10 #include <botan/keypair.h>
11 #include <botan/pow_mod.h>
12 #include <botan/reducer.h>
13 #include <botan/internal/pk_ops_impl.h>
15 #if defined(BOTAN_HAS_RFC6979_GENERATOR)
16 #include <botan/emsa.h>
17 #include <botan/rfc6979.h>
20 #if defined(BOTAN_TARGET_OS_HAS_THREADS)
81 DSA_Signature_Operation(
const DSA_PrivateKey& dsa,
const std::string& emsa) :
82 PK_Ops::Signature_with_EMSA(emsa),
91 size_t max_input_bits()
const override {
return m_q.bits(); }
93 secure_vector<uint8_t> raw_sign(
const uint8_t msg[],
size_t msg_len,
94 RandomNumberGenerator& rng)
override;
103 secure_vector<uint8_t>
104 DSA_Signature_Operation::raw_sign(
const uint8_t msg[],
size_t msg_len,
105 RandomNumberGenerator& rng)
107 BigInt i(msg, msg_len);
112 #if defined(BOTAN_HAS_RFC6979_GENERATOR)
119 #if defined(BOTAN_TARGET_OS_HAS_THREADS)
120 auto future_r = std::async(std::launch::async,
124 const BigInt r = future_r.get();
142 class DSA_Verification_Operation :
public PK_Ops::Verification_with_EMSA
145 DSA_Verification_Operation(
const DSA_PublicKey& dsa,
146 const std::string& emsa) :
147 PK_Ops::Verification_with_EMSA(emsa),
148 m_q(dsa.group_q()),
m_y(dsa.get_y()),
m_powermod_g_p{Fixed_Base_Power_Mod(dsa.group_g(), dsa.group_p())},
150 m_mod_q{Modular_Reducer(dsa.group_q())}
153 size_t max_input_bits()
const override {
return m_q.bits(); }
155 bool with_recovery()
const override {
return false; }
157 bool verify(
const uint8_t msg[],
size_t msg_len,
158 const uint8_t sig[],
size_t sig_len)
override;
167 bool DSA_Verification_Operation::verify(
const uint8_t msg[],
size_t msg_len,
168 const uint8_t sig[],
size_t sig_len)
170 if(sig_len != 2*
m_q.bytes() || msg_len >
m_q.bytes())
173 BigInt r(sig,
m_q.bytes());
174 BigInt s(sig +
m_q.bytes(),
m_q.bytes());
175 BigInt i(msg, msg_len);
177 if(r <= 0 || r >=
m_q || s <= 0 || s >=
m_q)
182 #if defined(BOTAN_TARGET_OS_HAS_THREADS)
183 auto future_s_i = std::async(std::launch::async,
187 BigInt s_i = future_s_i.get();
193 s =
m_mod_p.multiply(s_i, s_r);
195 return (
m_mod_q.reduce(s) == r);
200 std::unique_ptr<PK_Ops::Verification>
202 const std::string& provider)
const
204 if(provider ==
"base" || provider.empty())
205 return std::unique_ptr<PK_Ops::Verification>(
new DSA_Verification_Operation(*
this, params));
209 std::unique_ptr<PK_Ops::Signature>
211 const std::string& params,
212 const std::string& provider)
const
214 if(provider ==
"base" || provider.empty())
215 return std::unique_ptr<PK_Ops::Signature>(
new DSA_Signature_Operation(*
this, params));
std::string hash_for_emsa(const std::string &algo_spec)
const BigInt & group_q() const
const BigInt & group_p() const
std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const override
static BigInt random_integer(RandomNumberGenerator &rng, const BigInt &min, const BigInt &max)
#define BOTAN_ASSERT(expr, assertion_made)
std::vector< T, secure_allocator< T >> secure_vector
BigInt multiply(const BigInt &x, const BigInt &y) const
DSA_PrivateKey(const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &key_bits)
bool signature_consistency_check(RandomNumberGenerator &rng, const Private_Key &private_key, const Public_Key &public_key, const std::string &padding)
BigInt reduce(const BigInt &x) const
BigInt inverse_mod(const BigInt &n, const BigInt &mod)
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
bool check_key(RandomNumberGenerator &rng, bool) const override
BigInt generate_rfc6979_nonce(const BigInt &x, const BigInt &q, const BigInt &h, const std::string &hash)
bool check_key(RandomNumberGenerator &rng, bool strong) const override
const BigInt & group_g() const
std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string ¶ms, const std::string &provider) const override
static secure_vector< uint8_t > encode_fixed_length_int_pair(const BigInt &n1, const BigInt &n2, size_t bytes)
Fixed_Base_Power_Mod m_powermod_y_p
Fixed_Base_Power_Mod m_powermod_g_p
BigInt mul_add(const BigInt &a, const BigInt &b, const BigInt &c)