The most important classes and structs defined in pk.h are described in the following table:
Class | is defined in: | an object of this type represents: |
num | num.c | an integer or an element of a finite field |
Nat | num.c | a natural number |
FParms | num.c | a set of finite field parameters |
GParms | num.c | a set of parameters for a finite Abelian group |
Point | point.c & num.c | an element of a finite Abelian group |
Key | key.c & cert.c | a public and/or private key |
RSA | cert.c & key.c | an RSA public and/or private key |
Signature | cert.c & key.c | a digital signature |
The following classes perform all 'high-level' cryptographic operations:
while the following 'low-level classes' provide the requisite collection of underlying arithmetical operations:
Note: Using the low-level classes directly may violate the CDK's Security Policy for operating in FIPS 140-1 mode. These classes may be used to store information, but should not be used to perform cryptographic operations that are the equivalent of key pair generation. (You may, however, use class Point as illustrated in the Cookbook section Diffie-Hellman Key Agreement.)
Recommendations for strict FIPS 140-1 compliance: Classes Key, RSA, and Signature (together with DSA_Generate_Parameters()) may be used to implement all common public key operations. While the direct use of the other classes defined in pk.h is not prohibited for FIPS 140-1 compliance (unless explicitly stated below), ISC generally recommends against it. (See Note above.) This code is covered by US patents: 5,274,707 - Modular Exponentiation and Reduction Device and Method 5,373,560 - Partial Modular Reduction Method
Namespaces | |
namespace | cdk |
Data Structures | |
class | Nat |
Data type used to represent elements of various algebraic objects. More... | |
struct | Parameters |
Base class for arithmetic parameters (used to define various algebraic structures). More... | |
class | FParms |
Data type used to specify arithmetic parameters for various rings and fields. More... | |
struct | num |
Implementation of the arithmetic in various groups, rings, and fields. More... | |
class | GParms |
Data type used to specify arithmetic parameters for various groups, including elliptic curves. More... | |
class | Point |
Data type used to represent the elements of, and abstract the operations in, various Abelian groups, including elliptic curves. More... | |
class | RSA |
Implementation of RSA-based cryptographic schemes. More... | |
class | Signature |
Data type used for digital signature operations. More... | |
struct | Key |
Class Key is the principal data type used for public and private keys and all related cryptographic operations. More... | |
Typedefs | |
typedef Nat * | cdk::nat |
pointer to a Nat | |
typedef Nat const * | cdk::cnat |
const pointer to a Nat | |
typedef unsigned int | cdk::nword |
basic word type | |
typedef nword * | cdk::nwordp |
pointer to a nword | |
typedef nword const * | cdk::cnwordp |
const pointer to a nword | |
Enumerations | |
enum | cdk::hashes { cdk::hNone, cdk::hMD2 = 1, cdk::hMD4 = 2, cdk::hMD5 = 3, cdk::hSHA1 = 4, cdk::hSHA256 = 5, cdk::hSHA384 = 6, cdk::hSHA512 = 7, cdk::hSHA224 = 8 } |
Algorithm IDs for various hash functions (values are consistent with MS CAPI) More... | |
enum | cdk::groups |
IDs for various groups/algorithms (for internal use only). | |
Functions | |
_cdkpub str | cdk::genkeyp5 (const str &pwd, const str &salt, int iter, int n) |
Generate a (symmetric) key from a password as per PKCS#5. | |
_cdkpub str | cdk::genkeyp12 (const str &pwd, const str &salt, int n, int iter, int id) |
Generate a (symmetric) key from a password as per PKCS#12. | |
_cdkpub int | cdk::DSA_GenerateParameters (const str &seed, int nq, int np, num &q, num &p, num &g, int &counter, int start=0, int h=2, int v=1) |
Generate DSA parameters as per FIPS 186-2. | |
_cdkpub int | cdk::rsadecrypt (const num &pq, const num &d, const num &input, str &x) |
Raises input to the power d, mod pq, and strips pkcs1 padding. |
ISC Cryptographic Development Kit - User's Guide | |
Questions? E-mail ISC technical support | |
Copyright© 2002-2006 Information Security Corp. All rights reserved. |