cryptlib.h

Go to the documentation of this file.
00001 // cryptlib.h - written and placed in the public domain by Wei Dai
00002 /*! \file
00003         This file contains the declarations for the abstract base
00004         classes that provide a uniform interface to this library.
00005 */
00006 
00007 /*!     \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>&reg;</small></sup> Library 5.3 Reference Manual
00008 <dl>
00009 <dt>Abstract Base Classes<dd>
00010         cryptlib.h
00011 <dt>Symmetric Ciphers<dd>
00012         SymmetricCipherDocumentation
00013 <dt>Hash Functions<dd>
00014         HAVAL, MD2, MD4, MD5, PanamaHash, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, SHA1, SHA224, SHA256, SHA384, SHA512, Tiger, Whirlpool
00015 <dt>Non-Cryptographic Checksums<dd>
00016         CRC32, Adler32
00017 <dt>Message Authentication Codes<dd>
00018         #MD5MAC, XMACC, HMAC, CBC_MAC, DMAC, PanamaMAC, TTMAC
00019 <dt>Random Number Generators<dd>
00020         NullRNG(), LC_RNG, RandomPool, BlockingRng, NonblockingRng, AutoSeededRandomPool, AutoSeededX917RNG
00021 <dt>Password-based Cryptography<dd>
00022         PasswordBasedKeyDerivationFunction
00023 <dt>Public Key Cryptosystems<dd>
00024         DLIES, ECIES, LUCES, RSAES, RabinES, LUC_IES
00025 <dt>Public Key Signature Schemes<dd>
00026         DSA, GDSA, ECDSA, NR, ECNR, LUCSS, RSASS, RSASS_ISO, RabinSS, RWSS, ESIGN
00027 <dt>Key Agreement<dd>
00028         #DH, DH2, #MQV, ECDH, ECMQV, XTR_DH
00029 <dt>Algebraic Structures<dd>
00030         Integer, PolynomialMod2, PolynomialOver, RingOfPolynomialsOver,
00031         ModularArithmetic, MontgomeryRepresentation, GFP2_ONB,
00032         GF2NP, GF256, GF2_32, EC2N, ECP
00033 <dt>Secret Sharing and Information Dispersal<dd>
00034         SecretSharing, SecretRecovery, InformationDispersal, InformationRecovery
00035 <dt>Compression<dd>
00036         Deflator, Inflator, Gzip, Gunzip, ZlibCompressor, ZlibDecompressor
00037 <dt>Input Source Classes<dd>
00038         StringSource, FileSource, SocketSource, WindowsPipeSource, RandomNumberSource
00039 <dt>Output Sink Classes<dd>
00040         StringSinkTemplate, ArraySink, FileSink, SocketSink, WindowsPipeSink
00041 <dt>Filter Wrappers<dd>
00042         StreamTransformationFilter, HashFilter, HashVerificationFilter, SignerFilter, SignatureVerificationFilter
00043 <dt>Binary to Text Encoders and Decoders<dd>
00044         HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base32Encoder, Base32Decoder
00045 <dt>Wrappers for OS features<dd>
00046         Timer, Socket, WindowsHandle, ThreadLocalStorage, ThreadUserTimer
00047 <dt>FIPS 140 related<dd>
00048         fips140.h
00049 </dl>
00050 
00051 In the FIPS 140-2 validated DLL version of Crypto++, only the following implementation class are available.
00052 <dl>
00053 <dt>Block Ciphers<dd>
00054         AES, DES_EDE2, DES_EDE3, SKIPJACK
00055 <dt>Cipher Modes (replace template parameter BC with one of the block ciphers above)<dd>
00056         ECB_Mode<BC>, CTR_Mode<BC>, CBC_Mode<BC>, CFB_FIPS_Mode<BC>, OFB_Mode<BC>
00057 <dt>Hash Functions<dd>
00058         SHA1, SHA224, SHA256, SHA384, SHA512
00059 <dt>Public Key Signature Schemes (replace template parameter H with one of the hash functions above)<dd>
00060         RSASS<PKCS1v15, H>, RSASS<PSS, H>, RSASS_ISO<H>, RWSS<P1363_EMSA2, H>, DSA, ECDSA<ECP, H>, ECDSA<EC2N, H>
00061 <dt>Message Authentication Codes (replace template parameter H with one of the hash functions above)<dd>
00062         HMAC<H>, CBC_MAC<DES_EDE2>, CBC_MAC<DES_EDE3>
00063 <dt>Random Number Generators<dd>
00064         AutoSeededX917RNG<DES_EDE3>
00065 <dt>Key Agreement<dd>
00066         #DH
00067 <dt>Public Key Cryptosystems<dd>
00068         RSAES<OAEP<SHA1> >
00069 </dl>
00070 
00071 <p>This reference manual is a work in progress. Some classes are still lacking detailed descriptions.
00072 <p>Click <a href="CryptoPPRef.zip">here</a> to download a zip archive containing this manual.
00073 <p>Thanks to Ryan Phillips for providing the Doxygen configuration file
00074 and getting me started with this manual.
00075 */
00076 
00077 #ifndef CRYPTOPP_CRYPTLIB_H
00078 #define CRYPTOPP_CRYPTLIB_H
00079 
00080 #include "config.h"
00081 #include "stdcpp.h"
00082 
00083 NAMESPACE_BEGIN(CryptoPP)
00084 
00085 // forward declarations
00086 class Integer;
00087 
00088 //! used to specify a direction for a cipher to operate in (encrypt or decrypt)
00089 enum CipherDir {ENCRYPTION,     DECRYPTION};
00090 
00091 //! used to represent infinite time
00092 const unsigned long INFINITE_TIME = ULONG_MAX;
00093 
00094 // VC60 workaround: using enums as template parameters causes problems
00095 template <typename ENUM_TYPE, int VALUE>
00096 struct EnumToType
00097 {
00098         static ENUM_TYPE ToEnum() {return (ENUM_TYPE)VALUE;}
00099 };
00100 
00101 enum ByteOrder {LITTLE_ENDIAN_ORDER = 0, BIG_ENDIAN_ORDER = 1};
00102 typedef EnumToType<ByteOrder, LITTLE_ENDIAN_ORDER> LittleEndian;
00103 typedef EnumToType<ByteOrder, BIG_ENDIAN_ORDER> BigEndian;
00104 
00105 //! base class for all exceptions thrown by Crypto++
00106 class CRYPTOPP_DLL Exception : public std::exception
00107 {
00108 public:
00109         //! error types
00110         enum ErrorType {
00111                 //! a method is not implemented
00112                 NOT_IMPLEMENTED,
00113                 //! invalid function argument
00114                 INVALID_ARGUMENT,
00115                 //! BufferedTransformation received a Flush(true) signal but can't flush buffers
00116                 CANNOT_FLUSH,
00117                 //! data integerity check (such as CRC or MAC) failed
00118                 DATA_INTEGRITY_CHECK_FAILED,
00119                 //! received input data that doesn't conform to expected format
00120                 INVALID_DATA_FORMAT,
00121                 //! error reading from input device or writing to output device
00122                 IO_ERROR,
00123                 //! some error not belong to any of the above categories
00124                 OTHER_ERROR
00125         };
00126 
00127         explicit Exception(ErrorType errorType, const std::string &s) : m_errorType(errorType), m_what(s) {}
00128         virtual ~Exception() throw() {}
00129         const char *what() const throw() {return (m_what.c_str());}
00130         const std::string &GetWhat() const {return m_what;}
00131         void SetWhat(const std::string &s) {m_what = s;}
00132         ErrorType GetErrorType() const {return m_errorType;}
00133         void SetErrorType(ErrorType errorType) {m_errorType = errorType;}
00134 
00135 private:
00136         ErrorType m_errorType;
00137         std::string m_what;
00138 };
00139 
00140 //! exception thrown when an invalid argument is detected
00141 class CRYPTOPP_DLL InvalidArgument : public Exception
00142 {
00143 public:
00144         explicit InvalidArgument(const std::string &s) : Exception(INVALID_ARGUMENT, s) {}
00145 };
00146 
00147 //! exception thrown when input data is received that doesn't conform to expected format
00148 class CRYPTOPP_DLL InvalidDataFormat : public Exception
00149 {
00150 public:
00151         explicit InvalidDataFormat(const std::string &s) : Exception(INVALID_DATA_FORMAT, s) {}
00152 };
00153 
00154 //! exception thrown by decryption filters when trying to decrypt an invalid ciphertext
00155 class CRYPTOPP_DLL InvalidCiphertext : public InvalidDataFormat
00156 {
00157 public:
00158         explicit InvalidCiphertext(const std::string &s) : InvalidDataFormat(s) {}
00159 };
00160 
00161 //! exception thrown by a class if a non-implemented method is called
00162 class CRYPTOPP_DLL NotImplemented : public Exception
00163 {
00164 public:
00165         explicit NotImplemented(const std::string &s) : Exception(NOT_IMPLEMENTED, s) {}
00166 };
00167 
00168 //! exception thrown by a class when Flush(true) is called but it can't completely flush its buffers
00169 class CRYPTOPP_DLL CannotFlush : public Exception
00170 {
00171 public:
00172         explicit CannotFlush(const std::string &s) : Exception(CANNOT_FLUSH, s) {}
00173 };
00174 
00175 //! error reported by the operating system
00176 class CRYPTOPP_DLL OS_Error : public Exception
00177 {
00178 public:
00179         OS_Error(ErrorType errorType, const std::string &s, const std::string& operation, int errorCode)
00180                 : Exception(errorType, s), m_operation(operation), m_errorCode(errorCode) {}
00181         ~OS_Error() throw() {}
00182 
00183         // the operating system API that reported the error
00184         const std::string & GetOperation() const {return m_operation;}
00185         // the error code return by the operating system
00186         int GetErrorCode() const {return m_errorCode;}
00187 
00188 protected:
00189         std::string m_operation;
00190         int m_errorCode;
00191 };
00192 
00193 //! used to return decoding results
00194 struct CRYPTOPP_DLL DecodingResult
00195 {
00196         explicit DecodingResult() : isValidCoding(false), messageLength(0) {}
00197         explicit DecodingResult(size_t len) : isValidCoding(true), messageLength(len) {}
00198 
00199         bool operator==(const DecodingResult &rhs) const {return isValidCoding == rhs.isValidCoding && messageLength == rhs.messageLength;}
00200         bool operator!=(const DecodingResult &rhs) const {return !operator==(rhs);}
00201 
00202         bool isValidCoding;
00203         size_t messageLength;
00204 
00205 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00206         operator size_t() const {return isValidCoding ? messageLength : 0;}
00207 #endif
00208 };
00209 
00210 //! interface for retrieving values given their names
00211 /*! \note This class is used to safely pass a variable number of arbitrarily typed arguments to functions
00212         and to read values from keys and crypto parameters.
00213         \note To obtain an object that implements NameValuePairs for the purpose of parameter
00214         passing, use the MakeParameters() function.
00215         \note To get a value from NameValuePairs, you need to know the name and the type of the value. 
00216         Call GetValueNames() on a NameValuePairs object to obtain a list of value names that it supports.
00217         Then look at the Name namespace documentation to see what the type of each value is, or
00218         alternatively, call GetIntValue() with the value name, and if the type is not int, a
00219         ValueTypeMismatch exception will be thrown and you can get the actual type from the exception object.
00220 */
00221 class CRYPTOPP_NO_VTABLE NameValuePairs
00222 {
00223 public:
00224         virtual ~NameValuePairs() {}
00225 
00226         //! exception thrown when trying to retrieve a value using a different type than expected
00227         class CRYPTOPP_DLL ValueTypeMismatch : public InvalidArgument
00228         {
00229         public:
00230                 ValueTypeMismatch(const std::string &name, const std::type_info &stored, const std::type_info &retrieving)
00231                         : InvalidArgument("NameValuePairs: type mismatch for '" + name + "', stored '" + stored.name() + "', trying to retrieve '" + retrieving.name() + "'")
00232                         , m_stored(stored), m_retrieving(retrieving) {}
00233 
00234                 const std::type_info & GetStoredTypeInfo() const {return m_stored;}
00235                 const std::type_info & GetRetrievingTypeInfo() const {return m_retrieving;}
00236 
00237         private:
00238                 const std::type_info &m_stored;
00239                 const std::type_info &m_retrieving;
00240         };
00241 
00242         //! get a copy of this object or a subobject of it
00243         template <class T>
00244         bool GetThisObject(T &object) const
00245         {
00246                 return GetValue((std::string("ThisObject:")+typeid(T).name()).c_str(), object);
00247         }
00248 
00249         //! get a pointer to this object, as a pointer to T
00250         template <class T>
00251         bool GetThisPointer(T *&p) const
00252         {
00253                 return GetValue((std::string("ThisPointer:")+typeid(T).name()).c_str(), p);
00254         }
00255 
00256         //! get a named value, returns true if the name exists
00257         template <class T>
00258         bool GetValue(const char *name, T &value) const
00259         {
00260                 return GetVoidValue(name, typeid(T), &value);
00261         }
00262 
00263         //! get a named value, returns the default if the name doesn't exist
00264         template <class T>
00265         T GetValueWithDefault(const char *name, T defaultValue) const
00266         {
00267                 GetValue(name, defaultValue);
00268                 return defaultValue;
00269         }
00270 
00271         //! get a list of value names that can be retrieved
00272         CRYPTOPP_DLL std::string GetValueNames() const
00273                 {std::string result; GetValue("ValueNames", result); return result;}
00274 
00275         //! get a named value with type int
00276         /*! used to ensure we don't accidentally try to get an unsigned int
00277                 or some other type when we mean int (which is the most common case) */
00278         CRYPTOPP_DLL bool GetIntValue(const char *name, int &value) const
00279                 {return GetValue(name, value);}
00280 
00281         //! get a named value with type int, with default
00282         CRYPTOPP_DLL int GetIntValueWithDefault(const char *name, int defaultValue) const
00283                 {return GetValueWithDefault(name, defaultValue);}
00284 
00285         //! used by derived classes to check for type mismatch
00286         CRYPTOPP_DLL static void CRYPTOPP_API ThrowIfTypeMismatch(const char *name, const std::type_info &stored, const std::type_info &retrieving)
00287                 {if (stored != retrieving) throw ValueTypeMismatch(name, stored, retrieving);}
00288 
00289         template <class T>
00290         void GetRequiredParameter(const char *className, const char *name, T &value) const
00291         {
00292                 if (!GetValue(name, value))
00293                         throw InvalidArgument(std::string(className) + ": missing required parameter '" + name + "'");
00294         }
00295 
00296         CRYPTOPP_DLL void GetRequiredIntParameter(const char *className, const char *name, int &value) const
00297         {
00298                 if (!GetIntValue(name, value))
00299                         throw InvalidArgument(std::string(className) + ": missing required parameter '" + name + "'");
00300         }
00301 
00302         //! to be implemented by derived classes, users should use one of the above functions instead
00303         CRYPTOPP_DLL virtual bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const =0;
00304 };
00305 
00306 //! namespace containing value name definitions
00307 /*!     value names, types and semantics:
00308 
00309         ThisObject:ClassName (ClassName, copy of this object or a subobject)
00310         ThisPointer:ClassName (const ClassName *, pointer to this object or a subobject)
00311 */
00312 DOCUMENTED_NAMESPACE_BEGIN(Name)
00313 // more names defined in argnames.h
00314 DOCUMENTED_NAMESPACE_END
00315 
00316 //! empty set of name-value pairs
00317 class CRYPTOPP_DLL NullNameValuePairs : public NameValuePairs
00318 {
00319 public:
00320         bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const {return false;}
00321 };
00322 
00323 //! _
00324 extern CRYPTOPP_DLL const NullNameValuePairs g_nullNameValuePairs;
00325 
00326 // ********************************************************
00327 
00328 //! interface for cloning objects, this is not implemented by most classes yet
00329 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Clonable
00330 {
00331 public:
00332         virtual ~Clonable() {}
00333         //! this is not implemented by most classes yet
00334         virtual Clonable* Clone() const {throw NotImplemented("Clone() is not implemented yet.");}      // TODO: make this =0
00335 };
00336 
00337 //! interface for all crypto algorithms
00338 
00339 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Algorithm : public Clonable
00340 {
00341 public:
00342         /*! When FIPS 140-2 compliance is enabled and checkSelfTestStatus == true,
00343                 this constructor throws SelfTestFailure if the self test hasn't been run or fails. */
00344         Algorithm(bool checkSelfTestStatus = true);
00345         //! returns name of this algorithm, not universally implemented yet
00346         virtual std::string AlgorithmName() const {return "unknown";}
00347 };
00348 
00349 //! keying interface for crypto algorithms that take byte strings as keys
00350 
00351 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyingInterface
00352 {
00353 public:
00354         //! returns smallest valid key length in bytes */
00355         virtual size_t MinKeyLength() const =0;
00356         //! returns largest valid key length in bytes */
00357         virtual size_t MaxKeyLength() const =0;
00358         //! returns default (recommended) key length in bytes */
00359         virtual size_t DefaultKeyLength() const =0;
00360 
00361         //! returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength())
00362         virtual size_t GetValidKeyLength(size_t n) const =0;
00363 
00364         //! returns whether n is a valid key length
00365         virtual bool IsValidKeyLength(size_t n) const
00366                 {return n == GetValidKeyLength(n);}
00367 
00368         //! set or reset the key of this object
00369         /*! \param params is used to specify Rounds, BlockSize, etc */
00370         virtual void SetKey(const byte *key, size_t length, const NameValuePairs &params = g_nullNameValuePairs) =0;
00371 
00372         //! calls SetKey() with an NameValuePairs object that just specifies "Rounds"
00373         void SetKeyWithRounds(const byte *key, size_t length, int rounds);
00374 
00375         //! calls SetKey() with an NameValuePairs object that just specifies "IV"
00376         void SetKeyWithIV(const byte *key, size_t length, const byte *iv);
00377 
00378         enum IV_Requirement {STRUCTURED_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV, NOT_RESYNCHRONIZABLE};
00379         //! returns the minimal requirement for secure IVs
00380         virtual IV_Requirement IVRequirement() const =0;
00381 
00382         //! returns whether this object can be resynchronized (i.e. supports initialization vectors)
00383         /*! If this function returns true, and no IV is passed to SetKey() and CanUseStructuredIVs()==true, an IV of all 0's will be assumed. */
00384         bool IsResynchronizable() const {return IVRequirement() < NOT_RESYNCHRONIZABLE;}
00385         //! returns whether this object can use random IVs (in addition to ones returned by GetNextIV)
00386         bool CanUseRandomIVs() const {return IVRequirement() <= UNPREDICTABLE_RANDOM_IV;}
00387         //! returns whether this object can use random but possibly predictable IVs (in addition to ones returned by GetNextIV)
00388         bool CanUsePredictableIVs() const {return IVRequirement() <= RANDOM_IV;}
00389         //! returns whether this object can use structured IVs, for example a counter (in addition to ones returned by GetNextIV)
00390         bool CanUseStructuredIVs() const {return IVRequirement() <= STRUCTURED_IV;}
00391 
00392         //! returns size of IVs used by this object
00393         virtual unsigned int IVSize() const {throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
00394         //! resynchronize with an IV
00395         virtual void Resynchronize(const byte *IV) {throw NotImplemented("SimpleKeyingInterface: this object doesn't support resynchronization");}
00396         //! get a secure IV for the next message
00397         /*! This method should be called after you finish encrypting one message and are ready to start the next one.
00398                 After calling it, you must call SetKey() or Resynchronize() before using this object again. 
00399                 This method is not implemented on decryption objects. */
00400         virtual void GetNextIV(byte *IV) {throw NotImplemented("SimpleKeyingInterface: this object doesn't support GetNextIV()");}
00401 
00402 protected:
00403         void ThrowIfInvalidKeyLength(const Algorithm &algorithm, size_t length);
00404         void ThrowIfResynchronizable();                 // to be called when no IV is passed
00405         void ThrowIfInvalidIV(const byte *iv);  // check for NULL IV if it can't be used
00406         const byte * GetIVAndThrowIfInvalid(const NameValuePairs &params);
00407 
00408         inline void AssertValidKeyLength(size_t length) const
00409         {
00410                 assert(IsValidKeyLength(length));
00411         }
00412 };
00413 
00414 //! interface for the data processing part of block ciphers
00415 
00416 /*! Classes derived from BlockTransformation are block ciphers
00417         in ECB mode (for example the DES::Encryption class), which are stateless,
00418         and they can make assumptions about the memory alignment of their inputs and outputs.
00419         These classes should not be used directly, but only in combination with
00420         a mode class (see CipherModeDocumentation in modes.h).
00421 */
00422 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE BlockTransformation : public Algorithm
00423 {
00424 public:
00425         //! encrypt or decrypt inBlock, xor with xorBlock, and write to outBlock
00426         virtual void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const =0;
00427 
00428         //! encrypt or decrypt one block
00429         /*! \pre size of inBlock and outBlock == BlockSize() */
00430         void ProcessBlock(const byte *inBlock, byte *outBlock) const
00431                 {ProcessAndXorBlock(inBlock, NULL, outBlock);}
00432 
00433         //! encrypt or decrypt one block in place
00434         void ProcessBlock(byte *inoutBlock) const
00435                 {ProcessAndXorBlock(inoutBlock, NULL, inoutBlock);}
00436 
00437         //! block size of the cipher in bytes
00438         virtual unsigned int BlockSize() const =0;
00439 
00440         //! block pointers must be divisible by this
00441         virtual unsigned int BlockAlignment() const {return 4;}
00442 
00443         //! returns true if this is a permutation (i.e. there is an inverse transformation)
00444         virtual bool IsPermutation() const {return true;}
00445 
00446         //! returns true if this is an encryption object
00447         virtual bool IsForwardTransformation() const =0;
00448 
00449         //! return number of blocks that can be processed in parallel, for bit-slicing implementations
00450         virtual unsigned int OptimalNumberOfParallelBlocks() const {return 1;}
00451 
00452         //! encrypt or decrypt multiple blocks, for bit-slicing implementations
00453         virtual void ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t numberOfBlocks) const;
00454 };
00455 
00456 //! interface for the data processing part of stream ciphers
00457 
00458 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE StreamTransformation : public Algorithm
00459 {
00460 public:
00461         //! return a reference to this object, 
00462         /*! This function is useful for passing a temporary StreamTransformation object to a 
00463                 function that takes a non-const reference. */
00464         StreamTransformation& Ref() {return *this;}
00465 
00466         //! returns block size, if input must be processed in blocks, otherwise 1
00467         virtual unsigned int MandatoryBlockSize() const {return 1;}
00468 
00469         //! returns the input block size that is most efficient for this cipher
00470         /*! \note optimal input length is n * OptimalBlockSize() - GetOptimalBlockSizeUsed() for any n > 0 */
00471         virtual unsigned int OptimalBlockSize() const {return MandatoryBlockSize();}
00472         //! returns how much of the current block is used up
00473         virtual unsigned int GetOptimalBlockSizeUsed() const {return 0;}
00474 
00475         //! returns how input should be aligned for optimal performance
00476         virtual unsigned int OptimalDataAlignment() const {return 1;}
00477 
00478         //! encrypt or decrypt an array of bytes of specified length
00479         /*! \note either inString == outString, or they don't overlap */
00480         virtual void ProcessData(byte *outString, const byte *inString, size_t length) =0;
00481 
00482         //! for ciphers where the last block of data is special, encrypt or decrypt the last block of data
00483         /*! For now the only use of this function is for CBC-CTS mode. */
00484         virtual void ProcessLastBlock(byte *outString, const byte *inString, size_t length);
00485         //! returns the minimum size of the last block, 0 indicating the last block is not special
00486         virtual unsigned int MinLastBlockSize() const {return 0;}
00487 
00488         //! same as ProcessData(inoutString, inoutString, length)
00489         inline void ProcessString(byte *inoutString, size_t length)
00490                 {ProcessData(inoutString, inoutString, length);}
00491         //! same as ProcessData(outString, inString, length)
00492         inline void ProcessString(byte *outString, const byte *inString, size_t length)
00493                 {ProcessData(outString, inString, length);}
00494         //! implemented as {ProcessData(&input, &input, 1); return input;}
00495         inline byte ProcessByte(byte input)
00496                 {ProcessData(&input, &input, 1); return input;}
00497 
00498         //! returns whether this cipher supports random access
00499         virtual bool IsRandomAccess() const =0;
00500         //! for random access ciphers, seek to an absolute position
00501         virtual void Seek(lword n)
00502         {
00503                 assert(!IsRandomAccess());
00504                 throw NotImplemented("StreamTransformation: this object doesn't support random access");
00505         }
00506 
00507         //! returns whether this transformation is self-inverting (e.g. xor with a keystream)
00508         virtual bool IsSelfInverting() const =0;
00509         //! returns whether this is an encryption object
00510         virtual bool IsForwardTransformation() const =0;
00511 };
00512 
00513 //! interface for hash functions and data processing part of MACs
00514 
00515 /*! HashTransformation objects are stateful.  They are created in an initial state,
00516         change state as Update() is called, and return to the initial
00517         state when Final() is called.  This interface allows a large message to
00518         be hashed in pieces by calling Update() on each piece followed by
00519         calling Final().
00520 */
00521 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE HashTransformation : public Algorithm
00522 {
00523 public:
00524         //! return a reference to this object, 
00525         /*! This function is useful for passing a temporary HashTransformation object to a 
00526                 function that takes a non-const reference. */
00527         HashTransformation& Ref() {return *this;}
00528 
00529         //! process more input
00530         virtual void Update(const byte *input, size_t length) =0;
00531 
00532         //! request space to write input into
00533         virtual byte * CreateUpdateSpace(size_t &size) {size=0; return NULL;}
00534 
00535         //! compute hash for current message, then restart for a new message
00536         /*!     \pre size of digest == DigestSize(). */
00537         virtual void Final(byte *digest)
00538                 {TruncatedFinal(digest, DigestSize());}
00539 
00540         //! discard the current state, and restart with a new message
00541         virtual void Restart()
00542                 {TruncatedFinal(NULL, 0);}
00543 
00544         //! size of the hash returned by Final()
00545         virtual unsigned int DigestSize() const =0;
00546 
00547         //! block size of underlying compression function, or 0 if not block based
00548         virtual unsigned int BlockSize() const {return 0;}
00549 
00550         //! input to Update() should have length a multiple of this for optimal speed
00551         virtual unsigned int OptimalBlockSize() const {return 1;}
00552 
00553         //! returns how input should be aligned for optimal performance
00554         virtual unsigned int OptimalDataAlignment() const {return 1;}
00555 
00556         //! use this if your input is in one piece and you don't want to call Update() and Final() separately
00557         virtual void CalculateDigest(byte *digest, const byte *input, size_t length)
00558                 {Update(input, length); Final(digest);}
00559 
00560         //! verify that digest is a valid digest for the current message, then reinitialize the object
00561         /*! Default implementation is to call Final() and do a bitwise comparison
00562                 between its output and digest. */
00563         virtual bool Verify(const byte *digest)
00564                 {return TruncatedVerify(digest, DigestSize());}
00565 
00566         //! use this if your input is in one piece and you don't want to call Update() and Verify() separately
00567         virtual bool VerifyDigest(const byte *digest, const byte *input, size_t length)
00568                 {Update(input, length); return Verify(digest);}
00569 
00570         //! truncated version of Final()
00571         virtual void TruncatedFinal(byte *digest, size_t digestSize) =0;
00572 
00573         //! truncated version of CalculateDigest()
00574         virtual void CalculateTruncatedDigest(byte *digest, size_t digestSize, const byte *input, size_t length)
00575                 {Update(input, length); TruncatedFinal(digest, digestSize);}
00576 
00577         //! truncated version of Verify()
00578         virtual bool TruncatedVerify(const byte *digest, size_t digestLength);
00579 
00580         //! truncated version of VerifyDigest()
00581         virtual bool VerifyTruncatedDigest(const byte *digest, size_t digestLength, const byte *input, size_t length)
00582                 {Update(input, length); return TruncatedVerify(digest, digestLength);}
00583 
00584 protected:
00585         void ThrowIfInvalidTruncatedSize(size_t size) const;
00586 };
00587 
00588 typedef HashTransformation HashFunction;
00589 
00590 template <class T>
00591 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyedTransformation : public T, public SimpleKeyingInterface
00592 {
00593 public:
00594         void ThrowIfInvalidKeyLength(size_t length)
00595                 {SimpleKeyingInterface::ThrowIfInvalidKeyLength(*this, length);}
00596 };
00597 
00598 #ifdef CRYPTOPP_DOXYGEN_PROCESSING
00599 //! interface for one direction (encryption or decryption) of a block cipher
00600 /*! \note These objects usually should not be used directly. See BlockTransformation for more details. */
00601 class BlockCipher : public BlockTransformation, public SimpleKeyingInterface {};
00602 //! interface for one direction (encryption or decryption) of a stream cipher or cipher mode
00603 class SymmetricCipher : public StreamTransformation, public SimpleKeyingInterface {};
00604 //! interface for message authentication codes
00605 class MessageAuthenticationCode : public HashTransformation, public SimpleKeyingInterface {};
00606 #else
00607 typedef SimpleKeyedTransformation<BlockTransformation> BlockCipher;
00608 typedef SimpleKeyedTransformation<StreamTransformation> SymmetricCipher;
00609 typedef SimpleKeyedTransformation<HashTransformation> MessageAuthenticationCode;
00610 #endif
00611 
00612 CRYPTOPP_DLL_TEMPLATE_CLASS SimpleKeyedTransformation<BlockTransformation>;
00613 CRYPTOPP_DLL_TEMPLATE_CLASS SimpleKeyedTransformation<StreamTransformation>;
00614 CRYPTOPP_DLL_TEMPLATE_CLASS SimpleKeyedTransformation<HashTransformation>;
00615 
00616 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00617 typedef SymmetricCipher StreamCipher;
00618 #endif
00619 
00620 //! interface for random number generators
00621 /*! All return values are uniformly distributed over the range specified.
00622 */
00623 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomNumberGenerator : public Algorithm
00624 {
00625 public:
00626         //! generate new random byte and return it
00627         virtual byte GenerateByte() =0;
00628 
00629         //! generate new random bit and return it
00630         /*! Default implementation is to call GenerateByte() and return its parity. */
00631         virtual unsigned int GenerateBit();
00632 
00633         //! generate a random 32 bit word in the range min to max, inclusive
00634         virtual word32 GenerateWord32(word32 a=0, word32 b=0xffffffffL);
00635 
00636         //! generate random array of bytes
00637         /*! Default implementation is to call GenerateByte() size times. */
00638         virtual void GenerateBlock(byte *output, size_t size);
00639 
00640         //! generate and discard n bytes
00641         /*! Default implementation is to call GenerateByte() n times. */
00642         virtual void DiscardBytes(size_t n);
00643 
00644         //! randomly shuffle the specified array, resulting permutation is uniformly distributed
00645         template <class IT> void Shuffle(IT begin, IT end)
00646         {
00647                 for (; begin != end; ++begin)
00648                         std::iter_swap(begin, begin + GenerateWord32(0, end-begin-1));
00649         }
00650 
00651 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00652         byte GetByte() {return GenerateByte();}
00653         unsigned int GetBit() {return GenerateBit();}
00654         word32 GetLong(word32 a=0, word32 b=0xffffffffL) {return GenerateWord32(a, b);}
00655         word16 GetShort(word16 a=0, word16 b=0xffff) {return (word16)GenerateWord32(a, b);}
00656         void GetBlock(byte *output, size_t size) {GenerateBlock(output, size);}
00657 #endif
00658 };
00659 
00660 //! returns a reference that can be passed to functions that ask for a RNG but doesn't actually use it
00661 CRYPTOPP_DLL RandomNumberGenerator & CRYPTOPP_API NullRNG();
00662 
00663 class WaitObjectContainer;
00664 class CallStack;
00665 
00666 //! interface for objects that you can wait for
00667 
00668 class CRYPTOPP_NO_VTABLE Waitable
00669 {
00670 public:
00671         //! maximum number of wait objects that this object can return
00672         virtual unsigned int GetMaxWaitObjectCount() const =0;
00673         //! put wait objects into container
00674         /*! \param callStack is used for tracing no wait loops, example:
00675                      something.GetWaitObjects(c, CallStack("my func after X", 0));
00676                            - or in an outer GetWaitObjects() method that itself takes a callStack parameter:
00677                              innerThing.GetWaitObjects(c, CallStack("MyClass::GetWaitObjects at X", &callStack)); */
00678         virtual void GetWaitObjects(WaitObjectContainer &container, CallStack const& callStack) =0;
00679         //! wait on this object
00680         /*! same as creating an empty container, calling GetWaitObjects(), and calling Wait() on the container */
00681         bool Wait(unsigned long milliseconds, CallStack const& callStack);
00682 };
00683 
00684 //! interface for buffered transformations
00685 
00686 /*! BufferedTransformation is a generalization of BlockTransformation,
00687         StreamTransformation, and HashTransformation.
00688 
00689         A buffered transformation is an object that takes a stream of bytes
00690         as input (this may be done in stages), does some computation on them, and
00691         then places the result into an internal buffer for later retrieval.  Any
00692         partial result already in the output buffer is not modified by further
00693         input.
00694 
00695         If a method takes a "blocking" parameter, and you
00696         pass "false" for it, the method will return before all input has been processed if
00697         the input cannot be processed without waiting (for network buffers to become available, for example).
00698         In this case the method will return true
00699         or a non-zero integer value. When this happens you must continue to call the method with the same
00700         parameters until it returns false or zero, before calling any other method on it or
00701         attached BufferedTransformation. The integer return value in this case is approximately
00702         the number of bytes left to be processed, and can be used to implement a progress bar.
00703 
00704         For functions that take a "propagation" parameter, propagation != 0 means pass on the signal to attached
00705         BufferedTransformation objects, with propagation decremented at each step until it reaches 0.
00706         -1 means unlimited propagation.
00707 
00708         \nosubgrouping
00709 */
00710 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE BufferedTransformation : public Algorithm, public Waitable
00711 {
00712 public:
00713         // placed up here for CW8
00714         static const std::string NULL_CHANNEL;  // the empty string ""
00715 
00716         BufferedTransformation() : Algorithm(false) {}
00717 
00718         //! return a reference to this object
00719         /*! This function is useful for passing a temporary BufferedTransformation object to a 
00720                 function that takes a non-const reference. */
00721         BufferedTransformation& Ref() {return *this;}
00722 
00723         //!     \name INPUT
00724         //@{
00725                 //! input a byte for processing
00726                 size_t Put(byte inByte, bool blocking=true)
00727                         {return Put(&inByte, 1, blocking);}
00728                 //! input multiple bytes
00729                 size_t Put(const byte *inString, size_t length, bool blocking=true)
00730                         {return Put2(inString, length, 0, blocking);}
00731 
00732                 //! input a 16-bit word
00733                 size_t PutWord16(word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
00734                 //! input a 32-bit word
00735                 size_t PutWord32(word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
00736 
00737                 //! request space which can be written into by the caller, and then used as input to Put()
00738                 /*! \param size is requested size (as a hint) for input, and size of the returned space for output */
00739                 /*! \note The purpose of this method is to help avoid doing extra memory allocations. */
00740                 virtual byte * CreatePutSpace(size_t &size) {size=0; return NULL;}
00741 
00742                 virtual bool CanModifyInput() const {return false;}
00743 
00744                 //! input multiple bytes that may be modified by callee
00745                 size_t PutModifiable(byte *inString, size_t length, bool blocking=true)
00746                         {return PutModifiable2(inString, length, 0, blocking);}
00747 
00748                 bool MessageEnd(int propagation=-1, bool blocking=true)
00749                         {return !!Put2(NULL, 0, propagation < 0 ? -1 : propagation+1, blocking);}
00750                 size_t PutMessageEnd(const byte *inString, size_t length, int propagation=-1, bool blocking=true)
00751                         {return Put2(inString, length, propagation < 0 ? -1 : propagation+1, blocking);}
00752 
00753                 //! input multiple bytes for blocking or non-blocking processing
00754                 /*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
00755                 virtual size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking) =0;
00756                 //! input multiple bytes that may be modified by callee for blocking or non-blocking processing
00757                 /*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
00758                 virtual size_t PutModifiable2(byte *inString, size_t length, int messageEnd, bool blocking)
00759                         {return Put2(inString, length, messageEnd, blocking);}
00760 
00761                 //! thrown by objects that have not implemented nonblocking input processing
00762                 struct BlockingInputOnly : public NotImplemented
00763                         {BlockingInputOnly(const std::string &s) : NotImplemented(s + ": Nonblocking input is not implemented by this object.") {}};
00764         //@}
00765 
00766         //!     \name WAITING
00767         //@{
00768                 unsigned int GetMaxWaitObjectCount() const;
00769                 void GetWaitObjects(WaitObjectContainer &container, CallStack const& callStack);
00770         //@}
00771 
00772         //!     \name SIGNALS
00773         //@{
00774                 virtual void IsolatedInitialize(const NameValuePairs &parameters) {throw NotImplemented("BufferedTransformation: this object can't be reinitialized");}
00775                 virtual bool IsolatedFlush(bool hardFlush, bool blocking) =0;
00776                 virtual bool IsolatedMessageSeriesEnd(bool blocking) {return false;}
00777 
00778                 //! initialize or reinitialize this object
00779                 virtual void Initialize(const NameValuePairs &parameters=g_nullNameValuePairs, int propagation=-1);
00780                 //! flush buffered input and/or output
00781                 /*! \param hardFlush is used to indicate whether all data should be flushed
00782                         \note Hard flushes must be used with care. It means try to process and output everything, even if
00783                         there may not be enough data to complete the action. For example, hard flushing a HexDecoder would
00784                         cause an error if you do it after inputing an odd number of hex encoded characters.
00785                         For some types of filters, for example ZlibDecompressor, hard flushes can only
00786                         be done at "synchronization points". These synchronization points are positions in the data
00787                         stream that are created by hard flushes on the corresponding reverse filters, in this
00788                         example ZlibCompressor. This is useful when zlib compressed data is moved across a
00789                         network in packets and compression state is preserved across packets, as in the ssh2 protocol.
00790                 */
00791                 virtual bool Flush(bool hardFlush, int propagation=-1, bool blocking=true);
00792                 //! mark end of a series of messages
00793                 /*! There should be a MessageEnd immediately before MessageSeriesEnd. */
00794                 virtual bool MessageSeriesEnd(int propagation=-1, bool blocking=true);
00795 
00796                 //! set propagation of automatically generated and transferred signals
00797                 /*! propagation == 0 means do not automaticly generate signals */
00798                 virtual void SetAutoSignalPropagation(int propagation) {}
00799 
00800                 //!
00801                 virtual int GetAutoSignalPropagation() const {return 0;}
00802 public:
00803 
00804 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00805                 void Close() {MessageEnd();}
00806 #endif
00807         //@}
00808 
00809         //!     \name RETRIEVAL OF ONE MESSAGE
00810         //@{
00811                 //! returns number of bytes that is currently ready for retrieval
00812                 /*! All retrieval functions return the actual number of bytes
00813                         retrieved, which is the lesser of the request number and
00814                         MaxRetrievable(). */
00815                 virtual lword MaxRetrievable() const;
00816 
00817                 //! returns whether any bytes are currently ready for retrieval
00818                 virtual bool AnyRetrievable() const;
00819 
00820                 //! try to retrieve a single byte
00821                 virtual size_t Get(byte &outByte);
00822                 //! try to retrieve multiple bytes
00823                 virtual size_t Get(byte *outString, size_t getMax);
00824 
00825                 //! peek at the next byte without removing it from the output buffer
00826                 virtual size_t Peek(byte &outByte) const;
00827                 //! peek at multiple bytes without removing them from the output buffer
00828                 virtual size_t Peek(byte *outString, size_t peekMax) const;
00829 
00830                 //! try to retrieve a 16-bit word
00831                 size_t GetWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER);
00832                 //! try to retrieve a 32-bit word
00833                 size_t GetWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER);
00834 
00835                 //! try to peek at a 16-bit word
00836                 size_t PeekWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
00837                 //! try to peek at a 32-bit word
00838                 size_t PeekWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
00839 
00840                 //! move transferMax bytes of the buffered output to target as input
00841                 lword TransferTo(BufferedTransformation &target, lword transferMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL)
00842                         {TransferTo2(target, transferMax, channel); return transferMax;}
00843 
00844                 //! discard skipMax bytes from the output buffer
00845                 virtual lword Skip(lword skipMax=LWORD_MAX);
00846 
00847                 //! copy copyMax bytes of the buffered output to target as input
00848                 lword CopyTo(BufferedTransformation &target, lword copyMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL) const
00849                         {return CopyRangeTo(target, 0, copyMax, channel);}
00850 
00851                 //! copy copyMax bytes of the buffered output, starting at position (relative to current position), to target as input
00852                 lword CopyRangeTo(BufferedTransformation &target, lword position, lword copyMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL) const
00853                         {lword i = position; CopyRangeTo2(target, i, i+copyMax, channel); return i-position;}
00854 
00855 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
00856                 unsigned long MaxRetrieveable() const {return MaxRetrievable();}
00857 #endif
00858         //@}
00859 
00860         //!     \name RETRIEVAL OF MULTIPLE MESSAGES
00861         //@{
00862                 //!
00863                 virtual lword TotalBytesRetrievable() const;
00864                 //! number of times MessageEnd() has been received minus messages retrieved or skipped
00865                 virtual unsigned int NumberOfMessages() const;
00866                 //! returns true if NumberOfMessages() > 0
00867                 virtual bool AnyMessages() const;
00868                 //! start retrieving the next message
00869                 /*!
00870                         Returns false if no more messages exist or this message 
00871                         is not completely retrieved.
00872                 */
00873                 virtual bool GetNextMessage();
00874                 //! skip count number of messages
00875                 virtual unsigned int SkipMessages(unsigned int count=UINT_MAX);
00876                 //!
00877                 unsigned int TransferMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL)
00878                         {TransferMessagesTo2(target, count, channel); return count;}
00879                 //!
00880                 unsigned int CopyMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL) const;
00881 
00882                 //!
00883                 virtual void SkipAll();
00884                 //!
00885                 void TransferAllTo(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL)
00886                         {TransferAllTo2(target, channel);}
00887                 //!
00888                 void CopyAllTo(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL) const;
00889 
00890                 virtual bool GetNextMessageSeries() {return false;}
00891                 virtual unsigned int NumberOfMessagesInThisSeries() const {return NumberOfMessages();}
00892                 virtual unsigned int NumberOfMessageSeries() const {return 0;}
00893         //@}
00894 
00895         //!     \name NON-BLOCKING TRANSFER OF OUTPUT
00896         //@{
00897                 //! upon return, byteCount contains number of bytes that have finished being transfered, and returns the number of bytes left in the current transfer block
00898                 virtual size_t TransferTo2(BufferedTransformation &target, lword &byteCount, const std::string &channel=NULL_CHANNEL, bool blocking=true) =0;
00899                 //! upon return, begin contains the start position of data yet to be finished copying, and returns the number of bytes left in the current transfer block
00900                 virtual size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const =0;
00901                 //! upon return, messageCount contains number of messages that have finished being transfered, and returns the number of bytes left in the current transfer block
00902                 size_t TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel=NULL_CHANNEL, bool blocking=true);
00903                 //! returns the number of bytes left in the current transfer block
00904                 size_t TransferAllTo2(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL, bool blocking=true);
00905         //@}
00906 
00907         //!     \name CHANNELS
00908         //@{
00909                 struct NoChannelSupport : public NotImplemented
00910                         {NoChannelSupport() : NotImplemented("BufferedTransformation: this object doesn't support multiple channels") {}};
00911 
00912                 size_t ChannelPut(const std::string &channel, byte inByte, bool blocking=true)
00913                         {return ChannelPut(channel, &inByte, 1, blocking);}
00914                 size_t ChannelPut(const std::string &channel, const byte *inString, size_t length, bool blocking=true)
00915                         {return ChannelPut2(channel, inString, length, 0, blocking);}
00916 
00917                 size_t ChannelPutModifiable(const std::string &channel, byte *inString, size_t length, bool blocking=true)
00918                         {return ChannelPutModifiable2(channel, inString, length, 0, blocking);}
00919 
00920                 size_t ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
00921                 size_t ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
00922 
00923                 bool ChannelMessageEnd(const std::string &channel, int propagation=-1, bool blocking=true)
00924                         {return !!ChannelPut2(channel, NULL, 0, propagation < 0 ? -1 : propagation+1, blocking);}
00925                 size_t ChannelPutMessageEnd(const std::string &channel, const byte *inString, size_t length, int propagation=-1, bool blocking=true)
00926                         {return ChannelPut2(channel, inString, length, propagation < 0 ? -1 : propagation+1, blocking);}
00927 
00928                 virtual byte * ChannelCreatePutSpace(const std::string &channel, size_t &size);
00929 
00930                 virtual size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking);
00931                 virtual size_t ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking);
00932 
00933                 virtual bool ChannelFlush(const std::string &channel, bool hardFlush, int propagation=-1, bool blocking=true);
00934                 virtual bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true);
00935 
00936                 virtual void SetRetrievalChannel(const std::string &channel);
00937         //@}
00938 
00939         //!     \name ATTACHMENT
00940         /*! Some BufferedTransformation objects (e.g. Filter objects)
00941                 allow other BufferedTransformation objects to be attached. When
00942                 this is done, the first object instead of buffering its output,
00943                 sents that output to the attached object as input. The entire
00944                 attachment chain is deleted when the anchor object is destructed.
00945         */
00946         //@{
00947                 //! returns whether this object allows attachment
00948                 virtual bool Attachable() {return false;}
00949                 //! returns the object immediately attached to this object or NULL for no attachment
00950                 virtual BufferedTransformation *AttachedTransformation() {assert(!Attachable()); return 0;}
00951                 //!
00952                 virtual const BufferedTransformation *AttachedTransformation() const
00953                         {return const_cast<BufferedTransformation *>(this)->AttachedTransformation();}
00954                 //! delete the current attachment chain and replace it with newAttachment
00955                 virtual void Detach(BufferedTransformation *newAttachment = 0)
00956                         {assert(!Attachable()); throw NotImplemented("BufferedTransformation: this object is not attachable");}
00957                 //! add newAttachment to the end of attachment chain
00958                 virtual void Attach(BufferedTransformation *newAttachment);
00959         //@}
00960 
00961 protected:
00962         static int DecrementPropagation(int propagation)
00963                 {return propagation != 0 ? propagation - 1 : 0;}
00964 
00965 private:
00966         byte m_buf[4];  // for ChannelPutWord16 and ChannelPutWord32, to ensure buffer isn't deallocated before non-blocking operation completes
00967 };
00968 
00969 //! returns a reference to a BufferedTransformation object that discards all input
00970 BufferedTransformation & TheBitBucket();
00971 
00972 //! interface for crypto material, such as public and private keys, and crypto parameters
00973 
00974 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CryptoMaterial : public NameValuePairs
00975 {
00976 public:
00977         //! exception thrown when invalid crypto material is detected
00978         class CRYPTOPP_DLL InvalidMaterial : public InvalidDataFormat
00979         {
00980         public:
00981                 explicit InvalidMaterial(const std::string &s) : InvalidDataFormat(s) {}
00982         };
00983 
00984         //! assign values from source to this object
00985         /*! \note This function can be used to create a public key from a private key. */
00986         virtual void AssignFrom(const NameValuePairs &source) =0;
00987 
00988         //! check this object for errors
00989         /*! \param level denotes the level of thoroughness:
00990                 0 - using this object won't cause a crash or exception (rng is ignored)
00991                 1 - this object will probably function (encrypt, sign, etc.) correctly (but may not check for weak keys and such)
00992                 2 - make sure this object will function correctly, and do reasonable security checks
00993                 3 - do checks that may take a long time
00994                 \return true if the tests pass */
00995         virtual bool Validate(RandomNumberGenerator &rng, unsigned int level) const =0;
00996 
00997         //! throws InvalidMaterial if this object fails Validate() test
00998         virtual void ThrowIfInvalid(RandomNumberGenerator &rng, unsigned int level) const
00999                 {if (!Validate(rng, level)) throw InvalidMaterial("CryptoMaterial: this object contains invalid values");}
01000 
01001 //      virtual std::vector<std::string> GetSupportedFormats(bool includeSaveOnly=false, bool includeLoadOnly=false);
01002 
01003         //! save key into a BufferedTransformation
01004         virtual void Save(BufferedTransformation &bt) const
01005                 {throw NotImplemented("CryptoMaterial: this object does not support saving");}
01006 
01007         //! load key from a BufferedTransformation
01008         /*! \throws KeyingErr if decode fails
01009                 \note Generally does not check that the key is valid.
01010                         Call ValidateKey() or ThrowIfInvalidKey() to check that. */
01011         virtual void Load(BufferedTransformation &bt)
01012                 {throw NotImplemented("CryptoMaterial: this object does not support loading");}
01013 
01014         //! \return whether this object supports precomputation
01015         virtual bool SupportsPrecomputation() const {return false;}
01016         //! do precomputation
01017         /*! The exact semantics of Precompute() is varies, but
01018                 typically it means calculate a table of n objects
01019                 that can be used later to speed up computation. */
01020         virtual void Precompute(unsigned int n)
01021                 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
01022         //! retrieve previously saved precomputation
01023         virtual void LoadPrecomputation(BufferedTransformation &storedPrecomputation)
01024                 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
01025         //! save precomputation for later use
01026         virtual void SavePrecomputation(BufferedTransformation &storedPrecomputation) const
01027                 {assert(!SupportsPrecomputation()); throw NotImplemented("CryptoMaterial: this object does not support precomputation");}
01028 
01029         // for internal library use
01030         void DoQuickSanityCheck() const {ThrowIfInvalid(NullRNG(), 0);}
01031 };
01032 
01033 //! interface for generatable crypto material, such as private keys and crypto parameters
01034 
01035 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE GeneratableCryptoMaterial : virtual public CryptoMaterial
01036 {
01037 public:
01038         //! generate a random key or crypto parameters
01039         /*! \throws KeyingErr if algorithm parameters are invalid, or if a key can't be generated
01040                 (e.g., if this is a public key object) */
01041         virtual void GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &params = g_nullNameValuePairs)
01042                 {throw NotImplemented("GeneratableCryptoMaterial: this object does not support key/parameter generation");}
01043 
01044         //! calls the above function with a NameValuePairs object that just specifies "KeySize"
01045         void GenerateRandomWithKeySize(RandomNumberGenerator &rng, unsigned int keySize);
01046 };
01047 
01048 //! interface for public keys
01049 
01050 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PublicKey : virtual public CryptoMaterial
01051 {
01052 };
01053 
01054 //! interface for private keys
01055 
01056 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PrivateKey : public GeneratableCryptoMaterial
01057 {
01058 };
01059 
01060 //! interface for crypto prameters
01061 
01062 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CryptoParameters : public GeneratableCryptoMaterial
01063 {
01064 };
01065 
01066 //! interface for asymmetric algorithms
01067 
01068 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE AsymmetricAlgorithm : public Algorithm
01069 {
01070 public:
01071         //! returns a reference to the crypto material used by this object
01072         virtual CryptoMaterial & AccessMaterial() =0;
01073         //! returns a const reference to the crypto material used by this object
01074         virtual const CryptoMaterial & GetMaterial() const =0;
01075 
01076         //! for backwards compatibility, calls AccessMaterial().Load(bt)
01077         void BERDecode(BufferedTransformation &bt)
01078                 {AccessMaterial().Load(bt);}
01079         //! for backwards compatibility, calls GetMaterial().Save(bt)
01080         void DEREncode(BufferedTransformation &bt) const
01081                 {GetMaterial().Save(bt);}
01082 };
01083 
01084 //! interface for asymmetric algorithms using public keys
01085 
01086 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PublicKeyAlgorithm : public AsymmetricAlgorithm
01087 {
01088 public:
01089         // VC60 workaround: no co-variant return type
01090         CryptoMaterial & AccessMaterial() {return AccessPublicKey();}
01091         const CryptoMaterial & GetMaterial() const {return GetPublicKey();}
01092 
01093         virtual PublicKey & AccessPublicKey() =0;
01094         virtual const PublicKey & GetPublicKey() const {return const_cast<PublicKeyAlgorithm *>(this)->AccessPublicKey();}
01095 };
01096 
01097 //! interface for asymmetric algorithms using private keys
01098 
01099 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PrivateKeyAlgorithm : public AsymmetricAlgorithm
01100 {
01101 public:
01102         CryptoMaterial & AccessMaterial() {return AccessPrivateKey();}
01103         const CryptoMaterial & GetMaterial() const {return GetPrivateKey();}
01104 
01105         virtual PrivateKey & AccessPrivateKey() =0;
01106         virtual const PrivateKey & GetPrivateKey() const {return const_cast<PrivateKeyAlgorithm *>(this)->AccessPrivateKey();}
01107 };
01108 
01109 //! interface for key agreement algorithms
01110 
01111 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE KeyAgreementAlgorithm : public AsymmetricAlgorithm
01112 {
01113 public:
01114         CryptoMaterial & AccessMaterial() {return AccessCryptoParameters();}
01115         const CryptoMaterial & GetMaterial() const {return GetCryptoParameters();}
01116 
01117         virtual CryptoParameters & AccessCryptoParameters() =0;
01118         virtual const CryptoParameters & GetCryptoParameters() const {return const_cast<KeyAgreementAlgorithm *>(this)->AccessCryptoParameters();}
01119 };
01120 
01121 //! interface for public-key encryptors and decryptors
01122 
01123 /*! This class provides an interface common to encryptors and decryptors
01124         for querying their plaintext and ciphertext lengths.
01125 */
01126 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_CryptoSystem
01127 {
01128 public:
01129         virtual ~PK_CryptoSystem() {}
01130 
01131         //! maximum length of plaintext for a given ciphertext length
01132         /*! \note This function returns 0 if ciphertextLength is not valid (too long or too short). */
01133         virtual size_t MaxPlaintextLength(size_t ciphertextLength) const =0;
01134 
01135         //! calculate length of ciphertext given length of plaintext
01136         /*! \note This function returns 0 if plaintextLength is not valid (too long). */
01137         virtual size_t CiphertextLength(size_t plaintextLength) const =0;
01138 
01139         //! this object supports the use of the parameter with the given name
01140         /*! some possible parameter names: EncodingParameters, KeyDerivationParameters */
01141         virtual bool ParameterSupported(const char *name) const =0;
01142 
01143         //! return fixed ciphertext length, if one exists, otherwise return 0
01144         /*! \note "Fixed" here means length of ciphertext does not depend on length of plaintext.
01145                 It usually does depend on the key length. */
01146         virtual size_t FixedCiphertextLength() const {return 0;}
01147 
01148         //! return maximum plaintext length given the fixed ciphertext length, if one exists, otherwise return 0
01149         virtual size_t FixedMaxPlaintextLength() const {return 0;}
01150 
01151 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
01152         size_t MaxPlainTextLength(size_t cipherTextLength) const {return MaxPlaintextLength(cipherTextLength);}
01153         size_t CipherTextLength(size_t plainTextLength) const {return CiphertextLength(plainTextLength);}
01154 #endif
01155 };
01156 
01157 //! interface for public-key encryptors
01158 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Encryptor : virtual public PK_CryptoSystem, public PublicKeyAlgorithm
01159 {
01160 public:
01161         //! exception thrown when trying to encrypt plaintext of invalid length
01162         class CRYPTOPP_DLL InvalidPlaintextLength : public Exception
01163         {
01164         public:
01165                 InvalidPlaintextLength() : Exception(OTHER_ERROR, "PK_Encryptor: invalid plaintext length") {}
01166         };
01167 
01168         //! encrypt a byte string
01169         /*! \pre CiphertextLength(plaintextLength) != 0 (i.e., plaintext isn't too long)
01170                 \pre size of ciphertext == CiphertextLength(plaintextLength)
01171         */
01172         virtual void Encrypt(RandomNumberGenerator &rng, 
01173                 const byte *plaintext, size_t plaintextLength, 
01174                 byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
01175 
01176         //! create a new encryption filter
01177         /*! \note The caller is responsible for deleting the returned pointer.
01178                 \note Encoding parameters should be passed in the "EP" channel.
01179         */
01180         virtual BufferedTransformation * CreateEncryptionFilter(RandomNumberGenerator &rng, 
01181                 BufferedTransformation *attachment=NULL, const NameValuePairs &parameters = g_nullNameValuePairs) const;
01182 };
01183 
01184 //! interface for public-key decryptors
01185 
01186 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Decryptor : virtual public PK_CryptoSystem, public PrivateKeyAlgorithm
01187 {
01188 public:
01189         //! decrypt a byte string, and return the length of plaintext
01190         /*! \pre size of plaintext == MaxPlaintextLength(ciphertextLength) bytes.
01191                 \return the actual length of the plaintext, indication that decryption failed.
01192         */
01193         virtual DecodingResult Decrypt(RandomNumberGenerator &rng, 
01194                 const byte *ciphertext, size_t ciphertextLength, 
01195                 byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
01196 
01197         //! create a new decryption filter
01198         /*! \note caller is responsible for deleting the returned pointer
01199         */
01200         virtual BufferedTransformation * CreateDecryptionFilter(RandomNumberGenerator &rng, 
01201                 BufferedTransformation *attachment=NULL, const NameValuePairs &parameters = g_nullNameValuePairs) const;
01202 
01203         //! decrypt a fixed size ciphertext
01204         DecodingResult FixedLengthDecrypt(RandomNumberGenerator &rng, const byte *ciphertext, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const
01205                 {return Decrypt(rng, ciphertext, FixedCiphertextLength(), plaintext, parameters);}
01206 };
01207 
01208 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
01209 typedef PK_CryptoSystem PK_FixedLengthCryptoSystem;
01210 typedef PK_Encryptor PK_FixedLengthEncryptor;
01211 typedef PK_Decryptor PK_FixedLengthDecryptor;
01212 #endif
01213 
01214 //! interface for public-key signers and verifiers
01215 
01216 /*! This class provides an interface common to signers and verifiers
01217         for querying scheme properties.
01218 */
01219 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_SignatureScheme
01220 {
01221 public:
01222         //! invalid key exception, may be thrown by any function in this class if the private or public key has a length that can't be used
01223         class CRYPTOPP_DLL InvalidKeyLength : public Exception
01224         {
01225         public:
01226                 InvalidKeyLength(const std::string &message) : Exception(OTHER_ERROR, message) {}
01227         };
01228 
01229         //! key too short exception, may be thrown by any function in this class if the private or public key is too short to sign or verify anything
01230         class CRYPTOPP_DLL KeyTooShort : public InvalidKeyLength
01231         {
01232         public:
01233                 KeyTooShort() : InvalidKeyLength("PK_Signer: key too short for this signature scheme") {}
01234         };
01235 
01236         virtual ~PK_SignatureScheme() {}
01237 
01238         //! signature length if it only depends on the key, otherwise 0
01239         virtual size_t SignatureLength() const =0;
01240 
01241         //! maximum signature length produced for a given length of recoverable message part
01242         virtual size_t MaxSignatureLength(size_t recoverablePartLength = 0) const {return SignatureLength();}
01243 
01244         //! length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery
01245         virtual size_t MaxRecoverableLength() const =0;
01246 
01247         //! length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery
01248         virtual size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const =0;
01249 
01250         //! requires a random number generator to sign
01251         /*! if this returns false, NullRNG() can be passed to functions that take RandomNumberGenerator & */
01252         virtual bool IsProbabilistic() const =0;
01253 
01254         //! whether or not a non-recoverable message part can be signed
01255         virtual bool AllowNonrecoverablePart() const =0;
01256 
01257         //! if this function returns true, during verification you must input the signature before the message, otherwise you can input it at anytime */
01258         virtual bool SignatureUpfront() const {return false;}
01259 
01260         //! whether you must input the recoverable part before the non-recoverable part during signing
01261         virtual bool RecoverablePartFirst() const =0;
01262 };
01263 
01264 //! interface for accumulating messages to be signed or verified
01265 /*! Only Update() should be called
01266         on this class. No other functions inherited from HashTransformation should be called.
01267 */
01268 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_MessageAccumulator : public HashTransformation
01269 {
01270 public:
01271         //! should not be called on PK_MessageAccumulator
01272         unsigned int DigestSize() const
01273                 {throw NotImplemented("PK_MessageAccumulator: DigestSize() should not be called");}
01274         //! should not be called on PK_MessageAccumulator
01275         void TruncatedFinal(byte *digest, size_t digestSize) 
01276                 {throw NotImplemented("PK_MessageAccumulator: TruncatedFinal() should not be called");}
01277 };
01278 
01279 //! interface for public-key signers
01280 
01281 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Signer : public PK_SignatureScheme, public PrivateKeyAlgorithm
01282 {
01283 public:
01284         //! create a new HashTransformation to accumulate the message to be signed
01285         virtual PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const =0;
01286 
01287         virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const =0;
01288 
01289         //! sign and delete messageAccumulator (even in case of exception thrown)
01290         /*! \pre size of signature == MaxSignatureLength()
01291                 \return actual signature length
01292         */
01293         virtual size_t Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
01294 
01295         //! sign and restart messageAccumulator
01296         /*! \pre size of signature == MaxSignatureLength()
01297                 \return actual signature length
01298         */
01299         virtual size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
01300 
01301         //! sign a message
01302         /*! \pre size of signature == MaxSignatureLength()
01303                 \return actual signature length
01304         */
01305         virtual size_t SignMessage(RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const;
01306 
01307         //! sign a recoverable message
01308         /*! \pre size of signature == MaxSignatureLength(recoverableMessageLength)
01309                 \return actual signature length
01310         */
01311         virtual size_t SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, 
01312                 const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, byte *signature) const;
01313 };
01314 
01315 //! interface for public-key signature verifiers
01316 /*! The Recover* functions throw NotImplemented if the signature scheme does not support
01317         message recovery.
01318         The Verify* functions throw InvalidDataFormat if the scheme does support message
01319         recovery and the signature contains a non-empty recoverable message part. The
01320         Recovery* functions should be used in that case.
01321 */
01322 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Verifier : public PK_SignatureScheme, public PublicKeyAlgorithm
01323 {
01324 public:
01325         //! create a new HashTransformation to accumulate the message to be verified
01326         virtual PK_MessageAccumulator * NewVerificationAccumulator() const =0;
01327 
01328         //! input signature into a message accumulator
01329         virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const =0;
01330 
01331         //! check whether messageAccumulator contains a valid signature and message, and delete messageAccumulator (even in case of exception thrown)
01332         virtual bool Verify(PK_MessageAccumulator *messageAccumulator) const;
01333 
01334         //! check whether messageAccumulator contains a valid signature and message, and restart messageAccumulator
01335         virtual bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const =0;
01336 
01337         //! check whether input signature is a valid signature for input message
01338         virtual bool VerifyMessage(const byte *message, size_t messageLen, 
01339                 const byte *signature, size_t signatureLength) const;
01340 
01341         //! recover a message from its signature
01342         /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
01343         */
01344         virtual DecodingResult Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const;
01345 
01346         //! recover a message from its signature
01347         /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
01348         */
01349         virtual DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const =0;
01350 
01351         //! recover a message from its signature
01352         /*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
01353         */
01354         virtual DecodingResult RecoverMessage(byte *recoveredMessage, 
01355                 const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, 
01356                 const byte *signature, size_t signatureLength) const;
01357 };
01358 
01359 //! interface for domains of simple key agreement protocols
01360 
01361 /*! A key agreement domain is a set of parameters that must be shared
01362         by two parties in a key agreement protocol, along with the algorithms
01363         for generating key pairs and deriving agreed values.
01364 */
01365 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyAgreementDomain : public KeyAgreementAlgorithm
01366 {
01367 public:
01368         //! return length of agreed value produced
01369         virtual unsigned int AgreedValueLength() const =0;
01370         //! return length of private keys in this domain
01371         virtual unsigned int PrivateKeyLength() const =0;
01372         //! return length of public keys in this domain
01373         virtual unsigned int PublicKeyLength() const =0;
01374         //! generate private key
01375         /*! \pre size of privateKey == PrivateKeyLength() */
01376         virtual void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
01377         //! generate public key
01378         /*!     \pre size of publicKey == PublicKeyLength() */
01379         virtual void GeneratePublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
01380         //! generate private/public key pair
01381         /*! \note equivalent to calling GeneratePrivateKey() and then GeneratePublicKey() */
01382         virtual void GenerateKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;
01383         //! derive agreed value from your private key and couterparty's public key, return false in case of failure
01384         /*! \note If you have previously validated the public key, use validateOtherPublicKey=false to save time.
01385                 \pre size of agreedValue == AgreedValueLength()
01386                 \pre length of privateKey == PrivateKeyLength()
01387                 \pre length of otherPublicKey == PublicKeyLength()
01388         */
01389         virtual bool Agree(byte *agreedValue, const byte *privateKey, const byte *otherPublicKey, bool validateOtherPublicKey=true) const =0;
01390 
01391 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
01392         bool ValidateDomainParameters(RandomNumberGenerator &rng) const
01393                 {return GetCryptoParameters().Validate(rng, 2);}
01394 #endif
01395 };
01396 
01397 //! interface for domains of authenticated key agreement protocols
01398 
01399 /*! In an authenticated key agreement protocol, each party has two
01400         key pairs. The long-lived key pair is called the static key pair,
01401         and the short-lived key pair is called the ephemeral key pair.
01402 */
01403 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE AuthenticatedKeyAgreementDomain : public KeyAgreementAlgorithm
01404 {
01405 public:
01406         //! return length of agreed value produced
01407         virtual unsigned int AgreedValueLength() const =0;
01408 
01409         //! return length of static private keys in this domain
01410         virtual unsigned int StaticPrivateKeyLength() const =0;
01411         //! return length of static public keys in this domain
01412         virtual unsigned int StaticPublicKeyLength() const =0;
01413         //! generate static private key
01414         /*! \pre size of privateKey == PrivateStaticKeyLength() */
01415         virtual void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
01416         //! generate static public key
01417         /*!     \pre size of publicKey == PublicStaticKeyLength() */
01418         virtual void GenerateStaticPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
01419         //! generate private/public key pair
01420         /*! \note equivalent to calling GenerateStaticPrivateKey() and then GenerateStaticPublicKey() */
01421         virtual void GenerateStaticKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;
01422 
01423         //! return length of ephemeral private keys in this domain
01424         virtual unsigned int EphemeralPrivateKeyLength() const =0;
01425         //! return length of ephemeral public keys in this domain
01426         virtual unsigned int EphemeralPublicKeyLength() const =0;
01427         //! generate ephemeral private key
01428         /*! \pre size of privateKey == PrivateEphemeralKeyLength() */
01429         virtual void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
01430         //! generate ephemeral public key
01431         /*!     \pre size of publicKey == PublicEphemeralKeyLength() */
01432         virtual void GenerateEphemeralPublicKey(RandomNumberGenerator &rng, const byte *privateKey, byte *publicKey) const =0;
01433         //! generate private/public key pair
01434         /*! \note equivalent to calling GenerateEphemeralPrivateKey() and then GenerateEphemeralPublicKey() */
01435         virtual void GenerateEphemeralKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const;
01436 
01437         //! derive agreed value from your private keys and couterparty's public keys, return false in case of failure
01438         /*! \note The ephemeral public key will always be validated.
01439                       If you have previously validated the static public key, use validateStaticOtherPublicKey=false to save time.
01440                 \pre size of agreedValue == AgreedValueLength()
01441                 \pre length of staticPrivateKey == StaticPrivateKeyLength()
01442                 \pre length of ephemeralPrivateKey == EphemeralPrivateKeyLength()
01443                 \pre length of staticOtherPublicKey == StaticPublicKeyLength()
01444                 \pre length of ephemeralOtherPublicKey == EphemeralPublicKeyLength()
01445         */
01446         virtual bool Agree(byte *agreedValue,
01447                 const byte *staticPrivateKey, const byte *ephemeralPrivateKey,
01448                 const byte *staticOtherPublicKey, const byte *ephemeralOtherPublicKey,
01449                 bool validateStaticOtherPublicKey=true) const =0;
01450 
01451 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
01452         bool ValidateDomainParameters(RandomNumberGenerator &rng) const
01453                 {return GetCryptoParameters().Validate(rng, 2);}
01454 #endif
01455 };
01456 
01457 // interface for password authenticated key agreement protocols, not implemented yet
01458 #if 0
01459 //! interface for protocol sessions
01460 /*! The methods should be called in the following order:
01461 
01462         InitializeSession(rng, parameters);     // or call initialize method in derived class
01463         while (true)
01464         {
01465                 if (OutgoingMessageAvailable())
01466                 {
01467                         length = GetOutgoingMessageLength();
01468                         GetOutgoingMessage(message);
01469                         ; // send outgoing message
01470                 }
01471 
01472                 if (LastMessageProcessed())
01473                         break;
01474 
01475                 ; // receive incoming message
01476                 ProcessIncomingMessage(message);
01477         }
01478         ; // call methods in derived class to obtain result of protocol session
01479 */
01480 class ProtocolSession
01481 {
01482 public:
01483         //! exception thrown when an invalid protocol message is processed
01484         class ProtocolError : public Exception
01485         {
01486         public:
01487                 ProtocolError(ErrorType errorType, const std::string &s) : Exception(errorType, s) {}
01488         };
01489 
01490         //! exception thrown when a function is called unexpectedly
01491         /*! for example calling ProcessIncomingMessage() when ProcessedLastMessage() == true */
01492         class UnexpectedMethodCall : public Exception
01493         {
01494         public:
01495                 UnexpectedMethodCall(const std::string &s) : Exception(OTHER_ERROR, s) {}
01496         };
01497 
01498         ProtocolSession() : m_rng(NULL), m_throwOnProtocolError(true), m_validState(false) {}
01499         virtual ~ProtocolSession() {}
01500 
01501         virtual void InitializeSession(RandomNumberGenerator &rng, const NameValuePairs &parameters) =0;
01502 
01503         bool GetThrowOnProtocolError() const {return m_throwOnProtocolError;}
01504         void SetThrowOnProtocolError(bool throwOnProtocolError) {m_throwOnProtocolError = throwOnProtocolError;}
01505 
01506         bool HasValidState() const {return m_validState;}
01507 
01508         virtual bool OutgoingMessageAvailable() const =0;
01509         virtual unsigned int GetOutgoingMessageLength() const =0;
01510         virtual void GetOutgoingMessage(byte *message) =0;
01511 
01512         virtual bool LastMessageProcessed() const =0;
01513         virtual void ProcessIncomingMessage(const byte *message, unsigned int messageLength) =0;
01514 
01515 protected:
01516         void HandleProtocolError(Exception::ErrorType errorType, const std::string &s) const;
01517         void CheckAndHandleInvalidState() const;
01518         void SetValidState(bool valid) {m_validState = valid;}
01519 
01520         RandomNumberGenerator *m_rng;
01521 
01522 private:
01523         bool m_throwOnProtocolError, m_validState;
01524 };
01525 
01526 class KeyAgreementSession : public ProtocolSession
01527 {
01528 public:
01529         virtual unsigned int GetAgreedValueLength() const =0;
01530         virtual void GetAgreedValue(byte *agreedValue) const =0;
01531 };
01532 
01533 class PasswordAuthenticatedKeyAgreementSession : public KeyAgreementSession
01534 {
01535 public:
01536         void InitializePasswordAuthenticatedKeyAgreementSession(RandomNumberGenerator &rng, 
01537                 const byte *myId, unsigned int myIdLength, 
01538                 const byte *counterPartyId, unsigned int counterPartyIdLength, 
01539                 const byte *passwordOrVerifier, unsigned int passwordOrVerifierLength);
01540 };
01541 
01542 class PasswordAuthenticatedKeyAgreementDomain : public KeyAgreementAlgorithm
01543 {
01544 public:
01545         //! return whether the domain parameters stored in this object are valid
01546         virtual bool ValidateDomainParameters(RandomNumberGenerator &rng) const
01547                 {return GetCryptoParameters().Validate(rng, 2);}
01548 
01549         virtual unsigned int GetPasswordVerifierLength(const byte *password, unsigned int passwordLength) const =0;
01550         virtual void GeneratePasswordVerifier(RandomNumberGenerator &rng, const byte *userId, unsigned int userIdLength, const byte *password, unsigned int passwordLength, byte *verifier) const =0;
01551 
01552         enum RoleFlags {CLIENT=1, SERVER=2, INITIATOR=4, RESPONDER=8};
01553 
01554         virtual bool IsValidRole(unsigned int role) =0;
01555         virtual PasswordAuthenticatedKeyAgreementSession * CreateProtocolSession(unsigned int role) const =0;
01556 };
01557 #endif
01558 
01559 //! BER Decode Exception Class, may be thrown during an ASN1 BER decode operation
01560 class CRYPTOPP_DLL BERDecodeErr : public InvalidArgument
01561 {
01562 public: 
01563         BERDecodeErr() : InvalidArgument("BER decode error") {}
01564         BERDecodeErr(const std::string &s) : InvalidArgument(s) {}
01565 };
01566 
01567 //! interface for encoding and decoding ASN1 objects
01568 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE ASN1Object
01569 {
01570 public:
01571         virtual ~ASN1Object() {}
01572         //! decode this object from a BufferedTransformation, using BER (Basic Encoding Rules)
01573         virtual void BERDecode(BufferedTransformation &bt) =0;
01574         //! encode this object into a BufferedTransformation, using DER (Distinguished Encoding Rules)
01575         virtual void DEREncode(BufferedTransformation &bt) const =0;
01576         //! encode this object into a BufferedTransformation, using BER
01577         /*! this may be useful if DEREncode() would be too inefficient */
01578         virtual void BEREncode(BufferedTransformation &bt) const {DEREncode(bt);}
01579 };
01580 
01581 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
01582 typedef PK_SignatureScheme PK_SignatureSystem;
01583 typedef SimpleKeyAgreementDomain PK_SimpleKeyAgreementDomain;
01584 typedef AuthenticatedKeyAgreementDomain PK_AuthenticatedKeyAgreementDomain;
01585 #endif
01586 
01587 NAMESPACE_END
01588 
01589 #endif

Generated on Thu Nov 23 15:57:38 2006 for Crypto++ by  doxygen 1.5.1-p1