📄 gfpcrypt_8cpp-source.html
字号:
<a name="l00081"></a>00081 hash.<a class="code" href="class_hash_transformation.html#590ecda344aa0fb045abf42ec08823b2" title="truncated version of Final()">TruncatedFinal</a>(representative+paddingLength, STDMIN(representativeByteLength, digestSize));<a name="l00082"></a>00082 <a name="l00083"></a>00083 <span class="keywordflow">if</span> (digestSize*8 > representativeBitLength)<a name="l00084"></a>00084 {<a name="l00085"></a>00085 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> h(representative, representativeByteLength);<a name="l00086"></a>00086 h >>= representativeByteLength*8 - representativeBitLength;<a name="l00087"></a>00087 h.<a class="code" href="class_integer.html#c12ea467de9a609b86ec03d8cb8837e4" title="encode in big-endian format">Encode</a>(representative, representativeByteLength);<a name="l00088"></a>00088 }<a name="l00089"></a>00089 }<a name="l00090"></a>00090 <a name="l00091"></a><a class="code" href="class_d_l___signature_message_encoding_method___n_r.html#6a4cf939444c8eea9e47c674f6db6797">00091</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___signature_message_encoding_method___n_r.html#6a4cf939444c8eea9e47c674f6db6797">DL_SignatureMessageEncodingMethod_NR::ComputeMessageRepresentative</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <a name="l00092"></a>00092 <span class="keyword">const</span> byte *recoverableMessage, <span class="keywordtype">size_t</span> recoverableMessageLength,<a name="l00093"></a>00093 <a class="code" href="class_hash_transformation.html" title="interface for hash functions and data processing part of MACs">HashTransformation</a> &hash, <a class="code" href="pubkey_8h.html#ef874ed3f2d212ac4629255c8ef86dd0">HashIdentifier</a> hashIdentifier, <span class="keywordtype">bool</span> messageEmpty,<a name="l00094"></a>00094 byte *representative, <span class="keywordtype">size_t</span> representativeBitLength)<span class="keyword"> const</span><a name="l00095"></a>00095 <span class="keyword"></span>{<a name="l00096"></a>00096 assert(recoverableMessageLength == 0);<a name="l00097"></a>00097 assert(hashIdentifier.second == 0);<a name="l00098"></a>00098 <span class="keyword">const</span> <span class="keywordtype">size_t</span> representativeByteLength = BitsToBytes(representativeBitLength);<a name="l00099"></a>00099 <span class="keyword">const</span> <span class="keywordtype">size_t</span> digestSize = hash.<a class="code" href="class_hash_transformation.html#41faf8b1293a6c72390cb0c8bd668097" title="size of the hash returned by Final()">DigestSize</a>();<a name="l00100"></a>00100 <span class="keyword">const</span> <span class="keywordtype">size_t</span> paddingLength = SaturatingSubtract(representativeByteLength, digestSize);<a name="l00101"></a>00101 <a name="l00102"></a>00102 memset(representative, 0, paddingLength);<a name="l00103"></a>00103 hash.<a class="code" href="class_hash_transformation.html#590ecda344aa0fb045abf42ec08823b2" title="truncated version of Final()">TruncatedFinal</a>(representative+paddingLength, STDMIN(representativeByteLength, digestSize));<a name="l00104"></a>00104 <a name="l00105"></a>00105 <span class="keywordflow">if</span> (digestSize*8 >= representativeBitLength)<a name="l00106"></a>00106 {<a name="l00107"></a>00107 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> h(representative, representativeByteLength);<a name="l00108"></a>00108 h >>= representativeByteLength*8 - representativeBitLength + 1;<a name="l00109"></a>00109 h.<a class="code" href="class_integer.html#c12ea467de9a609b86ec03d8cb8837e4" title="encode in big-endian format">Encode</a>(representative, representativeByteLength);<a name="l00110"></a>00110 }<a name="l00111"></a>00111 }<a name="l00112"></a>00112 <a name="l00113"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#be42dee24455ea7aac8edee78012cbad">00113</a> <span class="keywordtype">bool</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#be42dee24455ea7aac8edee78012cbad">DL_GroupParameters_IntegerBased::ValidateGroup</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> level)<span class="keyword"> const</span><a name="l00114"></a>00114 <span class="keyword"></span>{<a name="l00115"></a>00115 <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &p = GetModulus(), &q = <a class="code" href="class_d_l___group_parameters___integer_based.html#e6eb7fd2937f5eee9740d0db173f0475">GetSubgroupOrder</a>();<a name="l00116"></a>00116 <a name="l00117"></a>00117 <span class="keywordtype">bool</span> pass = <span class="keyword">true</span>;<a name="l00118"></a>00118 pass = pass && p > <a class="code" href="class_integer.html#8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && p.<a class="code" href="class_integer.html#ed4bb7208a18b986ef3e1a7d92e06d1d">IsOdd</a>();<a name="l00119"></a>00119 pass = pass && q > <a class="code" href="class_integer.html#8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && q.<a class="code" href="class_integer.html#ed4bb7208a18b986ef3e1a7d92e06d1d">IsOdd</a>();<a name="l00120"></a>00120 <a name="l00121"></a>00121 <span class="keywordflow">if</span> (level >= 1)<a name="l00122"></a>00122 pass = pass && <a class="code" href="class_d_l___group_parameters.html#1a7a2e50499872d2be408aa36621bf91">GetCofactor</a>() > <a class="code" href="class_integer.html#8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>() && <a class="code" href="class_d_l___group_parameters___integer_based.html#2aa2e513e93ac6110fafa7c26fd6dcd3">GetGroupOrder</a>() % q == <a class="code" href="class_integer.html#19b7e6d48b1b57bd4846160ea2928175" title="avoid calling constructors for these frequently used integers">Integer::Zero</a>();<a name="l00123"></a>00123 <span class="keywordflow">if</span> (level >= 2)<a name="l00124"></a>00124 pass = pass && VerifyPrime(rng, q, level-2) && VerifyPrime(rng, p, level-2);<a name="l00125"></a>00125 <a name="l00126"></a>00126 <span class="keywordflow">return</span> pass;<a name="l00127"></a>00127 }<a name="l00128"></a>00128 <a name="l00129"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#dce1f61e6d7556ecebdac14f0018adbf">00129</a> <span class="keywordtype">bool</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#dce1f61e6d7556ecebdac14f0018adbf">DL_GroupParameters_IntegerBased::ValidateElement</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> level, <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &g, <span class="keyword">const</span> <a class="code" href="class_d_l___fixed_base_precomputation.html">DL_FixedBasePrecomputation<Integer></a> *gpc)<span class="keyword"> const</span><a name="l00130"></a>00130 <span class="keyword"></span>{<a name="l00131"></a>00131 <span class="keyword">const</span> <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> &p = GetModulus(), &q = <a class="code" href="class_d_l___group_parameters___integer_based.html#e6eb7fd2937f5eee9740d0db173f0475">GetSubgroupOrder</a>();<a name="l00132"></a>00132 <a name="l00133"></a>00133 <span class="keywordtype">bool</span> pass = <span class="keyword">true</span>;<a name="l00134"></a>00134 pass = pass && GetFieldType() == 1 ? g.<a class="code" href="class_integer.html#13ddbfd8e9729932c2a99b0dff530978">IsPositive</a>() : g.<a class="code" href="class_integer.html#880ab53116f2b9f527489d86ee806896">NotNegative</a>();<a name="l00135"></a>00135 pass = pass && g < p && !IsIdentity(g);<a name="l00136"></a>00136 <a name="l00137"></a>00137 <span class="keywordflow">if</span> (level >= 1)<a name="l00138"></a>00138 {<a name="l00139"></a>00139 <span class="keywordflow">if</span> (gpc)<a name="l00140"></a>00140 pass = pass && gpc-><a class="code" href="class_d_l___fixed_base_precomputation.html#c11f5d82936a1e62395230aba2a34ae4">Exponentiate</a>(GetGroupPrecomputation(), <a class="code" href="class_integer.html#8c070592581bf6c2f928c72bfa1c1638" title="avoid calling constructors for these frequently used integers">Integer::One</a>()) == g;<a name="l00141"></a>00141 }<a name="l00142"></a>00142 <span class="keywordflow">if</span> (level >= 2)<a name="l00143"></a>00143 {<a name="l00144"></a>00144 <span class="keywordflow">if</span> (GetFieldType() == 2)<a name="l00145"></a>00145 pass = pass && Jacobi(g*g-4, p)==-1;<a name="l00146"></a>00146 <a name="l00147"></a>00147 <span class="comment">// verifying that Lucas((p+1)/2, w, p)==2 is omitted because it's too costly</span><a name="l00148"></a>00148 <span class="comment">// and at most 1 bit is leaked if it's false</span><a name="l00149"></a>00149 <span class="keywordtype">bool</span> fullValidate = (GetFieldType() == 2 && level >= 3) || !<a class="code" href="class_d_l___group_parameters___integer_based.html#c1cec62d442856c46c536e2ae1e0328a">FastSubgroupCheckAvailable</a>();<a name="l00150"></a>00150 <a name="l00151"></a>00151 <span class="keywordflow">if</span> (fullValidate && pass)<a name="l00152"></a>00152 {<a name="l00153"></a>00153 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> gp = gpc ? gpc-><a class="code" href="class_d_l___fixed_base_precomputation.html#c11f5d82936a1e62395230aba2a34ae4">Exponentiate</a>(GetGroupPrecomputation(), q) : <a class="code" href="class_d_l___group_parameters.html#0b49c5d4dbe0b8de7b967d5c6c78e712">ExponentiateElement</a>(g, q);<a name="l00154"></a>00154 pass = pass && IsIdentity(gp);<a name="l00155"></a>00155 }<a name="l00156"></a>00156 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (GetFieldType() == 1)<a name="l00157"></a>00157 pass = pass && Jacobi(g, p) == 1;<a name="l00158"></a>00158 }<a name="l00159"></a>00159 <a name="l00160"></a>00160 <span class="keywordflow">return</span> pass;<a name="l00161"></a>00161 }<a name="l00162"></a>00162 <a name="l00163"></a><a class="code" href="class_d_l___group_parameters___integer_based.html#8c9a79c493a215ca37408bb7ddfb5533">00163</a> <span class="keywordtype">void</span> <a class="code" href="class_d_l___group_parameters___integer_based.html#8c9a79c493a215ca37408bb7ddfb5533">DL_GroupParameters_IntegerBased::GenerateRandom</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &alg)<a name="l00164"></a>00164 {<a name="l00165"></a>00165 <a class="code" href="class_integer.html" title="multiple precision integer and basic arithmetics">Integer</a> p, q, g;<a name="l00166"></a>00166 <a name="l00167"></a>00167 <span class="keywordflow">if</span> (alg.<a class="code" href="class_name_value_pairs.html#96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"Modulus"</span>, p) && alg.<a class="code" href="class_name_value_pairs.html#96686e9f8d6ce3ab870e516fb72b608e" title="get a named value, returns true if the name exists">GetValue</a>(<span class="stringliteral">"SubgroupGenerator"</span>, g))<a name="l00168"></a>00168 {<a name="l00169"></a>00169 q = alg.<a class="code" href="class_name_value_pairs.html#943b2009297783f1c35bae46efc3b5f7" title="get a named value, returns the default if the name doesn't exist">GetValueWithDefault</a>(<span class="stringliteral">"SubgroupOrder"</span>, <a class="code" href="class_d_l___group_parameters___integer_based.html#05c2b65749d0357845599a7d434e3903">ComputeGroupOrder</a>(p)/2);<a name="l00170"></a>00170 }<a name="l00171"></a>00171 <span class="keywordflow">else</span><a name="l00172"></a>00172 {<a name="l00173"></a>00173 <span class="keywordtype">int</span> modulusSize, subgroupOrderSize;<a name="l00174"></a>00174 <a name="l00175"></a>00175 <span class="keywordflow">if</span> (!alg.<a class="code" href="class_name_value_pairs.html#39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"ModulusSize"</span>, modulusSize))<a name="l00176"></a>00176 modulusSize = alg.<a class="code" href="class_name_value_pairs.html#7ddb654b7afcd1a04422a7b4b01366d9" title="get a named value with type int, with default">GetIntValueWithDefault</a>(<span class="stringliteral">"KeySize"</span>, 2048);<a name="l00177"></a>00177 <a name="l00178"></a>00178 <span class="keywordflow">if</span> (!alg.<a class="code" href="class_name_value_pairs.html#39b6daefcabcdd07f5ae482a075e1728" title="get a named value with type int">GetIntValue</a>(<span class="stringliteral">"SubgroupOrderSize"</span>, subgroupOrderSize))<a name="l00179"></a>00179 subgroupOrderSize = <a class="code" href="class_d_l___group_parameters___integer_based.html#91dcd7ec2cad65152b863522144351bd">GetDefaultSubgroupOrderSize</a>(modulusSize);<a name="l00180"></a>00180 <a name="l00181"></a>00181 <a class="code" href="class_prime_and_generator.html" title="generator of prime numbers of special forms">PrimeAndGenerator</a> pg;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -