diff options
author | lloyd <[email protected]> | 2008-09-28 18:38:20 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2008-09-28 18:38:20 +0000 |
commit | 3dc4f54e780ebb5d92921d48733278412d52e2b0 (patch) | |
tree | 0e5a76b4c2c48c4fd71571ed90848edb1b780a3f /src | |
parent | ed39cde548c5cbff3896dc4c9ab5803d1334dd29 (diff) |
Split def_ops into multiple files. Modularize DLIES
Diffstat (limited to 'src')
-rw-r--r-- | src/def_ops.cpp | 355 | ||||
-rw-r--r-- | src/dh_op.cpp | 41 | ||||
-rw-r--r-- | src/dlies.cpp | 129 | ||||
-rw-r--r-- | src/dsa_op.cpp | 106 | ||||
-rw-r--r-- | src/elg_op.cpp | 89 | ||||
-rw-r--r-- | src/nr_op.cpp | 104 | ||||
-rw-r--r-- | src/rsa_op.cpp | 83 |
7 files changed, 423 insertions, 484 deletions
diff --git a/src/def_ops.cpp b/src/def_ops.cpp deleted file mode 100644 index 3edeed522..000000000 --- a/src/def_ops.cpp +++ /dev/null @@ -1,355 +0,0 @@ -/************************************************* -* Default Engine PK Operations Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_def.h> -#include <botan/pow_mod.h> -#include <botan/numthry.h> -#include <botan/reducer.h> - -namespace Botan { - -namespace { - -/************************************************* -* Default IF Operation * -*************************************************/ -class Default_IF_Op : public IF_Operation - { - public: - BigInt public_op(const BigInt& i) const - { return powermod_e_n(i); } - BigInt private_op(const BigInt&) const; - - IF_Operation* clone() const { return new Default_IF_Op(*this); } - - Default_IF_Op(const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&); - private: - Fixed_Exponent_Power_Mod powermod_e_n, powermod_d1_p, powermod_d2_q; - Modular_Reducer reducer; - BigInt c, q; - }; - -/************************************************* -* Default_IF_Op Constructor * -*************************************************/ -Default_IF_Op::Default_IF_Op(const BigInt& e, const BigInt& n, const BigInt&, - const BigInt& p, const BigInt& q, - const BigInt& d1, const BigInt& d2, - const BigInt& c) - { - powermod_e_n = Fixed_Exponent_Power_Mod(e, n); - - if(d1 != 0 && d2 != 0 && p != 0 && q != 0) - { - powermod_d1_p = Fixed_Exponent_Power_Mod(d1, p); - powermod_d2_q = Fixed_Exponent_Power_Mod(d2, q); - reducer = Modular_Reducer(p); - this->c = c; - this->q = q; - } - } - -/************************************************* -* Default IF Private Operation * -*************************************************/ -BigInt Default_IF_Op::private_op(const BigInt& i) const - { - if(q == 0) - throw Internal_Error("Default_IF_Op::private_op: No private key"); - - BigInt j1 = powermod_d1_p(i); - BigInt j2 = powermod_d2_q(i); - j1 = reducer.reduce(sub_mul(j1, j2, c)); - return mul_add(j1, q, j2); - } - -/************************************************* -* Default DSA Operation * -*************************************************/ -class Default_DSA_Op : public DSA_Operation - { - public: - bool verify(const byte[], u32bit, const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - DSA_Operation* clone() const { return new Default_DSA_Op(*this); } - - Default_DSA_Op(const DL_Group&, const BigInt&, const BigInt&); - private: - const BigInt x, y; - const DL_Group group; - Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; - Modular_Reducer mod_p, mod_q; - }; - -/************************************************* -* Default_DSA_Op Constructor * -*************************************************/ -Default_DSA_Op::Default_DSA_Op(const DL_Group& grp, const BigInt& y1, - const BigInt& x1) : x(x1), y(y1), group(grp) - { - powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p()); - powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p()); - mod_p = Modular_Reducer(group.get_p()); - mod_q = Modular_Reducer(group.get_q()); - } - -/************************************************* -* Default DSA Verify Operation * -*************************************************/ -bool Default_DSA_Op::verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const - { - const BigInt& q = group.get_q(); - - if(sig_len != 2*q.bytes() || msg_len > q.bytes()) - return false; - - BigInt r(sig, q.bytes()); - BigInt s(sig + q.bytes(), q.bytes()); - BigInt i(msg, msg_len); - - if(r <= 0 || r >= q || s <= 0 || s >= q) - return false; - - s = inverse_mod(s, q); - s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)), - powermod_y_p(mod_q.multiply(s, r))); - - return (mod_q.reduce(s) == r); - } - -/************************************************* -* Default DSA Sign Operation * -*************************************************/ -SecureVector<byte> Default_DSA_Op::sign(const byte in[], u32bit length, - const BigInt& k) const - { - if(x == 0) - throw Internal_Error("Default_DSA_Op::sign: No private key"); - - const BigInt& q = group.get_q(); - BigInt i(in, length); - - BigInt r = mod_q.reduce(powermod_g_p(k)); - BigInt s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i)); - - if(r.is_zero() || s.is_zero()) - throw Internal_Error("Default_DSA_Op::sign: r or s was zero"); - - SecureVector<byte> output(2*q.bytes()); - r.binary_encode(output + (output.size() / 2 - r.bytes())); - s.binary_encode(output + (output.size() - s.bytes())); - return output; - } - -/************************************************* -* Default NR Operation * -*************************************************/ -class Default_NR_Op : public NR_Operation - { - public: - SecureVector<byte> verify(const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - NR_Operation* clone() const { return new Default_NR_Op(*this); } - - Default_NR_Op(const DL_Group&, const BigInt&, const BigInt&); - private: - const BigInt x, y; - const DL_Group group; - Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; - Modular_Reducer mod_p, mod_q; - }; - -/************************************************* -* Default_NR_Op Constructor * -*************************************************/ -Default_NR_Op::Default_NR_Op(const DL_Group& grp, const BigInt& y1, - const BigInt& x1) : x(x1), y(y1), group(grp) - { - powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p()); - powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p()); - mod_p = Modular_Reducer(group.get_p()); - mod_q = Modular_Reducer(group.get_q()); - } - -/************************************************* -* Default NR Verify Operation * -*************************************************/ -SecureVector<byte> Default_NR_Op::verify(const byte in[], u32bit length) const - { - const BigInt& q = group.get_q(); - - if(length != 2*q.bytes()) - return false; - - BigInt c(in, q.bytes()); - BigInt d(in + q.bytes(), q.bytes()); - - if(c.is_zero() || c >= q || d >= q) - throw Invalid_Argument("Default_NR_Op::verify: Invalid signature"); - - BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c)); - return BigInt::encode(mod_q.reduce(c - i)); - } - -/************************************************* -* Default NR Sign Operation * -*************************************************/ -SecureVector<byte> Default_NR_Op::sign(const byte in[], u32bit length, - const BigInt& k) const - { - if(x == 0) - throw Internal_Error("Default_NR_Op::sign: No private key"); - - const BigInt& q = group.get_q(); - - BigInt f(in, length); - - if(f >= q) - throw Invalid_Argument("Default_NR_Op::sign: Input is out of range"); - - BigInt c = mod_q.reduce(powermod_g_p(k) + f); - if(c.is_zero()) - throw Internal_Error("Default_NR_Op::sign: c was zero"); - BigInt d = mod_q.reduce(k - x * c); - - SecureVector<byte> output(2*q.bytes()); - c.binary_encode(output + (output.size() / 2 - c.bytes())); - d.binary_encode(output + (output.size() - d.bytes())); - return output; - } - -/************************************************* -* Default ElGamal Operation * -*************************************************/ -class Default_ELG_Op : public ELG_Operation - { - public: - SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const; - BigInt decrypt(const BigInt&, const BigInt&) const; - - ELG_Operation* clone() const { return new Default_ELG_Op(*this); } - - Default_ELG_Op(const DL_Group&, const BigInt&, const BigInt&); - private: - const BigInt p; - Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; - Fixed_Exponent_Power_Mod powermod_x_p; - Modular_Reducer mod_p; - }; - -/************************************************* -* Default_ELG_Op Constructor * -*************************************************/ -Default_ELG_Op::Default_ELG_Op(const DL_Group& group, const BigInt& y, - const BigInt& x) : p(group.get_p()) - { - powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), p); - powermod_y_p = Fixed_Base_Power_Mod(y, p); - mod_p = Modular_Reducer(p); - - if(x != 0) - powermod_x_p = Fixed_Exponent_Power_Mod(x, p); - } - -/************************************************* -* Default ElGamal Encrypt Operation * -*************************************************/ -SecureVector<byte> Default_ELG_Op::encrypt(const byte in[], u32bit length, - const BigInt& k) const - { - BigInt m(in, length); - if(m >= p) - throw Invalid_Argument("Default_ELG_Op::encrypt: Input is too large"); - - BigInt a = powermod_g_p(k); - BigInt b = mod_p.multiply(m, powermod_y_p(k)); - - SecureVector<byte> output(2*p.bytes()); - a.binary_encode(output + (p.bytes() - a.bytes())); - b.binary_encode(output + output.size() / 2 + (p.bytes() - b.bytes())); - return output; - } - -/************************************************* -* Default ElGamal Decrypt Operation * -*************************************************/ -BigInt Default_ELG_Op::decrypt(const BigInt& a, const BigInt& b) const - { - if(a >= p || b >= p) - throw Invalid_Argument("Default_ELG_Op: Invalid message"); - - return mod_p.multiply(b, inverse_mod(powermod_x_p(a), p)); - } - -/************************************************* -* Default DH Operation * -*************************************************/ -class Default_DH_Op : public DH_Operation - { - public: - BigInt agree(const BigInt& i) const { return powermod_x_p(i); } - DH_Operation* clone() const { return new Default_DH_Op(*this); } - - Default_DH_Op(const DL_Group& group, const BigInt& x) : - powermod_x_p(x, group.get_p()) {} - private: - const Fixed_Exponent_Power_Mod powermod_x_p; - }; - -} - -/************************************************* -* Acquire an IF op * -*************************************************/ -IF_Operation* Default_Engine::if_op(const BigInt& e, const BigInt& n, - const BigInt& d, const BigInt& p, - const BigInt& q, const BigInt& d1, - const BigInt& d2, const BigInt& c) const - { - return new Default_IF_Op(e, n, d, p, q, d1, d2, c); - } - -/************************************************* -* Acquire a DSA op * -*************************************************/ -DSA_Operation* Default_Engine::dsa_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new Default_DSA_Op(group, y, x); - } - -/************************************************* -* Acquire a NR op * -*************************************************/ -NR_Operation* Default_Engine::nr_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new Default_NR_Op(group, y, x); - } - -/************************************************* -* Acquire an ElGamal op * -*************************************************/ -ELG_Operation* Default_Engine::elg_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new Default_ELG_Op(group, y, x); - } - -/************************************************* -* Acquire a DH op * -*************************************************/ -DH_Operation* Default_Engine::dh_op(const DL_Group& group, - const BigInt& x) const - { - return new Default_DH_Op(group, x); - } - -} diff --git a/src/dh_op.cpp b/src/dh_op.cpp new file mode 100644 index 000000000..0bcfd4ef8 --- /dev/null +++ b/src/dh_op.cpp @@ -0,0 +1,41 @@ +/************************************************* +* DH Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/eng_def.h> +#include <botan/pow_mod.h> +#include <botan/numthry.h> +#include <botan/reducer.h> + +namespace Botan { + +namespace { + +/************************************************* +* Default DH Operation * +*************************************************/ +class Default_DH_Op : public DH_Operation + { + public: + BigInt agree(const BigInt& i) const { return powermod_x_p(i); } + DH_Operation* clone() const { return new Default_DH_Op(*this); } + + Default_DH_Op(const DL_Group& group, const BigInt& x) : + powermod_x_p(x, group.get_p()) {} + private: + const Fixed_Exponent_Power_Mod powermod_x_p; + }; + +} + +/************************************************* +* Acquire a DH op * +*************************************************/ +DH_Operation* Default_Engine::dh_op(const DL_Group& group, + const BigInt& x) const + { + return new Default_DH_Op(group, x); + } + +} diff --git a/src/dlies.cpp b/src/dlies.cpp deleted file mode 100644 index 2a2f33925..000000000 --- a/src/dlies.cpp +++ /dev/null @@ -1,129 +0,0 @@ -/************************************************* -* DLIES Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/dlies.h> -#include <botan/lookup.h> -#include <botan/look_pk.h> -#include <botan/xor_buf.h> -#include <memory> - -namespace Botan { - -/************************************************* -* DLIES_Encryptor Constructor * -*************************************************/ -DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& k, - const std::string& kdf, - const std::string& mac, u32bit mk_len) : - key(k), kdf_algo(kdf), mac_algo(mac), MAC_KEYLEN(mk_len) - { - } - -/************************************************* -* DLIES Encryption * -*************************************************/ -SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length, - RandomNumberGenerator&) const - { - if(length > maximum_input_size()) - throw Invalid_Argument("DLIES: Plaintext too large"); - if(other_key.is_empty()) - throw Invalid_State("DLIES: The other key was never set"); - - std::auto_ptr<KDF> kdf(get_kdf(kdf_algo)); - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo)); - - MemoryVector<byte> v = key.public_value(); - - SecureVector<byte> out(v.size() + length + mac->OUTPUT_LENGTH); - out.copy(v, v.size()); - out.copy(v.size(), in, length); - - SecureVector<byte> vz(v, key.derive_key(other_key, other_key.size())); - - const u32bit K_LENGTH = length + MAC_KEYLEN; - OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size()); - if(K.length() != K_LENGTH) - throw Encoding_Error("DLIES: KDF did not provide sufficient output"); - byte* C = out + v.size(); - - xor_buf(C, K.begin() + MAC_KEYLEN, length); - mac->set_key(K.begin(), MAC_KEYLEN); - - mac->update(C, length); - for(u32bit j = 0; j != 8; ++j) - mac->update(0); - - mac->final(C + length); - - return out; - } - -/************************************************* -* Set the other parties public key * -*************************************************/ -void DLIES_Encryptor::set_other_key(const MemoryRegion<byte>& ok) - { - other_key = ok; - } - -/************************************************* -* Return the max size, in bytes, of a message * -*************************************************/ -u32bit DLIES_Encryptor::maximum_input_size() const - { - return 32; - } - -/************************************************* -* DLIES_Decryptor Constructor * -*************************************************/ -DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& k, - const std::string& kdf, - const std::string& mac, u32bit mk_len) : - key(k), kdf_algo(kdf), mac_algo(mac), - MAC_KEYLEN(mk_len), PUBLIC_LEN(key.public_value().size()) - { - } - -/************************************************* -* DLIES Decryption * -*************************************************/ -SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const - { - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo)); - - if(length < PUBLIC_LEN + mac->OUTPUT_LENGTH) - throw Decoding_Error("DLIES decryption: ciphertext is too short"); - - std::auto_ptr<KDF> kdf(get_kdf(kdf_algo)); - - const u32bit CIPHER_LEN = length - PUBLIC_LEN - mac->OUTPUT_LENGTH; - - SecureVector<byte> v(msg, PUBLIC_LEN); - SecureVector<byte> C(msg + PUBLIC_LEN, CIPHER_LEN); - SecureVector<byte> T(msg + PUBLIC_LEN + CIPHER_LEN, mac->OUTPUT_LENGTH); - - SecureVector<byte> vz(v, key.derive_key(v, v.size())); - - const u32bit K_LENGTH = C.size() + MAC_KEYLEN; - OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size()); - if(K.length() != K_LENGTH) - throw Encoding_Error("DLIES: KDF did not provide sufficient output"); - - mac->set_key(K.begin(), MAC_KEYLEN); - mac->update(C); - for(u32bit j = 0; j != 8; ++j) - mac->update(0); - SecureVector<byte> T2 = mac->final(); - if(T != T2) - throw Integrity_Failure("DLIES: message authentication failed"); - - xor_buf(C, K.begin() + MAC_KEYLEN, C.size()); - - return C; - } - -} diff --git a/src/dsa_op.cpp b/src/dsa_op.cpp new file mode 100644 index 000000000..ee94cb256 --- /dev/null +++ b/src/dsa_op.cpp @@ -0,0 +1,106 @@ +/************************************************* +* DSA Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/eng_def.h> +#include <botan/pow_mod.h> +#include <botan/numthry.h> +#include <botan/reducer.h> + +namespace Botan { + +namespace { + +/************************************************* +* Default DSA Operation * +*************************************************/ +class Default_DSA_Op : public DSA_Operation + { + public: + bool verify(const byte[], u32bit, const byte[], u32bit) const; + SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; + + DSA_Operation* clone() const { return new Default_DSA_Op(*this); } + + Default_DSA_Op(const DL_Group&, const BigInt&, const BigInt&); + private: + const BigInt x, y; + const DL_Group group; + Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; + Modular_Reducer mod_p, mod_q; + }; + +/************************************************* +* Default_DSA_Op Constructor * +*************************************************/ +Default_DSA_Op::Default_DSA_Op(const DL_Group& grp, const BigInt& y1, + const BigInt& x1) : x(x1), y(y1), group(grp) + { + powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p()); + powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p()); + mod_p = Modular_Reducer(group.get_p()); + mod_q = Modular_Reducer(group.get_q()); + } + +/************************************************* +* Default DSA Verify Operation * +*************************************************/ +bool Default_DSA_Op::verify(const byte msg[], u32bit msg_len, + const byte sig[], u32bit sig_len) const + { + const BigInt& q = group.get_q(); + + if(sig_len != 2*q.bytes() || msg_len > q.bytes()) + return false; + + BigInt r(sig, q.bytes()); + BigInt s(sig + q.bytes(), q.bytes()); + BigInt i(msg, msg_len); + + if(r <= 0 || r >= q || s <= 0 || s >= q) + return false; + + s = inverse_mod(s, q); + s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)), + powermod_y_p(mod_q.multiply(s, r))); + + return (mod_q.reduce(s) == r); + } + +/************************************************* +* Default DSA Sign Operation * +*************************************************/ +SecureVector<byte> Default_DSA_Op::sign(const byte in[], u32bit length, + const BigInt& k) const + { + if(x == 0) + throw Internal_Error("Default_DSA_Op::sign: No private key"); + + const BigInt& q = group.get_q(); + BigInt i(in, length); + + BigInt r = mod_q.reduce(powermod_g_p(k)); + BigInt s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i)); + + if(r.is_zero() || s.is_zero()) + throw Internal_Error("Default_DSA_Op::sign: r or s was zero"); + + SecureVector<byte> output(2*q.bytes()); + r.binary_encode(output + (output.size() / 2 - r.bytes())); + s.binary_encode(output + (output.size() - s.bytes())); + return output; + } + +} + +/************************************************* +* Acquire a DSA op * +*************************************************/ +DSA_Operation* Default_Engine::dsa_op(const DL_Group& group, const BigInt& y, + const BigInt& x) const + { + return new Default_DSA_Op(group, y, x); + } + +} diff --git a/src/elg_op.cpp b/src/elg_op.cpp new file mode 100644 index 000000000..0d852d145 --- /dev/null +++ b/src/elg_op.cpp @@ -0,0 +1,89 @@ +/************************************************* +* ElGamal Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/eng_def.h> +#include <botan/pow_mod.h> +#include <botan/numthry.h> +#include <botan/reducer.h> + +namespace Botan { + +namespace { + +/************************************************* +* Default ElGamal Operation * +*************************************************/ +class Default_ELG_Op : public ELG_Operation + { + public: + SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const; + BigInt decrypt(const BigInt&, const BigInt&) const; + + ELG_Operation* clone() const { return new Default_ELG_Op(*this); } + + Default_ELG_Op(const DL_Group&, const BigInt&, const BigInt&); + private: + const BigInt p; + Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; + Fixed_Exponent_Power_Mod powermod_x_p; + Modular_Reducer mod_p; + }; + +/************************************************* +* Default_ELG_Op Constructor * +*************************************************/ +Default_ELG_Op::Default_ELG_Op(const DL_Group& group, const BigInt& y, + const BigInt& x) : p(group.get_p()) + { + powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), p); + powermod_y_p = Fixed_Base_Power_Mod(y, p); + mod_p = Modular_Reducer(p); + + if(x != 0) + powermod_x_p = Fixed_Exponent_Power_Mod(x, p); + } + +/************************************************* +* Default ElGamal Encrypt Operation * +*************************************************/ +SecureVector<byte> Default_ELG_Op::encrypt(const byte in[], u32bit length, + const BigInt& k) const + { + BigInt m(in, length); + if(m >= p) + throw Invalid_Argument("Default_ELG_Op::encrypt: Input is too large"); + + BigInt a = powermod_g_p(k); + BigInt b = mod_p.multiply(m, powermod_y_p(k)); + + SecureVector<byte> output(2*p.bytes()); + a.binary_encode(output + (p.bytes() - a.bytes())); + b.binary_encode(output + output.size() / 2 + (p.bytes() - b.bytes())); + return output; + } + +/************************************************* +* Default ElGamal Decrypt Operation * +*************************************************/ +BigInt Default_ELG_Op::decrypt(const BigInt& a, const BigInt& b) const + { + if(a >= p || b >= p) + throw Invalid_Argument("Default_ELG_Op: Invalid message"); + + return mod_p.multiply(b, inverse_mod(powermod_x_p(a), p)); + } + +} + +/************************************************* +* Acquire an ElGamal op * +*************************************************/ +ELG_Operation* Default_Engine::elg_op(const DL_Group& group, const BigInt& y, + const BigInt& x) const + { + return new Default_ELG_Op(group, y, x); + } + +} diff --git a/src/nr_op.cpp b/src/nr_op.cpp new file mode 100644 index 000000000..01e96a822 --- /dev/null +++ b/src/nr_op.cpp @@ -0,0 +1,104 @@ +/************************************************* +* NR Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/eng_def.h> +#include <botan/pow_mod.h> +#include <botan/numthry.h> +#include <botan/reducer.h> + +namespace Botan { + +namespace { + +/************************************************* +* Default NR Operation * +*************************************************/ +class Default_NR_Op : public NR_Operation + { + public: + SecureVector<byte> verify(const byte[], u32bit) const; + SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; + + NR_Operation* clone() const { return new Default_NR_Op(*this); } + + Default_NR_Op(const DL_Group&, const BigInt&, const BigInt&); + private: + const BigInt x, y; + const DL_Group group; + Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; + Modular_Reducer mod_p, mod_q; + }; + +/************************************************* +* Default_NR_Op Constructor * +*************************************************/ +Default_NR_Op::Default_NR_Op(const DL_Group& grp, const BigInt& y1, + const BigInt& x1) : x(x1), y(y1), group(grp) + { + powermod_g_p = Fixed_Base_Power_Mod(group.get_g(), group.get_p()); + powermod_y_p = Fixed_Base_Power_Mod(y, group.get_p()); + mod_p = Modular_Reducer(group.get_p()); + mod_q = Modular_Reducer(group.get_q()); + } + +/************************************************* +* Default NR Verify Operation * +*************************************************/ +SecureVector<byte> Default_NR_Op::verify(const byte in[], u32bit length) const + { + const BigInt& q = group.get_q(); + + if(length != 2*q.bytes()) + return false; + + BigInt c(in, q.bytes()); + BigInt d(in + q.bytes(), q.bytes()); + + if(c.is_zero() || c >= q || d >= q) + throw Invalid_Argument("Default_NR_Op::verify: Invalid signature"); + + BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c)); + return BigInt::encode(mod_q.reduce(c - i)); + } + +/************************************************* +* Default NR Sign Operation * +*************************************************/ +SecureVector<byte> Default_NR_Op::sign(const byte in[], u32bit length, + const BigInt& k) const + { + if(x == 0) + throw Internal_Error("Default_NR_Op::sign: No private key"); + + const BigInt& q = group.get_q(); + + BigInt f(in, length); + + if(f >= q) + throw Invalid_Argument("Default_NR_Op::sign: Input is out of range"); + + BigInt c = mod_q.reduce(powermod_g_p(k) + f); + if(c.is_zero()) + throw Internal_Error("Default_NR_Op::sign: c was zero"); + BigInt d = mod_q.reduce(k - x * c); + + SecureVector<byte> output(2*q.bytes()); + c.binary_encode(output + (output.size() / 2 - c.bytes())); + d.binary_encode(output + (output.size() - d.bytes())); + return output; + } + +} + +/************************************************* +* Acquire a NR op * +*************************************************/ +NR_Operation* Default_Engine::nr_op(const DL_Group& group, const BigInt& y, + const BigInt& x) const + { + return new Default_NR_Op(group, y, x); + } + +} diff --git a/src/rsa_op.cpp b/src/rsa_op.cpp new file mode 100644 index 000000000..0b151bf3b --- /dev/null +++ b/src/rsa_op.cpp @@ -0,0 +1,83 @@ +/************************************************* +* IF (RSA/RW) Operation Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/eng_def.h> +#include <botan/pow_mod.h> +#include <botan/numthry.h> +#include <botan/reducer.h> + +namespace Botan { + +namespace { + +/************************************************* +* Default IF Operation * +*************************************************/ +class Default_IF_Op : public IF_Operation + { + public: + BigInt public_op(const BigInt& i) const + { return powermod_e_n(i); } + BigInt private_op(const BigInt&) const; + + IF_Operation* clone() const { return new Default_IF_Op(*this); } + + Default_IF_Op(const BigInt&, const BigInt&, const BigInt&, + const BigInt&, const BigInt&, const BigInt&, + const BigInt&, const BigInt&); + private: + Fixed_Exponent_Power_Mod powermod_e_n, powermod_d1_p, powermod_d2_q; + Modular_Reducer reducer; + BigInt c, q; + }; + +/************************************************* +* Default_IF_Op Constructor * +*************************************************/ +Default_IF_Op::Default_IF_Op(const BigInt& e, const BigInt& n, const BigInt&, + const BigInt& p, const BigInt& q, + const BigInt& d1, const BigInt& d2, + const BigInt& c) + { + powermod_e_n = Fixed_Exponent_Power_Mod(e, n); + + if(d1 != 0 && d2 != 0 && p != 0 && q != 0) + { + powermod_d1_p = Fixed_Exponent_Power_Mod(d1, p); + powermod_d2_q = Fixed_Exponent_Power_Mod(d2, q); + reducer = Modular_Reducer(p); + this->c = c; + this->q = q; + } + } + +/************************************************* +* Default IF Private Operation * +*************************************************/ +BigInt Default_IF_Op::private_op(const BigInt& i) const + { + if(q == 0) + throw Internal_Error("Default_IF_Op::private_op: No private key"); + + BigInt j1 = powermod_d1_p(i); + BigInt j2 = powermod_d2_q(i); + j1 = reducer.reduce(sub_mul(j1, j2, c)); + return mul_add(j1, q, j2); + } + +} + +/************************************************* +* Acquire an IF op * +*************************************************/ +IF_Operation* Default_Engine::if_op(const BigInt& e, const BigInt& n, + const BigInt& d, const BigInt& p, + const BigInt& q, const BigInt& d1, + const BigInt& d2, const BigInt& c) const + { + return new Default_IF_Op(e, n, d, p, q, d1, d2, c); + } + +} |