esign_8cpp_source.html

 // esign.cpp - written and placed in the public domain by Wei Dai

 #include "pch.h"
 #include "config.h"

 // TODO: fix the C4589 warnings
 #if CRYPTOPP_MSC_VERSION
 # pragma warning(disable: 4589)
 #endif

 #include "esign.h"
 #include "modarith.h"
 #include "integer.h"
 #include "nbtheory.h"
 #include "algparam.h"
 #include "sha.h"
 #include "asn.h"

 NAMESPACE_BEGIN(CryptoPP)

 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
 void ESIGN_TestInstantiations()
 {
         ESIGN<SHA>::Verifier x1(1, 1);
         ESIGN<SHA>::Signer x2(NullRNG(), 1);
         ESIGN<SHA>::Verifier x3(x2);
         ESIGN<SHA>::Verifier x4(x2.GetKey());
         ESIGN<SHA>::Verifier x5(x3);
         ESIGN<SHA>::Signer x6 = x2;

         x6 = x2;
         x3 = ESIGN<SHA>::Verifier(x2);
         x4 = x2.GetKey();
 }
 #endif

 void ESIGNFunction::BERDecode(BufferedTransformation &bt)
 {
         BERSequenceDecoder seq(bt);
                 m_n.BERDecode(seq);
                 m_e.BERDecode(seq);
         seq.MessageEnd();
 }

 void ESIGNFunction::DEREncode(BufferedTransformation &bt) const
 {
         DERSequenceEncoder seq(bt);
                 m_n.DEREncode(seq);
                 m_e.DEREncode(seq);
         seq.MessageEnd();
 }

 Integer ESIGNFunction::ApplyFunction(const Integer &x) const
 {
         DoQuickSanityCheck();
         return STDMIN(a_exp_b_mod_c(x, m_e, m_n) >> (2*GetK()+2), MaxImage());
 }

 bool ESIGNFunction::Validate(RandomNumberGenerator& rng, unsigned int level) const
 {
         CRYPTOPP_UNUSED(rng), CRYPTOPP_UNUSED(level);
         bool pass = true;
         pass = pass && m_n > Integer::One() && m_n.IsOdd();
         pass = pass && m_e >= 8 && m_e < m_n;
         return pass;
 }

 bool ESIGNFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
 {
         return GetValueHelper(this, name, valueType, pValue).Assignable()
                 CRYPTOPP_GET_FUNCTION_ENTRY(Modulus)
                 CRYPTOPP_GET_FUNCTION_ENTRY(PublicExponent)
                 ;
 }

 void ESIGNFunction::AssignFrom(const NameValuePairs &source)
 {
         AssignFromHelper(this, source)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Modulus)
                 CRYPTOPP_SET_FUNCTION_ENTRY(PublicExponent)
                 ;
 }

 // *****************************************************************************

 void InvertibleESIGNFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &param)
 {
         int modulusSize = 1023*2;
         param.GetIntValue("ModulusSize", modulusSize) || param.GetIntValue("KeySize", modulusSize);

         if (modulusSize < 24)
                 throw InvalidArgument("InvertibleESIGNFunction: specified modulus size is too small");

         if (modulusSize % 3 != 0)
                 throw InvalidArgument("InvertibleESIGNFunction: modulus size must be divisible by 3");

         m_e = param.GetValueWithDefault("PublicExponent", Integer(32));

         if (m_e < 8)
                 throw InvalidArgument("InvertibleESIGNFunction: public exponents less than 8 may not be secure");

         // VC70 workaround: putting these after primeParam causes overlapped stack allocation
         ConstByteArrayParameter seedParam;
         SecByteBlock seed;

         const Integer minP = Integer(204) << (modulusSize/3-8);
         const Integer maxP = Integer::Power2(modulusSize/3)-1;
         AlgorithmParameters primeParam = MakeParameters("Min", minP)("Max", maxP)("RandomNumberType", Integer::PRIME);

         if (param.GetValue("Seed", seedParam))
         {
                 seed.resize(seedParam.size() + 4);
                 memcpy(seed + 4, seedParam.begin(), seedParam.size());

                 PutWord(false, BIG_ENDIAN_ORDER, seed, (word32)0);
                 m_p.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("Seed", ConstByteArrayParameter(seed))));
                 PutWord(false, BIG_ENDIAN_ORDER, seed, (word32)1);
                 m_q.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("Seed", ConstByteArrayParameter(seed))));
         }
         else
         {
                 m_p.GenerateRandom(rng, primeParam);
                 m_q.GenerateRandom(rng, primeParam);
         }

         m_n = m_p * m_p * m_q;

         CRYPTOPP_ASSERT(m_n.BitCount() == (unsigned int)modulusSize);
 }

 void InvertibleESIGNFunction::BERDecode(BufferedTransformation &bt)
 {
         BERSequenceDecoder privateKey(bt);
                 m_n.BERDecode(privateKey);
                 m_e.BERDecode(privateKey);
                 m_p.BERDecode(privateKey);
                 m_q.BERDecode(privateKey);
         privateKey.MessageEnd();
 }

 void InvertibleESIGNFunction::DEREncode(BufferedTransformation &bt) const
 {
         DERSequenceEncoder privateKey(bt);
                 m_n.DEREncode(privateKey);
                 m_e.DEREncode(privateKey);
                 m_p.DEREncode(privateKey);
                 m_q.DEREncode(privateKey);
         privateKey.MessageEnd();
 }

 Integer InvertibleESIGNFunction::CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
 {
         DoQuickSanityCheck();

         Integer pq = m_p * m_q;
         Integer p2 = m_p * m_p;
         Integer r, z, re, a, w0, w1;

         do
         {
                 r.Randomize(rng, Integer::Zero(), pq);
                 z = x << (2*GetK()+2);
                 re = a_exp_b_mod_c(r, m_e, m_n);
                 a = (z - re) % m_n;
                 Integer::Divide(w1, w0, a, pq);
                 if (w1.NotZero())
                 {
                         ++w0;
                         w1 = pq - w1;
                 }
         }
         while ((w1 >> (2*GetK()+1)).IsPositive());

         ModularArithmetic modp(m_p);
         Integer t = modp.Divide(w0 * r % m_p, m_e * re % m_p);
         Integer s = r + t*pq;
         CRYPTOPP_ASSERT(s < m_n);
 #if 0
         using namespace std;
         cout << "f = " << x << endl;
         cout << "r = " << r << endl;
         cout << "z = " << z << endl;
         cout << "a = " << a << endl;
         cout << "w0 = " << w0 << endl;
         cout << "w1 = " << w1 << endl;
         cout << "t = " << t << endl;
         cout << "s = " << s << endl;
 #endif
         return s;
 }

 bool InvertibleESIGNFunction::Validate(RandomNumberGenerator &rng, unsigned int level) const
 {
         bool pass = ESIGNFunction::Validate(rng, level);
         pass = pass && m_p > Integer::One() && m_p.IsOdd() && m_p < m_n;
         pass = pass && m_q > Integer::One() && m_q.IsOdd() && m_q < m_n;
         pass = pass && m_p.BitCount() == m_q.BitCount();
         if (level >= 1)
                 pass = pass && m_p * m_p * m_q == m_n;
         if (level >= 2)
                 pass = pass && VerifyPrime(rng, m_p, level-2) && VerifyPrime(rng, m_q, level-2);
         return pass;
 }

 bool InvertibleESIGNFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
 {
         return GetValueHelper<ESIGNFunction>(this, name, valueType, pValue).Assignable()
                 CRYPTOPP_GET_FUNCTION_ENTRY(Prime1)
                 CRYPTOPP_GET_FUNCTION_ENTRY(Prime2)
                 ;
 }

 void InvertibleESIGNFunction::AssignFrom(const NameValuePairs &source)
 {
         AssignFromHelper<ESIGNFunction>(this, source)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Prime1)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Prime2)
                 ;
 }

 NAMESPACE_END
ConstByteArrayParameter
Used to pass byte array input as part of a NameValuePairs object.
Definition: algparam.h:29

InvertibleESIGNFunction::CalculateRandomizedInverse
Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const
Applies the inverse of the trapdoor function, using random data if required.
Definition: esign.cpp:151

InvalidArgument
An invalid argument was detected.
Definition: cryptlib.h:184

algparam.h
Classes for working with NameValuePairs.

Integer::PRIME
a number which is probabilistically prime
Definition: integer.h:89

Integer::NotZero
bool NotZero() const
Determines if the Integer is non-0.
Definition: integer.h:327

Integer::IsOdd
bool IsOdd() const
Determines if the Integer is odd parity.
Definition: integer.h:345

NameValuePairs::GetValueWithDefault
T GetValueWithDefault(const char *name, T defaultValue) const
Get a named value.
Definition: cryptlib.h:350

TF_SS< ESIGN_Keys, STANDARD, H >::Verifier
PK_FinalTemplate< TF_VerifierImpl< SchemeOptions > > Verifier
implements PK_Verifier interface
Definition: pubkey.h:2121

ESIGNFunction::GetK
unsigned int GetK() const
Definition: esign.h:56

SecBlock::resize
void resize(size_type newSize)
Change size and preserve contents.
Definition: secblock.h:705

DERGeneralEncoder::MessageEnd
void MessageEnd()
Definition: asn.cpp:524

PutWord
void PutWord(bool assumeAligned, ByteOrder order, byte *block, T value, const byte *xorBlock=NULL)
Access a block of memory.
Definition: misc.h:2123

NAMESPACE_BEGIN
#define NAMESPACE_BEGIN(x)
Definition: config.h:200

NameValuePairs::GetIntValue
CRYPTOPP_DLL bool GetIntValue(const char *name, int &value) const
Get a named value with type int.
Definition: cryptlib.h:373

SecBlock< byte >

ConstByteArrayParameter::size
size_t size() const
Length of the memory block.
Definition: algparam.h:93

config.h
Library configuration file.

ModularArithmetic
Ring of congruence classes modulo n.
Definition: modarith.h:34

std
std::hash for asio::adress
Definition: Common.h:323

InvertibleESIGNFunction::DEREncode
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
Definition: esign.cpp:141

RandomNumberGenerator
Interface for random number generators.
Definition: cryptlib.h:1188

InvertibleESIGNFunction::Validate
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Definition: esign.cpp:192

Integer::Randomize
void Randomize(RandomNumberGenerator &rng, size_t bitCount)
Set this Integer to random integer.
Definition: integer.cpp:3458

CombinedNameValuePairs
Combines two sets of NameValuePairs.
Definition: algparam.h:135

BERSequenceDecoder
BER Sequence Decoder.
Definition: asn.h:303

BufferedTransformation
Interface for buffered transformations.
Definition: cryptlib.h:1352

ConstByteArrayParameter::begin
const byte * begin() const
Pointer to the first byte in the memory block.
Definition: algparam.h:89

Integer::One
static const Integer &CRYPTOPP_API One()
Integer representing 1.
Definition: integer.cpp:3035

esign.h
Classes providing ESIGN signature schemes as defined in IEEE P1363a.

VerifyPrime
bool VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level)
Verifies a prime number.
Definition: nbtheory.cpp:249

Integer::BitCount
unsigned int BitCount() const
Determines the number of bits required to represent the Integer.
Definition: integer.cpp:3305

InvertibleESIGNFunction::BERDecode
void BERDecode(BufferedTransformation &bt)
Decode this object from a BufferedTransformation.
Definition: esign.cpp:131

a
#define a(i)

x
#define x(i)

source
const char * source
Definition: rpcconsole.cpp:60

ESIGNFunction::Validate
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Definition: esign.cpp:59

NameValuePairs::GetValue
bool GetValue(const char *name, T &value) const
Get a named value.
Definition: cryptlib.h:337

MakeParameters
AlgorithmParameters MakeParameters(const char *name, const T &value, bool throwIfNotUsed=true)
Create an object that implements NameValuePairs.
Definition: algparam.h:498

name
const char * name
Definition: rest.cpp:36

InvertibleESIGNFunction::AssignFrom
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Definition: esign.cpp:213

Integer::Power2
static Integer CRYPTOPP_API Power2(size_t e)
Exponentiates to a power of 2.
Definition: integer.cpp:3008

Integer
Multiple precision integer with arithmetic operations.
Definition: integer.h:43

ESIGNFunction::m_e
Integer m_e
Definition: esign.h:58

pch.h

TrapdoorFunctionBounds::MaxImage
virtual Integer MaxImage() const
Returns the maximum size of a message after the trapdoor function is applied bound to a public key...
Definition: pubkey.h:93

ESIGNFunction::m_n
Integer m_n
Definition: esign.h:58

ESIGNFunction::BERDecode
void BERDecode(BufferedTransformation &bt)
Decode this object from a BufferedTransformation.
Definition: esign.cpp:37

AssignFromHelper
AssignFromHelperClass< T, BASE > AssignFromHelper(T *pObject, const NameValuePairs &source)
Definition: algparam.h:286

BIG_ENDIAN_ORDER
byte order is big-endian
Definition: cryptlib.h:128

STDMIN
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
Definition: misc.h:477

CRYPTOPP_ASSERT
#define CRYPTOPP_ASSERT(exp)
Definition: trap.h:92

Integer::Divide
static void CRYPTOPP_API Divide(Integer &r, Integer &q, const Integer &a, const Integer &d)
calculate r and q such that (a == d*q + r) && (0 <= r < abs(d))
Definition: integer.cpp:4144

ModularArithmetic::Divide
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Definition: modarith.h:198

asn.h
Classes and functions for working with ANS.1 objects.

sha.h
Classes for SHA-1 and SHA-2 family of message digests.

InvertibleESIGNFunction::GetVoidValue
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Definition: esign.cpp:205

BERGeneralDecoder::MessageEnd
void MessageEnd()
Definition: asn.cpp:456

CRYPTOPP_SET_FUNCTION_ENTRY
#define CRYPTOPP_SET_FUNCTION_ENTRY(name)
Definition: algparam.h:505

nbtheory.h
Classes and functions for number theoretic operations.

Integer::DEREncode
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
Definition: integer.cpp:3391

DERSequenceEncoder
DER Sequence Encoder.
Definition: asn.h:313

pass
#define pass(a, b, c, mul, X)

CRYPTOPP_GET_FUNCTION_ENTRY
#define CRYPTOPP_GET_FUNCTION_ENTRY(name)
Definition: algparam.h:504

memcpy
void * memcpy(void *a, const void *b, size_t c)
Definition: glibc_compat.cpp:17

CRYPTOPP_UNUSED
#define CRYPTOPP_UNUSED(x)
Definition: config.h:741

NullRNG
RandomNumberGenerator & NullRNG()
Random Number Generator that does not produce random numbers.
Definition: cryptlib.cpp:402

AlgorithmParameters
An object that implements NameValuePairs.
Definition: algparam.h:433

integer.h
Multiple precision integer with arithmetic operations.

Integer::Zero
static const Integer &CRYPTOPP_API Zero()
Integer representing 0.
Definition: integer.cpp:3027

NAMESPACE_END
#define NAMESPACE_END
Definition: config.h:201

Integer::BERDecode
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
Definition: integer.cpp:3398

ESIGNFunction::AssignFrom
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Definition: esign.cpp:76

modarith.h
Class file for performing modular arithmetic.

CryptoPP

z
#define z(i)

a_exp_b_mod_c
Integer a_exp_b_mod_c(const Integer &x, const Integer &e, const Integer &m)
Definition: integer.cpp:4359

InvertibleESIGNFunction::GenerateRandom
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
Definition: esign.cpp:86

word32
unsigned int word32
Definition: config.h:231

ESIGNFunction::GetVoidValue
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Definition: esign.cpp:68

ESIGNFunction::DEREncode
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
Definition: esign.cpp:45

ESIGNFunction::ApplyFunction
Integer ApplyFunction(const Integer &x) const
Applies the trapdoor.
Definition: esign.cpp:53

NameValuePairs
Interface for retrieving values given their names.
Definition: cryptlib.h:279

CryptoMaterial::DoQuickSanityCheck
void DoQuickSanityCheck() const
Perform a quick sanity check.
Definition: cryptlib.h:2145

PK_FinalTemplate
Template implementing constructors for public key algorithm classes.
Definition: pubkey.h:1989

GetValueHelper
GetValueHelperClass< T, BASE > GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL)
Definition: algparam.h:224