24 template <
class GROUP_PARAMETERS,
class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption>
28 typedef GROUP_PARAMETERS GroupParameters;
29 typedef typename GroupParameters::Element Element;
35 : m_groupParameters(params) {}
38 {m_groupParameters.BERDecode(bt);}
40 template <
class T1,
class T2>
42 {m_groupParameters.Initialize(v1, v2);}
44 template <
class T1,
class T2,
class T3>
46 {m_groupParameters.Initialize(v1, v2, v3);}
48 template <
class T1,
class T2,
class T3,
class T4>
50 {m_groupParameters.Initialize(v1, v2, v3, v4);}
52 const GroupParameters & GetGroupParameters()
const {
return m_groupParameters;}
53 GroupParameters & AccessGroupParameters() {
return m_groupParameters;}
55 CryptoParameters & AccessCryptoParameters() {
return AccessAbstractGroupParameters();}
57 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
72 Element y = params.ExponentiateBase(x);
73 params.EncodeElement(
true, y, publicKey);
84 Element y = params.ExponentiateBase(x);
95 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
96 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
97 bool validateStaticOtherPublicKey=
true)
const 102 Element WW = params.DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
103 Element VV = params.DecodeElement(ephemeralOtherPublicKey,
true);
109 const Integer &r = params.GetSubgroupOrder();
111 Integer e = ((h2+params.ConvertElementToInteger(V)%h2)*s+u) % r;
112 Integer tt = h2 + params.ConvertElementToInteger(VV) % h2;
114 if (COFACTOR_OPTION::ToEnum() == NO_COFACTOR_MULTIPLICTION)
116 Element P = params.ExponentiateElement(WW, tt);
117 P = m_groupParameters.MultiplyElements(P, VV);
120 params.SimultaneousExponentiate(R, P, e2, 2);
121 if (!params.IsIdentity(R[0]) || params.IsIdentity(R[1]))
123 params.EncodeElement(
false, R[1], agreedValue);
127 const Integer &k = params.GetCofactor();
128 if (COFACTOR_OPTION::ToEnum() == COMPATIBLE_COFACTOR_MULTIPLICTION)
130 Element P = m_groupParameters.CascadeExponentiate(VV, k*e, WW, k*(e*tt%r));
131 if (params.IsIdentity(P))
133 params.EncodeElement(
false, P, agreedValue);
147 GroupParameters m_groupParameters;
void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
generate static public key
Utility functions for the Crypto++ library.
bool Agree(byte *agreedValue, const byte *staticPrivateKey, const byte *ephemeralPrivateKey, const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey, bool validateStaticOtherPublicKey=true) const
derive agreed value from your private keys and couterparty's public keys, return false in case of fai...
interface for DL group parameters
Abstract base classes that provide a uniform interface to this library.
Ring of congruence classes modulo n.
Interface for random number generators.
static const Integer & One()
Integer representing 1.
MQV_Domain< DL_GroupParameters_GFP_DefaultSafePrime > MQV
Menezes-Qu-Vanstone in GF(p) with key validation, AKA MQV
MQV domain for performing authenticated key agreement.
static Integer Power2(size_t e)
Exponentiates to a power of 2.
Multiple precision integer with arithmetic operations.
unsigned int EphemeralPublicKeyLength() const
return length of ephemeral public keys in this domain
unsigned int StaticPrivateKeyLength() const
return length of static private keys in this domain
Implementation of schemes based on DL over GF(p)
void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
generate ephemeral private key
to be thrown by DecodeElement and AgreeWithStaticPrivateKey
void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
generate ephemeral public key
unsigned int BitCount() const
number of significant bits = floor(log2(abs(*this))) + 1
void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
generate static private key
void Encode(byte *output, size_t outputLen, Signedness sign=UNSIGNED) const
Encode in big-endian format.
unsigned int StaticPublicKeyLength() const
return length of static public keys in this domain
Interface for crypto prameters.
unsigned int EphemeralPrivateKeyLength() const
return length of ephemeral private keys in this domain
Class file for performing modular arithmetic.
Crypto++ library namespace.
unsigned int AgreedValueLength() const
return length of agreed value produced
Interface for domains of authenticated key agreement protocols.