diff options
| author | lloyd <[email protected]> | 2010-03-05 06:47:02 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-05 06:47:02 +0000 |
| commit | 1b68d7e53c4bc5e6b2938194b0f7eda78a72ce43 (patch) | |
| tree | da1b0482d875a48fe95e133346aee4baabcbf7cb /src/pubkey/ecdsa/ecdsa.cpp | |
| parent | d4ef447dc8b3b4f40f2ab250b1c364e2f74ccfa4 (diff) | |
Remove the sign() operation from the public key objects, totally replaced
by using the ops.
Add real ECDSA test vectors (two found in ANSI X9.62)
Diffstat (limited to 'src/pubkey/ecdsa/ecdsa.cpp')
| -rw-r--r-- | src/pubkey/ecdsa/ecdsa.cpp | 41 |
1 files changed, 6 insertions, 35 deletions
diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp index 6ca3fb9b1..ba8c20571 100644 --- a/src/pubkey/ecdsa/ecdsa.cpp +++ b/src/pubkey/ecdsa/ecdsa.cpp @@ -9,6 +9,8 @@ #include <botan/ecdsa.h> +#include <iostream> + namespace Botan { bool ECDSA_PublicKey::verify(const byte msg[], u32bit msg_len, @@ -39,38 +41,6 @@ bool ECDSA_PublicKey::verify(const byte msg[], u32bit msg_len, return (R.get_affine_x() % n == r); } -SecureVector<byte> ECDSA_PrivateKey::sign(const byte msg[], - u32bit msg_len, - RandomNumberGenerator& rng) const - { - const BigInt& n = domain().get_order(); - - if(n == 0 || private_value() == 0) - throw Invalid_State("ECDSA_PrivateKey::sign: Not initialized"); - - BigInt k; - do - k.randomize(rng, n.bits()-1); - while(k >= n); - - BigInt e(msg, msg_len); - - PointGFp k_times_P = domain().get_base_point() * k; - BigInt r = k_times_P.get_affine_x() % n; - - if(r == 0) - throw Internal_Error("Default_ECDSA_Op::sign: r was zero"); - - BigInt k_inv = inverse_mod(k, n); - - BigInt s = (((r * private_value()) + e) * k_inv) % n; - - SecureVector<byte> output(2*n.bytes()); - r.binary_encode(output + (output.size() / 2 - r.bytes())); - s.binary_encode(output + (output.size() - s.bytes())); - return output; - } - ECDSA_Signature_Operation::ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa) : base_point(ecdsa.domain().get_base_point()), order(ecdsa.domain().get_order()), @@ -85,9 +55,10 @@ SecureVector<byte> ECDSA_Signature_Operation::sign(const byte msg[], rng.add_entropy(msg, msg_len); BigInt k; - do - k.randomize(rng, order.bits()-1); - while(k >= order); + k.randomize(rng, order.bits()); + + while(k >= order) + k.randomize(rng, order.bits() - 1); BigInt e(msg, msg_len); |