ChannelPut2(channel, begin, length, m_passSignal ? messageEnd : 0, blocking);}
4664 unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking)
4665 {return m_owner.AttachedTransformation()->ChannelPutModifiable2(channel, begin, length, m_passSignal ? messageEnd : 0, blocking);}
4666 bool ChannelFlush(const std::string &channel, bool completeFlush, int propagation=-1, bool blocking=true)
4667 {return m_passSignal ? m_owner.AttachedTransformation()->ChannelFlush(channel, completeFlush, propagation, blocking) : false;}
4668 bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true)
4669 {return m_passSignal ? m_owner.AttachedTransformation()->ChannelMessageSeriesEnd(channel, propagation, blocking) : false;}
4674 };
4676 //! Base class for Filter classes that are proxies for a chain of other filters.
4678 {
4680 ProxyFilter(BufferedTransformation *filter, unsigned int firstSize, unsigned int lastSize, BufferedTransformation *attachment);
4690 };
4692 //! simple proxy filter that doesn't modify the underlying filter's input or output
4694 {
4701 };
4703 //! Append input to a string object
4706 {
4708 // VC60 workaround: no T::char_type
4715 {if (!parameters.GetValue("OutputStringPointer", m_output)) throw InvalidArgument("StringSink: OutputStringPointer not specified");}
4718 {
4720 {
4725 }
4727 }
4731 };
4733 //! Append input to an std::string
4736 //! Copy input to a memory buffer
4738 {
4740 ArraySink(const NameValuePairs ¶meters = g_nullNameValuePairs) {IsolatedInitialize(parameters);}
4754 };
4756 //! Xor input to a memory buffer
4758 {
4764 byte * CreatePutSpace(unsigned int &size) {return BufferedTransformation::CreatePutSpace(size);}
4765 };
4767 //! string-based implementation of Store interface
4769 {
4778 CRYPTOPP_DLL unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
4779 CRYPTOPP_DLL unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
4786 };
4788 //! A Filter that pumps data into its attachment as input
4790 {
4808 {
4812 }
4813 };
4815 //! Turn a Store into a Source
4818 {
4827 {return m_store.TransferMessagesTo2(*AttachedTransformation(), messageCount, NULL_CHANNEL, blocking);}
4838 T m_store;
4839 };
4841 //! string-based implementation of Source interface
4843 {
4848 : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
4849 StringSource(const byte *string, unsigned int length, bool pumpAll, BufferedTransformation *attachment = NULL)
4850 : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string, length)));}
4851 StringSource(const std::string &string, bool pumpAll, BufferedTransformation *attachment = NULL)
4852 : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
4853 };
4855 NAMESPACE_END
4857 #endif
4858 ////////////////////////////////////////////////////////////////////////////////
4862 ////////////////////////////////////////////////////////////////////////////////
4863 #ifndef CRYPTOPP_ARGNAMES_H
4864 #define CRYPTOPP_ARGNAMES_H
4866 //- #include "cryptlib.h"
4872 #define CRYPTOPP_DEFINE_NAME_STRING(name) inline const char *name() {return #name;}
4874 CRYPTOPP_DEFINE_NAME_STRING(ValueNames) //!< string, a list of value names with a semicolon (';') after each name
4932 DOCUMENTED_NAMESPACE_END
4934 NAMESPACE_END
4936 #endif
4937 ////////////////////////////////////////////////////////////////////////////////
4940 ////////////////////////////////////////////////////////////////////////////////
4941 // pubkey.h - written and placed in the public domain by Wei Dai
4943 #ifndef CRYPTOPP_PUBKEY_H
4944 #define CRYPTOPP_PUBKEY_H
4946 /** \file
4948 This file contains helper classes/functions for implementing public key algorithms.
4950 The class hierachies in this .h file tend to look like this:
4951 <pre>
4952 x1
4953 / \
4954 y1 z1
4955 | |
4956 x2<y1> x2<z1>
4957 | |
4958 y2 z2
4959 | |
4960 x3<y2> x3<z2>
4961 | |
4962 y3 z3
4963 </pre>
4964 - x1, y1, z1 are abstract interface classes defined in cryptlib.h
4965 - x2, y2, z2 are implementations of the interfaces using "abstract policies", which
4966 are pure virtual functions that should return interfaces to interchangeable algorithms.
4967 These classes have "Base" suffixes.
4968 - x3, y3, z3 hold actual algorithms and implement those virtual functions.
4969 These classes have "Impl" suffixes.
4971 The "TF_" prefix means an implementation using trapdoor functions on integers.
4972 The "DL_" prefix means an implementation using group operations (in groups where discrete log is hard).
4973 */
4975 //- #include "modarith.h"
4976 //- #include "filters.h"
4977 //- #include "eprecomp.h"
4978 //- #include "fips140.h"
4979 //- #include "argnames.h"
4980 #include <memory>
4982 // VC60 workaround: this macro is defined in shlobj.h and conflicts with a template parameter used in this file
4983 #undef INTERFACE
4987 //! _
4988 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TrapdoorFunctionBounds
4989 {
4997 };
4999 //! _
5000 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomizedTrapdoorFunction : public TrapdoorFunctionBounds
5001 {
5003 virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0;
5005 };
5007 //! _
5009 {
5016 };
5018 //! _
5019 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomizedTrapdoorFunctionInverse
5020 {
5024 virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0;
5026 };
5028 //! _
5029 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TrapdoorFunctionInverse : public RandomizedTrapdoorFunctionInverse
5030 {
5039 };
5041 // ********************************************************
5043 //! message encoding method for public key encryption
5044 class CRYPTOPP_NO_VTABLE PK_EncryptionMessageEncodingMethod
5045 {
5051 //! max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of modulus)
5054 virtual void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedBitLength, const NameValuePairs ¶meters) const =0;
5056 virtual DecodingResult Unpad(const byte *padded, unsigned int paddedBitLength, byte *raw, const NameValuePairs ¶meters) const =0;
5057 };
5059 // ********************************************************
5061 //! _
5063 class CRYPTOPP_NO_VTABLE TF_Base
5064 {
5075 };
5077 // ********************************************************
5081 //! interface for message encoding method for public key signature schemes
5082 class CRYPTOPP_NO_VTABLE PK_SignatureMessageEncodingMethod
5083 {
5087 virtual unsigned int MaxRecoverableLength(unsigned int /* representativeBitLength */, unsigned int /* hashIdentifierLength */, unsigned int /* digestLength */) const
5093 {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
5095 {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
5097 // for verification, DL
5098 virtual void ProcessSemisignature(HashTransformation& /* hash */, const byte* /* semisignature */, unsigned int /* semisignatureLength */) const {}
5100 // for signature
5105 {
5108 }
5123 {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
5130 {throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
5132 // VC60 workaround
5133 struct HashIdentifierLookup
5134 {
5136 {
5138 {
5140 }
5141 };
5142 };
5143 };
5145 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_DeterministicSignatureMessageEncodingMethod : public PK_SignatureMessageEncodingMethod
5146 {
5151 };
5154 {
5161 {
5164 }
5169 };
5172 class PK_MessageAccumulatorImpl : public PK_MessageAccumulatorBase, protected ObjectHolder<HASH_ALGORITHM>
5173 {
5176 };
5178 //! _
5181 {
5186 {return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
5191 {return this->GetTrapdoorFunctionInterface().IsRandomized() || this->GetMessageEncodingInterface().IsProbabilistic();}
5198 unsigned int MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
5199 unsigned int MessageRepresentativeBitLength() const {return this->GetTrapdoorFunctionBounds().ImageBound().BitCount()-1;}
5202 };
5204 //! _
5205 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_SignerBase : public TF_SignatureSchemeBase<PK_Signer, TF_Base<RandomizedTrapdoorFunctionInverse, PK_SignatureMessageEncodingMethod> >
5206 {
5208 void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const;
5209 unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const;
5210 };
5212 //! _
5213 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_VerifierBase : public TF_SignatureSchemeBase<PK_Verifier, TF_Base<TrapdoorFunction, PK_SignatureMessageEncodingMethod> >
5214 {
5216 void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const;
5218 DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &recoveryAccumulator) const;
5219 };
5221 // ********************************************************
5223 //! _
5225 struct TF_CryptoSchemeOptions
5226 {
5232 };
5234 //! _
5237 {
5239 };
5241 //! _
5243 class CRYPTOPP_NO_VTABLE PublicKeyCopier
5244 {
5250 };
5252 //! _
5254 class CRYPTOPP_NO_VTABLE PrivateKeyCopier
5255 {
5262 };
5264 //! _
5266 class CRYPTOPP_NO_VTABLE TF_ObjectImplBase : public AlgorithmImpl<BASE, typename SCHEME_OPTIONS::AlgorithmInfo>
5267 {
5284 {
5286 }
5288 {
5290 }
5300 // for signature scheme
5302 {
5303 typedef CPP_TYPENAME SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<CPP_TYPENAME SchemeOptions::HashFunction> L;
5305 }
5307 {
5310 }
5311 };
5313 //! _
5315 class CRYPTOPP_NO_VTABLE TF_ObjectImpl : public TF_ObjectImplBase<TwoBases<BASE, KEY_COPIER>, SCHEME_OPTIONS, typename KEY_COPIER::KeyClass>
5316 {
5327 KeyClass m_trapdoorFunction;
5328 };
5330 //! _
5332 class TF_SignerImpl : public TF_ObjectImpl<TF_SignerBase, SCHEME_OPTIONS, PrivateKeyCopier<typename SCHEME_OPTIONS::Keys> >
5333 {
5334 };
5336 //! _
5338 class TF_VerifierImpl : public TF_ObjectImpl<TF_VerifierBase, SCHEME_OPTIONS, PublicKeyCopier<typename SCHEME_OPTIONS::Keys> >
5339 {
5340 };
5342 // ********************************************************
5344 CRYPTOPP_DLL void P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, const byte *derivationParams, unsigned int derivationParamsLength, bool mask, unsigned int counterStart);
5346 // ********************************************************
5348 //! _
5350 class P1363_KDF2
5351 {
5353 static void DeriveKey(byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, const byte *derivationParams, unsigned int derivationParamsLength)
5354 {
5355 H h;
5356 P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength, false, 1);
5357 }
5358 };
5360 // ********************************************************
5362 //! A template implementing constructors for public key algorithm classes
5365 {
5384 #if (defined(_MSC_VER) && _MSC_VER < 1300)
5414 #else
5433 PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6)
5437 PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7)
5441 PK_FinalTemplate(const T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7, const T8 &v8)
5465 PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7)
5469 PK_FinalTemplate(T1 &v1, const T2 &v2, const T3 &v3, const T4 &v4, const T5 &v5, const T6 &v6, const T7 &v7, const T8 &v8)
5472 #endif
5473 };
5475 //! Base class for public key encryption standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms.
5478 //! Base class for public key signature standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms.
5481 template <class STANDARD, class H, class KEYS, class ALG_INFO> // VC60 workaround: doesn't work if KEYS is first parameter
5484 //! Trapdoor Function Based Signature Scheme
5485 template <class STANDARD, class H, class KEYS, class ALG_INFO = TF_SS<STANDARD, H, KEYS, int> > // VC60 workaround: doesn't work if KEYS is first parameter
5487 {
5489 //! see SignatureStandard for a list of standards
5494 static std::string StaticAlgorithmName() {return KEYS::StaticAlgorithmName() + "/" + MessageEncodingMethod::StaticAlgorithmName() + "(" + H::StaticAlgorithmName() + ")";}
5496 //! implements PK_Signer interface
5498 //! implements PK_Verifier interface
5500 };
5502 NAMESPACE_END
5504 #endif
5505 ////////////////////////////////////////////////////////////////////////////////
5509 ////////////////////////////////////////////////////////////////////////////////
5510 #ifndef CRYPTOPP_ITERHASH_H
5511 #define CRYPTOPP_ITERHASH_H
5513 //- #include "cryptlib.h"
5514 //- #include "secblock.h"
5515 //- #include "misc.h"
5516 //- #include "simple.h"
5520 //! _
5523 {
5552 };
5555 //! _
5558 {
5563 inline static void CorrectEndianess(HashWordType *out, const HashWordType *in, unsigned int byteCount)
5564 {
5566 }
5573 };
5575 //! _
5576 template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, class T_Base = HashTransformation>
5577 class CRYPTOPP_NO_VTABLE IteratedHash : public IteratedHashBase2<T_HashWordType, T_Endianness, T_Base>
5578 {
5581 CRYPTOPP_COMPILE_ASSERT_GLOBAL((BLOCKSIZE & (BLOCKSIZE - 1)) == 0); // blockSize is a power of 2
5587 };
5589 //! _
5590 template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, unsigned int T_StateSize, class T_Transform, unsigned int T_DigestSize = T_StateSize>
5591 class CRYPTOPP_NO_VTABLE IteratedHashWithStaticTransform
5592 : public ClonableImpl<T_Transform, AlgorithmImpl<IteratedHash<T_HashWordType, T_Endianness, T_BlockSize>, T_Transform> >
5593 {
5600 {
5603 }
5604 void HashEndianCorrectedBlock(const T_HashWordType *data) {T_Transform::Transform(this->m_digest, data);}
5606 };
5608 // *************************************************************
5610 template <class T, class B, class BASE> void IteratedHashBase2<T, B, BASE>::TruncatedFinal(byte *digest, unsigned int size)
5611 {
5617 this->m_data[this->m_data.size()-2] = B::ToEnum() ? this->GetBitCountHi() : this->GetBitCountLo();
5618 this->m_data[this->m_data.size()-1] = B::ToEnum() ? this->GetBitCountLo() : this->GetBitCountHi();
5625 }
5627 template <class T, class B, class BASE> void IteratedHashBase2<T, B, BASE>::HashBlock(const HashWordType *input)
5628 {
5631 else
5632 {
5635 }
5636 }
5638 NAMESPACE_END
5640 #endif
5641 ////////////////////////////////////////////////////////////////////////////////
5645 ////////////////////////////////////////////////////////////////////////////////
5646 #ifndef CRYPTOPP_SHA_H
5647 #define CRYPTOPP_SHA_H
5649 //- #include "iterhash.h"
5653 /// <a href="http://www.weidai.com/scan-mirror/md.html#SHA-1">SHA-1</a>
5654 class CRYPTOPP_DLL SHA : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 20, SHA>
5655 {
5660 };
5664 NAMESPACE_END
5666 #endif
5667 ////////////////////////////////////////////////////////////////////////////////
5671 ////////////////////////////////////////////////////////////////////////////////
5672 #ifndef CRYPTOPP_PKCSPAD_H
5673 #define CRYPTOPP_PKCSPAD_H
5675 //- #include "cryptlib.h"
5676 //- #include "pubkey.h"
5678 #ifdef CRYPTOPP_IS_DLL
5679 //- #include "sha.h"
5680 #endif
5684 //! <a href="http://www.weidai.com/scan-mirror/ca.html#cem_PKCS1-1.5">EME-PKCS1-v1_5</a>
5686 {
5691 void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength, const NameValuePairs ¶meters) const;
5692 DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw, const NameValuePairs ¶meters) const;
5693 };
5696 {
5700 };
5702 // PKCS_DigestDecoration can be instantiated with the following
5703 // classes as specified in PKCS#1 v2.0 and P1363a
5705 // end of list
5707 //! <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PKCS1-1.5">EMSA-PKCS1-v1_5</a>
5708 class CRYPTOPP_DLL PKCS1v15_SignatureMessageEncodingMethod : public PK_DeterministicSignatureMessageEncodingMethod
5709 {
5718 struct HashIdentifierLookup
5719 {
5721 {
5723 {
5725 }
5726 };
5727 };
5728 };
5730 //! PKCS #1 version 1.5, for use with RSAES and RSASS
5731 /*! Only the following hash functions are supported by this signature standard:
5732 \dontinclude pkcspad.h
5733 \skip can be instantiated
5734 \until end of list
5735 */
5737 {
5740 };
5742 NAMESPACE_END
5744 #endif
5745 ////////////////////////////////////////////////////////////////////////////////
5749 ////////////////////////////////////////////////////////////////////////////////
5750 #ifndef CRYPTOPP_ASN_H
5751 #define CRYPTOPP_ASN_H
5753 //- #include "filters.h"
5754 //- #include "queue.h"
5755 #include <vector>
5759 // these tags and flags are not complete
5760 enum ASNTag
5761 {
5785 };
5787 enum ASNIdFlag
5788 {
5790 // DATA = 0x01,
5791 // HEADER = 0x02,
5796 };
5800 // unsigned int DERLengthEncode(unsigned int length, byte *output=0);
5802 // returns false if indefinite length
5808 CRYPTOPP_DLL unsigned int DEREncodeOctetString(BufferedTransformation &out, const byte *str, unsigned int strLen);
5809 CRYPTOPP_DLL unsigned int DEREncodeOctetString(BufferedTransformation &out, const SecByteBlock &str);
5811 // BER decode from source and DER reencode into dest
5814 //! Object Identifier
5815 class CRYPTOPP_DLL OID
5816 {
5827 // throw BERDecodeErr() if decoded value doesn't equal this OID
5835 };
5837 //! BER General Decoder
5839 {
5851 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
5852 unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
5854 // call this to denote end of sequence
5866 };
5868 //! DER General Encoder
5870 {
5872 explicit DERGeneralEncoder(BufferedTransformation &outQueue, byte asnTag = SEQUENCE | CONSTRUCTED);
5876 // call this to denote end of sequence
5883 byte m_asnTag;
5884 };
5886 //! BER Sequence Decoder
5888 {
5890 explicit BERSequenceDecoder(BufferedTransformation &inQueue, byte asnTag = SEQUENCE | CONSTRUCTED)
5894 };
5896 //! DER Sequence Encoder
5898 {
5900 explicit DERSequenceEncoder(BufferedTransformation &outQueue, byte asnTag = SEQUENCE | CONSTRUCTED)
5902 explicit DERSequenceEncoder(DERSequenceEncoder &outQueue, byte asnTag = SEQUENCE | CONSTRUCTED)
5904 };
5906 //! key that can be ASN.1 encoded
5907 /** derived class should override either BERDecodeKey or BERDecodeKey2 */
5909 {
5916 //! decode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
5918 virtual void BERDecodeKey2(BufferedTransformation& bt, bool /* parametersPresent */, unsigned int /* size */)
5920 //! encode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
5922 };
5924 //! encodes/decodes subjectPublicKeyInfo
5926 {
5930 };
5932 //! encodes/decodes privateKeyInfo
5934 {
5939 //! decode optional attributes including context-specific tag
5940 /*! /note default implementation stores attributes to be output in DEREncodeOptionalAttributes */
5942 //! encode optional attributes including context-specific tag
5946 ByteQueue m_optionalAttributes;
5947 };
5949 // ********************************************************
5951 //! DER Encode Unsigned
5952 /*! for INTEGER, BOOLEAN, and ENUM */
5955 {
5959 {
5962 }
5963 else
5964 {
5973 }
5978 }
5980 //! BER Decode Unsigned
5981 // VC60 workaround: std::numeric_limits<T>::max conflicts with MFC max macro
5982 // CW41 workaround: std::numeric_limits<T>::max causes a template error
5986 {
5987 byte b;
6001 {
6002 bc--;
6003 ptr++;
6004 }
6014 }
6021 {return std::lexicographical_compare(lhs.m_values.begin(), lhs.m_values.end(), rhs.m_values.begin(), rhs.m_values.end());}
6025 NAMESPACE_END
6027 #endif
6028 ////////////////////////////////////////////////////////////////////////////////
6032 ////////////////////////////////////////////////////////////////////////////////
6033 #ifndef CRYPTOPP_RSA_H
6034 #define CRYPTOPP_RSA_H
6036 /** \file
6037 This file contains classes that implement the RSA
6038 ciphers and signature schemes as defined in PKCS #1 v2.0.
6039 */
6041 //- #include "pkcspad.h"
6042 //- #include "oaep.h"
6043 //- #include "integer.h"
6044 //- #include "asn.h"
6048 //! _
6050 {
6057 // X509PublicKey
6062 // CryptoMaterial
6067 // TrapdoorFunction
6072 // non-derived
6081 };
6083 //! _
6084 class CRYPTOPP_DLL InvertibleRSAFunction : public RSAFunction, public TrapdoorFunctionInverse, public PKCS8PrivateKey
6085 {
6090 void Initialize(const Integer &n, const Integer &e, const Integer &d, const Integer &p, const Integer &q, const Integer &dp, const Integer &dq, const Integer &u)
6092 //! factor n given private exponent
6095 // PKCS8PrivateKey
6103 // TrapdoorFunctionInverse
6106 // GeneratableCryptoMaterial
6108 /*! parameters: (ModulusSize, PublicExponent (default 17)) */
6113 // non-derived interface
6130 };
6132 //! RSA
6133 struct CRYPTOPP_DLL RSA
6134 {
6138 };
6140 //! <a href="http://www.weidai.com/scan-mirror/sig.html#RSA">RSA signature scheme with appendix</a>
6141 /*! See documentation of PKCS1v15 for a list of hash functions that can be used with it. */
6144 {
6145 };
6147 // The three RSA signature schemes defined in PKCS #1 v2.0
6151 NAMESPACE_END
6153 #endif
6154 ////////////////////////////////////////////////////////////////////////////////
6158 ////////////////////////////////////////////////////////////////////////////////
6159 #ifndef CRYPTOPP_BASECODE_H
6160 #define CRYPTOPP_BASECODE_H
6162 //- #include "filters.h"
6163 //- #include "algparam.h"
6164 //- #include "argnames.h"
6168 //! base n encoder, where n is a power of 2
6170 {
6175 BaseN_Encoder(const byte *alphabet, int log2base, BufferedTransformation *attachment=NULL, int padding=-1)
6176 {
6182 }
6191 SecByteBlock m_outBuf;
6192 };
6194 //! base n decoder, where n is a power of 2
6196 {
6202 {
6204 IsolatedInitialize(MakeParameters(Name::DecodingLookupArray(), lookup)(Name::Log2Base(), log2base));
6205 }
6210 static void InitializeDecodingLookupArray(int *lookup, const byte *alphabet, unsigned int base, bool caseInsensitive);
6216 SecByteBlock m_outBuf;
6217 };
6219 //! filter that breaks input stream into groups of fixed size
6221 {
6226 Grouper(int groupSize, const std::string &separator, const std::string &terminator, BufferedTransformation *attachment=NULL)
6227 {
6232 }
6240 };
6242 NAMESPACE_END
6244 #endif
6245 ////////////////////////////////////////////////////////////////////////////////
6249 ////////////////////////////////////////////////////////////////////////////////
6250 #ifndef CRYPTOPP_BASE64_H
6251 #define CRYPTOPP_BASE64_H
6253 //- #include "basecode.h"
6257 //! Base64 Encoder Class
6259 {
6261 Base64Encoder(BufferedTransformation *attachment = NULL, bool insertLineBreaks = true, int maxLineLength = 72)
6263 {
6264 IsolatedInitialize(MakeParameters(Name::InsertLineBreaks(), insertLineBreaks)(Name::MaxLineLength(), maxLineLength));
6265 }
6268 };
6270 //! Base64 Decoder Class
6272 {
6281 };
6283 NAMESPACE_END
6285 #endif
6286 ////////////////////////////////////////////////////////////////////////////////
6290 ////////////////////////////////////////////////////////////////////////////////
6291 #ifndef CRYPTOPP_FILES_H
6292 #define CRYPTOPP_FILES_H
6294 //- #include "cryptlib.h"
6295 //- #include "filters.h"
6296 //- #include "argnames.h"
6298 #include <iostream>
6299 #include <fstream>
6303 //! file-based implementation of Store interface
6305 {
6308 {
6311 };
6312 class OpenErr : public Err {public: OpenErr(const std::string &filename) : Err("FileStore: error opening file for reading: " + filename) {}};
6324 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
6325 unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
6336 };
6338 //! file-based implementation of Source interface
6340 {
6349 : SourceTemplate<FileStore>(attachment) {SourceInitialize(pumpAll, MakeParameters(Name::InputStreamPointer(), &in));}
6350 FileSource(const char *filename, bool pumpAll, BufferedTransformation *attachment = NULL, bool binary=true)
6351 : SourceTemplate<FileStore>(attachment) {SourceInitialize(pumpAll, MakeParameters(Name::InputFileName(), filename)(Name::InputBinaryMode(), binary));}
6354 };
6356 //! file-based implementation of Sink interface
6358 {
6361 {
6364 };
6365 class OpenErr : public Err {public: OpenErr(const std::string &filename) : Err("FileSink: error opening file for writing: " + filename) {}};
6372 {IsolatedInitialize(MakeParameters(Name::OutputFileName(), filename)("OutputBinaryMode", binary));}
6383 };
6385 NAMESPACE_END
6387 #endif
6388 ////////////////////////////////////////////////////////////////////////////////
6392 ////////////////////////////////////////////////////////////////////////////////
6393 #ifndef CRYPTOPP_RANDPOOL_H
6394 #define CRYPTOPP_RANDPOOL_H
6396 //- #include "cryptlib.h"
6397 //- #include "filters.h"
6401 //! Randomness Pool
6402 /*! This class can be used to generate
6403 pseudorandom bytes after seeding the pool with
6404 the Put() methods */
6407 {
6409 //! poolSize must be greater than 16
6417 unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
6418 unsigned int CopyRangeTo2(BufferedTransformation& /* target */, unsigned long& /* begin */, unsigned long /* end */ = ULONG_MAX, const std::string& /* channel */ = NULL_CHANNEL, bool /* blocking */ = true) const
6419 {
6421 }
6434 };
6436 NAMESPACE_END
6438 #endif
6439 ////////////////////////////////////////////////////////////////////////////////
6443 ////////////////////////////////////////////////////////////////////////////////
6444 // seckey.h - written and placed in the public domain by Wei Dai
6446 // This file contains helper classes/functions for implementing secret key algorithms.
6448 #ifndef CRYPTOPP_SECKEY_H
6449 #define CRYPTOPP_SECKEY_H
6451 //- #include "cryptlib.h"
6452 //- #include "misc.h"
6453 //- #include "simple.h"
6457 //! to be inherited by block ciphers with fixed block size
6459 class FixedBlockSize
6460 {
6463 };
6465 // ************** key length ***************
6467 //! to be inherited by keyed algorithms with fixed key length
6469 class FixedKeyLength
6470 {
6475 };
6477 // ************** implementation helper for SimpledKeyed ***************
6480 static inline void CheckedSetKey(T *obj, Empty empty, const byte *key, unsigned int length, const NameValuePairs ¶m)
6481 {
6484 }
6487 static inline void CheckedSetKey(T *obj, CipherDir dir, const byte *key, unsigned int length, const NameValuePairs& /* param */)
6488 {
6491 }
6493 //! _
6496 {
6501 unsigned int GetValidKeyLength(unsigned int n) const {return INFO::StaticGetValidKeyLength(n);}
6502 typename BASE::IV_Requirement IVRequirement() const {return (typename BASE::IV_Requirement)INFO::IV_REQUIREMENT;}
6506 };
6509 class CRYPTOPP_NO_VTABLE BlockCipherImpl : public AlgorithmImpl<SimpleKeyingInterfaceImpl<TwoBases<BASE, INFO> > >
6510 {
6513 };
6515 //! _
6518 {
6530 void SetKey(const byte *key, unsigned int length, const NameValuePairs ¶m = g_nullNameValuePairs)
6531 {
6533 }
6534 };
6536 // ************** documentation ***************
6538 /*! \brief Each class derived from this one defines two types, Encryption and Decryption,
6539 both of which implement the SymmetricCipher interface. Two types of classes derive
6540 from this class: stream ciphers and block cipher modes. Stream ciphers can be used
6541 alone, cipher mode classes need to be used with a block cipher. See CipherModeDocumentation
6542 for more for information about using cipher modes and block ciphers. */
6543 struct SymmetricCipherDocumentation
6544 {
6545 //! implements the SymmetricCipher interface
6547 //! implements the SymmetricCipher interface
6549 };
6551 NAMESPACE_END
6553 #endif
6554 ////////////////////////////////////////////////////////////////////////////////
6558 ////////////////////////////////////////////////////////////////////////////////
6559 #ifndef CRYPTOPP_OSRNG_H
6560 #define CRYPTOPP_OSRNG_H
6562 //- #include "config.h"
6564 #ifdef OS_RNG_AVAILABLE
6566 //- #include "randpool.h"
6567 //- #include "rng.h"
6568 //- #include "des.h"
6569 //- #include "fips140.h"
6573 //! Exception class for Operating-System Random Number Generator.
6575 {
6578 };
6580 #ifdef NONBLOCKING_RNG_AVAILABLE
6582 #ifdef CRYPTOPP_WIN32_AVAILABLE
6583 class CRYPTOPP_DLL MicrosoftCryptoProvider
6584 {
6588 #if defined(_WIN64)
6590 #else
6592 #endif
6595 ProviderHandle m_hProvider;
6596 };
6599 #endif
6601 //! encapsulate CryptoAPI's CryptGenRandom or /dev/urandom
6603 {
6611 #ifdef CRYPTOPP_WIN32_AVAILABLE
6612 # ifndef WORKAROUND_MS_BUG_Q258000
6613 MicrosoftCryptoProvider m_Provider;
6614 # endif
6615 #else
6617 #endif
6618 };
6620 #endif
6622 #ifdef BLOCKING_RNG_AVAILABLE
6624 //! encapsulate /dev/random
6626 {
6635 };
6637 #endif
6641 //! Automaticly Seeded Randomness Pool
6642 /*! This class seeds itself using an operating system provided RNG. */
6644 {
6646 //! blocking will be ignored if the preferred RNG isn't available
6650 };
6652 NAMESPACE_END
6654 #endif
6656 #endif
6657 ////////////////////////////////////////////////////////////////////////////////
6661 ////////////////////////////////////////////////////////////////////////////////
6662 #ifndef CRYPTOPP_MD4_H
6663 #define CRYPTOPP_MD4_H
6665 //- #include "iterhash.h"
6669 //! <a href="http://www.weidai.com/scan-mirror/md.html#MD4">MD4</a>
6670 /*! \warning MD4 is considered insecure, and should not be used
6671 unless you absolutely need compatibility with a broken product. */
6673 {
6678 };
6680 NAMESPACE_END
6682 #endif
6683 ////////////////////////////////////////////////////////////////////////////////
6685 #endif