arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

various changes for 5.1

pull/2/head
weidai 2003-03-20 01:24:12 +00:00
parent 21955e23ec
commit 538de80a91
64 changed files with 5161 additions and 1297 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
GNUmakefile
View File

@ -17,11 +17,17 @@ CXXFLAGS += -pipe
endif
ifeq ($(UNAME),Darwin)
AR = libtool
ARFLAGS = -static -o
CXXFLAGS += -D__pic__
IS_GCC2 = $(shell c++ -v 2>&1 | grep -c gcc-932)
ifeq ($(IS_GCC2),1)
CXXFLAGS += -fno-coalesce-templates -fno-coalesce-static-vtables
CXX = c++
CXXFLAGS += -D__pic__ -fno-coalesce-templates -fno-coalesce-static-vtables
LDLIBS += -lstdc++
LDFLAGS += -flat_namespace -undefined suppress -m
endif
endif
ifeq ($(UNAME),SunOS)
LDLIBS += -lnsl -lsocket

25
Readme.txt
View File

@ -58,28 +58,26 @@ and build the "cryptest" project. This will compile Crypto++ as a static
library and also build the test driver. Run the test driver and make sure
the validation suite passes. Then to use the library simply insert the
"cryptlib.dsp" project file into your own application workspace as a
dependent project. You may need to check the compiler options to make sure
dependent project. You should check the compiler options to make sure
that the library and your application are using the same C++ run-time
libraries.
libraries and calling conventions.
A makefile is included for you to compile Crypto++ with GCC. Make sure
you are using GNU Make and GNU ld. The make process will produce two files,
libcryptopp.a and cryptest.exe. Run "cryptest.exe v" for the validation
suite.
Crypto++ is documented mostly through comments in header files. If you are
not familiar with cryptography, I suggest that you read an introductory
text (such as Bruce Schneier's _Applied Cryptography_) before attempting
to use this library. Then, you should start by looking at
cryptlib.h, which contains the main abstract base classes and their
descriptions, and test.cpp, which contains sample/test code. There
should also be a link on http://www.cryptopp.com to an HTML reference
manual generated from the inline documentation.
Crypto++ is documented through inline comments in header files, which are
processed through Doxygen to produce an HTML reference manual. You can find
a link to the manual from http://www.cryptopp.com. Also at that site is
the Crypto++ FAQ, which you should browse through before attempting to
use this library, because it will likely answer many of questions that
may come up.
If you run into any problems, please try the Crypto++ mailing list.
The subscription information and the list archive are available on
http://www.cryptopp.com. You can also email me directly at
weidai@eskimo.com, but you will probably get a faster response through
cryptopp@weidai.com, but you will probably get a faster response through
the mailing list.
Finally, a couple of usage notes to keep in mind:
@ -245,5 +243,10 @@ History
- added known answer test for X9.17 RNG in FIPS 140 power-up self test
5.1 (in development)
- added PSS padding and changed PSSR to track IEEE P1363a draft standard
- added blinding for RSA and Rabin to defend against timing attacks
- fixed a bug in CBC and ECB modes with processing non-aligned data
- fixed a standard conformance bug in DLIES/DHAES mode
(fix is not backwards compatible)
- fixed a number of minor bugs and portability problems
- removed Sapphire

13
TestVectors/all.txt Normal file
View File

@ -0,0 +1,13 @@
AlgorithmType: FileList
Name: all.txt collection
Test: dlies.txt
Test: dsa.txt
Test: dsa_1363.txt
Test: esign.txt
Test: hmac.txt
Test: nr.txt
Test: rsa_oaep.txt
Test: rsa_pkcs1_1_5.txt
Test: rsa_pss.txt
Test: rw.txt
Test: sha.txt

132
TestVectors/dlies.txt
View File

@ -32,22 +32,22 @@ PublicKey: \
2c8a33f08636
Test: KeyPairValidAndConsistent
Plaintext: 76
Ciphertext: 208354217E0CA735295C2953115AB0C8450571A0241EFE3DEA007018339FC992C238E38514ACD7C5F8EC1CAE063B58318D96ECBDB6B26651343FBFBA3A872FE2FA6DDC819E6ADF6ED1B1BE0F512C8414D11BC1E64ECBCB3204A50F963AB8D7F142592C77909F4EAACE20AC2E182238597F000F5552B7FAAE225A2D67AA3799825DC8BEB0D8CC9976FE96CEDA05BD1AD299EEDF26DE
Ciphertext: B11D906CC5A8E71CA8962A8CC0AC4CAFF2DA00DC130C370F42D11FCF5C37DE046EBC07C7D457CA351CE456A043695D14ED055ADAD2B58BE0DF992685EF8B0D21597A43D7B3D9634A077CB70C4590CD73C20FAAACBC5649413EECA0C7B3CBF469E531299398F61496C51FE9FFE48AE9FE6034F104EFC562DE9529C776B86ADD4025AD6B0C3687B012F92C7B9E82F794E4FBE247D644
Test: DecryptMatch
Plaintext: 89338CE80AFB62E9577A310E40311BB3F77F
Ciphertext: 5E6DE09924109FA7EDF7EED2964D639BB2CF49E4B99B8C0F6872F30654DE32F9F74383BC294B0D73554D4482766ABDF3D2D42BE8125146ED1A66FFC3E77BDC4A33A5788B707E6E83FD3A3B6D0E33EA7D3CE68BD42697E891C59B6CCD4D2C4C0541EEE2377D5475CCD2C5109752C4F0F2A348CE74A841F6831B02C7FBADFC043688393F088239D91952F6FA05AB14A90157EA269B8109E7A177427E78479FC0A9C4535F544BF2
Ciphertext: 8A33B0E212DB8155CA796B472F55CD77267C9106229B6055141EA3AAAE42AD27249D90E70F892B0CDC80D29D3D586A5CA6FE67D4BB44C58B03496708F80681125DCEF983B7453B1E4F927438BD2E3E506C1951E9F19BA70F9B687012440CD75C0BB78BDCFAB22AF535D3E2670ABD1F4D44ED95F3360536612B1A7DF35E2A88F66BD6E8C813EB9DC89D93A85C9A0BA13E4862B91171B681E64A0750197C6467B22566BC640E11
Test: DecryptMatch
Plaintext: 0835455ABD53E6FB11ED9B0C00485D3C6845DB
Ciphertext: B5EAA059C9561FB6F173F459BB68983E69A568829177D8722571D380AD274D9C29B0ABBA8422C2C3647D1CFAE9C3FEF397518CAC5C72DF7B605AF9E926220019E17CDEB6565EBA2D61FA3A9886D9516E0E238E4404B3B1A160F0800A4E41753A818E06B295762DE134871B954279867D9749D8EE0681A647BC578FB4508873BED896BF95D506C25710A3A839725DB7FF763B2B51164C5A2B2876FF57E1B656E31F5A2F200FFFB4
Ciphertext: A81181517BD270B0D921AF735052898932008DF00D501EDE0D2D564871D61A6A837776E8D7C7F9B0E5F9181C1FC68BC430F30ABB1A64D62B444C0AC5AAE588B4481AEF08B38E466155F10CA04C8202F281186016AE35212A2C7815A22DB2750ABD526D285BDBC598672BFB52E95CE33A0D3E5DCF4CF5F46224CFBB85297F3AB170C8B9478994E32D9A21A452B095D3D902E92C7E444A3307FDD7256FE49341142E5FF7A616475A
Test: DecryptMatch
Plaintext: 1EBED48EC47B6987091C52BC
Ciphertext: 45BA361549BA3E45AF828BFA5D54C8020B7D3002DE0FC7F4CD60010C0148407A97B74372825DA7FD4CBCCE956B5EB80BD209CFFF7F9F15238F56D5B48D635D58192819F6EE07156DF25B49A6D5C5EBF132323EC8B0EA7B3552F64788E84999B49EDDB1324E642D8DA7EFCDE08663B23D1136B2A9F63CBF30D9DB202A8C294700277314ADBA6468E45BCD917702F7EF748453EF37253457B52D3EF0E6D5507D1A
Ciphertext: 1DF446FF43AAAAAC8E3F7D70C912E2D45AB832BCA3D0FBD17AF864B9EA878C45B9E2902804171A739A0552BB7CE0CD46DC16343714CC9C2E71AE26304885EEEB242665814DD9E33C480ABA214755D5449F16CD8870D1AB3A8E64E45E463AB3F4D3031FA3ECD395B61B372602665FCF218D9C51E8C791FA1E5BCC2916EFBB482E1814632CDF0F1852EE4943D9652DAA4E1F3B22F17F57F51D52A0997BED5B04ED
Test: DecryptMatch
Plaintext: 65D8
Ciphertext: 4A93FAA07DBEADC0C1ED71DE6FC3D9E9F65EF45A944338CE8B784891A36056E2F97274B673A8236BF8D0B4E1995C073C007D7063371520B53855266A66773A46FDFFF11C7B250FDD7A6C88DA76BDED9B771F2B8346BBC653A50EC6D7D77D0114246E8A376093AC8841C6F59E21B2C85E7230DFEC12DCA130C4305372B3E59297B440FF5DC32FEAD31BF25688EF8EBEEE3E2135D81C5C
Ciphertext: 4385797FD38AD5DFBB4F613BC87637B0051501E57699A5880E235DB7A6994A04A1613D0C8E07E36AFD08F2E47D018951B22E7625DA647AA1A0791DB3B2FA794610892D9A3D3F173CF95277B4B1EB92579A229510B67E171CB5BBA8B3AA732047BA038816A30124AF1C4C57CA80E93AACCC8EC70BCF7867914E7DE2C403568F9778F8DBEAF08FDB9F48452054C9735DC84F012DF8FE17
Test: DecryptMatch
Plaintext: F86D8ED91E9934125DA6E9B4E97545C83A
Ciphertext: 1C32929D2748575F63D9E732D8CBE133238A917885B2C16F6A2EC29B8417F4FEB2FC408D3BD23E7261CBAAE496EAA394C141F450CD4A3373F1A5013D20AA981B8A1B3E744EE7F5719A8B9F631074E597B4550C79FACC78189655270D01FD825D767AA662EEB5F8809BA58318E3704FC8C0D8866AAD822DF6EF05F14C08CD80FC0F45D73B092883EF6DE3890DFC006421739FB7E98C6074DCE97CEB98D8A8147BB735BCF593
Ciphertext: 13B0AE03AB532D5E31C9384B4E726A9AC73583CFBB0643EC322E3D2D45D9358CAF745B0541C136E8AA2220C42CEC9E1ED174886475538732AA6D6417DA89FA411AEDEADCD9F15D25D27D0AE252F77E888470AE696D5805CE8CCCB40B45D4AA835E97C7BF2CD6A2B4FEC6FCF858606CE4695DCE998C518360068ED028FC882478BF96096D92C166899EB51778BC4B7DA1BA8C4B6CEBA1139F17CEE484EA104A0325420A3D56
Test: DecryptMatch
Comment: 1025-bit DLIES key
PrivateKey: \
@ -78,22 +78,22 @@ PublicKey: \
1a66ca1ba442b425
Test: KeyPairValidAndConsistent
Plaintext: 256F07E0D37D69BE542BD17FA98CE4CFC3DA849B
Ciphertext: 003A09F5975D4C988D98A93D5D7FEAAA2CE40B80BA292DD43862CA1FBE9583EEF7673C716D76C6D482AB6C3DB3BBC880477D748753612FCE180B05940EB7AB342152BBCD630315BF1B73E7B37910B12432573E3D3234F313336B50BEE7FE471794A5D3B5E0D488238DF30CA89F9C3C08F23FAF2454D5EB9F6B37C084CBF33A01FB9AF4099BB0B52D59F48AB42BE91A6961889F44B919D40A63C584A57ABA701F22EFCCFC4801D76549
Ciphertext: 01269CE30DE12430904CEC9D8B91A6D8860B4F8D37FCE7DBDCE8FA18AC521684F4C1CD5C38BF3B42C259033CD36A53F0376A0CDD801979CF1B76ADD72AFDD27830BD85B373C4D451B84926ABA34012EB98331F0B81CCF8E801ACCDEE88A35DF60EFADABA1F395250A15463203FDCCEDAB7DD6CD1271B38A5E0946F8D189B225E8A307D198AC5E4EB33BCF26A02C0C602AA14592AEA01452E4F8AE46E7A032BABD1BA8ACB0919F2EA18
Test: DecryptMatch
Plaintext: A992
Ciphertext: 00F4C8DB5D823FCA7158BC68FABF699A4EB7C37443506DD25729F1AC2373B649A71F52F983D56D179CC384EFDEB4BD2C59F3A292627595797046B9DC0C19EEB99F37040654C4071426746E5B030D746D13377E1E54AEED7EFFD1A0919E10A19D844EFA6B5EEA7C03A60E4DA67851FD43E9ABDC3A5E00730AF95D9BE0BE90858E8CCCBB52F0AD9CCCAF8A7EEC45989906DE38C2A30C2244
Ciphertext: 007822B0BDF45CC5B15102B5E21F7656C8896E98FAD6C2AF6CD55D0DB90B7A6B05E36D260C7A5C070526813290BCA722959B9B9BF00041B4B7F3E3EAFA9B5376A1E02944EDA55B99202601AE6D402D56617B56B28BAC1B405016053CDC78AB4D372B0D58E7380D50F1CD0E31B8CB77FD2F6BA3E7A436A5B35552B9974EA5AB30AC0C4989E34F5FD7D272417FF2094B97119BEB2C73C68B
Test: DecryptMatch
Plaintext: 1D20C118C894EFDC67DAC33E56179C5D262C83
Ciphertext: 00FEBCCDA1E895A5724BE0656AD1A1103DA94BB162FB91C8E06FD915FE297087F21A76720E0465122A0DDAAD279BC3A8C935DCD38E993134855AA09152E249E8E618F876DCF8F4A04FBC4DF7727F3C0652A49678C2914C14A3857CB6AE2E7CC90D8C88F087AF5883F2F5BE93899DDFB1B34F26E18FBDD139448B3574C23A6C8ACB9AA05A24654C90AEF5CAC61056511AA3434BEA211287FE1C16E18EDA36F1290B6EB6AC83110320
Ciphertext: 001587AFEC265C244875371B680521FF93F0B1196901A7D580785B62A257B1736C86D1D9E59A31E62F53B92B209B45A7952776C6AC839243B0BBF3A059E6CEE99B120BBD45922B4E813DDE0F5793A42B3AF2DDDAA357136A010519D884589A1F9912110020A8C16E9B91C753EB8842B3224FE9C9A22AE2B82251CFF7799E78885B0B67B27DAAC6A7B58013C31115C2B8C0C0176BC2A7B96A299CC75693B4F2138B2B4053CB5320D5
Test: DecryptMatch
Plaintext: 83BC82A4F7A4DFC96CD7798BAC52254CD6E9
Ciphertext: 00F8CC6BEECFED226C9D4B17E8C6553B9EBB5E9C0FE4C3F22D13452A7D940D14EE6ACF03BD0D40ED903D9F8C5797C6527ADA2724E8382FD4370A6AEA99F5BAF5B8E79BEAEB810932D6CB43EAA331161DC1158BE8932B4AEC319CCAC0E2B9A45C8ABDB63FA39AE2451AD0698787B0D24DEC0176DBF889980D59F75667CBBC94BF45112381EC604AAB6FD8B2E10D8E7B52F5255E92C8C72F6CC9082CF05845DEAF61BE7683B2BD9E
Ciphertext: 0085E83465997BFED9CAE63B04B0419578D0BD85B1A65285E5537F4367E5E7E11DD8762BD3335916A13B8CF9D5BC651E762458E9879363B06748BEA0CA86D32CBC4F1B0C0BF67E616B872A64F7356241CD052944F6594A570522EF2BCC53D90E3326D2ECFA036C46256D9B678C93BE5877749AF8FF8FEDB6E1E17B67C7B6C6098D0C71D5B2AB503AFD7739ABCC8DE67DAC056AFE99D8A107230BA88C282FB8FD46E9E9E2C6874A
Test: DecryptMatch
Plaintext: 157597899A950A32
Ciphertext: 014A220971F4466883D79710E2501B168405327B6C506F276C9579814564191BDDDD4D2A2C1679C5B6BF7107D91B223C6E249A35CFCC51E8E659A5E03E7A724CF38A3AC688E593B6C2BA504FE1669863D4872DAA375D4034997EDB157CDFFF1CBE00048DC31190AF64C69A595204FE1E02B04A9BC3A120A506687AAB8515F2AC575644D8C5A0E2AF376AFBBE3171EC0E5A305B060EE2B410A183939F91
Ciphertext: 013623199FFDD0D4689A4C50A9FEA3C2250D0C73F209F33BF3EF13E6035976D6F3EAFBA3D83A3862E4B6DFC7581EA43B62F49BC85392B7EAB854F92DA8DD5921A6A4C42777E89004EB7E6D479BD028F758171C324168DC0814369C6BCD8471D9620C4E9BED785A220EF9C0DCF1201311A16C51341E0551043C6EAB45E04A81C9280633F58621D8D3492864FFF6A39EDC48450ABFE0C7AABAEB9A86CFFD
Test: DecryptMatch
Plaintext: CDE651
Ciphertext: 014A166AE9DC4F53FA3F7055CBB32FC93494B4EC2F759D31440FE4D3E1AC635B000BD59B2E0BB3F0E25EE9ED9CA73C46258DA658E5FE21AF4BBCE3B1D3467E051996E9FE9D3F8FCB90EDCEC94FBE50D09555A25848CABC4DF6D8DD6229B3E7FDFDEC9D3ADA91C1EA3A7AA8116FE1206ED79E88B29AD8B4E66EAA70C4C6CE4CD6CC70AB047BB4B56D1CE359A87385B634DC3088193FE34E2F
Ciphertext: 0040308CCDAB105426597D84A64665200A93208713004DB38594C490F7B85F08ADB67BBE47B7FB7BBDA435A6B6A2CA0B4CBE0FDCBD4FF078FD052213CBCAA4580D1C7962A3505DAA9BEA2957718AB36D061E61B9DEB3D7DD726975C6E7FD79AADBF649F5ABE51AC384E967D3CDAFD9EAA18EEB69774961E439F54844FA22DA1B6892E86471DAE6F7E74CACC944123234826621C7634AE34E
Test: DecryptMatch
Comment: 1026-bit DLIES key
PrivateKey: \
@ -124,22 +124,22 @@ PublicKey: \
99a9cb6a9bfe12
Test: KeyPairValidAndConsistent
Plaintext: DEC85711F12C0D1D6C26797E91B0F39B37
Ciphertext: 01BC7BC5D42424E784FA284D410FF01D0EC9CDCD77F8B0A91E7F152AC9AC3C5D568EB8F0599DE80696066FB670244BEEB18004F44F1D0118E68C78F00170848AAFF9913D48ECF1E106157261B977EC32BBEADD126A0A37038FB31D015EF19DD07E9BE95BB1D1CE74DEABFE54BC62A2C87992B56D171DA05BFE54B4B8AD90E72E1DC00BFFF80A450A2D9451CCCF4D0166E6C52761537CD16BF607EAC1A01B5BAB3F8B5C148182
Ciphertext: 0215D75DD99B8A59DEA3FBA9B0F8A621EFFBFD831E9543749B04B495147CE9B56D519EE71BDF56D86FD1D9C1AE8BC1D7F29DC469A05221E4A31C726971731CF627E63FAB269FC92DEDDFF3319819373F299D55F4CABE08DADF29A7C60E9B4E2806899371B93A853F828EC4312D94CFDADFDEF2037D9C1FCE21A3E451006AC542E1BC36D3C33AEAC0D1666C26AA886F4C118836EDCA7C5A428E407C4ACD62A885C03202230FA6
Test: DecryptMatch
Plaintext: 0E665CD2CF75C2E6E24908448F29E9A198EF
Ciphertext: 00CB10FD33765783930AFAFB2E17C2AC4EF41046110AAF9457DAABB40608CDBA0FE2DCE702458A5EBB07DB9214A0FD4B8AF4D33B9F168E72B15122391FD7CB692C5E16F739DD2EE117C2566E7174C518636D4F5862819C7CCA198D5B8F868D6AC6B585D2286B39C451200EB60D2702446E89BD4BDD604276A3DC7880E1BB19AF80DC87AD60B740E0FBCCEDF9C4E9F8DDA34E410BFE3B1C899761FBA58105B502391EBAA04CDBC3
Ciphertext: 00A4583FF3A9451C6F8970E53D95EC74F41F709F5156B4FC9C698B1E43C7B5F3230D5417AED2C7447455009CE8381A30BE400EC15BBB1D7BCB9461E593D416421157541479FE1DCEAAE635728C68C58D260337A25D0CF9FA291D84E9E1DF4FF96822CA1F05CDD247AD14E5AFB231A0AF0F2E79FB9A0528CA2FE9431724C0AC9F0A2ABCED9A20EC1203DE2A835D90EA5FB1447EC722456B6F4C75D0645CEC5BECCE35B79FF3071A
Test: DecryptMatch
Plaintext: BE2A
Ciphertext: 01C3ADB28D5D4379E110403B1ACF19BFD7D1333384DFEC460E927492B07DA4919655B2998F299311986CBF6DA718AEA0C744E9E9874018E9FA6EF2C6AE7770A77B176A0EFBD78E2377F9FE88B724ECD25457B002E06A02EDEB979517C19956B84C1F1EC67671860A0D099DE49E19A55C4BFE55753F2B9CDAD31672ED9885C6F818092619813A06106EDB7B83948851C39324E097D78C92
Ciphertext: 02823CB4ABD598FC5D36300306460886BBECFAE6F56E02708A96EFB27EF7E3D8F08442FC819EAB1DC35CC70A074984A149F209EB285C6064DDDBC7781CEF7358F384D592BFC75D346A6D97D8524CB35060A35E3B3145199F4968677FA22BB468DBFF63E3E366D778B3042D5858699D9FE5D6F53D0CB084E107111B572AE9B933B94FF37F2681DC50CDED2714668375DA90787CF0144F1B
Test: DecryptMatch
Plaintext: 20D57B7E074BFFF8F54AF3E69C9B632253B3B5C0
Ciphertext: 00F9D85E8842DB01AE315667AD71423B90392535465C6D1B799CCBB096F4D52DA26E2FA9CBE9530BF3AF6A82D072091F96EC5723D90D3B47BD4DB007D2760578FDAEF5B934D43BF8142D93CF591AF88E6B7FBFA3F39D172DFA9EFF0D7B1BC013524736B54C556D8420DA9452FF86E5AD86EFEC6CE5C369188E75CBFE13C199E6E4DCCB28CDD4CC7609092B71F2D0A1A1D1E9FFDE012D0E4BCA3FD76DC35FCD9C0F9F7C7F82C901F864
Ciphertext: 00D18C24BF39CD527455737B4B214BADDE99B070181C1E4729CC7B6EAC82298417FFAE7BDA1F41A7D74D6969BF9CAF3A7F9EC9397DB75F5E53D0282F793D601A28E8B3CA8730CD9D7A0ABA338E2DB3EB5314321EEBA2F16C8072DA6AD9A887AA5AED0EC5EF3DC7E5726626511F8F23B0BA4D83BA358DF0951B07399C7515349E3DE2938D2AA53AB11A4D1C07213E091CD3FB6453AF7DFB6799D45DA44B060F7BF5ACA5A25B3892BBB6
Test: DecryptMatch
Plaintext: CC47935F7976
Ciphertext: 017052871BC92384D3E20355AE3E9B5401556F15B137BBD610E2921A9CD027FAE6638EA9C984FC731DB2DC2C734ED0B8F3D2807ED537E5B2D42515A07C148283FF19AF9AFAB09A39A728569433470CD8FE2776776FD1ED4B6997F64FD351EE910C713E7CE0BC1227AB91818B8AD5478A3B821A24C0620B2DF8320C6E6A0A8C1AAD5DEE862371F33F5BBDF7CCCAC35922B7FF2FF994B2B0E6B585C8
Ciphertext: 02366250DE032B147BCEABCB576ED39F4993251D25010FAEEB41BDDA4301B890063247EEDC041539488E70B977091BF581033EE6EF75C224C8046EE3E7D2330383A30BA07FF33D10F07FF6E1EE20FA4D112CAB1BF457B50DC301DE5C6DBFACE227903379A41DC4D92517A547968D3F147D6435C3DF6A3D0D13635360716CBAC322EBD295593865C3A117050059FBEC83D112C5C3727377EBA7778A
Test: DecryptMatch
Plaintext: 3A370FAFD82869FEC40117
Ciphertext: 00C6042BD38A961F0B1721D6C8B27A5619EDDF3FE56D76C96BDF0030EF5B5878C4FD7D81291CEA3BD01B20B9A89EC5925B0B5FF34B9ACB375B93B2B0E41CB975821DD6A0E322ADE2EEB1EA0086004574E8945FA81DAB8C1FA9FF8A98AB00724693BFB70C9B0496E1AD94B8630FC7FB75F4221099F8F16E4A4D784A49DEE1E4C3093F594AC1C1B85794D5F4549A1C7C3466AC34449658D23906E05F8A9321C0BF
Ciphertext: 026AE53843D3EFE36D8E52D9FD55DC6F0A0F51584BF81529914DAB6E380A6C9716828A7254307440B6A0CD16BF0D9D713939AE7F6C4D82D5AA70F33C9531E4071B9CB415C7622A23DBF4C81820BE04272874549F081B57D40B27BC1879BF134A2CF5D15203D326F9F97BCAC8606082A50A755CAE6FE2B72060EB1E0B72EF5AFAE8A823B3F0F91877C931CA64A06F3888DD4E2C823B3FCF529407255BE2AAD36A
Test: DecryptMatch
Comment: 1027-bit DLIES key
PrivateKey: \
@ -170,22 +170,22 @@ PublicKey: \
4c279bec5282bc1b
Test: KeyPairValidAndConsistent
Plaintext: D391B4F3B53EB9B035C3AB1E3C6E
Ciphertext: 009DF4A6FE0418BCEB691D6AE0739F64020950099D05D65CF294DC3AC2178F9B6129BD7DD66F54AA2957C06A331D86940C5970AB87B1ABB627FBDE1647A8E65DE8C21EB3DF6578CCDCBBD67483B85C0A5339D7DD2BDCEF02776D3B54C14B757595918EE0197CACAFE665792C5DE5FFF74EB6015DA0F173B0472021F27A82D2F81910B8FDDB42ACFF2C1CC5EBDD2AF654F62E9904C9AE8073DD798B288BED25133262F8
Ciphertext: 05D90F9892F6DD3DC3654130CAA312D2287D9E57607C301BE58607BB19FC78D67F2082C907FACA819A0D946AD16B46FE1E7264BE7D25D4EAB4F80D136E89EE7BC53B65CC1692581E3ABFA3C15482A6FEEB607AD1765897E67BCEDAED0E03FDE18E05330A99BEBB8710C77E7735CBB747EB507FE1EC04F239E964B509A4FEE8463478E28BF5338AE016DED9FE6B2DDBD3FDE467C45F0FA619E039FEF085D2F1544EA3CD
Test: DecryptMatch
Plaintext: 28
Ciphertext: 03F3C0EF85EF3C9B513DB86A2C4E4FF8B938EE4CC0CDD85D53005442865E8F9207B7ED2151D58C81DA0007AFAFBFFC7225674D320AB5E9ADBD614BA0FB01329365D457F438CE92C5A88E0B9F421E1C3849FCBE927F4FC55372BFA93E8D6F65519FBD2DEC311B824C574C8EA735DDBACCB9F0E3B748B87585E124BF9184379A2F3CA5543255AC210D286BD14ECAA23D0B75C2D99C4B2A
Ciphertext: 066BBCB2D9E474A2C6CD514663BDA7AECA1F79136A00C1F9BDBAEDE344872093E67102307C96BF824999D86543121CC3D99B5CC4B511153A42E8A1569D063C27788E105858AF8EEB0766FAD9E0EDEFAEFFC733BE6824644CEE03AEE5FF15860CB3CBF4A46F95988D5E010FB844F944628043C830E575964EC36E2C38326C771085D796F2C22C0969E58665626415463A3CA1F56C357B
Test: DecryptMatch
Plaintext: D2C349F40A24230689EA15736C3AEFB1588A
Ciphertext: 02D0722B13E77CA1CC2C0CEBDAD70851311EBBED1A885E8B714936E4F549DB95F23035A121E73705573FD6DE22C5D1B5D96DE8EAEC16C9BE78A708C9508C3AA055B08AF3E525B6F06E1D67F29D31707557C27192A03F468ADF0233330166970B9EEF3B2C5CF300E7E79DB9E813521F0DBC96D962FC9EEDBD7731F4A7DCE899EAEE90F9919D9F6E6FED233CB5BA2D665CE0E24DFE28348E4A73E4D14B489BA4567B0819E4C6CB70
Ciphertext: 019A66A4ADFED556BBD1E58728A3B7A3631458DCF677BB155DA989827C2240A586783D8C5DB98E266C39FCDF6FB016BBB25D53A6B30F3BC9D1109CB908B54F1932335F3DFC2C80847D94D13C5933953EA1D212107AB42189536171069621403681CAAB2A13EEAEC847193FA6A0234FA8F107E2C1747425584EBB4F4D702E29A3A09580E25B34413208009F9643327A636DF622B7F0267D3169A64646F301C584F64066801383ED
Test: DecryptMatch
Plaintext: 85D75863811C6F574222B577
Ciphertext: 0230D0C0F0CE47C4E8D2111F840A66C740443F4594047A25E82065CD86623B0CFC8E71F01630253554A643E1AE07FEBD5DAE19CA1E45465286A1DB896F1C98534D3D256BEC6916A9F6F1ED5EE1B929FE21B55C88F81F2CD28E73D80D8869B899C99F60908D23DF6260D75F856E9B1EE53BEDEC945FB470C3C43EE110F824A98E814EF8659DC8F0882D2AB57E92E60CBEF8E54AA8BBC13B264E8C3C2FB60E98D625
Ciphertext: 02C6FFDB38965F3061C736E633B497192862677CB247A37C5FA1FEB4F2C021EA94C65AD9506C73C2E98ADF0F340DAFAD2BF6F6CC906C93655594D093D4B0F6867755013C25ED0AD75DC9A04DD0666E6340BDD6C1E748479F3D64129F76B5BAB37D26319287EC9D65CE9E2243D4CCC7BCEA4065623C4D388A7BD779941EE541DD29E070F7356ED1A1ADAE947D79F8421FA717F933F08CBB8B699B551F1EFF75B8F5
Test: DecryptMatch
Plaintext: DD07A91D32C26D3258AA4ABBD82E81
Ciphertext: 060EF37DBFF1955CFA3C136DA59472C172AB3EB3B6AA8B8FC5267A9D879F2F855598A3275E61CB0B5D7C54C8972C8706085E184695B06676637CBB13AD625B79F6D26BA13BE596DA66424FD0F60EC8601012DEEA7A7F388481C86A9A52A56744F039DD7D29375BC516461E3EF0546CE47211FABE34BBF91786C255BC0A1D00D9E8D240A9192B069B66488823FD6B9B3873E3480715B2F76C6555B6FD8D35E156E1CECCF0
Ciphertext: 05669E0777B003CC2EBE9BF3981160806A8B416A2DEAB4058497C5AF6A5C8F8D1ADF1225CC6FF7D292320E9C98CEDA144862FB4E32EE11AD9CC76A5C85FAE56A2567E6C9D168586F288CF4D525C94FF9F0ED6C3DBD08787768B90F8CD776520EFB920E61FB0E4463BE8D5AAE2683D31F392229A9554E0977BF25BCBBAAC7BB4FCCB009630D0203451A7A2AF847BA60AA0CE8C4D656DBED02353B92025925E1A0A6DF490F
Test: DecryptMatch
Plaintext: 0AA6B9FB846D1230F521F2624127
Ciphertext: 00FD76D3514533D676B642E6A3CAE080B778B21C6225A4684364E37B332D787E697947E4B27328F4137421F1E8273BABA5D50F94E8C7483A02FFF4F30B6A6BC968D31DE4D1B2AB284BC1C4786AEDD74E576FBF1743D15DAE74E18A8D6E85585662C4BB20AF423E25A273AD21B14FF40DD82F0136AE6297E2606BB433233E4A2065C2A8EFA48C7368DF584CD04D525AEEFE0C8E46A6F4FEE5A52E70A401A4804F381E7E
Ciphertext: 01A9D56F1547728782D4F80BB0EBC8890BAEFE994900F41D56094F4734ABA2BB371060B2A69C6B7BC8944358519D141FC277E1195B3A78F7068731C3AF3C604A062A0D551397CD804168B7F400F786BC5CC3F912457AEAD56873AEF1A2378F34E953E240C20FFD7DDA229D4C020BDC68684A53C0AB3ACF9B44581353C60CE9854E3451645A604BB7AB3EB44088A07F59CE0FEB6454CC5A83BE5E939B317D4D8537CAFA
Test: DecryptMatch
Comment: 1028-bit DLIES key
PrivateKey: \
@ -216,22 +216,22 @@ PublicKey: \
ac97e8618cb09d46
Test: KeyPairValidAndConsistent
Plaintext:
Ciphertext: 01FC156706A1F5934350E48128F4516EF1593FFAF57B2957AA535D1EFD54EF87DDD802BA607D5435DB396F4B7158824167115494717F4F37794552874A61EB227AA10792F4556E6EF45389AE04E790B0FBE28ECB7912FBF3AD45AD9107CB364C0CC94971D4EEA2A903BA7FB0125B29605D808266284B48CDB02710A09587E9B0676CFEDC515F8BF2F07386B90E2AE3ACED873EC202
Ciphertext: 0194C64DEB9CB401573730A29359456F4E9528347ED80F24E5AEC4441E896E38047EF95AAD9AD7A25AED6CC89FD95CAAEF27F3C814C26FE43F6D65288D87E372A204D1A66C3BCF0346CE89E9D2D7646E90BACB9A85022ACFEF8903C72A663BAED9A346E1A6B2B2FCF70E239EE70A34385F8C76CDD121F6B190085BAB3300E6B811906CE38AC740FE88A3DF8DCA1C6DF73A03236D51
Test: DecryptMatch
Plaintext: 9498EB7300
Ciphertext: 02689B3C5C8CFF190B43BC1B8ADBFC21C88DC9699B92C360B963B85C2DEAEDD5E775C550059D9217F1470B5C7989B8BDE64866F7DD9AC7BAABD7F7BA1642330B2B77058AD977A8C9DF62FCA67980E751088DF571335F53B5CA7FA2774049AC186B2034C086A1E377A246FAA1327B2A773CEDE9FFF5947C92CDB2B0CD3FF5A9681216AA47132A89C14AA89D5C2BBC308479E3957D14B11549208C
Ciphertext: 0A38C373F6A96D87528D2D55F6391A9E801252A65F622F36A130ABD140E1858024E31F247C3BC8C07D9500CBE7A8A3D6C0670AF0FA14D020DC54B201E657C233F8031DF990AE801077D4D3AD9B861F4C32D36FFB9E8BD5E2651169BC4560CC7FD02159929AA50882F8B4C8508BB98F6BE8A6A7C0E21A2A81AF781447ABEC85C170F3F6256C3B6C5E2D3A01BB5EA8B502D37561C06F1DA536BD59
Test: DecryptMatch
Plaintext: F07FFAC9794BD8D528F750D50C05
Ciphertext: 08BF2DC74E3231531D786B1294B93EEC793FC9D0BDFFD5DE3F6287FD761767A12394F1F812C2FA3EE8C686F25B47FF1D30E90A7A2C18B7979467EBCF4813AAD654B7615641A9D0903B98641D8D2CF77D1A581FA8D5CC3DB554C573B6F6D3C1108CA2B2B6146A224A657C617AC324286BB8CE51F3E952C89F7D25DFB51255D87FF37A2B707CD29F876E203E867B47A5492E3477F77FC46FF91505E997EC39D3B5E1B119
Ciphertext: 03DAF7F6C2BEBF8D0B380EB71BD8BEE9D649AD7647DF6DE4CBCE00D0363E31F11E0DC0331409863E3C069EE3F975E7F623B55D7F4690C7419C5AD97EB52BBC0212D3FF0A83A031591A31481116B2CD232A9C86A20EA40BD13A53BB73E644A6C7DC1E6C767756E7235538E9D5B155B3173416E99F121E96E02034C6DB9129489A050740F603DEFF96EF1D99E7EB4A32083D0D946670B1AEF30E1E38D3F076D6BCB57255
Test: DecryptMatch
Plaintext: 85916A46E0965C69C4773C7DF9AF
Ciphertext: 016AEA68DA2DE0890C71D773541458A2959DE031818B91AB7210B3F5AD9C5F1402265D5D5A612D2630F0A777D46BB08DA0518E8244C483BAEEBD70A07A2994DAEEB35C64EECFB1C0A4FAF10C52848E96A18314403801ED3D62ABA1A257B0B0308DF89E684D2EE69771F833F5A99D7BE239D2567A2C7D57C357FD9959B498F1F8332695CD280442B6003E0AC7E7E2398AAFA32CCA46EAB7E324D4FEBB7615E9F0DDC057
Ciphertext: 053D29F0878C68FF55FFC8E6E0E03044AE23B79588034F0236A49A5B6D00EFE8C564D2D29ACB61FE49C0E984EFC3A48A96EAF22AF3032D8D0FD3B3BB16A0157C161F2B3D3DF802FDD6B61899212F44493383DDDEA8B2463BACD0C5E1F4F9E4063DE5E52032E7DA8B79E04C5F03144CD710ADA74506CEC2D448BEA0F2B59AB63FCC443BBE920748E122DDD6123BDDAE484DBD02088817D999FDF80D5ED4B308AF4C2DCC
Test: DecryptMatch
Plaintext: EB632C72F563174E680961BCF26EC7
Ciphertext: 062FA7160644C706869BB9D9903461785F603ED12D15BCF2C2F7C136B7ED0E1E83287D94AD2CDAE2FB62A3D206D043D2C7B58923131B0AFF8D75ADBB136AED4F77687432563258D1E77822C9B891E4FDC7FBFA06CCF790F70DB4B45F5A7123147EDC9A89802F2197021C297235A468B4976641F912C848C1368E84C349B40B5AB53DC448B255F481C79EC5C1131780D7E304C104696034F27CAB431FC4D0F07AE55A90A3
Ciphertext: 0BBE666C02191F668A2DB000646A14385A8E9199BD887913BA587DA4C683535801853186673AD7C43EFA5B65902559BA5345EFA111E0514D461C1B1EFFAE58708EE6C17F1758EBED31F0B3206B0EC1B4BEB2EF911C589E25CDC3B0020C47119B5F33EA2FB7C332CA6B1FDA2F350A4CB0D6844637F2CCA71EFB036C7400957AE093B21BE90E30A8672847C9BA5266EBBF9D62341F67A4D09FFA196A817DD2F5EE1A9654EC
Test: DecryptMatch
Plaintext: 42B5D2DB89374231
Ciphertext: 01E541C38AB600B6957B0814094AAEA35C67821CEB793079D0B9AB2070CD6BE42F6F367B93689E5F34789BCF36674B0F7651763117A013B720364FB23D953E8FF0139244A6D517D96DEE49627253B22E46F5CBF8DF049AAD7B91D9F8E390FBEE4D18CEEAC73A733ECAE2333002E64D923671953C21618FD65225329C79A45A82A7F574FC61C8DB8804E52D9E8A62FA3FC85B03D4633BE06FCC9FE7499C
Ciphertext: 0085B6894D887B59393F9D7365411DF239BE1104FD86CC63A52C990A84FC4660FF9B60CF0641E44A8224C169A9FD1B35EAF78008E34F14B5311CB5D725096D9DE92F35BE6E71E3AC3E3B3D68BDD5351A5AF93F0B3BCDB00B9B126D8DA07E5F42107181F9580CCD0D6F086C94177FD48ECFAE3FCF2F26D64940D749E8A964275290A247AF700210500517BEB2175326F4CD3016AB175B352F9BD3289079
Test: DecryptMatch
Comment: 1029-bit DLIES key
PrivateKey: \
@ -262,22 +262,22 @@ PublicKey: \
c2840cb2e61086d7
Test: KeyPairValidAndConsistent
Plaintext: 03C57B87
Ciphertext: 038CF765B1681FCDF074FC73B16F91715D4A6BAD3F17CAA08DDFF50D9D6FBE973E39CF7011EA1E503A102242AEC852BEDED46B554ADC7A6C42A89E4E06ED2D753C5523FCB77E6B0916BB62B41D65033DEE13C83950D95BEB2A7B88AF5AB606DCC7165B13F48AF8A101C9D473A1439F72BBE5FBCA2E57E83E1E8C03883115F78615CF5294ECBEE8EE9449DCE53E074F9C7430D7179D5C994AFC
Ciphertext: 1440C6776914314A1DA161EAA41D52B283E2C0B487C801CEC33DCDB639F579F69D12FD029C994A311913EB6869C7A5659EE8BD9F5D7225BBB2EB77CF6F3D24A5E9866BD2CC50E593EC5CEBA4A96C59FE8B98B5EE2121E5892F2436F98B5C4E4A12077A1A64F1FCEB783D05453A657BB91909637063813CC00754402DE24F4AD6C0D9D4C15B7F4E485AF3538D391CF5993A59F6D1FE6C76E2A7
Test: DecryptMatch
Plaintext: C5598C0FE0D90B10E7125079E2EDA32E531C2EBF
Ciphertext: 02E4C5534EB0B26B1E169DBCB63D181BAA1823CC7DE11BADC37C96FC8E126645FE63BF2282CB6DEA6D418710B0571A3D66C7856E18BABCAC831DDBAD62B60946573422C42CBBE8E22B7D9560921D1C7786FB37D7F2E80E460C76905E997BAB7069C5A5ED9C900B890334517A0791D5D692D6192FE2C3CBDA387A0C3F9416A98AD475409C86F7412448D8167F753C40F63A86530F303ED5B6C76CA2ED1CC03F5B473BA8A3BA19ED2127
Ciphertext: 129FC863B70BB82C1C59EE2DA37FF3909F1DAB4B55D9727EE0CA3311BE5797F93446ACA0409CBFA848A90756D2598B6ECA56F6341C6E9F716A62380CB5D47400CF392A5441DA5AD2C1D066F894942837EA7B6237D7BE2E94FFE0A106148C2B7B9AF624242A945BF3B217D89FDBB070FA5940C1C899AD83AF1F865DEADFF0F4E48A7E00BF7AC5625F6E32F8B01394AE90284AFA061AF6DD61ECA1B8FA77CBC172573A9938332D7AEE41
Test: DecryptMatch
Plaintext:
Ciphertext: 060A6DFB5D9DEB53EEAAAA6365A23C9F1AEC8D7B4E8CB4C6416CC12E779594536D68A8D9D6A305222D27FA9E362F9240F350B7E670B1CD59344664396D28001C59CCF6547E05ABBF69A033178B70C91E4AA309C7699F3CE7AAB2D8F2337983C9AC34C5148E4EAD93048F91A28C06AB7629104A33FDD3BF76D772AA709D327F26127E8A14B9D96209D57DA63CC42AF9A40186EE3AFE
Ciphertext: 068117F2BCF29C72CDA3F4560A2165B7DB7C29314EFEC8D110425D5AA02F35C0F9A2304A0554C097944EF3A615BD70F5461E6549C319AC1207B100FEF022410C46284CEA9CA103685A18EC944DEA0BAE8E06D2489A3E2D1D9B255F192677664CA6FF44130C28CDE1FD437E85396503DFF305BA2D64E8BF9C75B00CA1595A1AED2C60865C0DF03F408EF95517E70552B2D5A8C190DC
Test: DecryptMatch
Plaintext: 8DDB5FC737283E5B
Ciphertext: 118C7186F58E8121C2DFF8859E9BA8C23F971460CFC77106C49EA94F3CB89CD628A21F46B93E3D58F0748FA4A89FD16FC1F4E2295E02D38FA7897AE3FF8E1C67B53658484CC4E55B71874A3FDD02D86CE2ED30905066BD31A45FE2334D6AF297738948522C7AA39D48AF0C115987848D699014EE27358ED77A0DB6E6484A9EB9C7C1004C205AEA51EFC5DB2EDD7CE6DF0A5BB29F53EF4018344A4F4C67
Ciphertext: 0B3E0CE51E1D3AE240EB34787DB5D49D6786B3BCC29C37EF8B9155F342C4D226CE1D07F7BAE09DFF7E8CD89915E1312F43540A26F03D918BF56B07E6D07A96870362643092F24FBCC6A2DE62F637B5F5F807E430DAF9B7AFE1890143591BBA035538FB419BE4CBADFCED5EB8BE2471B39CFCFBB2BA854C9E0F52E67524ECB80F9FBB3173D2A18C9F4C43F4E20866428A9256AB8AD199BA0BAD55A18896
Test: DecryptMatch
Plaintext:
Ciphertext: 12B34709E3E2B4FAF76599CA3CCA54CD8A72F8765F3644CB68ECB5732F22074C841AAEBC6A089D5A2DD8A9EAF76562822BA9EC069EBAF2FCBEF904B48EAF6B0677CC5FB901AE7A93306066C1930B82E5673EA0717DF36BA1F4CC5DD4358740702994717BF03E9B9CF97C37D68F181054B1D13D6511C2C95237C1F53917C1755BCB29A3EB94C80E2703047B9B6B191F8145D1D7B6B3
Ciphertext: 197D4DC43B0716191F926DC806A1B707ABD6684735144AFE07E0EAEEDD9BB3C89B9D0076859DACE6FFF9E2685592ECB010909910DCA50D2FB1B15EB9B9CFF4F71250D807EDDC2EFB2033BDFD93FD10E117683E3E4E8A5D3308572D4852954BD51251279A79092E3DCB95F1FCEC8310931933F47998DDB61438478CD80864F08D3370C863BE6E7E1CD22E38BC512D9A160478814057
Test: DecryptMatch
Plaintext: 53AC983CEE599A17261C53
Ciphertext: 195200BDBCCD0D983761B7B00E0117D8E7CB3696889B76DB503B729BB2A10E603B6ED2B368E133DC6788A89E9B3E7648D1C59759E52BA27B69EA7037C2ADAAF9B7FBB3A45C9BF890AD7DB9FB3640DE53D7CE90A29DA5741234B1AF1500D003A6F1E9526F6326CE332E5DF9DA77671FB97C7D8E5CAB2C831119BCD043C31BF706579DEF338B803BC8BEA0873E6FA35498B6ADA36F4DD31286F563FCF897936C3A
Ciphertext: 0E31EAACA9E8A86ACEFD1CB817869F48EAB342EAD0DAFE17B848CA9CB72B92567987B929F655B8D601EB1384BE380C8E4BA8B4E274F724F02FC5C00479C308813A3963E2D8AC88ACE92AEB00AB024A4EC5560857310E03009752B86793B356DA344B4AEF01F3ACCD9CBFBE399D0016260C006FCA5443359EA1E012D43921B8D2B8CFD31B94972ECE9C0031420238C76514635E9B40F17D9AF25A1009DB75E4C0
Test: DecryptMatch
Comment: 1030-bit DLIES key
PrivateKey: \
@ -308,22 +308,22 @@ PublicKey: \
9305bc0386b16619
Test: KeyPairValidAndConsistent
Plaintext: 4424
Ciphertext: 070DB525AA24778DEF63617D14830AC886D01379B87B216BCD48ED9AB16D921FFB73CC88BCFCFD248339B78ED4F18BD356B259A5FDEC31028C42FD87255644B5FE069C6825B9E114778C7F8EC38312DBBC0B5FC9B1D73ACFD8C0A093DD4880C6115FBEC6BE66A5A2B5D7F0034D537B99F1C439F74EA1A7F51F21EB1BB89E87C5CCDAAE06D043F5D99147A534ED3338FEF265395C8CFC94
Ciphertext: 0C570D0317363DB43DEB295D49A3BC937116F2ECAC9226415952CE634679272B7041A4B806164F12E87A0050AC2D60D393F845965CB3A56FF0CF28D31CFA0285015452C59949E3D96C5C6D1DBE38F6EE98E2C93357E6C036053DF920C7CA5E2EA1617AE44434A347FCE426C55295172ADDE9CAC3AEF2C6D6AB2C8F0FAB1B146FF1A10D5EC2191C99D6418519443EEE2A198BFD159BCC63
Test: DecryptMatch
Plaintext: 5092C5D9FA398EE31AE27C97
Ciphertext: 09B9D772F2CEC66C86D50BF85FD96DA9861D3D44EFAC6A46C79FEC0137D7559D5CFFBBC6EABBABCFBAD196DCD99621FB3309F01454A6222977A41589450CC03385CFBA7CF89273EC321BF47BD55E5C3A49125E5AB4FFD2C0B2369EE0E2C33D55F839093C795F0D0BFBEC429C42839ACED5B8363D458EDB4C47132E09C58AD7791F4885637D182CC4DE999AE299386A771A5D22E41D473241A5D448445684968E30
Ciphertext: 196476CA0E6622569F233780EE0C449C2CAAD3819B348D01B4DE5425EBCDEAEA739C6D9CCACE4DDF06520E83C94D237AFD46A4EFED635112CC78534E2FA6046ED6C06806EA8F4B9F3FC3F87DC55F63B9E14F9ABD82E9CC80A298DB281C9F690391F5B064880CF35C5A0BC7537DE9F65DEB2467FAB5CE8F41529A5B06BFA6B587ED661849BC7388277AE7F7E5EFA3F2526E503ECB106B718275BF32C4F83278CA30
Test: DecryptMatch
Plaintext: 89BB350DC43CB3
Ciphertext: 234D2617D8CD9C20307A6F52323EB1B99E16190798A3E5726B06C212EA0DF869AF8F3008DF1DF797E4E0C7960F02D1FC2C480BE374F3E21EB686ED7D4C046C3819883A0A5F4F922A15FFC94B33E7D567E08A71B2BC24620F5D1CD992B42FC0DE5BC2978ACFB4BFFED14740F599474343213ED17515940E87F9EB4FBEA7653CE9DD0E212F937865B1193959B2F322EC976040E35D21FE0CC9510B1762
Ciphertext: 13844D63B45821E8704A9C1F6E9166B5EB7FD98DE5369E5DBB9DECE506EE467294282B5B174EF2F81B6766A3616AC5A974F06D9C47163C69668F4C1C78F8A6716A4EC28A6AE25F615A838B9C747EE857AA2AC92DEDC575AC568A78E8A86EF78D55EDB88707F7B6D558E8A760095BE8BCD066FC57396E67C9D8654245676DAE9FC4BC9D578496CA450B35E179410A5DB443C2026FFF0E5F7E54821E39
Test: DecryptMatch
Plaintext:
Ciphertext: 10BEA38BAD87CD1F01EF3BA46EAF2684C57DCB5E247826898CDCA2D4369A268E8F91E43383C612E811E56FC5214E214158BFD894E0D4AA12CB0F5C086554DB55270820373BF362552658A0811EE654251FC76597A97E5DB54DBE6167E79868A80976500C2063F1F0F176EB47A36D7BECCC5D6CAC0541FC72F49C5BBEAFFB486B38FCDED50CF2EFAED5568C803698CB9045F4F7B134
Ciphertext: 040E084ED4A1C135C8867BAFF219A0092855E1E9FC96F38277E16B96986FDEABDC22F3B02CC53B655369DDE3356EA6FE49B77C8EAA49815CD5B1DFDC6E7D0AF6AA985483345BBA8A251F1EC7658DF708C8EED8AB6B953393C03BA2EEDB8B6391D921C9EAD2AA61DBE724B15C9C664EC4EFF83A535E46BF768FD519B043DBF46A36FA03921224281A826F6F43DEA6DF38749D600317
Test: DecryptMatch
Plaintext: BB296D4FF04AE0171F1F24AE
Ciphertext: 1CFAEFD16941C74A44C3CB526AD5729E6BEA42B29F39914EA348ED74749BA07AFFFA29C37716CCC22B9092D73AE6313545BCC0E2383C5B8CA9CF6E3D86FE8E12CE802CE76DCC9BEBFF6BC2FEC8EEADB0A9B356BFC54ACE5756201CD670590FFC895C29EDFE736180F6D5385423325BDBAF90C3A0FDC727D29C113CC15FB0B4B33503FBE35911F1565F8A1F57BCB27CC7A8E565C4456E0FC060F9D268CC83C21B42
Ciphertext: 0AA9A85958D9F1BB06E3DB48DACC842534915A7E42715057BD33523EE756F62AD973E37128BB8031358A1DC583F40598B74F079AD667C037D4BE89938233BFE1C167EFE764724F97F2EA42479FB455B1166AAB26A43440867ACE77472CCB13643D5BC9532F68C5368825BF225DF49E2D3BD023447A795AFFE927A796C70E5D6359537A9CE2B4B9323D7FE208540CC32447940ACD91F4718FC7A7CAD45A524B6DA6
Test: DecryptMatch
Plaintext: 87A2C6B33856C6A096EE
Ciphertext: 0039004C120A98C0B1D374CCD8DBA69B1D208986766A38152F87228CDCC48D2379E109EDB4BCC0ACFA5867F4531F7A7455849A4B0CB022B35AAED3D85DA41680CE9535FED8E73468DC29A193EF885611B2F3FFF92B610A86D351D6D46F1FAC6E793630DF15834E62555B568F3BDC583DC170D58F6BE575DB0143381FEA11EB3801D6FD57E045BA6ABA8AE4CD866D5F353FF579B79DB7053345FD0BBF4C67B7
Ciphertext: 12D17080AD0E7FD426E02B6A90736AB4B566F31E937B2D3E642D663D6ABFEB903FC9C4763AE492191E0C15B264CEF321DC8747C590F751A9BA2825D9250F72BA85EEB45B1F1D7B2BA972455DCE7DAE6CBD7B5BFBFB88FCEF52910F9B28D3DCD6BB5D479BBFC73896C3D1C44AB387989DE4D77855F6B8C7A8C12969D51DC6B10BA15C2B19E91A55BD5542853EC6F8F13260E8774C706958B1C9866114FADA1D
Test: DecryptMatch
Comment: 1031-bit DLIES key
PrivateKey: \
@ -354,22 +354,22 @@ PublicKey: \
879f3caae11d6e00
Test: KeyPairValidAndConsistent
Plaintext: 1FBE21CDBCEBA28625584CB1EA0D9627A919A6CA
Ciphertext: 0E5FB5018E8936767C7F048DDC6C721FCDF7C4CDB8256D662D22DB3DD1ED7925BCBE42A1C4FD290E3824D3280078B21C048A2539323B6AF1E71207BBEEED71C3BB0AEBABC11F9F87A3AB9751016DBEDECB6893AF2CF2DCBBD35236C2501FE8866599555C7562925A526F7114367E1C1743A27C124EBA29B9165B23977EA57862FFD7F0C94A39F6B99FD053B3FA66F5D6BAE9BDD19B04B20BA8D29C1AA43BD742579E96032F56385F52
Ciphertext: 2CFC251CB2A397880EFD0077D9CEF817A6D69EB6278CD82998C5988DD18D6ED15FC8CAFD1611DE58BB46BA8A87013C7BBD4A8DCFC454F13DB282BBBD4E1594E6AF17AB6219E91D7354EB88515007B58BF0D8FF4BD4C387FF6E02BF81455803E6A936F25245863F1580F00ADFA4BDE052BEC72739B88042CF99480AB6F4489F9C8B9319828A000FDDC4D1A6E49868E3B39DBF7DCDADD9B882B755E330C762FCC023EBBCBD0330D28DB6
Test: DecryptMatch
Plaintext: DCF33FA5BEDFDD93DA
Ciphertext: 1EFDF07E1CCE18780F57136E29993042BBF6270417138214344E543E9277F4687E699A374F8F0DD90117F46027CF64E360A371992F40BA420E9A6772C64FB584287E524DDD3FFFA37B692D45F98E647F57463B185428A4CE7136764980FB76A7EACCB25932FC19F1CCC01882F3F4A41B890588BF890AF18047EB82982699C0B4EE3BF62B8BECF2B33EA76B1A43B860E3D1061851AADF2BD3EE43085E4CE7
Ciphertext: 14BA927F10262B134AC43F6787EAEC3546C17EFE3F6D54AD2A245A0EE732B749B7312521372F21716E1DE29AF8FB329C25ADEDE2DADE3A455235DAC6C1F347C2A052893DBA6511C3760384935D68C7808D23CB194E6A19F579782B22C3D8880736BECE89FD75E7E69022E9B2500E5A044105B832C9BFC5F18A807889B401E61A9888276B31FD299D604AEA85091578D41E5B36D66C4510F4B147C5E59615
Test: DecryptMatch
Plaintext: 217B0E
Ciphertext: 478978D6F8D5A8FFF786B580F6AC1556CEF1ACED7EC943D02A57A10B9F1F094A11D1BE60129D06C2AFDD3CD69CB8F864DE9B7BF1896D019EC68055BC24FAFEA4F62E9895C0D6EEB7FE16E9E6BC65BC0A2B5CD0ECDE1DE3E5721DEC18B4CEEF49A9100513B741C19E826C0E75497A599ECC1A976E3ABD707811E521B25BA79151B62119E3EC92B4B5581D7A96079827568F6D0B39146FED48
Ciphertext: 37B50EFF3A3FDA419988CA44CCA3AE95F465A18C89CE2DF025F565DAF0F833E198DAEEB46517FBDE47AA3D5DC5039B873A31D0DEE1EBC63F3E97C0A63CC05A8F877FE70EB7F6198C088FF35C1C369616D3EACB013F295F764146A5AAA2D21CD36B9DA4490CF1B37D379ED7713B955C3B0581650B5C7F4F5B8F45B89B94DC364D3340414B491C29AAF2E197AD6F59B0DD687F2E60F8826169
Test: DecryptMatch
Plaintext: 36DA002D110CD632A9969DC42409B478A3AD3B
Ciphertext: 344AC6A25FDC6BC0190C3D4A77AEE7C8A2B8755FF05BE5D258C76C23750A4F27D8E8AA429DF602DE285BD650D50677B80FA5551469F3E0DF0E80B2BC80DE672176C3874C935156FC41635DD35885EE8E2F60056D3AF997370E447600748016A3FE53CFFDCC2A8E488608487185ED54D8D7E380CB189A52F1781FA2063C8F3DE8CE59EEAC3B48B7CFAAC3C28949F54C5908CF06DD0D196F2D29E1932385AF7BF718F80E5CAF86A0C0
Ciphertext: 37126F749ACDF2B6BF667DE9635CC0BBD61753B30931C847B612936C1AE122D6F0E409B4E9454852540C5FD8DD3DA8BA4026FBE8CC8449CA0071409DB47165907202DC078E5A8F6B0E9C8D3497A2D02F53DC3A47389C1B3778EDDEE980055BC4B7EBAC0B95C0CC4783A4B202CE127FA0D7B65B252492A1847FAA9D1ABE893376917BCD46DB4FFADC06C880AD848683B874F7CDFBF0E4BD87AFC39303C512C44EF58B510702C1129C
Test: DecryptMatch
Plaintext: FAFD
Ciphertext: 024D4A04382B369E26D7D5E700941DA426CA8A4806921B3D4C636A3B4BB04775029FDB9935095B855FF115206B8DF64FED80E755D6BA11C8F78302252D8BC855FC3FB60AF004C8846DE829C07E7DD22F6D0DA6C27D1BCD252B842A13F5F12B982586BB300614F21A147FEB041BADD52564C700D9D9399FB642BF4EB9A0BEE45FC21119444E7B75902EFF99D6A34AE41E65EDF730361A55
Ciphertext: 0F63F22B7817F2449388E0422C6122200D76BA8D4CEDE63DE950ED26768E6779BA0A238C8C3F2CC5C87C7926F1247A7067E27245423EEEFABCDB606976BA2FD9977320F903733FB57D02620682820B1AEE165604410157C5ECFAB7090EE83638A99E4CA36CA0879D3C14856A3417690A52F14F33CC50FE44503FC47F2D90C096C03F62A85D88891E9568911AF61DF916C3677DCF152FD3
Test: DecryptMatch
Plaintext: 9E9145E890FEEADC706AE1
Ciphertext: 1187408652D7B0C974124128C6C4F18794A588FA27AE433C7E142B46CD3FF1409D919583632142D4906CB0FD563044AC1C54FBF101F433CE20D045EAE5F66F0D139AE6AACEF299C83FAFDFD7C0FC0BCA24B686A23023F053F8BFEC1EB9C3A36498759DDFAB1C335C04B677D79686A01159E83304608CB07BEEE77722D4BEFD26C76E0536A32139FFE93D12DBFFBD63EAAE93B72A1680DF88F414B9E259CFFA0B
Ciphertext: 0B60A14F132D21E47E2FA20633DE43694EC0394115DB297C1B68D1A7EE7722B6AF5D149A2EF5D0EA05761C0FABCF8C0862AF320E9D273AE743717F78A46F15B640C87F4AD0C25865EA3453B0FB59D997E41A31B6C1669F14639E2F70F7D4324B8729A26C8869D97B432740F7CE28A74EFFC82AD7EF172A02AC678C13235BA2C6EF79143D189838E1F101385BD7098AE3B5B78A80964D5C0A3D7DBA7FD7328BE8
Test: DecryptMatch
Comment: 1032-bit DLIES key
PrivateKey: \
@ -400,22 +400,22 @@ PublicKey: \
984d89792985ad688f
Test: KeyPairValidAndConsistent
Plaintext: 23
Ciphertext: 700BC3C2AADC049B1CD914167B479215395777B6B70C1755E371F2EC425D05BABEB340B513915DEB0ECA9B899DDF1BB0941B8105213AD690325EC9043DB291382D4F34E1FD1E67F85B6D3058FAF45CA4F1F0F368C0BD4CE47032B78CAB6E39B4045BE6D9E508547367AAC0BBC5126ACAC160701AD978F63B5B4B534CEF05A866355EB21527DDCABAA8AE0B11B6CC6DF9A3ED89F41691
Ciphertext: 0BE692E3384A784AD01D80A65D22B48449AFC0281B36085B0D8FA03574B4BAD05F754D6FFB8E3F4B4BFE60FC7EA2BC1F11253505C753BEFB1D3BDA0084E6CC1FD82454A601F1C0ADB52B3FFC4895D36542FE0139465B490102C7B6A75C9273B737536DD122CC8C3EA0F32900C82C45B0FEE97D995AC5B4345A8899DD6888D1E814BB5A1141A86E636D31FA05689ABA512DE869D12BB4
Test: DecryptMatch
Plaintext: 4F571384FD52A9041C8F3094
Ciphertext: 2F41EAB6039148BD194F3F5934C3BC9DEB44E0BF288588314AF52BE8F1F480881CA96424F3463DCDF9CDDBB8F06341A4FB1A47DBC4652C837C61C24C5F0751E35FB90687F892AA2E05E2B2CA95ED13BE02802C779DE4FA6FFCA8BABB5CB0130BD3C15E6812BAF59DF4AAF68408F5AFB4D17D30DE635BC40F1F798B11FA704A6F72FEA079CD89331EE685B7A0954FA6705FA3B41D55240C1BFA1416AB70FD691B32
Ciphertext: AB7942750662F0FA422F4628B558938545FBF7C749995B4D5B32BBF392292FD1B4EF02E5A2EEF6874BCA9F0D4CBCB92D684CDA821829850BD4CAE110E78E42909CF069B54B4BC7D742E113E57C85BCF54AA5CAE1005516BADA834A857315DD6C3DEF4AEBBBF6CB4AE217107E16E83F884B2933EE618F22C45B78092B2EFF7D5C33DB7D89FED4E134921DFD9DA999FB8AFBFD094D77BD887D2C86AACC401A621905
Test: DecryptMatch
Plaintext: E421A467654B3B88C93C8E5384FE2B85D4E340
Ciphertext: 27432F30EA01697AC21FFE4258A24EE29830F424F9491A6625A18B49928BD137F349D00C2FC0A4CB3E720F5A0C09CE4918EEC8719E17E29B7A5383DE5CE068246F73769FE6323B7B1449F941F0DE7DB051E4D6404FFAC0D5481C911E182B5276DE7C2EAC0FB33589F027A994204F8B469C3FBAB405E94405C40CB3C4250465E15699006F427060999F96A330829CE0172278145CD8141203C65CEE52293D16DF6F38F30D9AD71308
Ciphertext: 7485B8E5360BC1383FCE1C586E126D5DE89FF1CA7CC8146C37A1E6582A564C4588984915CCE9635EA6ED434C80CAE138FBC1EB15D16B294AC1E59CDE544E4DFBF276D30A7F51461C2B7E7F076222DE6AC534DC47E015BA85062694FD78DC37E9460C10FDAF2C61FC7EE0669E99793A657543B881B50B0D3916E395A959EF55B02DB8E7B4C5B5B653AE2D11CCE639342C8C77C667625116D9E6B6C6AE822CDDF2AA503EC3FAD53D80
Test: DecryptMatch
Plaintext: 3D6C941B1F03E5C9A4
Ciphertext: 03FA370E7AF4EA48AB5A8824A67F2C3FE2562CEA49E5F7B720659496E61F50BD82A1018663D17C2BCE73D8D643AF29AB1649CB0874E71EF39A3BB8E85F934CFFA768151249F62C78FA52D4BD9EA5C4D7F8757CE231B24DC805DC5B2A2EEF596709FFA877867C74442CA157A3414FAF2F11BDA3266CBBCC5601310D3ED23B255E04D6979108B51B52A627915C8CE43BAD701F09A0B6167B7D14E941E94A69
Ciphertext: 684AA8D2AD35D2775BC30794A078CFC931096A37D472FE511F72B03B33E87AB1E7B958C3447AF6285AC379379E0D1F1BEC535E4032E186573742A75C1B42BDC52F679DCA13B2B9E67CC73461084DE1777FAAED93C7C1E4A6B19473EDF6A57CD88C076574A356748D501A05AF66A136E908993A0A70538FEB03109C62A41540EB4E166596887B4860E3AB0BF9C1AFD02C67D4BFF28BAECD31D1CEB207A245
Test: DecryptMatch
Plaintext:
Ciphertext: 969ACF4E7F631E5BA98311980EAC56517A7C6B93A1CF852E39AD66DD43E8CFC7148CF0828739A780070BC30846664D3206573D46D60BCB2474C65CFBE820002B67E5FDD8C0BB5D375737BA2C061783F1764B7800CF5696531FA461E87F7E820CA1D5E9885D4F4DBBDA4AB690BCC4771C47D4F9ABC2744B11E0703D044EAE5BC5910454C6B1C58B71D15A3D22C92969452B615F2951
Ciphertext: 111C252A9E64FB777F09AF6AEF9C4210B9644C3A66D5528C631D5348E30B146A6225783DE1FB796DBAB3A901E37818B5AE49BF1F8CC0A6C8909D2DB06D651CB08009A25E13A89653DBBA5959674E37BD72039D4E7BFFB3A2395DF8C36164C3FA71334DBFF2FACA090F1C349BF68443838A0D893B9B498D3B6CC86646F935D5ADED81967A387506688B6478492129534F3A651C9985
Test: DecryptMatch
Plaintext: DE5F0B92C45A0C1530
Ciphertext: 674B77E1E27F6AEF14EB215A86193764571A4D56DF34FF1C2603DD408F46B8508E038B1667A0041939A20D1571611AA23F524089D1E878E1D62535624A4E63F2560530B0C84FB8ADFE5D6D87D5157B84C43203C8E2891DACA75D1135B6DC91BF01776A8534796D1C7AA318370B746802EBDC87B3CE98E901D5C9B92203A29B5E1615224ADF94DEF3E30BAA3C7E20B95F4B2C5FC71973C37F7D0B317018A4
Ciphertext: AE6BAEF52B43EE88AEA7796D667D044887407ED07E7618358243A0108514FE9793EB28EB42B4BA2F28F6687FE7973FB8DBF825541010F1BC1FC7350CBEC0B055C0C71FF2C4D2634582C966C1CFD3449AF8AC956BEC3EE797F7E81E589450EA13C1A8C99116E05E49F4BB87C9B95EFDBEB35B21C36711CEC8A1ECF3E4F194251563F88C056749B835FC19A7CD560FEC785207DD14D43C6104D83BB05F1DA1
Test: DecryptMatch
Comment: 1536-bit DLIES key
PrivateKey: \
@ -456,22 +456,22 @@ PublicKey: \
05493aab1f07
Test: KeyPairValidAndConsistent
Plaintext: 9302C420D137C310
Ciphertext: 5F3AE7A257BB56BD2246CC16671E609FF71C6B094DF6ECED48DD6F938B1D458D5971C1F514E181907378DA2FE96BC2852154E24468F6EE0539F3870E5DB33852ABB21A24F9AEF300EA4D8FED94B906F99349E8468D7ABA1337BA06868724D7EB60D5B94CC5C8BDA5D42E432D9EF9362767FC088E5BD214E8306F6FBB34B76593569D54595B27FDBCE2D5C235786ECFBC68648ABC2AD8AA53B8610504C9132C1421FA63931D2EC4F02818F1805BF41DC5F8FF98A9F3BFC815340C8F664641CBE3AAA853006D836137EB5130A7FFFF244EA03E602BD8CBFBAEDF683116
Ciphertext: EEF64A81C754B2EF543A19549AC0FF3F44E4B548284ABAA1E5F1EB704B0D246749D7F1CEF7B20A5226384DBE8FB596101591BE2B53E9909EE3723CB70A385FC2DAF6CE15629EBA21E7F26223B0A2428D8931CBB4F1B281E318A540F38A809C8BAD92D10FDD63305DBBE972E6CB973FC4F2FDF0BB9CC37FC42C7AD76E8DE3FA91E5E79B09796652BFCD62A28A59D9A97759032A0A78E0E1B081DF212A15AA44E35DE9E291EDA499DDB631486C029D56052246C9E37FF24EE9E86465B3B55BC4BAD77B9AC873B6F36EA65892B202E320756540009C81B9C6747BDAF40E
Test: DecryptMatch
Plaintext: 9FD4F26B7317BBD1B235
Ciphertext: A95FA2FED7A0FAF3FF6227BBFE749FC147051441AD62DB20AC0733C0606367D92D83EDD782A04E7EEC913653C63D1BE113E108359CF37E89C0EAB2E905E7536A4A13C1621C462F32FB237E119314A9FF9570F59B5918318A663FBEFEE28F25E85A4F60AB20C9FE105BC168C836728B370901895D4A912C5B246E067495F5B953DBB2E9ABE70500710EBC61A9E8FCE9A1EB5D7C070FDD7AA199990C55B5E341E627E48FB0551057F04E012A50999E563C1FD682D95CC6EFFC6B2982E1AE2CA8E6D8404EA89893EFDB782B0D9472629BFEEB3E63C68AAB976503A7228B8B51
Ciphertext: 514DB5C63AD9707197B4F0B2A30CDA18369B963E62F7ABBA1E030E08D3DE4E6C17D4BD7CB8097C2E641FBB0AED6A9FE7FBEAAC1C6B85BB3570D0E86FF6105B9F8C9B562A4EFE4AE3AECA26978C514129006D22C108B1C8A0FA55864EED3D3F81643AAFE36DF1CBC3B4E1B1AD6D5E0612214938A55114589B97286A7EE5B04E39254696DA91453027F07346984423FE2784DEA9375C236E6640504B5BCAC32062836E5BE1695CE73285CD77CE9717FA38E080C28C2959D9E32A589C04ACE5E52970ED49BE34703AD6B9F024DDA176C631EF5EE76833B427E233A5DAEC4328
Test: DecryptMatch
Plaintext: 337D8BDD32
Ciphertext: BB4D09A22B305A1999854CCC92BB441AF2B7D7A4FA25065DE751C0CDAB45D805AFA9F00BDC311C8F9951318F9EFD8469149F9349E58DC6DE1AB30CAC411FDC57EBAC4EE459512B424FCBA21500851E3696433E2A3248EA88C21F234A29CE153C6711E7C4D1B60C0530011DA956BBE631FC92C44488146894BC09CCE68BEC251C3B7451BAE2D4A70A2595F9C50CB2C62E23C2456FE0817C221697CD699B758AFA8BF6AC778C8BFDC131D34B0047617630EAA2DF63FE82D41623185049D07CE4E788371B18DF2729B97916E08E4AFEF05DB0C277E959BE9A7612
Ciphertext: A4EFBF2151DAC683F0C51D60A647151A1EA0C0DAA8CF3497D7116439E6AEEC62A36D06F89AB2F1886FB9F62403E3DA8D6F67F66DA2436EE20FFBADD698DF87EF40470749C0BE0414A7AE4D2755459F8A17F6C7D8920236400313D7846532C391A0A4D99C26C556772E2D3C74E0119C4CEC7EF224488BFEBA017A910E5FD167B4486E436F7481DC5A46F3FF0536193C75A857DC53C5242C11AB911BD21926462C5060BB89F71D99FDEAD3D16B1E21E0D0791B59ED0F49871F744B13F23EF5028C238B895532F90B0ABE9912644EC079604939A0CF519BA9D185
Test: DecryptMatch
Plaintext: 25549A5AE844ABEAA694E3F6
Ciphertext: A1238629540D2827A1C760AEE98273687FC06ABD64AF99E5083E1F3BD8D169784005728C2C7662AD111482B53C59A7104A8F4D1888252E3D8D1D5DAE2F17CCBBF9596A9D90DBBF95C34E609A9C40C87E83B9E0BF2B385AE242C041E809F493EF0BC2D985F8BD48BD66C14FD7BED064BEE24D28632DAAED4A9D7EAD41266EA5F0568FE9C73C4B1C91F90FF82B0AE9532CFAB26D1D1E3960270C2864121E9BC0597240A78DFA600829A5FFE1A7CFA6866C42AB0BEB0238C9C189845058E1ABD613F17036AEED216F5E91A6BD9318AD78FC77C07EA9DE5084A80E481EC59B113F49
Ciphertext: E2B30DD7781DB7EE7B2EE3FEB77F7360A6069396D8BF1DFD85D5429DA5A156677679085D612D0FCCA0979C97E924E77C43D3702940DBB556A5BB6EA33D650E078B1CDF8E5F76DA6591D0AFF4389A3A982A9AC581BFF393B35D36894E407AA56B493C2F7C4CBB75AEC72394AC4F8A99089702F3AEDB2FC7486F5CD01691C3C8F8FF3E951CEC70A4E172B763124BE1D9F96DBBFBA8FA0EBD1A71067A20F68DA6AAAE849880DD7F88901DF051715E240BF0F5B49EEFE35B9B0ED2B69757111080DCE2E2A933CFBE8FB9E6E9A2C2C75E0A4228D06689796AB919EF80405CBF648137
Test: DecryptMatch
Plaintext: 5E61EB24085019F4A76893517C0A13
Ciphertext: 04B6D3DF089B924864D3DBEF600A3F6655DE11976B7263581E16EDBAD7FAA5E4F5126AB02A68E7476FC87E1628C0622E49A5FC27F84CA270923F2ADBC6DD3D259532454B2045B711D536BBEDB7C0DE0311ADD25B9A7142C006550D8E23CA5D9E3DE77C8971E769B58D958D121A73D7EF919C5BD2C9930961B1B42FF393FDB96979C0E45BA640A75B719B1FA7ED92BEA55EC9A20C02A74716A56F9AA90A5559A6484E9BC5607934D0AA72F50F6E641666B8810667AD1FCFB3660DF3946B457D09DBE2FB1ACC7AAEB1B819FBA1BAE37116008820C26A28C098BF03365A074FBD2CD18DEF
Ciphertext: B13E45F9288FD2C5C0FEE230D1A09DE376ADADB5A4330F33BEC04C6F14C4A1CF3789B976F402F11611AB8345B2EB1069CFEE1E2F482A02A0ED9A3B9D94EB78C7BD7222ECD48A598E34D1F0B6205331CB20E0B2C6C146FB29CC11BAD5CA06BCA3EE39DD536FF330663A817ADECCC284B92F6AE3EB75B00316992BEF8A955EBB4DDE2CEF504E9298AC243C00FDB64B6AE96FD7B2135E6BCEFA7CBFEE135A650AA3D8CD095D1C9156232DCFE1904BC4CCE58B455CEFDDEC1D201B07ED4F999D6281AE21C2008525DB24BEA2D9FDAC1BFEADC3E6E6B1181F1A55A75976C565BC28F177CF02
Test: DecryptMatch
Plaintext: 87
Ciphertext: E5EB17840FD89D03B979974F0042D34F1AB0221508330EC9C6E3537B8EDF8CC078520BDFFAC503ACA4CB0E37108AF05C49CF77804D55A149A89696421AC23550A67E169020B9474259C073212F3724481D3C9033934BFC73F4244BA22FD93BD6E70FEBCDB064E741F49949A1207544AD4C0FCB2F89A1B68F07D5D3E941F91BB16463100C1D2DEDE2002E567DC81A125CFBEBBB43C4A6238590433AD347A311ACCE4EE182BA95EC7C0FDFD598B9F0263A36715B58EBF657AB5C906136394CAA88AE00916439C47D2BFE9D0434956A4E66D7AA9D5E2B
Ciphertext: 174E5CFE167D4F6FB9A8FCC0FBEFC12864745900F5A18EA92282C8B6689EF53BBB87B30FC21DB101D93E9FFCED05538EDAB59F9FA07FB176407651DD0C4CD8269B1DBB70F24C8177EC6E16294CF5E87A3070A077B1CE84B612C3E3B1D4FD60D732C4D2CAEF5AC442A358AD0F323E60F58FC8B29894F3EAD3AE0DB8FD08BEBCCD4220CEE6B7C43A5E769D1F890A6B6505EE7FCDC7E399FE5321C2792D7AE094D13EC493CC0911B3EDBA6DAA037E2EA0CD3642784FFF2CB1BE04E5B12AC9D2871F016D8BCCE6DF25C1C04D912CBE707FD4DB0F9E89C4
Test: DecryptMatch
Comment: 2048-bit DLIES key
PrivateKey: \
@ -523,20 +523,20 @@ PublicKey: \
36723c1d88c8c04981e4
Test: KeyPairValidAndConsistent
Plaintext: 5EE1
Ciphertext: 963C4598BBBDC42C07AF5735DB9B76DBC1478056100E857BA565B93784C428186946D09CA2C55753A37EC1B69728C2636C08A0B92A68169EF494874181B4514DC55439B437A175BD4F40B5B6A0B7DF4C48191332A11189007709C2B900A3D9686DAD19125E4D980A4296CF4570E6E9AC1E9EE1ECDCA4187E46F6239FB5DBBAF4FEB4FA19284CE170F4CE3683AFAC81043B4CB33251165AA848E8DA8F3C06E427DD8DAB3F422F87D00820F1F0A625C737F3CDC9E217FE2A67596C1C888E1BD72B614715095528812491E36FD65E201F1709821184E2BB89A1D4B15E9E1B7E9772E70433B25DF8699D5FB5DE47CC0E891F3F5ABFFCBD3246D97BFBE86179FB390F30495168FF82FE5DC0A6D1DFA683D55C524B72560B80
Ciphertext: 73279829369404A1B68D5E86FF334259936133CB04C9186CFF733972054918C3285EE907C2863DEE872252BF03EC9FB088B8DCE6D69D78C6BCD6B3FF87E683C6CF3CA05FA6AF0C068D964BE01030A3AB4E19575811D141A59CFBC9D3558E48CB771D88CB1E0E6C7ABED041077D24005E337AFCFE8531569FE56E2CE97C40693C071409888AE46DAC8BD739AE0E1C392586917FE07A66F7D3AAF0DDC398117B594481D0D5CD19C8708DAED6338EAA552564C31F9548FFC7E5C641FDA95B252EF637C6CF708979948A3E6B4F37A9ADCD60BDD841F3B0945CFF55E2F13468EC71C550CC2AD48E7E1FB444F132AADB1EF2A7C5A22450D0E0CFE9E37D999B4794B5A594A4EB7ED406DB24ED541E575B9F2756545DDD34F6DB
Test: DecryptMatch
Plaintext: 0252EE2E1C603017
Ciphertext: 63B4F5C6642133E53E22505AE22137026FC1D2339925F05D171B815104F42C8587F17217CABC43E82C669300D933C89A723A8E1E44B41956A1CE978E4FC6E3A35DEBD8228053833D298493474C96C0C5915319FDA7F5C465A487D85A3B03D4E0429427C902B10264DBB224ECC98857B0C18750A784BBF31D3679F7861555E9001924F0B315E5128E8CA3EB97202EA7867BDA371A653B1EAFE189329C59C26B36CFE1697ABB73398346446F4CC7639FF91BD6A96E42DC28341CBA5BAD7527589E44E672119AA2C687223C77F253722BABB7E275AA7A5E42820D26EC9CA94CB33B0A1A8DE33E200F8755D6FD6C1C5C51836D2E4F27CD62E56B0D39632D4E59327EAA2C9878B7BA5CA6A6D073A5DA2D4E39BF129FF356B6BD8233D83C35
Ciphertext: 0E742D794904D05C0F0B6F60E9655337F8C110F289C6E4A0D6FBA6A2A8EB0FBB566A7F9B9862175C7A00A8205E8C8012366023FD8DDB6EB713DEF86917233DC5D16C2822707230169C183FD3A714806220D7DBA735C4F747A23E4131CE12C5572BD5E659F967A8B7DAD0EB6138D1BB569C6F04EAD79F9A6301609697F73F6FD8CCE934FAC6FC138B4C552E211FB1CC242805C035815F462D0291537DE10632141ED0A7C22439C7270AF0A6244C073CE9E2654FED918C86697988B0B341C5EAD2CD6DE75EAFDB1DFFCC5FE465E8D8C9A34D5B7F0E9DDE62204FD12EE2F99435DD58F3254268F8E6CFFADEA9205DDFCC943004887C405859866A0A40456A6C50B57FCED319AE0EC92B9069F765013436FC9A0253481CBE12B707A2B20D
Test: DecryptMatch
Plaintext: 01AE
Ciphertext: 91981C3BE750F54FD5F233E38C3AF527606449C05FA6CDD2F0ED4B6C39361158B91363708585B876C552A8305A1A75B0B874D04B61238A3D847306A8D30185871EE10CF28436526069CE59CB938F48E7DB3A7D9C9EE543F948D114FED541D379AFA4FB2197D0D77957F2408AD08F8C4C91A27EF6924A2604ABBCC40EE154B68C4496227A31451B2BEE92EEE93783E33768758844D36E3897CB21AFC24746CD7B40E6B968EB4EB30DE6563D701AC763A5CB4610CD364D8CA9E0292D9E3F85982F2208F30BC3F99A95CEC5080E94DD89DB095B58D3D7308F5CBA36D31A7BA3B97759F021808B0E4E93B7C3F8D5630D18BA23772A8EE1A46DFFB16B3B0B2052631DC7427D2A4B16BDAEAE643CB0BDAEF4C70516AB207F91
Ciphertext: 6AB2E26D99942CEEE4844632355BB3B7713DF000DA11099D4E1BF9EDD1781A9396032E9D96BA0DF21B309A9CABCE9AE3D022C33A931183DEC5A3721EA5CEB39C18935A43E3B0BC153E4469AEB604D031A0084BE5927478AF8EA652D0A4AF455BDC57EDF26E2C6F9A01C91F29984C11D3C60313A53D8AC65D9FA504742868AD3D313506EB4FDD0E9799B111F3041F4C0547BBB06BF7DB20D18B427BCA1BA5099821A5F0997EF08C319B851F0C88B4814CAC7BAA4290B3182738C37B6ABFC2C4770A633F70E6FA4FA53AB286384FFC2AF9B64DECBE12C8EEB97862F76296D13D889E864418056420DCCD0DF9B76FB32FA6BDEE149585F427F133972DB7281D91D6E78B6BC46151901179D186CAAC784D6271023FD6E84B
Test: DecryptMatch
Plaintext: D52A1E0E3253FE281A9471
Ciphertext: 84ED7C17B599DFE7229A3F726F28756639BDD691B703A8215577B059F13562BE0CF6E280B52CC97C50948547283B46A7E508C24D56D45CFF7F99766861AFDD0ED477D48DE1D60CBF589E6F029FC381A7FB3C562DD9F19C6613D04147F04FBB61C0C438EBD334DE24052429A42194E082D2EB8E20A722E92073324B3F925D6252438517EE675E2C2694F7009AC72C9E3A52F1E4440040D96FC7FCA3939EB3637E1C22BB3318F71C016651C00C1A99BC8C11D2B03DF3D419349445DB177D3834808814AEE4D5D1B3571FA1EDCDAC3A3502CCA1FACA4B45CCC4DB2DFE4B7F35445D2824CE608E760F85BA6DA73181B036C46777E0719F274CEA583612A104A0325B855389A7F3461BC6FD06F9C5B3D9E0562D58C6C1A132AD8536D872DC26B87F
Ciphertext: 63F60818E399024073EAF02A7A419229EA4E2FA4126C910AE7D31DE7EB6C9502752F5B7241F2A133E9D71C1A75E23A6F5DBE36C1B661935B0F20123BF434153B1F81BBDE278611C9FAF9F56BE8C78116823AC5B5F355B88A82AD6A73D2B63BECFC7D3B39DB2A6B393E23826235AB76653EDF65DD7A94BD27E221E9D511041340FE83A27F7B26CCF3FA40B2BD786BB9D67D2BCED415F2F76D116E8F3EDC953B8A327D2846F247D91626F643F8DB800F5E1DF0CDAE2369AA8969A938E0BB5A44F0A9C0BBC7D15A34DAF4713531A7B6B59CCCA2282952B16A7E1A1D1CD47D8B2AC6A88BC6A85E692FED89BB3D1F16AC2A922836152059433A29F786F2386A74DD6F555CC8D06C890A4A93E9FE88CEB078333A631E9E3EED0610F0A17F2A4F8DAF
Test: DecryptMatch
Plaintext: 53
Ciphertext: 5D1CB9740D01C9351721965F393FAC274EB7703027A9E1B8BF779CF3EB3206E17454855E84CAB314846D8A170E224D4A87A115035AB7B82005F455E46877C4709029D5CE3645855EA15EB6DFC9824DB8BDA706535A6C905D6B1F1B91022F7BE97730848B6AE61209C711571E164755DCA386E6F5F69DB9E7A65553CDF1AB5EAB499DCEC7CDBC4C187F33C82AC14A5DCE2DA6096E524888BBEB207A130B56FC9C8291E3CDFB51684CB54142CD14C2633A203896E0E06E9A8816581E8EC793C13CCB50DA74A284CC35F24B740CAB7A3366DF3390B5BFAB3A89F69E45F45A34ED241C0B64909B58787576D07E184BAC3797B23508B15EDDF1941A3501CCFF273728B8A568012F977A2CF319CECA243FFC0086042AFB08
Ciphertext: 7F820C0C9A5709C6026E58446623B5D4B323BACE54724F456684526BD1966A360944227D04824B3C9BAF19A602EBAD25B8047FB6BF9997EBDE6B854140C032481F1479E4B994FC5A2DE8128375099A7A0024AE1CB985D73BB2B806B20E0751EA154BE2A70ECBCA49335BA57694DF1E0EA4566304B8DF4BBFE5AA41D0B767AE1679BDDE70F95E1C0C7E06F4A635F987E2858407BCA2133C3EC5620D58F1AB7FE1426B615959009A4706797FE4060E1C690DA373E48D6BA684F69E981DEE5DB9A58C504DED4D4CA6CD9B776DA03E55DEBA97E541A300465FFC68C5417A10ACED061023ADE00FEED4099180948F26F10D2F9470978469F67AE1092100C16D8FC4104DD1E711CF67D5842DE4102869E96E817F9C9FF520
Test: DecryptMatch
Plaintext: CEA6026338
Ciphertext: 73DD44AB4316148799BB0DB283C601C7E757498C528BD8AF406283D8DBE579996F3F3DBFF9D26477146F29B9FAC01762A95ABFF256774FD83B2580F51791E2A0F7DD1DAEE2F3591AC586FDF92F9AFDBE98DA0BBE4A400FA41B02F1E352CE86504CF616AE710EE81AB1EA6B60F5424B57B8A8DAD045004C371AC7EF610C0B8A761A2BA6D3563023859A5E53E8153881834CC01A7C47BECB836B60DA65C72F0140CAFBA200985CB94722AFE5839396AEA79CC803CDC6B41E8DD039C6FE8A169BD889E81783D7B668FF412DAD5675211F5F43E11A021ED0327650A7F42A5C02A5C053DC537E20AE8742E3D6BBC39519B9E7811EC9886FCDE953E4552A8AE0733BBA216250B463818AFEE647147D546B82390722690334106B1855
Ciphertext: 13D877F0F00D01125447982639AC82AACF30FA0573001DD809C72D0F811138088C6D6D0569E63AB001CEB0339BFB90F7B71F339CA2F75859920370C622C0C4930B79B99DAC0560C763A1162AB46F58D1409E25301AE6D70DD4FA64984FE894DAD2B6401F8864580132664DDC2A57D1AF8AAE43C2759780C8587475F21275D61765251DA8FE91921703DC8DD279DFF4260D8AFE69257BB43EC609DA30DC33526D66E46365F399AA04F34FA7BA6469CA964AD6F2299233424E7342F1BF493C0BBB31FA1C713543D758219AB0F73B9C24F4699415F96C32E2A700669FCAE7EA6921F96288723ECEDF9677EF35702C8C0B71AC27A57624A7667580A2FBFF72818B2BCBA3589DCB686486FDDB50E29E75EBC8AD3DEDC8B741AF80F7
Test: DecryptMatch

615
TestVectors/nr.txt Normal file
View File

@ -0,0 +1,615 @@
AlgorithmType: Signature
Name: NR(1363)/EMSA1(SHA-1)
Source: generated by Wei Dai using Crypto++ 5.0
Comment: 1024-bit NR key
KeyFormat: Component
SubgroupOrder: \
09b2940496d6d9a43bb7ec642c57b302e59b3a5155
SubgroupGenerator: \
a1c379ba91fe1f9d5283807b809c698bce4aee6f405f4de8c46becf33c08a63b\
c5f8088f75b5b6bcfb0847ccbdee700e4e698652317bbd7a3056404c541136d7\
332c2b835ef0d1508ef57b437de60675f20f75df0483f242ddeb57efacd18041\
8790f4dec0a8250593ba36f17316580d50db1383ea93a21247650a2e04af904d
Modulus: \
bd670f79b0cde98a84fd97e54d5d5c81525a016d222a3986dd7af3f32cde8a9f\
6564e43a559a0c9f8bad36cc25330548b347ac158a345631fa90f7b873c36eff\
ae2f7823227a3f580b5dd18304d5932751e743e922eebfbb4289c389d9019c36\
f96c6b81fffbf20be062182104e3c4b7d02b872d9a21e0fb5f10ded64420951b
PrivateExponent: \
0355dc884345c08fb399b23b161831e94dbe61571e
PublicElement: \
255cf6b0a33f80cab614eafd5f7b2a6d83b3eafe27cd97b77ae70c7b966707d8\
23f0e6aaaa41dc005aaefd3a0c269e60a665d2642f5d631ff1a3b8701bc06be9\
c44ab7367f77fefeec4c5959cd07e50d74a05af60b059ad3fc75249ecf44774b\
88b46860d9c3fa35d033bcfc7b0b2d48dc180d192d4918cddff4f7ebcdaaa198
Test: KeyPairValidAndConsistent
Message: 66B92E1E2C44B80F7BFA
Signature: \
06e7586b76d5a8270155cce2d3ff4495237eed29a101eb1341fce0b43d95397b\
053d93772b0a9cf3117b
Test: Verify
Message: 973266BB0A492248082A
Signature: \
02de44ed2233f0f11dcf567217d2089ec039a211bf000d42e04900a66ce45c58\
526a97d7f4cfba29e43d
Test: Verify
Message: 9A6D079ED0CA9D8B40E8
Signature: \
04f59dbb2712926b3bc1d3c428f16203f3443f88db0669adda94dcb54e1fff71\
fb51bb603e7adff13f84
Test: Verify
Message: AA34DCE67BCDAC927DA6
Signature: \
08ad21bf9d0cc598a214329d3544685d39487988bb01aced68ad0a4831affbff\
3b14df6c0f4ac4d2e967
Test: Verify
Message: 4EDAC08816AFDBF284DA
Signature: \
09a9d5aa9bd1b6b61fe8825128c8e52a6213692b2504c8c6951299b5ca51b03d\
ea0a5e56f9a7c4cd44f7
Test: Verify
Message: D82F2E903230962B8174
Signature: \
0441c8d089e690a7fab391de07073326d443a0d9d806a3997ac1641175310890\
1e55582a582541330539
Test: Verify
Comment: 1025-bit NR key
KeyFormat: Component
SubgroupOrder: \
0b3949dadf3196f08bca0606f06443afce2fb1d02f
SubgroupGenerator: \
015f0f6d1729ef2af723c00e36450a04c7e7681d65b74a6417a53b3eb6036989\
eff8e0ab11a7ec3ce2340b7c7a92e1a977aee52555c06c12c4cc28496ddc2598\
feeb7539ce90d3888e21f61d7f14746cf67d9fed373afd97e2483700e300ed9d\
a25e7200b363a4727ad201194b36ea5f816cf83488c3e527d3a5515870d2da63\
d6
Modulus: \
017310bf02d70ef2cee45d1cc47ec8ce8cabdd6bf32a560975a42ef057bf9dfd\
553bc9368ddb154a55d855edaa755e69f511a4c69ba78571cc4b14ddbb0f32a4\
a9c56c286305aa21ec4e35de7390747477b3bd574e7b87cbebde2f665703137a\
1172350ad2f48a0884d076ada9db82f104e6b0ad86693cd4adbd0067639102fc\
f1
PrivateExponent: \
0696b0f255468b7ac18e11632f208ca86383a46724
PublicElement: \
45bf83e62f50190374b23de5e4a1d0278e9e8e6c8335577d62e80662a380c206\
e326819c5082d321dfda1f905fa5a3ead9a2dc769885a27b1fd6a133185dc5a7\
876a76ab0a09fe02b7071a924169e4d2d2a67e67ed3628800134183b962c0b31\
3463aa154e6437d644e025ab234e63d19c129842a61c5e5ea5a06466c858c81c
Test: KeyPairValidAndConsistent
Message: 2F585D0CE4FA1CD93880
Signature: \
06586d8a703cdc27200d5261853f50effa8ebbdfc905f5becb68b81eca506992\
50fb54e46d557c6095dd
Test: Verify
Message: 4F09A1F217B8393199EE
Signature: \
0622cd33b1d715829d8fae104759ed449f95becb5e03d36f5578fd6a2951d2e6\
26cfce85ba6563990d64
Test: Verify
Message: 03D7110A753B008A76A0
Signature: \
02925630b4c80e604fc1d8680bfd0e3d878e22b3a30ab8b10da7fc38816a8c5f\
1e06927c68f9d3db60d9
Test: Verify
Message: 129F4781D417671F886D
Signature: \
016c2c4ce845b4d412828cbb8a396d080c7eb93bcb01f7010410198c8bac96df\
8ab8761cebdb7d87f3a2
Test: Verify
Message: 3E1594F559D1248D1112
Signature: \
080bab68c62be86ab2c1bfd0edf10387a7cd66b69f054e254218e01f650e4e8c\
6bfa10054e367893e59e
Test: Verify
Message: D6F0354F1B6B253B6997
Signature: \
08755c7e8012e8160db75c6160686351e5c577207f01602b4dda2fa56b864374\
703c83bb323c7bb34f5f
Test: Verify
Comment: 1026-bit NR key
KeyFormat: Component
SubgroupOrder: \
36bb68cd95dab195f14c4534283e7ea50b00cc31a3
SubgroupGenerator: \
e2782ad6992f4b7e88787b4d616744b60e095575a177569c4a069e311e38b724\
0c43343367e23574c30e4d9f05afe1fbe61423bab715915c4ccf28aa0ed2f52b\
092b86c8ec1f9d4795d6e91c88ba41297625c11a9e1f4f182da13cf51e541038\
a1266bf32b2dd81ecd84bb80be8fdf97689942e944b7fbb6981e00cd680ee25f
Modulus: \
025098828217d00108030801e5f135fc6fd3010be39e49060a96addc8a081198\
803402c4b46e4ce0750fcbab8cf084c7ca8cae09f1b5482d336fa3af47b96791\
d02d8143e274b1325f2213e17f9384c805f479e52a3117cf84869d395f1bc025\
c918484478d2da1880d32bc519f4e6b2fd2d46958795550ce1765f725626f3fc\
17
PrivateExponent: \
2db270c284328353f979cad99f4133c53acaa6ee71
PublicElement: \
0179b283f67868aeded3a0c5633d0e6c18fad77174e2c89c03452593d05e77a9\
fb029c0ccb2b6f2328e79c286ee392713f12d9d45578348383b81d11b0e0f7e8\
9965a7785d5ab64ea25bb73e8acaa8e84cb9897985015757a48c0b1dac3a6a60\
6fe671ea073ec434a46f227b8d4b02a46fbba2f6c6216736d669f55778d81004\
d8
Test: KeyPairValidAndConsistent
Message: 7E4F2ED4E79062778A2D
Signature: \
03f523873462ee1513833e2853c3b62e30c5c1cc3224f1a42dc154fa84ecce04\
487069530d76e0574a38
Test: Verify
Message: A0E35846B5CF1B5BF560
Signature: \
2264285d75a55c431a7adb9347bc07d58efbeb1dd9354d01b0b86f2875f8dec0\
294d20289d39369c5afa
Test: Verify
Message: 3B138785EFC6F520EAE0
Signature: \
116e45961ca73f3ccf08b35f94877fef88772cf0fa2ab196c85a91104d8fbde6\
65b7032b2fb4011a88cc
Test: Verify
Message: 0F6BE2AA764B485145D4
Signature: \
027ad753bde13c7f2fcd7571e5558f8af756cdb9463237fb0e285cb633cc86be\
1b410188d701f6ca83c6
Test: Verify
Message: 6CD9FBD23EA58826FB04
Signature: \
1651decd376899104e3fdbe40ab2d9bfd3c8577f3b092b66e3760678ecb3fc35\
23a59107e0bdccb76a73
Test: Verify
Message: 473A82649565109E9E89
Signature: \
2045ef56d92f89a214d76cca6b591068ac5f0d008c121ec4e5c4c1e8ca9b67cd\
bb5ecc776a23b6d54ba5
Test: Verify
Comment: 1027-bit NR key
KeyFormat: Component
SubgroupOrder: \
291d0ba731a4303070504d8b9615640a5e1345e00f
SubgroupGenerator: \
051c9d0270b69ceef82af5aed5f91dc88d585096609d835d03d39cf3ce74f5a3\
402d4e8e192455493da61cc58ee6f54dd941172be3d7642169cbc52273f4b725\
f1d6c820c3333336c64d32fb6238121b3ccb7c71b847764946bb0887a44ca9de\
802cda62efa9dda573751084225353f11ed837f3dc25de8374b6fdbfb6e313e4\
6d
Modulus: \
055402a8abe9cda3072ca8601d68032651feb0335856e57f8f8d4ec949098a64\
59151cefeef91b7aa733668c8cf0e9b96c93c61f3528d4036daa6565646f65d7\
4c4552817df7e5fb1cc421cfd885e27bb811ad227e81b3fa02f7a00bf01ee6e2\
3fb5572a75f8f29b58bd5f7db435e8a92a923f15d50f34213d29816921bf195b\
2d
PrivateExponent: \
13b27094d9a5a3a9704cebdbe890da325fa26ad555
PublicElement: \
03b06b99097cd7145c7d7782b02e247a4741f3c7f39233627f17e13ebff89a18\
cad6a454c3f32f7ef2910384030da71ae47e1c3fa79c2141dad107f8e715e47f\
b0bb626baafc35db769852ebbec2d339c3c3d5f2287cfdd20b3b78ea4607086c\
42558ae4637eddd6a74bc1072d0f34d9c0130cbc9e84f537e7ce50df502d17b5\
c3
Test: KeyPairValidAndConsistent
Message: AE6DCD9535AEEE3ECC89
Signature: \
1c6794878aabf07cf9f59b685d4a3a6e51c9135dc101a4a6a62c95a20902e2fa\
23db7d15293f595f86ab
Test: Verify
Message: C83A14EAC016D659F9FE
Signature: \
18ed4812925dca6a9c30e2e3566433e202be2d305414e1e6583905ad845cbc63\
2049804932aac79b858c
Test: Verify
Message: 745E02041EB487D16CE6
Signature: \
13d4ef1de59ef0fe9bc4ecc6d382908642f6f5793e255b819e25ed124f7fa574\
d91fc2e9b258f0514b15
Test: Verify
Message: 62F019655A83501FC4E7
Signature: \
07f797768984ecc792f366ece16f5102aec2aac6d31fdaf3972839cac2c99a2b\
f5b347c887d37943383c
Test: Verify
Message: 351D37A4B5046E885EAA
Signature: \
22064cd5179ff1551dbf73c5220e17a9dfa1aa8f7f22f44a6c70f13c6d0a21f8\
7e53278251037a6cdc5e
Test: Verify
Message: 4073D33915F595F4FF9D
Signature: \
1f902ea2c9521b8c7f11619d35dd22a4667e2eb89a017194bb68ec0a9df762c9\
377c1c075b5f09566048
Test: Verify
Comment: 1028-bit NR key
KeyFormat: Component
SubgroupOrder: \
2368e2b864b250ad45406391e7eeaa3d27cd053c2b
SubgroupGenerator: \
07c325695dfe315a77ad7b42f0d18f9d4821b5c153fee7385877602fa54477bb\
8c0639d2438f34352b97c22d02a7295d2b53d5286a01caa919d6283614690624\
240af922675ccd4a0534ec336cb79cde31b02b5988cc5a53ca17790d67d803a2\
7bb927b9c59bdc6ac794175e285cafdece6778ab19a0b444747fee20d5bf929e\
70
Modulus: \
0abdeff64b6f28256e4562109bffed29cb5aa95d89cc0ec95da0e773dbff3467\
c271bbb1e1fbb6af058517fdacdf26b5919674c625eced6317d8631c063f43b3\
ade2cd633d554913339071d6ebed5fd665fc5dd7d47b80721a976c3b14fbd253\
f0f988c354725289f2897df0a15985c92b2d4da8d087870c251c72d979b8304d\
51
PrivateExponent: \
0771305163506b2b83bd5279935df1b5fcf180b004
PublicElement: \
043e4ae6244408879264fe6b859b578218705b9a45af22efded27141b7f090cb\
cbe42dcf481df3e41b13920ae02b694eaa6bfd62f2d3c5d677b8c4ce783cbe27\
89e088b04489ef535ad4a517351c8835cf128f7ec677a1b1dbe3ae9cc4198ddb\
6e1cef8e978c0725f5063797bc43eb9ae496286cccbad5d4e026e9edb997d2f9\
18
Test: KeyPairValidAndConsistent
Message: 4867852C83F181CDD010
Signature: \
1db6a5661b20c9289428c3b9ebf65d5a8f757f3a3b1eb15dfaf0c8cefc891954\
b48279eb45910a141ec3
Test: Verify
Message: DA6493C86D6B62C5961C
Signature: \
1c05300a56319ba4a8ace1206f5f37b5bbefc9d80a171a57b6da3c02aa1f3079\
70583c008f073996d932
Test: Verify
Message: AE2C1136BFE966794A6C
Signature: \
02dfd79eb18f3a862b11a5d199a7db1dc53580ade90517a7739cbd8ab1849c44\
54ba17a69b8d03ecc4f9
Test: Verify
Message: B20160E0442E726BE749
Signature: \
14c0cf809174d39f1324b7dd0d6d1fb3be5b5577c10048b12def39772fa60cd5\
a9d2cca9075f12e5a3c1
Test: Verify
Message: 3638935C4492F5CA42F2
Signature: \
0081d7216636bc6fb9bc7a637a377ebf4f9048826e0360c8faf03dd28c4ee4a4\
da82689259f140b3d918
Test: Verify
Message: DFB674CA6E0FDC0CBE99
Signature: \
1e3e21aa3dcccddb8cf3e360631fc36956263951ff18fec553531252b4dbe753\
6ed5fc62897d51500c38
Test: Verify
Comment: 1029-bit NR key
KeyFormat: Component
SubgroupOrder: \
3357536531dec150be0ef8747f69ea30d987ff7df1
SubgroupGenerator: \
067dd80dbc6b41f58d08f077a9a3dcbfe12a62065fe6b4691c457f506b56dcab\
0433b3aad6ef962501633d0f3947b491a1317e7e6b632f062c53104d609c9222\
b056f08a0c83662a70744331fd09b2b42fb0768e52da27e92732106fbd41ec73\
7373fd080b56b543d808d49eeb6e1bb0a8619b1edee8fb8295dc042423f684af\
8a
Modulus: \
1d0f176b6799b36724c92954c38d0288fa95400c2b14e064f76a6338fccaebca\
8d978b93bb76507bc150a50f9fe799fffe12ae2875b13ac1084ffcfde9f62b86\
185a72f04ff80538d6eac177edc98d61a517b1275bcf4b57aa262e1702d623bc\
344db7e5621c949a9b12e9936e88fae9b200a1f8ad5b40ec8220aa301267f38d\
d7
PrivateExponent: \
2dcdc00a86ecc2a60ebfa6660a83af1d7c3e570b85
PublicElement: \
13834f0fa1f42abf7dbd264cb7d2eb5798da8972df67f517c62d7ae5070fd588\
d61db62e492f9654833e876ed5737df35069f5ee01a45de881d8f5e68ec52ad9\
ef32780e8c453a5f1e38cc17bc5cd061a3c122080f6e1b82d31877e8b08f634f\
497bd90b06824eaa0416c64104ce5622c272673d0dedb836ac7d47e0cea06739\
02
Test: KeyPairValidAndConsistent
Message: 1E34034C47FE533F8FF5
Signature: \
05c110848feacc9ac762ffa14943f9ce9a111777de0502d9f364ad9b2df4e1a8\
17bc15a602579b3a6a25
Test: Verify
Message: 53D2CA23AF7DF95634F0
Signature: \
14009997efeb3fd246956e44b5b0e48581ac5f414613b41fe5842c85b031ab8a\
e68f66f8e1f1f9fc1d74
Test: Verify
Message: 0F056E08AE77B3B30F33
Signature: \
1beedf85b426d36a657f422ab9a9132986eaf415332816d33d70c726c3066158\
c6481fd00503ffb65518
Test: Verify
Message: F08C80E8FD38A3867B76
Signature: \
0a23b8d8f920cfb0dec93725e4972080445647c54227fb987dd9f80fab446c75\
1c2594276168aa68f318
Test: Verify
Message: 6D392690B92B3E75020F
Signature: \
18668f59c6974dad551a89bec5cacf0bf8617e8f43052eb97d7a1b12411b27b7\
4248b3d1f5070823e951
Test: Verify
Message: 10AE0E091A267641FACF
Signature: \
1b3d10f74fdaed3d4d61fedfa3f6ad3a37c0cf6687166a312d5b280724c3545d\
225e1fe0639cfb1113d6
Test: Verify
Comment: 1030-bit NR key
KeyFormat: Component
SubgroupOrder: \
27c7996c1d3729c4cf1de06529e5619771e27ad9eb
SubgroupGenerator: \
0d87a4b01385da7f43b6277933c5f0dc8072dcacd5252e1b29f588114a7ac56e\
377050aa8174b5dda400f043234e4a746442792734dc80274a00a3676101be94\
759fc2630b9a858966488b12611d03d0b31e7243e124497a754544cee1db10bb\
0a81cf0b2a68045b76fe935f641c666fdc788a2b968c6668c669115756b961d9\
fe
Modulus: \
2a32d68d31248024053bf628a94404b9a49d91ade4d7a45b071e93292a7f8c26\
61d9165f0ab85491d4b0dc67d335fa7d7dd172cb17193390a55eb000aa97e2b8\
ed3ee64b73aa43ea9b8979132c2d966ab03c42cc14782c96e4284ee1136b8515\
007ed1b1a5708b5e8d81304fa651edc715918e2299cfe9016dfec5f454d907f5\
9f
PrivateExponent: \
091155581ecb7a0a792ba95c772d9382298bfdfa6f
PublicElement: \
0d7d22c931422fc46505887559a51490c2e367cdb40242cdbaeb23024693fd5c\
68f6a3307ca34b224457d5aa610b90eca3b39905481daaba7151318f09f974ad\
664546d14c87f797e38139ee1e07adba9c775e07b7f7b3edba87d886920d6b2c\
ef5f084359566b0a3b8b940a65b9ad93fd7ccd1354cdcee3c43c6bd315180498\
ad
Test: KeyPairValidAndConsistent
Message: 23EEE1D0EA8950B8F322
Signature: \
18fe1a5f61c4946810e82a1e30fb6c87ce4ad9cebb1ae27eebfa8779fe292b2a\
451be3506bb65519dfd0
Test: Verify
Message: 13FA6F2816FB83190A21
Signature: \
2161a5be85f7ffe806df00f4bd50915e4b0674e7591f1c0902153823f881bc7b\
3f093d92bf86b74b5b3e
Test: Verify
Message: D071CCC0C6E4CAE82E5A
Signature: \
059158b2cf143f38eb8c51088dd79bf45990e596c8026fa3de5e668368b9d8d7\
fe9ffdbdecf66aaf02bb
Test: Verify
Message: 22CE83F4803BF3EA2C48
Signature: \
073b56d72a5b706455cfdcbf85b75ee45c40e96dd21a5460542ade665e51a85c\
510315a50307c2bbdb2d
Test: Verify
Message: 7A927EC7BB9CA16C1B0A
Signature: \
254c7525aad9b4b3807b3900a963fbf42f9ff2144820ea69abe5ba2c80613510\
e1429ebc726fd0a87a4c
Test: Verify
Message: 9591B069993E10BC0B84
Signature: \
0ed4210e5e4f2f9546ea181c4a61d062a1158810071905b180dbf070b480f436\
0b1f66065ecf111741cf
Test: Verify
Comment: 1031-bit NR key
KeyFormat: Component
SubgroupOrder: \
26f86a81a6bb530c2f9b63e3690e95a0894575f445
SubgroupGenerator: \
1e24828adb4ebf2becdbdcadf6706631293ad6566803d12479f04a7bb20b6086\
fe81df164f8bd02c5f418c1140d143f11a71170b42d0753c952bfff951b9ca42\
04868375efaa4afad50b75787e41c5ab9ce8adcbccecd3716f350bb8aaeca9b6\
098bd0002d789e1f7db9c19d9045499877b93ecb4e7c64808b742063bbecf60e\
29
Modulus: \
4d58515f7b41c4fc87e4fcefe5cf6d84b2d74a9d6f498ae9605fcbf1c5921742\
2001a272ef91dbd09e7af5ee54126dd4fc44bb1ed624d0dd5dafb984d5278114\
0bba40600cbd4752d2c32b43253efee57af6964c339570edb24195502e6d424b\
84bed65ac98c6fc52ec90e40a525f1863a53f2fbe2a0a133342eff4337f26ceb\
93
PrivateExponent: \
0e61a054ee6510734a80f67a54d8c4151c957ef16f
PublicElement: \
19b50f1eea45bfaa22352a38f3c3b86d6f670747ac2fd94359608e25f2bb9f60\
2506bc357245deeb4c3c702d435c557da4f4a9fd37330a75547c91681fdbb51f\
286adb498d1e489e89b2e6a4eb9ff30222c51fefbeac7435f629f536ac2d6b87\
664d80e5c97398cf489a1d1ca217f7f21ea8e409f938378875cf5f528162e3bc\
07
Test: KeyPairValidAndConsistent
Message: B4B3C8FBE82013228A21
Signature: \
0e1003dd216194ded89f7d10b35a266ca7587d8cfb06a1fe3dd43f07dea4a6d6\
acaa1477f2552c9b3114
Test: Verify
Message: 17D2D18302173E2CE992
Signature: \
027b40cd9a159257a57efae3a657399a3b6d8b06f707ba3a323abc383a93f919\
1246c38c03b028be05df
Test: Verify
Message: 8032AE177D6DF38C7E27
Signature: \
1f5e3d759e3b832f5a6c57b055764ff5b8ad942dd819610ef94cfec296cd1b56\
4fd0b18bfa08c3645db3
Test: Verify
Message: 768640A60A3C62E02428
Signature: \
0abe2dfabc81ab677d2cbd781ef9768325a5d6d15a22f41b32972bd67058e617\
e28c7e0dfbaae535d655
Test: Verify
Message: B0999CA45B77ED63639D
Signature: \
1525539cd207d5f6f915eb2731b6451e38e11e0a031d7e420e0bb95d6616d8ef\
35d20eb43c111f8f9ca1
Test: Verify
Message: 587EDB968FA82C12C930
Signature: \
024ed20dc19a07e00158aa2fe9cb6353f0112b8fab0e6775667115e1c92e5eb4\
29876c12ed48e996f4f7
Test: Verify
Comment: 1032-bit NR key
KeyFormat: Component
SubgroupOrder: \
2e802b5369c3f1ddfa789bf8f2ad2e048ced3bf355
SubgroupGenerator: \
a9aebee7d29f90b081afc4d496a6a78210e918bb57a8a21c5995586c0bf20f7a\
56bb10a97e05a3a723e7db64612b12bb591b1fe7d2e46be8c96a7b2ce7c66076\
aeded938775ae2223900adaf52a93f52d62173c82d4b67388c85d4c1127e1edf\
4643cf09f5375b60c19316c4f8f8fd7daea1d8b44a2d03e97c2741537f63d86b\
4a
Modulus: \
d551680a62ebf98f0ed8930cc5b12de86d0a0c29a0d7e5524c24672a25428833\
f4c19ac883ead22efcc0c6823f2e942c17adb7ab763ff2c7cc2698fa8b6448e5\
14d4628b197721bdaec780e126ac80ac83f24fef5c154f7690ceba903748be52\
12e3180ea718ca7a71a49dee939bf9bc5b7845c9648d074587ccd3724493b91f\
09
PrivateExponent: \
0f66e04c5a75d3eac03d744e5432f23e3aea066a63
PublicElement: \
2640c188055329f0b44aaf80f82f7fc7f0e421031834dfbd1fb6d6af6ab3e1c1\
73c901370a4ce2793c1b88d12f764c58ff064905da9c5001f679c7508972f237\
bccca56524787466a7c9c2d6bb6392963008ed1a3e4cf3b13e66086bce3a4ca0\
4d8cabcf0cadb4c403c7d02a858460d04350e730289cb5adf200b5fdf1198168\
b5
Test: KeyPairValidAndConsistent
Message: 909068BEFFA43331FDC7
Signature: \
2d557d8fae420880640dd9f60a524db48980c80d8b0179dd3c1892f02e87c9f6\
a04a8aa731be05aaffef
Test: Verify
Message: AC8AFC7A1D9105539E10
Signature: \
0ae7f23328453fdb03c090c09ee69d787ee7dfaccd047445b1026a9a7cacdd1f\
91455db7299538817894
Test: Verify
Message: 310E40311BB3F77F9483
Signature: \
28a8d8de06dc0011b044d19a163d350535d6ca91a023c9687557690ddf102d8c\
7558246ced311f2fc444
Test: Verify
Message: 35455ABD53E6FB11ED9B
Signature: \
162156e476cba65e767b4db942bb35cdc6293cf4360f1801a215bb2c726c22af\
f3a711d3c6473f1eb985
Test: Verify
Message: 95FFA73B52F0D06A0C1E
Signature: \
29bf4f13e6aff528aa1b060c2baed865c442e0472422b4bd485aa5ba2a09ad0d\
732637bb3ee520f6bc0b
Test: Verify
Message: 1E9934125DA6E9B4E975
Signature: \
1674975d0a97e799d113ff9cad06b7f70a33f5ca5f1916cee07b525270284fbb\
1c0428666987ad7e2116
Test: Verify
Comment: 1536-bit NR key
KeyFormat: Component
SubgroupOrder: \
232cf9bee9d56c8bd8252d1edb59d99c40cf32d07d9e5a4893
SubgroupGenerator: \
f028143e3f9d1317aafb814215ffda9c584da8943e96212c90a082c3d2f335e8\
a6b64d1c890aa2224ebf158bec2b6fe6bad236417acd517a4907331e0be0dd0b\
801218ac270acdd45579290be1b94bc418b8f82c651d82a19d2f0e1cbb0fbc0f\
054d95150af96f9a7488010787a799c544883ff76a4e3092f2ca9aa9000cecb8\
8dda343c972c8192a83820727b1945c1a270cf913ab932457e8e6e207d06cd0e\
fdf265b762b9fa15c9a14633af17204ba2b755ed1b3b421ac596a2a04e64be43
Modulus: \
fada6e4becef964a85caf9e129639a5616ac000dbac59bd50b84bc8d46411407\
9c34c5b58d7d40027faaf037c6a649c527cb002d3a716bdef62b6c94d7a47a8b\
65c2ebac05da09e40cdc417024cccba267a98f4eb69701a276b4f117662b5666\
05c36054e7f015d2e5f81331e5666ec17ebf71907788b40cbcea0f24aaffb029\
ef5c25c55ae998f28a2ddb091d262c32ad324f4e64c7b4b50a19e9d92f6d8024\
188627cf5ce68674e7ec7da38fd6cf4ec29a6ce2f17e3188d8ef6b0e50d77d5b
PrivateExponent: \
1d4cedc87d55eea31bd702139b90be08d58692a1f97628a01b
PublicElement: \
819c8cedb9c014aa577e9046b90795accbebe81bef68b1b5c37c68cb357e1a5f\
f92761bc26cb0953956b6c0aec05acfc9d1a27c50789793b13d9eaf2361760c9\
7a7d86e7d922f4809a5d2d01448e938190bbc24c150e03ef8305365ddbf5ca19\
6857314e3b3023f8ddc9d209bd7dad1ee763e7003fd1b0c53057d2e9acadd23a\
a18f83d20143bc41a2dfa4a164c82621fc0f800052ec01bec7c99c66fe20ec57\
67e6fbbe8810cd5aa75eff3d8a4cb53e1259ebcfebcc2fcf21ba7f3589cd525a
Test: KeyPairValidAndConsistent
Message: 9F6DC301DF53FE22CAC0
Signature: \
15b22111ffa1b733979cd9d8944b1291ce09468ccbd05040de0f83023c8fe083\
734ec39a542011643e448b01429c4bae06d1
Test: Verify
Message: 2D7B5B9A27EAB468331E
Signature: \
029eea970a049ffcb4c6117c97d181bec7a27557ceb88d422b2212ca36238380\
87cd52d2445f539c9c03705ba4b485f56e19
Test: Verify
Message: F552FCBBA04FFCCC5CB6
Signature: \
115de3cc15d9a066c00fed43f583f6a9c984d4b8f4c93c3d72094a4b04dda506\
7d460c3d1ae33ba66ceaac676256c1e73001
Test: Verify
Message: 0D52B894153A4BB74068
Signature: \
0f6b8cc28e2068a3fe14d220177793daf3512ba6942e9d16ef1571fa34926c27\
edd1bfa94723a663425f5c2d01eaddaa972e
Test: Verify
Message: 294442E103CC0CBA32A6
Signature: \
0fbd8768a1b3025c0d0d309cc448320e086318772bb9485a5a0a2afa1eb2afb2\
d1818aa7b1c55b9dc424e654524278f0ddbc
Test: Verify
Message: E993D8FE1E6F6C3914ED
Signature: \
0559d66bad3a51520bbb85827a257ab09dfa33938127c69bf40f08339b2f2251\
c0e50b63d2a4d05225dea7f58f67de3071e9
Test: Verify
Comment: 2048-bit NR key
KeyFormat: Component
SubgroupOrder: \
03f35f80fcd896f03eda9ff07f2e35295384c4f3b8f8c4821369ab5417
SubgroupGenerator: \
75c5d8c8f72302d92be3bf486b8648330ff86954de5e6e83efef624a277574c1\
6757684d3874ee303fa08343fe82dae484e5dda6781280b434c4090044cc7ff9\
b6e962594d3ca069815c0f0b6bfd25215a419420d0ef8a1595c6eb1b44a719b4\
0131081f75cc15cb09a5d5a029c8546230c30b4af2d4a9f4374c93a095c83b59\
4b1774d635d4aee965f1d094469f7bbf8bdc93216a6b8a6c5753b48962335bf2\
092aa583c897878c8a7ce61186b592b05d2aea710b673d5994cedb5f117fdb6b\
8ad4d89f443c4eb662b428a34a7522c69794cc0274f3eba837e90da86acbc707\
4ee3a0b029d970efa48b3d582b740ae0e585d175a5f63a385f8b6b8878b44e1a
Modulus: \
9a08865d2bc9e0cf03d2500b2a08402bb9dc953d5fcd73f04be61236efc0998a\
8f012f00e52f7a6e91e81b88a4c9f985a2da523cbe7caff08cae44963d2035ed\
a72e1f31f82c8d64c86e686899d53c0200282f407ceb1507db480f1db223606a\
57466cf60fe9fc5f7ea7d5fd82ed3ab2cf5e35491dfaef0aa2e10fbfa3cdfeb5\
ebf65e4dfc2837e1f6399db06cc2e0420c7b14a4c0d483b742ca58b31fec9f26\
a64e9bfcaa82334e644f4b954e2a9c7eeae096b8864ecd223ead3bcf9e8c1f68\
f6678faccdb7f26d8f33d8a5fb0cb156cc7daf4a96ec2b730c0d7f666d699f73\
45a37ddc1ccdea6d8f439ddb23de04a941b246bc257b0aef544a8e868bc8444f
PrivateExponent: \
0212c34d3d17b96a899548ebf43bb886676acebd2f040f5b33a4e88d2d
PublicElement: \
267f9c3ff3ee3cbc0f9e94dc7e6837e1ff65175e967987b90b9aea7eef1de6e4\
c342bebb5dbd0c4e2f6514f2d487857a146dda6cfdbc8b56ed254cd65754d84d\
d21a271cd15fc656274725643728b41ce3f0e6872b6dfb4c289e03f9b903880c\
e3d7d745dfbb641c8c42ec0bfb6951ca2611fd877c32248c97252bdb42d7bd65\
ebc50653dff389526c546d1e6ebaf6bd8b3298c01935901b7efb288b78730d89\
fba7f46f2a642aee0dbc93aa29c190b201acf89d4f8ba28f3e3f54a1c5a48294\
dda908f904afb7db398682c809ce13abd49279221d5b40ad76216bad7ca256d7\
18d3552344c481b20da5aac3e637fb7edeaf7960b532ef761376489f02fa8c10
Test: KeyPairValidAndConsistent
Message: 5F3914F7AE0F6C76D152
Signature: \
03d30b7eaaddcb384dce378f806e88d646419bbedbc2c0c5cae32f3c3b02e0e1\
a3c3ab04b31e2c25db713db539a65c9419a846aea88aaa707cb4
Test: Verify
Message: 769583D4E7EAD14C137A
Signature: \
01dc2815fd4918b8d3bd1743f5ab4546313b1fa8044b4737b2c485eeb0016bcc\
cc084be064b6a8934a28011167eebbc33513ce609aa206810aa1
Test: Verify
Message: 6441D5239F50C71DE0F5
Signature: \
013f6d395de56832f82ee813b574002c36e551aaeffbb28ddebb84da7f01ff6f\
4c3d0f3519d548e2ec1a0b36f12ac1e4fedc83071bbbbce024a6
Test: Verify
Message: F1C2D4F7C3ECDF2C17B7
Signature: \
006441a8b3517613f9a8c2e7a89c492e7f49300d901ad01b92167c1fce02453d\
52b69dc1fc6532e792ad6366eae7fb14de3ad3f6f3132b0519fc
Test: Verify
Message: 752A1F2B8D9A717A882F
Signature: \
0127027984402f5b8cc069decc1bd611f0bb59c6eee86da7d334e3f8b903c5f3\
02c65aaf16a837963bf772931235f81e963e4d692699dfd4f7e1
Test: Verify
Message: 666DC6B1E871026EDE56
Signature: \
03e87b55a7e81318b7599da3fa8f18d46253b6546814fd1ae19318820100c297\
4de2624da0d54ca27e7fe3477913a6df35bf925de3f3d9a06849
Test: Verify

2083
TestVectors/rsa_pss.txt Normal file
View File

File diff suppressed because it is too large Load Diff

791
TestVectors/rw.txt Normal file
View File

@ -0,0 +1,791 @@
AlgorithmType: Signature
Name: RW/EMSA2(SHA-1)
Source: generated by Wei Dai using Crypto++ 5.0
Comment: 1024-bit RW key
KeyFormat: Component
Modulus: \
e5eb47bc1f82db3001faaeabc5bbe71b7d307b431889ac10255262281ec5f5af\
8a790bd7bbec5efffa442cf2c3fd5ca4778763b9d15aeac0b9b71bdb13da8272\
7f4967ac685975f8ff05a763c864d100b7cc1142102aa2dd343ea1a0ab530255\
195c3a6400ecab7b27eff9b01ef6d37381fa6fb5401347f195354396772e8285
Prime1: \
ef86dd7af3f32cde8a9f6564e43a559a0c9f8bad36cc25330548b347ac158a34\
5631fa90f7b873c36effae2f7823227a3f580b5dd18304d5932751e743e9281b
Prime2: \
f5bb4289c389d9019c36f96c6b81fffbf20be0620c6343e2b800aefb1b55a330\
8cc1402da7a2a558579a2a5146b30cb08e3f20b501081248f2f1de36cdfce9df
MultiplicativeInverseOfPrime2ModPrime1: \
88813a3d50b7c301948ee1985db19c9fd33a47c78c977024745e10483d9cc4f0\
f573597ce564a91421d1d7457bc45a971f7d8b31403298da77799b57cf9a76de
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 2CA039854B55688740E3
Signature: \
04ef52d5aded8ce32d653cbd0d0386f36dfe2d3629da4eea2b358ca8dce50139\
583957b8c211ae65e23f35ba0c74954a2d2ca8755fffaf6a83f54acf7fa707ce\
33bd38643de0ffa1481d933aaa391d6863c349988b4abb14c1801c7df2e8cd46\
c1faea194564a3cc51091ed01213a2ceb68ead822f1e8cd03274aaacefc7e31b
Test: Verify
Message: 2A51DF4AF88613D91A37
Signature: \
70313105024da6d8321ba4b7daddf284a291d44f616f4f9580794dbc783f00e4\
9bcad654a374dbd6285e9999de6a4566a7e9043c972b73083fd166bd1c7bc3d5\
93e5222c217b9c55fdd2fb2c917f45016ebee8a2d04fd9324b1f3cad89118684\
3fb8f0e9dd1f04ff6707d33d9edc2cfa45e9fa194b6f799a59b14189c8d37ce5
Test: Verify
Message: 1CF8DDD95D780A89D7CF
Signature: \
10ebf7bf1a99915736fb191a78d27820ade595f9f9342f29d7c565918659d4e2\
3afa3970f317d57f1cdff089078e720015b012a65a69bdc88a1a74d96c8bbecb\
fb5afe2c2e54b06f3cba31829a14e6254fa276f4dce0798d47179414e0e2e7f7\
38a8c9bcf9bd1a6e42b4f629a4995678ba14677707ad62a706dac801bc70e920
Test: Verify
Message: 2119A954F1AC0F3DCDB2
Signature: \
6a5bf53bbe7712b013d7b8d7df019352646d80b0f3406fc84d6ba4bbc42570f7\
6ce1d7540dc47aabf294495eb367ae1cfd87aa6569107275fc2b5afdf66973eb\
eaf0e0726ce5f9fee9ae4357862f4c8daad0b50909a9adabf96f80b814286990\
ea4ba1c6b6530f62ca6b2c354441f235cd1f6518038a7dd6d6e6b37539019b46
Test: Verify
Message: F6959926E6D9D37D8BC0
Signature: \
410150f4339ce378475c942d9f1275f60803f9e7c13318b5727c9ddb7bf44091\
a1ec76feefcf7d24fd9ea52f7ba44badc0db692d53c7858ec7c87fd711c2f2ff\
cd6e706b4ba7e3966bedcb831dc7a2bdb51e994d5c4e69d4ecdfba17d53a569c\
eebc7c0d45580bf1ea751f2286d5f81993a8ae0ae61771e2f229c0f63f174842
Test: Verify
Message: 7A4C634DE6F16315BD5F
Signature: \
5b9f10caf6a4ccf56def402ec81473c47ab84d6d89dec0a563ada1d3e35251bc\
d712f57e5815b72f3ecfc80e69b698afc7538ba208618e6f18c523131a806c6e\
a616c9e1fefa448c45b04db4b2ccbccf3a65d18605b7dfd54e5d4f660555a70b\
8c7c135642232f40078d5ad23c3ba7a8fa3e88a548833c85fa89452af38ef14f
Test: Verify
Comment: 1025-bit RW key
KeyFormat: Component
Modulus: \
014f62711d3215667995439ea7d63184eae44b229ea7218c60bd0a0e8f6a9a88\
0e65e8ccef53f981109890ae035e28a6c1360038db30a30d5654e5589218276c\
7cdcba05423072ecb41663774bc642fb909d134f5237af8dfed6fdcbd2744816\
7a4a4374951cd09dc4ebb774f5d0a67c70bf359063398b863ca6b79d22087525\
c5
Prime1: \
010dac32cc0a4c40f8e06739f07a14e1c55aaefc3c0673dad3d9252f87b2c4bf\
4f295a748372e2201d2eb67846e34f095355dc884345c08fb399b23b161831f2\
03
Prime2: \
013e61571d66b92e1e2c44b80f7bfacd571b25a9d18b8ed846c72628f41266a2\
2bd3a494c8e1de49513876ac0d273ebb76b8de76059eb980d3973266bb0a4922\
97
MultiplicativeInverseOfPrime2ModPrime1: \
c2b3c03a77f7c1ec867764ef68f453126b2bd2fc7a4ab55a3636dffdc763c642\
9d9a0bd7229fa9ce14f334b07dcd92ce137d32d1b1c646cb4ad342a1fc5d3331
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 082A8A2CBD77B445696D
Signature: \
0053fee570f655686886011718369014f44f1b3ca0befa00fd069af1ff216e36\
fdd061710b7e66aebfa50caa882422c8a5efa68132323e7ad33974120062c6e9\
670f003290b5708e51a2222339a003f9b2a0e5a5c219bed13d88f958f6005b91\
0b7078bb0a843dd2d805ebab14dcbec9c92b44401c4f519e11e67c10a429e2b3\
4d
Test: Verify
Message: 5A7C64957D01B160AEF5
Signature: \
000952962cdfc43932342274eb66c7c55ff465625737a6881a4216d963cb3a5f\
a0c87f460504adf56edc82abeae0c5df5eb3a2339d930bebfdc886f73bce30fc\
0ee3ad876dac650301e52f99daf7f5426c3be6019ba32fd932cfcd1486e4d526\
b114ed548585a02ef61e0e823797f1396c1f574bc727f67acc4e80fd9204477f\
78
Test: Verify
Message: BADEC506933099507DE6
Signature: \
0029687805fbc02138add9a8e0b8023e5f6fa55fa31ab0852ba8ed91fcd514a5\
2826dacd04982214aa1fc0cf70859a7def03dbacbd882e0c62d51c6c90998297\
b6393e55b4f4261ef12cf0cc34d76cce6ea838d21a85db613ba41270790a6d5a\
15e3d78665dce0a2c1e348f0252120b08c120a98855130c33e51221c7123e125\
40
Test: Verify
Message: 8E05A598F0FFA0E2BBC8
Signature: \
000e7caa32b8543c90bbd79b8f8c595facf784690d7ec2d6f42955757d9e05ff\
c61b21adaa29cfa9fce60c7423eab4e804d7e9d510e1caacd185e3080a692e71\
f6c870cf5be65e65f7828531e2cd17eaa265342b94dd8fa38aa67a6553938f83\
1fa7134e17f67a655c5404694943a5409bc4fb0b2c85b08afc6900f5d2445617\
00
Test: Verify
Message: F75B466C9A6D079ED0CA
Signature: \
000ef4dc436e7856e978072151ea9346aa2fea614f814baefa7e5ea27439da5e\
63d68be1cab926e2d0a5d345aeb96d30eee2a0245f9d770781c090a35051cc3d\
11e80304c3b6ffffb7efeb14b9b8000a3b0544e1d34b31c8e103bcac24ba9ec6\
b32a50fba9fea9f630f9cd4aa9c0b9e2fbe9b21ec32cc69b920bf50b87d081ef\
0a
Test: Verify
Message: 9D8B40E8A5752EF52849
Signature: \
004e3532bea4e38512e772a59588d11b1d814df7de22e8222b9bdb6f8eb55d54\
d9156c87c0ca23a6c67654a0cdd8515fe12bdaa8ca12ef655817acf8ada117d1\
8fdec17efb9ad61478532f4fac828d169f34a95e7517347fb28fd821fb4a88a4\
9a6fa8b5d18f49e405d824afdb7da44a019bc64d041176b1af8415d5a1d62bf1\
c5
Test: Verify
Comment: 1026-bit RW key
KeyFormat: Component
Modulus: \
02d430eab945722f6c330c2fcce4b476c9064da4d79a783a3dc97a30fe78b1cd\
8ae5717b55fbdc9d26993b5d12a0eff099868ffec97babbcd75c8e59012b73a7\
a7c23c4f2754fe72b9447daff38bbcc99a30e8f9c8ccecf8cc2f6b28b2297d3d\
d2d140217be1f545d610b26fcae7e424fb0051ee9c9eae776b71ce4b56098cb0\
ed
Prime1: \
01e6eb86774831af3937919b3fcb8caa34dce67bcdac927da654f00eb0ec73e0\
9fd95a3f9e3df5c08323584360a84edac08816afdbf284da64636e84455edcbb\
a3
Prime2: \
017cbf02d70ef2cee45d1cc47ec8ce8cabdd6bf32a560975a42ef057bf9dfd55\
3bc9368ddb154a55d855edaa755e69f511a4c69ba78571cc4b14ddbb0f32a4aa\
2f
MultiplicativeInverseOfPrime2ModPrime1: \
0135b4b86d7a4ee679c9e0c1f7b42a4f7a2f7daf534f8bc08cabbe06c9efe9d5\
a6225d8db440f6220185c628c5ad07d543e772b5f7d4cd2a07300b2fa2c9d27d\
5a
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 6C286305AA21EC4E35DE
Signature: \
0082591a0e81c53deaa17773063b705bbbcda570a770e55119a698fd04079d55\
573ba0bc65464c7392227f663567a40ce0659588b6c5d69fc253fbb7431f08ae\
54f90ef89b197ba812cbc03138dff2582f9ecedd038f563c8992013f80291918\
78d1b23e123aef28c60ce8a74f07db8f1732e29846ea03562b73da63d5c12cd7\
32
Test: Verify
Message: 7390747477B3BD574E7B
Signature: \
00e6a0176e4a9921e01c861fec1a4a5186bd9da07ae637641156c3d3dc9d65c2\
029427c24fe20ffa446962012b8a990db592b03fb538343eb82d973e1e8e16f5\
c893baca5ec822df9f98da400cf8e581c9f17aebff7e02bef5d24fa4def23aaf\
b06056512b00d74ad3e976b7a094a3a237d7b9844a67deffa8a2c4ca744960c9\
b6
Test: Verify
Message: 87CBEBDE2F665703137A
Signature: \
000e1ea6bbd37ead91c98c8d54723806a3865e9396baa46061f51acf7e34e3df\
edcbff7ddfedce465741abe41d1578d198d1fa4c1626ee6a0f9e29935ae62f6f\
bd6e4402fe239b579f8b1d88866cc743db406de894827082e976e0e399be4a4a\
938d3fb2d1b31306ed9b0592988b10c9bfdb65a56cc559c8f49ce389f17e2505\
15
Test: Verify
Message: 1172350AD2F48A0884D0
Signature: \
01531930c41fcc091fc1d577ccc7375be218809acafb7944bed4d44d761d6f32\
e0b7686387fe1cbbc6c1c17a837f68ebfa467a83522850af81d148003713d73b\
9a6e99c3b6a4364a6f57423f807141a8d1a62e675aa451b84315d10bb77d2ef2\
14f9adfe7f7fdfd078add4a6972cea6c7255ebf8cbfa1d8840bf0ac680defae6\
2e
Test: Verify
Message: 76A05014672EB1256B9A
Signature: \
00ddb690471e1d0baaf12ece96ebf048367945c17a1abb6fcf21d23bab22a2f5\
33c6c30eaffd501cb261ba05c93a358d4c991087b8543dd69486a51f5075d9ce\
83c6837ae0b1bf5262e53f1bc70eab0512f19ee59c07b20a78361e87fef65c1e\
d0a367c6e85a8ab2ba37391c31150642915286b45907741b874418d9619eae61\
98
Test: Verify
Message: 928F05974CAB2FDC8F23
Signature: \
00c787f8cf47320f88541e6e3858ae049d084fe5fcc57741a39feb13544236b8\
3d6fa0be39207e4cf07f68220804b9bedb88d09b47e9db54b434d929693dca09\
a0d90932a12a7964ac5996644ee4ad686f8e79fe5d2b89b25ac56691a2b9bc06\
b43752d0e36c600071e8a6f735533da7e362f2e223b3c7b3bbd89d419d196964\
9c
Test: Verify
Comment: 1027-bit RW key
KeyFormat: Component
Modulus: \
05f975116cd8ed2a2ca964fe87ef4b0c897156561575002fbbab3357abef2172\
71a30d6071af0e179d25f9f91d405fed63495475812169a2df386d88e44824f9\
5d6af69c5a3279843fbfd74639ec9bcad9e34a5730b96414688fd4c5cdaeb59a\
9a7b83f0e1e0e2aeda608adabf4b0fa0bc1e0dc09a3b1228ac00be619154e264\
f5
Prime1: \
023428e22d9b2b0777cc0d3d9fead86a6c060108b2574d151659bd98508e2073\
6a666766a23af6cf9fd4ba8618f315a54f572ea0be45691d8643a1173cbe7fe8\
83
Prime2: \
02b60675ab2cb579f4bc13a8002ea68038edc9a971e9e23f32c8a63e723c07ca\
2929919214a25196e52441cc433212e4a0e14972c6a45311fe9efc01dde296d3\
27
MultiplicativeInverseOfPrime2ModPrime1: \
022e81e86bfe027761a2b32129abd37912929640b7666400b13d5fee5ee226f3\
ee03cc69a3e7743b134d6eed1a5bfa17bd3eacc701642de4937f17a916b4bba0\
2e
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: C478A696B0F255468B7A
Signature: \
007b6f176db1cb37c2699e951251386efb5ffb2fda90e55c2f3335efde71ef78\
f8bc40ecaf29caa2a8d67e98b5d48e6684f1860aa9084001bc4d183d30fd1392\
98ea8f14608e35cac28e07182c1dfd026dc73220d508a96f8d210dd224754f3b\
1675f2332e795f0437c7f30e8f0de44f0f9d1979e25245e6cd206e8e75d1bdb0\
f8
Test: Verify
Message: C18E11632F208CA86383
Signature: \
01846c7bc42161bb2f8e4737b564b9109c484a80a7dfd3edab4b10c13b5b16de\
5afcb8aa0eb7a660095936ec5ab4d831751f763546f2d64f0c85ff39573559e7\
7873520b832d2584d441fa2f32f1f740b073170fd5e3c21ed2fda1ded97c4ad9\
59a3433e69ac00310f1193bfe17a6529c55ea449b510424721dae65133db1d92\
1a
Test: Verify
Message: A467232F585D0CE4FA1C
Signature: \
02910643b84fda8a8aa61498c768b28a720429859ac62ed5362fc1a986241990\
5023c5ad1a3f9625ec8228ae19ef36c65bfdf00c06bdc407dc60f37bdcee9ae6\
45c246c49347f0f7ac4970dc09989cc82c794cef8c2a66562d3e4ab7140e5b45\
30f5a8c86c10405b0e67d957e502756d38d7a1b67292be83af271c67c2b4f73b\
6a
Test: Verify
Message: D93880168C8E008F03B3
Signature: \
001fe6b090031213b5bb01f374b95988729ccd990f7ad4c8a51c2d11b9e92ea8\
6672689fa5055a8bbb5a9808f21758f43aee3425f02325b8caa0052201526d9b\
a66a7195c7ad16704606d2786f1b48e87dfadf0d6684d913d4498fc9d6c5aea7\
f5a322c07031a8ffb5e02291e15905fac3b966ee9d97a22cb5bd4de6977ec87b\
a4
Test: Verify
Message: 5E9FE5027C29EAB421A5
Signature: \
02d1ded6227adcb612b1d5c0513aa89b114bcbb7a217983ccad824c93193dba1\
7a814ee3d5bd6e5356746d7cdc31622d4bccc0b64afb6e3c8fcf2c362f4af54e\
b9c5b0864f9e2c5f6ff91c0cd62ee76abfcd96ec0c0019c723eabe35b9f9595c\
f2052cd7f857999425a19e2dc12a09924f2fbb3eea410a321b035cda7bdae739\
e8
Test: Verify
Message: AC4218E04F09A1F217B8
Signature: \
0204a3edc9b2fbb77d99fb209b93338dfd975e3fbc5fdebaf5b4e3356b5589aa\
99f91c17291a44f42abc2698135ff287339fcb7c2c2bf4be12ca89880ec768a1\
764b408c14371d7d62f46e232e0ec5d0ae90d5e7c249f5814677080883ef34b7\
3821a8906b8dfbbd631a9a00879b188394c7dd2ccf7cee2a7ce21351fe611fa1\
d2
Test: Verify
Comment: 1028-bit RW key
KeyFormat: Component
Modulus: \
087cccfb64a879acee195b25571704ed63eea2194594b250df8b893ecd79aed1\
d0c22ae1636371db48900f83a563c4f810049aab40c0e9070806f07eb5887618\
8f0fb6a118c498d8d99be3188d79dff498f4271cd862514364c8954ac51be624\
40abaf2bf3b8d03425a96eab73f18fcef0bc6e64e3cb0852d274b196ec4b284c\
1d
Prime1: \
02f2092000f301f0f1b6925a7e17974fa53e9d6b1a54305af7cf85404297e16d\
03152c60c5836f3d43a355e356dfcf1250ebbc33254a5e461eb177783e509886\
0b
Prime2: \
02e1ae11ac527e1a4a6115fb86b7c3a8396a03d29c7d4f9ea2a9a1b32fe8fcb5\
2dbc60798af7f168731cd0f3e63715980cc11e468e7194b7bbc33cc430c60517\
77
MultiplicativeInverseOfPrime2ModPrime1: \
1654d6ebc39e291e7a2f602eb977eae0e856cd43b3392954942eb31a8b506bfa\
412a3cae57c3e83fbb86a7871b329ec91fb39b25e361a90b7487d1820de15097
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: A2065AC53F8E0A47851A
Signature: \
0400591d00d3b69ed3798a2d63cfe09cfc2ba37ea12fad93396a4be9a06c42b7\
e7eb270b349196da0980ee33025f826d48b976454aee5faa9bd2d983538c3b34\
e36de7f3f22b08da85e8e8b674acbcdd198faf7d65bd1c9a9bdee2bda5c6f65a\
14fc169890d504843b4450afa6592a82308d61c0e050a715ab6de006cf7f0872\
38
Test: Verify
Message: DB57223211C510801B3B
Signature: \
02eb8797b8f97fb833559beaf20b1996335f7f1a02399ead9e225afa13aee420\
0ae14b992b3b347f6498658985427b44d3f2da4432f141252ff2d1be174b84c5\
f926c06ed54660c48bb0b82086fcd7ce24e906a84a2599d397b58bdff4f806bf\
6391717a2ec187375f8a2399b6d65b8a09cf53943672ae6c64d44634d1f4a6f5\
76
Test: Verify
Message: DD9005A7309E55F67D01
Signature: \
01c35a30a75385c8b7a0774d1ca1a7015e988aac7db854fbebd9e58d66c8780a\
2036b48b1b57001df6e04de7007a40f5b394d30841effc336b0c4f99a8f8354b\
e1b8d0f25efc1623d4ce594144d545da265c951e06198c06f4a614354f29d54c\
7fe2046a3ef0e23c3866eb15d198ea4dcfda38edece33a1c3002127ee4127634\
d7
Test: Verify
Message: EB0EB87E62FA563B76F0
Signature: \
015db0c4cabd9a88fab1e14608cdc5c8c6748953516a26367c472db6c903c884\
eb17a5cf61bdc709e46163079d3e4c72def59b90604faba783213331c4f174ee\
fc42be85a681f27aff222012048a6ba8dcc9cfafc36d806a6890ece093414e11\
3ba354242d94881b648425a5e0b63b269b3cfb743cde4bcf0b1e745551add47e\
91
Test: Verify
Message: 255C262D85B8B00972E6
Signature: \
039f2d447f267472363875d7c708209e9aebf2374c3c844a9d098641ce40a3ad\
7e10a389e561ec360491124bd856d4a2ea47e871a3b9cf91229d94e2af8a6425\
a1671743157bedb8942c6a212dff2619c7d21675ff629007774d74dc1794ac5e\
13c6823248def381d39d402259a5b16906a7be58e7ccfb6828dfe0e161c0b47c\
6d
Test: Verify
Message: 1E5AB30CFBCD4E80C842
Signature: \
03f6ad6424b0192054f79ce4656d2187093eeb9a380f67127d5697ec3ccdd565\
61267c6f1454b25c8e2c3a76ea97a93b4488c944fe2918adbeeb3e7ef039be2f\
de94b120c36538c2dbf60dd5f67bdc8c647333f38861ad4e2d8ac10437bd435d\
7619ef4aa26ab92948c36428286536af6741a9188e4f75248f1dbb83a6302ca8\
2b
Test: Verify
Comment: 1029-bit RW key
KeyFormat: Component
Modulus: \
1335b36fc9d30c35f56e2feb6034038aa1bfc2a4072b6f58219c7ddc17afaebf\
bdc64c6f05e6df88f0d391a9f84ad65d47852014dbcbc15b2551fc4bc42c4e94\
4d5370587a64d58cf05c390e345000fae3213fb77719b19a89711447b6df5c6c\
63c9361bd59621050fe71a1dbb45cc89cc9efe1e30650948f5060defcb434ab7\
f5
Prime1: \
0484328353f979cad99f4133c53acaa6ee707e4f2ed4e79062778a2dee308176\
1f803ac6e71bcdb4af4d37ba2405b077e5a0e35846b5cf1b5bf560977f380f1b\
93
Prime2: \
0440daed0dcd475c0cbe4a5e6cd9fbd23ea58826fb044db132eb97fe173e24b8\
4be0211935a11ebf5640a3473a82649565109e9e890c1c293d7ca097975f97e3\
57
MultiplicativeInverseOfPrime2ModPrime1: \
1eb353992ffe492783a2aa668f9128f9ca3901a4a545612cd93b081afe8f709e\
acd77a8f2779bff6af804a66f6c06a66ae6a19cfce4726db320c7ae071571de0
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 9C78E952A4240ACD1CC9
Signature: \
03837172288d2710698e7ff49b0c45c5aeaf829c8b1c7bbef4099fa3b05eec33\
c5bbbcffa304f44298d9ef5ddaaca6accea2a970afe8621070b09333a862f6d7\
d3c00f26b895661a406c5d1f647800e580a9a035510c6a7dfd37fc9a9d6e21ac\
74c7ff14e8fdc75017b26edd562e97e61584d5c440781a3a180412b72b421d3b\
2e
Test: Verify
Message: 1D0BA731A4303070504D
Signature: \
0658fdce91ba8b434947a866f14b395b9f98c46132e2ac33b84b8b683b024d9a\
3744b43a6eb2c7f6e995e8944f030426acb0990eda7942463631962daf9926aa\
ac876a0bb1ff82775dc31aa55604b6867ca142a53a71af770e3093126ad9a6f6\
7b545a320f2d67685600e4de7e6f6884f13d545688763a4b08b4979b4248d214\
37
Test: Verify
Message: 8B9615640A5E1345DFED
Signature: \
04df0f6f3b3f586f76f75a6dd2503252f48144beb5d99e285c83b9050c0f5b2b\
ac70d68845f5a0aa74a117a667e04041c3bb4aaeb31c892be3b00276e07a08c7\
5468301ec22e3d1ba2791109fcfce240c46393d3d4c7261559872f0e7d2b71d8\
f65f1eb4a04a913244c3b5dc9582e07e7a3a330c34dffcc810b829f512905b68\
c2
Test: Verify
Message: 115402A8ABE9CDA3072C
Signature: \
05dcfede8ff2d435d0bf1afc68998938f7d238a47eb745e968c5b85a23916324\
6235e7d3b2e0f6447fb88053f88ac05130cd5fbf064d238132e55d7a40af44bf\
0811039b7b04c002f4e71a6544a2c75fd2337b45a27dcfa3856812cbfd87e71c\
3fa1821101f126f2990f3f0461ce4985d7e3d00e6c9381efa15d1b9607d85d65\
06
Test: Verify
Message: A8601D68032651FEB033
Signature: \
01612d1411798aa97a5d7d7f9e7f843de10893c5be9105d4aef2563e9fa49764\
ebf639c9852cd6baeadffefc09a7049a7b028c2b794d7ffaa2587de5481d53aa\
7b1c1b5bed91dd50a871d5b58508562385ae95365e7382652e4e8534f27fa22a\
c6e192405d4f08745da388a617c36643a4cec77f0dbacf39c3743fb021f6de32\
40
Test: Verify
Message: 5856E57F8F8D4EC94909
Signature: \
02b0e50f512260c97058ba56528dc30bf32ac8062d1971f700b8d5be00250008\
2b7813a2af0f0efc0e83b3fbf96c7510ed427d3d9f0b719e1d682c29c0e8ba8b\
67da35101c33ebe74ea4aa21a00a76d9923905beaabba2e16a24aa49f9743ac5\
33436df45c28a848ab52dbfa79765f70537c03196edf7a9503d6c7e2d6e64e53\
89
Test: Verify
Comment: 1030-bit RW key
KeyFormat: Component
Modulus: \
3ce073933ddc38b6e51f88f45f4fc8d2354e760c134b0e43f135439a4c64af51\
c754782a56a04705b7803c13dfecf5efdbe2d9bfbc06e341e09b949274bd1edb\
660e30b441f5ddef1d23c5efdbd9fdad068f7852a39247d39afaf665aab48884\
df86ed9d588ed4691740e3387c9a295ccfc3137c48e7e11b84dfa2d85c83024f\
0d
Prime1: \
07efb5572a75f8f29b58bd5f2a6080f6fa072f0c69b46e724959b0e782026eb0\
1d69bf881e664ed668f7bba9369679b01e9da590af6234afc6941da685d2a570\
b3
Prime2: \
07abad6313afbde99f95cc263449fe997ddacab1834221f469a38801c0e5a3ad\
0a6b029a058317e928d27d511d60a73252432618840fa4ac2c82b5082b7d69a1\
3f
MultiplicativeInverseOfPrime2ModPrime1: \
020d02907c4770b64d7ec7be20a174ff6734c6f47f3f2cecbda92875410f0e40\
18526dd5b4d4eef94bcca42672886a6c360f39f60694f49d50b6a4eeab541657\
9c
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 162DEB4C940A16BABBCD
Signature: \
0e39ffbb996f679d5c167864b22f6a2a8ae9b69ac9a7249362db552b8992427d\
33f86fc605d1b4309902fa731f4b8730a3e4e6f8a7c6618c9365258d7f3b31c2\
f64ede5c9e42cc74270d1fc08864e0b73caef6e411b8e10a836702c6e84a8989\
233e784bd9f7ede70e3f8c8b541d2c5e68c3432f8ae1ccde0d5dc81dc4061bb6\
91
Test: Verify
Message: 1087E1EC7822EDECB926
Signature: \
160556756f0ae933604f13df1783344d82fd4bb0b380478a3329c0b737d72376\
def707e7e10521bb456ff76d92f431f94783d5e854c386afc7677d5c3758433f\
4f64e422bdb251cd39ea64befa5d515f88ce9af8fc800c473d4fc1bd350a15af\
29361780f90499e0fb38b284a460b87cbcbfaacea0ca4510f83aa5c6344224e6\
58
Test: Verify
Message: 5D7D3F768E5082238248
Signature: \
1b97cebfd6428a4d033c6269b568dfdf4888a8134bdcdaa4855187148b1640a5\
c64556767379116ced60cd18027bd43b45071fa135c56e6a9519f4f46fec407b\
333948e2b0c99e4952b6b4e063a4ba2337a85cede6f40b235502521a1fe65845\
ea5626604e87c2551a2ae21fddbbbb677926bec6139f754daf2786c95ef21732\
d0
Test: Verify
Message: 0E701EF227ECA4C734E3
Signature: \
0c55ff7d699efd140d93eccc65f1fdb5c30859e3539acc240fadfef4cc44af37\
98373a2a47093a660c322a7577bd521d324dc930d7e3e54c39873c3f98d0e82e\
92dbd33c5f83d83d9b1f69eee731ed01f9d5ba8edd0a55f5461e267ef9a7ef08\
92feca7e818056f05398f95f5b6d981b1bad4aa0d622ff3eef054a3502c428d5\
8f
Test: Verify
Message: 33E65C65EF6B72AFCB96
Signature: \
00e692d2e705da6dae543cf127907791a826a309993a74f18a1a3becc4ef1f0c\
535d71ebb46440ca5120162c87c52642608d20babf3d0c90e9250ed56231ba3f\
ec692c94fe6169530c7d1cb366f31425a934ee0d4974d25294c9909dcc0771d6\
e03171c277c932c2c4927132d8c96546121a66ff17963d8ff3becb60720bebfc\
22
Test: Verify
Message: A5D33DC2DD83CD71979B
Signature: \
11a3dd295af6d06f87996d7381e8b68296287aa1b7db0291ca4ae833bbd82c41\
4c241e9d962fef2880bfd98dadb5c834bf6493481f67a4b2826faa628bd88af7\
d7afed125a4b5c1226462b1ecbdc1fbaebe75b2cd03fcab6d9d125ba269855ae\
0a17cbbc784bf068e2dd6c54d01660e833705389634a486aa4ee075e02e583f9\
51
Test: Verify
Comment: 1031-bit RW key
KeyFormat: Component
Modulus: \
6e2681db0cb7ec625df9f87790345f2af3378bae4fdcc6224b9d4f1ead9e7bc6\
c4a7944f95aab6047bfaf185c38fe5438679994a39adb277538561ba73da682f\
3960510686a5b4c39688e36b02177b2d3edab7c6dffc68da05ff2a846151d784\
ac24cc6f48de7b7490e08e73e79d60b1b5e1af431037183f50e3477299c1bd3d\
bd
Prime1: \
0acc8984e4d7de0d950848e4bb75231e7eb7644882c34f5dc83a14eac016d659\
f9fe416437f7dfe6b002503fc19fad863de7b48b0b173c745e02041eb487d16f\
53
Prime2: \
0a33389ab2102b97351d37a4b5046e885eaab21e4d62254fc2efaf613a5da52d\
c295ac2b77aa9cafbd6ceedc136991cc560dbc3e5f7825ce5c2a6eebc1f834cc\
af
MultiplicativeInverseOfPrime2ModPrime1: \
02c3b6017888557795c7cf45532a4b896503a26a9f2f2de9b630948b666cad2b\
96bc7928be9b00f86d0c41be3a916dbabfb26332152f2d3060f0dc35cca67d17\
d6
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: E8591C99769BD81DD7AA
Signature: \
228a5622afb5f8da5b04a8b453c5078504f7af5155b51abe613f282d2b71d729\
afbc93606e2146c2287a00d5f7433ce7a336f93542d27b9b794a893e170065ba\
bc8fe0ea87da646c7194a133822d9ff2505962c9d80e8e5a67ca1867ea4d43b5\
451d9333be577411d96b0f0b51c46f61bdbde2774e160cbc47ea7b702c9e3ab6\
2c
Test: Verify
Message: 0BC6F6DA7CD14073D339
Signature: \
035a59e2b4c4633f41dd3e175dd4157ee328b3e7aaf58872539d004d667be119\
6981a0e71f24fe7678b76ccda95a5fc9e6ff51d5fbb4b2f96ad852ea31f5c59e\
e10e6d2b9cecaf9a8a2a01518a5bd9559e9f7866fe50a3238b6eba6ee6970be9\
526f0638466ca2474714ae904ee10b23a7f8034c6113e649a0c599885a02c20d\
fa
Test: Verify
Message: 15F595F4FF9DDFC969CB
Signature: \
09601b3513a7dffa307a76cd04ac78fa5b5246e396b46bb937d718e3cb6a576f\
27c1b2693f1806aab28633897096fb2853c051d177577f3e8d5a58845140b249\
0a70474be8a01f8c3c531b6cb6a79d32399cbf31e0066f552c4e221d1922e786\
cea446d4612a19ce7bf46b83d95c02036799e10d63008d058a36211a763ddb30\
44
Test: Verify
Message: 8DB7894D9A75E3EB2082
Signature: \
25cc378c4b79b0300fdb6228e40eb4a481d0643648f89375fae72de7ca6c9cfa\
1b2e8b20dcfcedac7ab86c73f77bb4fcce305753b3757c09ea1826310a4a3152\
ae806a579cca7e5907e6428a5aad7fe6fbf3912c2b31a7a0340d3d9f7469b690\
140b4c0a8588eda26a3d5145633b36ac28b4e551c1f1f45eedced3f63d0540a6\
6d
Test: Verify
Message: FB0C78591E59B38368E2
Signature: \
1b11c01683b9c1d284ecc415804323ac093a8dea207ba50d9688bf176e01454a\
cd65c3e44d340928b2a18df96485d1074184d7229f30838ab93744fed3a219e1\
c9c7219093a65f786c483c15113b2c7adb9006a4586fd943cf2d114692655a7a\
7e32f8fe6d4eaebf13730374401ea10e161e544439ca08d9f823ca88e1c632e8\
05
Test: Verify
Message: B864B250AD45406391E7
Signature: \
2ec5c0c8650aee4f3895e64a7d6cf3b199ab7d23250c0d617ae47ec6e8c1cba2\
f3ad1884945865580d7dc255d20aaa2fd28480afbcd89b3188113857ba9fff0d\
54e23fc4b1d44015ea1e700a7f20fcca6665ff7790969e5e718f4a53ff66ff23\
0bb9dd3104937acc7b0cf54aa7a147270deecc6101f2568717ba0b4983d81eaa\
bc
Test: Verify
Comment: 1032-bit RW key
KeyFormat: Component
Modulus: \
b660eb18786256c993ebc6dcb5892eac342f6d91229b73dc5d04f1afb9bb0dd4\
eb0b48895f514b4c9afeaf86e91226f2299126d37528ce374e89cc312c06f47c\
81112bf5ca60ffc33b98318e04a17627269f1af461b6cb40f3be03b0113fb2d8\
404e154c7191306b36fd3efa73c784ad9189115d0bb1bd82b850d000e7cc8d20\
35
Prime1: \
0bc31c063f43b3ade2cd633d554913339071d6ebed5fd665fc5dd7d47b80721a\
976c3b14fbd253f0f988c354725289f2897d7fb62c5c74af7d597a1e22aafba1\
d3
Prime2: \
0f816bf0add559afda38b008e4087f6a38b575c56fff453056eaaab3381c9552\
0969546f954d458d48e44850938b1db471cf4b40afc47e067fb5bce67ba98be8\
d7
MultiplicativeInverseOfPrime2ModPrime1: \
0b684eeec75b3e24e2d9947341b3f462258628af6f0b881396c887fe26a3408c\
40b13370710c82dd4a021a87bbaab5c0fc96cb1d015a783a764a8ab7b002903d\
21
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: EF0F1D56F4E5D587C212
Signature: \
04100affce5e7852b7e96e6484a76787c5c8428516159db1d3f27221a0960ef7\
1abf16a347520fd8c08cc7048d51893497c4a26ebd403ae6df2313baa980cf3f\
d3c6cf3f5f9f8d885b469ebf8932ccb0272e3ab05bf3c489b8beb1d555ca9a0c\
82d7b4a675252706cfc15a83cd8a08faa64f5d8c07f5ea68efaf8be77de5c8c7\
c5
Test: Verify
Message: 2C9EA313EACF2C5DA43A
Signature: \
0133fe2c3cb80c89118b9a7e4fbd0236d9857326721ea7b69bcc355992485364\
ec673501a93809a0685ad992bcc42a9c0691829ca84ad020818ece9ff493b04b\
1ff934cae30c001cbfca55b629f932f8ef6d09607d4024ac4eb165f29dd6d934\
35e5601aec2434d3b19d25fb14be9409ff55856457b730559447a69441769635\
b2
Test: Verify
Message: EC5CC4228C3C70EE8F35
Signature: \
0292228e7a28b288cdb6db84d7728759c071f2a079dbc1df3cb90d3647118b85\
2186f6ffe645425eaabc010a7dbe1a2963e34f11193b4b25ddfab503db231b6e\
86a2a40d7120185d5828752c16054061155f085e7eade9cc0ff9fc88430ebe32\
c01340f7b8d1f89369dc412e4b7b4a10dd71f7555172cb55f07c84b67666915e\
b5
Test: Verify
Message: D81F0C6F2D3D60EE19FE
Signature: \
104ee209ba0496989248d9abdfa55305e246ab0f05d6e4643725673d27485d30\
b8b90a3e064d4a0f856e6e0f3ac792f705c73cdb59f508c7352905387984aceb\
92ecac54ae7ad1babafc1642e887ac83b42948431e93636cb2cff7a6482a94b9\
5ad23b9bd3b5af9e7ff15553fe4d951ff3571638b0c861d97c5a4326fdff79c2\
9f
Test: Verify
Message: FEF5EE07C74118DA30B9
Signature: \
2ef6fde52d6bcf735bb6531a76729fd237dc5a08b1c0caefe4d381612060bb33\
138774cc38a50f5848959f28b63172983afbec6d0b1a54994e084cb0b76013dd\
e0a53ec0804f63e921e391ecd2a7ae1695a1c1cd3339e5de1c1bf5450004d3cb\
3e60778546cb04c4a6b998d061e9dcd0bdcd2e308c9af04069567865fce448af\
5f
Test: Verify
Message: 0B9554FFE4F6ADAB2C76
Signature: \
0587073e2070411738586fd883242cd1a4e9fc08b3e770ee01fd6160dc172a76\
a7ffd250503ddaa68b1f78cadeb422e9e9ce00e0773b863e662fa511891ed0d6\
085d7863be37d6013ed5c4949bc19f7d1e3f1c7d447b1f849f6f41629f62c833\
61861faf65e19ab4d3abcbbbc31b4cf4b4fc0d28cd7e524236a4a39066c2ee07\
ed
Test: Verify
Comment: 1536-bit RW key
KeyFormat: Component
Modulus: \
9f8f8ab78ad635c71c9ef0fce9d4a958a9013ed69fcd67c385722668d4357c32\
3732c78179eaa17984531ba570aa0721a1e228957b1008010f1a2d6c42e09847\
9ffeaff9bbfeb3c8e101f968fc7ac74cfba210f76a6da160e65934d216368763\
8f59e414dc6f0448c0b4052c90f7dc565d32acae5da04e3e157dca184aba8362\
bb28a2da6915d51d65f54fbeee69104a5a1b2304b87230c504b126dcf1c377cf\
1777b93be6903b50a44f054ae233b7cc24f950ded467cb8ffbdb17e7b6937605
Prime1: \
d0505c510a3b38a139d6d139818b04251d6ca46c2e717cfafbeebcd5fff8ae62\
de4698e3241784f05e8c86f0f996db77259ebaac6983f092853639f619b75701\
e562408cc1f5c543cada21fc26af36905b10a0df5b111efd754666bb3db4be63
Prime2: \
c41623ccb51e2474eb3dc5c2ef42cfd320a285ef7aefc1d1edcd5f566549cb79\
7285f01c89b9f749ca506b717c2a45b708fec2e7d611c5eee6af0a6d61219c7d\
cab18961e98eea3b7797c61a75aed21d411de4fcf4a009a8238a832dd6e41277
MultiplicativeInverseOfPrime2ModPrime1: \
bc1ceeed917217387ead12254cfc183f82c79709499f510ce093d6d28bc1bf2b\
fabc3d86d64a1c807605bd57f9ec533745d6e359270885c3eb7a36a02dff7137\
9bd453bf3fdc282afa2295d5e393f1c2c74edcbd2374c7740e8135ef0b8af258
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 400AEF79EDBCEA796D71
Signature: \
0c143a2c67cfc68abe6b52cc229a225f15516439a7b81ca795d0012eceac5dbc\
1653b3fc2150b0c83ca316626751132093f55eada4bc097b979737615bece763\
93d421eddd27d0fd0c7aab6d815699a1352bdacc1f77eb48e760fd1674572f57\
7919672ecb77fb5866e0bdd35d9d2007ed6ec9388779483e68d48d1722b98fcb\
34269a8be62323ad6b0bdb2f6df3dce5f9326b2447e88a322f1e88037ed6d8ab\
aafb9335b3fe9bb2d8a6551f4debd84cb26f13af7f0f7b96a0491ab3bc680918
Test: Verify
Message: 63F64BFAD5B830682F44
Signature: \
06dbab4e4d8fb0e09a144a2d785e956229c4f5cf834bf713f70158a7b3988c6f\
2f8ddd1de4d824818c21c35ea3f9a1b463e474564a71c29e2df2a56d8d6c72b8\
60d7752b7934a07c6ea9c38de6d508f5d6ad08c473b2bb2da989a9fe21082bce\
8bea32366106d657a7c9657d8fee6843773c469c1406a8d7dd95111a77a39979\
89c02e022b1166ae8a2075fb205d41bb977b6665b5f88150112b24f559b964c7\
774bd9da84cca2b71d3f0dcd63538ddae92f85ba89eb967febd42a7d8af842ef
Test: Verify
Message: B6AAE87E8D469A16A335
Signature: \
2bb35d0671c7153b70ecabde00d717cbc0217d322d88a9e39810ff9ceed4859f\
4beed20157877eec2d3bc57b45c423ebbaec0bbc3af8796837166670851192fd\
40473ed98666ed8490eff0821ab4650989d6af90212fae1835dad38c0361c55c\
c7899c790aaf348b245e547da148be53bc1c722051b20eaecbda9f09eed80596\
50e825d39216c906bfe97c2b34ff51dd0d7bb66799ddb917f18d0bf0d084f6a0\
959885a971ea903b5cde5102e20dfe974be900d3353bee16ce7d3bfb4e1faf9f
Test: Verify
Message: DB0F126516E3EDFF3D7C
Signature: \
411b42db6320896fa9251c23a9951b909401a3bb1ebfc83381536669c0dc8e50\
556adae94e15e40b515771078849dbe2c430853a28dbd1449a46edefd14970f9\
a217ee111dde569f51e335b3d60b320acbebc2d4e4d6786ceddc377548037387\
3c406c61e616500f14f74af9335f697691836723a8ab97476750285675add8e0\
01b137996c757329e53f8372eecdcf25c40d89befec0d41a1ff8694ac1bee0f6\
907fa47f5dca291a09b76f8290bb86c741abfe8e11a24abb9a656c3d48bc59d7
Test: Verify
Message: A58B1E5E98C44A8680BD
Signature: \
0547ab81082b15af46bcec4d4188828edfecbe61e31b869937a3c7069309895a\
f2b0433ec7e1f900176206066848555fc554e0e95cd2c3d1639bfdf3c73f0413\
5c832f3cf8695a4cccb2b55622da920649773bc163c0d2c9afd920267be3bcb2\
4380d1e4b163f3d4ca248f21a0f14b3683b558d45d89bba9e8545b1d939e69f0\
0652897cb1f26139e12e7bc21d24cbe7b796d4ba604d88481216144190f28064\
5a8736b9126938041ef954240ea08810d86ccb09a99a91e6b29f05f2396d017d
Test: Verify
Message: 7AF0498714B0D93AB959
Signature: \
20bbf2a876dfa068e6f0ab79579024a373269bb2c5aca0fa6efc7da27bd2577c\
8bc58c5e3572e4dc387384372afbb97bf9bf3d5bccbeb271b5695cb95b730e77\
2ae39645a24ce49df46149040b8473218929c8eed03844aa90820a03ab7a26a6\
bad0a13a8d28c6d498dadf948c0c5c3ac3b9287456194ab8b33b64364a23b0f0\
35dec5d190d5e9ff44ada5ff1f883a9dbfe966da0c5a0c6af1a68980023ad60f\
e240e9938f37f2e3cd085c03b30de6ad16372d4d93fb9a92afb092b0258a9746
Test: Verify
Comment: 2048-bit RW key
KeyFormat: Component
Modulus: \
b6dee7375bf4385043b3cc2ac5cacbc14ad11a17574738dd2bd84d2d1e6c74e1\
6066c2a5c35bc3b87839858afb5ee5e8abfab408f38772866f6f833f39fab248\
3a2c34ed55ad7098f9f63d4ec70b7950f02daaaab10781a0008f993c4027e381\
6bfd45c52f59452a7b28873513dce415a84fc8bc06601567f91ec41647da2304\
5b6e01e24516724acc02947ad5aa2dba4d952bc4f49d18ada0b0f7cc5d488814\
b921c0bc2b33d8828d80130df7d79b0992cec40d3bc7217d4a4dff3699345e44\
dac968575194845aa7b60dcf3c712d9b0a384824c3579b40dba265457d50f69f\
02a140884d89b7fdee9f0a787e76a37c58c92cf2d3818c72097d41b3faa7aa95
Prime1: \
fa880a456f9c205a26e02c3357536531dec150be0ef8747f69ea30d987ff7dd8\
9e9a1075ebd39f04fa495bd26d8408a8de69113a9fbb52f20713d1d046a76b47\
8cf77c46454a7afda2ef418f63faf67c947d898bca109f3275999e8f2e60e2c0\
eec133ff69e71a2d396632670b52d8ea03f7589d8144ab580b1d3e60efa1280b
Prime2: \
badcc718dd2d761c4893c4831d56ada30fc5c7c148d473bedf7615b7e821b92f\
319676ce278349f1309fb3d264c1a22bde71b221354c7a4d31117b3ec3c9d480\
2e0a26bd8ec05d28b6502c65f35c687af7f8396b963ed029a2c5ae38dd7c5c96\
2a953c113c0f590957ab19a6e2afda6db84f22c0c31ae243debd2920fbe9fbdf
MultiplicativeInverseOfPrime2ModPrime1: \
48a56f93e044a8211861da6bde9ab61265c63e168e507b56cd6e6e5f4de57c2f\
5c0b626462d6c06790cf561fa12a350dc0c08767f2717914183fac90db36495a\
91c0e9c0fbcfef19c85075b3b744fc378a9f2045cd7fd144ecd39bd1a59f1483\
10f6982efb3ffe502b279c4c0cb2a7f9ef64ca8f38690c486afb5f659cf7f838
PublicExponent: 02
Test: KeyPairValidAndConsistent
Message: 00AA5515CDAE5CD0F0DC
Signature: \
43f58896350d7150589730a5b895083224cdaf5475415b5cf9e00e90e0110818\
b2c26286dda3ffca8cd567ab0ae2647d71d8ecd82b1d6dd37518e2fc5ddc6bac\
11faa8baa3d04b66c94057386d9e2f9d0cce8e72f7a6f187d317bf4df94005fc\
af5a6c2240c01de3d754cdd040d698123c23f4aed288b98ddb84c22dff4710f9\
49d2947f1b3e5cd601341b08f6a90da6cf01223699480d0c4da06ee19de179d4\
ee431875dd89262aeeac3520bae9f540272a10aa0c4ba9a314c888f4c0de7ea9\
702c6301657cc48c62e0663478acc05362077fa2471b12430bc0d681c3e07670\
b1f6f0527901284c87726df9724812a3df9305808696f01496c0ac2a5192332b
Test: Verify
Message: B8E2FB9EAE22FB2C0021
Signature: \
13701a1e3668da7c518a2a31b43150c9efcbdeeb8cd0c629472fd1a40312e5f5\
4d29bbdaa10b337455bb76d7fbe7cce7872b5387a4116f7564d33a73d4c0d4ea\
b3ff687cabc4807aed536f253b5ea2b11275572f100a7c358c2b7df38f513a70\
52b902e7dd8f3e218284ce9ea5b5b75467e9fb1b033feadba9ff5a1dd8412ee5\
f6eb9b3b23a2a23ad4191b82f5d75eb96f40a73b7d7841adc54f1f9c89b78bf6\
2139820b0958f8eecb0b7a5208164dc14551f6b64612256c5519be2f06833955\
ed916c1444e82df4b6b7a980ccd3bf341f0baa0a1751adc28dee45ddaff34063\
bc20ed7edbcf6efb5b409a698c329ad633fa14a4254b382ec560bcddb1b5536e
Test: Verify
Message: 8C8C306A629373BAE647
Signature: \
2454422c3b13ad80e8063a19c3a8ba67a6d850eb2446d747d95e47ef27386d70\
47f199e32f8516be745674eedda48cacf1655e27f60fee5a8b5fef7cc0623e07\
5d0a6b24efd52871cb5b92d797b11289092e6b0d10f64a15c192a0e00c443018\
68a5d0c06598ca4306b508b8a9794161d01d463bfe9d3918674a02c51cbb615a\
fd963256e678c41222c22be0fa2bbd9ea905ec055ce79bdffdfbd475d25a1d09\
2b6edd5ccc8cbba579ebef9c83be024460f07d1a27b3843e18f83e4dc71a3bdb\
32267b6e218324a3ebe9202e56e132edc5f5c52f4f44f495074614c6d9747d5b\
36763bbcd352b00d7d6252f23656917fb1416485120e681e00622c6b35d81c64
Test: Verify
Message: 15E7B7B7ED0F176B6799
Signature: \
21c364a74387f14120f2825e7e8aa86498800e267c3dbe56b6ce0478921d95a7\
19ce489a6faf7654a9a1ed8af0da6698aec80513519bbe890409b3164d7c577f\
8836cf32faf7ec0859986642547abb725b97b2ff4eb4a2ffe1268c5f689a96cf\
3a1b6192d29c7fce68470dcdf3f3e74d314700745232b49abaf1861b0612aef0\
b93518e03db3db269381c6eff4e125fff4cdabe9e462f3b926582f5803b4431d\
1e0549956a48389d29fe0f8173d1d7d62883573b9b6fd19afb78b339bd9db1b6\
824c58d088855865d35143796cb11121fb2262918f2f43e2b7ea04091fa1d771\
44c8b22a1a7650276a0651e25ca1a3eecdc2d52fe1a92d8436e0b682db411b13
Test: Verify
Message: B36724C92954C38D0288
Signature: \
13107f891f2d6b7b18542d1285e353d7f6b28f483bee1d30145ab5bf121798d9\
2b579fd37f88ccd9c3cdbffcfcf71f6cfb4af863dc783898380fb6ba4610ab3b\
a683fd3ff2a50e2d75f1f0dcc33c71d020a9bd0757a345f8234a71360948ea26\
87b4bd5a39ff5d0c33e6736933759e3b183bd7f3bc793743c4eeace201d58107\
5f22fbaad6c4c190681f87cd4043d2555f8fb2b8ce96329795e5b41c1dca3710\
bd1c772c4c954b68bb285c429fd5a01daf81fdd3a39ebc4da6ed74c548530375\
d92a0f1b3395143d697d68bc5e98701fd16b3d214c549206f0b711344a642476\
2e1a9ab90461c36259964be805fa3d80e093d45ea411d407e6ced142c572eb4c
Test: Verify
Message: FA95400C2B14E064F76A
Signature: \
1bfbff59e854df6b53094d4fe46c7abe1d79562d99a843bbdab5b35a85b384f8\
dee895d94fbfb672dd7cfca1f9e7cbbb1a76e97a8efbddfa3ec7c9d9efb0d6b2\
8b09ad0e26e8f0af32a309a45d316b3e3979f8b3ac4733c343463fb1b33cce71\
ed42a5ed914df586afeb50aa6316e49ba852514403b9d84ed9e76e593b034810\
2d82aaa6dfbf5902da292f5966d7e26f7bf620ebb3e0c099e39375d82cb4b448\
bade152b9ca88eba9ec373f15bb013f3033b75497133940ff29b8a9e423dbffa\
f9cc20e12b886b124d57bb9cf1b4fc7598c6a6918edff8a3bc565705cdd31eee\
6a5a4ad9a04ca14d28081480fdc96c7877f7cc72cfee50ed81bc79a5757e3beb
Test: Verify

12
algparam.cpp
View File

@ -2,19 +2,9 @@
#include "pch.h"
#include "algparam.h"
#include "integer.h"
NAMESPACE_BEGIN(CryptoPP)
const std::type_info & IntegerTypeId()
{
static const std::type_info &s_typeidInteger = typeid(Integer);
return s_typeidInteger;
}
void AssignIntToInteger(void *pInteger, const void *pInt)
{
*reinterpret_cast<Integer *>(pInteger) = *reinterpret_cast<const int *>(pInt);
}
bool (*AssignIntToInteger)(const std::type_info &valueType, void *pInteger, const void *pInt) = NULL;
NAMESPACE_END

54
algparam.h
View File

@ -88,29 +88,33 @@ template <class T, class BASE>
class GetValueHelperClass
{
public:
GetValueHelperClass(const T *pObject, const char *name, const std::type_info &valueType, void *pValue)
GetValueHelperClass(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst)
: m_pObject(pObject), m_name(name), m_valueType(&valueType), m_pValue(pValue), m_found(false), m_getValueNames(false)
{
if (strcmp(name, "ValueNames") == 0)
if (strcmp(m_name, "ValueNames") == 0)
{
m_found = m_getValueNames = true;
std::string thisPointerName = std::string("ThisPointer:") + typeid(T).name();
if (m_getValueNames)
{
NameValuePairs::ThrowIfTypeMismatch(name, typeid(std::string), *m_valueType);
NameValuePairs::ThrowIfTypeMismatch(m_name, typeid(std::string), *m_valueType);
if (searchFirst)
searchFirst->GetVoidValue(m_name, valueType, pValue);
if (typeid(T) != typeid(BASE))
pObject->BASE::GetVoidValue(name, valueType, pValue);
(*reinterpret_cast<std::string *>(m_pValue) += thisPointerName) += ";";
pObject->BASE::GetVoidValue(m_name, valueType, pValue);
((*reinterpret_cast<std::string *>(m_pValue) += "ThisPointer:") += typeid(T).name()) += ';';
}
else if (name == thisPointerName)
if (!m_found && strncmp(m_name, "ThisPointer:", 12) == 0 && strcmp(m_name+12, typeid(T).name()) == 0)
{
NameValuePairs::ThrowIfTypeMismatch(name, typeid(T *), *m_valueType);
NameValuePairs::ThrowIfTypeMismatch(m_name, typeid(T *), *m_valueType);
*reinterpret_cast<const T **>(pValue) = pObject;
m_found = true;
return;
}
else if (typeid(T) != typeid(BASE))
m_found = pObject->BASE::GetVoidValue(name, valueType, pValue);
if (!m_found && searchFirst)
m_found = searchFirst->GetVoidValue(m_name, valueType, pValue);
if (!m_found && typeid(T) != typeid(BASE))
m_found = pObject->BASE::GetVoidValue(m_name, valueType, pValue);
}
operator bool() const {return m_found;}
@ -120,7 +124,7 @@ public:
{
if (m_getValueNames)
(*reinterpret_cast<std::string *>(m_pValue) += name) += ";";
else if (!m_found && strcmp(name, m_name) == 0)
if (!m_found && strcmp(name, m_name) == 0)
{
NameValuePairs::ThrowIfTypeMismatch(name, typeid(R), *m_valueType);
*reinterpret_cast<R *>(m_pValue) = (m_pObject->*pm)();
@ -131,10 +135,9 @@ public:
GetValueHelperClass<T,BASE> &Assignable()
{
std::string thisObjectName = std::string("ThisObject:") + typeid(T).name();
if (m_getValueNames)
(*reinterpret_cast<std::string *>(m_pValue) += thisObjectName) += ";";
else if (!m_found && m_name == thisObjectName)
((*reinterpret_cast<std::string *>(m_pValue) += "ThisObject:") += typeid(T).name()) += ';';
if (!m_found && strncmp(m_name, "ThisObject:", 11) == 0 && strcmp(m_name+11, typeid(T).name()) == 0)
{
NameValuePairs::ThrowIfTypeMismatch(m_name, typeid(T), *m_valueType);
*reinterpret_cast<T *>(m_pValue) = *m_pObject;
@ -152,15 +155,15 @@ private:
};
template <class BASE, class T>
GetValueHelperClass<T, BASE> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, BASE *dummy=NULL)
GetValueHelperClass<T, BASE> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL, BASE *dummy=NULL)
{
return GetValueHelperClass<T, BASE>(pObject, name, valueType, pValue);
return GetValueHelperClass<T, BASE>(pObject, name, valueType, pValue, searchFirst);
}
template <class T>
GetValueHelperClass<T, T> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue)
GetValueHelperClass<T, T> GetValueHelper(const T *pObject, const char *name, const std::type_info &valueType, void *pValue, const NameValuePairs *searchFirst=NULL)
{
return GetValueHelperClass<T, T>(pObject, name, valueType, pValue);
return GetValueHelperClass<T, T>(pObject, name, valueType, pValue, searchFirst);
}
// ********************************************************
@ -239,7 +242,8 @@ AssignFromHelperClass<T, T> AssignFromHelper(T *pObject, const NameValuePairs &s
// ********************************************************
void AssignIntToInteger(void *pInteger, const void *pInt);
// This should allow the linker to discard Integer code if not needed.
extern bool (*AssignIntToInteger)(const std::type_info &valueType, void *pInteger, const void *pInt);
const std::type_info & IntegerTypeId();
@ -283,9 +287,7 @@ public:
else if (strcmp(name, m_name) == 0)
{
// special case for retrieving an Integer parameter when an int was passed in
if (valueType == IntegerTypeId() && typeid(T) == typeid(int))
AssignIntToInteger(pValue, &m_value);
else
if (!(AssignIntToInteger != NULL && typeid(T) == typeid(int) && AssignIntToInteger(valueType, pValue, &m_value)))
{
ThrowIfTypeMismatch(name, typeid(T), valueType);
*reinterpret_cast<T *>(pValue) = m_value;

6
asn.h
View File

@ -236,13 +236,15 @@ public:
virtual bool DEREncodeAlgorithmParameters(BufferedTransformation &bt) const
{DEREncodeNull(bt); return false;} // see RFC 2459, section 7.3.1
// one of the following two should be overriden
//! decode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
virtual void BERDecodeKey(BufferedTransformation &bt) {assert(false);}
virtual void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, unsigned int size)
{BERDecodeKey(bt);}
//! encode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
virtual void DEREncodeKey(BufferedTransformation &bt) const =0;
};
//! .
//! encodes/decodes subjectPublicKeyInfo
class X509PublicKey : virtual public ASN1Key, public PublicKey
{
public:
@ -250,7 +252,7 @@ public:
void DEREncode(BufferedTransformation &bt) const;
};
//! .
//! encodes/decodes privateKeyInfo
class PKCS8PrivateKey : virtual public ASN1Key, public PrivateKey
{
public:

2
base64.cpp
View File

@ -20,7 +20,7 @@ void Base64Encoder::IsolatedInitialize(const NameValuePairs &parameters)
("PaddingByte", s_padding)
("Log2Base", 6)
("GroupSize", insertLineBreaks ? maxLineLength : 0)
("Seperator", ConstByteArrayParameter("\n"))
("Separator", ConstByteArrayParameter("\n"))
("Terminator", ConstByteArrayParameter("\n"))));
}

21
basecode.cpp
View File

@ -187,28 +187,26 @@ void BaseN_Decoder::InitializeDecodingLookupArray(int *lookup, const byte *alpha
void Grouper::IsolatedInitialize(const NameValuePairs &parameters)
{
m_groupSize = parameters.GetIntValueWithDefault("GroupSize", 0);
ConstByteArrayParameter seperator, terminator;
ConstByteArrayParameter separator, terminator;
if (m_groupSize)
parameters.GetRequiredParameter("Grouper", "Seperator", seperator);
else
parameters.GetValue("Seperator", seperator);
parameters.GetRequiredParameter("Grouper", "Separator", separator);
parameters.GetValue("Terminator", terminator);
m_seperator.Assign(seperator.begin(), seperator.size());
m_separator.Assign(separator.begin(), separator.size());
m_terminator.Assign(terminator.begin(), terminator.size());
m_counter = 0;
}
unsigned int Grouper::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
{
FILTER_BEGIN;
if (m_groupSize)
{
FILTER_BEGIN;
while (m_inputPosition < length)
{
if (m_counter == m_groupSize)
{
FILTER_OUTPUT(1, m_seperator, m_seperator.size(), 0);
FILTER_OUTPUT(1, m_separator, m_separator.size(), 0);
m_counter = 0;
}
@ -218,12 +216,13 @@ unsigned int Grouper::Put2(const byte *begin, unsigned int length, int messageEn
m_inputPosition += len;
m_counter += len;
}
if (messageEnd)
FILTER_OUTPUT(3, m_terminator, m_terminator.size(), messageEnd);
FILTER_END_NO_MESSAGE_END
}
else
return Output(0, begin, length, messageEnd, blocking);
FILTER_OUTPUT(3, begin, length, 0);
if (messageEnd)
FILTER_OUTPUT(4, m_terminator, m_terminator.size(), messageEnd);
FILTER_END_NO_MESSAGE_END
}
NAMESPACE_END

6
basecode.h
View File

@ -61,11 +61,11 @@ public:
Grouper(BufferedTransformation *attachment=NULL)
: Bufferless<Filter>(attachment) {}
Grouper(int groupSize, const std::string &seperator, const std::string &terminator, BufferedTransformation *attachment=NULL)
Grouper(int groupSize, const std::string &separator, const std::string &terminator, BufferedTransformation *attachment=NULL)
: Bufferless<Filter>(attachment)
{
IsolatedInitialize(MakeParameters("GroupSize", groupSize)
("Seperator", ConstByteArrayParameter(seperator))
("Separator", ConstByteArrayParameter(separator))
("Terminator", ConstByteArrayParameter(terminator)));
}
@ -73,7 +73,7 @@ public:
unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
private:
SecByteBlock m_seperator, m_terminator;
SecByteBlock m_separator, m_terminator;
unsigned int m_groupSize, m_counter;
};

20
bench.cpp
View File

@ -229,7 +229,7 @@ void BenchMarkDecryption(const char *name, PK_Decryptor &priv, PK_Encryptor &pub
unsigned int i;
double timeTaken;
for (timeTaken=(double)0, i=0; timeTaken < timeTotal; timeTaken = double(clock() - start) / CLOCK_TICKS_PER_SECOND, i++)
priv.Decrypt(ciphertext, ciphertext.size(), plaintext);
priv.Decrypt(rng, ciphertext, ciphertext.size(), plaintext);
OutputResultOperations(name, "Decryption", false, i, timeTaken);
}
@ -268,7 +268,7 @@ void BenchMarkVerification(const char *name, const PK_Signer &priv, PK_Verifier
unsigned int i;
double timeTaken;
for (timeTaken=(double)0, i=0; timeTaken < timeTotal; timeTaken = double(clock() - start) / CLOCK_TICKS_PER_SECOND, i++)
pub.VerifyMessage(message, len, signature);
pub.VerifyMessage(message, len, signature, signature.size());
OutputResultOperations(name, "Verification", pc, i, timeTaken);
@ -555,10 +555,10 @@ void BenchMarkAll(double t)
BenchMarkCrypto<LUC_IES<> >("lucc1024.dat", "LUCELG 1024", t);
cout << "<TBODY style=\"background: yellow\">" << endl;
BenchMarkSignature<RSASSA<PKCS1v15, SHA> >("rsa1024.dat", "RSA 1024", t);
BenchMarkSignature<RabinPSSR<SHA> >("rabi1024.dat", "Rabin 1024", t);
BenchMarkSignature<RWSSA<SHA> >("rw1024.dat", "RW 1024", t);
BenchMarkSignature<LUCSSA<SHA> >("luc1024.dat", "LUC 1024", t);
BenchMarkSignature<RSASS<PSSR, SHA> >("rsa1024.dat", "RSA 1024", t);
BenchMarkSignature<RabinSS<PSSR, SHA> >("rabi1024.dat", "Rabin 1024", t);
BenchMarkSignature<RWSS<PSSR, SHA> >("rw1024.dat", "RW 1024", t);
BenchMarkSignature<LUCSS<PSSR, SHA> >("luc1024.dat", "LUC 1024", t);
BenchMarkSignature<NR<SHA> >("nr1024.dat", "NR 1024", t);
BenchMarkSignature<DSA>("dsa1024.dat", "DSA 1024", t);
BenchMarkSignature<LUC_HMP<SHA> >("lucs512.dat", "LUC-HMP 512", t);
@ -566,10 +566,10 @@ void BenchMarkAll(double t)
BenchMarkSignature<ESIGN<SHA> >("esig1536.dat", "ESIGN 1536", t);
cout << "<TBODY style=\"background: white\">" << endl;
BenchMarkSignature<RSASSA<PKCS1v15, SHA> >("rsa2048.dat", "RSA 2048", t);
BenchMarkSignature<RabinPSSR<SHA> >("rabi2048.dat", "Rabin 2048", t);
BenchMarkSignature<RWSSA<SHA> >("rw2048.dat", "RW 2048", t);
BenchMarkSignature<LUCSSA<SHA> >("luc2048.dat", "LUC 2048", t);
BenchMarkSignature<RSASS<PSSR, SHA> >("rsa2048.dat", "RSA 2048", t);
BenchMarkSignature<RabinSS<PSSR, SHA> >("rabi2048.dat", "Rabin 2048", t);
BenchMarkSignature<RWSS<PSSR, SHA> >("rw2048.dat", "RW 2048", t);
BenchMarkSignature<LUCSS<PSSR, SHA> >("luc2048.dat", "LUC 2048", t);
BenchMarkSignature<NR<SHA> >("nr2048.dat", "NR 2048", t);
BenchMarkSignature<LUC_HMP<SHA> >("lucs1024.dat", "LUC-HMP 1024", t);
BenchMarkSignature<ESIGN<SHA> >("esig2046.dat", "ESIGN 2046", t);

2
config.h
View File

@ -171,7 +171,7 @@ union dword_union
NAMESPACE_END
// VC60 workaround: it doesn't allow typename in some places
#ifdef _MSC_VER
#if defined(_MSC_VER) && (_MSC_VER < 1300)
#define CPP_TYPENAME
#else
#define CPP_TYPENAME typename

71
cryptlib.cpp
View File

@ -545,15 +545,15 @@ BufferedTransformation * PK_Encryptor::CreateEncryptionFilter(RandomNumberGenera
return new EncryptionFilter(rng, *this, attachment);
}
BufferedTransformation * PK_Decryptor::CreateDecryptionFilter(BufferedTransformation *attachment) const
BufferedTransformation * PK_Decryptor::CreateDecryptionFilter(RandomNumberGenerator &rng, BufferedTransformation *attachment) const
{
struct DecryptionFilter : public Unflushable<FilterWithInputQueue>
{
// VC60 complains if this function is missing
DecryptionFilter(const DecryptionFilter &x) : Unflushable<FilterWithInputQueue>(NULL), m_decryptor(x.m_decryptor) {}
DecryptionFilter(const DecryptionFilter &x) : Unflushable<FilterWithInputQueue>(NULL), m_rng(x.m_rng), m_decryptor(x.m_decryptor) {}
DecryptionFilter(const PK_Decryptor &decryptor, BufferedTransformation *attachment)
: Unflushable<FilterWithInputQueue>(attachment), m_decryptor(decryptor)
DecryptionFilter(RandomNumberGenerator &rng, const PK_Decryptor &decryptor, BufferedTransformation *attachment)
: Unflushable<FilterWithInputQueue>(attachment), m_rng(rng), m_decryptor(decryptor)
{
}
@ -569,7 +569,7 @@ BufferedTransformation * PK_Decryptor::CreateDecryptionFilter(BufferedTransforma
SecByteBlock ciphertext(ciphertextLength);
m_inQueue.Get(ciphertext, ciphertextLength);
m_plaintext.resize(maxPlaintextLength);
m_result = m_decryptor.Decrypt(ciphertext, ciphertextLength, m_plaintext);
m_result = m_decryptor.Decrypt(m_rng, ciphertext, ciphertextLength, m_plaintext);
if (!m_result.isValidCoding)
throw InvalidCiphertext(m_decryptor.AlgorithmName() + ": invalid ciphertext");
}
@ -581,12 +581,13 @@ BufferedTransformation * PK_Decryptor::CreateDecryptionFilter(BufferedTransforma
return true;
}
RandomNumberGenerator &m_rng;
const PK_Decryptor &m_decryptor;
SecByteBlock m_plaintext;
DecodingResult m_result;
};
return new DecryptionFilter(*this, attachment);
return new DecryptionFilter(rng, *this, attachment);
}
unsigned int PK_FixedLengthCryptoSystem::MaxPlaintextLength(unsigned int cipherTextLength) const
@ -605,38 +606,64 @@ unsigned int PK_FixedLengthCryptoSystem::CiphertextLength(unsigned int plainText
return 0;
}
DecodingResult PK_FixedLengthDecryptor::Decrypt(const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const
DecodingResult PK_FixedLengthDecryptor::Decrypt(RandomNumberGenerator &rng, const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const
{
if (cipherTextLength != FixedCiphertextLength())
return DecodingResult();
return FixedLengthDecrypt(cipherText, plainText);
return FixedLengthDecrypt(rng, cipherText, plainText);
}
void PK_Signer::Sign(RandomNumberGenerator &rng, HashTransformation *messageAccumulator, byte *signature) const
unsigned int PK_Signer::Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const
{
std::auto_ptr<HashTransformation> m(messageAccumulator);
SignAndRestart(rng, *m, signature);
std::auto_ptr<PK_MessageAccumulator> m(messageAccumulator);
return SignAndRestart(rng, *m, signature, false);
}
void PK_Signer::SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const
unsigned int PK_Signer::SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const
{
std::auto_ptr<HashTransformation> accumulator(NewSignatureAccumulator());
accumulator->Update(message, messageLen);
SignAndRestart(rng, *accumulator, signature);
std::auto_ptr<PK_MessageAccumulator> m(NewSignatureAccumulator(rng));
m->Update(message, messageLen);
return SignAndRestart(rng, *m, signature, false);
}
bool PK_Verifier::Verify(HashTransformation *messageAccumulator, const byte *signature) const
unsigned int PK_Signer::SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, unsigned int recoverableMessageLength,
const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, byte *signature) const
{
std::auto_ptr<HashTransformation> m(messageAccumulator);
return VerifyAndRestart(*m, signature);
std::auto_ptr<PK_MessageAccumulator> m(NewSignatureAccumulator(rng));
InputRecoverableMessage(*m, recoverableMessage, recoverableMessageLength);
m->Update(nonrecoverableMessage, nonrecoverableMessageLength);
return SignAndRestart(rng, *m, signature, false);
}
bool PK_Verifier::VerifyMessage(const byte *message, unsigned int messageLen, const byte *sig) const
bool PK_Verifier::Verify(PK_MessageAccumulator *messageAccumulator) const
{
std::auto_ptr<HashTransformation> accumulator(NewVerificationAccumulator());
accumulator->Update(message, messageLen);
return VerifyAndRestart(*accumulator, sig);
std::auto_ptr<PK_MessageAccumulator> m(messageAccumulator);
return VerifyAndRestart(*m);
}
bool PK_Verifier::VerifyMessage(const byte *message, unsigned int messageLen, const byte *signature, unsigned int signatureLength) const
{
std::auto_ptr<PK_MessageAccumulator> m(NewVerificationAccumulator());
InputSignature(*m, signature, signatureLength);
m->Update(message, messageLen);
return VerifyAndRestart(*m);
}
DecodingResult PK_Verifier::Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const
{
std::auto_ptr<PK_MessageAccumulator> m(messageAccumulator);
return RecoverAndRestart(recoveredMessage, *m);
}
DecodingResult PK_Verifier::RecoverMessage(byte *recoveredMessage,
const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength,
const byte *signature, unsigned int signatureLength) const
{
std::auto_ptr<PK_MessageAccumulator> m(NewVerificationAccumulator());
InputSignature(*m, signature, signatureLength);
m->Update(nonrecoverableMessage, nonrecoverableMessageLength);
return RecoverAndRestart(recoveredMessage, *m);
}
void SimpleKeyAgreementDomain::GenerateKeyPair(RandomNumberGenerator &rng, byte *privateKey, byte *publicKey) const

6
cryptlib.dsp
View File

@ -25,6 +25,8 @@ CFG=cryptlib - Win32 Debug
# Begin Project
# PROP AllowPerConfigDependencies 0
# PROP Scc_ProjName ""
# PROP Scc_LocalPath ""
CPP=cl.exe
RSC=rc.exe
@ -402,6 +404,10 @@ SOURCE=.\polynomi.cpp
# End Source File
# Begin Source File
SOURCE=.\pssr.cpp
# End Source File
# Begin Source File
SOURCE=.\pubkey.cpp
# End Source File
# Begin Source File

227
cryptlib.h
View File

@ -21,7 +21,7 @@
<dt>Public Key Cryptosystems<dd>
DLIES, ECIES, LUCES, RSAES, RabinES, LUC_IES
<dt>Public Key Signature Schemes<dd>
DSA, GDSA, ECDSA, NR, ECNR, LUCSSA, RSASSA, RabinSSR, RWSSA, ESIGN
DSA, GDSA, ECDSA, NR, ECNR, LUCSS, RSASS, RabinSS, RWSS, ESIGN
<dt>Key Agreement<dd>
#DH, DH2, #MQV, ECDH, ECMQV, XTR_DH
<dt>Algebraic Structures<dd>
@ -106,7 +106,7 @@ public:
OTHER_ERROR
};
explicit Exception(ErrorType errorType, const std::string &s) : m_what(s) {}
explicit Exception(ErrorType errorType, const std::string &s) : m_errorType(errorType), m_what(s) {}
virtual ~Exception() throw() {}
const char *what() const throw() {return (m_what.c_str());}
const std::string &GetWhat() const {return m_what;}
@ -319,7 +319,7 @@ public:
class Algorithm : public Clonable
{
public:
/*! When FIPS-140-2 compliance is enabled and checkSelfTestStatus == true,
/*! When FIPS 140-2 compliance is enabled and checkSelfTestStatus == true,
this constructor throws SelfTestFailure if the self test hasn't been run or fails. */
Algorithm(bool checkSelfTestStatus = true);
//! returns name of this algorithm, not universally implemented yet
@ -519,6 +519,9 @@ public:
//! input to Update() should have length a multiple of this for optimal speed
virtual unsigned int OptimalBlockSize() const {return 1;}
//! returns how input should be aligned for optimal performance
virtual unsigned int OptimalDataAlignment() const {return 1;}
//! use this if your input is in one piece and you don't want to call Update() and Final() separately
virtual void CalculateDigest(byte *digest, const byte *input, unsigned int length)
{Update(input, length); Final(digest);}
@ -691,8 +694,9 @@ public:
//! input a 32-bit word
unsigned int PutWord32(word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
//! request space to write bytes into for processing
//! request space which can be written into by the caller, and then used as input to Put()
/*! \param size is requested size (as a hint) for input, and size of the returned space for output */
/*! \note The purpose of this method is to help avoid doing extra memory allocations. */
virtual byte * CreatePutSpace(unsigned int &size) {size=0; return NULL;}
virtual bool CanModifyInput() const {return false;}
@ -1126,12 +1130,12 @@ public:
/*! \pre size of plainText == MaxPlainTextLength(cipherTextLength) bytes.
\return the actual length of the plaintext, or 0 if decryption fails.
*/
virtual DecodingResult Decrypt(const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const =0;
virtual DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const =0;
//! create a new decryption filter
/*! \note caller is responsible for deleting the returned pointer
*/
virtual BufferedTransformation * CreateDecryptionFilter(BufferedTransformation *attachment=NULL) const;
virtual BufferedTransformation * CreateDecryptionFilter(RandomNumberGenerator &rng, BufferedTransformation *attachment=NULL) const;
};
//! interface for encryptors and decryptors with fixed length ciphertext
@ -1175,31 +1179,74 @@ public:
\pre size of plainText == MaxPlainTextLength()
\return the actual length of the plaintext, or 0 if decryption fails.
*/
virtual DecodingResult FixedLengthDecrypt(const byte *cipherText, byte *plainText) const =0;
virtual DecodingResult FixedLengthDecrypt(RandomNumberGenerator &rng, const byte *cipherText, byte *plainText) const =0;
DecodingResult Decrypt(const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const;
#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
DecodingResult Decrypt(const byte *cipherText, byte *plainText) const {return FixedLengthDecrypt(cipherText, plainText);}
#endif
DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const;
};
//! interface for public-key signers and verifiers
/*! This class provides an interface common to signers and verifiers
for querying their signature lengths and creating message
accumulators.
for querying scheme properties.
*/
class PK_SignatureScheme
{
public:
//! invalid key exception, may be thrown by any function in this class if the private or public key has a length that can't be used
class InvalidKeyLength : public Exception
{
public:
InvalidKeyLength(const std::string &message) : Exception(OTHER_ERROR, message) {}
};
//! key too short exception, may be thrown by any function in this class if the private or public key is too short to sign or verify anything
class KeyTooShort : public InvalidKeyLength
{
public:
KeyTooShort() : InvalidKeyLength("PK_Signer: key too short for this signature scheme") {}
};
virtual ~PK_SignatureScheme() {}
//! signature length support by this object (as either input or output)
//! signature length if it only depends on the key, otherwise 0
virtual unsigned int SignatureLength() const =0;
//! deprecated, please use PK_Signer::NewSignatureAccumulator or PK_Verifier::NewVerificationAccumulator instead
virtual HashTransformation * NewMessageAccumulator() const =0;
//! maximum signature length produced for a given length of recoverable message part
virtual unsigned int MaxSignatureLength(unsigned int recoverablePartLength = 0) const {return SignatureLength();}
//! length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery
virtual unsigned int MaxRecoverableLength() const =0;
//! length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery
virtual unsigned int MaxRecoverableLengthFromSignatureLength(unsigned int signatureLength) const =0;
//! requires a random number generator to sign
/*! if this returns false, NullRNG() can be passed to functions that take RandomNumberGenerator & */
virtual bool IsProbabilistic() const =0;
//! whether or not a non-recoverable message part can be signed
virtual bool AllowNonrecoverablePart() const =0;
//! if this function returns true, during verification you must input the signature before the message, otherwise you can input it at anytime */
virtual bool SignatureUpfront() const {return false;}
//! whether you must input the recoverable part before the non-recoverable part during signing
virtual bool RecoverablePartFirst() const =0;
};
//! interface for accumulating messages to be signed or verified
/*! Only Update() should be called
on this class. No other functions inherited from HashTransformation should be called.
*/
class PK_MessageAccumulator : public HashTransformation
{
public:
//! should not be called on PK_MessageAccumulator
unsigned int DigestSize() const
{throw NotImplemented("PK_MessageAccumulator: DigestSize() should not be called");}
//! should not be called on PK_MessageAccumulator
void TruncatedFinal(byte *digest, unsigned int digestSize)
{throw NotImplemented("PK_MessageAccumulator: TruncatedFinal() should not be called");}
};
//! interface for public-key signers
@ -1207,133 +1254,79 @@ public:
class PK_Signer : virtual public PK_SignatureScheme, public PrivateKeyAlgorithm
{
public:
//! key too short exception, may be thrown by Sign() or SignMessage()
class KeyTooShort : public Exception
{
public:
KeyTooShort() : Exception(OTHER_ERROR, "PK_Signer: key too short") {}
};
//! create a new HashTransformation to accumulate the message to be signed
virtual PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng = NullRNG()) const =0;
virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const =0;
//! sign and delete messageAccumulator (even in case of exception thrown)
/*! \pre messageAccumulator was obtained by calling NewSignatureAccumulator()
\pre HashTransformation::Final() has not been called on messageAccumulator
\pre size of signature == SignatureLength()
/*! \pre size of signature == MaxSignatureLength()
\return actual signature length
*/
virtual void Sign(RandomNumberGenerator &rng, HashTransformation *messageAccumulator, byte *signature) const;
virtual unsigned int Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
//! sign and restart messageAccumulator
virtual void SignAndRestart(RandomNumberGenerator &rng, HashTransformation &messageAccumulator, byte *signature) const =0;
/*! \pre size of signature == MaxSignatureLength()
\return actual signature length
*/
virtual unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
//! sign a message
/*! \pre size of signature == SignatureLength() */
virtual void SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const;
/*! \pre size of signature == MaxSignatureLength()
\return actual signature length
*/
virtual unsigned int SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const;
//! create a new HashTransformation to accumulate the message to be signed
virtual HashTransformation * NewSignatureAccumulator() const
{return NewMessageAccumulator();}
//! sign a recoverable message
/*! \pre size of signature == MaxSignatureLength(recoverableMessageLength)
\return actual signature length
*/
virtual unsigned int SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, unsigned int recoverableMessageLength,
const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, byte *signature) const;
};
//! interface for public-key signature verifiers
/*! The Recover* functions throw NotImplemented if the signature scheme does not support
message recovery.
The Verify* functions throw InvalidDataFormat if the scheme does support message
recovery and the signature contains a non-empty recoverable message part. The
Recovery* functions should be used in that case.
*/
class PK_Verifier : virtual public PK_SignatureScheme, public PublicKeyAlgorithm
{
public:
/*! If this function returns true, you must input the signature when
calling NewVerificationAccumulator(). Otherwise, you must input the signature
when calling Verify(). */
virtual bool SignatureUpfrontForVerification() const {return false;}
//! create a new HashTransformation to accumulate the message to be verified
/*! \param signature is ignored if SignatureUpfrontForVerification() == false
\param signature may be NULL to indicate that the signature is not available yet
*/
virtual HashTransformation * NewVerificationAccumulator(const byte *signature=NULL) const
{return NewMessageAccumulator();}
virtual PK_MessageAccumulator * NewVerificationAccumulator() const =0;
//! check whether sig is a valid signature for messageAccumulator, and delete messageAccumulator (even in case of exception thrown)
/*! \pre messageAccumulator was obtained by calling NewVerificationAccumulator()
\pre HashTransformation::Final() has not been called on messageAccumulator
\pre length of signature == SignatureLength()
\param signature is ignored if SignatureUpfrontForVerification() == true
*/
virtual bool Verify(HashTransformation *messageAccumulator, const byte *signature=NULL) const;
//! input signature into a message accumulator
virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const =0;
//! check whether sig is a valid signature for messageAccumulator, and restart messageAccumulator
/*! \note depending on SignatureUpfrontForVerification(), signature is either the current or the next signature
\param signature may be NULL to indicate that the next signature is not available yet
*/
virtual bool VerifyAndRestart(HashTransformation &messageAccumulator, const byte *signature) const =0;
//! check whether messageAccumulator contains a valid signature and message, and delete messageAccumulator (even in case of exception thrown)
virtual bool Verify(PK_MessageAccumulator *messageAccumulator) const;
//! only useful if SignatureUpfrontForVerification() == true
virtual void InitializeVerificationAccumulator(HashTransformation &messageAccumulator, const byte *signature) const {}
//! check whether messageAccumulator contains a valid signature and message, and restart messageAccumulator
virtual bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const =0;
//! check whether sig is a valid signature for message
/*! \pre size of signature == SignatureLength() */
virtual bool VerifyMessage(const byte *message, unsigned int messageLen, const byte *signature) const;
};
//! interface for public-key signers and verifiers with recovery
/*! In a signature scheme with recovery, a verifier is able to extract
a message from its valid signature.
*/
class PK_SignatureSchemeWithRecovery : virtual public PK_SignatureScheme
{
public:
//! length of longest message that can be fully recovered
virtual unsigned int MaximumRecoverableLength() const =0;
//! whether or not messages longer than MaximumRecoverableLength() can be signed
/*! If this function returns false, any message longer than
MaximumRecoverableLength() will be truncated for signature
and will fail verification.
*/
virtual bool AllowLeftoverMessage() const =0;
};
//! interface for public-key signers with recovery
class PK_SignerWithRecovery : virtual public PK_SignatureSchemeWithRecovery, virtual public PK_Signer
{
};
//! interface for public-key verifiers with recovery
/*! A PK_VerifierWithRecovery can also be used the same way as a PK_Verifier,
where the signature and the entire message is given to Verify() or
VerifyMessage() as input.
*/
class PK_VerifierWithRecovery : virtual public PK_SignatureSchemeWithRecovery, virtual public PK_Verifier
{
public:
/*! If this function returns true, you must input the signature when
calling NewRecoveryAccumulator(). Otherwise, you must input the signature
when calling Recover(). */
virtual bool SignatureUpfrontForRecovery() const =0;
//! create a new HashTransformation to accumulate leftover message
virtual HashTransformation * NewRecoveryAccumulator(const byte *signature=NULL) const =0;
//! check whether input signature is a valid signature for input message
virtual bool VerifyMessage(const byte *message, unsigned int messageLen,
const byte *signature, unsigned int signatureLength) const;
//! recover a message from its signature
/*! \pre leftoverMessageAccumulator was obtained by calling NewLeftoverMessageAccumulator(signature)
\pre HashTransformation::Final() has not been called on leftoverMessageAccumulator
\pre length of signature == SignatureLength()
\pre size of recoveredMessage == MaximumRecoverableLength()
/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
*/
virtual DecodingResult Recover(byte *recoveredMessage, HashTransformation *recoveryAccumulator, const byte *signature=NULL) const =0;
virtual DecodingResult Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const;
//! recover a message from its signature
/*! depending on SignatureUpfrontForRecovery(), signature is either the current or the next signature */
// TODO: uncomment this and implement
// virtual unsigned int RecoverAndRestart(byte *recoveredMessage, HashTransformation &recoveryAccumulator, const byte *signature) const =0;
/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
*/
virtual DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const =0;
//! recover a message from its signature
/*! \note This function should be equivalent to Recover(recoveredMessage, NewRecoveryAccumulator(signature), signature)
\pre length of signature == SignatureLength()
\pre size of recoveredMessage == MaximumRecoverableLength()
/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
*/
virtual DecodingResult RecoverMessage(byte *recoveredMessage, const byte *message, unsigned int messageLen, const byte *signature) const
{return Recover(recoveredMessage, NewRecoveryAccumulator(signature), signature);}
virtual DecodingResult RecoverMessage(byte *recoveredMessage,
const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength,
const byte *signature, unsigned int signatureLength) const;
};
//! interface for domains of simple key agreement protocols

20
datatest.cpp
View File

@ -222,7 +222,7 @@ void TestEncryptionScheme(TestData &v)
if (test == "DecryptMatch")
{
std::string decrypted, expected = GetDecodedDatum(v, "Plaintext");
StringSource ss(GetDecodedDatum(v, "Ciphertext"), true, new PK_DecryptorFilter(*decryptor, new StringSink(decrypted)));
StringSource ss(GetDecodedDatum(v, "Ciphertext"), true, new PK_DecryptorFilter(GlobalRNG(), *decryptor, new StringSink(decrypted)));
if (decrypted != expected)
SignalTestFailure();
}
@ -356,15 +356,12 @@ void OutputNameValuePairs(const NameValuePairs &v)
}
}
bool RunTestDataFile(const char *filename)
void TestDataFile(const std::string &filename, unsigned int &totalTests, unsigned int &failedTests)
{
RegisterFactories();
std::ifstream file(filename);
std::ifstream file(filename.c_str());
TestData v;
s_currentTestData = &v;
std::string name, value, lastAlgName;
unsigned int totalTests = 0, failedTests = 0;
while (file)
{
@ -386,7 +383,7 @@ bool RunTestDataFile(const char *filename)
if (lastAlgName != GetRequiredDatum(v, "Name"))
{
lastAlgName = GetRequiredDatum(v, "Name");
cout << "Testing " << algType.c_str() << " algorithm " << lastAlgName.c_str() << ".\n";
cout << "\nTesting " << algType.c_str() << " algorithm " << lastAlgName.c_str() << ".\n";
}
try
@ -399,6 +396,8 @@ bool RunTestDataFile(const char *filename)
TestDigestOrMAC(v, true);
else if (algType == "MAC")
TestDigestOrMAC(v, false);
else if (algType == "FileList")
TestDataFile(GetRequiredDatum(v, "Test"), totalTests, failedTests);
else
SignalTestError();
failed = false;
@ -427,6 +426,13 @@ bool RunTestDataFile(const char *filename)
totalTests++;
}
}
}
bool RunTestDataFile(const char *filename)
{
RegisterFactories();
unsigned int totalTests = 0, failedTests = 0;
TestDataFile(filename, totalTests, failedTests);
cout << "\nTests complete. Total tests = " << totalTests << ". Failed tests = " << failedTests << ".\n";
if (failedTests != 0)
cout << "SOME TESTS FAILED!\n";

4
eccrypto.cpp
View File

@ -542,13 +542,13 @@ void DL_GroupParameters_EC<EC>::SimultaneousExponentiate(Element *results, const
}
template <class EC>
DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::MultiplyElements(const Element &a, const Element &b) const
CPP_TYPENAME DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::MultiplyElements(const Element &a, const Element &b) const
{
return GetCurve().Add(a, b);
}
template <class EC>
DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::CascadeExponentiate(const Element &element1, const Integer &exponent1, const Element &element2, const Integer &exponent2) const
CPP_TYPENAME DL_GroupParameters_EC<EC>::Element DL_GroupParameters_EC<EC>::CascadeExponentiate(const Element &element1, const Integer &exponent1, const Element &element2, const Integer &exponent2) const
{
return GetCurve().CascadeMultiply(exponent1, element1, exponent2, element2);
}

8
eccrypto.h
View File

@ -172,14 +172,14 @@ public:
};
//! Elliptic Curve Diffie-Hellman, AKA <a href="http://www.weidai.com/scan-mirror/ka.html#ECDH">ECDH</a>
template <class EC, class COFACTOR_OPTION = DL_GroupParameters_EC<EC>::DefaultCofactorOption>
template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
struct ECDH
{
typedef DH_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain;
};
/// Elliptic Curve Menezes-Qu-Vanstone, AKA <a href="http://www.weidai.com/scan-mirror/ka.html#ECMQV">ECMQV</a>
template <class EC, class COFACTOR_OPTION = DL_GroupParameters_EC<EC>::DefaultCofactorOption>
template <class EC, class COFACTOR_OPTION = CPP_TYPENAME DL_GroupParameters_EC<EC>::DefaultCofactorOption>
struct ECMQV
{
typedef MQV_Domain<DL_GroupParameters_EC<EC>, COFACTOR_OPTION> Domain;
@ -222,13 +222,13 @@ public:
//! <a href="http://www.weidai.com/scan-mirror/sig.html#ECDSA">ECDSA</a>
template <class EC, class H>
struct ECDSA : public DL_SSA<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, H>
struct ECDSA : public DL_SS<DL_Keys_ECDSA<EC>, DL_Algorithm_ECDSA<EC>, DL_SignatureMessageEncodingMethod_DSA, H>
{
};
//! ECNR
template <class EC, class H = SHA>
struct ECNR : public DL_SSA<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, H>
struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
{
};

4
elgamal.h
View File

@ -83,8 +83,8 @@ public:
const DL_GroupParameters_GFP & GetGroupParameters() const {return GetKey().GetGroupParameters();}
DecodingResult FixedLengthDecrypt(const byte *cipherText, byte *plainText) const
{return Decrypt(cipherText, FixedCiphertextLength(), plainText);}
DecodingResult FixedLengthDecrypt(RandomNumberGenerator &rng, const byte *cipherText, byte *plainText) const
{return Decrypt(rng, cipherText, FixedCiphertextLength(), plainText);}
protected:
const DL_KeyAgreementAlgorithm<Integer> & GetKeyAgreementAlgorithm() const {return *this;}

31
esign.h
View File

@ -83,32 +83,35 @@ protected:
//! .
template <class T>
class EMSA5Pad : public PK_NonreversiblePaddingAlgorithm
class EMSA5Pad : public PK_DeterministicSignatureMessageEncodingMethod
{
public:
static const char *StaticAlgorithmName() {return "EMSA5";}
unsigned int MaxUnpaddedLength(unsigned int paddedLength) const {return UINT_MAX;}
void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength) const
void ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
unsigned int paddedByteLength = BitsToBytes(paddedLength);
memset(padded, 0, paddedByteLength);
T::GenerateAndMask(padded, paddedByteLength, raw, inputLength);
if (paddedLength % 8 != 0)
padded[0] = (byte)Crop(padded[0], paddedLength % 8);
m_digest.New(hash.DigestSize());
hash.Final(m_digest);
unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
T mgf;
mgf.GenerateAndMask(hash, representative, representativeByteLength, m_digest, m_digest.size(), false);
if (representativeBitLength % 8 != 0)
representative[0] = (byte)Crop(representative[0], representativeBitLength % 8);
}
private:
mutable SecByteBlock m_digest;
};
//! EMSA5, for use with ESIGN
struct P1363_EMSA5 : public SignatureStandard
{
template <class H> struct SignaturePaddingAlgorithm {typedef EMSA5Pad<P1363_MGF1<H> > type;};
template <class H> struct DecoratedHashingAlgorithm {typedef H type;};
typedef EMSA5Pad<P1363_MGF1> SignatureMessageEncodingMethod;
};
template<> struct CryptoStandardTraits<P1363_EMSA5> : public P1363_EMSA5 {};
struct ESIGN_Keys
{
static std::string StaticAlgorithmName() {return "ESIGN";}
@ -118,7 +121,7 @@ struct ESIGN_Keys
//! ESIGN, as defined in IEEE P1363a
template <class H, class STANDARD = P1363_EMSA5>
struct ESIGN : public TF_SSA<STANDARD, H, ESIGN_Keys>
struct ESIGN : public TF_SS<STANDARD, H, ESIGN_Keys>
{
};

4
factory.h
View File

@ -30,7 +30,7 @@ class ObjectFactoryRegistry
public:
~ObjectFactoryRegistry()
{
for (Map::iterator i = m_map.begin(); i != m_map.end(); ++i)
for (CPP_TYPENAME Map::iterator i = m_map.begin(); i != m_map.end(); ++i)
{
delete i->second;
i->second = NULL;
@ -44,7 +44,7 @@ public:
const ObjectFactory<AbstractClass> * GetFactory(const char *name) const
{
Map::const_iterator i = m_map.find(name);
CPP_TYPENAME Map::const_iterator i = m_map.find(name);
return i == m_map.end() ? NULL : i->second;
}

13
filters.cpp
View File

@ -734,6 +734,7 @@ void SignatureVerificationFilter::InitializeDerivedAndReturnNewSizes(const NameV
m_flags = parameters.GetValueWithDefault(Name::SignatureVerificationFilterFlags(), (word32)DEFAULT_FLAGS);
m_messageAccumulator.reset(m_verifier.NewVerificationAccumulator());
unsigned int size = m_verifier.SignatureLength();
assert(size != 0); // TODO: handle recoverable signature scheme
m_verified = false;
firstSize = m_flags & SIGNATURE_AT_BEGIN ? size : 0;
blockSize = 1;
@ -744,8 +745,8 @@ void SignatureVerificationFilter::FirstPut(const byte *inString)
{
if (m_flags & SIGNATURE_AT_BEGIN)
{
if (m_verifier.SignatureUpfrontForVerification())
m_verifier.InitializeVerificationAccumulator(*m_messageAccumulator, inString);
if (m_verifier.SignatureUpfront())
m_verifier.InputSignature(*m_messageAccumulator, inString, m_verifier.SignatureLength());
else
{
m_signature.New(m_verifier.SignatureLength());
@ -757,7 +758,7 @@ void SignatureVerificationFilter::FirstPut(const byte *inString)
}
else
{
assert(!m_verifier.SignatureUpfrontForVerification());
assert(!m_verifier.SignatureUpfront());
}
}
@ -773,11 +774,13 @@ void SignatureVerificationFilter::LastPut(const byte *inString, unsigned int len
if (m_flags & SIGNATURE_AT_BEGIN)
{
assert(length == 0);
m_verified = m_verifier.Verify(m_messageAccumulator.release(), m_signature);
m_verifier.InputSignature(*m_messageAccumulator, m_signature, m_signature.size());
m_verified = m_verifier.VerifyAndRestart(*m_messageAccumulator);
}
else
{
m_verified = (length==m_verifier.SignatureLength() && m_verifier.Verify(m_messageAccumulator.release(), inString));
m_verifier.InputSignature(*m_messageAccumulator, inString, length);
m_verified = m_verifier.VerifyAndRestart(*m_messageAccumulator);
if (m_flags & PUT_SIGNATURE)
AttachedTransformation()->Put(inString, length);
}

15
filters.h
View File

@ -325,7 +325,7 @@ public:
private:
RandomNumberGenerator &m_rng;
const PK_Signer &m_signer;
member_ptr<HashTransformation> m_messageAccumulator;
member_ptr<PK_MessageAccumulator> m_messageAccumulator;
bool m_putMessage;
SecByteBlock m_buf;
};
@ -354,7 +354,7 @@ protected:
private:
const PK_Verifier &m_verifier;
member_ptr<HashTransformation> m_messageAccumulator;
member_ptr<PK_MessageAccumulator> m_messageAccumulator;
word32 m_flags;
SecByteBlock m_signature;
bool m_verified;
@ -474,8 +474,8 @@ public:
class PK_DecryptorFilter : public SimpleProxyFilter
{
public:
PK_DecryptorFilter(const PK_Decryptor &decryptor, BufferedTransformation *attachment = NULL)
: SimpleProxyFilter(decryptor.CreateDecryptionFilter(), attachment) {}
PK_DecryptorFilter(RandomNumberGenerator &rng, const PK_Decryptor &decryptor, BufferedTransformation *attachment = NULL)
: SimpleProxyFilter(decryptor.CreateDecryptionFilter(rng), attachment) {}
};
//! Append input to a string object
@ -491,9 +491,16 @@ public:
void IsolatedInitialize(const NameValuePairs &parameters)
{if (!parameters.GetValue("OutputStringPointer", m_output)) throw InvalidArgument("StringSink: OutputStringPointer not specified");}
unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
{
if (length > 0)
{
typename T::size_type size = m_output->size();
if (length < size && size + length > m_output->capacity())
m_output->reserve(2*size);
m_output->append((const char_type *)begin, (const char_type *)begin+length);
}
return 0;
}

18
fips140.cpp
View File

@ -13,11 +13,11 @@ NAMESPACE_BEGIN(CryptoPP)
#endif
#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(THREADS_AVAILABLE))
#error FIPS-140-2 compliance requires the availability of thread local storage.
#error FIPS 140-2 compliance requires the availability of thread local storage.
#endif
#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
#error FIPS-140-2 compliance requires the availability of OS provided RNG.
#error FIPS 140-2 compliance requires the availability of OS provided RNG.
#endif
PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
@ -62,4 +62,18 @@ void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
#endif
}
void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
EncryptionPairwiseConsistencyTest(encryptor, decryptor);
#endif
}
void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
SignaturePairwiseConsistencyTest(signer, verifier);
#endif
}
NAMESPACE_END

7
fips140.h
View File

@ -2,7 +2,7 @@
#define CRYPTOPP_FIPS140_H
/*! \file
FIPS-140 related functions and classes.
FIPS 140 related functions and classes.
*/
#include "cryptlib.h"
@ -16,7 +16,7 @@ public:
explicit SelfTestFailure(const std::string &s) : Exception(OTHER_ERROR, s) {}
};
//! returns whether FIPS-140-2 compliance features were enabled at compile time
//! returns whether FIPS 140-2 compliance features were enabled at compile time
bool FIPS_140_2_ComplianceEnabled();
//! enum values representing status of the power-up self test
@ -39,6 +39,9 @@ void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress);
void SignaturePairwiseConsistencyTest(const PK_Signer &signer, const PK_Verifier &verifier);
void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor);
void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier);
void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor);
NAMESPACE_END
#endif

4
fipstest.cpp
View File

@ -164,7 +164,7 @@ void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_D
new PK_EncryptorFilter(
rng,
encryptor,
new PK_DecryptorFilter(decryptor, new ChannelSwitch(comparison, "1"))));
new PK_DecryptorFilter(rng, decryptor, new ChannelSwitch(comparison, "1"))));
comparison.ChannelMessageSeriesEnd("0");
comparison.ChannelMessageSeriesEnd("1");
@ -302,7 +302,7 @@ void DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleSha
"Sample #2",
"0922d3405faa3d194f82a45830737d5cc6c75d24");
SignatureKnownAnswerTest<RSASSA<PKCS1v15, SHA> >(
SignatureKnownAnswerTest<RSASS<PKCS1v15, SHA> >(
"30820150020100300d06092a864886f70d01010105000482013a3082013602010002400a66791dc6988168de7ab77419bb7fb0"
"c001c62710270075142942e19a8d8c51d053b3e3782a1de5dc5af4ebe99468170114a1dfe67cdc9a9af55d655620bbab0203010001"
"02400123c5b61ba36edb1d3679904199a89ea80c09b9122e1400c09adcf7784676d01d23356a7d44d6bd8bd50e94bfc723fa"

50
gfpcrypt.cpp
View File

@ -63,30 +63,48 @@ bool DL_GroupParameters_DSA::ValidateGroup(RandomNumberGenerator &rng, unsigned
return pass;
}
Integer NR_EncodeDigest(unsigned int modulusBits, const byte *digest, unsigned int digestLen)
void DL_SignatureMessageEncodingMethod_DSA::ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
Integer h;
if (digestLen*8 < modulusBits)
h.Decode(digest, digestLen);
else
assert(recoverableMessageLength == 0);
assert(hashIdentifier.second == 0);
const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
const unsigned int digestSize = hash.DigestSize();
const unsigned int paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
memset(representative, 0, paddingLength);
hash.TruncatedFinal(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
if (digestSize*8 > representativeBitLength)
{
h.Decode(digest, BitsToBytes(modulusBits));
h >>= BitsToBytes(modulusBits)*8 - modulusBits + 1;
Integer h(representative, representativeByteLength);
h >>= representativeByteLength*8 - representativeBitLength;
h.Encode(representative, representativeByteLength);
}
return h;
}
Integer DSA_EncodeDigest(unsigned int modulusBits, const byte *digest, unsigned int digestLen)
void DL_SignatureMessageEncodingMethod_NR::ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
Integer h;
if (digestLen*8 <= modulusBits)
h.Decode(digest, digestLen);
else
assert(recoverableMessageLength == 0);
assert(hashIdentifier.second == 0);
const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
const unsigned int digestSize = hash.DigestSize();
const unsigned int paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
memset(representative, 0, paddingLength);
hash.TruncatedFinal(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
if (digestSize*8 >= representativeBitLength)
{
h.Decode(digest, BitsToBytes(modulusBits));
h >>= BitsToBytes(modulusBits)*8 - modulusBits;
Integer h(representative, representativeByteLength);
h >>= representativeByteLength*8 - representativeBitLength + 1;
h.Encode(representative, representativeByteLength);
}
return h;
}
bool DL_GroupParameters_IntegerBased::ValidateGroup(RandomNumberGenerator &rng, unsigned int level) const

55
gfpcrypt.h
View File

@ -149,18 +149,13 @@ class DL_Algorithm_GDSA : public DL_ElgamalLikeSignatureAlgorithm<T>
public:
static const char * StaticAlgorithmName() {return "DSA-1363";}
Integer EncodeDigest(unsigned int modulusBits, const byte *digest, unsigned int digestLen) const
{
return DSA_EncodeDigest(modulusBits, digest, digestLen);
}
bool Sign(const DL_GroupParameters<T> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
void Sign(const DL_GroupParameters<T> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
{
const Integer &q = params.GetSubgroupOrder();
r = params.ConvertElementToInteger(params.ExponentiateBase(k)) % q;
r %= q;
Integer kInv = k.InverseMod(q);
s = (kInv * (x*r + e)) % q;
return (!!r && !!s);
assert(!!r && !!s);
}
bool Verify(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &e, const Integer &r, const Integer &s) const
@ -189,12 +184,12 @@ public:
return NR_EncodeDigest(modulusBits, digest, digestLen);
}
bool Sign(const DL_GroupParameters<T> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
void Sign(const DL_GroupParameters<T> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
{
const Integer &q = params.GetSubgroupOrder();
r = (params.ConvertElementToInteger(params.ExponentiateBase(k)) + e) % q;
r = (r + e) % q;
s = (k - x*r) % q;
return !!r;
assert(!!r);
}
bool Verify(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &e, const Integer &r, const Integer &s) const
@ -345,13 +340,21 @@ public:
//! <a href="http://www.weidai.com/scan-mirror/sig.html#DSA-1363">DSA-1363</a>
template <class H>
struct GDSA : public DL_SSA<DL_SignatureKeys_GFP, DL_Algorithm_GDSA<Integer>, H>
struct GDSA : public DL_SS<
DL_SignatureKeys_GFP,
DL_Algorithm_GDSA<Integer>,
DL_SignatureMessageEncodingMethod_DSA,
H>
{
};
//! <a href="http://www.weidai.com/scan-mirror/sig.html#NR">NR</a>
template <class H>
struct NR : public DL_SSA<DL_SignatureKeys_GFP, DL_Algorithm_NR<Integer>, H>
struct NR : public DL_SS<
DL_SignatureKeys_GFP,
DL_Algorithm_NR<Integer>,
DL_SignatureMessageEncodingMethod_NR,
H>
{
};
@ -376,7 +379,12 @@ struct DL_Keys_DSA
};
//! <a href="http://www.weidai.com/scan-mirror/sig.html#DSA">DSA</a>
struct DSA : public DL_SSA<DL_Keys_DSA, DL_Algorithm_GDSA<Integer>, SHA, DSA>
struct DSA : public DL_SS<
DL_Keys_DSA,
DL_Algorithm_GDSA<Integer>,
DL_SignatureMessageEncodingMethod_DSA,
SHA,
DSA>
{
static std::string StaticAlgorithmName() {return std::string("DSA");}
@ -426,7 +434,14 @@ public:
}
xorbuf(cipherText, plainText, cipherKey, plainTextLength);
MAC(macKey).CalculateDigest(cipherText + plainTextLength, cipherText, plainTextLength);
MAC mac(macKey);
mac.Update(cipherText, plainTextLength);
if (DHAES_MODE)
{
const byte L[8] = {0,0,0,0,0,0,0,0};
mac.Update(L, 8);
}
mac.Final(cipherText + plainTextLength);
}
DecodingResult SymmetricDecrypt(const byte *key, const byte *cipherText, unsigned int cipherTextLength, byte *plainText) const
{
@ -443,8 +458,16 @@ public:
macKey = key + plainTextLength;
}
if (!MAC(macKey).VerifyDigest(cipherText + plainTextLength, cipherText, plainTextLength))
MAC mac(macKey);
mac.Update(cipherText, plainTextLength);
if (DHAES_MODE)
{
const byte L[8] = {0,0,0,0,0,0,0,0};
mac.Update(L, 8);
}
if (!mac.Verify(cipherText + plainTextLength))
return DecodingResult();
xorbuf(plainText, cipherText, cipherKey, plainTextLength);
return DecodingResult(plainTextLength);
}

6
hex.h
View File

@ -9,16 +9,16 @@ NAMESPACE_BEGIN(CryptoPP)
class HexEncoder : public SimpleProxyFilter
{
public:
HexEncoder(BufferedTransformation *attachment = NULL, bool uppercase = true, int outputGroupSize = 0, const std::string &seperator = ":", const std::string &terminator = "")
HexEncoder(BufferedTransformation *attachment = NULL, bool uppercase = true, int outputGroupSize = 0, const std::string &separator = ":", const std::string &terminator = "")
: SimpleProxyFilter(new BaseN_Encoder(new Grouper), attachment)
{
IsolatedInitialize(MakeParameters("Uppercase", uppercase)("GroupSize", outputGroupSize)("Seperator", ConstByteArrayParameter(seperator)));
IsolatedInitialize(MakeParameters("Uppercase", uppercase)("GroupSize", outputGroupSize)("Separator", ConstByteArrayParameter(separator)));
}
void IsolatedInitialize(const NameValuePairs &parameters);
};
//! Decode 16 bit data back to bytes
//! Decode base 16 data back to bytes
class HexDecoder : public BaseN_Decoder
{
public:

10
integer.cpp
View File

@ -23,6 +23,16 @@
NAMESPACE_BEGIN(CryptoPP)
bool FunctionAssignIntToInteger(const std::type_info &valueType, void *pInteger, const void *pInt)
{
if (valueType != typeid(Integer))
return false;
*reinterpret_cast<Integer *>(pInteger) = *reinterpret_cast<const int *>(pInt);
return true;
}
static int DummyAssignIntToInteger = (AssignIntToInteger = FunctionAssignIntToInteger, 0);
#ifdef SSE2_INTRINSICS_AVAILABLE
template <class T>
AllocatorBase<T>::pointer AlignedAllocator<T>::allocate(size_type n, const void *)

9
iterhash.cpp
View File

@ -17,13 +17,13 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte
{
HashWordType tmp = m_countLo;
if ((m_countLo = tmp + len) < tmp)
m_countHi++; // Carry from low to high
m_countHi++; // carry from low to high
m_countHi += SafeRightShift<8*sizeof(HashWordType)>(len);
unsigned int blockSize = BlockSize();
unsigned int num = (unsigned int)(tmp & (blockSize-1));
unsigned int num = ModPowerOf2(tmp, blockSize);
if (num != 0)
if (num != 0) // process left over data
{
if ((num+len) >= blockSize)
{
@ -41,8 +41,7 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte
}
}
// we now can process the input data in blocks of blockSize
// chars and save the leftovers to this->data.
// now process the input data in blocks of blockSize bytes and save the leftovers to m_data
if (len >= blockSize)
{
if (input == (byte *)m_data.begin())

1
iterhash.h
View File

@ -16,6 +16,7 @@ public:
IteratedHashBase(unsigned int blockSize, unsigned int digestSize);
unsigned int DigestSize() const {return m_digest.size() * sizeof(T);};
unsigned int OptimalBlockSize() const {return BlockSize();}
unsigned int OptimalDataAlignment() const {return sizeof(T);}
void Update(const byte *input, unsigned int length);
byte * CreateUpdateSpace(unsigned int &size);
void Restart();

6
luc.cpp
View File

@ -18,12 +18,11 @@ void LUC_TestInstantiations()
InvertibleLUCFunction t3;
}
bool DL_Algorithm_LUC_HMP::Sign(const DL_GroupParameters<Integer> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
void DL_Algorithm_LUC_HMP::Sign(const DL_GroupParameters<Integer> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const
{
const Integer &q = params.GetSubgroupOrder();
r = params.ExponentiateBase(k);
s = (k + x*(r+e)) % q;
return true;
}
bool DL_Algorithm_LUC_HMP::Verify(const DL_GroupParameters<Integer> &params, const DL_PublicKey<Integer> &publicKey, const Integer &e, const Integer &r, const Integer &s) const
@ -165,8 +164,9 @@ void InvertibleLUCFunction::DEREncode(BufferedTransformation &bt) const
seq.MessageEnd();
}
Integer InvertibleLUCFunction::CalculateInverse(const Integer &x) const
Integer InvertibleLUCFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const
{
// not clear how to do blinding with LUC
DoQuickSanityCheck();
return InverseLucas(m_e, x, m_q, m_p, m_u);
}

24
luc.h
View File

@ -13,7 +13,12 @@
NAMESPACE_BEGIN(CryptoPP)
//! .
//! The LUC function.
/*! This class is here for historical and pedagogical interest. It has no
practical advantages over other trapdoor functions and probably shouldn't
be used in production software. The discrete log based LUC schemes
defined later in this .h file may be of more practical interest.
*/
class LUCFunction : public TrapdoorFunction, public PublicKey
{
typedef LUCFunction ThisClass;
@ -57,7 +62,7 @@ public:
void BERDecode(BufferedTransformation &bt);
void DEREncode(BufferedTransformation &bt) const;
Integer CalculateInverse(const Integer &x) const;
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
@ -92,8 +97,8 @@ struct LUCES : public TF_ES<STANDARD, LUC>
};
//! LUC signature scheme with appendix
template <class H, class STANDARD = PKCS1v15>
struct LUCSSA : public TF_SSA<STANDARD, H, LUC>
template <class STANDARD, class H>
struct LUCSS : public TF_SS<STANDARD, H, LUC>
{
};
@ -101,8 +106,8 @@ struct LUCSSA : public TF_SSA<STANDARD, H, LUC>
typedef LUCES<OAEP<SHA> >::Decryptor LUCES_OAEP_SHA_Decryptor;
typedef LUCES<OAEP<SHA> >::Encryptor LUCES_OAEP_SHA_Encryptor;
typedef LUCSSA<SHA>::Signer LUCSSA_PKCS1v15_SHA_Signer;
typedef LUCSSA<SHA>::Verifier LUCSSA_PKCS1v15_SHA_Verifier;
typedef LUCSS<PKCS1v15, SHA>::Signer LUCSSA_PKCS1v15_SHA_Signer;
typedef LUCSS<PKCS1v15, SHA>::Verifier LUCSSA_PKCS1v15_SHA_Verifier;
// ********************************************************
@ -179,10 +184,7 @@ class DL_Algorithm_LUC_HMP : public DL_ElgamalLikeSignatureAlgorithm<Integer>
public:
static const char * StaticAlgorithmName() {return "LUC-HMP";}
Integer EncodeDigest(unsigned int modulusBits, const byte *digest, unsigned int digestLen) const
{return DSA_EncodeDigest(modulusBits, digest, digestLen);}
bool Sign(const DL_GroupParameters<Integer> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const;
void Sign(const DL_GroupParameters<Integer> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const;
bool Verify(const DL_GroupParameters<Integer> &params, const DL_PublicKey<Integer> &publicKey, const Integer &e, const Integer &r, const Integer &s) const;
unsigned int RLen(const DL_GroupParameters<Integer> &params) const
@ -199,7 +201,7 @@ struct DL_SignatureKeys_LUC
//! LUC-HMP, based on "Digital signature schemes based on Lucas functions" by Patrick Horster, Markus Michels, Holger Petersen
template <class H>
struct LUC_HMP : public DL_SSA<DL_SignatureKeys_LUC, DL_Algorithm_LUC_HMP, H>
struct LUC_HMP : public DL_SS<DL_SignatureKeys_LUC, DL_Algorithm_LUC_HMP, DL_SignatureMessageEncodingMethod_DSA, H>
{
};

12
oaep.cpp
View File

@ -56,8 +56,10 @@ void OAEP<H,MGF,P,PLen>::Pad(RandomNumberGenerator &rng, const byte *input, unsi
memcpy(maskedDB+dbLen-inputLength, input, inputLength);
rng.GenerateBlock(maskedSeed, seedLen);
MGF::GenerateAndMask(maskedDB, dbLen, maskedSeed, seedLen);
MGF::GenerateAndMask(maskedSeed, seedLen, maskedDB, dbLen);
H h;
MGF mgf;
mgf.GenerateAndMask(h, maskedDB, dbLen, maskedSeed, seedLen);
mgf.GenerateAndMask(h, maskedSeed, seedLen, maskedDB, dbLen);
}
template <class H, class MGF, byte *P, unsigned int PLen>
@ -82,8 +84,10 @@ DecodingResult OAEP<H,MGF,P,PLen>::Unpad(const byte *oaepBlock, unsigned int oae
byte *const maskedSeed = t;
byte *const maskedDB = t+seedLen;
MGF::GenerateAndMask(maskedSeed, seedLen, maskedDB, dbLen);
MGF::GenerateAndMask(maskedDB, dbLen, maskedSeed, seedLen);
H h;
MGF mgf;
mgf.GenerateAndMask(h, maskedSeed, seedLen, maskedDB, dbLen);
mgf.GenerateAndMask(h, maskedDB, dbLen, maskedSeed, seedLen);
// DB = pHash' || 00 ... || 01 || M

8
oaep.h
View File

@ -8,12 +8,12 @@ NAMESPACE_BEGIN(CryptoPP)
extern byte OAEP_P_DEFAULT[]; // defined in misc.cpp
/// <a href="http://www.weidai.com/scan-mirror/ca.html#cem_OAEP-MGF1">EME-OAEP</a>, for use with RSAES
template <class H, class MGF=P1363_MGF1<H>, byte *P=OAEP_P_DEFAULT, unsigned int PLen=0>
class OAEP : public PK_PaddingAlgorithm, public EncryptionStandard
template <class H, class MGF=P1363_MGF1, byte *P=OAEP_P_DEFAULT, unsigned int PLen=0>
class OAEP : public PK_EncryptionMessageEncodingMethod, public EncryptionStandard
{
public:
static std::string StaticAlgorithmName() {return "OAEP-" + MGF::StaticAlgorithmName();}
typedef OAEP<H, MGF, P, PLen> EncryptionPaddingAlgorithm;
static std::string StaticAlgorithmName() {return std::string("OAEP-") + MGF::StaticAlgorithmName() + "(" + H::StaticAlgorithmName() + ")";}
typedef OAEP<H, MGF, P, PLen> EncryptionMessageEncodingMethod;
unsigned int MaxUnpaddedLength(unsigned int paddedLength) const;
void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength) const;

8
osrng.h
View File

@ -113,14 +113,12 @@ void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(const byte *key, unsigned int keyle
{
m_rng.reset(new X917RNG(new typename BLOCK_CIPHER::Encryption(key, keylength), seed, timeVector));
if (FIPS_140_2_ComplianceEnabled())
{
// for FIPS 140-2
m_lastBlock.resize(16);
m_rng->GenerateBlock(m_lastBlock, m_lastBlock.size());
m_counter = 0;
m_isDifferent = false;
}
}
template <class BLOCK_CIPHER>
void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(bool blocking)
@ -142,8 +140,7 @@ byte AutoSeededX917RNG<BLOCK_CIPHER>::GenerateByte()
{
byte b = m_rng->GenerateByte();
if (FIPS_140_2_ComplianceEnabled())
{
// for FIPS 140-2
m_isDifferent = m_isDifferent || b != m_lastBlock[m_counter];
m_lastBlock[m_counter] = b;
++m_counter;
@ -154,7 +151,6 @@ byte AutoSeededX917RNG<BLOCK_CIPHER>::GenerateByte()
m_counter = 0;
m_isDifferent = false;
}
}
return b;
}

75
pkcspad.cpp
View File

@ -18,6 +18,9 @@ template<> const unsigned int PKCS_DigestDecoration<MD5>::length = sizeof(PKCS_D
template<> const byte PKCS_DigestDecoration<RIPEMD160>::decoration[] = {0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x24,0x03,0x02,0x01,0x05,0x00,0x04,0x14};
template<> const unsigned int PKCS_DigestDecoration<RIPEMD160>::length = sizeof(PKCS_DigestDecoration<RIPEMD160>::decoration);
template<> const byte PKCS_DigestDecoration<Tiger>::decoration[] = {0x30,0x29,0x30,0x0D,0x06,0x09,0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0C,0x02,0x05,0x00,0x04,0x18};
template<> const unsigned int PKCS_DigestDecoration<Tiger>::length = sizeof(PKCS_DigestDecoration<Tiger>::decoration);
template<> const byte PKCS_DigestDecoration<SHA256>::decoration[] = {0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20};
template<> const unsigned int PKCS_DigestDecoration<SHA256>::length = sizeof(PKCS_DigestDecoration<SHA256>::decoration);
@ -27,11 +30,9 @@ template<> const unsigned int PKCS_DigestDecoration<SHA384>::length = sizeof(PKC
template<> const byte PKCS_DigestDecoration<SHA512>::decoration[] = {0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40};
template<> const unsigned int PKCS_DigestDecoration<SHA512>::length = sizeof(PKCS_DigestDecoration<SHA512>::decoration);
unsigned int PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(unsigned int paddedLength) const
{
return paddedLength/8 > 10 ? paddedLength/8-10 : 0;
return SaturatingSubtract(paddedLength/8, 10U);
}
void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLen, byte *pkcsBlock, unsigned int pkcsBlockLen) const
@ -72,7 +73,7 @@ DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsign
// Require block type 2.
invalid = (pkcsBlock[0] != 2) || invalid;
// skip past the padding until we find the seperator
// skip past the padding until we find the separator
unsigned i=1;
while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
}
@ -90,62 +91,36 @@ DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsign
// ********************************************************
unsigned int PKCS_SignaturePaddingScheme::MaxUnpaddedLength(unsigned int paddedLength) const
void PKCS1v15_SignatureMessageEncodingMethod::ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
return paddedLength/8 > 10 ? paddedLength/8-10 : 0;
}
void PKCS_SignaturePaddingScheme::Pad(RandomNumberGenerator &, const byte *input, unsigned int inputLen, byte *pkcsBlock, unsigned int pkcsBlockLen) const
{
assert (inputLen <= MaxUnpaddedLength(pkcsBlockLen)); // this should be checked by caller
unsigned int digestSize = hash.DigestSize();
if (digestSize + hashIdentifier.second + 10 > representativeBitLength/8)
throw PK_Signer::KeyTooShort();
unsigned int pkcsBlockLen = representativeBitLength;
// convert from bit length to byte length
if (pkcsBlockLen % 8 != 0)
{
pkcsBlock[0] = 0;
pkcsBlock++;
representative[0] = 0;
representative++;
}
pkcsBlockLen /= 8;
pkcsBlock[0] = 1; // block type 1
representative[0] = 1; // block type 1
// padd with 0xff
memset(pkcsBlock+1, 0xff, pkcsBlockLen-inputLen-2);
byte *pPadding = representative + 1;
byte *pDigest = representative + pkcsBlockLen - digestSize;
byte *pHashId = pDigest - hashIdentifier.second;
byte *pSeparator = pHashId - 1;
pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator
memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
}
DecodingResult PKCS_SignaturePaddingScheme::Unpad(const byte *pkcsBlock, unsigned int pkcsBlockLen, byte *output) const
{
unsigned int maxOutputLen = MaxUnpaddedLength(pkcsBlockLen);
// convert from bit length to byte length
if (pkcsBlockLen % 8 != 0)
{
if (pkcsBlock[0] != 0)
return DecodingResult();
pkcsBlock++;
}
pkcsBlockLen /= 8;
// Require block type 1.
if (pkcsBlock[0] != 1)
return DecodingResult();
// skip past the padding until we find the seperator
unsigned i=1;
while (i<pkcsBlockLen && pkcsBlock[i++])
if (pkcsBlock[i-1] != 0xff) // not valid padding
return DecodingResult();
assert(i==pkcsBlockLen || pkcsBlock[i-1]==0);
unsigned int outputLen = pkcsBlockLen - i;
if (outputLen > maxOutputLen)
return DecodingResult();
memcpy (output, pkcsBlock+i, outputLen);
return DecodingResult(outputLen);
// pad with 0xff
memset(pPadding, 0xff, pSeparator-pPadding);
*pSeparator = 0;
memcpy(pHashId, hashIdentifier.first, hashIdentifier.second);
hash.Final(pDigest);
}
NAMESPACE_END

90
pkcspad.h
View File

@ -6,8 +6,8 @@
NAMESPACE_BEGIN(CryptoPP)
/// <a href="http://www.weidai.com/scan-mirror/ca.html#cem_PKCS1-1.5">EME-PKCS1-v1_5</a>
class PKCS_EncryptionPaddingScheme : public PK_PaddingAlgorithm
//! <a href="http://www.weidai.com/scan-mirror/ca.html#cem_PKCS1-1.5">EME-PKCS1-v1_5</a>
class PKCS_EncryptionPaddingScheme : public PK_EncryptionMessageEncodingMethod
{
public:
static const char * StaticAlgorithmName() {return "EME-PKCS1-v1_5";}
@ -17,76 +17,54 @@ public:
DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw) const;
};
/// <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PKCS1-1.5">EMSA-PKCS1-v1_5</a>
class PKCS_SignaturePaddingScheme : public PK_PaddingAlgorithm
{
public:
static const char * StaticAlgorithmName() {return "EMSA-PKCS1-v1_5";}
unsigned int MaxUnpaddedLength(unsigned int paddedLength) const;
void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength) const;
DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw) const;
};
/// <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PKCS1-1.5">EMSA-PKCS1-v1_5</a>
template <class H>
class PKCS_DecoratedHashModule : public HashTransformationWithDefaultTruncation
{
public:
static std::string StaticAlgorithmName() {return std::string("EMSA-PKCS1-v1_5(") + H::StaticAlgorithmName() + ")";}
void Update(const byte *input, unsigned int length)
{h.Update(input, length);}
unsigned int DigestSize() const;
void Final(byte *digest);
void Restart() {h.Restart();}
private:
H h;
};
//! PKCS #1 version 1.5, for use with RSAES and RSASSA
/*! The following hash functions are supported for signature: SHA, MD2, MD5, RIPEMD160, SHA256, SHA384, SHA512. */
struct PKCS1v15 : public SignatureStandard, public EncryptionStandard
{
typedef PKCS_EncryptionPaddingScheme EncryptionPaddingAlgorithm;
template <class H> struct SignaturePaddingAlgorithm {typedef PKCS_SignaturePaddingScheme type;};
template <class H> struct DecoratedHashingAlgorithm {typedef PKCS_DecoratedHashModule<H> type;};
};
template<> struct CryptoStandardTraits<PKCS1v15> : public PKCS1v15 {};
template <class H> struct PKCS_DigestDecoration
{
static const byte decoration[];
static const unsigned int length;
};
//! <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PKCS1-1.5">EMSA-PKCS1-v1_5</a>
class PKCS1v15_SignatureMessageEncodingMethod : public PK_DeterministicSignatureMessageEncodingMethod
{
public:
static const char * StaticAlgorithmName() {return "EMSA-PKCS1-v1_5";}
void ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const;
struct HashIdentifierLookup
{
template <class H> struct HashIdentifierLookup2
{
static HashIdentifier Lookup()
{
return HashIdentifier(PKCS_DigestDecoration<H>::decoration, PKCS_DigestDecoration<H>::length);
}
};
};
};
//! PKCS #1 version 1.5, for use with RSAES and RSASS
/*! The following hash functions are supported for signature: SHA, MD2, MD5, RIPEMD160, SHA256, SHA384, SHA512. */
struct PKCS1v15 : public SignatureStandard, public EncryptionStandard
{
typedef PKCS_EncryptionPaddingScheme EncryptionMessageEncodingMethod;
typedef PKCS1v15_SignatureMessageEncodingMethod SignatureMessageEncodingMethod;
};
// PKCS_DecoratedHashModule can be instantiated with the following
// classes as specified in PKCS#1 v2.0 and P1363a
class SHA;
class MD2;
class MD5;
class RIPEMD160;
class Tiger;
class SHA256;
class SHA384;
class SHA512;
template <class H>
void PKCS_DecoratedHashModule<H>::Final(byte *digest)
{
const unsigned int decorationLen = PKCS_DigestDecoration<H>::length;
memcpy(digest, PKCS_DigestDecoration<H>::decoration, decorationLen);
h.Final(digest+decorationLen);
}
template <class H>
unsigned int PKCS_DecoratedHashModule<H>::DigestSize() const
{
return h.DigestSize() + PKCS_DigestDecoration<H>::length; // PKCS_DigestDecoration<H>::length;
}
NAMESPACE_END
#endif

2
polynomi.cpp
View File

@ -473,7 +473,7 @@ void RingOfPolynomialsOver<T>::CalculateAlpha(std::vector<CoefficientType> &alph
}
template <class T>
RingOfPolynomialsOver<T>::Element RingOfPolynomialsOver<T>::Interpolate(const CoefficientType x[], const CoefficientType y[], unsigned int n) const
typename RingOfPolynomialsOver<T>::Element RingOfPolynomialsOver<T>::Interpolate(const CoefficientType x[], const CoefficientType y[], unsigned int n) const
{
assert(n > 0);

8
polynomi.h
View File

@ -164,8 +164,8 @@ template <class T, int instance> class PolynomialOverFixedRing : private Polynom
public:
typedef T Ring;
typedef typename T::Element CoefficientType;
typedef B::DivideByZero DivideByZero;
typedef B::RandomizationParameter RandomizationParameter;
typedef typename B::DivideByZero DivideByZero;
typedef typename B::RandomizationParameter RandomizationParameter;
//! \name CREATORS
//@{
@ -304,8 +304,8 @@ template <class T> class RingOfPolynomialsOver : public AbstractEuclideanDomain<
public:
typedef T CoefficientRing;
typedef PolynomialOver<T> Element;
typedef Element::CoefficientType CoefficientType;
typedef Element::RandomizationParameter RandomizationParameter;
typedef typename Element::CoefficientType CoefficientType;
typedef typename Element::RandomizationParameter RandomizationParameter;
RingOfPolynomialsOver(const CoefficientRing &ring) : m_ring(ring) {}

126
pssr.cpp Normal file
View File

@ -0,0 +1,126 @@
// pssr.cpp - written and placed in the public domain by Wei Dai
#include "pch.h"
#include "pssr.h"
NAMESPACE_BEGIN(CryptoPP)
template<> const byte EMSA2HashId<SHA>::id = 0x33;
template<> const byte EMSA2HashId<RIPEMD160>::id = 0x31;
unsigned int PSSR_MEM_Base::MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const
{
if (AllowRecovery())
{
unsigned int saltLen = SaltLen(digestLength);
unsigned int minPadLen = MinPadLen(digestLength);
return SaturatingSubtract(representativeBitLength, 8*(minPadLen + saltLen + digestLength + hashIdentifierLength) + 9) / 8;
}
return 0;
}
bool PSSR_MEM_Base::IsProbabilistic() const
{
return SaltLen(1) > 0;
}
bool PSSR_MEM_Base::AllowNonrecoverablePart() const
{
return true;
}
bool PSSR_MEM_Base::RecoverablePartFirst() const
{
return false;
}
void PSSR_MEM_Base::ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
const unsigned int u = hashIdentifier.second + 1;
const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
const unsigned int digestSize = hash.DigestSize();
const unsigned int saltSize = SaltLen(digestSize);
byte *const h = representative + representativeByteLength - u - digestSize;
SecByteBlock digest(digestSize), salt(saltSize);
hash.Final(digest);
rng.GenerateBlock(salt, saltSize);
// compute H = hash of M'
byte c[8];
UnalignedPutWord(BIG_ENDIAN_ORDER, c, (word32)SafeRightShift<29>(recoverableMessageLength));
UnalignedPutWord(BIG_ENDIAN_ORDER, c+4, word32(recoverableMessageLength << 3));
hash.Update(c, 8);
hash.Update(recoverableMessage, recoverableMessageLength);
hash.Update(digest, digestSize);
hash.Update(salt, saltSize);
hash.Final(h);
// compute representative
GetMGF().GenerateAndMask(hash, representative, representativeByteLength - u - digestSize, h, digestSize, false);
byte *xorStart = representative + representativeByteLength - u - digestSize - salt.size() - recoverableMessageLength - 1;
xorStart[0] ^= 1;
xorbuf(xorStart + 1, recoverableMessage, recoverableMessageLength);
xorbuf(xorStart + 1 + recoverableMessageLength, salt, salt.size());
memcpy(representative + representativeByteLength - u, hashIdentifier.first, hashIdentifier.second);
representative[representativeByteLength - 1] = hashIdentifier.second ? 0xcc : 0xbc;
if (representativeBitLength % 8 != 0)
representative[0] = Crop(representative[0], representativeBitLength % 8);
}
DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength,
byte *recoverableMessage) const
{
const unsigned int u = hashIdentifier.second + 1;
const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
const unsigned int digestSize = hash.DigestSize();
const unsigned int saltSize = SaltLen(digestSize);
const byte *const h = representative + representativeByteLength - u - digestSize;
SecByteBlock digest(digestSize);
hash.Final(digest);
DecodingResult result(0);
bool &valid = result.isValidCoding;
unsigned int &recoverableMessageLength = result.messageLength;
valid = (representative[representativeByteLength - 1] == (hashIdentifier.second ? 0xcc : 0xbc)) && valid;
valid = (memcmp(representative + representativeByteLength - u, hashIdentifier.first, hashIdentifier.second) == 0) && valid;
GetMGF().GenerateAndMask(hash, representative, representativeByteLength - u - digestSize, h, digestSize);
if (representativeBitLength % 8 != 0)
representative[0] = Crop(representative[0], representativeBitLength % 8);
// extract salt and recoverableMessage from DB = 00 ... || 01 || M || salt
byte *salt = representative + representativeByteLength - u - digestSize - saltSize;
byte *M = std::find_if(representative, salt-1, std::bind2nd(std::not_equal_to<byte>(), 0));
if (*M == 0x01 && M - representative - (representativeBitLength % 8 != 0) >= MinPadLen(digestSize))
{
recoverableMessageLength = salt-M-1;
memcpy(recoverableMessage, M+1, recoverableMessageLength);
}
else
valid = false;
// verify H = hash of M'
byte c[8];
UnalignedPutWord(BIG_ENDIAN_ORDER, c, (word32)SafeRightShift<29>(recoverableMessageLength));
UnalignedPutWord(BIG_ENDIAN_ORDER, c+4, word32(recoverableMessageLength << 3));
hash.Update(c, 8);
hash.Update(recoverableMessage, recoverableMessageLength);
hash.Update(digest, digestSize);
hash.Update(salt, saltSize);
valid = hash.Verify(h) && valid;
if (!AllowRecovery() && valid && recoverableMessageLength != 0)
{throw NotImplemented("PSSR_MEM: message recovery disabled");}
return result;
}
NAMESPACE_END

199
pssr.h
View File

@ -6,163 +6,80 @@
NAMESPACE_BEGIN(CryptoPP)
// TODO: implement standard variant of PSSR
template <class H, class MGF=P1363_MGF1<H> >
class PSSR : public SignatureEncodingMethodWithRecovery
class PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod
{
virtual bool AllowRecovery() const =0;
virtual unsigned int SaltLen(unsigned int hashLen) const =0;
virtual unsigned int MinPadLen(unsigned int hashLen) const =0;
virtual const MaskGeneratingFunction & GetMGF() const =0;
public:
PSSR(unsigned int representativeBitLen);
PSSR(const byte *representative, unsigned int representativeBitLen);
~PSSR() {}
void Update(const byte *input, unsigned int length);
unsigned int DigestSize() const {return BitsToBytes(representativeBitLen);}
void Restart() {h.Restart();}
void Encode(RandomNumberGenerator &rng, byte *representative);
bool Verify(const byte *representative);
DecodingResult Decode(byte *message);
unsigned int MaximumRecoverableLength() const {return MaximumRecoverableLength(representativeBitLen);}
static unsigned int MaximumRecoverableLength(unsigned int representativeBitLen);
static bool AllowLeftoverMessage() {return true;}
protected:
static void EncodeRepresentative(byte *representative, unsigned int representativeBitLen, const byte *w, const byte *seed, const byte *m1, unsigned int m1Len);
static unsigned int DecodeRepresentative(const byte *representative, unsigned int representativeBitLen, byte *w, byte *seed, byte *m1);
unsigned int representativeBitLen, m1Len;
H h;
SecByteBlock m1, w, seed;
unsigned int MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const;
bool IsProbabilistic() const;
bool AllowNonrecoverablePart() const;
bool RecoverablePartFirst() const;
void ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const;
DecodingResult RecoverMessageFromRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength,
byte *recoverableMessage) const;
};
template <class H, class MGF>
PSSR<H,MGF>::PSSR(unsigned int representativeBitLen)
: representativeBitLen(representativeBitLen), m1Len(0)
, m1(MaximumRecoverableLength()), w(H::DIGESTSIZE), seed(H::DIGESTSIZE)
template <class H> struct EMSA2HashId
{
}
static const byte id;
};
template <class H, class MGF>
PSSR<H,MGF>::PSSR(const byte *representative, unsigned int representativeBitLen)
: representativeBitLen(representativeBitLen), m1Len(0)
, m1(MaximumRecoverableLength()), w(H::DIGESTSIZE), seed(H::DIGESTSIZE)
// EMSA2HashId can be instantiated with the following two classes.
class SHA;
class RIPEMD160;
template <class BASE>
class EMSA2HashIdLookup : public BASE
{
m1Len = DecodeRepresentative(representative, representativeBitLen, w, seed, m1);
h.Update(m1, m1Len);
}
template <class H, class MGF>
void PSSR<H,MGF>::Update(const byte *input, unsigned int length)
public:
struct HashIdentifierLookup
{
unsigned int m1LenInc = STDMIN(length, MaximumRecoverableLength() - m1Len);
memcpy(m1+m1Len, input, m1LenInc);
m1Len += m1LenInc;
h.Update(input, length);
}
template <class H, class MGF>
void PSSR<H,MGF>::Encode(RandomNumberGenerator &rng, byte *representative)
template <class H> struct HashIdentifierLookup2
{
rng.GenerateBlock(seed, seed.size());
h.Update(seed, seed.size());
h.Final(w);
EncodeRepresentative(representative, representativeBitLen, w, seed, m1, m1Len);
}
template <class H, class MGF>
bool PSSR<H,MGF>::Verify(const byte *representative)
static HashIdentifier Lookup()
{
SecByteBlock m1r(MaximumRecoverableLength()), wr(H::DIGESTSIZE);
unsigned int m1rLen = DecodeRepresentative(representative, representativeBitLen, wr, seed, m1r);
h.Update(seed, seed.size());
h.Final(w);
return m1Len==m1rLen && memcmp(m1, m1r, m1Len)==0 && w==wr;
return HashIdentifier(&EMSA2HashId<H>::id, 1);
}
};
};
};
template <class H, class MGF>
DecodingResult PSSR<H,MGF>::Decode(byte *message)
template <bool USE_HASH_ID> class PSSR_MEM_BaseWithHashId;
template<> class PSSR_MEM_BaseWithHashId<true> : public EMSA2HashIdLookup<PSSR_MEM_Base> {};
template<> class PSSR_MEM_BaseWithHashId<false> : public PSSR_MEM_Base {};
template <bool ALLOW_RECOVERY, class MGF=P1363_MGF1, int SALT_LEN=-1, int MIN_PAD_LEN=0, bool USE_HASH_ID=false>
class PSSR_MEM : public PSSR_MEM_BaseWithHashId<USE_HASH_ID>
{
SecByteBlock wh(H::DIGESTSIZE);
h.Update(seed, seed.size());
h.Final(wh);
if (wh == w)
virtual bool AllowRecovery() const {return ALLOW_RECOVERY;}
virtual unsigned int SaltLen(unsigned int hashLen) const {return SALT_LEN < 0 ? hashLen : SALT_LEN;}
virtual unsigned int MinPadLen(unsigned int hashLen) const {return MIN_PAD_LEN < 0 ? hashLen : MIN_PAD_LEN;}
virtual const MaskGeneratingFunction & GetMGF() const {static MGF mgf; return mgf;}
public:
static std::string StaticAlgorithmName() {return std::string(ALLOW_RECOVERY ? "PSSR-" : "PSS-") + MGF::StaticAlgorithmName();}
};
//! <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSSR-MGF1">PSSR-MGF1</a>
struct PSSR : public SignatureStandard
{
memcpy(message, m1, m1Len);
return DecodingResult(m1Len);
}
else
return DecodingResult();
}
typedef PSSR_MEM<true> SignatureMessageEncodingMethod;
};
template <class H, class MGF>
unsigned int PSSR<H,MGF>::MaximumRecoverableLength(unsigned int paddedLength)
//! <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PSS-MGF1">PSS-MGF1</a>
struct PSS : public SignatureStandard
{
return paddedLength/8 > 1+2*H::DIGESTSIZE ? paddedLength/8-1-2*H::DIGESTSIZE : 0;
}
template <class H, class MGF>
void PSSR<H,MGF>::EncodeRepresentative(byte *pssrBlock, unsigned int pssrBlockLen, const byte *w, const byte *seed, const byte *m1, unsigned int m1Len)
{
assert (m1Len <= MaximumRecoverableLength(pssrBlockLen));
// convert from bit length to byte length
if (pssrBlockLen % 8 != 0)
{
pssrBlock[0] = 0;
pssrBlock++;
}
pssrBlockLen /= 8;
const unsigned int hLen = H::DIGESTSIZE;
const unsigned int wLen = hLen, seedLen = hLen, dbLen = pssrBlockLen-wLen-seedLen;
byte *const maskedSeed = pssrBlock+wLen;
byte *const maskedDB = pssrBlock+wLen+seedLen;
memcpy(pssrBlock, w, wLen);
memcpy(maskedSeed, seed, seedLen);
memset(maskedDB, 0, dbLen-m1Len-1);
maskedDB[dbLen-m1Len-1] = 0x01;
memcpy(maskedDB+dbLen-m1Len, m1, m1Len);
MGF::GenerateAndMask(maskedSeed, seedLen+dbLen, w, wLen);
}
template <class H, class MGF>
unsigned int PSSR<H,MGF>::DecodeRepresentative(const byte *pssrBlock, unsigned int pssrBlockLen, byte *w, byte *seed, byte *m1)
{
// convert from bit length to byte length
if (pssrBlockLen % 8 != 0)
{
if (pssrBlock[0] != 0)
return 0;
pssrBlock++;
}
pssrBlockLen /= 8;
const unsigned int hLen = H::DIGESTSIZE;
const unsigned int wLen = hLen, seedLen = hLen, dbLen = pssrBlockLen-wLen-seedLen;
if (pssrBlockLen < 2*hLen+1)
return 0;
memcpy(w, pssrBlock, wLen);
SecByteBlock t(pssrBlock+wLen, pssrBlockLen-wLen);
byte *const maskedSeed = t;
byte *const maskedDB = t+seedLen;
MGF::GenerateAndMask(maskedSeed, seedLen+dbLen, w, wLen);
memcpy(seed, maskedSeed, seedLen);
// DB = 00 ... || 01 || M
byte *M = std::find_if(maskedDB, maskedDB+dbLen, std::bind2nd(std::not_equal_to<byte>(), 0));
if (M!=maskedDB+dbLen && *M == 0x01)
{
M++;
memcpy(m1, M, maskedDB+dbLen-M);
return maskedDB+dbLen-M;
}
else
return 0;
}
typedef PSSR_MEM<false> SignatureMessageEncodingMethod;
};
NAMESPACE_END

126
pubkey.cpp
View File

@ -5,44 +5,108 @@
NAMESPACE_BEGIN(CryptoPP)
void TF_DigestSignerBase::SignDigest(RandomNumberGenerator &rng, const byte *digest, unsigned int digestLen, byte *signature) const
void P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, bool mask, unsigned int counterStart)
{
assert(digestLen <= MaxDigestLength());
SecByteBlock paddedBlock(PaddedBlockByteLength());
GetPaddingAlgorithm().Pad(rng, digest, digestLen, paddedBlock, PaddedBlockBitLength());
GetTrapdoorFunctionInterface().CalculateRandomizedInverse(rng, Integer(paddedBlock, paddedBlock.size())).Encode(signature, DigestSignatureLength());
ArraySink *sink;
HashFilter filter(hash, sink = mask ? new ArrayXorSink(output, outputLength) : new ArraySink(output, outputLength));
word32 counter = counterStart;
while (sink->AvailableSize() > 0)
{
filter.Put(input, inputLength);
filter.PutWord32(counter++);
filter.MessageEnd();
}
}
bool TF_DigestVerifierBase::VerifyDigest(const byte *digest, unsigned int digestLen, const byte *signature) const
bool PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
SecByteBlock computedRepresentative(BitsToBytes(representativeBitLength));
ComputeMessageRepresentative(NullRNG(), NULL, 0, hash, hashIdentifier, messageEmpty, computedRepresentative, representativeBitLength);
return memcmp(representative, computedRepresentative, computedRepresentative.size()) == 0;
}
bool PK_RecoverableSignatureMessageEncodingMethod::VerifyMessageRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
SecByteBlock recoveredMessage(MaxRecoverableLength(representativeBitLength, hashIdentifier.second, hash.DigestSize()));
DecodingResult result = RecoverMessageFromRepresentative(
hash, hashIdentifier, messageEmpty, representative, representativeBitLength, recoveredMessage);
return result.isValidCoding && result.messageLength == 0;
}
void TF_SignerBase::InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const
{
PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
const MessageEncodingInterface &mei = GetMessageEncodingInterface();
unsigned int maxRecoverableLength = mei.MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, ma.AccessHash().DigestSize());
if (maxRecoverableLength == 0)
{throw NotImplemented("TF_SignerBase: this algorithm does not support messsage recovery or the key is too short");}
if (recoverableMessageLength > maxRecoverableLength)
throw InvalidArgument("TF_SignerBase: the recoverable message part is too long for the given key and algorithm");
ma.m_recoverableMessage.Assign(recoverableMessage, recoverableMessageLength);
mei.ProcessRecoverableMessage(
ma.AccessHash(),
recoverableMessage, recoverableMessageLength,
NULL, 0, ma.m_semisignature);
}
unsigned int TF_SignerBase::SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
{
PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
SecByteBlock representative(MessageRepresentativeLength());
GetMessageEncodingInterface().ComputeMessageRepresentative(rng,
ma.m_recoverableMessage, ma.m_recoverableMessage.size(),
ma.AccessHash(), GetHashIdentifier(), ma.m_empty,
representative, MessageRepresentativeBitLength());
ma.m_empty = true;
Integer r(representative, representative.size());
unsigned int signatureLength = SignatureLength();
GetTrapdoorFunctionInterface().CalculateRandomizedInverse(rng, r).Encode(signature, signatureLength);
return signatureLength;
}
void TF_VerifierBase::InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const
{
PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
ma.m_representative.New(MessageRepresentativeLength());
Integer x = GetTrapdoorFunctionInterface().ApplyFunction(Integer(signature, signatureLength));
if (x.BitCount() > MessageRepresentativeBitLength())
x = Integer::Zero(); // don't return false here to prevent timing attack
x.Encode(ma.m_representative, ma.m_representative.size());
}
bool TF_VerifierBase::VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const
{
PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
bool result = GetMessageEncodingInterface().VerifyMessageRepresentative(
ma.AccessHash(), GetHashIdentifier(), ma.m_empty, ma.m_representative, MessageRepresentativeBitLength());
ma.m_empty = true;
return result;
}
DecodingResult TF_VerifierBase::RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
{
PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
DecodingResult result = GetMessageEncodingInterface().RecoverMessageFromRepresentative(
ma.AccessHash(), GetHashIdentifier(), ma.m_empty, ma.m_representative, MessageRepresentativeBitLength(), recoveredMessage);
ma.m_empty = true;
return result;
}
DecodingResult TF_DecryptorBase::FixedLengthDecrypt(RandomNumberGenerator &rng, const byte *cipherText, byte *plainText) const
{
SecByteBlock paddedBlock(PaddedBlockByteLength());
Integer x = GetTrapdoorFunctionInterface().ApplyFunction(Integer(signature, DigestSignatureLength()));
Integer x = GetTrapdoorFunctionInterface().CalculateInverse(rng, Integer(cipherText, FixedCiphertextLength()));
if (x.ByteCount() > paddedBlock.size())
x = Integer::Zero(); // don't return false here to prevent timing attack
x.Encode(paddedBlock, paddedBlock.size());
if (GetPaddingAlgorithm().IsReversible())
{
SecByteBlock recoveredDigest(MaxDigestLength());
DecodingResult result = GetPaddingAlgorithm().Unpad(paddedBlock, PaddedBlockBitLength(), recoveredDigest);
return result == DecodingResult(digestLen) && memcmp(digest, recoveredDigest, digestLen) == 0;
}
else
{
SecByteBlock paddedBlock2(PaddedBlockByteLength());
GetPaddingAlgorithm().Pad(NullRNG(), digest, digestLen, paddedBlock2, PaddedBlockBitLength());
return paddedBlock == paddedBlock2;
}
}
DecodingResult TF_DecryptorBase::FixedLengthDecrypt(const byte *cipherText, byte *plainText) const
{
SecByteBlock paddedBlock(PaddedBlockByteLength());
Integer x = GetTrapdoorFunctionInterface().CalculateInverse(Integer(cipherText, FixedCiphertextLength()));
if (x.ByteCount() > paddedBlock.size())
x = Integer::Zero(); // don't return false here to prevent timing attack
x.Encode(paddedBlock, paddedBlock.size());
return GetPaddingAlgorithm().Unpad(paddedBlock, PaddedBlockBitLength(), plainText);
return GetMessageEncodingInterface().Unpad(paddedBlock, PaddedBlockBitLength(), plainText);
}
void TF_EncryptorBase::Encrypt(RandomNumberGenerator &rng, const byte *plainText, unsigned int plainTextLength, byte *cipherText) const
@ -51,7 +115,7 @@ void TF_EncryptorBase::Encrypt(RandomNumberGenerator &rng, const byte *plainText
throw InvalidArgument(AlgorithmName() + ": message too long for this public key");
SecByteBlock paddedBlock(PaddedBlockByteLength());
GetPaddingAlgorithm().Pad(rng, plainText, plainTextLength, paddedBlock, PaddedBlockBitLength());
GetMessageEncodingInterface().Pad(rng, plainText, plainTextLength, paddedBlock, PaddedBlockBitLength());
GetTrapdoorFunctionInterface().ApplyRandomizedFunction(rng, Integer(paddedBlock, paddedBlock.size())).Encode(cipherText, FixedCiphertextLength());
}

741
pubkey.h
View File

File diff suppressed because it is too large Load Diff

13
rabin.cpp
View File

@ -5,6 +5,7 @@
#include "nbtheory.h"
#include "asn.h"
#include "sha.h"
#include "modarith.h"
#include "oaep.cpp"
@ -138,11 +139,17 @@ void InvertibleRabinFunction::DEREncode(BufferedTransformation &bt) const
seq.MessageEnd();
}
Integer InvertibleRabinFunction::CalculateInverse(const Integer &in) const
Integer InvertibleRabinFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &in) const
{
DoQuickSanityCheck();
Integer cp=in%m_p, cq=in%m_q;
ModularArithmetic modn(m_n);
Integer r(rng, Integer::One(), m_n - Integer::One());
r = modn.Square(r);
Integer r2 = modn.Square(r);
Integer c = modn.Multiply(in, r2); // blind
Integer cp=c%m_p, cq=c%m_q;
int jp = Jacobi(cp, m_p);
int jq = Jacobi(cq, m_q);
@ -167,6 +174,8 @@ Integer InvertibleRabinFunction::CalculateInverse(const Integer &in) const
Integer out = CRT(cq, m_q, cp, m_p, m_u);
out = modn.Divide(out, r); // unblind
if ((jq==-1 && out.IsEven()) || (jq==1 && out.IsOdd()))
out = m_n-out;

20
rabin.h
View File

@ -57,7 +57,7 @@ public:
void BERDecode(BufferedTransformation &bt);
void DEREncode(BufferedTransformation &bt) const;
Integer CalculateInverse(const Integer &x) const;
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
@ -92,16 +92,8 @@ struct RabinES : public TF_ES<STANDARD, Rabin>
};
//! .
template <class EM>
struct RabinSSR
{
typedef PK_FinalTemplate<SignerWithRecoveryTemplate<InvertibleRabinFunction, EM> > Signer;
typedef PK_FinalTemplate<VerifierWithRecoveryTemplate<RabinFunction, EM> > Verifier;
};
//! .
template <class H>
struct RabinPSSR : public RabinSSR<PSSR<H> >
template <class STANDARD, class H>
struct RabinSS : public TF_SS<STANDARD, H, Rabin>
{
};
@ -112,12 +104,6 @@ class SHA;
typedef RabinES<OAEP<SHA> >::Decryptor RabinDecryptor;
typedef RabinES<OAEP<SHA> >::Encryptor RabinEncryptor;
#ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
// simulate template typedef
#define RabinSignerWith(H) RabinPSSR<H>::Signer
#define RabinVerifierWith(H) RabinPSSR<H>::Verifier
#endif
NAMESPACE_END
#endif

7
regtest.cpp
View File

@ -27,8 +27,9 @@ void RegisterFactories()
RegisterSignatureSchemeDefaultFactories<DSA>("DSA(1363)");
RegisterSignatureSchemeDefaultFactories<NR<SHA1> >("NR(1363)/EMSA1(SHA-1)");
RegisterSignatureSchemeDefaultFactories<GDSA<SHA1> >("DSA-1363/EMSA1(SHA-1)");
RegisterSignatureSchemeDefaultFactories<RSASSA<PKCS1v15, MD2> >("RSA/PKCS1-1.5(MD2)");
RegisterSignatureSchemeDefaultFactories<RSASSA<PKCS1v15, SHA1> >("RSA/PKCS1-1.5(SHA-1)");
RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, MD2> >("RSA/PKCS1-1.5(MD2)");
RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, SHA1> >("RSA/PKCS1-1.5(SHA-1)");
RegisterSignatureSchemeDefaultFactories<ESIGN<SHA1> >("ESIGN/EMSA5-MGF1(SHA-1)");
RegisterSignatureSchemeDefaultFactories<RWSSA<SHA1> >("RW/EMSA2(SHA-1)");
RegisterSignatureSchemeDefaultFactories<RWSS<P1363_EMSA2, SHA1> >("RW/EMSA2(SHA-1)");
RegisterSignatureSchemeDefaultFactories<RSASS<PSS, SHA1> >("RSA/PSS-MGF1(SHA-1)");
}

85
rsa.cpp
View File

@ -4,25 +4,33 @@
#include "rsa.h"
#include "asn.h"
#include "oids.h"
#include "modarith.h"
#include "nbtheory.h"
#include "sha.h"
#include "algparam.h"
#include "fips140.h"
#ifndef NDEBUG
#include "pssr.h"
#endif
#include "oaep.cpp"
NAMESPACE_BEGIN(CryptoPP)
#ifndef NDEBUG
void RSA_TestInstantiations()
{
RSASSA<PKCS1v15, SHA>::Verifier x1(1, 1);
RSASSA<PKCS1v15, SHA>::Signer x2(NullRNG(), 1);
RSASSA<PKCS1v15, SHA>::Verifier x3(x2);
RSASSA<PKCS1v15, SHA>::Verifier x4(x2.GetKey());
RSASSA<PKCS1v15, SHA>::Verifier x5(x3);
RSASSA<PKCS1v15, SHA>::Signer x6 = x2;
RSASS<PKCS1v15, SHA>::Verifier x1(1, 1);
RSASS<PKCS1v15, SHA>::Signer x2(NullRNG(), 1);
RSASS<PKCS1v15, SHA>::Verifier x3(x2);
RSASS<PKCS1v15, SHA>::Verifier x4(x2.GetKey());
RSASS<PSS, SHA>::Verifier x5(x3);
RSASS<PSSR, SHA>::Signer x6 = x2;
RSAES<PKCS1v15>::Encryptor x7(x2);
#ifndef __GNUC__
RSAES<PKCS1v15>::Encryptor x8(x3);
#endif
RSAES<OAEP<SHA> >::Encryptor x9(x2);
x6 = x2;
@ -31,6 +39,7 @@ void RSA_TestInstantiations()
#endif
x4 = x2.GetKey();
}
#endif
template class OAEP<SHA>;
@ -124,13 +133,13 @@ void InvertibleRSAFunction::GenerateRandom(RandomNumberGenerator &rng, const Nam
if (FIPS_140_2_ComplianceEnabled())
{
RSASSA<PKCS1v15, SHA>::Signer signer(*this);
RSASSA<PKCS1v15, SHA>::Verifier verifier(signer);
SignaturePairwiseConsistencyTest(signer, verifier);
RSASS<PKCS1v15, SHA>::Signer signer(*this);
RSASS<PKCS1v15, SHA>::Verifier verifier(signer);
SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
RSAES<OAEP<SHA> >::Decryptor decryptor(*this);
RSAES<OAEP<SHA> >::Encryptor encryptor(decryptor);
EncryptionPairwiseConsistencyTest(encryptor, decryptor);
EncryptionPairwiseConsistencyTest_FIPS_140_Only(encryptor, decryptor);
}
}
@ -139,6 +148,40 @@ void InvertibleRSAFunction::Initialize(RandomNumberGenerator &rng, unsigned int
GenerateRandom(rng, MakeParameters("ModulusSize", (int)keybits)("PublicExponent", e+e.IsEven()));
}
void InvertibleRSAFunction::Initialize(const Integer &n, const Integer &e, const Integer &d)
{
m_n = n;
m_e = e;
m_d = d;
Integer r = --(d*e);
while (r.IsEven())
r >>= 1;
ModularArithmetic modn(n);
for (Integer i = 2; ; ++i)
{
Integer a = modn.Exponentiate(i, r);
if (a == 1)
continue;
Integer b;
while (a != -1)
{
b = modn.Square(a);
if (b == 1)
{
m_p = GCD(a-1, n);
m_q = n/m_p;
m_dp = m_d % (m_p-1);
m_dq = m_d % (m_q-1);
m_u = m_q.InverseMod(m_p);
return;
}
a = b;
}
}
}
void InvertibleRSAFunction::BERDecodeKey(BufferedTransformation &bt)
{
BERSequenceDecoder privateKey(bt);
@ -170,12 +213,20 @@ void InvertibleRSAFunction::DEREncodeKey(BufferedTransformation &bt) const
privateKey.MessageEnd();
}
Integer InvertibleRSAFunction::CalculateInverse(const Integer &x) const
Integer InvertibleRSAFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const
{
DoQuickSanityCheck();
ModularArithmetic modn(m_n);
Integer r(rng, Integer::One(), m_n - Integer::One());
Integer re = modn.Exponentiate(r, m_e);
re = modn.Multiply(re, x); // blind
// here we follow the notation of PKCS #1 and let u=q inverse mod p
// but in ModRoot, u=p inverse mod q, so we reverse the order of p and q
return ModularRoot(x, m_dq, m_dp, m_q, m_p, m_u);
Integer y = ModularRoot(re, m_dq, m_dp, m_q, m_p, m_u);
y = modn.Divide(y, r); // unblind
if (modn.Exponentiate(y, m_e) != x) // check
throw Exception(Exception::OTHER_ERROR, "InvertibleRSAFunction: computational error during private key operation");
return y;
}
bool InvertibleRSAFunction::Validate(RandomNumberGenerator &rng, unsigned int level) const
@ -223,14 +274,4 @@ void InvertibleRSAFunction::AssignFrom(const NameValuePairs &source)
;
}
/*
bool RSAFunctionInverse_NonCRT::Validate(RandomNumberGenerator &rng, unsigned int level) const
{
bool pass = true;
pass = pass && m_n > Integer::One() && m_n.IsOdd();
pass = pass && m_d > Integer::One() && m_d.IsOdd() && m_d < m_n;
return pass;
}
*/
NAMESPACE_END

44
rsa.h
View File

@ -57,6 +57,8 @@ public:
void Initialize(RandomNumberGenerator &rng, unsigned int modulusBits, const Integer &e = 17);
void Initialize(const Integer &n, const Integer &e, const Integer &d, const Integer &p, const Integer &q, const Integer &dp, const Integer &dq, const Integer &u)
{m_n = n; m_e = e; m_d = d; m_p = p; m_q = q; m_dp = dp; m_dq = dq; m_u = u;}
//! factor n given private exponent
void Initialize(const Integer &n, const Integer &e, const Integer &d);
// PKCS8PrivateKey
void BERDecode(BufferedTransformation &bt)
@ -67,7 +69,7 @@ public:
void DEREncodeKey(BufferedTransformation &bt) const;
// TrapdoorFunctionInverse
Integer CalculateInverse(const Integer &x) const;
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
// GeneratableCryptoMaterial
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
@ -98,32 +100,6 @@ protected:
Integer m_d, m_p, m_q, m_dp, m_dq, m_u;
};
/*
//! .
class RSAFunctionInverse_NonCRT : public TrapdoorFunctionBounds, public TrapdoorFunctionInverse, public PrivateKey
{
public:
Integer CalculateInverse(const Integer &x) const
{return a_exp_b_mod_c(x, m_d, m_n);}
Integer PreimageBound() const {return m_n;}
Integer ImageBound() const {return m_n;}
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
const Integer& GetModulus() const {return m_n;}
const Integer& GetDecryptionExponent() const {return m_d;}
void SetModulus(const Integer &n) {m_n = n;}
void SetDecryptionExponent(const Integer &d) {m_d = d;}
void SetPrivateValues(const Integer &n, const Integer &d)
{m_n = n; m_d = d;}
private:
Integer m_n, m_d;
};
*/
//! .
struct RSA
{
@ -141,7 +117,7 @@ struct RSAES : public TF_ES<STANDARD, RSA>
//! <a href="http://www.weidai.com/scan-mirror/sig.html#RSA">RSA signature scheme with appendix</a>
/*! See documentation of PKCS1v15 for a list of hash functions that can be used with it. */
template <class STANDARD, class H>
struct RSASSA : public TF_SSA<STANDARD, H, RSA>
struct RSASS : public TF_SS<STANDARD, H, RSA>
{
};
@ -153,14 +129,14 @@ typedef RSAES<OAEP<SHA> >::Decryptor RSAES_OAEP_SHA_Decryptor;
typedef RSAES<OAEP<SHA> >::Encryptor RSAES_OAEP_SHA_Encryptor;
// The three RSA signature schemes defined in PKCS #1 v2.0
typedef RSASSA<PKCS1v15, SHA>::Signer RSASSA_PKCS1v15_SHA_Signer;
typedef RSASSA<PKCS1v15, SHA>::Verifier RSASSA_PKCS1v15_SHA_Verifier;
typedef RSASS<PKCS1v15, SHA>::Signer RSASSA_PKCS1v15_SHA_Signer;
typedef RSASS<PKCS1v15, SHA>::Verifier RSASSA_PKCS1v15_SHA_Verifier;
typedef RSASSA<PKCS1v15, MD2>::Signer RSASSA_PKCS1v15_MD2_Signer;
typedef RSASSA<PKCS1v15, MD2>::Verifier RSASSA_PKCS1v15_MD2_Verifier;
typedef RSASS<PKCS1v15, MD2>::Signer RSASSA_PKCS1v15_MD2_Signer;
typedef RSASS<PKCS1v15, MD2>::Verifier RSASSA_PKCS1v15_MD2_Verifier;
typedef RSASSA<PKCS1v15, MD5>::Signer RSASSA_PKCS1v15_MD5_Signer;
typedef RSASSA<PKCS1v15, MD5>::Verifier RSASSA_PKCS1v15_MD5_Verifier;
typedef RSASS<PKCS1v15, MD5>::Signer RSASSA_PKCS1v15_MD5_Signer;
typedef RSASS<PKCS1v15, MD5>::Verifier RSASSA_PKCS1v15_MD5_Verifier;
NAMESPACE_END

116
rw.cpp
View File

@ -7,82 +7,53 @@
NAMESPACE_BEGIN(CryptoPP)
template<> const byte EMSA2DigestDecoration<SHA>::decoration = 0x33;
template<> const byte EMSA2DigestDecoration<RIPEMD160>::decoration = 0x31;
void EMSA2Pad::Pad(RandomNumberGenerator &, const byte *input, unsigned int inputLen, byte *emsa2Block, unsigned int emsa2BlockLen) const
void EMSA2Pad::ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const
{
assert (inputLen > 0 && inputLen <= MaxUnpaddedLength(emsa2BlockLen));
if (representativeBitLength % 8 != 7)
throw PK_SignatureScheme::InvalidKeyLength("EMSA2: EMSA2 requires a key length that is a multiple of 8");
// convert from bit length to byte length
emsa2BlockLen++;
if (emsa2BlockLen % 8 > 1)
{
emsa2Block[0] = 0;
emsa2Block++;
}
emsa2BlockLen /= 8;
unsigned int digestSize = hash.DigestSize();
if (representativeBitLength < 8*digestSize + 31)
throw PK_SignatureScheme::KeyTooShort();
emsa2Block[0] = input[0]; // indicate empty or non-empty message
memset(emsa2Block+1, 0xbb, emsa2BlockLen-inputLen-2); // padd with 0xbb
emsa2Block[emsa2BlockLen-inputLen-1] = 0xba; // separator
memcpy(emsa2Block+emsa2BlockLen-inputLen, input+1, inputLen-1);
emsa2Block[emsa2BlockLen-1] = 0xcc; // make it congruent to 12 mod 16
}
unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
DecodingResult EMSA2Pad::Unpad(const byte *emsa2Block, unsigned int emsa2BlockLen, byte *output) const
{
// convert from bit length to byte length
emsa2BlockLen++;
if (emsa2BlockLen % 8 > 1)
{
if (emsa2Block[0] != 0)
return DecodingResult();
emsa2Block++;
}
emsa2BlockLen /= 8;
// check last byte
if (emsa2Block[emsa2BlockLen-1] != 0xcc)
return DecodingResult();
// skip past the padding until we find the seperator
unsigned i=1;
while (i<emsa2BlockLen-1 && emsa2Block[i++] != 0xba)
if (emsa2Block[i-1] != 0xbb) // not valid padding
return DecodingResult();
assert(i==emsa2BlockLen-1 || emsa2Block[i-1]==0xba);
unsigned int outputLen = emsa2BlockLen - i;
output[0] = emsa2Block[0];
memcpy (output+1, emsa2Block+i, outputLen-1);
return DecodingResult(outputLen);
representative[0] = messageEmpty ? 0x4b : 0x6b;
memset(representative+1, 0xbb, representativeByteLength-digestSize-4); // padd with 0xbb
byte *afterP2 = representative+representativeByteLength-digestSize-3;
afterP2[0] = 0xba;
hash.Final(afterP2+1);
representative[representativeByteLength-2] = *hashIdentifier.first;
representative[representativeByteLength-1] = 0xcc;
}
// *****************************************************************************
template <word r>
void RWFunction<r>::BERDecode(BufferedTransformation &bt)
void RWFunction::BERDecode(BufferedTransformation &bt)
{
BERSequenceDecoder seq(bt);
m_n.BERDecode(seq);
seq.MessageEnd();
}
template <word r>
void RWFunction<r>::DEREncode(BufferedTransformation &bt) const
void RWFunction::DEREncode(BufferedTransformation &bt) const
{
DERSequenceEncoder seq(bt);
m_n.DEREncode(seq);
seq.MessageEnd();
}
template <word r>
Integer RWFunction<r>::ApplyFunction(const Integer &in) const
Integer RWFunction::ApplyFunction(const Integer &in) const
{
DoQuickSanityCheck();
Integer out = in.Squared()%m_n;
const word r = 12;
// this code was written to handle both r = 6 and r = 12,
// but now only r = 12 is used in P1363
const word r2 = r/2;
const word r3a = (16 + 5 - r) % 16; // n%16 could be 5 or 13
const word r3b = (16 + 13 - r) % 16;
@ -112,24 +83,21 @@ Integer RWFunction<r>::ApplyFunction(const Integer &in) const
return out;
}
template <word r>
bool RWFunction<r>::Validate(RandomNumberGenerator &rng, unsigned int level) const
bool RWFunction::Validate(RandomNumberGenerator &rng, unsigned int level) const
{
bool pass = true;
pass = pass && m_n > Integer::One() && m_n%8 == 5;
return pass;
}
template <word r>
bool RWFunction<r>::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
bool RWFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
{
return GetValueHelper(this, name, valueType, pValue).Assignable()
CRYPTOPP_GET_FUNCTION_ENTRY(Modulus)
;
}
template <word r>
void RWFunction<r>::AssignFrom(const NameValuePairs &source)
void RWFunction::AssignFrom(const NameValuePairs &source)
{
AssignFromHelper(this, source)
CRYPTOPP_SET_FUNCTION_ENTRY(Modulus)
@ -140,8 +108,7 @@ void RWFunction<r>::AssignFrom(const NameValuePairs &source)
// private key operations:
// generate a random private key
template <word r>
void InvertibleRWFunction<r>::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
void InvertibleRWFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
@ -157,8 +124,7 @@ void InvertibleRWFunction<r>::GenerateRandom(RandomNumberGenerator &rng, const N
m_u = m_q.InverseMod(m_p);
}
template <word r>
void InvertibleRWFunction<r>::BERDecode(BufferedTransformation &bt)
void InvertibleRWFunction::BERDecode(BufferedTransformation &bt)
{
BERSequenceDecoder seq(bt);
m_n.BERDecode(seq);
@ -168,8 +134,7 @@ void InvertibleRWFunction<r>::BERDecode(BufferedTransformation &bt)
seq.MessageEnd();
}
template <word r>
void InvertibleRWFunction<r>::DEREncode(BufferedTransformation &bt) const
void InvertibleRWFunction::DEREncode(BufferedTransformation &bt) const
{
DERSequenceEncoder seq(bt);
m_n.DEREncode(seq);
@ -179,9 +144,10 @@ void InvertibleRWFunction<r>::DEREncode(BufferedTransformation &bt) const
seq.MessageEnd();
}
template <word r>
Integer InvertibleRWFunction<r>::CalculateInverse(const Integer &in) const
Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &in) const
{
// no need to do blinding because RW is only used for signatures
DoQuickSanityCheck();
Integer cp=in%m_p, cq=in%m_q;
@ -200,10 +166,9 @@ Integer InvertibleRWFunction<r>::CalculateInverse(const Integer &in) const
return STDMIN(out, m_n-out);
}
template <word r>
bool InvertibleRWFunction<r>::Validate(RandomNumberGenerator &rng, unsigned int level) const
bool InvertibleRWFunction::Validate(RandomNumberGenerator &rng, unsigned int level) const
{
bool pass = RWFunction<r>::Validate(rng, level);
bool pass = RWFunction::Validate(rng, level);
pass = pass && m_p > Integer::One() && m_p%8 == 3 && m_p < m_n;
pass = pass && m_q > Integer::One() && m_q%8 == 7 && m_q < m_n;
pass = pass && m_u.IsPositive() && m_u < m_p;
@ -217,27 +182,22 @@ bool InvertibleRWFunction<r>::Validate(RandomNumberGenerator &rng, unsigned int
return pass;
}
template <word r>
bool InvertibleRWFunction<r>::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
bool InvertibleRWFunction::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
{
return GetValueHelper<RWFunction<r> >(this, name, valueType, pValue).Assignable()
return GetValueHelper<RWFunction>(this, name, valueType, pValue).Assignable()
CRYPTOPP_GET_FUNCTION_ENTRY(Prime1)
CRYPTOPP_GET_FUNCTION_ENTRY(Prime2)
CRYPTOPP_GET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
;
}
template <word r>
void InvertibleRWFunction<r>::AssignFrom(const NameValuePairs &source)
void InvertibleRWFunction::AssignFrom(const NameValuePairs &source)
{
AssignFromHelper<RWFunction<r> >(this, source)
AssignFromHelper<RWFunction>(this, source)
CRYPTOPP_SET_FUNCTION_ENTRY(Prime1)
CRYPTOPP_SET_FUNCTION_ENTRY(Prime2)
CRYPTOPP_SET_FUNCTION_ENTRY(MultiplicativeInverseOfPrime2ModPrime1)
;
}
template class RWFunction<IFSSA_R>;
template class InvertibleRWFunction<IFSSA_R>;
NAMESPACE_END

76
rw.h
View File

@ -6,16 +6,12 @@
Rabin-Williams signature schemes as defined in IEEE P1363.
*/
#include "pubkey.h"
#include "integer.h"
#include "pssr.h"
NAMESPACE_BEGIN(CryptoPP)
const word IFSSR_R = 6;
const word IFSSA_R = 12;
//! .
template <word r>
class RWFunction : virtual public TrapdoorFunction, public PublicKey
{
typedef RWFunction ThisClass;
@ -43,8 +39,7 @@ protected:
};
//! .
template <word r>
class InvertibleRWFunction : public RWFunction<r>, public TrapdoorFunctionInverse, public PrivateKey
class InvertibleRWFunction : public RWFunction, public TrapdoorFunctionInverse, public PrivateKey
{
typedef InvertibleRWFunction ThisClass;
@ -58,7 +53,7 @@ public:
void BERDecode(BufferedTransformation &bt);
void DEREncode(BufferedTransformation &bt) const;
Integer CalculateInverse(const Integer &x) const;
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const;
// GeneratibleCryptoMaterial
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
@ -80,80 +75,37 @@ protected:
};
//! .
class EMSA2Pad : public PK_PaddingAlgorithm
class EMSA2Pad : public EMSA2HashIdLookup<PK_DeterministicSignatureMessageEncodingMethod>
{
public:
static const char *StaticAlgorithmName() {return "EMSA2";}
unsigned int MaxUnpaddedLength(unsigned int paddedLength) const {return (paddedLength+1)/8-2;}
void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength) const;
DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw) const;
};
//! .
template <class H>
class EMSA2DecoratedHashModule : public HashTransformationWithDefaultTruncation
{
public:
EMSA2DecoratedHashModule() : empty(true) {}
void Update(const byte *input, unsigned int length)
{h.Update(input, length); empty = empty && length==0;}
unsigned int DigestSize() const;
void Final(byte *digest);
void Restart() {h.Restart(); empty=true;}
private:
H h;
bool empty;
};
template <class H> struct EMSA2DigestDecoration
{
static const byte decoration;
void ComputeMessageRepresentative(RandomNumberGenerator &rng,
const byte *recoverableMessage, unsigned int recoverableMessageLength,
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, unsigned int representativeBitLength) const;
};
//! EMSA2, for use with RW
/*! The following hash functions are supported: SHA, RIPEMD160. */
struct P1363_EMSA2 : public SignatureStandard
{
template <class H> struct SignaturePaddingAlgorithm {typedef EMSA2Pad type;};
template <class H> struct DecoratedHashingAlgorithm {typedef EMSA2DecoratedHashModule<H> type;};
typedef EMSA2Pad SignatureMessageEncodingMethod;
};
template<> struct CryptoStandardTraits<P1363_EMSA2> : public P1363_EMSA2 {};
// EMSA2DecoratedHashModule can be instantiated with the following two classes.
class SHA;
class RIPEMD160;
template <class H>
void EMSA2DecoratedHashModule<H>::Final(byte *digest)
{
digest[0] = empty ? 0x4b : 0x6b;
h.Final(digest+1);
digest[DigestSize()-1] = EMSA2DigestDecoration<H>::decoration;
empty=true;
}
template <class H>
unsigned int EMSA2DecoratedHashModule<H>::DigestSize() const
{
return h.DigestSize() + 2;
}
//! .
template <word r>
struct RW
{
static std::string StaticAlgorithmName() {return "RW";}
typedef RWFunction<r> PublicKey;
typedef InvertibleRWFunction<r> PrivateKey;
typedef RWFunction PublicKey;
typedef InvertibleRWFunction PrivateKey;
};
//! RW
template <class H, class STANDARD = P1363_EMSA2>
struct RWSSA : public TF_SSA<STANDARD, H, RW<IFSSA_R> >
//! RWSS
template <class STANDARD, class H>
struct RWSS : public TF_SS<STANDARD, H, RW>
{
};

2
simple.h
View File

@ -151,6 +151,8 @@ public:
{ChannelPut(channel, inString, length); return false;}
virtual unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking) =0;
unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking)
{return ChannelPut2(channel, begin, length, messageEnd, blocking);}
virtual void ChannelInitialize(const std::string &channel, const NameValuePairs &parameters=g_nullNameValuePairs, int propagation=-1) =0;
virtual bool ChannelFlush(const std::string &channel, bool hardFlush, int propagation=-1, bool blocking=true) =0;

1
socketft.h
View File

@ -113,7 +113,6 @@ protected:
bool m_own;
};
//! contributed by Denis Bider
class SocketsInitializer
{
public:

7
test.cpp
View File

@ -448,7 +448,7 @@ void FIPS140_SampleApplication(const char *moduleFilename, const char *edcFilena
signer.SignMessage(rng, message, 3, signature);
DSA::Verifier verifier(dsaPublicKey);
if (!verifier.VerifyMessage(message, 3, signature))
if (!verifier.VerifyMessage(message, 3, signature, 40))
{
cerr << "DSA signature and verification failed.\n";
abort();
@ -458,7 +458,7 @@ void FIPS140_SampleApplication(const char *moduleFilename, const char *edcFilena
// try to verify an invalid signature
signature[0] ^= 1;
if (verifier.VerifyMessage(message, 3, signature))
if (verifier.VerifyMessage(message, 3, signature, 40))
{
cerr << "DSA signature verification failed to detect bad signature.\n";
abort();
@ -538,7 +538,7 @@ string RSADecryptString(const char *privFilename, const char *ciphertext)
RSAES_OAEP_SHA_Decryptor priv(privFile);
string result;
StringSource(ciphertext, true, new HexDecoder(new PK_DecryptorFilter(priv, new StringSink(result))));
StringSource(ciphertext, true, new HexDecoder(new PK_DecryptorFilter(GlobalRNG(), priv, new StringSink(result))));
return result;
}
@ -921,6 +921,7 @@ bool Validate(int alg, bool thorough, const char *seed)
case 56: result = ValidatePBKDF(); break;
case 57: result = ValidateESIGN(); break;
case 58: result = ValidateDLIES(); break;
case 59: result = ValidateBaseCode(); break;
default: result = ValidateAll(thorough); break;
}

2
usage.dat
View File

@ -56,7 +56,7 @@ Test Driver for Crypto++(TM) Library, a C++ Class Library of Cryptographic Schem
- To forward a TCP connection
cryptest ft source-port destination-host destination-port
- To run the FIPS-140-2 sample application
- To run the FIPS 140-2 sample application
cryptest fips
- To run validation tests

51
validat1.cpp
View File

@ -4,6 +4,7 @@
#include "files.h"
#include "hex.h"
#include "base64.h"
#include "modes.h"
#include "cbcmac.h"
#include "dmac.h"
@ -1258,3 +1259,53 @@ bool ValidateSEAL()
cout << (pass ? "passed" : "FAILED") << endl;
return pass;
}
bool ValidateBaseCode()
{
bool pass = true, fail;
byte data[255];
for (unsigned int i=0; i<255; i++)
data[i] = i;
const char *hexEncoded =
"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627"
"28292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F"
"505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071727374757677"
"78797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F"
"A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7"
"C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEF"
"F0F1F2F3F4F5F6F7F8F9FAFBFCFDFE";
const char *base64AndHexEncoded =
"41414543417751464267634943516F4C4441304F4478415245684D554652595847426B6147787764"
"486838674953496A4A43556D4A7967704B6973734C5334764D4445794D7A51310A4E6A63344F546F"
"375044302B50304242516B4E4552555A4853456C4B5330784E546B395155564A5456465657563168"
"5A576C746358563566594746695932526C5A6D646F615770720A6247317562334278636E4E306458"
"5A3365486C3665337839666E2B4167594B44684957476834694A696F754D6A5936506B4A47536B35"
"53566C7065596D5A71626E4A32656E3643680A6F714F6B7061616E714B6D717136797472712B7773"
"624B7A744C573274376935757275387662362F774D484377385446787366497963724C7A4D334F7A"
"39445230745055316462580A324E6E6132397A6433742F6734654C6A354F586D352B6A7036757673"
"3765377638504879382F5431397666342B6672372F50332B0A";
cout << "\nBase64 and hex coding validation suite running...\n\n";
fail = !TestFilter(HexEncoder().Ref(), data, 255, (const byte *)hexEncoded, strlen(hexEncoded));
cout << (fail ? "FAILED " : "passed ");
cout << "Hex Encoding\n";
pass = pass && !fail;
fail = !TestFilter(HexDecoder().Ref(), (const byte *)hexEncoded, strlen(hexEncoded), data, 255);
cout << (fail ? "FAILED " : "passed ");
cout << "Hex Decoding\n";
pass = pass && !fail;
fail = !TestFilter(Base64Encoder(new HexEncoder).Ref(), data, 255, (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded));
cout << (fail ? "FAILED " : "passed ");
cout << "Base64 Encoding\n";
pass = pass && !fail;
fail = !TestFilter(HexDecoder(new Base64Decoder).Ref(), (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded), data, 255);
cout << (fail ? "FAILED " : "passed ");
cout << "Base64 Decoding\n";
pass = pass && !fail;
return pass;
}

63
validat2.cpp
View File

@ -113,23 +113,42 @@ bool SignatureValidate(PK_Signer &priv, PK_Verifier &pub, bool thorough = false)
const byte *message = (byte *)"test message";
const int messageLen = 12;
byte buffer[512];
memset(buffer, 0, sizeof(buffer));
priv.SignMessage(GlobalRNG(), message, messageLen, buffer);
fail = !pub.VerifyMessage(message, messageLen, buffer);
SecByteBlock signature(priv.MaxSignatureLength());
unsigned int signatureLength = priv.SignMessage(GlobalRNG(), message, messageLen, signature);
fail = !pub.VerifyMessage(message, messageLen, signature, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature and verification\n";
++buffer[0];
fail = pub.VerifyMessage(message, messageLen, buffer);
++signature[0];
fail = pub.VerifyMessage(message, messageLen, signature, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "checking invalid signature" << endl;
if (priv.MaxRecoverableLength() > 0)
{
signatureLength = priv.SignMessageWithRecovery(GlobalRNG(), message, messageLen, NULL, 0, signature);
SecByteBlock recovered(priv.MaxRecoverableLengthFromSignatureLength(signatureLength));
DecodingResult result = pub.RecoverMessage(recovered, NULL, 0, signature, signatureLength);
fail = !(result.isValidCoding && result.messageLength == messageLen && memcmp(recovered, message, messageLen) == 0);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature and verification with recovery" << endl;
++signature[0];
result = pub.RecoverMessage(recovered, NULL, 0, signature, signatureLength);
fail = result.isValidCoding;
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "recovery with invalid signature" << endl;
}
return pass;
}
@ -149,7 +168,7 @@ bool CryptoSystemValidate(PK_Decryptor &priv, PK_Encryptor &pub, bool thorough =
SecByteBlock plaintext(priv.MaxPlaintextLength(ciphertext.size()));
pub.Encrypt(GlobalRNG(), message, messageLen, ciphertext);
fail = priv.Decrypt(ciphertext, priv.CiphertextLength(messageLen), plaintext) != DecodingResult(messageLen);
fail = priv.Decrypt(GlobalRNG(), ciphertext, priv.CiphertextLength(messageLen), plaintext) != DecodingResult(messageLen);
fail = fail || memcmp(message, plaintext, messageLen);
pass = pass && !fail;
@ -254,21 +273,21 @@ bool ValidateRSA()
RSASSA_PKCS1v15_MD2_Signer rsaPriv(keys);
RSASSA_PKCS1v15_MD2_Verifier rsaPub(rsaPriv);
rsaPriv.SignMessage(GlobalRNG(), (byte *)plain, strlen(plain), out);
unsigned int signatureLength = rsaPriv.SignMessage(GlobalRNG(), (byte *)plain, strlen(plain), out);
fail = memcmp(signature, out, 64) != 0;
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !rsaPub.VerifyMessage((byte *)plain, strlen(plain), out);
fail = !rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
out[10]++;
fail = rsaPub.VerifyMessage((byte *)plain, strlen(plain), out);
fail = rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
@ -305,7 +324,7 @@ bool ValidateRSA()
memset(out, 0, 50);
memset(outPlain, 0, 8);
rsaPub.Encrypt(rng, plain, 8, out);
DecodingResult result = rsaPriv.FixedLengthDecrypt(encrypted, outPlain);
DecodingResult result = rsaPriv.FixedLengthDecrypt(GlobalRNG(), encrypted, outPlain);
fail = !result.isValidCoding || (result.messageLength!=8) || memcmp(out, encrypted, 50) || memcmp(plain, outPlain, 8);
pass = pass && !fail;
@ -447,20 +466,20 @@ bool ValidateDSA(bool thorough)
cout << (fail ? "FAILED " : "passed ");
cout << "prime generation test\n";
priv.GetDigestSignatureScheme().RawSign(k, h, rOut, sOut);
priv.RawSign(k, h, rOut, sOut);
fail = (rOut != r) || (sOut != s);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !pub.VerifyMessage((byte *)"abc", 3, sig);
fail = !pub.VerifyMessage((byte *)"abc", 3, sig, sizeof(sig));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
fail = pub.VerifyMessage((byte *)"xyz", 3, sig);
fail = pub.VerifyMessage((byte *)"xyz", 3, sig, sizeof(sig));
pass = pass && !fail;
}
FileSource fs1("dsa1024.dat", true, new HexDecoder());
@ -518,8 +537,8 @@ bool ValidateRabin()
{
FileSource f("rabi1024.dat", true, new HexDecoder);
RabinPSSR<SHA>::Signer priv(f);
RabinPSSR<SHA>::Verifier pub(priv);
RabinSS<PSSR, SHA>::Signer priv(f);
RabinSS<PSSR, SHA>::Verifier pub(priv);
pass = SignatureValidate(priv, pub) && pass;
}
{
@ -535,8 +554,8 @@ bool ValidateRW()
cout << "\nRW validation suite running...\n\n";
FileSource f("rw1024.dat", true, new HexDecoder);
RWSSA<SHA>::Signer priv(f);
RWSSA<SHA>::Verifier pub(priv);
RWSS<PSSR, SHA>::Signer priv(f);
RWSS<PSSR, SHA>::Verifier pub(priv);
return SignatureValidate(priv, pub);
}
@ -681,20 +700,20 @@ bool ValidateECDSA()
Integer rOut, sOut;
bool fail, pass=true;
priv.GetDigestSignatureScheme().RawSign(k, h, rOut, sOut);
priv.RawSign(k, h, rOut, sOut);
fail = (rOut != r) || (sOut != s);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !pub.VerifyMessage((byte *)"abc", 3, sig);
fail = !pub.VerifyMessage((byte *)"abc", 3, sig, sizeof(sig));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
fail = pub.VerifyMessage((byte *)"xyz", 3, sig);
fail = pub.VerifyMessage((byte *)"xyz", 3, sig, sizeof(sig));
pass = pass && !fail;
pass = SignatureValidate(priv, pub) && pass;
@ -723,7 +742,7 @@ bool ValidateESIGN()
fail = !SignatureValidate(signer, verifier);
pass = pass && !fail;
fail = !verifier.VerifyMessage((byte *)plain, strlen(plain), signature);
fail = !verifier.VerifyMessage((byte *)plain, strlen(plain), signature, verifier.SignatureLength());
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");

1
validate.h
View File

@ -7,6 +7,7 @@
bool ValidateAll(bool thorough);
bool TestSettings();
bool TestOS_RNG();
bool ValidateBaseCode();
bool ValidateCRC32();
bool ValidateAdler32();

139
wait.cpp
View File

@ -34,18 +34,154 @@ void WaitObjectContainer::Clear()
#ifdef USE_WINDOWS_STYLE_SOCKETS
struct WaitingThreadData
{
bool waitingToWait, terminate;
HANDLE startWaiting, stopWaiting;
const HANDLE *waitHandles;
unsigned int count;
HANDLE threadHandle;
DWORD threadId;
DWORD* error;
};
WaitObjectContainer::~WaitObjectContainer()
{
if (!m_threads.empty())
{
HANDLE threadHandles[MAXIMUM_WAIT_OBJECTS];
unsigned int i;
for (i=0; i<m_threads.size(); i++)
{
WaitingThreadData &thread = *m_threads[i];
while (!thread.waitingToWait) // spin until thread is in the initial "waiting to wait" state
Sleep(0);
thread.terminate = true;
threadHandles[i] = thread.threadHandle;
}
PulseEvent(m_startWaiting);
::WaitForMultipleObjects(m_threads.size(), threadHandles, TRUE, INFINITE);
for (i=0; i<m_threads.size(); i++)
CloseHandle(threadHandles[i]);
CloseHandle(m_startWaiting);
CloseHandle(m_stopWaiting);
}
}
void WaitObjectContainer::AddHandle(HANDLE handle)
{
m_handles.push_back(handle);
}
DWORD WINAPI WaitingThread(LPVOID lParam)
{
std::auto_ptr<WaitingThreadData> pThread((WaitingThreadData *)lParam);
WaitingThreadData &thread = *pThread;
std::vector<HANDLE> handles;
while (true)
{
thread.waitingToWait = true;
::WaitForSingleObject(thread.startWaiting, INFINITE);
thread.waitingToWait = false;
if (thread.terminate)
return S_OK;
if (!thread.count)
continue;
handles.resize(thread.count + 1);
handles[0] = thread.stopWaiting;
std::copy(thread.waitHandles, thread.waitHandles+thread.count, handles.begin()+1);
DWORD result = ::WaitForMultipleObjects(handles.size(), handles.begin(), FALSE, INFINITE);
if (result == WAIT_OBJECT_0)
continue; // another thread finished waiting first, so do nothing
SetEvent(thread.stopWaiting);
if (!(result > WAIT_OBJECT_0 && result < WAIT_OBJECT_0 + handles.size()))
{
assert(!"error in WaitingThread"); // break here so we can see which thread has an error
*thread.error = ::GetLastError();
}
}
}
void WaitObjectContainer::CreateThreads(unsigned int count)
{
unsigned int currentCount = m_threads.size();
if (currentCount == 0)
{
m_startWaiting = ::CreateEvent(NULL, TRUE, FALSE, NULL);
m_stopWaiting = ::CreateEvent(NULL, TRUE, FALSE, NULL);
}
if (currentCount < count)
{
m_threads.resize(count);
for (unsigned int i=currentCount; i<count; i++)
{
m_threads[i] = new WaitingThreadData;
WaitingThreadData &thread = *m_threads[i];
thread.terminate = false;
thread.startWaiting = m_startWaiting;
thread.stopWaiting = m_stopWaiting;
thread.waitingToWait = false;
thread.threadHandle = CreateThread(NULL, 0, &WaitingThread, &thread, 0, &thread.threadId);
}
}
}
bool WaitObjectContainer::Wait(unsigned long milliseconds)
{
if (m_noWait || m_handles.empty())
return true;
DWORD result = ::WaitForMultipleObjects(m_handles.size(), &m_handles[0], FALSE, milliseconds);
if (m_handles.size() > MAXIMUM_WAIT_OBJECTS)
{
// too many wait objects for a single WaitForMultipleObjects call, so use multiple threads
static const unsigned int WAIT_OBJECTS_PER_THREAD = MAXIMUM_WAIT_OBJECTS-1;
unsigned int nThreads = (m_handles.size() + WAIT_OBJECTS_PER_THREAD - 1) / WAIT_OBJECTS_PER_THREAD;
if (nThreads > MAXIMUM_WAIT_OBJECTS) // still too many wait objects, maybe implement recursive threading later?
throw Err("WaitObjectContainer: number of wait objects exceeds limit");
CreateThreads(nThreads);
DWORD error = S_OK;
for (unsigned int i=0; i<m_threads.size(); i++)
{
WaitingThreadData &thread = *m_threads[i];
while (!thread.waitingToWait) // spin until thread is in the initial "waiting to wait" state
Sleep(0);
if (i<nThreads)
{
thread.waitHandles = m_handles.begin() + i*WAIT_OBJECTS_PER_THREAD;
thread.count = STDMIN(WAIT_OBJECTS_PER_THREAD, m_handles.size() - i*WAIT_OBJECTS_PER_THREAD);
thread.error = &error;
}
else
thread.count = 0;
}
ResetEvent(m_stopWaiting);
PulseEvent(m_startWaiting);
DWORD result = ::WaitForSingleObject(m_stopWaiting, milliseconds);
if (result == WAIT_OBJECT_0)
{
if (error == S_OK)
return true;
else
throw Err("WaitObjectContainer: WaitForMultipleObjects failed with error " + IntToString(error));
}
SetEvent(m_stopWaiting);
if (result == WAIT_TIMEOUT)
return false;
else
throw Err("WaitObjectContainer: WaitForSingleObject failed with error " + IntToString(::GetLastError()));
}
else
{
DWORD result = ::WaitForMultipleObjects(m_handles.size(), &m_handles[0], FALSE, milliseconds);
if (result >= WAIT_OBJECT_0 && result < WAIT_OBJECT_0 + m_handles.size())
return true;
else if (result == WAIT_TIMEOUT)
@ -53,6 +189,7 @@ bool WaitObjectContainer::Wait(unsigned long milliseconds)
else
throw Err("WaitObjectContainer: WaitForMultipleObjects failed with error " + IntToString(::GetLastError()));
}
}
#else

7
wait.h
View File

@ -16,6 +16,8 @@
NAMESPACE_BEGIN(CryptoPP)
struct WaitingThreadData;
//! container of wait objects
class WaitObjectContainer
{
@ -34,6 +36,7 @@ public:
bool Wait(unsigned long milliseconds);
#ifdef USE_WINDOWS_STYLE_SOCKETS
~WaitObjectContainer();
void AddHandle(HANDLE handle);
#else
void AddReadFd(int fd);
@ -42,7 +45,11 @@ public:
private:
#ifdef USE_WINDOWS_STYLE_SOCKETS
void CreateThreads(unsigned int count);
std::vector<HANDLE> m_handles;
std::vector<WaitingThreadData *> m_threads;
HANDLE m_startWaiting;
HANDLE m_stopWaiting;
#else
fd_set m_readfds, m_writefds;
int m_maxFd;