aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2008-10-11 23:44:16 +0000
committerlloyd <[email protected]>2008-10-11 23:44:16 +0000
commit053dfa09e95039022e3c4249655cbe5fe12db9c5 (patch)
tree887f5570708fca65b2d16fa850d7f14e5387aa21
parent1c45e7840fd7ec7d3d6bbacbb615a4809a84a0a1 (diff)
Move ECDSA_Signature into CVC module. It is not used by ECDSA directly now.
Change several ECC functions to return const references instead of const values.
-rw-r--r--src/cert/cvc/cvc_self.cpp2
-rw-r--r--src/cert/cvc/eac_obj.h38
-rw-r--r--src/cert/cvc/ecdsa_sig.cpp (renamed from src/pubkey/ecdsa/ecdsa_sig.cpp)36
-rw-r--r--src/cert/cvc/ecdsa_sig.h (renamed from src/pubkey/ecdsa/ecdsa_sig.h)37
-rw-r--r--src/cert/cvc/info.txt2
-rw-r--r--src/pubkey/ecc_key/ecc_key.cpp157
-rw-r--r--src/pubkey/ecc_key/ecc_key.h29
-rw-r--r--src/pubkey/ecdsa/ecdsa.cpp50
-rw-r--r--src/pubkey/ecdsa/ecdsa.h36
-rw-r--r--src/pubkey/ecdsa/info.txt2
-rw-r--r--src/pubkey/eckaeg/eckaeg.cpp2
11 files changed, 204 insertions, 187 deletions
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index 66b8350a0..8b49d3186 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -255,7 +255,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
// for the case that the domain parameters are not set...
// (we use those from the signer because they must fit)
- subj_pk->set_domain_parameters(priv_key->get_domain_parameters());
+ subj_pk->set_domain_parameters(priv_key->domain_parameters());
subj_pk->set_parameter_encoding(ENC_IMPLICITCA);
diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h
index 6d170ea60..3b692673d 100644
--- a/src/cert/cvc/eac_obj.h
+++ b/src/cert/cvc/eac_obj.h
@@ -26,8 +26,8 @@ const std::string eac_cvc_emsa("EMSA1_BSI");
/*************************************************
* TR03110 v1.1 EAC CV Certificate *
*************************************************/
-template<typename Derived>
-class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object // CRTP is used enable the call sequence:
+template<typename Derived> // CRTP is used enable the call sequence:
+class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object
{
// data members first:
protected:
@@ -64,11 +64,15 @@ template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::get_concat_si
{
return m_sig.get_concatenation();
}
-template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::make_signature(PK_Signer* signer,
- const MemoryRegion<byte>& tbs_bits,
- RandomNumberGenerator& rng)
+
+template<typename Derived> SecureVector<byte>
+EAC1_1_obj<Derived>::make_signature(PK_Signer* signer,
+ const MemoryRegion<byte>& tbs_bits,
+ RandomNumberGenerator& rng)
{
- SecureVector<byte> seq_sig = signer->sign_message(tbs_bits, rng); // this is the signature as a der sequence
+ // this is the signature as a der sequence
+ SecureVector<byte> seq_sig = signer->sign_message(tbs_bits, rng);
+
ECDSA_Signature sig(decode_seq(seq_sig));
SecureVector<byte> concat_sig(sig.get_concatenation());
return concat_sig;
@@ -76,7 +80,6 @@ template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::make_signatur
template<typename Derived> void EAC1_1_obj<Derived>::init(SharedPtrConverter<DataSource> in)
{
-
try
{
Derived::decode_info(in.get_shared(), tbs_bits, m_sig);
@@ -87,7 +90,8 @@ template<typename Derived> void EAC1_1_obj<Derived>::init(SharedPtrConverter<Dat
}
}
-template<typename Derived> bool EAC1_1_obj<Derived>::check_signature(Public_Key& pub_key) const
+template<typename Derived>
+bool EAC1_1_obj<Derived>::check_signature(Public_Key& pub_key) const
{
try
{
@@ -103,22 +107,16 @@ template<typename Derived> bool EAC1_1_obj<Derived>::check_signature(Public_Key&
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
- std::auto_ptr<PK_Verifier> verifier;
- if(dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key))
- {
- PK_Verifying_wo_MR_Key& sig_key =
- dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key);
- verifier.reset(get_pk_verifier(sig_key, padding, format));
- }
- else
- {
+ if(!dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key))
return false;
- }
- std::auto_ptr<ECDSA_Signature_Encoder> enc(m_sig.x509_encoder());
+
+ std::auto_ptr<ECDSA_Signature_Encoder> enc(new ECDSA_Signature_Encoder(&m_sig));
SecureVector<byte> seq_sig = enc->signature_bits();
SecureVector<byte> to_sign = tbs_data();
- return verifier->verify_message(to_sign, seq_sig);
+ PK_Verifying_wo_MR_Key& sig_key = dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key);
+ std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(sig_key, padding, format));
+ return verifier->verify_message(to_sign, seq_sig);
}
catch(...)
{
diff --git a/src/pubkey/ecdsa/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp
index abe1c631b..f0b407e56 100644
--- a/src/pubkey/ecdsa/ecdsa_sig.cpp
+++ b/src/cert/cvc/ecdsa_sig.cpp
@@ -9,19 +9,18 @@ ECDSA_Signature::ECDSA_Signature(const BigInt& r, const BigInt& s)
m_s(s)
{}
-ECDSA_Signature::ECDSA_Signature(ECDSA_Signature const& other)
- : m_r(other.m_r),
- m_s(other.m_s)
+ECDSA_Signature::ECDSA_Signature(const ECDSA_Signature& other)
+ : m_r(other.m_r), m_s(other.m_s)
{}
-ECDSA_Signature const& ECDSA_Signature::operator=(ECDSA_Signature const& other)
+ECDSA_Signature const& ECDSA_Signature::operator=(const ECDSA_Signature& other)
{
m_r = other.m_r;
m_s = other.m_s;
return *this;
}
-bool operator== ( ECDSA_Signature const& lhs, ECDSA_Signature const& rhs )
+bool operator==(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
{
return (lhs.get_r() == rhs.get_r() && lhs.get_s() == rhs.get_s());
}
@@ -35,11 +34,14 @@ ECDSA_Signature_Encoder* ECDSA_Signature::x509_encoder() const
{
return new ECDSA_Signature_Encoder(this);
}
+
SecureVector<byte> const ECDSA_Signature::get_concatenation() const
{
u32bit enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes(); // use the larger
- SecureVector<byte> sv_r = BigInt::encode_1363 ( m_r, enc_len );
- SecureVector<byte> sv_s = BigInt::encode_1363 ( m_s, enc_len );
+
+ SecureVector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
+ SecureVector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
+
SecureVector<byte> result(sv_r);
result.append(sv_s);
return result;
@@ -48,24 +50,24 @@ SecureVector<byte> const ECDSA_Signature::get_concatenation() const
ECDSA_Signature const decode_seq(MemoryRegion<byte> const& seq)
{
ECDSA_Signature sig;
- std::auto_ptr<ECDSA_Signature_Decoder> dec(sig.x509_decoder());
+
+ std::auto_ptr<ECDSA_Signature_Decoder> dec(new ECDSA_Signature_Decoder(&sig));
dec->signature_bits(seq);
return sig;
}
-ECDSA_Signature const decode_concatenation(MemoryRegion<byte> const& concatenation)
+ECDSA_Signature const decode_concatenation(MemoryRegion<byte> const& concat)
{
- if(concatenation.size() % 2 != 0)
- {
+ if(concat.size() % 2 != 0)
throw Invalid_Argument("Erroneous length of signature");
- }
- u32bit rs_len = concatenation.size()/2;
+
+ u32bit rs_len = concat.size()/2;
SecureVector<byte> sv_r;
SecureVector<byte> sv_s;
- sv_r.set(concatenation.begin(), rs_len);
- sv_s.set(&concatenation[rs_len], rs_len);
- BigInt r = BigInt::decode ( sv_r, sv_r.size());
- BigInt s = BigInt::decode (sv_s, sv_s.size());
+ sv_r.set(concat.begin(), rs_len);
+ sv_s.set(&concat[rs_len], rs_len);
+ BigInt r = BigInt::decode(sv_r, sv_r.size());
+ BigInt s = BigInt::decode(sv_s, sv_s.size());
return ECDSA_Signature(r, s);
}
diff --git a/src/pubkey/ecdsa/ecdsa_sig.h b/src/cert/cvc/ecdsa_sig.h
index 73e2f8599..720acaedc 100644
--- a/src/pubkey/ecdsa/ecdsa_sig.h
+++ b/src/cert/cvc/ecdsa_sig.h
@@ -13,46 +13,33 @@
namespace Botan {
-class BOTAN_DLL ECDSA_Signature_Decoder;
-class BOTAN_DLL ECDSA_Signature_Encoder;
-
class BOTAN_DLL ECDSA_Signature
{
- friend class ECDSA_Signature_Decoder;
- friend class ECDSA_Signature_Encoder;
public:
+ friend class ECDSA_Signature_Decoder;
+
+ ECDSA_Signature() {}
ECDSA_Signature(const BigInt& r, const BigInt& s);
- ECDSA_Signature()
- {}
- ;
ECDSA_Signature(ECDSA_Signature const& other);
ECDSA_Signature const& operator=(ECDSA_Signature const& other);
- BigInt const get_r() const
- {
- return m_r;
- }
- BigInt const get_s() const
- {
- return m_s;
- }
+ const BigInt& get_r() const { return m_r; }
+ const BigInt& get_s() const { return m_s; }
+
/**
* return the r||s
*/
SecureVector<byte> const get_concatenation() const;
-
-
- ECDSA_Signature_Encoder* x509_encoder() const;
- ECDSA_Signature_Decoder* x509_decoder();
private:
BigInt m_r;
BigInt m_s;
};
-bool operator== ( ECDSA_Signature const& lhs, ECDSA_Signature const& rhs );
-inline bool operator!= ( ECDSA_Signature const& lhs, ECDSA_Signature const& rhs )
+/* Equality of ECDSA_Signature */
+bool operator==(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs);
+inline bool operator!=(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
{
- return !operator== ( lhs, rhs );
+ return !(lhs == rhs);
}
class BOTAN_DLL ECDSA_Signature_Decoder
@@ -80,8 +67,8 @@ class BOTAN_DLL ECDSA_Signature_Encoder
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(m_signature->m_r)
- .encode(m_signature->m_s)
+ .encode(m_signature->get_r())
+ .encode(m_signature->get_s())
.end_cons()
.get_contents();
}
diff --git a/src/cert/cvc/info.txt b/src/cert/cvc/info.txt
index 9a7565424..229c431bc 100644
--- a/src/cert/cvc/info.txt
+++ b/src/cert/cvc/info.txt
@@ -12,6 +12,8 @@ ecdsa
<add>
asn1_eac_str.cpp
asn1_eac_tm.cpp
+ecdsa_sig.cpp
+ecdsa_sig.h
cvc_ado.cpp
cvc_ado.h
cvc_ca.cpp
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index 2307f0e03..ee179a27c 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -1,9 +1,8 @@
/*************************************************
* ECC Key implemenation *
-* (C) 2007 Manuel Hartl / FlexSecure GmbH *
-* *
-* Falko Strenzke *
+* (C) 2007 Manuel Hartl, FlexSecure GmbH *
+* Falko Strenzke, FlexSecure GmbH *
+* 2008 Jack Lloyd *
*************************************************/
#include <botan/ecc_key.h>
@@ -22,27 +21,31 @@ namespace Botan {
*************************************************/
void EC_PublicKey::affirm_init() const // virtual
{
- if ((mp_dom_pars.get() == 0) || (mp_public_point.get() == 0))
- {
+ if((mp_dom_pars.get() == 0) || (mp_public_point.get() == 0))
throw Invalid_State("cannot use uninitialized EC_Key");
- }
}
-EC_Domain_Params const EC_PublicKey::get_domain_parameters() const
+
+const EC_Domain_Params& EC_PublicKey::domain_parameters() const
{
if(!mp_dom_pars.get())
- {
- throw Invalid_State("EC_PublicKey::get_domain_parameters(): ec domain parameters are not yet set");
- }
+ throw Invalid_State("EC_PublicKey::domain_parameters(): ec domain parameters are not yet set");
+
return *mp_dom_pars;
}
+
+const PointGFp& EC_PublicKey::public_point() const
+ {
+ if(!mp_public_point.get())
+ throw Invalid_State("EC_PublicKey::public_point(): public point not set");
+
+ return *mp_public_point;
+ }
+
bool EC_PublicKey::domain_parameters_set()
{
- if (mp_dom_pars.get())
- {
- return true;
- }
- return false;
+ return mp_dom_pars.get();
}
+
void EC_PublicKey::X509_load_hook()
{
try
@@ -51,13 +54,12 @@ void EC_PublicKey::X509_load_hook()
affirm_init();
mp_public_point->check_invariants();
}
- catch ( Illegal_Point exc )
+ catch(Illegal_Point exc)
{
- throw Decoding_Error ( "decoded public point was found not to lie on curve" );
+ throw Decoding_Error("decoded public point was found not to lie on curve");
}
}
-
X509_Encoder* EC_PublicKey::x509_encoder() const
{
class EC_Key_Encoder : public X509_Encoder
@@ -66,20 +68,20 @@ X509_Encoder* EC_PublicKey::x509_encoder() const
AlgorithmIdentifier alg_id() const
{
key->affirm_init();
- SecureVector<byte> params = encode_der_ec_dompar ( * ( key->mp_dom_pars ), key->m_param_enc );
- return AlgorithmIdentifier ( key->get_oid(),
- params );
+
+ SecureVector<byte> params =
+ encode_der_ec_dompar(key->domain_parameters(), key->m_param_enc);
+
+ return AlgorithmIdentifier(key->get_oid(), params);
}
MemoryVector<byte> key_bits() const
{
key->affirm_init();
- return EC2OSP ( * ( key->mp_public_point ), PointGFp::COMPRESSED );
-
+ return EC2OSP(*(key->mp_public_point), PointGFp::COMPRESSED);
}
- EC_Key_Encoder ( const EC_PublicKey* k ) : key ( k )
- {}
+ EC_Key_Encoder(const EC_PublicKey* k): key(k) {}
private:
const EC_PublicKey* key;
};
@@ -92,19 +94,18 @@ X509_Decoder* EC_PublicKey::x509_decoder()
class EC_Key_Decoder : public X509_Decoder
{
public:
- void alg_id ( const AlgorithmIdentifier& alg_id )
+ void alg_id(const AlgorithmIdentifier& alg_id)
{
- key->mp_dom_pars.reset ( new EC_Domain_Params ( decode_ber_ec_dompar ( alg_id.parameters ) ) );
+ key->mp_dom_pars.reset(new EC_Domain_Params(decode_ber_ec_dompar(alg_id.parameters)));
}
- void key_bits ( const MemoryRegion<byte>& bits )
+ void key_bits(const MemoryRegion<byte>& bits)
{
- key->mp_public_point.reset ( new PointGFp ( OS2ECP ( bits, key->mp_dom_pars->get_curve() ) ) );
+ key->mp_public_point.reset(new PointGFp(OS2ECP(bits, key->domain_parameters().get_curve())));
key->X509_load_hook();
}
- EC_Key_Decoder ( EC_PublicKey* k ) : key ( k )
- {}
+ EC_Key_Decoder(EC_PublicKey* k): key(k) {}
private:
EC_PublicKey* key;
};
@@ -112,17 +113,16 @@ X509_Decoder* EC_PublicKey::x509_decoder()
return new EC_Key_Decoder(this);
}
-void EC_PublicKey::set_parameter_encoding ( EC_dompar_enc type )
+void EC_PublicKey::set_parameter_encoding(EC_dompar_enc type)
{
- if ( ( type != ENC_EXPLICIT ) && ( type != ENC_IMPLICITCA ) && ( type != ENC_OID ) )
- {
- throw Invalid_Argument ( "invalid encoding type for EC-key object specified" );
- }
+ if((type != ENC_EXPLICIT) && (type != ENC_IMPLICITCA) && (type != ENC_OID))
+ throw Invalid_Argument("Invalid encoding type for EC-key object specified");
+
affirm_init();
- if ( ( mp_dom_pars->get_oid() == "" ) && ( type == ENC_OID ) )
- {
- throw Invalid_Argument ( "invalid encoding type ENC_OID specified for EC-key object whose corresponding domain parameters are without oid" );
- }
+
+ if((type == ENC_OID) && (mp_dom_pars->get_oid() == ""))
+ throw Invalid_Argument("Invalid encoding type ENC_OID specified for EC-key object whose corresponding domain parameters are without oid");
+
m_param_enc = type;
}
@@ -131,11 +131,18 @@ void EC_PublicKey::set_parameter_encoding ( EC_dompar_enc type )
********************************/
void EC_PrivateKey::affirm_init() const // virtual
{
+ if(m_private_value == 0)
+ throw Invalid_State("cannot use EC_PrivateKey when private key is uninitialized");
+
EC_PublicKey::affirm_init();
- if (m_private_value == 0)
- {
+ }
+
+const BigInt& EC_PrivateKey::private_value() const
+ {
+ if(m_private_value == 0)
throw Invalid_State("cannot use EC_PrivateKey when private key is uninitialized");
- }
+
+ return m_private_value;
}
/**
@@ -143,12 +150,13 @@ void EC_PrivateKey::affirm_init() const // virtual
**/
void EC_PrivateKey::generate_private_key(RandomNumberGenerator& rng)
{
- if (mp_dom_pars.get() == 0)
+ if(mp_dom_pars.get() == 0)
{
throw Invalid_State("cannot generate private key when domain parameters are not set");
}
+
BigInt tmp_private_value(0);
- tmp_private_value = BigInt::random_integer(rng, 1, mp_dom_pars->get_order() );
+ tmp_private_value = BigInt::random_integer(rng, 1, mp_dom_pars->get_order());
mp_public_point = std::auto_ptr<PointGFp>( new PointGFp (mp_dom_pars->get_base_point()));
mp_public_point->mult_this_secure(tmp_private_value, mp_dom_pars->get_order(), mp_dom_pars->get_order()-1);
@@ -167,26 +175,27 @@ PKCS8_Encoder* EC_PrivateKey::pkcs8_encoder() const
AlgorithmIdentifier alg_id() const
{
key->affirm_init();
- SecureVector<byte> params = encode_der_ec_dompar ( * ( key->mp_dom_pars ), ENC_EXPLICIT );
- return AlgorithmIdentifier ( key->get_oid(),
- params );
+
+ SecureVector<byte> params = encode_der_ec_dompar(key->domain_parameters(), ENC_EXPLICIT);
+
+ return AlgorithmIdentifier(key->get_oid(), params);
}
MemoryVector<byte> key_bits() const
{
key->affirm_init();
- SecureVector<byte> octstr_secret = BigInt::encode_1363 ( key->m_private_value, key->m_private_value.bytes() );
+ SecureVector<byte> octstr_secret =
+ BigInt::encode_1363(key->m_private_value, key->m_private_value.bytes());
return DER_Encoder()
- .start_cons ( SEQUENCE )
- .encode ( BigInt ( 1 ) )
- .encode ( octstr_secret, OCTET_STRING )
+ .start_cons(SEQUENCE)
+ .encode(BigInt(1))
+ .encode(octstr_secret, OCTET_STRING)
.end_cons()
.get_contents();
}
- EC_Key_Encoder ( const EC_PrivateKey* k ) : key ( k )
- {}
+ EC_Key_Encoder(const EC_PrivateKey* k): key(k) {}
private:
const EC_PrivateKey* key;
};
@@ -202,29 +211,32 @@ PKCS8_Decoder* EC_PrivateKey::pkcs8_decoder(RandomNumberGenerator&)
class EC_Key_Decoder : public PKCS8_Decoder
{
public:
- void alg_id ( const AlgorithmIdentifier& alg_id )
+ void alg_id(const AlgorithmIdentifier& alg_id)
{
- key->mp_dom_pars.reset ( new EC_Domain_Params ( decode_ber_ec_dompar ( alg_id.parameters ) ) );
+ key->mp_dom_pars.reset(new EC_Domain_Params(decode_ber_ec_dompar(alg_id.parameters)));
}
- void key_bits ( const MemoryRegion<byte>& bits )
+ void key_bits(const MemoryRegion<byte>& bits)
{
u32bit version;
SecureVector<byte> octstr_secret;
- BER_Decoder ( bits )
- .start_cons ( SEQUENCE )
- .decode ( version )
- .decode ( octstr_secret, OCTET_STRING )
+
+ BER_Decoder(bits)
+ .start_cons(SEQUENCE)
+ .decode(version)
+ .decode(octstr_secret, OCTET_STRING)
.verify_end()
.end_cons();
- key->m_private_value = BigInt::decode ( octstr_secret, octstr_secret.size() );
- if ( version != 1 )
- throw Decoding_Error ( "Wrong PKCS #1 key format version for EC key" );
+
+ key->m_private_value = BigInt::decode(octstr_secret, octstr_secret.size());
+
+ if(version != 1)
+ throw Decoding_Error("Wrong PKCS #1 key format version for EC key");
+
key->PKCS8_load_hook();
}
- EC_Key_Decoder ( EC_PrivateKey* k ) : key ( k )
- {}
+ EC_Key_Decoder(EC_PrivateKey* k): key(k) {}
private:
EC_PrivateKey* key;
};
@@ -232,17 +244,14 @@ PKCS8_Decoder* EC_PrivateKey::pkcs8_decoder(RandomNumberGenerator&)
return new EC_Key_Decoder(this);
}
-
-void EC_PrivateKey::PKCS8_load_hook ( bool )
+void EC_PrivateKey::PKCS8_load_hook(bool)
{
// we cannot use affirm_init() here because mp_public_point might still be null
- if (mp_dom_pars.get() == 0 )
- {
+ if(mp_dom_pars.get() == 0)
throw Invalid_State("attempt to set public point for an uninitialized key");
- }
- mp_public_point.reset ( new PointGFp ( m_private_value * mp_dom_pars->get_base_point() ) );
- mp_public_point->check_invariants();
+ mp_public_point.reset(new PointGFp(m_private_value * mp_dom_pars->get_base_point()));
+ mp_public_point->check_invariants();
}
}
diff --git a/src/pubkey/ecc_key/ecc_key.h b/src/pubkey/ecc_key/ecc_key.h
index aada1da1b..b2ca7dbcf 100644
--- a/src/pubkey/ecc_key/ecc_key.h
+++ b/src/pubkey/ecc_key/ecc_key.h
@@ -5,8 +5,8 @@
* (C) 2008 Jack Lloyd *
*************************************************/
-#ifndef BOTAN_ECC_KEY_H__
-#define BOTAN_ECC_KEY_H__
+#ifndef BOTAN_ECC_PUBLIC_KEY_BASE_H__
+#define BOTAN_ECC_PUBLIC_KEY_BASE_H__
#include <botan/bigint.h>
#include <botan/curve_gfp.h>
@@ -43,14 +43,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* domain parameters of this point are not set
* @result the public point of this key
*/
- inline PointGFp get_public_point() const
- {
- if (!mp_public_point.get())
- {
- throw Invalid_State("EC_PublicKey::get_public_point(): public point not set because ec domain parameters are not yet set");
- }
- return *mp_public_point;
- }
+ const PointGFp& public_point() const;
/**
* Get the domain parameters of this key.
@@ -58,7 +51,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* domain parameters of this point are not set
* @result the domain parameters of this key
*/
- EC_Domain_Params const get_domain_parameters() const;
+ const EC_Domain_Params& domain_parameters() const;
/**
* Set the domain parameter encoding to be used when encoding this key.
@@ -125,29 +118,29 @@ class BOTAN_DLL EC_PrivateKey : public virtual EC_PublicKey, public virtual Priv
* @result an PKCS#8 encoder for this key
*/
PKCS8_Encoder* pkcs8_encoder() const;
+
/**
* Get an PKCS#8 decoder that can be used to decoded a stored key into
* this key.
* @result an PKCS#8 decoder for this key
*/
PKCS8_Decoder* pkcs8_decoder(RandomNumberGenerator&);
+
/**
* Get the private key value of this key object.
* @result the private key value of this key object
*/
- inline BigInt const get_value() const
- {
- return m_private_value;
- }
+ const BigInt& private_value() const;
+
/**
* Make sure that the public key parts of this object are set
* (calls EC_PublicKey::affirm_init()) as well as the private key
* value.
* @throw Invalid_State if the above conditions are not satisfied
*/
- virtual void affirm_init() const;
- virtual ~EC_PrivateKey()
- {}
+ virtual void affirm_init() const;
+
+ virtual ~EC_PrivateKey() {}
protected:
virtual void PKCS8_load_hook(bool = false);
void generate_private_key(RandomNumberGenerator&);
diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp
index b3a63c304..9fed9fe86 100644
--- a/src/pubkey/ecdsa/ecdsa.cpp
+++ b/src/pubkey/ecdsa/ecdsa.cpp
@@ -6,7 +6,6 @@
*************************************************/
#include <botan/ecdsa.h>
-#include <botan/ecdsa_sig.h>
#include <botan/numthry.h>
#include <botan/util.h>
#include <botan/der_enc.h>
@@ -113,13 +112,25 @@ bool ECDSA_PublicKey::verify(const byte message[],
u32bit sig_len) const
{
affirm_init();
- ECDSA_Signature sig;
- std::auto_ptr<ECDSA_Signature_Decoder> dec(sig.x509_decoder());
- SecureVector<byte> sv_sig;
- sv_sig.set ( signature, sig_len );
- dec->signature_bits ( sv_sig );
- SecureVector<byte> sv_plain_sig = sig.get_concatenation();
- return m_ecdsa_core.verify ( sv_plain_sig, sv_plain_sig.size(), message, mess_len );
+
+ BigInt r, s;
+
+ BER_Decoder(signature, sig_len)
+ .start_cons(SEQUENCE)
+ .decode(r)
+ .decode(s)
+ .end_cons()
+ .verify_end();
+
+ u32bit enc_len = std::max(r.bytes(), s.bytes());
+
+ SecureVector<byte> sv_plain_sig;
+
+ sv_plain_sig.append(BigInt::encode_1363(r, enc_len));
+ sv_plain_sig.append(BigInt::encode_1363(s, enc_len));
+
+ return m_ecdsa_core.verify(sv_plain_sig, sv_plain_sig.size(),
+ message, mess_len);
}
ECDSA_PublicKey::ECDSA_PublicKey(const EC_Domain_Params& dom_par,
@@ -201,11 +212,26 @@ SecureVector<byte> ECDSA_PrivateKey::sign(const byte message[],
RandomNumberGenerator& rng) const
{
affirm_init();
+
SecureVector<byte> sv_sig = m_ecdsa_core.sign(message, mess_len, rng);
- //code which der encodes the signature returned
- ECDSA_Signature sig = decode_concatenation( sv_sig );
- std::auto_ptr<ECDSA_Signature_Encoder> enc(sig.x509_encoder());
- return enc->signature_bits();
+
+ if(sv_sig.size() % 2 != 0)
+ throw Invalid_Argument("Erroneous length of signature");
+
+ u32bit rs_len = sv_sig.size() / 2;
+ SecureVector<byte> sv_r, sv_s;
+ sv_r.set(sv_sig.begin(), rs_len);
+ sv_s.set(&sv_sig[rs_len], rs_len);
+
+ BigInt r = BigInt::decode(sv_r, sv_r.size());
+ BigInt s = BigInt::decode(sv_s, sv_s.size());
+
+ return DER_Encoder()
+ .start_cons(SEQUENCE)
+ .encode(r)
+ .encode(s)
+ .end_cons()
+ .get_contents();
}
}
diff --git a/src/pubkey/ecdsa/ecdsa.h b/src/pubkey/ecdsa/ecdsa.h
index e0f0c766e..4e9634f05 100644
--- a/src/pubkey/ecdsa/ecdsa.h
+++ b/src/pubkey/ecdsa/ecdsa.h
@@ -25,10 +25,7 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey,
* Get this keys algorithm name.
* @result this keys algorithm name ("ECDSA")
*/
- std::string algo_name() const
- {
- return "ECDSA";
- }
+ std::string algo_name() const { return "ECDSA"; }
/**
* Get the maximum number of bits allowed to be fed to this key.
@@ -49,8 +46,8 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey,
const byte signature [], u32bit sig_len) const;
/**
- * Default constructor. Use this one if you want to later fill this object with data
- * from an encoded key.
+ * Default constructor. Use this one if you want to later fill
+ * this object with data from an encoded key.
*/
ECDSA_PublicKey() {}
@@ -62,9 +59,9 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey,
ECDSA_PublicKey(const EC_Domain_Params& dom_par,
const PointGFp& public_point); // sets core
- ECDSA_PublicKey const& operator= (ECDSA_PublicKey const& rhs);
+ ECDSA_PublicKey const& operator=(const ECDSA_PublicKey& rhs);
- ECDSA_PublicKey(ECDSA_PublicKey const& other);
+ ECDSA_PublicKey(const ECDSA_PublicKey& other);
/**
* Set the domain parameters of this key. This function has to be
@@ -76,17 +73,17 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey,
* or if this key already has domain parameters set
* and these are differing from those given as the parameter
*/
- void set_domain_parameters(EC_Domain_Params const& dom_pars);
+ void set_domain_parameters(const EC_Domain_Params& dom_pars);
/**
- * Make sure that the public point and domain parameters of this key are set.
+ * Ensure that the public point and domain parameters of this key are set.
* @throw Invalid_State if either of the two data members is not set
*/
virtual void affirm_init() const;
protected:
void X509_load_hook();
- virtual void set_all_values(ECDSA_PublicKey const& other);
+ virtual void set_all_values(const ECDSA_PublicKey& other);
ECDSA_Core m_ecdsa_core;
};
@@ -100,9 +97,10 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
{
public:
//ctors
+
/**
- * Default constructor. Use this one if you want to later fill this object with data
- * from an encoded key.
+ * Default constructor. Use this one if you want to later fill
+ * this object with data from an encoded key.
*/
ECDSA_PrivateKey() {}
@@ -113,8 +111,8 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
ECDSA_PrivateKey(RandomNumberGenerator& rng,
const EC_Domain_Params& domain);
- ECDSA_PrivateKey(ECDSA_PrivateKey const& other);
- ECDSA_PrivateKey const& operator= (ECDSA_PrivateKey const& rhs);
+ ECDSA_PrivateKey(const ECDSA_PrivateKey& other);
+ ECDSA_PrivateKey const& operator=(const ECDSA_PrivateKey& rhs);
/**
* Sign a message with this key.
@@ -122,7 +120,10 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
* @param mess_len the length of the message byte array
* @result the signature
*/
- SecureVector<byte> sign(const byte message[], u32bit mess_len, RandomNumberGenerator& rng) const;
+
+ SecureVector<byte> sign(const byte message[], u32bit mess_len,
+ RandomNumberGenerator& rng) const;
+
/**
* Make sure that the public key parts of this object are set
* (calls EC_PublicKey::affirm_init()) as well as the private key
@@ -130,8 +131,9 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
* @throw Invalid_State if the above conditions are not satisfied
*/
virtual void affirm_init() const;
+
protected:
- virtual void set_all_values ( ECDSA_PrivateKey const& other );
+ virtual void set_all_values(const ECDSA_PrivateKey& other);
private:
void PKCS8_load_hook(bool = false);
};
diff --git a/src/pubkey/ecdsa/info.txt b/src/pubkey/ecdsa/info.txt
index 6e692bd5f..48e88bda9 100644
--- a/src/pubkey/ecdsa/info.txt
+++ b/src/pubkey/ecdsa/info.txt
@@ -21,6 +21,4 @@ ecdsa_core.cpp
ecdsa_core.h
ecdsa_op.cpp
ecdsa_op.h
-ecdsa_sig.cpp
-ecdsa_sig.h
</add>
diff --git a/src/pubkey/eckaeg/eckaeg.cpp b/src/pubkey/eckaeg/eckaeg.cpp
index dcd30499a..424715ad8 100644
--- a/src/pubkey/eckaeg/eckaeg.cpp
+++ b/src/pubkey/eckaeg/eckaeg.cpp
@@ -129,7 +129,7 @@ SecureVector<byte> ECKAEG_PrivateKey::derive_key(const Public_Key& key) const
throw Invalid_Argument("ECKAEG_PrivateKey::derive_key(): argument must be an EC_PublicKey");
}
p_ec_pk->affirm_init();
- return m_eckaeg_core.agree ( p_ec_pk->get_public_point() );
+ return m_eckaeg_core.agree ( p_ec_pk->public_point() );
}
}