cryptlib.h

Crypto++是一个非常强大的密码学库,主要是功能全

	
#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
	unsigned int MaxPlainTextLength(unsigned int cipherTextLength) const {return MaxPlaintextLength(cipherTextLength);}
	unsigned int CipherTextLength(unsigned int plainTextLength) const {return CiphertextLength(plainTextLength);}
	unsigned int MaxPlainTextLength() const {return FixedMaxPlaintextLength();}
	unsigned int CipherTextLength() const {return FixedCiphertextLength();}
#endif
};

//! interface for encryptors with fixed length ciphertext

class CRYPTOPP_DLL PK_FixedLengthEncryptor : public PK_Encryptor, virtual public PK_FixedLengthCryptoSystem
{
};

//! interface for decryptors with fixed length ciphertext

class CRYPTOPP_DLL PK_FixedLengthDecryptor : public PK_Decryptor, virtual public PK_FixedLengthCryptoSystem
{
public:
	//! decrypt a byte string, and return the length of plaintext
	/*! \pre length of cipherText == CipherTextLength()
		\pre size of plainText == MaxPlainTextLength()
		\return the actual length of the plaintext, or 0 if decryption fails.
	*/
	virtual DecodingResult FixedLengthDecrypt(const byte *cipherText, byte *plainText) const =0;

	DecodingResult Decrypt(const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const;

#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
	DecodingResult Decrypt(const byte *cipherText, byte *plainText) const {return FixedLengthDecrypt(cipherText, plainText);}
#endif
};

//! interface for public-key signers and verifiers

/*! This class provides an interface common to signers and verifiers
	for querying their signature lengths and creating message
	accumulators.
*/
class CRYPTOPP_DLL PK_SignatureScheme
{
public:
	virtual ~PK_SignatureScheme() {}

	//! signature length support by this object (as either input or output)
	virtual unsigned int SignatureLength() const =0;

	//! deprecated, please use PK_Signer::NewSignatureAccumulator or PK_Verifier::NewVerificationAccumulator instead
	virtual HashTransformation * NewMessageAccumulator() const =0;
};

//! interface for public-key signers

class CRYPTOPP_DLL PK_Signer : virtual public PK_SignatureScheme, public PrivateKeyAlgorithm
{
public:
	//! key too short exception, may be thrown by Sign() or SignMessage()
	class CRYPTOPP_DLL KeyTooShort : public Exception
	{
	public:
		KeyTooShort() : Exception(OTHER_ERROR, "PK_Signer: key too short") {}
	};

	//! sign and delete messageAccumulator (even in case of exception thrown)
	/*! \pre messageAccumulator was obtained by calling NewSignatureAccumulator()
		\pre HashTransformation::Final() has not been called on messageAccumulator
		\pre size of signature == SignatureLength()
	*/
	virtual void Sign(RandomNumberGenerator &rng, HashTransformation *messageAccumulator, byte *signature) const;

	//! sign and restart messageAccumulator
	virtual void SignAndRestart(RandomNumberGenerator &rng, HashTransformation &messageAccumulator, byte *signature) const =0;

	//! sign a message
	/*! \pre size of signature == SignatureLength() */
	virtual void SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const;

	//! create a new HashTransformation to accumulate the message to be signed
	virtual HashTransformation * NewSignatureAccumulator() const
		{return NewMessageAccumulator();}
};

//! interface for public-key signature verifiers

class CRYPTOPP_DLL PK_Verifier : virtual public PK_SignatureScheme, public PublicKeyAlgorithm
{
public:
	/*! If this function returns true, you must input the signature when
		calling NewVerificationAccumulator(). Otherwise, you must input the signature
		when calling Verify(). */
	virtual bool SignatureUpfrontForVerification() const {return false;}

	//! create a new HashTransformation to accumulate the message to be verified
	/*! \param signature is ignored if SignatureUpfrontForVerification() == false
		\param signature may be NULL to indicate that the signature is not available yet
	*/
	virtual HashTransformation * NewVerificationAccumulator(const byte *signature=NULL) const
		{return NewMessageAccumulator();}

	//! check whether sig is a valid signature for messageAccumulator, and delete messageAccumulator (even in case of exception thrown)
	/*! \pre messageAccumulator was obtained by calling NewVerificationAccumulator()
		\pre HashTransformation::Final() has not been called on messageAccumulator
		\pre length of signature == SignatureLength()
		\param signature is ignored if SignatureUpfrontForVerification() == true
	*/
	virtual bool Verify(HashTransformation *messageAccumulator, const byte *signature=NULL) const;

	//! check whether sig is a valid signature for messageAccumulator, and restart messageAccumulator
	/*! \note depending on SignatureUpfrontForVerification(), signature is either the current or the next signature
		\param signature may be NULL to indicate that the next signature is not available yet
	*/
	virtual bool VerifyAndRestart(HashTransformation &messageAccumulator, const byte *signature) const =0;

	//! only useful if SignatureUpfrontForVerification() == true
	virtual void InitializeVerificationAccumulator(HashTransformation &messageAccumulator, const byte *signature) const {}

	//! check whether sig is a valid signature for message
	/*! \pre size of signature == SignatureLength() */
	virtual bool VerifyMessage(const byte *message, unsigned int messageLen, const byte *signature) const;
};

//! interface for public-key signers and verifiers with recovery

/*! In a signature scheme with recovery, a verifier is able to extract
	a message from its valid signature.
*/
class CRYPTOPP_DLL PK_SignatureSchemeWithRecovery : virtual public PK_SignatureScheme
{
public:
	//! length of longest message that can be fully recovered
	virtual unsigned int MaximumRecoverableLength() const =0;

	//! whether or not messages longer than MaximumRecoverableLength() can be signed
	/*! If this function returns false, any message longer than
		MaximumRecoverableLength() will be truncated for signature
		and will fail verification.
	*/
	virtual bool AllowLeftoverMessage() const =0;
};

//! interface for public-key signers with recovery

class CRYPTOPP_DLL PK_SignerWithRecovery : virtual public PK_SignatureSchemeWithRecovery, virtual public PK_Signer
{
};

//! interface for public-key verifiers with recovery

/*! A PK_VerifierWithRecovery can also be used the same way as a PK_Verifier,
	where the signature and the entire message is given to Verify() or
	VerifyMessage() as input.
*/
class CRYPTOPP_DLL PK_VerifierWithRecovery : virtual public PK_SignatureSchemeWithRecovery, virtual public PK_Verifier
{
public:
	/*! If this function returns true, you must input the signature when
		calling NewRecoveryAccumulator(). Otherwise, you must input the signature
		when calling Recover(). */
	virtual bool SignatureUpfrontForRecovery() const =0;

	//! create a new HashTransformation to accumulate leftover message
	virtual HashTransformation * NewRecoveryAccumulator(const byte *signature=NULL) const =0;

	//! recover a message from its signature
	/*! \pre leftoverMessageAccumulator was obtained by calling NewLeftoverMessageAccumulator(signature)
		\pre HashTransformation::Final() has not been called on leftoverMessageAccumulator
		\pre length of signature == SignatureLength()
		\pre size of recoveredMessage == MaximumRecoverableLength()
	*/
	virtual DecodingResult Recover(byte *recoveredMessage, HashTransformation *recoveryAccumulator, const byte *signature=NULL) const =0;

	//! recover a message from its signature
	/*! depending on SignatureUpfrontForRecovery(), signature is either the current or the next signature */
	// TODO: uncomment this and implement
	// virtual unsigned int RecoverAndRestart(byte *recoveredMessage, HashTransformation &recoveryAccumulator, const byte *signature) const =0;

	//! recover a message from its signature
	/*! \note This function should be equivalent to Recover(recoveredMessage, NewRecoveryAccumulator(signature), signature)
		\pre length of signature == SignatureLength()
		\pre size of recoveredMessage == MaximumRecoverableLength()
	*/
	virtual DecodingResult RecoverMessage(byte *recoveredMessage, const byte *message, unsigned int messageLen, const byte *signature) const
		{return Recover(recoveredMessage, NewRecoveryAccumulator(signature), signature);}
};

//! interface for domains of simple key agreement protocols

/*! A key agreement domain is a set of parameters that must be shared
	by two parties in a key agreement protocol, along with the algorithms
	for generating key pairs and deriving agreed values.
*/
class CRYPTOPP_DLL SimpleKeyAgreementDomain : public KeyAgreementAlgorithm
{
public:
	//! return length of agreed value produced
	virtual unsigned int AgreedValueLength() const =0;
	//! return length of private keys in this domain
	virtual unsigned int PrivateKeyLength() const =0;
	//! return length of public keys in this domain
	virtual unsigned int PublicKeyLength() const =0;
	//! generate private key
	/*! \pre size of privateKey == PrivateKeyLength() */
	virtual void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
	//! generate public key
	/*!	\pre size of publicKey == PublicKeyLength() */
	virtual void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
	//! generate private/public key pair
	/*! \note equivalent to calling GeneratePrivateKey() and then GeneratePublicKey() */
	virtual void GenerateKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;
	//! derive agreed value from your private key and couterparty's public key, return false in case of failure
	/*! \note If you have previously validated the public key, use validateOtherPublicKey=false to save time.
	/*! \pre size of agreedValue == AgreedValueLength()
		\pre length of privateKey == PrivateKeyLength()
		\pre length of otherPublicKey == PublicKeyLength()
	*/
	virtual bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const =0;

#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
	bool ValidateDomainParameters(RandomNumberGenerator &rng) const
		{return GetCryptoParameters().Validate(rng, 2);}
#endif
};

//! interface for domains of authenticated key agreement protocols

/*! In an authenticated key agreement protocol, each party has two
	key pairs. The long-lived key pair is called the static key pair,
	and the short-lived key pair is called the ephemeral key pair.
*/
class CRYPTOPP_DLL AuthenticatedKeyAgreementDomain : public KeyAgreementAlgorithm
{
public:
	//! return length of agreed value produced
	virtual unsigned int AgreedValueLength() const =0;

	//! return length of static private keys in this domain
	virtual unsigned int StaticPrivateKeyLength() const =0;
	//! return length of static public keys in this domain
	virtual unsigned int StaticPublicKeyLength() const =0;
	//! generate static private key
	/*! \pre size of privateKey == PrivateStaticKeyLength() */
	virtual void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
	//! generate static public key
	/*!	\pre size of publicKey == PublicStaticKeyLength() */
	virtual void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
	//! generate private/public key pair
	/*! \note equivalent to calling GenerateStaticPrivateKey() and then GenerateStaticPublicKey() */
	virtual void GenerateStaticKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;

	//! return length of ephemeral private keys in this domain
	virtual unsigned int EphemeralPrivateKeyLength() const =0;
	//! return length of ephemeral public keys in this domain
	virtual unsigned int EphemeralPublicKeyLength() const =0;
	//! generate ephemeral private key
	/*! \pre size of privateKey == PrivateEphemeralKeyLength() */
	virtual void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
	//! generate ephemeral public key
	/*!	\pre size of publicKey == PublicEphemeralKeyLength() */
	virtual void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
	//! generate private/public key pair
	/*! \note equivalent to calling GenerateEphemeralPrivateKey() and then GenerateEphemeralPublicKey() */
	virtual void GenerateEphemeralKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;

	//! derive agreed value from your private keys and couterparty's public keys, return false in case of failure
	/*! \note The ephemeral public key will always be validated.
		      If you have previously validated the static public key, use validateStaticOtherPublicKey=false to save time.
		\pre size of agreedValue == AgreedValueLength()
		\pre length of staticPrivateKey == StaticPrivateKeyLength()
		\pre length of ephemeralPrivateKey == EphemeralPrivateKeyLength()
		\pre length of staticOtherPublicKey == StaticPublicKeyLength()
		\pre length of ephemeralOtherPublicKey == EphemeralPublicKeyLength()
	*/
	virtual bool Agree(byte *agreedValue,
		const byte *staticPrivateKey, const byte *ephemeralPrivateKey,
		const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey,
		bool validateStaticOtherPublicKey=true) const =0;

#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
	bool ValidateDomainParameters(RandomNumberGenerator &rng) const
		{return GetCryptoParameters().Validate(rng, 2);}
#endif
};

// interface for password authenticated key agreement protocols, not implemented yet
#if 0
//! interface for protocol sessions
/*! The methods should be called in the following order:

	InitializeSession(rng, parameters);	/