VerificationVerdict verify(const DigitalSignature & data, const DataInputPolicy * dip = NULL) { if ( ! _isPublicKeyLoaded ) throw std::exception(); ZZ t = OS2IP(data.R); ZZ s = OS2IP(data.S); if ((L(t) > _Ln || (IsZero(t))) || (s > _Curve.getOrder())) return VerificationVerdict(); t %= _Curve.getOrder(); _Curve.enter_mod_context(EC_Dscr::aEC::FIELD_CONTEXT); typename EC_Dscr::aECP R = toAffine(_publicKey * t + _BasePoint * s); _Curve.leave_mod_context(); const Octet P = EC2OSP(R, EC_Dscr::aEC::EC2OSP_COMPRESSED); const ZZ d = (t - OS2IP(P)) % _Curve.getOrder(); Octet vdata = I2OSP(d); /* MAKE CHECKS */ const DSSDataOutput vmsg = dip == NULL ? _ECNR_Data.createOutput(vdata) : TDataInput<ECNR_Input>(*dip).createOutput(vdata); ManagedBlob M = vmsg.M_rec || data.M_clr; const DSSDataInput vsign = dip == NULL ? _ECNR_Data.createInput(M, P) : TDataInput<ECNR_Input>(*dip).createInput(M, P); if (vsign.d == vmsg.d_pad) { return VerificationVerdict(M); } else { return VerificationVerdict(); } }
DigitalSignature sign(const ManagedBlob & data, const DataInputPolicy * dip = NULL) { if (! _isPrivateKeyLoaded) throw std::exception(); const ZZ k = OS2IP(_PRNG()) % _Curve.getOrder(); Octet P; do { _Curve.enter_mod_context(EC_Dscr::aEC::FIELD_CONTEXT); const typename EC_Dscr::aECP PP = toAffine(_BasePoint * k); _Curve.leave_mod_context(); if (PP.isZero()) continue; P = EC2OSP(PP, EC_Dscr::aEC::EC2OSP_COMPRESSED); break; } while(1); /* FIX IT */ const DSSDataInput SignData = dip == NULL ? _ECNR_Data.createInput(data, P) : TDataInput<ECNR_Input>(*dip).createInput(data, P); _Curve.enter_mod_context(EC_Dscr::aEC::ORDER_CONTEXT); const ZZ_p pi = InMod(OS2IP(P)); const ZZ_p d = InMod(OS2IP(SignData.d)); const ZZ_p r = (d + pi); const ZZ_p s = (InMod(k) - InMod(_privateKey)*r); _Curve.leave_mod_context(); const ByteSeq R = I2OSP(r,_Ln); const ByteSeq S = I2OSP(s,_Ln); return DigitalSignature(R, S, SignData.M_clr); }
ECPoint ECCurve::multiplyPoint(BigInteger &k, ECPoint &p) { BigInteger m = k; ECPointJacobian q = toJacobian(p); m = m % _q; ECPointJacobian r; while (!m.isZero()) { if (m.lsb()) { r = addJacobian(r, q); } m = m.rshift(1); q = doubleJacobian(q); } return toAffine(r); }
virtual Octet generatePublicKey() { if (! _isPrivateKeyLoaded) throw std::exception(); // Operation unaviable _Curve.enter_mod_context(EC_Dscr::aEC::FIELD_CONTEXT); _publicKey = _BasePoint * _privateKey; typename EC_Dscr::aECP _AffinePublicKey = toAffine(_publicKey); _Curve.leave_mod_context(); _isPublicKeyLoaded = true; setPublicKeyHook(); return FE2OSP(_AffinePublicKey.getX(), _Lcm) || FE2OSP(_AffinePublicKey.getY(), _Lcm); }