37 #ifndef CRYPTOPP_XED25519_H 38 #define CRYPTOPP_XED25519_H 80 x25519(
const byte x[SECRET_KEYLENGTH]);
118 void ClampKeys(byte y[PUBLIC_KEYLENGTH], byte x[SECRET_KEYLENGTH])
const;
122 bool IsClamped(
const byte x[SECRET_KEYLENGTH])
const;
126 bool IsSmallOrder(
const byte y[PUBLIC_KEYLENGTH])
const;
133 return m_oid.Empty() ? ASN1::X25519() : m_oid;
144 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
237 bool Agree(byte *agreedValue,
const byte *privateKey,
const byte *otherPublicKey,
bool validateOtherPublicKey=
true)
const;
255 CRYPTOPP_CONSTANT(RESERVE_SIZE=2048+64)
256 CRYPTOPP_CONSTANT(SIGNATURE_LENGTH=64)
267 CRYPTOPP_UNUSED(rng); Restart();
273 void Update(
const byte* msg,
size_t len) {
275 m_msg.insert(m_msg.end(), msg, msg+len);
280 m_msg.reserve(RESERVE_SIZE);
281 m_msg.resize(SIGNATURE_LENGTH);
299 return &m_msg[0]+SIGNATURE_LENGTH;
305 return m_msg.size()-SIGNATURE_LENGTH;
310 std::vector<byte, AllocatorWithCleanup<byte> > m_msg;
344 CRYPTOPP_CONSTANT(SIGNATURE_LENGTH = 64)
348 bool GetVoidValue(const
char *name, const
std::type_info &valueType,
void *pValue) const;
353 return m_oid.Empty() ? ASN1::Ed25519() : m_oid;
400 void MakePublicKey(
PublicKey &pub)
const;
439 void SetPrivateExponent(
const Integer &x);
440 const Integer& GetPrivateExponent()
const;
451 bool IsClamped(
const byte x[SECRET_KEYLENGTH])
const;
455 bool IsSmallOrder(
const byte y[PUBLIC_KEYLENGTH])
const;
492 CRYPTOPP_CONSTANT(SIGNATURE_LENGTH = 64)
542 const PrivateKey& GetKey()
const {
return m_key; }
549 CRYPTOPP_UNUSED(signatureLength);
return 0;
561 CRYPTOPP_UNUSED(messageAccumulator); CRYPTOPP_UNUSED(recoverableMessage);
562 CRYPTOPP_UNUSED(recoverableMessageLength);
563 throw NotImplemented(
"ed25519Signer: this object does not support recoverable messages");
601 return m_oid.Empty() ? ASN1::Ed25519() : m_oid;
646 bool GetVoidValue(
const char *name,
const std::type_info &valueType,
void *pValue)
const;
651 void SetPublicElement(
const Element &y);
652 const Element& GetPublicElement()
const;
672 CRYPTOPP_CONSTANT(SIGNATURE_LENGTH = 64)
710 const PublicKey& GetKey()
const {
return m_key; }
717 CRYPTOPP_UNUSED(signatureLength);
return 0;
732 if (signature && signatureLength)
733 std::memcpy(accum.
signature(), signature,
STDMIN((
size_t)SIGNATURE_LENGTH, signatureLength));
739 CRYPTOPP_UNUSED(recoveredMessage); CRYPTOPP_UNUSED(messageAccumulator);
740 throw NotImplemented(
"ed25519Verifier: this object does not support recoverable messages");
757 #endif // CRYPTOPP_XED25519_H x25519 with key validation
void Save(BufferedTransformation &bt) const
DER encode ASN.1 object.
static const int SHARED_KEYLENGTH
Size of the shared key.
unsigned int PublicKeyLength() const
Provides the size of the public key.
void Save(BufferedTransformation &bt, bool v1) const
DER encode ASN.1 object.
void Load(BufferedTransformation &bt)
BER decode ASN.1 object.
void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶ms)
Generate a random key or crypto parameters.
bool IsProbabilistic() const
Determines whether a signature scheme requires a random number generator.
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
void ClampKeys(byte y[PUBLIC_KEYLENGTH], byte x[SECRET_KEYLENGTH]) const
Clamp a private key.
DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
Recover a message from its signature.
This file contains helper classes/functions for implementing public key algorithms.
size_t MaxRecoverableLength() const
Provides the length of longest message that can be recovered.
const byte * GetPublicKeyBytePtr() const
Retrieve public key byte array.
Encodes and Decodes privateKeyInfo.
Ed25519 signature verification algorithm.
Interface for public-key signers.
Abstract base classes that provide a uniform interface to this library.
void Update(const byte *msg, size_t len)
Add data to the accumulator.
bool AllowNonrecoverablePart() const
Determines whether the non-recoverable message part can be signed.
ASN.1 object identifiers for algorthms and schemes.
bool IsProbabilistic() const
Determines whether a signature scheme requires a random number generator.
bool AllowNonrecoverablePart() const
Determines whether the non-recoverable message part can be signed.
void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
Input signature into a message accumulator.
void Restart()
Reset the accumulator.
size_t size() const
Retrieve size of data buffer.
void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const
Generate a public key from a private key in this domain.
Interface for random number generators.
ed25519Verifier()
Create a ed25519Verifier object.
static const int SECRET_KEYLENGTH
Size of the private key.
Interface for private keys.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the length of longest message that can be recovered from a signature of given length...
PublicKey & AccessPublicKey()
Retrieves a reference to a Public Key.
const PublicKey & GetPublicKey() const
Retrieves a reference to a Public Key.
Interface for domains of simple key agreement protocols.
const byte * signature() const
Retrieve pointer to signature buffer.
Returns a decoding results.
void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const
Generate private key in this domain.
const byte * data() const
Retrieve pointer to data buffer.
A method was called which was not implemented.
void SetAlgorithmID(const OID &oid)
Set the Object Identifier
bool RecoverablePartFirst() const
Determines whether the recoverable part must be input before the non-recoverable part.
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
Get a named value.
static const int PUBLIC_KEYLENGTH
Size of the public key.
unsigned int PrivateKeyLength() const
Provides the size of the private key.
Multiple precision integer with arithmetic operations.
size_t SignatureLength() const
Provides the signature length if it only depends on the key.
const PrivateKey & GetPrivateKey() const
Retrieves a reference to a Private Key.
void DEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
Input a recoverable message to an accumulator.
bool RecoverablePartFirst() const
Determines whether the recoverable part must be input before the non-recoverable part.
void BERDecode(BufferedTransformation &bt)
Decode this object from a BufferedTransformation.
PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const
Create a new HashTransformation to accumulate the message to be signed.
void BERDecodePrivateKey(BufferedTransformation &bt, bool parametersPresent, size_t size)
decode privateKey part of privateKeyInfo, without the OCTET STRING header
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
void Save(BufferedTransformation &bt, bool v1) const
DER encode ASN.1 object.
ed25519 message accumulator
bool Validate(RandomNumberGenerator &rng, unsigned int level) const
Check this object for errors.
Ed25519 signature algorithm.
Interface for accumulating messages to be signed or verified.
ed25519_MessageAccumulator(RandomNumberGenerator &rng)
Create a message accumulator.
bool IsClamped(const byte x[SECRET_KEYLENGTH]) const
Determine if private key is clamped.
void Save(BufferedTransformation &bt) const
DER encode ASN.1 object.
bool IsSmallOrder(const byte y[PUBLIC_KEYLENGTH]) const
Test if a key has small order.
Interface for public-key signature verifiers.
CryptoParameters & AccessCryptoParameters()
Retrieves a reference to Crypto Parameters.
x25519(const byte y[PUBLIC_KEYLENGTH], const byte x[SECRET_KEYLENGTH])
Create a x25519 object.
OID GetAlgorithmID() const
Get the Object Identifier
void Load(BufferedTransformation &bt)
BER decode ASN.1 object.
size_t MaxRecoverableLength() const
Provides the length of longest message that can be recovered.
void Save(BufferedTransformation &bt) const
DER encode ASN.1 object.
PrivateKey & AccessPrivateKey()
Retrieves a reference to a Private Key.
Interface for crypto prameters.
size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
Provides the length of longest message that can be recovered from a signature of given length...
Interface for public keys.
Crypto++ library namespace.
Encodes and decodes subjectPublicKeyInfo.
bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const
Derive agreed value.
ed25519Signer()
Create a ed25519Signer object.
const byte * GetPrivateKeyBytePtr() const
Retrieve private key byte array.
virtual void BEREncode(BufferedTransformation &bt) const
Encode this object into a BufferedTransformation.
unsigned int AgreedValueLength() const
Provides the size of the agreed value.
Ed25519 signature scheme.
void AssignFrom(const NameValuePairs &source)
Assign values to this object.
void BERDecodeAndCheckAlgorithmID(BufferedTransformation &bt)
Determine if OID is valid for this object.
size_t SignatureLength() const
Provides the signature length if it only depends on the key.
void DEREncodePrivateKey(BufferedTransformation &bt) const
encode privateKey part of privateKeyInfo, without the OCTET STRING header
void Load(BufferedTransformation &bt)
BER decode ASN.1 object.
const byte * GetPublicKeyBytePtr() const
Retrieve public key byte array.
ed25519_MessageAccumulator * NewVerificationAccumulator() const
Create a new HashTransformation to accumulate the message to be verified.
byte * signature()
Retrieve pointer to signature buffer.
Interface for retrieving values given their names.