diff options
Diffstat (limited to 'src/pubkey/ecdsa/ecdsa_op.cpp')
| -rw-r--r-- | src/pubkey/ecdsa/ecdsa_op.cpp | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/src/pubkey/ecdsa/ecdsa_op.cpp b/src/pubkey/ecdsa/ecdsa_op.cpp deleted file mode 100644 index dd92ac5c0..000000000 --- a/src/pubkey/ecdsa/ecdsa_op.cpp +++ /dev/null @@ -1,74 +0,0 @@ -/* -* ECDSA Operation -* (C) 2007 FlexSecure GmbH -* 2008-2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/ecdsa_op.h> -#include <botan/numthry.h> - -namespace Botan { - -Default_ECDSA_Op::Default_ECDSA_Op(const EC_Domain_Params& domain, - const BigInt& priv, - const PointGFp& pub) : - dom_pars(domain), mod_n(dom_pars.get_order()), - pub_key(pub), priv_key(priv) - { - } - -bool Default_ECDSA_Op::verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const - { - const BigInt& n = dom_pars.get_order(); - - if(sig_len != n.bytes()*2) - return false; - - BigInt e(msg, msg_len); - - BigInt r(sig, sig_len / 2); - BigInt s(sig + sig_len / 2, sig_len / 2); - - if(r < 0 || r >= n || s < 0 || s >= n) - return false; - - BigInt w = inverse_mod(s, n); - - PointGFp R = w * (e * dom_pars.get_base_point() + r*pub_key); - if(R.is_zero()) - return false; - - return (mod_n.reduce(R.get_affine_x()) == r); - } - -SecureVector<byte> Default_ECDSA_Op::sign(const byte msg[], u32bit msg_len, - const BigInt& k) const - { - if(priv_key == 0) - throw Internal_Error("Default_ECDSA_Op::sign(): no private key"); - - const BigInt& n = dom_pars.get_order(); - - BigInt e(msg, msg_len); - - PointGFp k_times_P = dom_pars.get_base_point() * k; - BigInt r = mod_n.reduce(k_times_P.get_affine_x()); - - if(r == 0) - throw Internal_Error("Default_ECDSA_Op::sign: r was zero"); - - BigInt k_inv = inverse_mod(k, n); - - BigInt s = mod_n.reduce(mod_n.multiply(r, priv_key) + e); - s = mod_n.multiply(s, k_inv); - - SecureVector<byte> output(2*n.bytes()); - r.binary_encode(output + (output.size() / 2 - r.bytes())); - s.binary_encode(output + (output.size() - s.bytes())); - return output; - } - -} |