Merge 'master' into 'ecies'
Jeffrey Walton
commit
a2aa340337
|
|
@ -113,7 +113,7 @@ endif # Dead code stripping
|
|||
# List cryptlib.cpp first and cpu.cpp second in an attempt to tame C++ static initialization problems.
|
||||
# The issue spills into POD data types of cpu.cpp due to the storage class of the bools, so cpu.cpp
|
||||
# is the second candidate for explicit initialization order.
|
||||
SRCS := cryptlib.cpp cpu.cpp $(filter-out cryptlib.cpp cpu.cpp pch.cpp simple.cpp winpipes.cpp cryptlib_bds.cpp,$(wildcard *.cpp))
|
||||
SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integer.cpp pch.cpp simple.cpp winpipes.cpp cryptlib_bds.cpp,$(wildcard *.cpp))
|
||||
OBJS := $(SRCS:.cpp=.o)
|
||||
|
||||
# test.o needs to be after bench.o for cygwin 1.1.4 (possible ld bug?)
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ Square, TEA, \ref ThreeWay "3-Way", Twofish, XTEA
|
|||
<dt>Stream Ciphers<dd>
|
||||
ChaCha8, ChaCha12, ChaCha20, \ref Panama "Panama-LE", \ref Panama "Panama-BE", Salsa20, \ref SEAL "SEAL-LE", \ref SEAL "SEAL-BE", WAKE, XSalsa20
|
||||
<dt>Hash Functions<dd>
|
||||
BLAKE2s, BLAKE2b, SHA1, SHA224, SHA256, SHA384, SHA512, \ref SHA3 "SHA-3", Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, Weak::MD2, Weak::MD4, Weak::MD5
|
||||
BLAKE2s, BLAKE2b, \ref Keccak "Keccak (F1600)", SHA1, SHA224, SHA256, SHA384, SHA512, \ref SHA3 "SHA-3", Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, Weak::MD2, Weak::MD4, Weak::MD5
|
||||
<dt>Non-Cryptographic Checksums<dd>
|
||||
CRC32, Adler32
|
||||
<dt>Message Authentication Codes<dd>
|
||||
|
|
@ -32,7 +32,7 @@ Square, TEA, \ref ThreeWay "3-Way", Twofish, XTEA
|
|||
<dt>Public Key Signature Schemes<dd>
|
||||
DSA2, GDSA, ECDSA, NR, ECNR, LUCSS, RSASS, RSASS_ISO, RabinSS, RWSS, ESIGN
|
||||
<dt>Key Agreement<dd>
|
||||
DH, DH2, MQV, ECDH, ECMQV, XTR_DH
|
||||
DH, DH2, \ref MQV_Domain "MQV", \ref HMQV_Domain "HMQV", \ref FHMQV_Domain "FHMQV", ECDH, ECMQV, ECHMQV, ECFHMQV, XTR_DH
|
||||
<dt>Algebraic Structures<dd>
|
||||
Integer, PolynomialMod2, PolynomialOver, RingOfPolynomialsOver,
|
||||
ModularArithmetic, MontgomeryRepresentation, GFP2_ONB, GF2NP, GF256, GF2_32, EC2N, ECP
|
||||
|
|
|
|||
2
fhmqv.h
2
fhmqv.h
|
|
@ -17,6 +17,7 @@ NAMESPACE_BEGIN(CryptoPP)
|
|||
//! \details This implementation follows Augustin P. Sarr and Philippe Elbaz–Vincent, and Jean–Claude Bajard's
|
||||
//! <a href="http://eprint.iacr.org/2009/408">A Secure and Efficient Authenticated Diffie-Hellman Protocol</a>.
|
||||
//! Note: this is FHMQV, Protocol 5, from page 11; and not FHMQV-C.
|
||||
//! \sa MQV, HMQV, FHMQV, and AuthenticatedKeyAgreementDomain
|
||||
template <class GROUP_PARAMETERS, class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption, class HASH = SHA512>
|
||||
class FHMQV_Domain : public AuthenticatedKeyAgreementDomain
|
||||
{
|
||||
|
|
@ -292,6 +293,7 @@ private:
|
|||
//! \details This implementation follows Augustin P. Sarr and Philippe Elbaz–Vincent, and Jean–Claude Bajard's
|
||||
//! <a href="http://eprint.iacr.org/2009/408">A Secure and Efficient Authenticated Diffie-Hellman Protocol</a>.
|
||||
//! Note: this is FHMQV, Protocol 5, from page 11; and not FHMQV-C.
|
||||
//! \sa FHMQV, MQV_Domain, HMQV_Domain, AuthenticatedKeyAgreementDomain
|
||||
typedef FHMQV_Domain<DL_GroupParameters_GFP_DefaultSafePrime> FHMQV;
|
||||
|
||||
NAMESPACE_END
|
||||
|
|
|
|||
13
hkdf.h
13
hkdf.h
|
|
@ -1,5 +1,8 @@
|
|||
// hkdf.h - written and placed in public domain by Jeffrey Walton. Copyright assigned to Crypto++ project.
|
||||
|
||||
//! \file hkdf.h
|
||||
//! \brief Classes for HKDF from RFC 5869
|
||||
|
||||
#ifndef CRYPTOPP_HASH_KEY_DERIVATION_FUNCTION_H
|
||||
#define CRYPTOPP_HASH_KEY_DERIVATION_FUNCTION_H
|
||||
|
||||
|
|
@ -23,8 +26,10 @@ public:
|
|||
virtual ~KeyDerivationFunction() {}
|
||||
};
|
||||
|
||||
//! General, multipurpose KDF from RFC 5869. T should be a HashTransformation class
|
||||
//! https://eprint.iacr.org/2010/264 and https://tools.ietf.org/html/rfc5869
|
||||
//! \brief Extract-and-Expand Key Derivation Function (HKDF)
|
||||
//! \tparam T HashTransformation class
|
||||
//! \sa <A HREF="http://eprint.iacr.org/2010/264">Cryptographic Extraction and Key Derivation: The HKDF Scheme</A>
|
||||
//! and <A HREF="http://tools.ietf.org/html/rfc5869">HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</A>
|
||||
template <class T>
|
||||
class HKDF : public KeyDerivationFunction
|
||||
{
|
||||
|
|
@ -38,7 +43,7 @@ public:
|
|||
size_t MaxDerivedKeyLength() const {return static_cast<size_t>(T::DIGESTSIZE) * 255;}
|
||||
bool Usesinfo() const {return true;}
|
||||
unsigned int DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const byte *salt, size_t saltLen, const byte* info, size_t infoLen) const;
|
||||
|
||||
|
||||
protected:
|
||||
// If salt is missing (NULL), then use the NULL vector. Missing is different than EMPTY (0 length). The length
|
||||
// of s_NullVector used depends on the Hash function. SHA-256 will use 32 bytes of s_NullVector.
|
||||
|
|
@ -54,7 +59,7 @@ unsigned int HKDF<T>::DeriveKey(byte *derived, size_t derivedLen, const byte *se
|
|||
{
|
||||
static const size_t DIGEST_SIZE = static_cast<size_t>(T::DIGESTSIZE);
|
||||
const unsigned int req = static_cast<unsigned int>(derivedLen);
|
||||
|
||||
|
||||
assert(secret && secretLen);
|
||||
assert(derived && derivedLen);
|
||||
assert(derivedLen <= MaxDerivedKeyLength());
|
||||
|
|
|
|||
2
hmqv.h
2
hmqv.h
|
|
@ -16,6 +16,7 @@ NAMESPACE_BEGIN(CryptoPP)
|
|||
//! \brief Hashed Menezes-Qu-Vanstone in GF(p)
|
||||
//! \details This implementation follows Hugo Krawczyk's <a href="http://eprint.iacr.org/2005/176">HMQV: A High-Performance
|
||||
//! Secure Diffie-Hellman Protocol</a>. Note: this implements HMQV only. HMQV-C with Key Confirmation is not provided.
|
||||
//! \sa MQV, HMQV, FHMQV, and AuthenticatedKeyAgreementDomain
|
||||
template <class GROUP_PARAMETERS, class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption, class HASH = SHA512>
|
||||
class HMQV_Domain: public AuthenticatedKeyAgreementDomain
|
||||
{
|
||||
|
|
@ -300,6 +301,7 @@ private:
|
|||
//! \brief Hashed Menezes-Qu-Vanstone in GF(p)
|
||||
//! \details This implementation follows Hugo Krawczyk's <a href="http://eprint.iacr.org/2005/176">HMQV: A High-Performance
|
||||
//! Secure Diffie-Hellman Protocol</a>. Note: this implements HMQV only. HMQV-C with Key Confirmation is not provided.
|
||||
//! \sa HMQV, MQV_Domain, FHMQV_Domain, AuthenticatedKeyAgreementDomain
|
||||
typedef HMQV_Domain<DL_GroupParameters_GFP_DefaultSafePrime> HMQV;
|
||||
|
||||
NAMESPACE_END
|
||||
|
|
|
|||
2
mqv.h
2
mqv.h
|
|
@ -22,6 +22,7 @@ NAMESPACE_BEGIN(CryptoPP)
|
|||
//! \details GROUP_PARAMETERS paramters include the curve coefcients and the base point.
|
||||
//! Binary curves use a polynomial to represent its characteristic, while prime curves
|
||||
//! use a prime number.
|
||||
//! \sa MQV, HMQV, FHMQV, and AuthenticatedKeyAgreementDomain
|
||||
template <class GROUP_PARAMETERS, class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption>
|
||||
class MQV_Domain : public AuthenticatedKeyAgreementDomain
|
||||
{
|
||||
|
|
@ -212,6 +213,7 @@ private:
|
|||
};
|
||||
|
||||
//! Menezes-Qu-Vanstone in GF(p) with key validation, AKA <a href="http://www.weidai.com/scan-mirror/ka.html#MQV">MQV</a>
|
||||
//! \sa MQV, HMQV_Domain, FHMQV_Domain, AuthenticatedKeyAgreementDomain
|
||||
typedef MQV_Domain<DL_GroupParameters_GFP_DefaultSafePrime> MQV;
|
||||
|
||||
NAMESPACE_END
|
||||
|
|
|
|||
Loading…
Reference in New Issue