4 #ifndef CRYPTOPP_FHMQV_H
5 #define CRYPTOPP_FHMQV_H
23 template <
class GROUP_PARAMETERS,
class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption,
class HASH = SHA512>
27 typedef GROUP_PARAMETERS GroupParameters;
28 typedef typename GroupParameters::Element Element;
31 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
35 FHMQV_Domain(
bool clientRole =
true): m_role(clientRole ? RoleClient : RoleServer) {}
37 FHMQV_Domain(
const GroupParameters ¶ms,
bool clientRole =
true)
38 : m_role(clientRole ? RoleClient : RoleServer), m_groupParameters(params) {}
41 : m_role(clientRole ? RoleClient : RoleServer)
42 {m_groupParameters.BERDecode(bt);}
46 : m_role(clientRole ? RoleClient : RoleServer)
47 {m_groupParameters.Initialize(v1);}
49 template <
class T1,
class T2>
51 : m_role(clientRole ? RoleClient : RoleServer)
52 {m_groupParameters.Initialize(v1, v2);}
54 template <
class T1,
class T2,
class T3>
55 FHMQV_Domain(T1 v1, T2 v2, T3 v3,
bool clientRole =
true)
56 : m_role(clientRole ? RoleClient : RoleServer)
57 {m_groupParameters.Initialize(v1, v2, v3);}
59 template <
class T1,
class T2,
class T3,
class T4>
60 FHMQV_Domain(T1 v1, T2 v2, T3 v3, T4 v4,
bool clientRole =
true)
61 : m_role(clientRole ? RoleClient : RoleServer)
62 {m_groupParameters.Initialize(v1, v2, v3, v4);}
66 const GroupParameters & GetGroupParameters()
const {
return m_groupParameters;}
67 GroupParameters & AccessGroupParameters(){
return m_groupParameters;}
72 unsigned int AgreedValueLength()
const {
return GetAbstractGroupParameters().GetEncodedElementSize(
false);}
113 CRYPTOPP_UNUSED(rng);
127 const byte *staticPrivateKey,
const byte *ephemeralPrivateKey,
128 const byte *staticOtherPublicKey,
const byte *ephemeralOtherPublicKey,
129 bool validateStaticOtherPublicKey=
true)
const
131 byte *XX = NULL, *YY = NULL, *AA = NULL, *BB = NULL;
132 size_t xxs = 0, yys = 0, aas = 0, bbs = 0;
142 if(m_role == RoleServer)
148 XX =
const_cast<byte*
>(ephemeralOtherPublicKey);
152 AA =
const_cast<byte*
>(staticOtherPublicKey);
157 else if(m_role == RoleClient)
165 YY =
const_cast<byte*
>(ephemeralOtherPublicKey);
169 BB =
const_cast<byte*
>(staticOtherPublicKey);
181 Element VV1 = params.
DecodeElement(staticOtherPublicKey,
false);
182 if(!params.
ValidateElement(validateStaticOtherPublicKey ? 3 : 1, VV1, NULL))
187 Element VV2 = params.
DecodeElement(ephemeralOtherPublicKey,
false);
192 const unsigned int len = (((q.
BitCount()+1)/2 +7)/8);
197 Hash(NULL, XX, xxs, YY, yys, AA, aas, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
198 d.Decode(dd.BytePtr(), dd.SizeInBytes());
200 Hash(NULL, YY, yys, XX, xxs, AA, aas, BB, bbs, ee.
BytePtr(), ee.
SizeInBytes());
204 if(m_role == RoleServer)
214 Element t2 = m_groupParameters.MultiplyElements(X, t1);
228 Element t2 = m_groupParameters.MultiplyElements(Y, t1);
233 Hash(&sigma, XX, xxs, YY, yys, AA, aas, BB, bbs, agreedValue,
AgreedValueLength());
244 inline void Hash(
const Element* sigma,
245 const byte* e1,
size_t e1len,
const byte* e2,
size_t e2len,
246 const byte* s1,
size_t s1len,
const byte* s2,
size_t s2len,
247 byte* digest,
size_t dlen)
const
250 size_t idx = 0, req = dlen;
251 size_t blk =
STDMIN(dlen, (
size_t)HASH::DIGESTSIZE);
255 Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
257 x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
258 hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
261 hash.Update(e1, e1len);
262 hash.Update(e2, e2len);
263 hash.Update(s1, s1len);
264 hash.Update(s2, s2len);
266 hash.TruncatedFinal(digest, blk);
272 hash.Update(&digest[idx], (
size_t)HASH::DIGESTSIZE);
274 idx += (size_t)HASH::DIGESTSIZE;
275 blk =
STDMIN(req, (
size_t)HASH::DIGESTSIZE);
276 hash.TruncatedFinal(&digest[idx], blk);
285 enum KeyAgreementRole{ RoleServer = 1, RoleClient };
290 GroupParameters m_groupParameters;
291 KeyAgreementRole m_role;