rabin_8cpp_source.html

 // rabin.cpp - written and placed in the public domain by Wei Dai

 #include "pch.h"
 #include "rabin.h"
 #include "integer.h"
 #include "nbtheory.h"
 #include "modarith.h"
 #include "asn.h"
 #include "sha.h"

 NAMESPACE_BEGIN(CryptoPP)

 void RabinFunction::BERDecode(BufferedTransformation &bt)
 {
         BERSequenceDecoder seq(bt);
         m_n.BERDecode(seq);
         m_r.BERDecode(seq);
         m_s.BERDecode(seq);
         seq.MessageEnd();
 }

 void RabinFunction::DEREncode(BufferedTransformation &bt) const
 {
         DERSequenceEncoder seq(bt);
         m_n.DEREncode(seq);
         m_r.DEREncode(seq);
         m_s.DEREncode(seq);
         seq.MessageEnd();
 }

 Integer RabinFunction::ApplyFunction(const Integer &in) const
 {
         DoQuickSanityCheck();

         Integer out = in.Squared()%m_n;
         if (in.IsOdd())
                 out = out*m_r%m_n;
         if (Jacobi(in, m_n)==-1)
                 out = out*m_s%m_n;
         return out;
 }

 bool RabinFunction::Validate(RandomNumberGenerator& /*rng*/, unsigned int level) const
 {
         bool pass = true;
         pass = pass && m_n > Integer::One() && m_n%4 == 1;
         pass = pass && m_r > Integer::One() && m_r < m_n;
         pass = pass && m_s > Integer::One() && m_s < m_n;
         if (level >= 1)
                 pass = pass && Jacobi(m_r, m_n) == -1 && Jacobi(m_s, m_n) == -1;
         return pass;
 }

 bool RabinFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
 {
         return GetValueHelper(this, name, valueType, pValue).Assignable()
                 CRYPTOPP_GET_FUNCTION_ENTRY(Modulus)
                 CRYPTOPP_GET_FUNCTION_ENTRY(QuadraticResidueModPrime1)
                 CRYPTOPP_GET_FUNCTION_ENTRY(QuadraticResidueModPrime2)
                 ;
 }

 void RabinFunction::AssignFrom(const NameValuePairs &source)
 {
         AssignFromHelper(this, source)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Modulus)
                 CRYPTOPP_SET_FUNCTION_ENTRY(QuadraticResidueModPrime1)
                 CRYPTOPP_SET_FUNCTION_ENTRY(QuadraticResidueModPrime2)
                 ;
 }

 // *****************************************************************************
 // private key operations:

 // generate a random private key
 void InvertibleRabinFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
 {
         int modulusSize = 2048;
         alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);

         if (modulusSize < 16)
                 throw InvalidArgument("InvertibleRabinFunction: specified modulus size is too small");

         // VC70 workaround: putting these after primeParam causes overlapped stack allocation
         bool rFound=false, sFound=false;
         Integer t=2;

         AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
                 ("EquivalentTo", 3)("Mod", 4);
         m_p.GenerateRandom(rng, primeParam);
         m_q.GenerateRandom(rng, primeParam);

         while (!(rFound && sFound))
         {
                 int jp = Jacobi(t, m_p);
                 int jq = Jacobi(t, m_q);

                 if (!rFound && jp==1 && jq==-1)
                 {
                         m_r = t;
                         rFound = true;
                 }

                 if (!sFound && jp==-1 && jq==1)
                 {
                         m_s = t;
                         sFound = true;
                 }

                 ++t;
         }

         m_n = m_p * m_q;
         m_u = m_q.InverseMod(m_p);
 }

 void InvertibleRabinFunction::BERDecode(BufferedTransformation &bt)
 {
         BERSequenceDecoder seq(bt);
         m_n.BERDecode(seq);
         m_r.BERDecode(seq);
         m_s.BERDecode(seq);
         m_p.BERDecode(seq);
         m_q.BERDecode(seq);
         m_u.BERDecode(seq);
         seq.MessageEnd();
 }

 void InvertibleRabinFunction::DEREncode(BufferedTransformation &bt) const
 {
         DERSequenceEncoder seq(bt);
         m_n.DEREncode(seq);
         m_r.DEREncode(seq);
         m_s.DEREncode(seq);
         m_p.DEREncode(seq);
         m_q.DEREncode(seq);
         m_u.DEREncode(seq);
         seq.MessageEnd();
 }

 Integer InvertibleRabinFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &in) const
 {
         DoQuickSanityCheck();

         ModularArithmetic modn(m_n);
         Integer r(rng, Integer::One(), m_n - Integer::One());
         r = modn.Square(r);
         Integer r2 = modn.Square(r);
         Integer c = modn.Multiply(in, r2);              // blind

         Integer cp=c%m_p, cq=c%m_q;

         int jp = Jacobi(cp, m_p);
         int jq = Jacobi(cq, m_q);

         if (jq==-1)
         {
                 cp = cp*EuclideanMultiplicativeInverse(m_r, m_p)%m_p;
                 cq = cq*EuclideanMultiplicativeInverse(m_r, m_q)%m_q;
         }

         if (jp==-1)
         {
                 cp = cp*EuclideanMultiplicativeInverse(m_s, m_p)%m_p;
                 cq = cq*EuclideanMultiplicativeInverse(m_s, m_q)%m_q;
         }

         cp = ModularSquareRoot(cp, m_p);
         cq = ModularSquareRoot(cq, m_q);

         if (jp==-1)
                 cp = m_p-cp;

         Integer out = CRT(cq, m_q, cp, m_p, m_u);

         out = modn.Divide(out, r);      // unblind

         if ((jq==-1 && out.IsEven()) || (jq==1 && out.IsOdd()))
                 out = m_n-out;

         return out;
 }

 bool InvertibleRabinFunction::Validate(RandomNumberGenerator &rng, unsigned int level) const
 {
         bool pass = RabinFunction::Validate(rng, level);
         pass = pass && m_p > Integer::One() && m_p%4 == 3 && m_p < m_n;
         pass = pass && m_q > Integer::One() && m_q%4 == 3 && m_q < m_n;
         pass = pass && m_u.IsPositive() && m_u < m_p;
         if (level >= 1)
         {
                 pass = pass && m_p * m_q == m_n;
                 pass = pass && m_u * m_q % m_p == 1;
                 pass = pass && Jacobi(m_r, m_p) == 1;
                 pass = pass && Jacobi(m_r, m_q) == -1;
                 pass = pass && Jacobi(m_s, m_p) == -1;
                 pass = pass && Jacobi(m_s, m_q) == 1;
         }
         if (level >= 2)
                 pass = pass && VerifyPrime(rng, m_p, level-2) && VerifyPrime(rng, m_q, level-2);
         return pass;
 }

 bool InvertibleRabinFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
 {
         return GetValueHelper<RabinFunction>(this, name, valueType, pValue).Assignable()
                 CRYPTOPP_GET_FUNCTION_ENTRY(Prime1)
                 CRYPTOPP_GET_FUNCTION_ENTRY(Prime2)
                 CRYPTOPP_GET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
                 ;
 }

 void InvertibleRabinFunction::AssignFrom(const NameValuePairs &source)
 {
         AssignFromHelper<RabinFunction>(this, source)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Prime1)
                 CRYPTOPP_SET_FUNCTION_ENTRY(Prime2)
                 CRYPTOPP_SET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
                 ;
 }

 NAMESPACE_END
RabinFunction::Validate
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Definition: rabin.cpp:43

Jacobi
int Jacobi(const Integer &aIn, const Integer &bIn)
Definition: nbtheory.cpp:787

InvalidArgument
An invalid argument was detected.
Definition: cryptlib.h:184

rabin.h
Classes for Rabin encryption and signature schemes.

MakeParametersForTwoPrimesOfEqualSize
AlgorithmParameters MakeParametersForTwoPrimesOfEqualSize(unsigned int productBitLength)
Definition: nbtheory.cpp:267

RabinFunction::ApplyFunction
Integer ApplyFunction(const Integer &x) const
Applies the trapdoor.
Definition: rabin.cpp:31

Integer::IsOdd
bool IsOdd() const
Determines if the Integer is odd parity.
Definition: integer.h:345

InvertibleRabinFunction::CalculateInverse
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const
Calculates the inverse of an element.
Definition: rabin.cpp:141

InvertibleRabinFunction::DEREncode
void DEREncode(BufferedTransformation &bt) const
Definition: rabin.cpp:129

DERGeneralEncoder::MessageEnd
void MessageEnd()
Definition: asn.cpp:524

NAMESPACE_BEGIN
#define NAMESPACE_BEGIN(x)
Definition: config.h:200

NameValuePairs::GetIntValue
CRYPTOPP_DLL bool GetIntValue(const char *name, int &value) const
Get a named value with type int.
Definition: cryptlib.h:373

Integer::IsEven
bool IsEven() const
Determines if the Integer is even parity.
Definition: integer.h:342

ModularArithmetic::Square
const Integer & Square(const Integer &a) const
Square an element in the ring.
Definition: modarith.h:177

c
#define c(i)

ModularArithmetic
Ring of congruence classes modulo n.
Definition: modarith.h:34

RandomNumberGenerator
Interface for random number generators.
Definition: cryptlib.h:1188

CRT
Integer CRT(const Integer &xp, const Integer &p, const Integer &xq, const Integer &q, const Integer &u)
Definition: nbtheory.cpp:555

BERSequenceDecoder
BER Sequence Decoder.
Definition: asn.h:303

BufferedTransformation
Interface for buffered transformations.
Definition: cryptlib.h:1352

Integer::One
static const Integer &CRYPTOPP_API One()
Integer representing 1.
Definition: integer.cpp:3035

VerifyPrime
bool VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level)
Verifies a prime number.
Definition: nbtheory.cpp:249

RabinFunction
Rabin trapdoor function using the public key.
Definition: rabin.h:19

ModularArithmetic::Multiply
const Integer & Multiply(const Integer &a, const Integer &b) const
Multiplies elements in the ring.
Definition: modarith.h:170

Integer::IsPositive
bool IsPositive() const
Determines if the Integer is positive.
Definition: integer.h:336

source
const char * source
Definition: rpcconsole.cpp:60

Integer::Squared
Integer Squared() const
Multiply this integer by itself.
Definition: integer.h:570

name
const char * name
Definition: rest.cpp:36

r2
#define r2(i)

RabinFunction::DEREncode
void DEREncode(BufferedTransformation &bt) const
Definition: rabin.cpp:22

Integer
Multiple precision integer with arithmetic operations.
Definition: integer.h:43

pch.h

InvertibleRabinFunction::BERDecode
void BERDecode(BufferedTransformation &bt)
Definition: rabin.cpp:117

AssignFromHelper
AssignFromHelperClass< T, BASE > AssignFromHelper(T *pObject, const NameValuePairs &source)
Definition: algparam.h:286

InvertibleRabinFunction::GenerateRandom
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
Definition: rabin.cpp:76

RabinFunction::GetVoidValue
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Definition: rabin.cpp:54

ModularArithmetic::Divide
const Integer & Divide(const Integer &a, const Integer &b) const
Divides elements in the ring.
Definition: modarith.h:198

asn.h
Classes and functions for working with ANS.1 objects.

sha.h
Classes for SHA-1 and SHA-2 family of message digests.

BERGeneralDecoder::MessageEnd
void MessageEnd()
Definition: asn.cpp:456

CRYPTOPP_SET_FUNCTION_ENTRY
#define CRYPTOPP_SET_FUNCTION_ENTRY(name)
Definition: algparam.h:505

nbtheory.h
Classes and functions for number theoretic operations.

ModularSquareRoot
Integer ModularSquareRoot(const Integer &a, const Integer &p)
Definition: nbtheory.cpp:574

Integer::DEREncode
void DEREncode(BufferedTransformation &bt) const
Encode in DER format.
Definition: integer.cpp:3391

DERSequenceEncoder
DER Sequence Encoder.
Definition: asn.h:313

EuclideanMultiplicativeInverse
Integer EuclideanMultiplicativeInverse(const Integer &a, const Integer &b)
Definition: nbtheory.h:111

pass
#define pass(a, b, c, mul, X)

RabinFunction::m_s
Integer m_s
Definition: rabin.h:52

CRYPTOPP_GET_FUNCTION_ENTRY
#define CRYPTOPP_GET_FUNCTION_ENTRY(name)
Definition: algparam.h:504

InvertibleRabinFunction::AssignFrom
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Definition: rabin.cpp:213

AlgorithmParameters
An object that implements NameValuePairs.
Definition: algparam.h:433

Integer::InverseMod
Integer InverseMod(const Integer &n) const
calculate multiplicative inverse of *this mod n
Definition: integer.cpp:4370

RabinFunction::m_n
Integer m_n
Definition: rabin.h:52

integer.h
Multiple precision integer with arithmetic operations.

RabinFunction::AssignFrom
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
Definition: rabin.cpp:63

NAMESPACE_END
#define NAMESPACE_END
Definition: config.h:201

Integer::BERDecode
void BERDecode(const byte *input, size_t inputLen)
Decode from BER format.
Definition: integer.cpp:3398

modarith.h
Class file for performing modular arithmetic.

CryptoPP

RabinFunction::m_r
Integer m_r
Definition: rabin.h:52

InvertibleRabinFunction::Validate
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Definition: rabin.cpp:184

InvertibleRabinFunction::GetVoidValue
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
Definition: rabin.cpp:204

NameValuePairs
Interface for retrieving values given their names.
Definition: cryptlib.h:279

CryptoMaterial::DoQuickSanityCheck
void DoQuickSanityCheck() const
Perform a quick sanity check.
Definition: cryptlib.h:2145

GetValueHelper
GetValueHelperClass< T, BASE > GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL)
Definition: algparam.h:224