pk.h File Reference

Detailed Description

Interface definitions for CDK classes implementing high-precision integer arithmetic and high-level public key operations.

The most important classes and structs defined in pk.h are described in the following table:

Class is defined in: an object of this type represents:
num num.c an integer or an element of a finite field
Nat num.c a natural number
FParms num.c a set of finite field parameters
GParms num.c a set of parameters for a finite Abelian group
Point point.c & num.c an element of a finite Abelian group
Key key.c & cert.c a public and/or private key
RSA cert.c & key.c an RSA public and/or private key
Signature cert.c & key.c a digital signature

The following classes perform all 'high-level' cryptographic operations:

while the following 'low-level classes' provide the requisite collection of underlying arithmetical operations:

Note: Using the low-level classes directly may violate the CDK's Security Policy for operating in FIPS 140-1 mode. These classes may be used to store information, but should not be used to perform cryptographic operations that are the equivalent of key pair generation. (You may, however, use class Point as illustrated in the Cookbook section Diffie-Hellman Key Agreement.)

Recommendations for strict FIPS 140-1 compliance:

Classes Key, RSA, and Signature (together with DSA_Generate_Parameters()) 
may be used to implement all common public key operations. While the 
direct use of the other classes defined in pk.h is not prohibited for FIPS 
140-1 compliance (unless explicitly stated below), ISC generally 
recommends against it. (See Note above.) 

This code is covered by US patents:
  5,274,707 - Modular Exponentiation and Reduction Device and Method
  5,373,560 - Partial Modular Reduction Method


namespace  cdk

Data Structures

class  Nat
 Data type used to represent elements of various algebraic objects. More...
struct  Parameters
 Base class for arithmetic parameters (used to define various algebraic structures). More...
class  FParms
 Data type used to specify arithmetic parameters for various rings and fields. More...
struct  num
 Implementation of the arithmetic in various groups, rings, and fields. More...
class  GParms
 Data type used to specify arithmetic parameters for various groups, including elliptic curves. More...
class  Point
 Data type used to represent the elements of, and abstract the operations in, various Abelian groups, including elliptic curves. More...
class  RSA
 Implementation of RSA-based cryptographic schemes. More...
class  Signature
 Data type used for digital signature operations. More...
struct  Key
 Class Key is the principal data type used for public and private keys and all related cryptographic operations. More...


typedef Nat * cdk::nat
 pointer to a Nat
typedef Nat const * cdk::cnat
 const pointer to a Nat
typedef unsigned int cdk::nword
 basic word type
typedef nwordcdk::nwordp
 pointer to a nword
typedef nword const * cdk::cnwordp
 const pointer to a nword


enum  cdk::hashes {
  cdk::hMD2 = 1,
  cdk::hMD4 = 2,
  cdk::hMD5 = 3,
  cdk::hSHA1 = 4,
  cdk::hSHA256 = 5,
  cdk::hSHA384 = 6,
  cdk::hSHA512 = 7,
  cdk::hSHA224 = 8
 Algorithm IDs for various hash functions (values are consistent with MS CAPI) More...
enum  cdk::groups
 IDs for various groups/algorithms (for internal use only).


_cdkpub str cdk::genkeyp5 (const str &pwd, const str &salt, int iter, int n)
 Generate a (symmetric) key from a password as per PKCS#5.
_cdkpub str cdk::genkeyp12 (const str &pwd, const str &salt, int n, int iter, int id)
 Generate a (symmetric) key from a password as per PKCS#12.
_cdkpub int cdk::DSA_GenerateParameters (const str &seed, int nq, int np, num &q, num &p, num &g, int &counter, int start=0, int h=2, int v=1)
 Generate DSA parameters as per FIPS 186-2.
_cdkpub int cdk::rsadecrypt (const num &pq, const num &d, const num &input, str &x)
 Raises input to the power d, mod pq, and strips pkcs1 padding.

ISC Cryptographic Development Kit - User's Guide
ISC website
Questions? E-mail ISC technical support
Copyright© 2002-2006 Information Security Corp. All rights reserved.