<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>Crypto++: gfpcrypt.cpp Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<!-- Generated by Doxygen 1.7.4 -->
<div id="top">
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td style="padding-left: 0.5em;">
<div id="projectname">Crypto++</div>
</td>
</tr>
</tbody>
</table>
</div>
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="namespaces.html"><span>Namespaces</span></a></li>
<li><a href="annotated.html"><span>Classes</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>File Members</span></a></li>
</ul>
</div>
<div class="header">
<div class="headertitle">
<div class="title">gfpcrypt.cpp</div> </div>
</div>
<div class="contents">
<div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">// dsa.cpp - written and placed in the public domain by Wei Dai</span>
<a name="l00002"></a>00002
<a name="l00003"></a>00003 <span class="preprocessor">#include "pch.h"</span>
<a name="l00004"></a>00004
<a name="l00005"></a>00005 <span class="preprocessor">#ifndef CRYPTOPP_IMPORTS</span>
<a name="l00006"></a>00006 <span class="preprocessor"></span>
<a name="l00007"></a>00007 <span class="preprocessor">#include "<a class="code" href="gfpcrypt_8h.html" title="Implementation of schemes based on DL over GF(p)">gfpcrypt.h</a>"</span>
<a name="l00008"></a>00008 <span class="preprocessor">#include "asn.h"</span>
<a name="l00009"></a>00009 <span class="preprocessor">#include "oids.h"</span>
<a name="l00010"></a>00010 <span class="preprocessor">#include "nbtheory.h"</span>
<a name="l00011"></a>00011
<a name="l00012"></a>00012 NAMESPACE_BEGIN(CryptoPP)
<a name="l00013"></a>00013
<a name="l00014"></a>00014 void TestInstantiations_gfpcrypt()
<a name="l00015"></a>00015 {
<a name="l00016"></a>00016 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">GDSA<SHA>::Signer</a> test;
<a name="l00017"></a>00017 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">GDSA<SHA>::Verifier</a> test1;
<a name="l00018"></a>00018 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">DSA::Signer</a> test5(NullRNG(), 100);
<a name="l00019"></a>00019 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">DSA::Signer</a> test2(test5);
<a name="l00020"></a>00020 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">NR<SHA>::Signer</a> test3;
<a name="l00021"></a>00021 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">NR<SHA>::Verifier</a> test4;
<a name="l00022"></a>00022 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">DLIES<>::Encryptor</a> test6;
<a name="l00023"></a>00023 <a class="code" href="class_p_k___final_template.html" title="A template implementing constructors for public key algorithm classes.">DLIES<>::Decryptor</a> test7;
<a name="l00024"></a>00024 }
<a name="l00025"></a>00025
<a name="l00026"></a><a class="code" href="class_d_l___group_parameters___d_s_a.html#ac83d3668c342b3a1fb367ed7785e27a3">00026</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___d_s_a.html#ac83d3668c342b3a1fb367ed7785e27a3">DL_GroupParameters_DSA::GenerateRandom</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &alg)
<a name="l00027"></a>00027 {
<a name="l00028"></a>00028 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> p, q, g;
<a name="l00029"></a>00029
<a name="l00030"></a>00030 <span class="keywordflow">if</span> (alg.<a class="code" href="class_name_value_pairs.html#a96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"Modulus"</span>, p) && alg.<a class="code" href="class_name_value_pairs.html#a96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"SubgroupGenerator"</span>, g))
<a name="l00031"></a>00031 {
<a name="l00032"></a>00032 q = alg.<a class="code" href="class_name_value_pairs.html#a943b2009297783f1c35bae46efc3b5f7" title="get a named value, returns the default if the name doesn't exist">GetValueWithDefault</a>(<span class="stringliteral">"SubgroupOrder"</span>, ComputeGroupOrder(p)/2);
<a name="l00033"></a>00033 }
<a name="l00034"></a>00034 <span class="keywordflow">else</span>
<a name="l00035"></a>00035 {
<a name="l00036"></a>00036 <span class="keywordtype">int</span> modulusSize = 1024;
<a name="l00037"></a>00037 alg.<a class="code" href="class_name_value_pairs.html#a39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"ModulusSize"</span>, modulusSize) || alg.<a class="code" href="class_name_value_pairs.html#a39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"KeySize"</span>, modulusSize);
<a name="l00038"></a>00038
<a name="l00039"></a>00039 <span class="keywordflow">if</span> (!DSA::IsValidPrimeLength(modulusSize))
<a name="l00040"></a>00040 <span class="keywordflow">throw</span> <a class="code" href="class_invalid_argument.html" title="exception thrown when an invalid argument is detected">InvalidArgument</a>(<span class="stringliteral">"DSA: not a valid prime length"</span>);
<a name="l00041"></a>00041
<a name="l00042"></a>00042 <a class="code" href="class_sec_block.html">SecByteBlock</a> seed(SHA::DIGESTSIZE);
<a name="l00043"></a>00043 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> h;
<a name="l00044"></a>00044 <span class="keywordtype">int</span> c;
<a name="l00045"></a>00045
<a name="l00046"></a>00046 <span class="keywordflow">do</span>
<a name="l00047"></a>00047 {
<a name="l00048"></a>00048 rng.<a class="code" href="class_random_number_generator.html#a497145546d24e6d4abaf10b7e0f1ba17" title="generate random array of bytes">GenerateBlock</a>(seed, SHA::DIGESTSIZE);
<a name="l00049"></a>00049 } <span class="keywordflow">while</span> (!<a class="code" href="struct_d_s_a.html#a48eab0da4234a2d20f3ef7250fbad5f5" title="Generate DSA primes according to NIST standard.">DSA::GeneratePrimes</a>(seed, SHA::DIGESTSIZE*8, c, p, modulusSize, q));
<a name="l00050"></a>00050
<a name="l00051"></a>00051 <span class="keywordflow">do</span>
<a name="l00052"></a>00052 {
<a name="l00053"></a>00053 h.Randomize(rng, 2, p-2);
<a name="l00054"></a>00054 g = a_exp_b_mod_c(h, (p-1)/q, p);
<a name="l00055"></a>00055 } <span class="keywordflow">while</span> (g <= 1);
<a name="l00056"></a>00056 }
<a name="l00057"></a>00057
<a name="l00058"></a>00058 Initialize(p, q, g);
<a name="l00059"></a>00059 }
<a name="l00060"></a>00060
<a name="l00061"></a><a class="code" href="class_d_l___group_parameters___d_s_a.html#a1161018a8f95f1ac818272c571a52775">00061</a> <span class="keywordtype">bool</span> <a class="code" href="class_d_l___group_parameters___d_s_a.html#a1161018a8f95f1ac818272c571a52775">DL_GroupParameters_DSA::ValidateGroup</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> level)<span class="keyword"> const</span>
<a name="l00062"></a>00062 <span class="keyword"></span>{
<a name="l00063"></a>00063 <span class="keywordtype">bool</span> pass = <a class="code" href="class_d_l___group_parameters___d_s_a.html#a1161018a8f95f1ac818272c571a52775">DL_GroupParameters_GFP::ValidateGroup</a>(rng, level);
<a name="l00064"></a>00064 pass = pass && DSA::IsValidPrimeLength(GetModulus().BitCount());
<a name="l00065"></a>00065 pass = pass && GetSubgroupOrder().<a class="code" href="class_integer.html#a178398002ab175e788a3bc224e5e5a8d" title="number of significant bits = floor(log2(abs(*this))) + 1">BitCount</a>() == 160;
<a name="l00066"></a>00066 <span class="keywordflow">return</span> pass;
<a name="l00067"></a>00067 }
<a name="l00068"></a>00068
<a name="l00069"></a>00069 <span class="keywordtype">void</span> DL_SignatureMessageEncodingMethod_DSA::ComputeMessageRepresentative(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng,
<a name="l00070"></a>00070 <span class="keyword">const</span> byte *recoverableMessage, <span class="keywordtype">size_t</span> recoverableMessageLength,
<a name="l00071"></a>00071 <a class="code" href="class_hash_transformation.html" title="interface for hash functions and data processing part of MACs">HashTransformation</a> &hash, HashIdentifier hashIdentifier, <span class="keywordtype">bool</span> messageEmpty,
<a name="l00072"></a>00072 byte *representative, <span class="keywordtype">size_t</span> representativeBitLength)<span class="keyword"> const</span>
<a name="l00073"></a>00073 <span class="keyword"></span>{
<a name="l00074"></a>00074 assert(recoverableMessageLength == 0);
<a name="l00075"></a>00075 assert(hashIdentifier.second == 0);
<a name="l00076"></a>00076 <span class="keyword">const</span> <span class="keywordtype">size_t</span> representativeByteLength = BitsToBytes(representativeBitLength);
<a name="l00077"></a>00077 <span class="keyword">const</span> <span class="keywordtype">size_t</span> digestSize = hash.<a class="code" href="class_hash_transformation.html#a9f42cc280bac76b884ad12615c0dabb5" title="size of the hash/digest/MAC returned by Final()">DigestSize</a>();
<a name="l00078"></a>00078 <span class="keyword">const</span> <span class="keywordtype">size_t</span> paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
<a name="l00079"></a>00079
<a name="l00080"></a>00080 memset(representative, 0, paddingLength);
<a name="l00081"></a>00081 hash.<a class="code" href="class_hash_transformation.html#a590ecda344aa0fb045abf42ec08823b2" title="truncated version of Final()">TruncatedFinal</a>(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
<a name="l00082"></a>00082
<a name="l00083"></a>00083 <span class="keywordflow">if</span> (digestSize*8 > representativeBitLength)
<a name="l00084"></a>00084 {
<a name="l00085"></a>00085 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> h(representative, representativeByteLength);
<a name="l00086"></a>00086 h >>= representativeByteLength*8 - representativeBitLength;
<a name="l00087"></a>00087 h.Encode(representative, representativeByteLength);
<a name="l00088"></a>00088 }
<a name="l00089"></a>00089 }
<a name="l00090"></a>00090
<a name="l00091"></a>00091 <span class="keywordtype">void</span> DL_SignatureMessageEncodingMethod_NR::ComputeMessageRepresentative(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng,
<a name="l00092"></a>00092 <span class="keyword">const</span> byte *recoverableMessage, <span class="keywordtype">size_t</span> recoverableMessageLength,
<a name="l00093"></a>00093 <a class="code" href="class_hash_transformation.html" title="interface for hash functions and data processing part of MACs">HashTransformation</a> &hash, HashIdentifier hashIdentifier, <span class="keywordtype">bool</span> messageEmpty,
<a name="l00094"></a>00094 byte *representative, <span class="keywordtype">size_t</span> representativeBitLength)<span class="keyword"> const</span>
<a name="l00095"></a>00095 <span class="keyword"></span>{
<a name="l00096"></a>00096 assert(recoverableMessageLength == 0);
<a name="l00097"></a>00097 assert(hashIdentifier.second == 0);
<a name="l00098"></a>00098 <span class="keyword">const</span> <span class="keywordtype">size_t</span> representativeByteLength = BitsToBytes(representativeBitLength);
<a name="l00099"></a>00099 <span class="keyword">const</span> <span class="keywordtype">size_t</span> digestSize = hash.<a class="code" href="class_hash_transformation.html#a9f42cc280bac76b884ad12615c0dabb5" title="size of the hash/digest/MAC returned by Final()">DigestSize</a>();
<a name="l00100"></a>00100 <span class="keyword">const</span> <span class="keywordtype">size_t</span> paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
<a name="l00101"></a>00101
<a name="l00102"></a>00102 memset(representative, 0, paddingLength);
<a name="l00103"></a>00103 hash.<a class="code" href="class_hash_transformation.html#a590ecda344aa0fb045abf42ec08823b2" title="truncated version of Final()">TruncatedFinal</a>(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
<a name="l00104"></a>00104
<a name="l00105"></a>00105 <span class="keywordflow">if</span> (digestSize*8 >= representativeBitLength)
<a name="l00106"></a>00106 {
<a name="l00107"></a>00107 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> h(representative, representativeByteLength);
<a name="l00108"></a>00108 h >>= representativeByteLength*8 - representativeBitLength + 1;
<a name="l00109"></a>00109 h.Encode(representative, representativeByteLength);
<a name="l00110"></a>00110 }
<a name="l00111"></a>00111 }
<a name="l00112"></a>00112
<a name="l00113"></a>00113 <span class="keywordtype">bool</span> DL_GroupParameters_IntegerBased::ValidateGroup(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> level)<span class="keyword"> const</span>
<a name="l00114"></a>00114 <span class="keyword"></span>{
<a name="l00115"></a>00115 <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &p = GetModulus(), &q = GetSubgroupOrder();
<a name="l00116"></a>00116
<a name="l00117"></a>00117 <span class="keywordtype">bool</span> pass = <span class="keyword">true</span>;
<a name="l00118"></a>00118 pass = pass && p > <a class="code" href="class_integer.html#a8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && p.IsOdd();
<a name="l00119"></a>00119 pass = pass && q > <a class="code" href="class_integer.html#a8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && q.IsOdd();
<a name="l00120"></a>00120
<a name="l00121"></a>00121 <span class="keywordflow">if</span> (level >= 1)
<a name="l00122"></a>00122 pass = pass && GetCofactor() > <a class="code" href="class_integer.html#a8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && GetGroupOrder() % q == <a class="code" href="class_integer.html#a19b7e6d48b1b57bd4846160ea2928175" title="avoid calling constructors for these frequently used integers">Integer::Zero</a>();
<a name="l00123"></a>00123 <span class="keywordflow">if</span> (level >= 2)
<a name="l00124"></a>00124 pass = pass && VerifyPrime(rng, q, level-2) && VerifyPrime(rng, p, level-2);
<a name="l00125"></a>00125
<a name="l00126"></a>00126 <span class="keywordflow">return</span> pass;
<a name="l00127"></a>00127 }
<a name="l00128"></a>00128
<a name="l00129"></a>00129 <span class="keywordtype">bool</span> DL_GroupParameters_IntegerBased::ValidateElement(<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> level, <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &g, <span class="keyword">const</span> <a class="code" href="class_d_l___fixed_base_precomputation.html">DL_FixedBasePrecomputation<Integer></a> *gpc)<span class="keyword"> const</span>
<a name="l00130"></a>00130 <span class="keyword"></span>{
<a name="l00131"></a>00131 <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &p = GetModulus(), &q = GetSubgroupOrder();
<a name="l00132"></a>00132
<a name="l00133"></a>00133 <span class="keywordtype">bool</span> pass = <span class="keyword">true</span>;
<a name="l00134"></a>00134 pass = pass && GetFieldType() == 1 ? g.IsPositive() : g.NotNegative();
<a name="l00135"></a>00135 pass = pass && g < p && !IsIdentity(g);
<a name="l00136"></a>00136
<a name="l00137"></a>00137 <span class="keywordflow">if</span> (level >= 1)
<a name="l00138"></a>00138 {
<a name="l00139"></a>00139 <span class="keywordflow">if</span> (gpc)
<a name="l00140"></a>00140 pass = pass && gpc->Exponentiate(GetGroupPrecomputation(), <a class="code" href="class_integer.html#a8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>()) == g;
<a name="l00141"></a>00141 }
<a name="l00142"></a>00142 <span class="keywordflow">if</span> (level >= 2)
<a name="l00143"></a>00143 {
<a name="l00144"></a>00144 <span class="keywordflow">if</span> (GetFieldType() == 2)
<a name="l00145"></a>00145 pass = pass && Jacobi(g*g-4, p)==-1;
<a name="l00146"></a>00146
<a name="l00147"></a>00147 <span class="comment">// verifying that Lucas((p+1)/2, w, p)==2 is omitted because it's too costly</span>
<a name="l00148"></a>00148 <span class="comment">// and at most 1 bit is leaked if it's false</span>
<a name="l00149"></a>00149 <span class="keywordtype">bool</span> fullValidate = (GetFieldType() == 2 && level >= 3) || !FastSubgroupCheckAvailable();
<a name="l00150"></a>00150
<a name="l00151"></a>00151 <span class="keywordflow">if</span> (fullValidate && pass)
<a name="l00152"></a>00152 {
<a name="l00153"></a>00153 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> gp = gpc ? gpc->Exponentiate(GetGroupPrecomputation(), q) : ExponentiateElement(g, q);
<a name="l00154"></a>00154 pass = pass && IsIdentity(gp);
<a name="l00155"></a>00155 }
<a name="l00156"></a>00156 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (GetFieldType() == 1)
<a name="l00157"></a>00157 pass = pass && Jacobi(g, p) == 1;
<a name="l00158"></a>00158 }
<a name="l00159"></a>00159
<a name="l00160"></a>00160 <span class="keywordflow">return</span> pass;
<a name="l00161"></a>00161 }
<a name="l00162"></a>00162
<a name="l00163"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#a8c9a79c493a215ca37408bb7ddfb5533">00163</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#a8c9a79c493a215ca37408bb7ddfb5533">DL_GroupParameters_IntegerBased::GenerateRandom</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &alg)
<a name="l00164"></a>00164 {
<a name="l00165"></a>00165 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> p, q, g;
<a name="l00166"></a>00166
<a name="l00167"></a>00167 <span class="keywordflow">if</span> (alg.<a class="code" href="class_name_value_pairs.html#a96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"Modulus"</span>, p) && alg.<a class="code" href="class_name_value_pairs.html#a96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"SubgroupGenerator"</span>, g))
<a name="l00168"></a>00168 {
<a name="l00169"></a>00169 q = alg.<a class="code" href="class_name_value_pairs.html#a943b2009297783f1c35bae46efc3b5f7" title="get a named value, returns the default if the name doesn't exist">GetValueWithDefault</a>(<span class="stringliteral">"SubgroupOrder"</span>, ComputeGroupOrder(p)/2);
<a name="l00170"></a>00170 }
<a name="l00171"></a>00171 <span class="keywordflow">else</span>
<a name="l00172"></a>00172 {
<a name="l00173"></a>00173 <span class="keywordtype">int</span> modulusSize, subgroupOrderSize;
<a name="l00174"></a>00174
<a name="l00175"></a>00175 <span class="keywordflow">if</span> (!alg.<a class="code" href="class_name_value_pairs.html#a39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"ModulusSize"</span>, modulusSize))
<a name="l00176"></a>00176 modulusSize = alg.<a class="code" href="class_name_value_pairs.html#ac269314685b737912d3499f4a9399618" title="get a named value with type int, with default">GetIntValueWithDefault</a>(<span class="stringliteral">"KeySize"</span>, 2048);
<a name="l00177"></a>00177
<a name="l00178"></a>00178 <span class="keywordflow">if</span> (!alg.<a class="code" href="class_name_value_pairs.html#a39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"SubgroupOrderSize"</span>, subgroupOrderSize))
<a name="l00179"></a>00179 subgroupOrderSize = GetDefaultSubgroupOrderSize(modulusSize);
<a name="l00180"></a>00180
<a name="l00181"></a>00181 <a class="code" href="class_prime_and_generator.html" title="generator of prime numbers of special forms">PrimeAndGenerator</a> pg;
<a name="l00182"></a>00182 pg.Generate(GetFieldType() == 1 ? 1 : -1, rng, modulusSize, subgroupOrderSize);
<a name="l00183"></a>00183 p = pg.Prime();
<a name="l00184"></a>00184 q = pg.SubPrime();
<a name="l00185"></a>00185 g = pg.Generator();
<a name="l00186"></a>00186 }
<a name="l00187"></a>00187
<a name="l00188"></a>00188 Initialize(p, q, g);
<a name="l00189"></a>00189 }
<a name="l00190"></a>00190
<a name="l00191"></a>00191 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> DL_GroupParameters_IntegerBased::DecodeElement(<span class="keyword">const</span> byte *encoded, <span class="keywordtype">bool</span> checkForGroupMembership)<span class="keyword"> const</span>
<a name="l00192"></a>00192 <span class="keyword"></span>{
<a name="l00193"></a>00193 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> g(encoded, GetModulus().ByteCount());
<a name="l00194"></a>00194 <span class="keywordflow">if</span> (!ValidateElement(1, g, NULL))
<a name="l00195"></a>00195 <span class="keywordflow">throw</span> <a class="code" href="class_d_l___bad_element.html" title="to be thrown by DecodeElement and AgreeWithStaticPrivateKey">DL_BadElement</a>();
<a name="l00196"></a>00196 <span class="keywordflow">return</span> g;
<a name="l00197"></a>00197 }
<a name="l00198"></a>00198
<a name="l00199"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#a9a13e3dd2da2b154d8296f306e2ee2a9">00199</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#a9a13e3dd2da2b154d8296f306e2ee2a9" title="decode this object from a BufferedTransformation, using BER (Basic Encoding Rules)">DL_GroupParameters_IntegerBased::BERDecode</a>(<a class="code" href="class_buffered_transformation.html" title="interface for buffered transformations">BufferedTransformation</a> &bt)
<a name="l00200"></a>00200 {
<a name="l00201"></a>00201 <a class="code" href="class_b_e_r_sequence_decoder.html" title="BER Sequence Decoder.">BERSequenceDecoder</a> parameters(bt);
<a name="l00202"></a>00202 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> p(parameters);
<a name="l00203"></a>00203 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> q(parameters);
<a name="l00204"></a>00204 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> g;
<a name="l00205"></a>00205 <span class="keywordflow">if</span> (parameters.EndReached())
<a name="l00206"></a>00206 {
<a name="l00207"></a>00207 g = q;
<a name="l00208"></a>00208 q = ComputeGroupOrder(p) / 2;
<a name="l00209"></a>00209 }
<a name="l00210"></a>00210 <span class="keywordflow">else</span>
<a name="l00211"></a>00211 g.BERDecode(parameters);
<a name="l00212"></a>00212 parameters.MessageEnd();
<a name="l00213"></a>00213
<a name="l00214"></a>00214 SetModulusAndSubgroupGenerator(p, g);
<a name="l00215"></a>00215 SetSubgroupOrder(q);
<a name="l00216"></a>00216 }
<a name="l00217"></a>00217
<a name="l00218"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#ad1ae53e3f7253db8f7056a93e9d05e24">00218</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#ad1ae53e3f7253db8f7056a93e9d05e24" title="encode this object into a BufferedTransformation, using DER (Distinguished Encoding Rules)...">DL_GroupParameters_IntegerBased::DEREncode</a>(<a class="code" href="class_buffered_transformation.html" title="interface for buffered transformations">BufferedTransformation</a> &bt)<span class="keyword"> const</span>
<a name="l00219"></a>00219 <span class="keyword"></span>{
<a name="l00220"></a>00220 <a class="code" href="class_d_e_r_sequence_encoder.html" title="DER Sequence Encoder.">DERSequenceEncoder</a> parameters(bt);
<a name="l00221"></a>00221 GetModulus().<a class="code" href="class_integer.html#a6ab51a05bee88cfa690179611e8a084e" title="encode using Distinguished Encoding Rules, put result into a BufferedTransformation object...">DEREncode</a>(parameters);
<a name="l00222"></a>00222 m_q.<a class="code" href="class_integer.html#a6ab51a05bee88cfa690179611e8a084e" title="encode using Distinguished Encoding Rules, put result into a BufferedTransformation object...">DEREncode</a>(parameters);
<a name="l00223"></a>00223 GetSubgroupGenerator().<a class="code" href="class_integer.html#a6ab51a05bee88cfa690179611e8a084e" title="encode using Distinguished Encoding Rules, put result into a BufferedTransformation object...">DEREncode</a>(parameters);
<a name="l00224"></a>00224 parameters.MessageEnd();
<a name="l00225"></a>00225 }
<a name="l00226"></a>00226
<a name="l00227"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#ad8a0f30e8440212bb20d3155b1d88463">00227</a> <span class="keywordtype">bool</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#ad8a0f30e8440212bb20d3155b1d88463" title="to be implemented by derived classes, users should use one of the above functions instead...">DL_GroupParameters_IntegerBased::GetVoidValue</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> *name, <span class="keyword">const</span> std::type_info &valueType, <span class="keywordtype">void</span> *pValue)<span class="keyword"> const</span>
<a name="l00228"></a>00228 <span class="keyword"></span>{
<a name="l00229"></a>00229 <span class="keywordflow">return</span> GetValueHelper<DL_GroupParameters<Element> >(<span class="keyword">this</span>, name, valueType, pValue)
<a name="l00230"></a>00230 CRYPTOPP_GET_FUNCTION_ENTRY(Modulus);
<a name="l00231"></a>00231 }
<a name="l00232"></a>00232
<a name="l00233"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#a151a76c88372bdf98c68be2ad19400e1">00233</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#a151a76c88372bdf98c68be2ad19400e1" title="assign values from source to this object">DL_GroupParameters_IntegerBased::AssignFrom</a>(<span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &source)
<a name="l00234"></a>00234 {
<a name="l00235"></a>00235 AssignFromHelper(<span class="keyword">this</span>, source)
<a name="l00236"></a>00236 CRYPTOPP_SET_FUNCTION_ENTRY2(Modulus, SubgroupGenerator)
<a name="l00237"></a>00237 CRYPTOPP_SET_FUNCTION_ENTRY(SubgroupOrder)
<a name="l00238"></a>00238 ;
<a name="l00239"></a>00239 }
<a name="l00240"></a>00240
<a name="l00241"></a>00241 <a class="code" href="class_o_i_d.html" title="Object Identifier.">OID</a> DL_GroupParameters_IntegerBased::GetAlgorithmID()<span class="keyword"> const</span>
<a name="l00242"></a>00242 <span class="keyword"></span>{
<a name="l00243"></a>00243 <span class="keywordflow">return</span> ASN1::id_dsa();
<a name="l00244"></a>00244 }
<a name="l00245"></a>00245
<a name="l00246"></a>00246 <span class="keywordtype">void</span> DL_GroupParameters_GFP::SimultaneousExponentiate(Element *results, <span class="keyword">const</span> Element &base, <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> *exponents, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> exponentsCount)<span class="keyword"> const</span>
<a name="l00247"></a>00247 <span class="keyword"></span>{
<a name="l00248"></a>00248 <a class="code" href="class_modular_arithmetic.html" title="ring of congruence classes modulo n">ModularArithmetic</a> ma(GetModulus());
<a name="l00249"></a>00249 ma.SimultaneousExponentiate(results, base, exponents, exponentsCount);
<a name="l00250"></a>00250 }
<a name="l00251"></a>00251
<a name="l00252"></a>00252 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">DL_GroupParameters_GFP::Element</a> DL_GroupParameters_GFP::MultiplyElements(<span class="keyword">const</span> Element &a, <span class="keyword">const</span> Element &b)<span class="keyword"> const</span>
<a name="l00253"></a>00253 <span class="keyword"></span>{
<a name="l00254"></a>00254 <span class="keywordflow">return</span> a_times_b_mod_c(a, b, GetModulus());
<a name="l00255"></a>00255 }
<a name="l00256"></a>00256
<a name="l00257"></a>00257 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">DL_GroupParameters_GFP::Element</a> DL_GroupParameters_GFP::CascadeExponentiate(<span class="keyword">const</span> Element &element1, <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &exponent1, <span class="keyword">const</span> Element &element2, <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &exponent2)<span class="keyword"> const</span>
<a name="l00258"></a>00258 <span class="keyword"></span>{
<a name="l00259"></a>00259 <a class="code" href="class_modular_arithmetic.html" title="ring of congruence classes modulo n">ModularArithmetic</a> ma(GetModulus());
<a name="l00260"></a>00260 <span class="keywordflow">return</span> ma.CascadeExponentiate(element1, exponent1, element2, exponent2);
<a name="l00261"></a>00261 }
<a name="l00262"></a>00262
<a name="l00263"></a>00263 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> DL_GroupParameters_IntegerBased::GetMaxExponent()<span class="keyword"> const</span>
<a name="l00264"></a>00264 <span class="keyword"></span>{
<a name="l00265"></a>00265 <span class="keywordflow">return</span> STDMIN(GetSubgroupOrder()-1, <a class="code" href="class_integer.html#ade53248f5dbb520273a70856b975417c" title="return the integer 2**e">Integer::Power2</a>(2*DiscreteLogWorkFactor(GetFieldType()*GetModulus().BitCount())));
<a name="l00266"></a>00266 }
<a name="l00267"></a>00267
<a name="l00268"></a>00268 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> DL_GroupParameters_IntegerBased::GetDefaultSubgroupOrderSize(<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> modulusSize)<span class="keyword"> const</span>
<a name="l00269"></a>00269 <span class="keyword"></span>{
<a name="l00270"></a>00270 <span class="keywordflow">return</span> 2*DiscreteLogWorkFactor(GetFieldType()*modulusSize);
<a name="l00271"></a>00271 }
<a name="l00272"></a>00272
<a name="l00273"></a>00273 NAMESPACE_END
<a name="l00274"></a>00274
<a name="l00275"></a>00275 <span class="preprocessor">#endif</span>
</pre></div></div>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Sun Oct 16 2011 for Crypto++ by 
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.4 </small></address>
</body>
</html>
