File: pssr.h

package info (click to toggle)
libcrypto++ 5.6.4-8
  • links: PTS
  • area: main
  • in suites: buster
  • size: 11,896 kB
  • ctags: 13,256
  • sloc: cpp: 69,231; sh: 4,117; asm: 4,090; makefile: 373
file content (100 lines) | stat: -rw-r--r-- 4,182 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
// pssr.h - written and placed in the public domain by Wei Dai

//! \file pssr.h
//! \brief Classes for probablistic signature schemes

#ifndef CRYPTOPP_PSSR_H
#define CRYPTOPP_PSSR_H

#include "cryptlib.h"
#include "pubkey.h"
#include "emsa2.h"

#ifdef CRYPTOPP_IS_DLL
#include "sha.h"
#endif

NAMESPACE_BEGIN(CryptoPP)

//! \brief PSSR Message Encoding Method interface
class CRYPTOPP_DLL PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod
{
public:
#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
	virtual ~PSSR_MEM_Base() {}
#endif

private:
	virtual bool AllowRecovery() const =0;
	virtual size_t SaltLen(size_t hashLen) const =0;
	virtual size_t MinPadLen(size_t hashLen) const =0;
	virtual const MaskGeneratingFunction & GetMGF() const =0;

public:
	size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const;
	size_t MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const;
	bool IsProbabilistic() const;
	bool AllowNonrecoverablePart() const;
	bool RecoverablePartFirst() const;
	void ComputeMessageRepresentative(RandomNumberGenerator &rng,
		const byte *recoverableMessage, size_t recoverableMessageLength,
		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
		byte *representative, size_t representativeBitLength) const;
	DecodingResult RecoverMessageFromRepresentative(
		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
		byte *representative, size_t representativeBitLength,
		byte *recoverableMessage) const;
};

//! \brief PSSR Message Encoding Method with Hash Identifier
//! \tparam USE_HASH_ID flag indicating whether the HashId is used
template <bool USE_HASH_ID> class PSSR_MEM_BaseWithHashId;

//! \brief PSSR Message Encoding Method with Hash Identifier
//! \tparam true flag indicating HashId is used
template<> class PSSR_MEM_BaseWithHashId<true> : public EMSA2HashIdLookup<PSSR_MEM_Base> {};

//! \brief PSSR Message Encoding Method without Hash Identifier
//! \tparam false flag indicating HashId is not used
template<> class PSSR_MEM_BaseWithHashId<false> : public PSSR_MEM_Base {};

//! \brief PSSR Message Encoding Method
//! \tparam ALLOW_RECOVERY flag indicating whether the scheme provides message recovery
//! \tparam MGF mask generation function
//! \tparam SALT_LEN length of the salt
//! \tparam MIN_PAD_LEN minimum length of the pad
//! \tparam USE_HASH_ID flag indicating whether the HashId is used
//! \details If ALLOW_RECOVERY is true, the the signature scheme provides message recovery. If
//!  ALLOW_RECOVERY is false, the the signature scheme is appendix, and the message must be
//!  provided during verification.
template <bool ALLOW_RECOVERY, class MGF=P1363_MGF1, int SALT_LEN=-1, int MIN_PAD_LEN=0, bool USE_HASH_ID=false>
class PSSR_MEM : public PSSR_MEM_BaseWithHashId<USE_HASH_ID>
{
	virtual bool AllowRecovery() const {return ALLOW_RECOVERY;}
	virtual size_t SaltLen(size_t hashLen) const {return SALT_LEN < 0 ? hashLen : SALT_LEN;}
	virtual size_t MinPadLen(size_t hashLen) const {return MIN_PAD_LEN < 0 ? hashLen : MIN_PAD_LEN;}
	virtual const MaskGeneratingFunction & GetMGF() const {static MGF mgf; return mgf;}

public:
	static std::string CRYPTOPP_API StaticAlgorithmName() {return std::string(ALLOW_RECOVERY ? "PSSR-" : "PSS-") + MGF::StaticAlgorithmName();}
};

//! \brief Probabilistic Signature Scheme with Recovery
//! \details Signature Schemes with Recovery encode the message with the signature.
//! \sa <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSSR-MGF1">PSSR-MGF1</a>
struct PSSR : public SignatureStandard
{
	typedef PSSR_MEM<true> SignatureMessageEncodingMethod;
};

//! \brief Probabilistic Signature Scheme with Appendix
//! \details Signature Schemes with Appendix require the message to be provided during verification.
//! \sa <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSS-MGF1">PSS-MGF1</a>
struct PSS : public SignatureStandard
{
	typedef PSSR_MEM<false> SignatureMessageEncodingMethod;
};

NAMESPACE_END

#endif