void DL_GroupParameters_DSA::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
Integer p, q, g;
if (alg.GetValue("Modulus", p) && alg.GetValue("SubgroupGenerator", g))
{
q = alg.GetValueWithDefault("SubgroupOrder", ComputeGroupOrder(p)/2);
Initialize(p, q, g);
}
else
{
int modulusSize = 1024, defaultSubgroupOrderSize;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
switch (modulusSize)
{
case 1024:
defaultSubgroupOrderSize = 160;
break;
case 2048:
defaultSubgroupOrderSize = 224;
break;
case 3072:
defaultSubgroupOrderSize = 256;
break;
default:
throw InvalidArgument("DSA: not a valid prime length");
}
DL_GroupParameters_GFP::GenerateRandom(rng, CombinedNameValuePairs(alg, MakeParameters(Name::SubgroupOrderSize(), defaultSubgroupOrderSize, false)));
}
}
void DL_GroupParameters_DSA::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
Integer p, q, g;
if (alg.GetValue("Modulus", p) && alg.GetValue("SubgroupGenerator", g))
{
q = alg.GetValueWithDefault("SubgroupOrder", ComputeGroupOrder(p)/2);
}
else
{
int modulusSize = 1024;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
if (!DSA::IsValidPrimeLength(modulusSize))
throw InvalidArgument("DSA: not a valid prime length");
SecByteBlock seed(SHA::DIGESTSIZE);
Integer h;
int c;
do
{
rng.GenerateBlock(seed, SHA::DIGESTSIZE);
} while (!DSA::GeneratePrimes(seed, SHA::DIGESTSIZE*8, c, p, modulusSize, q));
do
{
h.Randomize(rng, 2, p-2);
g = a_exp_b_mod_c(h, (p-1)/q, p);
} while (g <= 1);
}
Initialize(p, q, g);
}
void InvertibleRSAFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
ASSERT( modulusSize >= 16 );
m_e = alg.GetValueWithDefault("PublicExponent", Integer(17));
ASSERT( m_e >= 3 );
ASSERT( !m_e.IsEven() );
RSAPrimeSelector selector(m_e);
const NameValuePairs &primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
("PointerToPrimeSelector", selector.GetSelectorPointer());
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
m_d = EuclideanMultiplicativeInverse(m_e, LCM(m_p-1, m_q-1));
assert(m_d.IsPositive());
m_dp = m_d % (m_p-1);
m_dq = m_d % (m_q-1);
m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p);
}
// generate a random private key
void InvertibleRWFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
if (modulusSize < 16)
throw InvalidArgument("InvertibleRWFunction: specified modulus length is too small");
AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize);
m_p.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("EquivalentTo", 3)("Mod", 8)));
m_q.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("EquivalentTo", 7)("Mod", 8)));
m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p);
}
void RawIDA::IsolatedInitialize(const NameValuePairs ¶meters)
{
if (!parameters.GetIntValue("RecoveryThreshold", m_threshold))
throw InvalidArgument("RawIDA: missing RecoveryThreshold argument");
CRYPTOPP_ASSERT(m_threshold > 0);
if (m_threshold <= 0)
throw InvalidArgument("RawIDA: RecoveryThreshold must be greater than 0");
m_lastMapPosition = m_inputChannelMap.end();
m_channelsReady = 0;
m_channelsFinished = 0;
m_w.New(m_threshold);
m_y.New(m_threshold);
m_inputQueues.reserve(m_threshold);
m_outputChannelIds.clear();
m_outputChannelIdStrings.clear();
m_outputQueues.clear();
word32 outputChannelID;
if (parameters.GetValue("OutputChannelID", outputChannelID))
AddOutputChannel(outputChannelID);
else
{
int nShares = parameters.GetIntValueWithDefault("NumberOfShares", m_threshold);
CRYPTOPP_ASSERT(nShares > 0);
if (nShares <= 0) {nShares = m_threshold;}
for (unsigned int i=0; i< (unsigned int)(nShares); i++)
AddOutputChannel(i);
}
}
void InvertibleESIGNFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs ¶m)
{
int modulusSize = 1023*2;
param.GetIntValue("ModulusSize", modulusSize) || param.GetIntValue("KeySize", modulusSize);
if (modulusSize < 24)
throw InvalidArgument("InvertibleESIGNFunction: specified modulus size is too small");
if (modulusSize % 3 != 0)
throw InvalidArgument("InvertibleESIGNFunction: modulus size must be divisible by 3");
m_e = param.GetValueWithDefault("PublicExponent", Integer(32));
if (m_e < 8)
throw InvalidArgument("InvertibleESIGNFunction: public exponents less than 8 may not be secure");
// VC70 workaround: putting these after primeParam causes overlapped stack allocation
ConstByteArrayParameter seedParam;
SecByteBlock seed;
const Integer minP = Integer(204) << (modulusSize/3-8);
const Integer maxP = Integer::Power2(modulusSize/3)-1;
AlgorithmParameters primeParam = MakeParameters("Min", minP)("Max", maxP)("RandomNumberType", Integer::PRIME);
if (param.GetValue("Seed", seedParam))
{
seed.resize(seedParam.size() + 4);
memcpy(seed + 4, seedParam.begin(), seedParam.size());
PutWord(false, BIG_ENDIAN_ORDER, seed, (word32)0);
m_p.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("Seed", ConstByteArrayParameter(seed))));
PutWord(false, BIG_ENDIAN_ORDER, seed, (word32)1);
m_q.GenerateRandom(rng, CombinedNameValuePairs(primeParam, MakeParameters("Seed", ConstByteArrayParameter(seed))));
}
else
{
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
}
m_n = m_p * m_p * m_q;
CRYPTOPP_ASSERT(m_n.BitCount() == (unsigned int)modulusSize);
}
void InvertibleRSAFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue(Name::ModulusSize(), modulusSize) || alg.GetIntValue(Name::KeySize(), modulusSize);
assert(modulusSize >= 16);
if (modulusSize < 16)
throw InvalidArgument("InvertibleRSAFunction: specified modulus size is too small");
m_e = alg.GetValueWithDefault(Name::PublicExponent(), Integer(17));
assert(m_e >= 3); assert(!m_e.IsEven());
if (m_e < 3 || m_e.IsEven())
throw InvalidArgument("InvertibleRSAFunction: invalid public exponent");
RSAPrimeSelector selector(m_e);
AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
(Name::PointerToPrimeSelector(), selector.GetSelectorPointer());
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
m_d = m_e.InverseMod(LCM(m_p-1, m_q-1));
assert(m_d.IsPositive());
m_dp = m_d % (m_p-1);
m_dq = m_d % (m_q-1);
m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p);
if (FIPS_140_2_ComplianceEnabled())
{
RSASS<PKCS1v15, SHA>::Signer signer(*this);
RSASS<PKCS1v15, SHA>::Verifier verifier(signer);
SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
RSAES<OAEP<SHA> >::Decryptor decryptor(*this);
RSAES<OAEP<SHA> >::Encryptor encryptor(decryptor);
EncryptionPairwiseConsistencyTest_FIPS_140_Only(encryptor, decryptor);
}
}
// generate a random private key
void InvertibleRabinFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
if (modulusSize < 16)
throw InvalidArgument("InvertibleRabinFunction: specified modulus size is too small");
// VC70 workaround: putting these after primeParam causes overlapped stack allocation
bool rFound=false, sFound=false;
Integer t=2;
const NameValuePairs &primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
("EquivalentTo", 3)("Mod", 4);
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
while (!(rFound && sFound))
{
int jp = Jacobi(t, m_p);
int jq = Jacobi(t, m_q);
if (!rFound && jp==1 && jq==-1)
{
m_r = t;
rFound = true;
}
if (!sFound && jp==-1 && jq==1)
{
m_s = t;
sFound = true;
}
++t;
}
m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p);
}
void InvertibleLUCFunction::GenerateRandom(RandomNumberGenerator &rng, const NameValuePairs &alg)
{
int modulusSize = 2048;
alg.GetIntValue("ModulusSize", modulusSize) || alg.GetIntValue("KeySize", modulusSize);
if (modulusSize < 16)
throw InvalidArgument("InvertibleLUCFunction: specified modulus size is too small");
m_e = alg.GetValueWithDefault("PublicExponent", Integer(17));
if (m_e < 5 || m_e.IsEven())
throw InvalidArgument("InvertibleLUCFunction: invalid public exponent");
LUCPrimeSelector selector(m_e);
AlgorithmParameters primeParam = MakeParametersForTwoPrimesOfEqualSize(modulusSize)
("PointerToPrimeSelector", selector.GetSelectorPointer());
m_p.GenerateRandom(rng, primeParam);
m_q.GenerateRandom(rng, primeParam);
m_n = m_p * m_q;
m_u = m_q.InverseMod(m_p);
}