aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2008-09-28 18:38:20 +0000
committerlloyd <[email protected]>2008-09-28 18:38:20 +0000
commit3dc4f54e780ebb5d92921d48733278412d52e2b0 (patch)
tree0e5a76b4c2c48c4fd71571ed90848edb1b780a3f /src
parented39cde548c5cbff3896dc4c9ab5803d1334dd29 (diff)
Split def_ops into multiple files. Modularize DLIES
Diffstat (limited to 'src')
-rw-r--r--src/def_ops.cpp355
-rw-r--r--src/dh_op.cpp41
-rw-r--r--src/dlies.cpp129
-rw-r--r--src/dsa_op.cpp106
-rw-r--r--src/elg_op.cpp89
-rw-r--r--src/nr_op.cpp104
-rw-r--r--src/rsa_op.cpp83
7 files changed, 423 insertions, 484 deletions
diff --git a/src/def_ops.cpp b/src/def_ops.cpp
deleted file mode 100644
index 3edeed522..000000000
--- a/src/def_ops.cpp
+++ /dev/null
@@ -1,355 +0,0 @@
-/*************************************************
-* Default Engine PK Operations Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
-
-#include <botan/eng_def.h>
-#include <botan/pow_mod.h>
-#include <botan/numthry.h>
-#include <botan/reducer.h>
-
-namespace Botan {
-
-namespace {
-
-/*************************************************
-* Default IF Operation *
-*************************************************/
-class Default_IF_Op : public IF_Operation
- {
- public:
- BigInt public_op(const BigInt& i) const
- { return powermod_e_n(i); }
- BigInt private_op(const BigInt&) const;
-
- IF_Operation* clone() const { return new Default_IF_Op(*this); }
-
- Default_IF_Op(const BigInt&, const BigInt&, const BigInt&,
- const BigInt&, const BigInt&, const BigInt&,
- const BigInt&, const BigInt&);
- private:
- Fixed_Exponent_Power_Mod powermod_e_n, powermod_d1_p, powermod_d2_q;
- Modular_Reducer reducer;
- BigInt c, q;
- };
-
-/*************************************************
-* Default_IF_Op Constructor *
-*************************************************/
-Default_IF_Op::Default_IF_Op(const BigInt& e, const BigInt& n, const BigInt&,
- const BigInt& p, const BigInt& q,
- const BigInt& d1, const BigInt& d2,
- const BigInt& c)
- {
- powermod_e_n = Fixed_Exponent_Power_Mod(e, n);
-
- if(d1 != 0 && d2 != 0 && p != 0 && q != 0)
- {
- powermod_d1_p = Fixed_Exponent_Power_Mod(d1, p);
- powermod_d2_q = Fixed_Exponent_Power_Mod(d2, q);
- reducer = Modular_Reducer(p);
- this->c = c;
- this->q = q;
- }
- }
-
-/*************************************************
-* Default IF Private Operation *
-*************************************************/
-BigInt Default_IF_Op::private_op(const BigInt& i) const
- {
- if(q == 0)
- throw Internal_Error("Default_IF_Op::private_op: No private key");
-
- BigInt j1 = powermod_d1_p(i);
- BigInt j2 = powermod_d2_q(i);
- j1 = reducer.reduce(sub_mul(j1, j2, c));
- return mul_add(j1, q, j2);
- }
-
-/*************************************************
-* Default DSA Operation *
-*************************************************/
-class Default_DSA_Op : public DSA_Operation
- {
- public:
- bool verify(const byte[], u32bit, const byte[], u32bit) const;
- SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const;
-
- DSA_Operation* clone() const { return new Default_DSA_Op(*this); }
-
- Default_DSA_Op(const DL_Group&, const BigInt&, const BigInt&);
- private:
- const BigInt x, y;
- const DL_Group group;
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Modular_Reducer mod_p, mod_q;
- };
-
-/*************************************************
-* Default_DSA_Op Constructor *
-*************************************************/
-Default_DSA_Op::Default_DSA_Op(const DL_Group& grp, const BigInt& y1,
- const BigInt& x1) : x(x1), y(y1), group(grp)
- {
- powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p());
- powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p());
- mod_p = Modular_Reducer(group.get_p());
- mod_q = Modular_Reducer(group.get_q());
- }
-
-/*************************************************
-* Default DSA Verify Operation *
-*************************************************/
-bool Default_DSA_Op::verify(const byte msg[], u32bit msg_len,
- const byte sig[], u32bit sig_len) const
- {
- const BigInt& q = group.get_q();
-
- if(sig_len != 2*q.bytes() || msg_len > q.bytes())
- return false;
-
- BigInt r(sig, q.bytes());
- BigInt s(sig + q.bytes(), q.bytes());
- BigInt i(msg, msg_len);
-
- if(r <= 0 || r >= q || s <= 0 || s >= q)
- return false;
-
- s = inverse_mod(s, q);
- s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)),
- powermod_y_p(mod_q.multiply(s, r)));
-
- return (mod_q.reduce(s) == r);
- }
-
-/*************************************************
-* Default DSA Sign Operation *
-*************************************************/
-SecureVector<byte> Default_DSA_Op::sign(const byte in[], u32bit length,
- const BigInt& k) const
- {
- if(x == 0)
- throw Internal_Error("Default_DSA_Op::sign: No private key");
-
- const BigInt& q = group.get_q();
- BigInt i(in, length);
-
- BigInt r = mod_q.reduce(powermod_g_p(k));
- BigInt s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i));
-
- if(r.is_zero() || s.is_zero())
- throw Internal_Error("Default_DSA_Op::sign: r or s was zero");
-
- SecureVector<byte> output(2*q.bytes());
- r.binary_encode(output + (output.size() / 2 - r.bytes()));
- s.binary_encode(output + (output.size() - s.bytes()));
- return output;
- }
-
-/*************************************************
-* Default NR Operation *
-*************************************************/
-class Default_NR_Op : public NR_Operation
- {
- public:
- SecureVector<byte> verify(const byte[], u32bit) const;
- SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const;
-
- NR_Operation* clone() const { return new Default_NR_Op(*this); }
-
- Default_NR_Op(const DL_Group&, const BigInt&, const BigInt&);
- private:
- const BigInt x, y;
- const DL_Group group;
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Modular_Reducer mod_p, mod_q;
- };
-
-/*************************************************
-* Default_NR_Op Constructor *
-*************************************************/
-Default_NR_Op::Default_NR_Op(const DL_Group& grp, const BigInt& y1,
- const BigInt& x1) : x(x1), y(y1), group(grp)
- {
- powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p());
- powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p());
- mod_p = Modular_Reducer(group.get_p());
- mod_q = Modular_Reducer(group.get_q());
- }
-
-/*************************************************
-* Default NR Verify Operation *
-*************************************************/
-SecureVector<byte> Default_NR_Op::verify(const byte in[], u32bit length) const
- {
- const BigInt& q = group.get_q();
-
- if(length != 2*q.bytes())
- return false;
-
- BigInt c(in, q.bytes());
- BigInt d(in + q.bytes(), q.bytes());
-
- if(c.is_zero() || c >= q || d >= q)
- throw Invalid_Argument("Default_NR_Op::verify: Invalid signature");
-
- BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c));
- return BigInt::encode(mod_q.reduce(c - i));
- }
-
-/*************************************************
-* Default NR Sign Operation *
-*************************************************/
-SecureVector<byte> Default_NR_Op::sign(const byte in[], u32bit length,
- const BigInt& k) const
- {
- if(x == 0)
- throw Internal_Error("Default_NR_Op::sign: No private key");
-
- const BigInt& q = group.get_q();
-
- BigInt f(in, length);
-
- if(f >= q)
- throw Invalid_Argument("Default_NR_Op::sign: Input is out of range");
-
- BigInt c = mod_q.reduce(powermod_g_p(k) + f);
- if(c.is_zero())
- throw Internal_Error("Default_NR_Op::sign: c was zero");
- BigInt d = mod_q.reduce(k - x * c);
-
- SecureVector<byte> output(2*q.bytes());
- c.binary_encode(output + (output.size() / 2 - c.bytes()));
- d.binary_encode(output + (output.size() - d.bytes()));
- return output;
- }
-
-/*************************************************
-* Default ElGamal Operation *
-*************************************************/
-class Default_ELG_Op : public ELG_Operation
- {
- public:
- SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const;
- BigInt decrypt(const BigInt&, const BigInt&) const;
-
- ELG_Operation* clone() const { return new Default_ELG_Op(*this); }
-
- Default_ELG_Op(const DL_Group&, const BigInt&, const BigInt&);
- private:
- const BigInt p;
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Fixed_Exponent_Power_Mod powermod_x_p;
- Modular_Reducer mod_p;
- };
-
-/*************************************************
-* Default_ELG_Op Constructor *
-*************************************************/
-Default_ELG_Op::Default_ELG_Op(const DL_Group& group, const BigInt& y,
- const BigInt& x) : p(group.get_p())
- {
- powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), p);
- powermod_y_p = Fixed_Base_Power_Mod(y, p);
- mod_p = Modular_Reducer(p);
-
- if(x != 0)
- powermod_x_p = Fixed_Exponent_Power_Mod(x, p);
- }
-
-/*************************************************
-* Default ElGamal Encrypt Operation *
-*************************************************/
-SecureVector<byte> Default_ELG_Op::encrypt(const byte in[], u32bit length,
- const BigInt& k) const
- {
- BigInt m(in, length);
- if(m >= p)
- throw Invalid_Argument("Default_ELG_Op::encrypt: Input is too large");
-
- BigInt a = powermod_g_p(k);
- BigInt b = mod_p.multiply(m, powermod_y_p(k));
-
- SecureVector<byte> output(2*p.bytes());
- a.binary_encode(output + (p.bytes() - a.bytes()));
- b.binary_encode(output + output.size() / 2 + (p.bytes() - b.bytes()));
- return output;
- }
-
-/*************************************************
-* Default ElGamal Decrypt Operation *
-*************************************************/
-BigInt Default_ELG_Op::decrypt(const BigInt& a, const BigInt& b) const
- {
- if(a >= p || b >= p)
- throw Invalid_Argument("Default_ELG_Op: Invalid message");
-
- return mod_p.multiply(b, inverse_mod(powermod_x_p(a), p));
- }
-
-/*************************************************
-* Default DH Operation *
-*************************************************/
-class Default_DH_Op : public DH_Operation
- {
- public:
- BigInt agree(const BigInt& i) const { return powermod_x_p(i); }
- DH_Operation* clone() const { return new Default_DH_Op(*this); }
-
- Default_DH_Op(const DL_Group& group, const BigInt& x) :
- powermod_x_p(x, group.get_p()) {}
- private:
- const Fixed_Exponent_Power_Mod powermod_x_p;
- };
-
-}
-
-/*************************************************
-* Acquire an IF op *
-*************************************************/
-IF_Operation* Default_Engine::if_op(const BigInt& e, const BigInt& n,
- const BigInt& d, const BigInt& p,
- const BigInt& q, const BigInt& d1,
- const BigInt& d2, const BigInt& c) const
- {
- return new Default_IF_Op(e, n, d, p, q, d1, d2, c);
- }
-
-/*************************************************
-* Acquire a DSA op *
-*************************************************/
-DSA_Operation* Default_Engine::dsa_op(const DL_Group& group, const BigInt& y,
- const BigInt& x) const
- {
- return new Default_DSA_Op(group, y, x);
- }
-
-/*************************************************
-* Acquire a NR op *
-*************************************************/
-NR_Operation* Default_Engine::nr_op(const DL_Group& group, const BigInt& y,
- const BigInt& x) const
- {
- return new Default_NR_Op(group, y, x);
- }
-
-/*************************************************
-* Acquire an ElGamal op *
-*************************************************/
-ELG_Operation* Default_Engine::elg_op(const DL_Group& group, const BigInt& y,
- const BigInt& x) const
- {
- return new Default_ELG_Op(group, y, x);
- }
-
-/*************************************************
-* Acquire a DH op *
-*************************************************/
-DH_Operation* Default_Engine::dh_op(const DL_Group& group,
- const BigInt& x) const
- {
- return new Default_DH_Op(group, x);
- }
-
-}
diff --git a/src/dh_op.cpp b/src/dh_op.cpp
new file mode 100644
index 000000000..0bcfd4ef8
--- /dev/null
+++ b/src/dh_op.cpp
@@ -0,0 +1,41 @@
+/*************************************************
+* DH Operations Source File *
+* (C) 1999-2007 Jack Lloyd *
+*************************************************/
+
+#include <botan/eng_def.h>
+#include <botan/pow_mod.h>
+#include <botan/numthry.h>
+#include <botan/reducer.h>
+
+namespace Botan {
+
+namespace {
+
+/*************************************************
+* Default DH Operation *
+*************************************************/
+class Default_DH_Op : public DH_Operation
+ {
+ public:
+ BigInt agree(const BigInt& i) const { return powermod_x_p(i); }
+ DH_Operation* clone() const { return new Default_DH_Op(*this); }
+
+ Default_DH_Op(const DL_Group& group, const BigInt& x) :
+ powermod_x_p(x, group.get_p()) {}
+ private:
+ const Fixed_Exponent_Power_Mod powermod_x_p;
+ };
+
+}
+
+/*************************************************
+* Acquire a DH op *
+*************************************************/
+DH_Operation* Default_Engine::dh_op(const DL_Group& group,
+ const BigInt& x) const
+ {
+ return new Default_DH_Op(group, x);
+ }
+
+}
diff --git a/src/dlies.cpp b/src/dlies.cpp
deleted file mode 100644
index 2a2f33925..000000000
--- a/src/dlies.cpp
+++ /dev/null
@@ -1,129 +0,0 @@
-/*************************************************
-* DLIES Source File *
-* (C) 1999-2007 Jack Lloyd *
-*************************************************/
-
-#include <botan/dlies.h>
-#include <botan/lookup.h>
-#include <botan/look_pk.h>
-#include <botan/xor_buf.h>
-#include <memory>
-
-namespace Botan {
-
-/*************************************************
-* DLIES_Encryptor Constructor *
-*************************************************/
-DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& k,
- const std::string& kdf,
- const std::string& mac, u32bit mk_len) :
- key(k), kdf_algo(kdf), mac_algo(mac), MAC_KEYLEN(mk_len)
- {
- }
-
-/*************************************************
-* DLIES Encryption *
-*************************************************/
-SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length,
- RandomNumberGenerator&) const
- {
- if(length > maximum_input_size())
- throw Invalid_Argument("DLIES: Plaintext too large");
- if(other_key.is_empty())
- throw Invalid_State("DLIES: The other key was never set");
-
- std::auto_ptr<KDF> kdf(get_kdf(kdf_algo));
- std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo));
-
- MemoryVector<byte> v = key.public_value();
-
- SecureVector<byte> out(v.size() + length + mac->OUTPUT_LENGTH);
- out.copy(v, v.size());
- out.copy(v.size(), in, length);
-
- SecureVector<byte> vz(v, key.derive_key(other_key, other_key.size()));
-
- const u32bit K_LENGTH = length + MAC_KEYLEN;
- OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
- if(K.length() != K_LENGTH)
- throw Encoding_Error("DLIES: KDF did not provide sufficient output");
- byte* C = out + v.size();
-
- xor_buf(C, K.begin() + MAC_KEYLEN, length);
- mac->set_key(K.begin(), MAC_KEYLEN);
-
- mac->update(C, length);
- for(u32bit j = 0; j != 8; ++j)
- mac->update(0);
-
- mac->final(C + length);
-
- return out;
- }
-
-/*************************************************
-* Set the other parties public key *
-*************************************************/
-void DLIES_Encryptor::set_other_key(const MemoryRegion<byte>& ok)
- {
- other_key = ok;
- }
-
-/*************************************************
-* Return the max size, in bytes, of a message *
-*************************************************/
-u32bit DLIES_Encryptor::maximum_input_size() const
- {
- return 32;
- }
-
-/*************************************************
-* DLIES_Decryptor Constructor *
-*************************************************/
-DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& k,
- const std::string& kdf,
- const std::string& mac, u32bit mk_len) :
- key(k), kdf_algo(kdf), mac_algo(mac),
- MAC_KEYLEN(mk_len), PUBLIC_LEN(key.public_value().size())
- {
- }
-
-/*************************************************
-* DLIES Decryption *
-*************************************************/
-SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const
- {
- std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo));
-
- if(length < PUBLIC_LEN + mac->OUTPUT_LENGTH)
- throw Decoding_Error("DLIES decryption: ciphertext is too short");
-
- std::auto_ptr<KDF> kdf(get_kdf(kdf_algo));
-
- const u32bit CIPHER_LEN = length - PUBLIC_LEN - mac->OUTPUT_LENGTH;
-
- SecureVector<byte> v(msg, PUBLIC_LEN);
- SecureVector<byte> C(msg + PUBLIC_LEN, CIPHER_LEN);
- SecureVector<byte> T(msg + PUBLIC_LEN + CIPHER_LEN, mac->OUTPUT_LENGTH);
-
- SecureVector<byte> vz(v, key.derive_key(v, v.size()));
-
- const u32bit K_LENGTH = C.size() + MAC_KEYLEN;
- OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
- if(K.length() != K_LENGTH)
- throw Encoding_Error("DLIES: KDF did not provide sufficient output");
-
- mac->set_key(K.begin(), MAC_KEYLEN);
- mac->update(C);
- for(u32bit j = 0; j != 8; ++j)
- mac->update(0);
- SecureVector<byte> T2 = mac->final();
- if(T != T2)
- throw Integrity_Failure("DLIES: message authentication failed");
-
- xor_buf(C, K.begin() + MAC_KEYLEN, C.size());
-
- return C;
- }
-
-}
diff --git a/src/dsa_op.cpp b/src/dsa_op.cpp
new file mode 100644
index 000000000..ee94cb256
--- /dev/null
+++ b/src/dsa_op.cpp
@@ -0,0 +1,106 @@
+/*************************************************
+* DSA Operations Source File *
+* (C) 1999-2007 Jack Lloyd *
+*************************************************/
+
+#include <botan/eng_def.h>
+#include <botan/pow_mod.h>
+#include <botan/numthry.h>
+#include <botan/reducer.h>
+
+namespace Botan {
+
+namespace {
+
+/*************************************************
+* Default DSA Operation *
+*************************************************/
+class Default_DSA_Op : public DSA_Operation
+ {
+ public:
+ bool verify(const byte[], u32bit, const byte[], u32bit) const;
+ SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const;
+
+ DSA_Operation* clone() const { return new Default_DSA_Op(*this); }
+
+ Default_DSA_Op(const DL_Group&, const BigInt&, const BigInt&);
+ private:
+ const BigInt x, y;
+ const DL_Group group;
+ Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
+ Modular_Reducer mod_p, mod_q;
+ };
+
+/*************************************************
+* Default_DSA_Op Constructor *
+*************************************************/
+Default_DSA_Op::Default_DSA_Op(const DL_Group& grp, const BigInt& y1,
+ const BigInt& x1) : x(x1), y(y1), group(grp)
+ {
+ powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p());
+ powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p());
+ mod_p = Modular_Reducer(group.get_p());
+ mod_q = Modular_Reducer(group.get_q());
+ }
+
+/*************************************************
+* Default DSA Verify Operation *
+*************************************************/
+bool Default_DSA_Op::verify(const byte msg[], u32bit msg_len,
+ const byte sig[], u32bit sig_len) const
+ {
+ const BigInt& q = group.get_q();
+
+ if(sig_len != 2*q.bytes() || msg_len > q.bytes())
+ return false;
+
+ BigInt r(sig, q.bytes());
+ BigInt s(sig + q.bytes(), q.bytes());
+ BigInt i(msg, msg_len);
+
+ if(r <= 0 || r >= q || s <= 0 || s >= q)
+ return false;
+
+ s = inverse_mod(s, q);
+ s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)),
+ powermod_y_p(mod_q.multiply(s, r)));
+
+ return (mod_q.reduce(s) == r);
+ }
+
+/*************************************************
+* Default DSA Sign Operation *
+*************************************************/
+SecureVector<byte> Default_DSA_Op::sign(const byte in[], u32bit length,
+ const BigInt& k) const
+ {
+ if(x == 0)
+ throw Internal_Error("Default_DSA_Op::sign: No private key");
+
+ const BigInt& q = group.get_q();
+ BigInt i(in, length);
+
+ BigInt r = mod_q.reduce(powermod_g_p(k));
+ BigInt s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i));
+
+ if(r.is_zero() || s.is_zero())
+ throw Internal_Error("Default_DSA_Op::sign: r or s was zero");
+
+ SecureVector<byte> output(2*q.bytes());
+ r.binary_encode(output + (output.size() / 2 - r.bytes()));
+ s.binary_encode(output + (output.size() - s.bytes()));
+ return output;
+ }
+
+}
+
+/*************************************************
+* Acquire a DSA op *
+*************************************************/
+DSA_Operation* Default_Engine::dsa_op(const DL_Group& group, const BigInt& y,
+ const BigInt& x) const
+ {
+ return new Default_DSA_Op(group, y, x);
+ }
+
+}
diff --git a/src/elg_op.cpp b/src/elg_op.cpp
new file mode 100644
index 000000000..0d852d145
--- /dev/null
+++ b/src/elg_op.cpp
@@ -0,0 +1,89 @@
+/*************************************************
+* ElGamal Operations Source File *
+* (C) 1999-2007 Jack Lloyd *
+*************************************************/
+
+#include <botan/eng_def.h>
+#include <botan/pow_mod.h>
+#include <botan/numthry.h>
+#include <botan/reducer.h>
+
+namespace Botan {
+
+namespace {
+
+/*************************************************
+* Default ElGamal Operation *
+*************************************************/
+class Default_ELG_Op : public ELG_Operation
+ {
+ public:
+ SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const;
+ BigInt decrypt(const BigInt&, const BigInt&) const;
+
+ ELG_Operation* clone() const { return new Default_ELG_Op(*this); }
+
+ Default_ELG_Op(const DL_Group&, const BigInt&, const BigInt&);
+ private:
+ const BigInt p;
+ Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
+ Fixed_Exponent_Power_Mod powermod_x_p;
+ Modular_Reducer mod_p;
+ };
+
+/*************************************************
+* Default_ELG_Op Constructor *
+*************************************************/
+Default_ELG_Op::Default_ELG_Op(const DL_Group& group, const BigInt& y,
+ const BigInt& x) : p(group.get_p())
+ {
+ powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), p);
+ powermod_y_p = Fixed_Base_Power_Mod(y, p);
+ mod_p = Modular_Reducer(p);
+
+ if(x != 0)
+ powermod_x_p = Fixed_Exponent_Power_Mod(x, p);
+ }
+
+/*************************************************
+* Default ElGamal Encrypt Operation *
+*************************************************/
+SecureVector<byte> Default_ELG_Op::encrypt(const byte in[], u32bit length,
+ const BigInt& k) const
+ {
+ BigInt m(in, length);
+ if(m >= p)
+ throw Invalid_Argument("Default_ELG_Op::encrypt: Input is too large");
+
+ BigInt a = powermod_g_p(k);
+ BigInt b = mod_p.multiply(m, powermod_y_p(k));
+
+ SecureVector<byte> output(2*p.bytes());
+ a.binary_encode(output + (p.bytes() - a.bytes()));
+ b.binary_encode(output + output.size() / 2 + (p.bytes() - b.bytes()));
+ return output;
+ }
+
+/*************************************************
+* Default ElGamal Decrypt Operation *
+*************************************************/
+BigInt Default_ELG_Op::decrypt(const BigInt& a, const BigInt& b) const
+ {
+ if(a >= p || b >= p)
+ throw Invalid_Argument("Default_ELG_Op: Invalid message");
+
+ return mod_p.multiply(b, inverse_mod(powermod_x_p(a), p));
+ }
+
+}
+
+/*************************************************
+* Acquire an ElGamal op *
+*************************************************/
+ELG_Operation* Default_Engine::elg_op(const DL_Group& group, const BigInt& y,
+ const BigInt& x) const
+ {
+ return new Default_ELG_Op(group, y, x);
+ }
+
+}
diff --git a/src/nr_op.cpp b/src/nr_op.cpp
new file mode 100644
index 000000000..01e96a822
--- /dev/null
+++ b/src/nr_op.cpp
@@ -0,0 +1,104 @@
+/*************************************************
+* NR Operations Source File *
+* (C) 1999-2007 Jack Lloyd *
+*************************************************/
+
+#include <botan/eng_def.h>
+#include <botan/pow_mod.h>
+#include <botan/numthry.h>
+#include <botan/reducer.h>
+
+namespace Botan {
+
+namespace {
+
+/*************************************************
+* Default NR Operation *
+*************************************************/
+class Default_NR_Op : public NR_Operation
+ {
+ public:
+ SecureVector<byte> verify(const byte[], u32bit) const;
+ SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const;
+
+ NR_Operation* clone() const { return new Default_NR_Op(*this); }
+
+ Default_NR_Op(const DL_Group&, const BigInt&, const BigInt&);
+ private:
+ const BigInt x, y;
+ const DL_Group group;
+ Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
+ Modular_Reducer mod_p, mod_q;
+ };
+
+/*************************************************
+* Default_NR_Op Constructor *
+*************************************************/
+Default_NR_Op::Default_NR_Op(const DL_Group& grp, const BigInt& y1,
+ const BigInt& x1) : x(x1), y(y1), group(grp)
+ {
+ powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p());
+ powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p());
+ mod_p = Modular_Reducer(group.get_p());
+ mod_q = Modular_Reducer(group.get_q());
+ }
+
+/*************************************************
+* Default NR Verify Operation *
+*************************************************/
+SecureVector<byte> Default_NR_Op::verify(const byte in[], u32bit length) const
+ {
+ const BigInt& q = group.get_q();
+
+ if(length != 2*q.bytes())
+ return false;
+
+ BigInt c(in, q.bytes());
+ BigInt d(in + q.bytes(), q.bytes());
+
+ if(c.is_zero() || c >= q || d >= q)
+ throw Invalid_Argument("Default_NR_Op::verify: Invalid signature");
+
+ BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c));
+ return BigInt::encode(mod_q.reduce(c - i));
+ }
+
+/*************************************************
+* Default NR Sign Operation *
+*************************************************/
+SecureVector<byte> Default_NR_Op::sign(const byte in[], u32bit length,
+ const BigInt& k) const
+ {
+ if(x == 0)
+ throw Internal_Error("Default_NR_Op::sign: No private key");
+
+ const BigInt& q = group.get_q();
+
+ BigInt f(in, length);
+
+ if(f >= q)
+ throw Invalid_Argument("Default_NR_Op::sign: Input is out of range");
+
+ BigInt c = mod_q.reduce(powermod_g_p(k) + f);
+ if(c.is_zero())
+ throw Internal_Error("Default_NR_Op::sign: c was zero");
+ BigInt d = mod_q.reduce(k - x * c);
+
+ SecureVector<byte> output(2*q.bytes());
+ c.binary_encode(output + (output.size() / 2 - c.bytes()));
+ d.binary_encode(output + (output.size() - d.bytes()));
+ return output;
+ }
+
+}
+
+/*************************************************
+* Acquire a NR op *
+*************************************************/
+NR_Operation* Default_Engine::nr_op(const DL_Group& group, const BigInt& y,
+ const BigInt& x) const
+ {
+ return new Default_NR_Op(group, y, x);
+ }
+
+}
diff --git a/src/rsa_op.cpp b/src/rsa_op.cpp
new file mode 100644
index 000000000..0b151bf3b
--- /dev/null
+++ b/src/rsa_op.cpp
@@ -0,0 +1,83 @@
+/*************************************************
+* IF (RSA/RW) Operation Source File *
+* (C) 1999-2007 Jack Lloyd *
+*************************************************/
+
+#include <botan/eng_def.h>
+#include <botan/pow_mod.h>
+#include <botan/numthry.h>
+#include <botan/reducer.h>
+
+namespace Botan {
+
+namespace {
+
+/*************************************************
+* Default IF Operation *
+*************************************************/
+class Default_IF_Op : public IF_Operation
+ {
+ public:
+ BigInt public_op(const BigInt& i) const
+ { return powermod_e_n(i); }
+ BigInt private_op(const BigInt&) const;
+
+ IF_Operation* clone() const { return new Default_IF_Op(*this); }
+
+ Default_IF_Op(const BigInt&, const BigInt&, const BigInt&,
+ const BigInt&, const BigInt&, const BigInt&,
+ const BigInt&, const BigInt&);
+ private:
+ Fixed_Exponent_Power_Mod powermod_e_n, powermod_d1_p, powermod_d2_q;
+ Modular_Reducer reducer;
+ BigInt c, q;
+ };
+
+/*************************************************
+* Default_IF_Op Constructor *
+*************************************************/
+Default_IF_Op::Default_IF_Op(const BigInt& e, const BigInt& n, const BigInt&,
+ const BigInt& p, const BigInt& q,
+ const BigInt& d1, const BigInt& d2,
+ const BigInt& c)
+ {
+ powermod_e_n = Fixed_Exponent_Power_Mod(e, n);
+
+ if(d1 != 0 && d2 != 0 && p != 0 && q != 0)
+ {
+ powermod_d1_p = Fixed_Exponent_Power_Mod(d1, p);
+ powermod_d2_q = Fixed_Exponent_Power_Mod(d2, q);
+ reducer = Modular_Reducer(p);
+ this->c = c;
+ this->q = q;
+ }
+ }
+
+/*************************************************
+* Default IF Private Operation *
+*************************************************/
+BigInt Default_IF_Op::private_op(const BigInt& i) const
+ {
+ if(q == 0)
+ throw Internal_Error("Default_IF_Op::private_op: No private key");
+
+ BigInt j1 = powermod_d1_p(i);
+ BigInt j2 = powermod_d2_q(i);
+ j1 = reducer.reduce(sub_mul(j1, j2, c));
+ return mul_add(j1, q, j2);
+ }
+
+}
+
+/*************************************************
+* Acquire an IF op *
+*************************************************/
+IF_Operation* Default_Engine::if_op(const BigInt& e, const BigInt& n,
+ const BigInt& d, const BigInt& p,
+ const BigInt& q, const BigInt& d1,
+ const BigInt& d2, const BigInt& c) const
+ {
+ return new Default_IF_Op(e, n, d, p, q, d1, d2, c);
+ }
+
+}