Split ecdsa module into ecc_key, ecdsa, eckaeg

Add actual implementations (from InSiTo) for ECDSA_Operation and
ECKAEG_Operation.

7 files changed, 471 insertions, 0 deletions

diff --git a/src/pubkey/eckaeg/eckaeg.cpp b/src/pubkey/eckaeg/eckaeg.cpp
new file mode 100644
index 000000000..dcd30499a
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg.cpp
@@ -0,0 +1,135 @@
+/*************************************************
+* ECKAEG implemenation                           *
+* (C) 2007 Manuel Hartl, FlexSecure GmbH         *
+*     2007 Falko Strenzke, FlexSecure GmbH       *
+*     2008 Jack Lloyd                            *
+*************************************************/
+
+#include <botan/eckaeg.h>
+#include <botan/numthry.h>
+#include <botan/util.h>
+#include <botan/der_enc.h>
+#include <botan/ber_dec.h>
+#include <botan/secmem.h>
+#include <botan/point_gfp.h>
+
+namespace Botan {
+
+/*********************************
+* ECKAEG_PublicKey               *
+*********************************/
+
+void ECKAEG_PublicKey::affirm_init() const // virtual
+   {
+   EC_PublicKey::affirm_init();
+   }
+
+void ECKAEG_PublicKey::set_all_values ( ECKAEG_PublicKey const& other )
+   {
+   m_param_enc = other.m_param_enc;
+   m_eckaeg_core = other.m_eckaeg_core;
+   m_enc_public_point = other.m_enc_public_point;
+   if ( other.mp_dom_pars.get() )
+      {
+      mp_dom_pars.reset ( new EC_Domain_Params ( * ( other.mp_dom_pars ) ) );
+      }
+   if ( other.mp_public_point.get() )
+      {
+      mp_public_point.reset ( new PointGFp ( * ( other.mp_public_point ) ) );
+      }
+   }
+ECKAEG_PublicKey::ECKAEG_PublicKey ( ECKAEG_PublicKey const& other )
+   : Public_Key(),
+     EC_PublicKey()
+   {
+   set_all_values ( other );
+   }
+ECKAEG_PublicKey const& ECKAEG_PublicKey::operator= ( ECKAEG_PublicKey const& rhs )
+   {
+   set_all_values ( rhs );
+   return *this;
+   }
+
+void ECKAEG_PublicKey::X509_load_hook()
+   {
+   EC_PublicKey::X509_load_hook();
+   EC_PublicKey::affirm_init();
+   m_eckaeg_core = ECKAEG_Core ( *mp_dom_pars, BigInt ( 0 ), *mp_public_point );
+   }
+ECKAEG_PublicKey::ECKAEG_PublicKey ( EC_Domain_Params const& dom_par, PointGFp const& public_point )
+   {
+
+   mp_dom_pars = std::auto_ptr<EC_Domain_Params> ( new EC_Domain_Params ( dom_par ) );
+   mp_public_point = std::auto_ptr<PointGFp> ( new PointGFp ( public_point ) );
+   if(mp_public_point->get_curve() != mp_dom_pars->get_curve())
+      {
+      throw Invalid_Argument("ECKAEG_PublicKey(): curve of arg. point and curve of arg. domain parameters are different");
+      }
+   EC_PublicKey::affirm_init();
+   m_eckaeg_core = ECKAEG_Core ( *mp_dom_pars, BigInt ( 0 ), *mp_public_point );
+   }
+
+
+/*********************************
+* ECKAEG_PrivateKey            *
+*********************************/
+void ECKAEG_PrivateKey::affirm_init() const // virtual
+   {
+   EC_PrivateKey::affirm_init();
+   }
+void ECKAEG_PrivateKey::PKCS8_load_hook ( bool generated )
+   {
+   EC_PrivateKey::PKCS8_load_hook ( generated );
+   EC_PrivateKey::affirm_init();
+   m_eckaeg_core = ECKAEG_Core ( *mp_dom_pars, m_private_value, *mp_public_point );
+   }
+void ECKAEG_PrivateKey::set_all_values ( ECKAEG_PrivateKey const& other )
+   {
+   m_private_value = other.m_private_value;
+   m_param_enc = other.m_param_enc;
+   m_eckaeg_core = other.m_eckaeg_core;
+   m_enc_public_point = other.m_enc_public_point;
+   if ( other.mp_dom_pars.get() )
+      {
+      mp_dom_pars.reset ( new EC_Domain_Params ( * ( other.mp_dom_pars ) ) );
+      }
+   if ( other.mp_public_point.get() )
+      {
+      mp_public_point.reset ( new PointGFp ( * ( other.mp_public_point ) ) );
+      }
+   }
+
+ECKAEG_PrivateKey::ECKAEG_PrivateKey(ECKAEG_PrivateKey const& other)
+   : Public_Key(),
+     EC_PublicKey(),
+     Private_Key(),
+     ECKAEG_PublicKey(),
+     EC_PrivateKey(),
+     PK_Key_Agreement_Key()
+
+   {
+   set_all_values(other);
+   }
+ECKAEG_PrivateKey const& ECKAEG_PrivateKey::operator= (ECKAEG_PrivateKey const& rhs)
+   {
+   set_all_values(rhs);
+   return *this;
+   }
+
+/**
+* Derive a key
+*/
+SecureVector<byte> ECKAEG_PrivateKey::derive_key(const Public_Key& key) const
+   {
+   affirm_init();
+
+   const EC_PublicKey * p_ec_pk = dynamic_cast<const EC_PublicKey*>(&key);
+   if(!p_ec_pk)
+      {
+      throw Invalid_Argument("ECKAEG_PrivateKey::derive_key(): argument must be an EC_PublicKey");
+      }
+   p_ec_pk->affirm_init();
+   return m_eckaeg_core.agree ( p_ec_pk->get_public_point() );
+   }
+
+}
diff --git a/src/pubkey/eckaeg/eckaeg.h b/src/pubkey/eckaeg/eckaeg.h
new file mode 100644
index 000000000..024f44eda
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg.h
@@ -0,0 +1,122 @@
+/*************************************************
+* ECKAEG Header File                             *
+* (C) 2007 Falko Strenzke, FlexSecure GmbH       *
+*          Manuel hartl, FlexSecure GmbH         *
+* (C) 2008 Jack Lloyd                            *
+*************************************************/
+
+#ifndef BOTAN_ECKAEG_KEY_H__
+#define BOTAN_ECKAEG_KEY_H__
+
+#include <botan/ecc_key.h>
+#include <botan/eckaeg_core.h>
+
+namespace Botan {
+
+/**
+* This class represents ECKAEG Public Keys.
+*/
+class ECKAEG_PublicKey : public virtual EC_PublicKey
+   {
+   public:
+      /**
+      * Default constructor. Use this one if you want to later fill this object with data
+      * from an encoded key.
+      */
+      ECKAEG_PublicKey()
+         {};
+      /**
+      * Construct a public key from a given public point.
+      * @param dom_par the domain parameters associated with this key
+      * @param public_point the public point defining this key
+      */
+      ECKAEG_PublicKey(EC_Domain_Params const& dom_par, Botan::PointGFp const& public_point);
+
+      /**
+      * Get this keys algorithm name.
+      * @result this keys algorithm name
+      */
+      std::string algo_name() const
+         {
+         return "ECKAEG";
+         }
+      /**
+      * Get the maximum number of bits allowed to be fed to this key.
+      * This is the bitlength of the order of the base point.
+      *
+      * @result the maximum number of input bits
+      */
+      u32bit max_input_bits() const
+         {
+         if (!mp_dom_pars.get())
+            {
+            throw Invalid_State("ECKAEG_PublicKey::max_input_bits(): domain parameters not set");
+            }
+         return mp_dom_pars->get_order().bits();
+         }
+      ECKAEG_PublicKey(ECKAEG_PublicKey const& other);
+      ECKAEG_PublicKey const& operator= (ECKAEG_PublicKey const& rhs);
+
+
+      /**
+      * Make sure that the public point and domain parameters of this key are set.
+      * @throw Invalid_State if either of the two data members is not set
+      */
+      virtual void affirm_init() const;
+   protected:
+      void X509_load_hook();
+      virtual void set_all_values ( ECKAEG_PublicKey const& other );
+
+      ECKAEG_Core m_eckaeg_core;
+   };
+
+/**
+* This class represents ECKAEG Private Keys.
+*/
+class ECKAEG_PrivateKey : public ECKAEG_PublicKey, public EC_PrivateKey, public PK_Key_Agreement_Key
+   {
+   public:
+      /**
+      * Generate a new private key
+      * @param the domain parameters to used for this key
+      */
+      ECKAEG_PrivateKey(RandomNumberGenerator& rng,
+                        EC_Domain_Params const& dom_pars)
+         {
+         mp_dom_pars = std::auto_ptr<EC_Domain_Params>(new EC_Domain_Params(dom_pars));
+         generate_private_key(rng);
+         mp_public_point->check_invariants();
+         m_eckaeg_core = ECKAEG_Core(*mp_dom_pars, m_private_value, *mp_public_point);
+         }
+      /**
+      * Default constructor. Use this one if you want to later fill this object with data
+      * from an encoded key.
+      */
+      ECKAEG_PrivateKey()
+         {}
+      ECKAEG_PrivateKey(ECKAEG_PrivateKey const& other);
+      ECKAEG_PrivateKey const& operator= (ECKAEG_PrivateKey const& rhs);
+
+      void PKCS8_load_hook(bool = false);
+
+      /**
+      * Derive a shared key with the other partys public key.
+      * @param pub_key the other partys public key
+      */
+      SecureVector<byte> derive_key(const Public_Key& pub_key) const;
+
+      /**
+      * Make sure that the public key parts of this object are set
+      * (calls EC_PublicKey::affirm_init()) as well as the private key
+      * value.
+      * @throw Invalid_State if the above conditions are not satisfied
+      */
+      virtual void affirm_init() const;
+
+   protected:
+      virtual void set_all_values ( ECKAEG_PrivateKey const& other );
+   };
+
+}
+
+#endif
diff --git a/src/pubkey/eckaeg/eckaeg_core.cpp b/src/pubkey/eckaeg/eckaeg_core.cpp
new file mode 100644
index 000000000..9d59af118
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg_core.cpp
@@ -0,0 +1,57 @@
+/*************************************************
+* ECKAEG Core Source File                        *
+* (C) 1999-2007 Jack Lloyd                       *
+* (C) 2007 FlexSecure GmbH                       *
+*************************************************/
+
+#include <botan/eckaeg_core.h>
+#include <botan/numthry.h>
+#include <botan/engine.h>
+#include <botan/parsing.h>
+#include <algorithm>
+
+namespace Botan {
+
+/*************************************************
+* ECKAEG_Core Constructor                        *
+*************************************************/
+ECKAEG_Core::ECKAEG_Core(const EC_Domain_Params& dom_pars,
+                         const BigInt& priv_key,
+                         const PointGFp& pub_key)
+   {
+   op = Engine_Core::eckaeg_op(dom_pars, priv_key, pub_key);
+   }
+
+/*************************************************
+* ECKAEG_Core Copy Constructor                   *
+*************************************************/
+ECKAEG_Core::ECKAEG_Core(const ECKAEG_Core& core)
+   {
+   op = 0;
+   if(core.op)
+      op = core.op->clone();
+   blinder = core.blinder;
+   }
+
+/*************************************************
+* ECKAEG_Core Assignment Operator                *
+*************************************************/
+ECKAEG_Core& ECKAEG_Core::operator=(const ECKAEG_Core& core)
+   {
+   delete op;
+   if(core.op)
+      op = core.op->clone();
+   blinder = core.blinder;
+   return (*this);
+   }
+
+/*************************************************
+* ECKAEG Operation                               *
+*************************************************/
+SecureVector<byte> ECKAEG_Core::agree(const PointGFp& otherKey) const
+   {
+   //assert(op.get());
+   return op->agree(otherKey);
+   }
+
+}
diff --git a/src/pubkey/eckaeg/eckaeg_core.h b/src/pubkey/eckaeg/eckaeg_core.h
new file mode 100644
index 000000000..e4494bc98
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg_core.h
@@ -0,0 +1,42 @@
+/*************************************************
+* ECKAEG Core Header File                        *
+* (C) 1999-2007 Jack Lloyd                       *
+* (C) 2007 FlexSecure GmbH                       *
+*************************************************/
+
+#ifndef BOTAN_ECKAEG_CORE_H__
+#define BOTAN_ECKAEG_CORE_H__
+
+#include <botan/eckaeg_op.h>
+#include <botan/blinding.h>
+#include <botan/ec_dompar.h>
+
+namespace Botan {
+
+/*************************************************
+* ECKAEG Core                                    *
+*************************************************/
+class ECKAEG_Core
+   {
+   public:
+      SecureVector<byte> agree(const PointGFp&) const;
+
+      ECKAEG_Core& operator=(const ECKAEG_Core&);
+
+      ECKAEG_Core() { op = 0; }
+
+      ECKAEG_Core(const ECKAEG_Core&);
+
+      ECKAEG_Core(const EC_Domain_Params& dom_pars,
+                  const BigInt& priv_key,
+                  PointGFp const& pub_key);
+
+      ~ECKAEG_Core() { delete op; }
+   private:
+      ECKAEG_Operation* op;
+      Blinder blinder;
+   };
+
+}
+
+#endif
diff --git a/src/pubkey/eckaeg/eckaeg_op.cpp b/src/pubkey/eckaeg/eckaeg_op.cpp
new file mode 100644
index 000000000..3e7fb45d2
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg_op.cpp
@@ -0,0 +1,44 @@
+/*************************************************
+* ECKAEG Operation                               *
+* (C) 2007 FlexSecure GmbH                       *
+*     2008 Jack Lloyd                            *
+*************************************************/
+
+#include <botan/eckaeg_op.h>
+#include <botan/eng_def.h>
+
+namespace Botan {
+
+Default_ECKAEG_Op::Default_ECKAEG_Op(const EC_Domain_Params& dom_pars,
+                                     const BigInt& priv_key,
+                                     const PointGFp& pub_key)
+   : m_dom_pars(dom_pars),
+     m_pub_key(pub_key),
+     m_priv_key(priv_key)
+   {
+   }
+
+SecureVector<byte> Default_ECKAEG_Op::agree(const PointGFp& i) const
+   {
+   BigInt cofactor(m_dom_pars.get_cofactor());
+   BigInt n = m_dom_pars.get_order();
+   BigInt l(inverse_mod(cofactor,n)); // l=h^-1 mod n
+   PointGFp Q(cofactor*i); // q = h*Pb
+   PointGFp S(Q);
+   BigInt group_order = m_dom_pars.get_cofactor() * n;
+   S.mult_this_secure((m_priv_key*l)%n, group_order, n-1);
+   S.check_invariants();
+   return FE2OSP(S.get_affine_x()); // fe2os(xs)
+   }
+
+/*************************************************
+* Acquire a ECKAEG op                            *
+*************************************************/
+ECKAEG_Operation* Default_Engine::eckaeg_op(const EC_Domain_Params& dom_pars,
+                                            const BigInt& priv_key,
+                                            const PointGFp& pub_key) const
+   {
+   return new Default_ECKAEG_Op(dom_pars, priv_key, pub_key);
+   }
+
+}
diff --git a/src/pubkey/eckaeg/eckaeg_op.h b/src/pubkey/eckaeg/eckaeg_op.h
new file mode 100644
index 000000000..be2ff50f8
--- /dev/null
+++ b/src/pubkey/eckaeg/eckaeg_op.h
@@ -0,0 +1,47 @@
+/*************************************************
+* ECKAEG Operations Header File                  *
+* (C) 1999-2008 Jack Lloyd                       *
+*     2007 FlexSecure GmbH                       *
+*************************************************/
+
+#ifndef BOTAN_ECKAEG_OPERATIONS_H__
+#define BOTAN_ECKAEG_OPERATIONS_H__
+
+#include <botan/ec_dompar.h>
+
+namespace Botan {
+
+/*************************************************
+* ECKAEG Operation                               *
+*************************************************/
+class BOTAN_DLL ECKAEG_Operation
+   {
+   public:
+      virtual SecureVector<byte> agree(const PointGFp&) const = 0;
+      virtual ECKAEG_Operation* clone() const = 0;
+      virtual ~ECKAEG_Operation() {}
+   };
+
+/*************************************************
+* Default ECKAEG operation                       *
+*************************************************/
+class Default_ECKAEG_Op : public ECKAEG_Operation
+   {
+   public:
+      SecureVector<byte> agree(const PointGFp& i) const;
+
+      ECKAEG_Operation* clone() const { return new Default_ECKAEG_Op(*this); }
+
+      Default_ECKAEG_Op(const EC_Domain_Params& dom_pars,
+                        const BigInt& priv_key,
+                        const PointGFp& pub_key);
+   private:
+      EC_Domain_Params m_dom_pars;
+      PointGFp m_pub_key;
+      BigInt m_priv_key;
+   };
+
+
+}
+
+#endif
diff --git a/src/pubkey/eckaeg/info.txt b/src/pubkey/eckaeg/info.txt
new file mode 100644
index 000000000..bac47f861
--- /dev/null
+++ b/src/pubkey/eckaeg/info.txt
@@ -0,0 +1,24 @@
+realname "ECKAEG"
+
+define ECKAEG
+
+load_on auto
+
+<requires>
+asn1
+bigint
+ec_dompar
+ecc_key
+numbertheory
+gfpmath
+pubkey
+</requires>
+
+<add>
+eckaeg.cpp
+eckaeg.h
+eckaeg_core.cpp
+eckaeg_core.h
+eckaeg_op.cpp
+eckaeg_op.h
+</add>