Attachment #58714 for bug #60392




	Element g[3]={b, a};
	unsigned int i0=0, i1=1, i2=2;

	while (!Equal(g[i1], this->Zero()))
	{
		g[i2] = Mod(g[i0], g[i1]);
		unsigned int t = i0; i0 = i1; i1 = i2; i2 = t;

	return result = g[i0];
}

template <class T> const typename QuotientRing<T>::Element& QuotientRing<T>::MultiplicativeInverse(const Element &a) const
{
	Element g[3]={m_modulus, a};
#ifdef __BCPLUSPLUS__

	Element y;
	unsigned int i0=0, i1=1, i2=2;

	while (!Equal(g[i1], this->Zero()))
	{
		// y = g[i0] / g[i1];
		// g[i2] = g[i0] % g[i1];

{
	const unsigned expLen = STDMAX(e1.BitCount(), e2.BitCount());
	if (expLen==0)
		return this->Zero();

	const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));
	const unsigned tableSize = 1<<w;

		assert(expBegin->NotNegative());
		exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0));
		exponents[i].FindNextWindow();
		buckets[i].resize(1<<(exponents[i].windowSize-1), this->Zero());
	}

	unsigned int expBitPosition = 0;

Lines 48-54 Link Here

(-)crypto/eprecomp.cpp (-1 / +1 lines)
48	eb.push_back(BaseAndExponent<Element>(m_bases[i], e));	48	eb.push_back(BaseAndExponent<Element>(m_bases[i], e));
49	}	49	}
50		50
51	template <class T> ExponentiationPrecomputation<T>::Element ExponentiationPrecomputation<T>::Exponentiate(const Integer &exponent) const	51	template <class T> typename ExponentiationPrecomputation<T>::Element ExponentiationPrecomputation<T>::Exponentiate(const Integer &exponent) const
52	{	52	{
53	std::vector<BaseAndExponent<Element> > eb; // array of segments of the exponent and precalculated bases	53	std::vector<BaseAndExponent<Element> > eb; // array of segments of the exponent and precalculated bases
54	eb.reserve(m_bases.size());	54	eb.reserve(m_bases.size());





	void TruncatedFinal(byte *hash, unsigned int size)
	{
		assert(size <= this->DigestSize());

		PadLastBlock(BLOCKSIZE - 2*sizeof(HashWordType));
		CorrectEndianess(this->data, this->data, BLOCKSIZE - 2*sizeof(HashWordType));

		this->data[this->data.size-2] = HIGHFIRST ? this->countHi : this->countLo;
		this->data[this->data.size-1] = HIGHFIRST ? this->countLo : this->countHi;

		vTransform(this->data);
		CorrectEndianess(this->digest, this->digest, this->DigestSize());
		memcpy(hash, this->digest, size);

		this->Reinit();		// reinit for next use
	}

protected:

			vTransform(input);
		else
		{
			byteReverse(this->data.ptr, input, (unsigned int)BLOCKSIZE);
			vTransform(this->data);
		}
	}





{
public:
	MDC(const byte *userKey, unsigned int = 0)
		: key(this->KEYLENGTH/4)
	{
		T::CorrectEndianess(key, (word32 *)userKey, this->KEYLENGTH);
	}

	void ProcessBlock(byte *inoutBlock) const
	{
		T::CorrectEndianess((word32 *)inoutBlock, (word32 *)inoutBlock, this->BLOCKSIZE);
		T::Transform((word32 *)inoutBlock, key);
		T::CorrectEndianess((word32 *)inoutBlock, (word32 *)inoutBlock, this->BLOCKSIZE);
	}

	void ProcessBlock(const byte *inBlock, byte *outBlock) const
	{
		T::CorrectEndianess((word32 *)outBlock, (word32 *)inBlock, this->BLOCKSIZE);
		T::Transform((word32 *)outBlock, key);
		T::CorrectEndianess((word32 *)outBlock, (word32 *)outBlock, this->BLOCKSIZE);
	}

private:




template <class P, class F>
unsigned int DecryptorTemplate<P,F>::Decrypt(const byte *cipherText, byte *plainText)
{
	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
	this->f.CalculateInverse(Integer(cipherText, this->CipherTextLength())).Encode(paddedBlock, paddedBlock.size);
	return this->pad.Unpad(paddedBlock, this->PaddedBlockBitLength(), plainText);
}

template <class P, class F>

{
	assert(plainTextLength <= this->MaxPlainTextLength());

	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
	this->pad.Pad(rng, plainText, plainTextLength, paddedBlock, this->PaddedBlockBitLength());
	this->f.ApplyFunction(Integer(paddedBlock, paddedBlock.size)).Encode(cipherText, this->CipherTextLength());
}

template <class P, class F>

{
	assert(digestLength <= MaxDigestLength());

	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
	this->pad.Pad(rng, digest, digestLength, paddedBlock, this->PaddedBlockBitLength());
	this->f.CalculateInverse(Integer(paddedBlock, paddedBlock.size)).Encode(signature, DigestSignatureLength());
}

template <class P, class F>
bool DigestVerifierTemplate<P,F>::VerifyDigest(const byte *digest, unsigned int digestLen, const byte *signature) const
{
	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
	this->f.ApplyFunction(Integer(signature, DigestSignatureLength())).Encode(paddedBlock, paddedBlock.size);
	SecByteBlock recoveredDigest(MaxDigestLength());
	unsigned int recoveredDigestLen = this->pad.Unpad(paddedBlock, this->PaddedBlockBitLength(), recoveredDigest);
	return digestLen == recoveredDigestLen && memcmp(digest, recoveredDigest, digestLen) == 0;
}





	PublicKeyBaseTemplate(const F &f) : f(f) {}
	PublicKeyBaseTemplate(BufferedTransformation &bt) : f(bt) {}
    virtual ~PublicKeyBaseTemplate() {}
	void DEREncode(BufferedTransformation &bt) const {this->f.DEREncode(bt);}

	const F & GetTrapdoorFunction() const {return this->f;}

protected:
	// a hack to avoid having to write constructors for non-concrete derived classes

{
public:
	unsigned int MaxPlainTextLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}
	unsigned int CipherTextLength() const {return this->f.MaxImage().ByteCount();}

	P pad;

protected:
	CryptoSystemBaseTemplate() {}
	unsigned int PaddedBlockBitLength() const {return this->f.PreimageBound().BitCount()-1;}
};

//! .

{
public:
	unsigned int MaxDigestLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}
	unsigned int DigestSignatureLength() const {return this->f.MaxPreimage().ByteCount();}

	P pad;

protected:
	DigestSignatureSystemBaseTemplate() {}
	unsigned int PaddedBlockBitLength() const {return this->f.ImageBound().BitCount()-1;}
};

//! .

class SignatureSystemBaseTemplate : virtual public PK_SignatureSystem, virtual public S
{
public:
	unsigned int SignatureLength() const {return this->DigestSignatureLength();}
	HashModule * NewMessageAccumulator() const {return new H;}

protected:

void SignerTemplate<S,H>::Sign(RandomNumberGenerator &rng, HashModule *messageAccumulator, byte *signature) const
{
	std::auto_ptr<HashModule> ma(messageAccumulator);
	if (ma->DigestSize() > this->MaxDigestLength())
		throw KeyTooShort();
	SecByteBlock digest(ma->DigestSize());
	ma->Final(digest);
	this->SignDigest(rng, digest, digest.size, signature);
}

template <class S, class H>

	std::auto_ptr<HashModule> ma(messageAccumulator);
	SecByteBlock digest(ma->DigestSize());
	ma->Final(digest);
	return this->VerifyDigest(digest, digest.size, sig);
}

// ********************************************************

class SignatureSystemWithRecoveryBaseTemplate : virtual public PK_SignatureSystemWithRecovery, virtual public PublicKeyBaseTemplate<F>
{
public:
	unsigned int SignatureLength() const {return this->f.MaxPreimage().ByteCount();}
	HashModule * NewMessageAccumulator() const {return new H(PaddedBlockBitLength());}
	unsigned int MaximumRecoverableLength() const {return H::MaximumRecoverableLength(PaddedBlockBitLength());}
	bool AllowLeftoverMessage() const {return H::AllowLeftoverMessage();}

protected:
	unsigned int PaddedBlockBitLength() const {return this->f.ImageBound().BitCount()-1;}
};

//! .

	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));
	if (ma->MaximumRecoverableLength() == 0)
		throw KeyTooShort();
	SecByteBlock representative(this->PaddedBlockByteLength());
	ma->Encode(rng, representative);
	this->f.CalculateInverse(Integer(representative, representative.size)).Encode(signature, this->SignatureLength());
}

template <class F, class H>
bool VerifierWithRecoveryTemplate<F,H>::Verify(HashModule *messageAccumulator, const byte *signature) const
{
	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));
	SecByteBlock representative(this->PaddedBlockByteLength());
	this->f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);
	return ma->Verify(representative);
}

template <class F, class H>
HashModule * VerifierWithRecoveryTemplate<F,H>::NewLeftoverMessageAccumulator(const byte *signature) const
{
	SecByteBlock representative(this->PaddedBlockByteLength());
	this->f.ApplyFunction(Integer(signature, this->SignatureLength())).Encode(representative, representative.size);
	return new H(representative, this->PaddedBlockBitLength());
}

template <class F, class H>

Return to bug 60392

Lines 54-60 Link Here

(-)crypto/algebra.cpp (-5 / +5 lines)
54	Element g[3]={b, a};	54	Element g[3]={b, a};
55	unsigned int i0=0, i1=1, i2=2;	55	unsigned int i0=0, i1=1, i2=2;
56		56
57	while (!Equal(g[i1], Zero()))	57	while (!Equal(g[i1], this->Zero()))
58	{	58	{
59	g[i2] = Mod(g[i0], g[i1]);	59	g[i2] = Mod(g[i0], g[i1]);
60	unsigned int t = i0; i0 = i1; i1 = i2; i2 = t;	60	unsigned int t = i0; i0 = i1; i1 = i2; i2 = t;
Lines 63-69 Link Here
63	return result = g[i0];	63	return result = g[i0];
64	}	64	}
65		65
66	template <class T> const QuotientRing<T>::Element& QuotientRing<T>::MultiplicativeInverse(const Element &a) const	66	template <class T> const typename QuotientRing<T>::Element& QuotientRing<T>::MultiplicativeInverse(const Element &a) const
67	{	67	{
68	Element g[3]={m_modulus, a};	68	Element g[3]={m_modulus, a};
69	#ifdef __BCPLUSPLUS__	69	#ifdef __BCPLUSPLUS__
Lines 77-83 Link Here
77	Element y;	77	Element y;
78	unsigned int i0=0, i1=1, i2=2;	78	unsigned int i0=0, i1=1, i2=2;
79		79
80	while (!Equal(g[i1], Zero()))	80	while (!Equal(g[i1], this->Zero()))
81	{	81	{
82	// y = g[i0] / g[i1];	82	// y = g[i0] / g[i1];
83	// g[i2] = g[i0] % g[i1];	83	// g[i2] = g[i0] % g[i1];
Lines 101-107 Link Here
101	{	101	{
102	const unsigned expLen = STDMAX(e1.BitCount(), e2.BitCount());	102	const unsigned expLen = STDMAX(e1.BitCount(), e2.BitCount());
103	if (expLen==0)	103	if (expLen==0)
104	return Zero();	104	return this->Zero();
105		105
106	const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));	106	const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));
107	const unsigned tableSize = 1<<w;	107	const unsigned tableSize = 1<<w;
Lines 266-272 Link Here
266	assert(expBegin->NotNegative());	266	assert(expBegin->NotNegative());
267	exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0));	267	exponents.push_back(WindowSlider(*expBegin++, InversionIsFast(), 0));
268	exponents[i].FindNextWindow();	268	exponents[i].FindNextWindow();
269	buckets[i].resize(1<<(exponents[i].windowSize-1), Zero());	269	buckets[i].resize(1<<(exponents[i].windowSize-1), this->Zero());
270	}	270	}
271		271
272	unsigned int expBitPosition = 0;	272	unsigned int expBitPosition = 0;

Lines 54-72 Link Here

(-)crypto/iterhash.h (-10 / +10 lines)
54		54
55	void TruncatedFinal(byte *hash, unsigned int size)	55	void TruncatedFinal(byte *hash, unsigned int size)
56	{	56	{
57	assert(size <= DigestSize());	57	assert(size <= this->DigestSize());
58		58
59	PadLastBlock(BLOCKSIZE - 2*sizeof(HashWordType));	59	PadLastBlock(BLOCKSIZE - 2*sizeof(HashWordType));
60	CorrectEndianess(data, data, BLOCKSIZE - 2*sizeof(HashWordType));	60	CorrectEndianess(this->data, this->data, BLOCKSIZE - 2*sizeof(HashWordType));
61		61
62	data[data.size-2] = HIGHFIRST ? countHi : countLo;	62	this->data[this->data.size-2] = HIGHFIRST ? this->countHi : this->countLo;
63	data[data.size-1] = HIGHFIRST ? countLo : countHi;	63	this->data[this->data.size-1] = HIGHFIRST ? this->countLo : this->countHi;
64		64
65	vTransform(data);	65	vTransform(this->data);
66	CorrectEndianess(digest, digest, DigestSize());	66	CorrectEndianess(this->digest, this->digest, this->DigestSize());
67	memcpy(hash, digest, size);	67	memcpy(hash, this->digest, size);
68		68
69	Reinit(); // reinit for next use	69	this->Reinit(); // reinit for next use
70	}	70	}
71		71
72	protected:	72	protected:
Lines 76-83 Link Here
76	vTransform(input);	76	vTransform(input);
77	else	77	else
78	{	78	{
79	byteReverse(data.ptr, input, (unsigned int)BLOCKSIZE);	79	byteReverse(this->data.ptr, input, (unsigned int)BLOCKSIZE);
80	vTransform(data);	80	vTransform(this->data);
81	}	81	}
82	}	82	}
83		83

Lines 16-38 Link Here

(-)crypto/mdc.h (-6 / +6 lines)
16	{	16	{
17	public:	17	public:
18	MDC(const byte *userKey, unsigned int = 0)	18	MDC(const byte *userKey, unsigned int = 0)
19	: key(KEYLENGTH/4)	19	: key(this->KEYLENGTH/4)
20	{	20	{
21	T::CorrectEndianess(key, (word32 *)userKey, KEYLENGTH);	21	T::CorrectEndianess(key, (word32 *)userKey, this->KEYLENGTH);
22	}	22	}
23		23
24	void ProcessBlock(byte *inoutBlock) const	24	void ProcessBlock(byte *inoutBlock) const
25	{	25	{
26	T::CorrectEndianess((word32 )inoutBlock, (word32 )inoutBlock, BLOCKSIZE);	26	T::CorrectEndianess((word32 )inoutBlock, (word32 )inoutBlock, this->BLOCKSIZE);
27	T::Transform((word32 *)inoutBlock, key);	27	T::Transform((word32 *)inoutBlock, key);
28	T::CorrectEndianess((word32 )inoutBlock, (word32 )inoutBlock, BLOCKSIZE);	28	T::CorrectEndianess((word32 )inoutBlock, (word32 )inoutBlock, this->BLOCKSIZE);
29	}	29	}
30		30
31	void ProcessBlock(const byte inBlock, byte outBlock) const	31	void ProcessBlock(const byte inBlock, byte outBlock) const
32	{	32	{
33	T::CorrectEndianess((word32 )outBlock, (word32 )inBlock, BLOCKSIZE);	33	T::CorrectEndianess((word32 )outBlock, (word32 )inBlock, this->BLOCKSIZE);
34	T::Transform((word32 *)outBlock, key);	34	T::Transform((word32 *)outBlock, key);
35	T::CorrectEndianess((word32 )outBlock, (word32 )outBlock, BLOCKSIZE);	35	T::CorrectEndianess((word32 )outBlock, (word32 )outBlock, this->BLOCKSIZE);
36	}	36	}
37		37
38	private:	38	private:

Lines 27-35 Link Here

(-)crypto/pubkey.cpp (-12 / +12 lines)
27	template <class P, class F>	27	template <class P, class F>
28	unsigned int DecryptorTemplate<P,F>::Decrypt(const byte cipherText, byte plainText)	28	unsigned int DecryptorTemplate<P,F>::Decrypt(const byte cipherText, byte plainText)
29	{	29	{
30	SecByteBlock paddedBlock(PaddedBlockByteLength());	30	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
31	f.CalculateInverse(Integer(cipherText, this->CipherTextLength())).Encode(paddedBlock, paddedBlock.size);	31	this->f.CalculateInverse(Integer(cipherText, this->CipherTextLength())).Encode(paddedBlock, paddedBlock.size);
32	return pad.Unpad(paddedBlock, PaddedBlockBitLength(), plainText);	32	return this->pad.Unpad(paddedBlock, this->PaddedBlockBitLength(), plainText);
33	}	33	}
34		34
35	template <class P, class F>	35	template <class P, class F>
Lines 37-45 Link Here
37	{	37	{
38	assert(plainTextLength <= this->MaxPlainTextLength());	38	assert(plainTextLength <= this->MaxPlainTextLength());
39		39
40	SecByteBlock paddedBlock(PaddedBlockByteLength());	40	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
41	pad.Pad(rng, plainText, plainTextLength, paddedBlock, PaddedBlockBitLength());	41	this->pad.Pad(rng, plainText, plainTextLength, paddedBlock, this->PaddedBlockBitLength());
42	f.ApplyFunction(Integer(paddedBlock, paddedBlock.size)).Encode(cipherText, this->CipherTextLength());	42	this->f.ApplyFunction(Integer(paddedBlock, paddedBlock.size)).Encode(cipherText, this->CipherTextLength());
43	}	43	}
44		44
45	template <class P, class F>	45	template <class P, class F>
Lines 47-64 Link Here
47	{	47	{
48	assert(digestLength <= MaxDigestLength());	48	assert(digestLength <= MaxDigestLength());
49		49
50	SecByteBlock paddedBlock(PaddedBlockByteLength());	50	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
51	pad.Pad(rng, digest, digestLength, paddedBlock, PaddedBlockBitLength());	51	this->pad.Pad(rng, digest, digestLength, paddedBlock, this->PaddedBlockBitLength());
52	f.CalculateInverse(Integer(paddedBlock, paddedBlock.size)).Encode(signature, DigestSignatureLength());	52	this->f.CalculateInverse(Integer(paddedBlock, paddedBlock.size)).Encode(signature, DigestSignatureLength());
53	}	53	}
54		54
55	template <class P, class F>	55	template <class P, class F>
56	bool DigestVerifierTemplate<P,F>::VerifyDigest(const byte digest, unsigned int digestLen, const byte signature) const	56	bool DigestVerifierTemplate<P,F>::VerifyDigest(const byte digest, unsigned int digestLen, const byte signature) const
57	{	57	{
58	SecByteBlock paddedBlock(PaddedBlockByteLength());	58	SecByteBlock paddedBlock(this->PaddedBlockByteLength());
59	f.ApplyFunction(Integer(signature, DigestSignatureLength())).Encode(paddedBlock, paddedBlock.size);	59	this->f.ApplyFunction(Integer(signature, DigestSignatureLength())).Encode(paddedBlock, paddedBlock.size);
60	SecByteBlock recoveredDigest(MaxDigestLength());	60	SecByteBlock recoveredDigest(MaxDigestLength());
61	unsigned int recoveredDigestLen = pad.Unpad(paddedBlock, PaddedBlockBitLength(), recoveredDigest);	61	unsigned int recoveredDigestLen = this->pad.Unpad(paddedBlock, this->PaddedBlockBitLength(), recoveredDigest);
62	return digestLen == recoveredDigestLen && memcmp(digest, recoveredDigest, digestLen) == 0;	62	return digestLen == recoveredDigestLen && memcmp(digest, recoveredDigest, digestLen) == 0;
63	}	63	}
64		64

Lines 114-122 Link Here

(-)crypto/pubkey.h (-19 / +19 lines)
114	PublicKeyBaseTemplate(const F &f) : f(f) {}	114	PublicKeyBaseTemplate(const F &f) : f(f) {}
115	PublicKeyBaseTemplate(BufferedTransformation &bt) : f(bt) {}	115	PublicKeyBaseTemplate(BufferedTransformation &bt) : f(bt) {}
116	virtual ~PublicKeyBaseTemplate() {}	116	virtual ~PublicKeyBaseTemplate() {}
117	void DEREncode(BufferedTransformation &bt) const {f.DEREncode(bt);}	117	void DEREncode(BufferedTransformation &bt) const {this->f.DEREncode(bt);}
118		118
119	const F & GetTrapdoorFunction() const {return f;}	119	const F & GetTrapdoorFunction() const {return this->f;}
120		120
121	protected:	121	protected:
122	// a hack to avoid having to write constructors for non-concrete derived classes	122	// a hack to avoid having to write constructors for non-concrete derived classes
Lines 135-147 Link Here
135	{	135	{
136	public:	136	public:
137	unsigned int MaxPlainTextLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}	137	unsigned int MaxPlainTextLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}
138	unsigned int CipherTextLength() const {return f.MaxImage().ByteCount();}	138	unsigned int CipherTextLength() const {return this->f.MaxImage().ByteCount();}
139		139
140	P pad;	140	P pad;
141		141
142	protected:	142	protected:
143	CryptoSystemBaseTemplate() {}	143	CryptoSystemBaseTemplate() {}
144	unsigned int PaddedBlockBitLength() const {return f.PreimageBound().BitCount()-1;}	144	unsigned int PaddedBlockBitLength() const {return this->f.PreimageBound().BitCount()-1;}
145	};	145	};
146		146
147	//! .	147	//! .
Lines 199-211 Link Here
199	{	199	{
200	public:	200	public:
201	unsigned int MaxDigestLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}	201	unsigned int MaxDigestLength() const {return pad.MaxUnpaddedLength(PaddedBlockBitLength());}
202	unsigned int DigestSignatureLength() const {return f.MaxPreimage().ByteCount();}	202	unsigned int DigestSignatureLength() const {return this->f.MaxPreimage().ByteCount();}
203		203
204	P pad;	204	P pad;
205		205
206	protected:	206	protected:
207	DigestSignatureSystemBaseTemplate() {}	207	DigestSignatureSystemBaseTemplate() {}
208	unsigned int PaddedBlockBitLength() const {return f.ImageBound().BitCount()-1;}	208	unsigned int PaddedBlockBitLength() const {return this->f.ImageBound().BitCount()-1;}
209	};	209	};
210		210
211	//! .	211	//! .
Lines 239-245 Link Here
239	class SignatureSystemBaseTemplate : virtual public PK_SignatureSystem, virtual public S	239	class SignatureSystemBaseTemplate : virtual public PK_SignatureSystem, virtual public S
240	{	240	{
241	public:	241	public:
242	unsigned int SignatureLength() const {return DigestSignatureLength();}	242	unsigned int SignatureLength() const {return this->DigestSignatureLength();}
243	HashModule * NewMessageAccumulator() const {return new H;}	243	HashModule * NewMessageAccumulator() const {return new H;}
244		244
245	protected:	245	protected:
Lines 274-284 Link Here
274	void SignerTemplate<S,H>::Sign(RandomNumberGenerator &rng, HashModule messageAccumulator, byte signature) const	274	void SignerTemplate<S,H>::Sign(RandomNumberGenerator &rng, HashModule messageAccumulator, byte signature) const
275	{	275	{
276	std::auto_ptr<HashModule> ma(messageAccumulator);	276	std::auto_ptr<HashModule> ma(messageAccumulator);
277	if (ma->DigestSize() > MaxDigestLength())	277	if (ma->DigestSize() > this->MaxDigestLength())
278	throw KeyTooShort();	278	throw KeyTooShort();
279	SecByteBlock digest(ma->DigestSize());	279	SecByteBlock digest(ma->DigestSize());
280	ma->Final(digest);	280	ma->Final(digest);
281	SignDigest(rng, digest, digest.size, signature);	281	this->SignDigest(rng, digest, digest.size, signature);
282	}	282	}
283		283
284	template <class S, class H>	284	template <class S, class H>
Lines 287-293 Link Here
287	std::auto_ptr<HashModule> ma(messageAccumulator);	287	std::auto_ptr<HashModule> ma(messageAccumulator);
288	SecByteBlock digest(ma->DigestSize());	288	SecByteBlock digest(ma->DigestSize());
289	ma->Final(digest);	289	ma->Final(digest);
290	return VerifyDigest(digest, digest.size, sig);	290	return this->VerifyDigest(digest, digest.size, sig);
291	}	291	}
292		292
293	// ********************************************************	293	// ********************************************************
Lines 308-320 Link Here
308	class SignatureSystemWithRecoveryBaseTemplate : virtual public PK_SignatureSystemWithRecovery, virtual public PublicKeyBaseTemplate<F>	308	class SignatureSystemWithRecoveryBaseTemplate : virtual public PK_SignatureSystemWithRecovery, virtual public PublicKeyBaseTemplate<F>
309	{	309	{
310	public:	310	public:
311	unsigned int SignatureLength() const {return f.MaxPreimage().ByteCount();}	311	unsigned int SignatureLength() const {return this->f.MaxPreimage().ByteCount();}
312	HashModule * NewMessageAccumulator() const {return new H(PaddedBlockBitLength());}	312	HashModule * NewMessageAccumulator() const {return new H(PaddedBlockBitLength());}
313	unsigned int MaximumRecoverableLength() const {return H::MaximumRecoverableLength(PaddedBlockBitLength());}	313	unsigned int MaximumRecoverableLength() const {return H::MaximumRecoverableLength(PaddedBlockBitLength());}
314	bool AllowLeftoverMessage() const {return H::AllowLeftoverMessage();}	314	bool AllowLeftoverMessage() const {return H::AllowLeftoverMessage();}
315		315
316	protected:	316	protected:
317	unsigned int PaddedBlockBitLength() const {return f.ImageBound().BitCount()-1;}	317	unsigned int PaddedBlockBitLength() const {return this->f.ImageBound().BitCount()-1;}
318	};	318	};
319		319
320	//! .	320	//! .
Lines 342-367 Link Here
342	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));	342	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));
343	if (ma->MaximumRecoverableLength() == 0)	343	if (ma->MaximumRecoverableLength() == 0)
344	throw KeyTooShort();	344	throw KeyTooShort();
345	SecByteBlock representative(PaddedBlockByteLength());	345	SecByteBlock representative(this->PaddedBlockByteLength());
346	ma->Encode(rng, representative);	346	ma->Encode(rng, representative);
347	f.CalculateInverse(Integer(representative, representative.size)).Encode(signature, SignatureLength());	347	this->f.CalculateInverse(Integer(representative, representative.size)).Encode(signature, this->SignatureLength());
348	}	348	}
349		349
350	template <class F, class H>	350	template <class F, class H>
351	bool VerifierWithRecoveryTemplate<F,H>::Verify(HashModule messageAccumulator, const byte signature) const	351	bool VerifierWithRecoveryTemplate<F,H>::Verify(HashModule messageAccumulator, const byte signature) const
352	{	352	{
353	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));	353	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));
354	SecByteBlock representative(PaddedBlockByteLength());	354	SecByteBlock representative(this->PaddedBlockByteLength());
355	f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);	355	this->f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);
356	return ma->Verify(representative);	356	return ma->Verify(representative);
357	}	357	}
358		358
359	template <class F, class H>	359	template <class F, class H>
360	HashModule * VerifierWithRecoveryTemplate<F,H>::NewLeftoverMessageAccumulator(const byte *signature) const	360	HashModule * VerifierWithRecoveryTemplate<F,H>::NewLeftoverMessageAccumulator(const byte *signature) const
361	{	361	{
362	SecByteBlock representative(PaddedBlockByteLength());	362	SecByteBlock representative(this->PaddedBlockByteLength());
363	f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);	363	this->f.ApplyFunction(Integer(signature, this->SignatureLength())).Encode(representative, representative.size);
364	return new H(representative, PaddedBlockBitLength());	364	return new H(representative, this->PaddedBlockBitLength());
365	}	365	}
366		366
367	template <class F, class H>	367	template <class F, class H>