Botan 2.19.3
Crypto and TLS for C&
ecc_key.cpp
Go to the documentation of this file.
1/*
2* ECC Key implemenation
3* (C) 2007 Manuel Hartl, FlexSecure GmbH
4* Falko Strenzke, FlexSecure GmbH
5* 2008-2010 Jack Lloyd
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#include <botan/ecc_key.h>
11#include <botan/numthry.h>
12#include <botan/der_enc.h>
13#include <botan/ber_dec.h>
14#include <botan/secmem.h>
15#include <botan/point_gfp.h>
16#include <botan/workfactor.h>
17
18namespace Botan {
19
21 {
22 return domain().get_p_bits();
23 }
24
26 {
28 }
29
31 const PointGFp& pub_point) :
32 m_domain_params(dom_par), m_public_key(pub_point)
33 {
34 if (!dom_par.get_curve_oid().empty())
36 else
38
39#if 0
40 if(domain().get_curve() != public_point().get_curve())
41 throw Invalid_Argument("EC_PublicKey: curve mismatch in constructor");
42#endif
43 }
44
46 const std::vector<uint8_t>& key_bits) :
47 m_domain_params{EC_Group(alg_id.get_parameters())},
48 m_public_key{domain().OS2ECP(key_bits)}
49 {
50 if (!domain().get_curve_oid().empty())
52 else
54 }
55
62
63
68
69std::vector<uint8_t> EC_PublicKey::public_key_bits() const
70 {
72 }
73
75 {
76 if(enc != PointGFp::COMPRESSED &&
78 enc != PointGFp::HYBRID)
79 throw Invalid_Argument("Invalid point encoding for EC_PublicKey");
80
81 m_point_encoding = enc;
82 }
83
85 {
86 if(form != EC_DOMPAR_ENC_EXPLICIT &&
88 form != EC_DOMPAR_ENC_OID)
89 throw Invalid_Argument("Invalid encoding form for EC-key object specified");
90
92 throw Invalid_Argument("Invalid encoding form OID specified for "
93 "EC-key object whose corresponding domain "
94 "parameters are without oid");
95
96 m_domain_encoding = form;
97 }
98
100 {
101 if(m_private_key == 0)
102 throw Invalid_State("EC_PrivateKey::private_value - uninitialized");
103
104 return m_private_key;
105 }
106
107/**
108* EC_PrivateKey constructor
109*/
111 const EC_Group& ec_group,
112 const BigInt& x,
113 bool with_modular_inverse)
114 {
115 m_domain_params = ec_group;
116 if (!ec_group.get_curve_oid().empty())
118 else
120
121 if(x == 0)
122 {
123 m_private_key = ec_group.random_scalar(rng);
124 }
125 else
126 {
127 m_private_key = x;
128 }
129
130 std::vector<BigInt> ws;
131
132 if(with_modular_inverse)
133 {
134 // ECKCDSA
137 }
138 else
139 {
141 }
142
144 "Generated public key point was on the curve");
145 }
146
159
161 const secure_vector<uint8_t>& key_bits,
162 bool with_modular_inverse)
163 {
166
167 if (!domain().get_curve_oid().empty())
169 else
171
172 OID key_parameters;
174
175 BER_Decoder(key_bits)
177 .decode_and_check<size_t>(1, "Unknown version code for ECC key")
178 .decode_octet_string_bigint(m_private_key)
179 .decode_optional(key_parameters, ASN1_Tag(0), PRIVATE)
180 .decode_optional_string(public_key_bits, BIT_STRING, 1, PRIVATE)
181 .end_cons();
182
183 if(public_key_bits.empty())
184 {
185 if(with_modular_inverse)
186 {
187 // ECKCDSA
189 }
190 else
191 {
193 }
194
196 "Public point derived from loaded key was on the curve");
197 }
198 else
199 {
201 // OS2ECP verifies that the point is on the curve
202 }
203 }
204
205}
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:55
const std::vector< uint8_t > & get_parameters() const
Definition asn1_obj.h:446
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition ber_dec.cpp:290
BER_Decoder & decode_and_check(const T &expected, const std::string &error_msg)
Definition ber_dec.h:277
BER_Decoder & decode_optional(T &out, ASN1_Tag type_tag, ASN1_Tag class_tag, const T &default_value=T())
Definition ber_dec.h:337
BER_Decoder & end_cons()
Definition ber_dec.cpp:300
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
Definition big_code.cpp:111
size_t bytes() const
Definition bigint.cpp:281
secure_vector< uint8_t > get_contents()
Definition der_enc.cpp:152
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition der_enc.cpp:181
DER_Encoder & end_cons()
Definition der_enc.cpp:191
DER_Encoder & encode(bool b)
Definition der_enc.cpp:285
PointGFp OS2ECP(const uint8_t bits[], size_t len) const
Definition ec_group.cpp:573
PointGFp blinded_base_point_multiply(const BigInt &k, RandomNumberGenerator &rng, std::vector< BigInt > &ws) const
Definition ec_group.cpp:590
bool verify_group(RandomNumberGenerator &rng, bool strong=false) const
Definition ec_group.cpp:724
size_t get_p_bits() const
Definition ec_group.cpp:469
bool verify_public_element(const PointGFp &y) const
Definition ec_group.cpp:701
const OID & get_curve_oid() const
Definition ec_group.cpp:554
const PointGFp & get_base_point() const
Definition ec_group.cpp:504
BigInt inverse_mod_order(const BigInt &x) const
Definition ec_group.cpp:549
BigInt random_scalar(RandomNumberGenerator &rng) const
Definition ec_group.cpp:608
const BigInt & private_value() const
Definition ecc_key.cpp:99
secure_vector< uint8_t > private_key_bits() const override
Definition ecc_key.cpp:147
const EC_Group & domain() const
Definition ecc_key.h:72
std::vector< uint8_t > DER_domain() const
Definition ecc_key.h:90
PointGFp::Compression_Type point_encoding() const
Definition ecc_key.h:104
void set_parameter_encoding(EC_Group_Encoding enc)
Definition ecc_key.cpp:84
PointGFp m_public_key
Definition ecc_key.h:115
EC_Group_Encoding m_domain_encoding
Definition ecc_key.h:116
size_t estimated_strength() const override
Definition ecc_key.cpp:25
PointGFp::Compression_Type m_point_encoding
Definition ecc_key.h:117
void set_point_encoding(PointGFp::Compression_Type enc)
Definition ecc_key.cpp:74
AlgorithmIdentifier algorithm_identifier() const override
Definition ecc_key.cpp:64
size_t key_length() const override
Definition ecc_key.cpp:20
EC_Group m_domain_params
Definition ecc_key.h:114
const PointGFp & public_point() const
Definition ecc_key.h:57
bool check_key(RandomNumberGenerator &rng, bool strong) const override
Definition ecc_key.cpp:56
std::vector< uint8_t > public_key_bits() const override
Definition ecc_key.cpp:69
bool empty() const
Definition asn1_obj.h:232
std::vector< uint8_t > encode(PointGFp::Compression_Type format) const
bool on_the_curve() const
virtual OID get_oid() const
Definition pk_keys.cpp:53
size_t ecp_work_factor(size_t bits)
PointGFp OS2ECP(const uint8_t data[], size_t data_len, const CurveGFp &curve)
ASN1_Tag
Definition asn1_obj.h:25
@ BIT_STRING
Definition asn1_obj.h:37
@ SEQUENCE
Definition asn1_obj.h:42
@ OCTET_STRING
Definition asn1_obj.h:38
@ PRIVATE
Definition asn1_obj.h:32
EC_Group_Encoding
Definition ec_group.h:23
@ EC_DOMPAR_ENC_EXPLICIT
Definition ec_group.h:24
@ EC_DOMPAR_ENC_OID
Definition ec_group.h:26
@ EC_DOMPAR_ENC_IMPLICITCA
Definition ec_group.h:25
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:65