00001
00002
00003
#include "pch.h"
00004
#include "pubkey.h"
00005
00006 NAMESPACE_BEGIN(CryptoPP)
00007
00008 void P1363_MGF1KDF2_Common(
HashTransformation &hash, byte *output,
unsigned int outputLength, const byte *input,
unsigned int inputLength,
bool mask,
unsigned int counterStart)
00009 {
00010
ArraySink *sink;
00011
HashFilter filter(hash, sink = mask ?
new ArrayXorSink(output, outputLength) :
new ArraySink(output, outputLength));
00012 word32 counter = counterStart;
00013
while (sink->
AvailableSize() > 0)
00014 {
00015 filter.Put(input, inputLength);
00016 filter.PutWord32(counter++);
00017 filter.MessageEnd();
00018 }
00019 }
00020
00021
bool PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative(
00022
HashTransformation &hash, HashIdentifier hashIdentifier,
bool messageEmpty,
00023 byte *representative,
unsigned int representativeBitLength)
const
00024
{
00025
SecByteBlock computedRepresentative(BitsToBytes(representativeBitLength));
00026 ComputeMessageRepresentative(NullRNG(), NULL, 0, hash, hashIdentifier, messageEmpty, computedRepresentative, representativeBitLength);
00027
return memcmp(representative, computedRepresentative, computedRepresentative.
size()) == 0;
00028 }
00029
00030
bool PK_RecoverableSignatureMessageEncodingMethod::VerifyMessageRepresentative(
00031
HashTransformation &hash, HashIdentifier hashIdentifier,
bool messageEmpty,
00032 byte *representative,
unsigned int representativeBitLength)
const
00033
{
00034
SecByteBlock recoveredMessage(MaxRecoverableLength(representativeBitLength, hashIdentifier.second, hash.
DigestSize()));
00035
DecodingResult result = RecoverMessageFromRepresentative(
00036 hash, hashIdentifier, messageEmpty, representative, representativeBitLength, recoveredMessage);
00037
return result.
isValidCoding && result.
messageLength == 0;
00038 }
00039
00040
void TF_SignerBase::InputRecoverableMessage(
PK_MessageAccumulator &messageAccumulator,
const byte *recoverableMessage,
unsigned int recoverableMessageLength)
const
00041
{
00042 PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
00043
const MessageEncodingInterface &mei = GetMessageEncodingInterface();
00044
unsigned int maxRecoverableLength = mei.MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, ma.AccessHash().DigestSize());
00045
00046
if (maxRecoverableLength == 0)
00047 {
throw NotImplemented(
"TF_SignerBase: this algorithm does not support messsage recovery or the key is too short");}
00048
if (recoverableMessageLength > maxRecoverableLength)
00049
throw InvalidArgument(
"TF_SignerBase: the recoverable message part is too long for the given key and algorithm");
00050
00051 ma.m_recoverableMessage.Assign(recoverableMessage, recoverableMessageLength);
00052 mei.ProcessRecoverableMessage(
00053 ma.AccessHash(),
00054 recoverableMessage, recoverableMessageLength,
00055 NULL, 0, ma.m_semisignature);
00056 }
00057
00058 unsigned int TF_SignerBase::SignAndRestart(
RandomNumberGenerator &rng,
PK_MessageAccumulator &messageAccumulator, byte *signature,
bool restart)
const
00059
{
00060 PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
00061
SecByteBlock representative(MessageRepresentativeLength());
00062 GetMessageEncodingInterface().ComputeMessageRepresentative(rng,
00063 ma.m_recoverableMessage, ma.m_recoverableMessage.size(),
00064 ma.AccessHash(), GetHashIdentifier(), ma.m_empty,
00065 representative, MessageRepresentativeBitLength());
00066 ma.m_empty =
true;
00067
00068
Integer r(representative, representative.
size());
00069
unsigned int signatureLength =
SignatureLength();
00070 GetTrapdoorFunctionInterface().CalculateRandomizedInverse(rng, r).Encode(signature, signatureLength);
00071
return signatureLength;
00072 }
00073
00074 void TF_VerifierBase::InputSignature(
PK_MessageAccumulator &messageAccumulator,
const byte *signature,
unsigned int signatureLength)
const
00075
{
00076 PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
00077 ma.m_representative.New(MessageRepresentativeLength());
00078
Integer x = GetTrapdoorFunctionInterface().ApplyFunction(
Integer(signature, signatureLength));
00079
if (x.BitCount() > MessageRepresentativeBitLength())
00080 x =
Integer::Zero();
00081 x.Encode(ma.m_representative, ma.m_representative.size());
00082 }
00083
00084 bool TF_VerifierBase::VerifyAndRestart(
PK_MessageAccumulator &messageAccumulator)
const
00085
{
00086 PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
00087
bool result = GetMessageEncodingInterface().VerifyMessageRepresentative(
00088 ma.AccessHash(), GetHashIdentifier(), ma.m_empty, ma.m_representative, MessageRepresentativeBitLength());
00089 ma.m_empty =
true;
00090
return result;
00091 }
00092
00093 DecodingResult TF_VerifierBase::RecoverAndRestart(byte *recoveredMessage,
PK_MessageAccumulator &messageAccumulator)
const
00094
{
00095 PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
00096
DecodingResult result = GetMessageEncodingInterface().RecoverMessageFromRepresentative(
00097 ma.AccessHash(), GetHashIdentifier(), ma.m_empty, ma.m_representative, MessageRepresentativeBitLength(), recoveredMessage);
00098 ma.m_empty =
true;
00099
return result;
00100 }
00101
00102 DecodingResult TF_DecryptorBase::FixedLengthDecrypt(
RandomNumberGenerator &rng,
const byte *cipherText, byte *plainText)
const
00103
{
00104
SecByteBlock paddedBlock(PaddedBlockByteLength());
00105
Integer x = GetTrapdoorFunctionInterface().CalculateInverse(rng,
Integer(cipherText, FixedCiphertextLength()));
00106
if (x.ByteCount() > paddedBlock.
size())
00107 x =
Integer::Zero();
00108 x.Encode(paddedBlock, paddedBlock.
size());
00109
return GetMessageEncodingInterface().Unpad(paddedBlock, PaddedBlockBitLength(), plainText);
00110 }
00111
00112 void TF_EncryptorBase::Encrypt(
RandomNumberGenerator &rng,
const byte *plainText,
unsigned int plainTextLength, byte *cipherText)
const
00113
{
00114
if (plainTextLength > FixedMaxPlaintextLength())
00115
throw InvalidArgument(
AlgorithmName() +
": message too long for this public key");
00116
00117
SecByteBlock paddedBlock(PaddedBlockByteLength());
00118 GetMessageEncodingInterface().Pad(rng, plainText, plainTextLength, paddedBlock, PaddedBlockBitLength());
00119 GetTrapdoorFunctionInterface().ApplyRandomizedFunction(rng,
Integer(paddedBlock, paddedBlock.
size())).Encode(cipherText, FixedCiphertextLength());
00120 }
00121
00122 NAMESPACE_END