Move ECDSA_Signature into CVC module. It is not used by ECDSA directly now.

Change several ECC functions to return const references instead of const values.
author: lloyd <[email protected]> 2008-10-11 23:44:16 +0000
committer: lloyd <[email protected]> 2008-10-11 23:44:16 +0000
commit: 053dfa09e95039022e3c4249655cbe5fe12db9c5 (patch)
tree: 887f5570708fca65b2d16fa850d7f14e5387aa21 /src/cert
parent: 1c45e7840fd7ec7d3d6bbacbb615a4809a84a0a1 (diff)
5 files changed, 181 insertions, 21 deletions
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index 66b8350a0..8b49d3186 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -255,7 +255,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
 
    // for the case that the domain parameters are not set...
    // (we use those from the signer because they must fit)
-   subj_pk->set_domain_parameters(priv_key->get_domain_parameters());
+   subj_pk->set_domain_parameters(priv_key->domain_parameters());
 
    subj_pk->set_parameter_encoding(ENC_IMPLICITCA);
 
diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h
index 6d170ea60..3b692673d 100644
--- a/src/cert/cvc/eac_obj.h
+++ b/src/cert/cvc/eac_obj.h
@@ -26,8 +26,8 @@ const std::string eac_cvc_emsa("EMSA1_BSI");
 /*************************************************
 * TR03110 v1.1 EAC CV Certificate                *
 *************************************************/
-template<typename Derived>
-class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object // CRTP is used enable the call sequence:
+template<typename Derived> // CRTP is used enable the call sequence:
+class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object
    {
       // data members first:
    protected:
@@ -64,11 +64,15 @@ template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::get_concat_si
    {
    return m_sig.get_concatenation();
    }
-template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::make_signature(PK_Signer* signer,
-                                                                                  const MemoryRegion<byte>& tbs_bits,
-                                                                                  RandomNumberGenerator& rng)
+
+template<typename Derived> SecureVector<byte>
+EAC1_1_obj<Derived>::make_signature(PK_Signer* signer,
+                                    const MemoryRegion<byte>& tbs_bits,
+                                    RandomNumberGenerator& rng)
    {
-   SecureVector<byte> seq_sig = signer->sign_message(tbs_bits, rng); // this is the signature as a der sequence
+   // this is the signature as a der sequence
+   SecureVector<byte> seq_sig = signer->sign_message(tbs_bits, rng);
+
    ECDSA_Signature sig(decode_seq(seq_sig));
    SecureVector<byte> concat_sig(sig.get_concatenation());
    return concat_sig;
@@ -76,7 +80,6 @@ template<typename Derived> SecureVector<byte> EAC1_1_obj<Derived>::make_signatur
 
 template<typename Derived> void EAC1_1_obj<Derived>::init(SharedPtrConverter<DataSource> in)
    {
-
    try
       {
       Derived::decode_info(in.get_shared(), tbs_bits, m_sig);
@@ -87,7 +90,8 @@ template<typename Derived> void EAC1_1_obj<Derived>::init(SharedPtrConverter<Dat
       }
    }
 
-template<typename Derived> bool EAC1_1_obj<Derived>::check_signature(Public_Key& pub_key) const
+template<typename Derived>
+bool EAC1_1_obj<Derived>::check_signature(Public_Key& pub_key) const
    {
    try
       {
@@ -103,22 +107,16 @@ template<typename Derived> bool EAC1_1_obj<Derived>::check_signature(Public_Key&
       Signature_Format format =
          (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
 
-      std::auto_ptr<PK_Verifier> verifier;
-      if(dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key))
-         {
-         PK_Verifying_wo_MR_Key& sig_key =
-            dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key);
-         verifier.reset(get_pk_verifier(sig_key, padding, format));
-         }
-      else
-         {
+      if(!dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key))
          return false;
-         }
-      std::auto_ptr<ECDSA_Signature_Encoder> enc(m_sig.x509_encoder());
+
+      std::auto_ptr<ECDSA_Signature_Encoder> enc(new ECDSA_Signature_Encoder(&m_sig));
       SecureVector<byte> seq_sig = enc->signature_bits();
       SecureVector<byte> to_sign = tbs_data();
-      return verifier->verify_message(to_sign, seq_sig);
 
+      PK_Verifying_wo_MR_Key& sig_key = dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key);
+      std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(sig_key, padding, format));
+      return verifier->verify_message(to_sign, seq_sig);
       }
    catch(...)
       {
diff --git a/src/cert/cvc/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp
new file mode 100644
index 000000000..f0b407e56
--- /dev/null
+++ b/src/cert/cvc/ecdsa_sig.cpp
@@ -0,0 +1,74 @@
+
+#include <botan/ecdsa_sig.h>
+#include <memory>
+
+namespace Botan {
+
+ECDSA_Signature::ECDSA_Signature(const BigInt& r, const BigInt& s)
+   : m_r(r),
+     m_s(s)
+   {}
+
+ECDSA_Signature::ECDSA_Signature(const ECDSA_Signature& other)
+   : m_r(other.m_r), m_s(other.m_s)
+   {}
+
+ECDSA_Signature const& ECDSA_Signature::operator=(const ECDSA_Signature& other)
+   {
+   m_r = other.m_r;
+   m_s = other.m_s;
+   return *this;
+   }
+
+bool operator==(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
+   {
+   return (lhs.get_r() == rhs.get_r() && lhs.get_s() == rhs.get_s());
+   }
+
+ECDSA_Signature_Decoder* ECDSA_Signature::x509_decoder()
+   {
+   return new ECDSA_Signature_Decoder(this);
+   }
+
+ECDSA_Signature_Encoder* ECDSA_Signature::x509_encoder() const
+   {
+   return new ECDSA_Signature_Encoder(this);
+   }
+
+SecureVector<byte> const ECDSA_Signature::get_concatenation() const
+   {
+   u32bit enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes(); // use the larger
+
+   SecureVector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
+   SecureVector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
+
+   SecureVector<byte> result(sv_r);
+   result.append(sv_s);
+   return result;
+   }
+
+ECDSA_Signature const decode_seq(MemoryRegion<byte> const& seq)
+   {
+   ECDSA_Signature sig;
+
+   std::auto_ptr<ECDSA_Signature_Decoder> dec(new ECDSA_Signature_Decoder(&sig));
+   dec->signature_bits(seq);
+   return sig;
+   }
+
+ECDSA_Signature const decode_concatenation(MemoryRegion<byte> const& concat)
+   {
+   if(concat.size() % 2 != 0)
+      throw Invalid_Argument("Erroneous length of signature");
+
+   u32bit rs_len = concat.size()/2;
+   SecureVector<byte> sv_r;
+   SecureVector<byte> sv_s;
+   sv_r.set(concat.begin(), rs_len);
+   sv_s.set(&concat[rs_len], rs_len);
+   BigInt r = BigInt::decode(sv_r, sv_r.size());
+   BigInt s = BigInt::decode(sv_s, sv_s.size());
+   return ECDSA_Signature(r, s);
+   }
+
+}
diff --git a/src/cert/cvc/ecdsa_sig.h b/src/cert/cvc/ecdsa_sig.h
new file mode 100644
index 000000000..720acaedc
--- /dev/null
+++ b/src/cert/cvc/ecdsa_sig.h
@@ -0,0 +1,86 @@
+/*************************************************
+* ECDSA Header File                              *
+* (C) 2007 Falko Strenzke, FlexSecure GmbH       *
+* (C) 2008 Jack Lloyd                            *
+*************************************************/
+
+#ifndef BOTAN_ECDSA_SIGNATURE_H__
+#define BOTAN_ECDSA_SIGNATURE_H__
+
+#include <botan/bigint.h>
+#include <botan/der_enc.h>
+#include <botan/ber_dec.h>
+
+namespace Botan {
+
+class BOTAN_DLL ECDSA_Signature
+   {
+   public:
+      friend class ECDSA_Signature_Decoder;
+
+      ECDSA_Signature() {}
+      ECDSA_Signature(const BigInt& r, const BigInt& s);
+      ECDSA_Signature(ECDSA_Signature const& other);
+      ECDSA_Signature const& operator=(ECDSA_Signature const& other);
+
+      const BigInt& get_r() const { return m_r; }
+      const BigInt& get_s() const { return m_s; }
+
+      /**
+      * return the r||s
+      */
+      SecureVector<byte> const get_concatenation() const;
+   private:
+      BigInt m_r;
+      BigInt m_s;
+   };
+
+/* Equality of ECDSA_Signature */
+bool operator==(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs);
+inline bool operator!=(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
+   {
+   return !(lhs == rhs);
+   }
+
+class BOTAN_DLL ECDSA_Signature_Decoder
+   {
+   public:
+      void signature_bits(const MemoryRegion<byte>& bits)
+         {
+         BER_Decoder(bits)
+            .start_cons(SEQUENCE)
+            .decode(m_signature->m_r)
+            .decode(m_signature->m_s)
+            .verify_end()
+            .end_cons();
+         }
+      ECDSA_Signature_Decoder(ECDSA_Signature* signature) : m_signature(signature)
+         {}
+   private:
+      ECDSA_Signature* m_signature;
+   };
+
+class BOTAN_DLL ECDSA_Signature_Encoder
+   {
+   public:
+      MemoryVector<byte> signature_bits() const
+         {
+         return DER_Encoder()
+            .start_cons(SEQUENCE)
+            .encode(m_signature->get_r())
+            .encode(m_signature->get_s())
+            .end_cons()
+            .get_contents();
+         }
+      ECDSA_Signature_Encoder(const ECDSA_Signature* signature) : m_signature(signature)
+         {}
+   private:
+      const ECDSA_Signature* m_signature;
+   };
+
+ECDSA_Signature const decode_seq(MemoryRegion<byte> const& seq);
+ECDSA_Signature const decode_concatenation(MemoryRegion<byte> const& concatenation);
+
+}
+
+#endif
diff --git a/src/cert/cvc/info.txt b/src/cert/cvc/info.txt
index 9a7565424..229c431bc 100644
--- a/src/cert/cvc/info.txt
+++ b/src/cert/cvc/info.txt
@@ -12,6 +12,8 @@ ecdsa
 <add>
 asn1_eac_str.cpp
 asn1_eac_tm.cpp
+ecdsa_sig.cpp
+ecdsa_sig.h
 cvc_ado.cpp
 cvc_ado.h
 cvc_ca.cpp
author	lloyd <[email protected]>	2008-10-11 23:44:16 +0000
committer	lloyd <[email protected]>	2008-10-11 23:44:16 +0000
commit	053dfa09e95039022e3c4249655cbe5fe12db9c5 (patch)
tree	887f5570708fca65b2d16fa850d7f14e5387aa21 /src/cert
parent	1c45e7840fd7ec7d3d6bbacbb615a4809a84a0a1 (diff)