Security Scol plugin
|
Ed25519 private key. More...
#include <xed25519.h>
Public Member Functions | |
CRYPTOPP_CONSTANT (SECRET_KEYLENGTH=32) | |
Size of the private key. | |
CRYPTOPP_CONSTANT (PUBLIC_KEYLENGTH=32) | |
Size of the public key. | |
CRYPTOPP_CONSTANT (SIGNATURE_LENGTH=64) | |
Size of the signature. | |
bool | Validate (RandomNumberGenerator &rng, unsigned int level) const |
Check this object for errors. | |
bool | GetVoidValue (const char *name, const std::type_info &valueType, void *pValue) const |
Get a named value. | |
void | AssignFrom (const NameValuePairs &source) |
Assign values to this object. | |
OID | GetAlgorithmID () const |
Retrieves the OID of the algorithm. | |
void | Save (BufferedTransformation &bt) const |
DER encode ASN.1 object. | |
void | Save (BufferedTransformation &bt, bool v1) const |
DER encode ASN.1 object. | |
void | Load (BufferedTransformation &bt) |
BER decode ASN.1 object. | |
void | MakePublicKey (PublicKey &pub) const |
Initializes a public key from this key. | |
void | BERDecode (BufferedTransformation &bt) |
Decode this object from a BufferedTransformation. | |
void | DEREncode (BufferedTransformation &bt) const |
Encode this object into a BufferedTransformation. | |
void | BERDecodePrivateKey (BufferedTransformation &bt, bool parametersPresent, size_t size) |
Decode privateKey part of privateKeyInfo. | |
void | DEREncodePrivateKey (BufferedTransformation &bt) const |
Encode privateKey part of privateKeyInfo. | |
void | DEREncode (BufferedTransformation &bt, int version) const |
DER encode ASN.1 object. | |
void | BERDecodeAndCheckAlgorithmID (BufferedTransformation &bt) |
Determine if OID is valid for this object. | |
void | GenerateRandom (RandomNumberGenerator &rng, const NameValuePairs ¶ms) |
Generate a random key or crypto parameters. | |
void | SetPrivateExponent (const byte x[SECRET_KEYLENGTH]) |
void | SetPrivateExponent (const Integer &x) |
const Integer & | GetPrivateExponent () const |
bool | IsSmallOrder (const byte y[PUBLIC_KEYLENGTH]) const |
Test if a key has small order. | |
const byte * | GetPrivateKeyBytePtr () const |
Retrieve private key byte array. | |
const byte * | GetPublicKeyBytePtr () const |
Retrieve public key byte array. | |
Public Member Functions inherited from PKCS8PrivateKey | |
void | BERDecode (BufferedTransformation &bt) |
Decode this object from a BufferedTransformation. | |
void | DEREncode (BufferedTransformation &bt) const |
Encode this object into a BufferedTransformation. | |
virtual bool | BERDecodeAlgorithmParameters (BufferedTransformation &bt) |
Decode optional parameters. | |
virtual bool | DEREncodeAlgorithmParameters (BufferedTransformation &bt) const |
Encode optional parameters. | |
virtual void | BERDecodeOptionalAttributes (BufferedTransformation &bt) |
Decode optional attributes. | |
virtual void | DEREncodeOptionalAttributes (BufferedTransformation &bt) const |
Encode optional attributes. | |
Public Member Functions inherited from ASN1Object | |
virtual void | BEREncode (BufferedTransformation &bt) const |
Encode this object into a BufferedTransformation. | |
Public Member Functions inherited from GeneratableCryptoMaterial | |
void | GenerateRandomWithKeySize (RandomNumberGenerator &rng, unsigned int keySize) |
Generate a random key or crypto parameters. | |
Public Member Functions inherited from CryptoMaterial | |
virtual void | ThrowIfInvalid (RandomNumberGenerator &rng, unsigned int level) const |
Check this object for errors. | |
virtual bool | SupportsPrecomputation () const |
Determines whether the object supports precomputation. | |
virtual void | Precompute (unsigned int precomputationStorage) |
Perform precomputation. | |
virtual void | LoadPrecomputation (BufferedTransformation &storedPrecomputation) |
Retrieve previously saved precomputation. | |
virtual void | SavePrecomputation (BufferedTransformation &storedPrecomputation) const |
Save precomputation for later use. | |
void | DoQuickSanityCheck () const |
Perform a quick sanity check. | |
Public Member Functions inherited from NameValuePairs | |
template<class T > | |
bool | GetThisObject (T &object) const |
Get a copy of this object or subobject. | |
template<class T > | |
bool | GetThisPointer (T *&ptr) const |
Get a pointer to this object. | |
template<class T > | |
bool | GetValue (const char *name, T &value) const |
Get a named value. | |
template<class T > | |
T | GetValueWithDefault (const char *name, T defaultValue) const |
Get a named value. | |
CRYPTOPP_DLL std::string | GetValueNames () const |
Get a list of value names that can be retrieved. | |
CRYPTOPP_DLL bool | GetIntValue (const char *name, int &value) const |
Get a named value with type int. | |
CRYPTOPP_DLL int | GetIntValueWithDefault (const char *name, int defaultValue) const |
Get a named value with type int, with default. | |
CRYPTOPP_DLL bool | GetWord64Value (const char *name, word64 &value) const |
Get a named value with type word64. | |
CRYPTOPP_DLL word64 | GetWord64ValueWithDefault (const char *name, word64 defaultValue) const |
Get a named value with type word64, with default. | |
template<class T > | |
void | GetRequiredParameter (const char *className, const char *name, T &value) const |
Retrieves a required name/value pair. | |
CRYPTOPP_DLL void | GetRequiredIntParameter (const char *className, const char *name, int &value) const |
Retrieves a required name/value pair. | |
Protected Member Functions | |
void | SecretToPublicKey (byte y[PUBLIC_KEYLENGTH], const byte x[SECRET_KEYLENGTH]) const |
Protected Attributes | |
FixedSizeSecBlock< byte, SECRET_KEYLENGTH > | m_sk |
FixedSizeSecBlock< byte, PUBLIC_KEYLENGTH > | m_pk |
OID | m_oid |
Integer | m_x |
Protected Attributes inherited from PKCS8PrivateKey | |
ByteQueue | m_optionalAttributes |
Additional Inherited Members | |
Static Public Member Functions inherited from NameValuePairs | |
static CRYPTOPP_DLL void CRYPTOPP_API | ThrowIfTypeMismatch (const char *name, const std::type_info &stored, const std::type_info &retrieving) |
Ensures an expected name and type is present. | |
Ed25519 private key.
ed25519PrivateKey is somewhat of a hack. It needed to provide DL_PrivateKey interface to fit into the existing framework, but it lacks a lot of the internals of a true DL_PrivateKey. The missing pieces include GroupParameters and Point, which provide the low level field operations found in traditional implementations like NIST curves over prime and binary fields.
ed25519PrivateKey is also unusual because the class members of interest are byte arrays and not Integers. In addition, the byte arrays are little-endian meaning LSB is at element 0 and the MSB is at element 31. If you call GetPrivateExponent() then the little-endian byte array is converted to a big-endian Integer() so it can be returned the way a caller expects. And calling SetPrivateExponent performs a similar internal conversion.
Definition at line 355 of file xed25519.h.
|
inlinevirtual |
Definition at line 369 of file xed25519.h.
|
virtual |
Assign values to this object.
This function can be used to create a public key from a private key.
Implements CryptoMaterial.
Definition at line 439 of file xed25519.cpp.
|
virtual |
Decode this object from a BufferedTransformation.
bt | BufferedTransformation object |
Uses Basic Encoding Rules (BER)
Implements ASN1Object.
Definition at line 499 of file xed25519.cpp.
void ed25519PrivateKey::BERDecodeAndCheckAlgorithmID | ( | BufferedTransformation & | bt | ) |
Determine if OID is valid for this object.
BERDecodeAndCheckAlgorithmID() parses the OID from bt
and determines if it valid for this object. The problem in practice is there are multiple OIDs available to denote curve25519 operations. The OIDs include an old GNU OID used by SSH, OIDs specified in draft-josefsson-pkix-newcurves, and OIDs specified in draft-ietf-curdle-pkix.
By default BERDecodeAndCheckAlgorithmID() accepts an OID set by the user, ASN1::curve25519()
and ASN1::Ed25519()
. ASN1::curve25519()
is generic and says "this key is valid for
curve25519 operations". ASN1::Ed25519()
is specific and says "this key is valid for ed25519 signing."
Definition at line 484 of file xed25519.cpp.
|
virtual |
Decode privateKey part of privateKeyInfo.
bt | BufferedTransformation object |
parametersPresent | flag indicating if algorithm parameters are present |
size | number of octets to read for the parameters, in bytes |
BERDecodePrivateKey() the decodes privateKey part of privateKeyInfo, without the OCTET STRING header.
When parametersPresent = true
then BERDecodePrivateKey() calls BERDecodeAlgorithmParameters() to parse algorithm parameters.
Implements PKCS8PrivateKey.
Definition at line 570 of file xed25519.cpp.
ed25519PrivateKey::CRYPTOPP_CONSTANT | ( | PUBLIC_KEYLENGTH | = 32 | ) |
Size of the public key.
PUBLIC_KEYLENGTH is the size of the public key, in bytes.
ed25519PrivateKey::CRYPTOPP_CONSTANT | ( | SECRET_KEYLENGTH | = 32 | ) |
Size of the private key.
SECRET_KEYLENGTH is the size of the private key, in bytes.
ed25519PrivateKey::CRYPTOPP_CONSTANT | ( | SIGNATURE_LENGTH | = 64 | ) |
Size of the signature.
SIGNATURE_LENGTH is the size of the signature, in bytes. ed25519 is a DL-based signature scheme. The signature is the concatenation of r || s
.
|
inlinevirtual |
Encode this object into a BufferedTransformation.
bt | BufferedTransformation object |
Uses Distinguished Encoding Rules (DER)
Implements ASN1Object.
Definition at line 429 of file xed25519.h.
void ed25519PrivateKey::DEREncode | ( | BufferedTransformation & | bt, |
int | version | ||
) | const |
DER encode ASN.1 object.
bt | BufferedTransformation object |
version | indicates version |
DEREncode() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-X25519
. The default private key format is RFC 5208.
The value of version is written as the INTEGER. INTEGER 0 means RFC 5208 format, which is the old format. The old format provides the best interop, and keys will work with OpenSSL. The INTEGER 1 means RFC 5958 format, which is the new format.
Definition at line 543 of file xed25519.cpp.
|
virtual |
Encode privateKey part of privateKeyInfo.
bt | BufferedTransformation object |
DEREncodePrivateKey() encodes the privateKey part of privateKeyInfo, without the OCTET STRING header.
Implements PKCS8PrivateKey.
Definition at line 591 of file xed25519.cpp.
|
virtual |
Generate a random key or crypto parameters.
rng | a RandomNumberGenerator to produce keying material |
params | additional initialization parameters |
KeyingErr | if a key can't be generated or algorithm parameters are invalid |
If a derived class does not override GenerateRandom(), then the base class throws NotImplemented.
Reimplemented from GeneratableCryptoMaterial.
Definition at line 466 of file xed25519.cpp.
|
inlinevirtual |
Retrieves the OID of the algorithm.
Implements PKCS8PrivateKey.
Definition at line 377 of file xed25519.h.
const Integer & ed25519PrivateKey::GetPrivateExponent | ( | ) | const |
Definition at line 618 of file xed25519.cpp.
|
inline |
Retrieve private key byte array.
GetPrivateKeyBytePtr() is used by signing code to call ed25519_sign.
Definition at line 474 of file xed25519.h.
|
inline |
Retrieve public key byte array.
GetPublicKeyBytePtr() is used by signing code to call ed25519_sign.
Definition at line 481 of file xed25519.h.
|
virtual |
Get a named value.
name | the name of the object or value to retrieve |
valueType | reference to a variable that receives the value |
pValue | void pointer to a variable that receives the value |
GetVoidValue() retrieves the value of name if it exists.
Implements NameValuePairs.
Definition at line 410 of file xed25519.cpp.
bool ed25519PrivateKey::IsSmallOrder | ( | const byte | y[PUBLIC_KEYLENGTH] | ) | const |
|
inlinevirtual |
BER decode ASN.1 object.
bt | BufferedTransformation object |
Reimplemented from ASN1CryptoMaterial< PrivateKey >.
Definition at line 419 of file xed25519.h.
void ed25519PrivateKey::MakePublicKey | ( | PublicKey & | pub | ) | const |
Initializes a public key from this key.
pub | reference to a public key |
Definition at line 477 of file xed25519.cpp.
|
inlinevirtual |
DER encode ASN.1 object.
bt | BufferedTransformation object |
Save() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-Ed25519
. The default private key format is RFC 5208, which is the old format. The old format provides the best interop, and keys will work with OpenSSL.
Reimplemented from ASN1CryptoMaterial< PrivateKey >.
Definition at line 392 of file xed25519.h.
|
inline |
DER encode ASN.1 object.
bt | BufferedTransformation object |
v1 | flag indicating v1 |
Save() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-Ed25519
. The default private key format is RFC 5208.
v1 means INTEGER 0 is written. INTEGER 0 means RFC 5208 format, which is the old format. The old format provides the best interop, and keys will work with OpenSSL. The other option uses INTEGER 1. INTEGER 1 means RFC 5958 format, which is the new format.
Definition at line 411 of file xed25519.h.
|
protected |
Definition at line 379 of file xed25519.cpp.
void ed25519PrivateKey::SetPrivateExponent | ( | const byte | x[SECRET_KEYLENGTH] | ) |
Definition at line 599 of file xed25519.cpp.
void ed25519PrivateKey::SetPrivateExponent | ( | const Integer & | x | ) |
Definition at line 606 of file xed25519.cpp.
|
virtual |
Check this object for errors.
rng | a RandomNumberGenerator for objects which use randomized testing |
level | the level of thoroughness |
There are four levels of thoroughness:
Level 0 does not require a RandomNumberGenerator. A NullRNG() can be used for level 0. Level 1 may not check for weak keys and such. Levels 2 and 3 are recommended.
Implements CryptoMaterial.
Definition at line 390 of file xed25519.cpp.
|
protected |
Definition at line 492 of file xed25519.h.
|
protected |
Definition at line 491 of file xed25519.h.
|
protected |
Definition at line 490 of file xed25519.h.
|
mutableprotected |
Definition at line 493 of file xed25519.h.