propagate from branch 'net.randombit.botan' (head fc86fc4842254088bf820ea6ebf05877aa63fb22)

            to branch 'net.randombit.botan.c++0x' (head 77565ff7252df7f8faad86d65075498b0adb93d8)

1 files changed, 62 insertions, 93 deletions

diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index e6d4aeae6..10968fa7e 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -2,7 +2,7 @@
 * ECC Key implemenation
 * (C) 2007 Manuel Hartl, FlexSecure GmbH
 *          Falko Strenzke, FlexSecure GmbH
-*     2008 Jack Lloyd
+*     2008-2010 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
@@ -17,48 +17,33 @@
 
 namespace Botan {
 
-/*
-* EC_PublicKey
-*/
-void EC_PublicKey::affirm_init() const // virtual
-   {
-   if((mp_dom_pars.get() == 0) || (mp_public_point.get() == 0))
-      throw Invalid_State("cannot use uninitialized EC_Key");
-   }
-
-const EC_Domain_Params& EC_PublicKey::domain_parameters() const
+EC_PublicKey::EC_PublicKey(const EC_Domain_Params& dom_par,
+                           const PointGFp& pub_point) :
+   domain_params(dom_par), public_key(pub_point),
+   domain_encoding(EC_DOMPAR_ENC_EXPLICIT)
    {
-   if(!mp_dom_pars.get())
-      throw Invalid_State("EC_PublicKey::domain_parameters(): "
-                          "ec domain parameters are not yet set");
-
-   return *mp_dom_pars;
-   }
-
-const PointGFp& EC_PublicKey::public_point() const
-   {
-   if(!mp_public_point.get())
-      throw Invalid_State("EC_PublicKey::public_point(): public point not set");
-
-   return *mp_public_point;
-   }
+   if(domain().get_curve() != public_point().get_curve())
+      throw Invalid_Argument("EC_PublicKey: curve mismatch in constructor");
 
-bool EC_PublicKey::domain_parameters_set()
-   {
-   return mp_dom_pars.get();
+   try
+      {
+      public_key.check_invariants();
+      }
+   catch(Illegal_Point)
+      {
+      throw Invalid_State("Public key failed invariant check");
+      }
    }
 
 void EC_PublicKey::X509_load_hook()
    {
    try
       {
-      // the base point is checked to be on curve already when decoding it
-      affirm_init();
-      mp_public_point->check_invariants();
+      public_point().check_invariants();
       }
    catch(Illegal_Point)
       {
-      throw Decoding_Error("decoded public point was found not to lie on curve");
+      throw Decoding_Error("Invalid public point; not on curve");
       }
    }
 
@@ -69,18 +54,13 @@ X509_Encoder* EC_PublicKey::x509_encoder() const
       public:
          AlgorithmIdentifier alg_id() const
             {
-            key->affirm_init();
-
-            SecureVector<byte> params =
-               encode_der_ec_dompar(key->domain_parameters(), key->m_param_enc);
-
-            return AlgorithmIdentifier(key->get_oid(), params);
+            return AlgorithmIdentifier(key->get_oid(),
+                                       key->domain().DER_encode(key->domain_format()));
             }
 
          MemoryVector<byte> key_bits() const
             {
-            key->affirm_init();
-            return EC2OSP(*(key->mp_public_point), PointGFp::COMPRESSED);
+            return EC2OSP(key->public_point(), PointGFp::COMPRESSED);
             }
 
          EC_Key_Encoder(const EC_PublicKey* k): key(k) {}
@@ -98,15 +78,13 @@ X509_Decoder* EC_PublicKey::x509_decoder()
       public:
          void alg_id(const AlgorithmIdentifier& alg_id)
             {
-            key->mp_dom_pars.reset(new EC_Domain_Params(decode_ber_ec_dompar(alg_id.parameters)));
+            key->domain_params = EC_Domain_Params(alg_id.parameters);
             }
 
          void key_bits(const MemoryRegion<byte>& bits)
             {
-            key->mp_public_point.reset(
-               new PointGFp(
-                  OS2ECP(bits, key->domain_parameters().get_curve())
-                  ));
+            key->public_key = PointGFp(
+               OS2ECP(bits, key->domain().get_curve()));
 
             key->X509_load_hook();
             }
@@ -119,55 +97,58 @@ X509_Decoder* EC_PublicKey::x509_decoder()
    return new EC_Key_Decoder(this);
    }
 
-void EC_PublicKey::set_parameter_encoding(EC_dompar_enc type)
+void EC_PublicKey::set_parameter_encoding(EC_Domain_Params_Encoding form)
    {
-   if((type != ENC_EXPLICIT) && (type != ENC_IMPLICITCA) && (type != ENC_OID))
-      throw Invalid_Argument("Invalid encoding type for EC-key object specified");
-
-   affirm_init();
+   if(form != EC_DOMPAR_ENC_EXPLICIT &&
+      form != EC_DOMPAR_ENC_IMPLICITCA &&
+      form != EC_DOMPAR_ENC_OID)
+      throw Invalid_Argument("Invalid encoding form for EC-key object specified");
 
-   if((type == ENC_OID) && (mp_dom_pars->get_oid() == ""))
-      throw Invalid_Argument("Invalid encoding type ENC_OID specified for "
+   if((form == EC_DOMPAR_ENC_OID) && (domain_params.get_oid() == ""))
+      throw Invalid_Argument("Invalid encoding form OID specified for "
                              "EC-key object whose corresponding domain "
                              "parameters are without oid");
 
-   m_param_enc = type;
+   domain_encoding = form;
    }
 
-/*
-* EC_PrivateKey
-*/
-void EC_PrivateKey::affirm_init() const // virtual
+const BigInt& EC_PrivateKey::private_value() const
    {
-   if(m_private_value == 0)
-      throw Invalid_State("cannot use EC_PrivateKey when private key is uninitialized");
+   if(private_key == 0)
+      throw Invalid_State("EC_PrivateKey::private_value - uninitialized");
 
-   EC_PublicKey::affirm_init();
+   return private_key;
    }
 
-const BigInt& EC_PrivateKey::private_value() const
+/**
+* EC_PrivateKey generator
+**/
+EC_PrivateKey::EC_PrivateKey(const EC_Domain_Params& dom_par,
+                             const BigInt& priv_key) :
+   EC_PublicKey(dom_par, dom_par.get_base_point() * private_key),
+   private_key(priv_key)
    {
-   if(m_private_value == 0)
-      throw Invalid_State("cannot use EC_PrivateKey when private key is uninitialized");
-
-   return m_private_value;
    }
 
 /**
 * EC_PrivateKey generator
 **/
-void EC_PrivateKey::generate_private_key(RandomNumberGenerator& rng)
+EC_PrivateKey::EC_PrivateKey(RandomNumberGenerator& rng,
+                             const EC_Domain_Params& dom_par)
    {
-   if(mp_dom_pars.get() == 0)
-      {
-      throw Invalid_State("cannot generate private key when domain parameters are not set");
-      }
+   domain_params = dom_par;
 
-   m_private_value = BigInt::random_integer(rng, 1, mp_dom_pars->get_order());
+   private_key = BigInt::random_integer(rng, 1, domain().get_order());
+   public_key = domain().get_base_point() * private_key;
 
-   mp_public_point = std::unique_ptr<PointGFp>( new PointGFp (mp_dom_pars->get_base_point()));
-
-   *mp_public_point *= m_private_value;
+   try
+      {
+      public_key.check_invariants();
+      }
+   catch(Illegal_Point& e)
+      {
+      throw Internal_Error("ECC private key generation failed");
+      }
    }
 
 /**
@@ -180,24 +161,17 @@ PKCS8_Encoder* EC_PrivateKey::pkcs8_encoder() const
       public:
          AlgorithmIdentifier alg_id() const
             {
-            key->affirm_init();
-
-            SecureVector<byte> params =
-               encode_der_ec_dompar(key->domain_parameters(), ENC_EXPLICIT);
-
-            return AlgorithmIdentifier(key->get_oid(), params);
+            return AlgorithmIdentifier(key->get_oid(),
+                                       key->domain().DER_encode(EC_DOMPAR_ENC_EXPLICIT));
             }
 
          MemoryVector<byte> key_bits() const
             {
-            key->affirm_init();
-            SecureVector<byte> octstr_secret =
-               BigInt::encode_1363(key->m_private_value, key->m_private_value.bytes());
-
             return DER_Encoder()
                .start_cons(SEQUENCE)
                .encode(BigInt(1))
-               .encode(octstr_secret, OCTET_STRING)
+               .encode(BigInt::encode_1363(key->private_key, key->private_key.bytes()),
+                       OCTET_STRING)
                .end_cons()
                .get_contents();
             }
@@ -220,7 +194,7 @@ PKCS8_Decoder* EC_PrivateKey::pkcs8_decoder(RandomNumberGenerator&)
       public:
          void alg_id(const AlgorithmIdentifier& alg_id)
             {
-            key->mp_dom_pars.reset(new EC_Domain_Params(decode_ber_ec_dompar(alg_id.parameters)));
+            key->domain_params = EC_Domain_Params(alg_id.parameters);
             }
 
          void key_bits(const MemoryRegion<byte>& bits)
@@ -235,7 +209,7 @@ PKCS8_Decoder* EC_PrivateKey::pkcs8_decoder(RandomNumberGenerator&)
                .verify_end()
                .end_cons();
 
-            key->m_private_value = BigInt::decode(octstr_secret, octstr_secret.size());
+            key->private_key = BigInt::decode(octstr_secret, octstr_secret.size());
 
             if(version != 1)
                throw Decoding_Error("Wrong PKCS #1 key format version for EC key");
@@ -253,12 +227,7 @@ PKCS8_Decoder* EC_PrivateKey::pkcs8_decoder(RandomNumberGenerator&)
 
 void EC_PrivateKey::PKCS8_load_hook(bool)
    {
-   // we cannot use affirm_init() here because mp_public_point might still be null
-   if(mp_dom_pars.get() == 0)
-      throw Invalid_State("attempt to set public point for an uninitialized key");
-
-   mp_public_point.reset(new PointGFp(m_private_value * mp_dom_pars->get_base_point()));
-   mp_public_point->check_invariants();
+   public_key = domain().get_base_point() * private_key;
    }
 
 }