diff options
| -rw-r--r-- | ec2n.h | 31 | ||||
| -rw-r--r-- | eccrypto.h | 13 | ||||
| -rw-r--r-- | ecp.h | 42 | ||||
| -rw-r--r-- | gfpcrypt.h | 21 |
4 files changed, 75 insertions, 32 deletions
@@ -18,7 +18,8 @@ NAMESPACE_BEGIN(CryptoPP)
-//! Elliptic Curve Point
+//! \class EC2NPoint
+//! \brief Elliptical Curve Point over GF(2^n)
struct CRYPTOPP_DLL EC2NPoint
{
#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
@@ -40,7 +41,8 @@ struct CRYPTOPP_DLL EC2NPoint CRYPTOPP_DLL_TEMPLATE_CLASS AbstractGroup<EC2NPoint>;
-//! Elliptic Curve over GF(2^n)
+//! \class EC2N
+//! \brief Elliptic Curve over GF(2^n)
class CRYPTOPP_DLL EC2N : public AbstractGroup<EC2NPoint>
{
public:
@@ -52,14 +54,23 @@ public: virtual ~EC2N() {}
#endif
+ //! \brief Construct an EC2N
EC2N() {}
+
+ //! \brief Construct an EC2N
+ //! \param field Field, GF2NP derived class
+ //! \param a Field::Element
+ //! \param b Field::Element
EC2N(const Field &field, const Field::Element &a, const Field::Element &b)
: m_field(field), m_a(a), m_b(b) {}
- // construct from BER encoded parameters
- // this constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
+
+ //! \brief Construct an EC2N from BER encoded parameters
+ //! \param bt BufferedTransformation derived object
+ //! \details This constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
EC2N(BufferedTransformation &bt);
- // encode the fields fieldID and curve of the sequence ECParameters
+ //! \brief Encode the fields fieldID and curve of the sequence ECParameters
+ //! \param bt BufferedTransformation derived object
void DEREncode(BufferedTransformation &bt) const;
bool Equal(const Point &P, const Point &Q) const;
@@ -105,9 +116,15 @@ private: CRYPTOPP_DLL_TEMPLATE_CLASS DL_FixedBasePrecomputationImpl<EC2N::Point>;
CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupPrecomputation<EC2N::Point>;
-template <class T> class EcPrecomputation;
+//! \class EcPrecomputation
+//! \brief Elliptic Curve precomputation
+//! \tparam EC elliptic curve field
+template <class EC> class EcPrecomputation;
-//! EC2N precomputation
+//! \class EcPrecomputation<EC2N>
+//! \brief EC2N precomputation specialization
+//! \details Implementation of <tt>DL_GroupPrecomputation<EC2N::Point></tt>
+//! \sa DL_GroupPrecomputation
template<> class EcPrecomputation<EC2N> : public DL_GroupPrecomputation<EC2N::Point>
{
public:
@@ -284,10 +284,7 @@ struct DL_Keys_EC #endif
};
-//! \class ECDSA
-//! \brief Elliptic Curve DSA
-//! \tparam EC elliptic curve field
-//! \tparam H HashTransformation derived class
+// Forward declaration; documented below
template <class EC, class H>
struct ECDSA;
@@ -374,11 +371,11 @@ struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMe //! Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
//! \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the ECIES template class with
//! <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the ECIES
+//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES
//! template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters. The combination of
+//! \details The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of
//! <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security.
-//! SHA1 is used for compatibility reasons, but it can be changed of if desired. SHA-256 or another hash will likely improve the
+//! SHA1 is used for compatibility reasons, but it can be changed if desired. SHA-256 or another hash will likely improve the
//! security provided by the MAC. The hash is also used in the key derivation function as a PRF.
//! \details Below is an example of constructing a Crypto++ 4.2 compatible ECIES encryptor and decryptor.
//! <pre>
@@ -392,7 +389,7 @@ struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMe //! \sa DLIES, <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES">Elliptic Curve Integrated Encryption Scheme (ECIES)</a>,
//! Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic
//! Curve Integrated Encryption Schemes</A>
-//! \since Crypto++ 4.0
+//! \since Crypto++ 4.0, Crypto++ 5.6.6 for Bouncy Castle and Botan compatibility
template <class EC, class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS = false>
struct ECIES
: public DL_ES<
@@ -16,14 +16,20 @@ NAMESPACE_BEGIN(CryptoPP)
-//! Elliptical Curve Point
+//! \class ECPPoint
+//! \brief Elliptical Curve Point over GF(p), where p is prime
struct CRYPTOPP_DLL ECPPoint
{
#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
virtual ~ECPPoint() {}
#endif
+ //! \brief Construct an ECPPoint
+ //! \details identity is set to <tt>true</tt>
ECPPoint() : identity(true) {}
+
+ //! \brief Construct an ECPPoint from coordinates
+ //! \details identity is set to <tt>false</tt>
ECPPoint(const Integer &x, const Integer &y)
: x(x), y(y), identity(false) {}
@@ -38,7 +44,8 @@ struct CRYPTOPP_DLL ECPPoint CRYPTOPP_DLL_TEMPLATE_CLASS AbstractGroup<ECPPoint>;
-//! Elliptic Curve over GF(p), where p is prime
+//! \class ECP
+//! \brief Elliptic Curve over GF(p), where p is prime
class CRYPTOPP_DLL ECP : public AbstractGroup<ECPPoint>
{
public:
@@ -50,15 +57,29 @@ public: virtual ~ECP() {}
#endif
+ //! \brief Construct an ECP
ECP() {}
+
+ //! \brief Copy construct an ECP
+ //! \param ecp the other ECP object
+ //! \param convertToMontgomeryRepresentation flag indicating if the curve should be converted to a MontgomeryRepresentation
+ //! \sa ModularArithmetic, MontgomeryRepresentation
ECP(const ECP &ecp, bool convertToMontgomeryRepresentation = false);
+
+ //! \brief Construct an ECP
+ //! \param modulus the prime modulus
+ //! \param a Field::Element
+ //! \param b Field::Element
ECP(const Integer &modulus, const FieldElement &a, const FieldElement &b)
: m_fieldPtr(new Field(modulus)), m_a(a.IsNegative() ? modulus+a : a), m_b(b) {}
- // construct from BER encoded parameters
- // this constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
+
+ //! \brief Construct an ECP from BER encoded parameters
+ //! \param bt BufferedTransformation derived object
+ //! \details This constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
ECP(BufferedTransformation &bt);
- // encode the fields fieldID and curve of the sequence ECParameters
+ //! \brief Encode the fields fieldID and curve of the sequence ECParameters
+ //! \param bt BufferedTransformation derived object
void DEREncode(BufferedTransformation &bt) const;
bool Equal(const Point &P, const Point &Q) const;
@@ -107,9 +128,16 @@ private: CRYPTOPP_DLL_TEMPLATE_CLASS DL_FixedBasePrecomputationImpl<ECP::Point>;
CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupPrecomputation<ECP::Point>;
-template <class T> class EcPrecomputation;
+//! \class EcPrecomputation
+//! \brief Elliptic Curve precomputation
+//! \tparam EC elliptic curve field
+template <class EC> class EcPrecomputation;
-//! ECP precomputation
+//! \class EcPrecomputation<ECP>
+//! \brief ECP precomputation specialization
+//! \details Implementation of <tt>DL_GroupPrecomputation<ECP::Point></tt> with input and output
+//! conversions for Montgomery modular multiplication.
+//! \sa DL_GroupPrecomputation, ModularArithmetic, MontgomeryRepresentation
template<> class EcPrecomputation<ECP> : public DL_GroupPrecomputation<ECP::Point>
{
public:
@@ -1,10 +1,11 @@ +// gfpcrypt.h - written and placed in the public domain by Wei Dai
+
+//! \file eccrypto.h
+//! \brief Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
+
#ifndef CRYPTOPP_GFPCRYPT_H
#define CRYPTOPP_GFPCRYPT_H
-/** \file
- Implementation of schemes based on DL over GF(p)
-*/
-
#include "config.h"
#if CRYPTOPP_MSC_VERSION
@@ -544,9 +545,9 @@ CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<D //! Ecryption Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
//! \details If you need this method for Crypto++ 4.2 compatibility, then use the ECIES template class with
//! <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you need this method for Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the ECIES template class with
+//! \details If you need this method for Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES template class with
//! <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=ture</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters.
+//! \details Bouncy Castle 1.54 and Botan 1.11 compatibility are the default template parameters.
//! \since Crypto++ 4.0
template <class MAC, bool DHAES_MODE, bool LABEL_OCTETS=false>
class DL_EncryptionAlgorithm_Xor : public DL_SymmetricEncryptionAlgorithm
@@ -678,11 +679,11 @@ public: //! Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
//! \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the DLIES template class with
//! <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the DLIES
+//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the DLIES
//! template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters. The combination of
+//! \details The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of
//! <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security.
-//! SHA1 is used for compatibility reasons, but it can be changed of if desired. SHA-256 or another hash will likely improve the
+//! SHA1 is used for compatibility reasons, but it can be changed if desired. SHA-256 or another hash will likely improve the
//! security provided by the MAC. The hash is also used in the key derivation function as a PRF.
//! \details Below is an example of constructing a Crypto++ 4.2 compatible DLIES encryptor and decryptor.
//! <pre>
@@ -696,7 +697,7 @@ public: //! \sa ECIES, <a href="http://www.weidai.com/scan-mirror/ca.html#DLIES">Discrete Log Integrated Encryption Scheme (DLIES)</a>,
//! Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic
//! Curve Integrated Encryption Schemes</A>
-//! \since Crypto++ 4.0
+//! \since Crypto++ 4.0, Crypto++ 5.6.6 for Bouncy Castle and Botan compatibility
template <class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS=false>
struct DLIES
: public DL_ES<
|