1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
/*
* ECDSA
* (C) 2007 Falko Strenzke, FlexSecure GmbH
* Manuel Hartl, FlexSecure GmbH
* (C) 2008-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
#ifndef BOTAN_ECDSA_KEY_H__
#define BOTAN_ECDSA_KEY_H__
#include <botan/ecc_key.h>
#include <botan/reducer.h>
#include <botan/pk_ops.h>
namespace Botan {
/**
* This class represents ECDSA Public Keys.
*/
class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey
{
public:
/**
* Construct a public key from a given public point.
* @param dom_par the domain parameters associated with this key
* @param public_point the public point defining this key
*/
ECDSA_PublicKey(const EC_Group& dom_par,
const PointGFp& public_point) :
EC_PublicKey(dom_par, public_point) {}
ECDSA_PublicKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
/**
* Get this keys algorithm name.
* @result this keys algorithm name ("ECDSA")
*/
std::string algo_name() const { return "ECDSA"; }
/**
* Get the maximum number of bits allowed to be fed to this key.
* This is the bitlength of the order of the base point.
* @result the maximum number of input bits
*/
size_t max_input_bits() const { return domain().get_order().bits(); }
size_t message_parts() const { return 2; }
size_t message_part_size() const
{ return domain().get_order().bytes(); }
protected:
ECDSA_PublicKey() {}
};
/**
* This class represents ECDSA Private Keys
*/
class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
public EC_PrivateKey
{
public:
/**
* Load a private key
* @param alg_id the X.509 algorithm identifier
* @param key_bits PKCS #8 structure
*/
ECDSA_PrivateKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
* Generate a new private key
* @param rng a random number generator
* @param domain parameters to used for this key
* @param x the private key (if zero, generate a ney random key)
*/
ECDSA_PrivateKey(RandomNumberGenerator& rng,
const EC_Group& domain,
const BigInt& x = 0) :
EC_PrivateKey(rng, domain, x) {}
bool check_key(RandomNumberGenerator& rng, bool) const;
};
/**
* ECDSA signature operation
*/
class BOTAN_DLL ECDSA_Signature_Operation : public PK_Ops::Signature
{
public:
ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa,
const std::string& hash);
secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
size_t message_parts() const { return 2; }
size_t message_part_size() const { return order.bytes(); }
size_t max_input_bits() const { return order.bits(); }
private:
const PointGFp& base_point;
const BigInt& order;
const BigInt& x;
Modular_Reducer mod_order;
std::string m_hash;
};
/**
* ECDSA verification operation
*/
class BOTAN_DLL ECDSA_Verification_Operation : public PK_Ops::Verification
{
public:
ECDSA_Verification_Operation(const ECDSA_PublicKey& ecdsa);
size_t message_parts() const { return 2; }
size_t message_part_size() const { return order.bytes(); }
size_t max_input_bits() const { return order.bits(); }
bool with_recovery() const { return false; }
bool verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len);
private:
const PointGFp& base_point;
const PointGFp& public_point;
const BigInt& order;
};
}
#endif
|