8 #include <botan/eckcdsa.h>
9 #include <botan/internal/pk_ops_impl.h>
10 #include <botan/keypair.h>
11 #include <botan/reducer.h>
12 #include <botan/emsa.h>
13 #include <botan/hash.h>
43 const std::string& emsa) :
44 PK_Ops::Signature_with_EMSA(emsa),
45 m_order(eckcdsa.domain().get_order()),
47 m_x(eckcdsa.private_value()),
60 secure_vector<uint8_t> raw_sign(
const uint8_t msg[],
size_t msg_len,
61 RandomNumberGenerator& rng)
override;
63 size_t max_input_bits()
const override {
return m_order.bits(); }
65 bool has_prefix()
override {
return true; }
66 secure_vector<uint8_t> message_prefix()
const override {
return m_prefix; }
76 secure_vector<uint8_t>
77 ECKCDSA_Signature_Operation::raw_sign(
const uint8_t msg[],
size_t,
78 RandomNumberGenerator& rng)
84 secure_vector<uint8_t> to_be_hashed(k_times_P_x.bytes());
87 std::unique_ptr<EMSA> emsa(
m_emsa->clone());
88 emsa->update(to_be_hashed.data(), to_be_hashed.size());
89 secure_vector<uint8_t> c = emsa->raw_data();
90 c = emsa->encoding_of(c, max_input_bits(), rng);
92 const BigInt r(c.data(), c.size());
95 BigInt w(c.data(), c.size());
109 class ECKCDSA_Verification_Operation :
public PK_Ops::Verification_with_EMSA
113 ECKCDSA_Verification_Operation(
const ECKCDSA_PublicKey& eckcdsa,
114 const std::string& emsa) :
115 PK_Ops::Verification_with_EMSA(emsa),
118 m_order(eckcdsa.domain().get_order()),
125 m_prefix.resize(public_point_x.bytes() + public_point_y.bytes());
126 public_point_x.binary_encode(&
m_prefix[0]);
127 public_point_y.binary_encode(&
m_prefix[public_point_x.bytes()]);
131 bool has_prefix()
override {
return true; }
132 secure_vector<uint8_t> message_prefix()
const override {
return m_prefix; }
134 size_t max_input_bits()
const override {
return m_order.bits(); }
136 bool with_recovery()
const override {
return false; }
138 bool verify(
const uint8_t msg[],
size_t msg_len,
139 const uint8_t sig[],
size_t sig_len)
override;
149 bool ECKCDSA_Verification_Operation::verify(
const uint8_t msg[],
size_t,
150 const uint8_t sig[],
size_t sig_len)
160 secure_vector<uint8_t> r(sig, sig + size_r);
170 secure_vector<uint8_t> r_xor_e(r);
171 xor_buf(r_xor_e, msg, r.size());
172 BigInt w(r_xor_e.data(), r_xor_e.size());
176 const BigInt q_x = q.get_affine_x();
177 secure_vector<uint8_t> c(q_x.bytes());
178 q_x.binary_encode(c.data());
179 std::unique_ptr<EMSA> emsa(
m_emsa->clone());
180 emsa->update(c.data(), c.size());
181 secure_vector<uint8_t> v = emsa->raw_data();
183 v = emsa->encoding_of(v, max_input_bits(), rng);
190 std::unique_ptr<PK_Ops::Verification>
192 const std::string& provider)
const
194 if(provider ==
"base" || provider.empty())
195 return std::unique_ptr<PK_Ops::Verification>(
new ECKCDSA_Verification_Operation(*
this, params));
199 std::unique_ptr<PK_Ops::Signature>
201 const std::string& params,
202 const std::string& provider)
const
204 if(provider ==
"base" || provider.empty())
205 return std::unique_ptr<PK_Ops::Signature>(
new ECKCDSA_Signature_Operation(*
this, params));
void xor_buf(T out[], const T in[], size_t length)
Modular_Reducer m_mod_order
void binary_encode(uint8_t buf[]) const
bool check_key(RandomNumberGenerator &rng, bool) const override
BigInt get_affine_y() const
static BigInt random_integer(RandomNumberGenerator &rng, const BigInt &min, const BigInt &max)
const PointGFp & public_point() const
#define BOTAN_ASSERT(expr, assertion_made)
BigInt get_affine_x() const
std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const override
Blinded_Point_Multiply m_base_point
std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string ¶ms, const std::string &provider) const override
BigInt multiply(const BigInt &x, const BigInt &y) const
const PointGFp & m_public_point
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
PointGFp blinded_multiply(const BigInt &scalar, RandomNumberGenerator &rng)
bool signature_consistency_check(RandomNumberGenerator &rng, const Private_Key &private_key, const Public_Key &public_key, const std::string &padding)
BigInt reduce(const BigInt &x) const
secure_vector< uint8_t > m_prefix
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
PointGFp multi_exponentiate(const PointGFp &p1, const BigInt &z1, const PointGFp &p2, const BigInt &z2)
std::string algo_name() const override