Move lib into src

author: lloyd <[email protected]> 2014-01-10 03:41:59 +0000
committer: lloyd <[email protected]> 2014-01-10 03:41:59 +0000
commit: 6894dca64c04936d07048c0e8cbf7e25858548c3 (patch)
tree: 5d572bfde9fe667dab14e3f04b5285a85d8acd95 /src/lib/pubkey/ecdsa
parent: 9efa3be92442afb3d0b69890a36c7f122df18eda (diff)
3 files changed, 244 insertions, 0 deletions
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
new file mode 100644
index 000000000..6ff082649
--- /dev/null
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -0,0 +1,97 @@
+/*
+* ECDSA implemenation
+* (C) 2007 Manuel Hartl, FlexSecure GmbH
+*     2007 Falko Strenzke, FlexSecure GmbH
+*     2008-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/ecdsa.h>
+#include <botan/keypair.h>
+
+namespace Botan {
+
+bool ECDSA_PrivateKey::check_key(RandomNumberGenerator& rng,
+                                 bool strong) const
+   {
+   if(!public_point().on_the_curve())
+      return false;
+
+   if(!strong)
+      return true;
+
+   return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-1)");
+   }
+
+ECDSA_Signature_Operation::ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa) :
+   base_point(ecdsa.domain().get_base_point()),
+   order(ecdsa.domain().get_order()),
+   x(ecdsa.private_value()),
+   mod_order(order)
+   {
+   }
+
+secure_vector<byte>
+ECDSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
+                                RandomNumberGenerator& rng)
+   {
+   rng.add_entropy(msg, msg_len);
+
+   BigInt m(msg, msg_len);
+
+   BigInt r = 0, s = 0;
+
+   while(r == 0 || s == 0)
+      {
+      // This contortion is necessary for the tests
+      BigInt k;
+      k.randomize(rng, order.bits());
+
+      while(k >= order)
+         k.randomize(rng, order.bits() - 1);
+
+      PointGFp k_times_P = base_point * k;
+      r = mod_order.reduce(k_times_P.get_affine_x());
+      s = mod_order.multiply(inverse_mod(k, order), mul_add(x, r, m));
+      }
+
+   secure_vector<byte> output(2*order.bytes());
+   r.binary_encode(&output[output.size() / 2 - r.bytes()]);
+   s.binary_encode(&output[output.size() - s.bytes()]);
+   return output;
+   }
+
+ECDSA_Verification_Operation::ECDSA_Verification_Operation(const ECDSA_PublicKey& ecdsa) :
+   base_point(ecdsa.domain().get_base_point()),
+   public_point(ecdsa.public_point()),
+   order(ecdsa.domain().get_order())
+   {
+   }
+
+bool ECDSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
+                                          const byte sig[], size_t sig_len)
+   {
+   if(sig_len != order.bytes()*2)
+      return false;
+
+   BigInt e(msg, msg_len);
+
+   BigInt r(sig, sig_len / 2);
+   BigInt s(sig + sig_len / 2, sig_len / 2);
+
+   if(r <= 0 || r >= order || s <= 0 || s >= order)
+      return false;
+
+   BigInt w = inverse_mod(s, order);
+
+   PointGFp R = w * multi_exponentiate(base_point, e,
+                                       public_point, r);
+
+   if(R.is_zero())
+      return false;
+
+   return (R.get_affine_x() % order == r);
+   }
+
+}
diff --git a/src/lib/pubkey/ecdsa/ecdsa.h b/src/lib/pubkey/ecdsa/ecdsa.h
new file mode 100644
index 000000000..e37fa1562
--- /dev/null
+++ b/src/lib/pubkey/ecdsa/ecdsa.h
@@ -0,0 +1,138 @@
+/*
+* ECDSA
+* (C) 2007 Falko Strenzke, FlexSecure GmbH
+*          Manuel Hartl, FlexSecure GmbH
+* (C) 2008-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_ECDSA_KEY_H__
+#define BOTAN_ECDSA_KEY_H__
+
+#include <botan/ecc_key.h>
+#include <botan/reducer.h>
+#include <botan/pk_ops.h>
+
+namespace Botan {
+
+/**
+* This class represents ECDSA Public Keys.
+*/
+class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey
+   {
+   public:
+
+      /**
+      * Construct a public key from a given public point.
+      * @param dom_par the domain parameters associated with this key
+      * @param public_point the public point defining this key
+      */
+      ECDSA_PublicKey(const EC_Group& dom_par,
+                      const PointGFp& public_point) :
+         EC_PublicKey(dom_par, public_point) {}
+
+      ECDSA_PublicKey(const AlgorithmIdentifier& alg_id,
+                      const secure_vector<byte>& key_bits) :
+         EC_PublicKey(alg_id, key_bits) {}
+
+      /**
+      * Get this keys algorithm name.
+      * @result this keys algorithm name ("ECDSA")
+      */
+      std::string algo_name() const { return "ECDSA"; }
+
+      /**
+      * Get the maximum number of bits allowed to be fed to this key.
+      * This is the bitlength of the order of the base point.
+      * @result the maximum number of input bits
+      */
+      size_t max_input_bits() const { return domain().get_order().bits(); }
+
+      size_t message_parts() const { return 2; }
+
+      size_t message_part_size() const
+         { return domain().get_order().bytes(); }
+
+   protected:
+      ECDSA_PublicKey() {}
+   };
+
+/**
+* This class represents ECDSA Private Keys
+*/
+class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
+                                   public EC_PrivateKey
+   {
+   public:
+
+      /**
+      * Load a private key
+      * @param alg_id the X.509 algorithm identifier
+      * @param key_bits PKCS #8 structure
+      */
+      ECDSA_PrivateKey(const AlgorithmIdentifier& alg_id,
+                       const secure_vector<byte>& key_bits) :
+         EC_PrivateKey(alg_id, key_bits) {}
+
+      /**
+      * Generate a new private key
+      * @param rng a random number generator
+      * @param domain parameters to used for this key
+      * @param x the private key (if zero, generate a ney random key)
+      */
+      ECDSA_PrivateKey(RandomNumberGenerator& rng,
+                       const EC_Group& domain,
+                       const BigInt& x = 0) :
+         EC_PrivateKey(rng, domain, x) {}
+
+      bool check_key(RandomNumberGenerator& rng, bool) const;
+   };
+
+/**
+* ECDSA signature operation
+*/
+class BOTAN_DLL ECDSA_Signature_Operation : public PK_Ops::Signature
+   {
+   public:
+      ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa);
+
+      secure_vector<byte> sign(const byte msg[], size_t msg_len,
+                              RandomNumberGenerator& rng);
+
+      size_t message_parts() const { return 2; }
+      size_t message_part_size() const { return order.bytes(); }
+      size_t max_input_bits() const { return order.bits(); }
+
+   private:
+      const PointGFp& base_point;
+      const BigInt& order;
+      const BigInt& x;
+      Modular_Reducer mod_order;
+   };
+
+/**
+* ECDSA verification operation
+*/
+class BOTAN_DLL ECDSA_Verification_Operation : public PK_Ops::Verification
+   {
+   public:
+      ECDSA_Verification_Operation(const ECDSA_PublicKey& ecdsa);
+
+      size_t message_parts() const { return 2; }
+      size_t message_part_size() const { return order.bytes(); }
+      size_t max_input_bits() const { return order.bits(); }
+
+      bool with_recovery() const { return false; }
+
+      bool verify(const byte msg[], size_t msg_len,
+                  const byte sig[], size_t sig_len);
+   private:
+      const PointGFp& base_point;
+      const PointGFp& public_point;
+      const BigInt& order;
+   };
+
+}
+
+#endif
diff --git a/src/lib/pubkey/ecdsa/info.txt b/src/lib/pubkey/ecdsa/info.txt
new file mode 100644
index 000000000..fcf688402
--- /dev/null
+++ b/src/lib/pubkey/ecdsa/info.txt
@@ -0,0 +1,9 @@
+define ECDSA 20131128
+
+<requires>
+asn1
+ec_group
+ecc_key
+numbertheory
+rng
+</requires>
author	lloyd <[email protected]>	2014-01-10 03:41:59 +0000
committer	lloyd <[email protected]>	2014-01-10 03:41:59 +0000
commit	6894dca64c04936d07048c0e8cbf7e25858548c3 (patch)
tree	5d572bfde9fe667dab14e3f04b5285a85d8acd95 /src/lib/pubkey/ecdsa
parent	9efa3be92442afb3d0b69890a36c7f122df18eda (diff)