1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
// rsa.h - originally written and placed in the public domain by Wei Dai
/// \file rsa.h
/// \brief Classes for the RSA cryptosystem
/// \details This file contains classes that implement the RSA
/// ciphers and signature schemes as defined in PKCS #1 v2.0.
#ifndef CRYPTOPP_RSA_H
#define CRYPTOPP_RSA_H
#include "cryptlib.h"
#include "pubkey.h"
#include "integer.h"
#include "pkcspad.h"
#include "oaep.h"
#include "emsa2.h"
#include "asn.h"
NAMESPACE_BEGIN(CryptoPP)
/// \brief RSA trapdoor function using the public key
/// \since Crypto++ 1.0
class CRYPTOPP_DLL RSAFunction : public TrapdoorFunction, public X509PublicKey
{
typedef RSAFunction ThisClass;
public:
/// \brief Initialize a RSA public key
/// \param n the modulus
/// \param e the public exponent
void Initialize(const Integer &n, const Integer &e)
{m_n = n; m_e = e;}
// X509PublicKey
OID GetAlgorithmID() const;
void BERDecodePublicKey(BufferedTransformation &bt, bool parametersPresent, size_t size);
void DEREncodePublicKey(BufferedTransformation &bt) const;
// CryptoMaterial
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
void AssignFrom(const NameValuePairs &source);
// TrapdoorFunction
Integer ApplyFunction(const Integer &x) const;
Integer PreimageBound() const {return m_n;}
Integer ImageBound() const {return m_n;}
// non-derived
const Integer & GetModulus() const {return m_n;}
const Integer & GetPublicExponent() const {return m_e;}
void SetModulus(const Integer &n) {m_n = n;}
void SetPublicExponent(const Integer &e) {m_e = e;}
protected:
Integer m_n, m_e;
};
/// \brief RSA trapdoor function using the private key
/// \since Crypto++ 1.0
class CRYPTOPP_DLL InvertibleRSAFunction : public RSAFunction, public TrapdoorFunctionInverse, public PKCS8PrivateKey
{
typedef InvertibleRSAFunction ThisClass;
public:
/// \brief Create a RSA private key
/// \param rng a RandomNumberGenerator derived class
/// \param modulusBits the size of the modulus, in bits
/// \param e the desired public exponent
/// \details Initialize() creates a new keypair using a public exponent of 17.
/// \details This function overload of Initialize() creates a new private key because it
/// takes a RandomNumberGenerator() as a parameter. If you have an existing keypair,
/// then use one of the other Initialize() overloads.
void Initialize(RandomNumberGenerator &rng, unsigned int modulusBits, const Integer &e = 17);
/// \brief Initialize a RSA private key
/// \param n modulus
/// \param e public exponent
/// \param d private exponent
/// \param p first prime factor
/// \param q second prime factor
/// \param dp d mod p
/// \param dq d mod q
/// \param u q<sup>-1</sup> mod p
/// \details This Initialize() function overload initializes a private key from existing parameters.
void Initialize(const Integer &n, const Integer &e, const Integer &d, const Integer &p, const Integer &q, const Integer &dp, const Integer &dq, const Integer &u)
{m_n = n; m_e = e; m_d = d; m_p = p; m_q = q; m_dp = dp; m_dq = dq; m_u = u;}
/// \brief Initialize a RSA private key
/// \param n modulus
/// \param e public exponent
/// \param d private exponent
/// \details This Initialize() function overload initializes a private key from existing parameters.
/// Initialize() will factor n using d and populate {p,q,dp,dq,u}.
void Initialize(const Integer &n, const Integer &e, const Integer &d);
// PKCS8PrivateKey
void BERDecode(BufferedTransformation &bt)
{PKCS8PrivateKey::BERDecode(bt);}
void DEREncode(BufferedTransformation &bt) const
{PKCS8PrivateKey::DEREncode(bt);}
void Load(BufferedTransformation &bt)
{PKCS8PrivateKey::BERDecode(bt);}
void Save(BufferedTransformation &bt) const
{PKCS8PrivateKey::DEREncode(bt);}
OID GetAlgorithmID() const {return RSAFunction::GetAlgorithmID();}
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size);
void DEREncodePrivateKey(BufferedTransformation &bt) const;
// TrapdoorFunctionInverse
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
// GeneratableCryptoMaterial
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
// parameters: (ModulusSize, PublicExponent (default 17))
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg);
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
void AssignFrom(const NameValuePairs &source);
// non-derived interface
const Integer& GetPrime1() const {return m_p;}
const Integer& GetPrime2() const {return m_q;}
const Integer& GetPrivateExponent() const {return m_d;}
const Integer& GetModPrime1PrivateExponent() const {return m_dp;}
const Integer& GetModPrime2PrivateExponent() const {return m_dq;}
const Integer& GetMultiplicativeInverseOfPrime2ModPrime1() const {return m_u;}
void SetPrime1(const Integer &p) {m_p = p;}
void SetPrime2(const Integer &q) {m_q = q;}
void SetPrivateExponent(const Integer &d) {m_d = d;}
void SetModPrime1PrivateExponent(const Integer &dp) {m_dp = dp;}
void SetModPrime2PrivateExponent(const Integer &dq) {m_dq = dq;}
void SetMultiplicativeInverseOfPrime2ModPrime1(const Integer &u) {m_u = u;}
protected:
Integer m_d, m_p, m_q, m_dp, m_dq, m_u;
};
/// \brief RSA trapdoor function using the public key
/// \since Crypto++ 1.0
class CRYPTOPP_DLL RSAFunction_ISO : public RSAFunction
{
public:
Integer ApplyFunction(const Integer &x) const;
Integer PreimageBound() const {return ++(m_n>>1);}
};
/// \brief RSA trapdoor function using the private key
/// \since Crypto++ 1.0
class CRYPTOPP_DLL InvertibleRSAFunction_ISO : public InvertibleRSAFunction
{
public:
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
Integer PreimageBound() const {return ++(m_n>>1);}
};
/// \brief RSA algorithm
/// \since Crypto++ 1.0
struct CRYPTOPP_DLL RSA
{
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "RSA";}
typedef RSAFunction PublicKey;
typedef InvertibleRSAFunction PrivateKey;
};
/// \brief RSA encryption algorithm
/// \tparam STANDARD signature standard
/// \sa <a href="http://www.weidai.com/scan-mirror/ca.html#RSA">RSA cryptosystem</a>
/// \since Crypto++ 1.0
template <class STANDARD>
struct RSAES : public TF_ES<RSA, STANDARD>
{
};
/// \brief RSA signature algorithm
/// \tparam STANDARD signature standard
/// \tparam H hash transformation
/// \details See documentation of PKCS1v15 for a list of hash functions that can be used with it.
/// \sa <a href="http://www.weidai.com/scan-mirror/sig.html#RSA">RSA signature scheme with appendix</a>
/// \since Crypto++ 1.0
template <class STANDARD, class H>
struct RSASS : public TF_SS<RSA, STANDARD, H>
{
};
/// \brief RSA algorithm
/// \since Crypto++ 1.0
struct CRYPTOPP_DLL RSA_ISO
{
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "RSA-ISO";}
typedef RSAFunction_ISO PublicKey;
typedef InvertibleRSAFunction_ISO PrivateKey;
};
/// \brief RSA signature algorithm
/// \tparam H hash transformation
/// \since Crypto++ 1.0
template <class H>
struct RSASS_ISO : public TF_SS<RSA_ISO, P1363_EMSA2, H>
{
};
/// \brief \ref RSAES<STANDARD> "RSAES<PKCS1v15>::Decryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Decryptor, RSAES_PKCS1v15_Decryptor);
/// \brief \ref RSAES<STANDARD> "RSAES<PKCS1v15>::Encryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Encryptor, RSAES_PKCS1v15_Encryptor);
/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Decryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Decryptor, RSAES_OAEP_SHA_Decryptor);
/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Encryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Encryptor, RSAES_OAEP_SHA_Encryptor);
/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA256>>::Decryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 8.7
DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA256> >::Decryptor, RSAES_OAEP_SHA256_Decryptor);
/// \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA256>>::Encryptor" typedef
/// \details RSA encryption scheme defined in PKCS #1 v2.0
/// \since Crypto++ 8.7
DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA256> >::Encryptor, RSAES_OAEP_SHA256_Encryptor);
#ifdef CRYPTOPP_DOXYGEN_PROCESSING
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA1>::Signer" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_SHA_Signer : public RSASS<PKCS1v15,SHA1>::Signer {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA1>::Verifier" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_SHA_Verifier : public RSASS<PKCS1v15,SHA1>::Verifier {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA256>::Signer" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 8.7
class RSASSA_PKCS1v15_SHA256_Signer : public RSASS<PKCS1v15,SHA256>::Signer {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA256>::Verifier" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 8.7
class RSASSA_PKCS1v15_SHA256_Verifier : public RSASS<PKCS1v15,SHA256>::Verifier {};
namespace Weak {
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15, Weak::MD2>::Signer" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_MD2_Signer : public RSASS<PKCS1v15, Weak1::MD2>::Signer {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15, Weak::MD2>::Verifier" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_MD2_Verifier : public RSASS<PKCS1v15, Weak1::MD2>::Verifier {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15, Weak::MD5>::Signer" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_MD5_Signer : public RSASS<PKCS1v15, Weak1::MD5>::Signer {};
/// \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15, Weak::MD5>::Verifier" typedef
/// \details RSA signature schemes defined in PKCS #1 v2.0
/// \since Crypto++ 1.0
class RSASSA_PKCS1v15_MD5_Verifier : public RSASS<PKCS1v15, Weak1::MD5>::Verifier {};
}
#else
typedef RSASS<PKCS1v15,SHA1>::Signer RSASSA_PKCS1v15_SHA_Signer;
typedef RSASS<PKCS1v15,SHA1>::Verifier RSASSA_PKCS1v15_SHA_Verifier;
typedef RSASS<PKCS1v15,SHA256>::Signer RSASSA_PKCS1v15_SHA256_Signer;
typedef RSASS<PKCS1v15,SHA256>::Verifier RSASSA_PKCS1v15_SHA256_Verifier;
namespace Weak {
typedef RSASS<PKCS1v15, Weak1::MD2>::Signer RSASSA_PKCS1v15_MD2_Signer;
typedef RSASS<PKCS1v15, Weak1::MD2>::Verifier RSASSA_PKCS1v15_MD2_Verifier;
typedef RSASS<PKCS1v15, Weak1::MD5>::Signer RSASSA_PKCS1v15_MD5_Signer;
typedef RSASS<PKCS1v15, Weak1::MD5>::Verifier RSASSA_PKCS1v15_MD5_Verifier;
}
#endif // CRYPTOPP_DOXYGEN_PROCESSING
NAMESPACE_END
#endif
|
