ANSCENTER/ANSCORE
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ANSCORE/core/anslicensing/ecc.cpp

597 lines
14 KiB
C++
Raw Permalink Normal View History

Initial setup for CLion
2026-03-28 16:54:11 +11:00
//
// Copyright (c) 2014 ANSCENTER. All rights reserved.
//
#include "precomp.h"
#include "ecc.h"
#include "bigint.h"
#include "ec2m.h"
#include "sha1.h"
#include "except.h"
#include "base64.h"
#include "uniconv.h"
#ifndef _WIN32
#include <alloca.h>
#else
#include <malloc.h>
#endif
namespace ECC {
#if 0
void biPrint( bigint & data )
{
int n;
unsigned * u;
n = ( data.bits() + 31 ) / 32;
u = new unsigned[ n ];
data.store( u, n );
printf( "%d ", data.bits() );
for ( int i = n - 1; i >= 0; i-- )
{
printf( "%08X ", u[i] );
}
printf("\n");
delete [] u;
}
#endif
static const curve_parameter eccCurveTable[ 10 ] = { { 9, 7, 1, 17, 43, 48, 1},
{ 12, 7, 1, 83, 2049, 10, 1 },
{ 13, 7, 1, 27, 124, 52, 1},
{ 15, 7, 1, 3, 977, 110, 1},
{ 16, 7, 1, 45, 2902, 6, 1},
{ 10, 11, 2, 9, 139, 34, 1},
{ 12, 11, 2, 83, 2083, 66, 1},
{ 13, 11, 2, 27, 773, 48, 1},
{ 14, 11, 2, 43, 146, 40, 1},
{ 10, 17, 3, 9, 48, 28, 1} };
static void UintArrayToByteArray(unsigned * srcArray, int bitCount, unsigned char * dstArray)
{
int dstLength = ((int)bitCount + 7) >> 3;
int srcLength = (dstLength + 3) >> 2;
int i = 0;
int j = 0;
unsigned currentUint;
if (dstLength > 3)
{
while (i < dstLength - 3)
{
currentUint = (j < srcLength) ? srcArray[j] : 0;
dstArray[i + 3] = (unsigned char)(currentUint >> 24);
dstArray[i + 2] = (unsigned char)((currentUint >> 16) & 0xFF);
dstArray[i + 1] = (unsigned char)((currentUint >> 8) & 0xFF);
dstArray[i] = (unsigned char)(currentUint & 0xFF);
i += 4;
j += 1;
}
}
currentUint = (j < srcLength) ? srcArray[j] : 0;
if (i < dstLength) dstArray[i] = (unsigned char)(currentUint & 0xFF); i++;
if (i < dstLength) dstArray[i] = (unsigned char)((currentUint >> 8) & 0xFF); i++;
if (i < dstLength) dstArray[i] = (unsigned char)((currentUint >> 16) & 0xFF);
}
static void ByteArrayToUintArray(unsigned char * srcArray, int srcLength, unsigned * dstArray)
{
int roundedLen = (srcLength + sizeof(unsigned) - 1) / sizeof(unsigned);
int i = 0;
int j = 0;
while (i < roundedLen - 1)
{
dstArray[i] = (unsigned)(((unsigned)srcArray[j + 3] << 24) | ((unsigned)srcArray[j + 2] << 16) | ((unsigned)srcArray[j + 1] << 8) | (unsigned)srcArray[j]);
i += 1;
j += 4;
}
dstArray[roundedLen - 1] = 0;
if (j < srcLength) dstArray[roundedLen - 1] = (unsigned)(srcArray[j]); j++;
if (j < srcLength) dstArray[roundedLen - 1] |= (unsigned)((unsigned)srcArray[j] << 8); j++;
if (j < srcLength) dstArray[roundedLen - 1] |= (unsigned)((unsigned)srcArray[j] << 16); j++;
if (j < srcLength) dstArray[roundedLen - 1] |= (unsigned)((unsigned)srcArray[j] << 24);
}
class KeyImpl {
friend class Key;
friend class SignerImpl;
friend class VerifierImpl;
friend void GenerateKeyPair(KEY_TYPE keyType, Key **privKey, Key **pubKey);
private:
KeyImpl()
{
}
KeyImpl(const void * keyBuf, int bufLen, KEY_TYPE keyType = ECC)
{
Load(keyBuf, bufLen, keyType);
}
KeyImpl(const char * base64Key, KEY_TYPE keyType = ECC)
{
BASE64 base64;
int len;
auto buf = base64.decode(base64Key, strlen(base64Key), &len);
if (buf.empty())
throw new LicensingException(STATUS_INVALID_PARAM, "invalid base64 key");
Load(buf.data(), len, keyType);
}
void Load(const void * keyBuf, int bufLen, KEY_TYPE keyType = ECC)
{
if (keyType == ECC)
{
unsigned char * keyBytes = (unsigned char *)keyBuf;
if ((keyBytes[0] >> 5) != 0)
throw new LicensingException(STATUS_INVALID_PARAM, "unsupported key version");
if (keyBytes[1] + 2 != bufLen)
throw new LicensingException(STATUS_INVALID_PARAM, "invalid key size");
isPrivate = ((keyBytes[0] & 0x10) != 0);
SetKeyType((KEY_TYPE)(keyBytes[0] & 0x0F));
int roundedLen = sizeof(unsigned) * ((bufLen - 2 + sizeof(unsigned) - 1) / sizeof(unsigned));
unsigned * buf = (unsigned *)calloc(roundedLen, 1);
if (!buf) return;
ByteArrayToUintArray(keyBytes + 2, bufLen - 2, buf);
m_key.load(buf, (unsigned)(roundedLen / sizeof(unsigned)));
free(buf);
} else
{
SetKeyType(keyType);
int roundedLen = sizeof(unsigned) * ((bufLen + sizeof(unsigned) - 1) / sizeof(unsigned));
unsigned * buf = (unsigned *)calloc(roundedLen, 1);
if (!buf) return;
ByteArrayToUintArray((unsigned char *)keyBuf, bufLen, buf);
m_key.load(buf, (unsigned)(roundedLen / sizeof(unsigned)));
free(buf);
}
}
bool Store(void * buf, int * bufLen)
{
unsigned char * keyBytes = (unsigned char *)buf;
int numBits = m_key.bits();
int numBytes = (numBits + 7) >> 3;
if (*bufLen < 2 + numBytes)
return false;
keyBytes[0] &= 0x1F; // set first 3 bits to 0 - version 1
if (isPrivate) keyBytes[0] |= 0x10; else keyBytes[0] &= 0xEF; // the 4th bit is 1 if it's a private key
keyBytes[0] = (keyBytes[0] & 0xF0) | (((unsigned char)m_keyType) & 0x0F); // the next 4 bits from 1st byte are the key type
keyBytes[1] = numBytes; // the second byte specifies the key size
int numUints = (numBytes + sizeof(unsigned) - 1) / sizeof(unsigned);
unsigned * temp = (unsigned int *)_alloca(numUints * sizeof(unsigned));
m_key.store(temp, numUints);
UintArrayToByteArray(temp, numBits, keyBytes + 2);
*bufLen = numBytes + 2;
return true;
}
void SetKeyType(KEY_TYPE keyType)
{
m_keyType = keyType;
switch (keyType)
{
case ECC_54: m_keySize = 54;break;
case ECC_73: m_keySize = 73;break;
case ECC_79: m_keySize = 79;break;
case ECC_91: m_keySize = 91;break;
case ECC_97: m_keySize = 97;break;
case ECC_100: m_keySize = 100;break;
case ECC_120: m_keySize = 120;break;
case ECC_131: m_keySize = 131;break;
case ECC_141: m_keySize = 141;break;
case ECC_161: m_keySize = 161;break;
}
}
KEY_TYPE GetKeyType()
{
return m_keyType;
}
KEY_TYPE m_keyType;
int m_keySize;
bigint m_key;
bool isPrivate;
};
class SignerImpl {
public:
SignerImpl()
{
m_hashBits = 0; // thus select ECDSA as the signing algorithm
}
~SignerImpl()
{
}
static bigint Hash(const bigint & x, const bigint & p)
{
unsigned int n = ( x.bits() + ( ( sizeof(unsigned) << 3 ) - 1 ) ) / ( sizeof( unsigned ) << 3 );
unsigned int * a = (unsigned *)_alloca(n * sizeof(unsigned));
unsigned int h[ 5 ];
x.store(a, n);
SHA1 sha;
#ifndef LICENSING_BIG_ENDIAN
sha.Update((unsigned char *)a, (x.bits() + 7) >> 3);
#else
int nb = (x.bits() + 7) >> 3;
unsigned char * buf = (unsigned char *)_alloca(nb);
UintArrayToByteArray(a, x.bits(), buf);
sha.Update(buf, nb);
#endif
sha.Final();
#ifndef LICENSING_BIG_ENDIAN
sha.GetHash((unsigned char *)h);
#else
unsigned char bh[20];
sha.GetHash(bh);
ByteArrayToUintArray(bh, 20, h);
#endif
bigint r;
r.load( h, 5 );
return r % p;
}
void SetHashSize(int hashBits)
{
m_hashBits = hashBits;
}
void SetPrivateKey(const KeyImpl & privKey)
{
m_privateKey = privKey;
}
void Sign(const void * msg, int msgLen, void * sigBuf, int * sigLen, int * sigLenBits)
{
full_curve_parameter param(eccCurveTable[ m_privateKey.m_keyType ]);
ECC_BASE ecc(param);
bigint message;
bigint temp;
bigint_pair signature;
*sigLenBits = (m_hashBits && m_hashBits < m_privateKey.m_keySize) ? m_hashBits + m_privateKey.m_keySize : m_privateKey.m_keySize << 1;
*sigLen = (*sigLenBits + 7) >> 3;
unsigned * buf = (unsigned *)_alloca(msgLen + *sigLen + sizeof(unsigned) - 1);
// take care of endianess here, do not do just a memcpy()
memcpy(buf, msg, msgLen);
memset((char *)buf + msgLen, 0, sizeof(unsigned) - 1);
unsigned msgHash[5];
SHA1 sha;
sha.Update((unsigned char *)msg, msgLen);
sha.Final();
#ifndef LICENSING_BIG_ENDIAN
sha.GetHash((unsigned char *)msgHash);
#else
unsigned char msgHashBuf[20];
sha.GetHash(msgHashBuf);
ByteArrayToUintArray(msgHashBuf, 20, msgHash);
#endif
message.load(msgHash, 5);
signature = (m_hashBits && m_hashBits < m_privateKey.m_keySize) ? ecc.schnorr_sign(message, m_privateKey.m_key, Hash, m_hashBits) : ecc.dsa_sign(message, m_privateKey.m_key, Hash);
temp = (signature.r << m_privateKey.m_keySize); temp += signature.s;
unsigned int n = (unsigned)((*sigLen + sizeof(unsigned) - 1) / sizeof(unsigned));
temp.store(buf, n);
#ifndef LICENSING_BIG_ENDIAN
// take care of endianess here
memcpy(sigBuf, buf, *sigLen);
#else
UintArrayToByteArray(buf, *sigLenBits, (unsigned char *)sigBuf);
#endif
}
private:
KeyImpl m_privateKey;
int m_hashBits;
};
class VerifierImpl {
public:
VerifierImpl()
{
m_hashBits = 0;
}
~VerifierImpl()
{
}
static bigint Hash(const bigint & x, const bigint & p)
{
int n = ( x.bits() + ( ( sizeof(unsigned) << 3 ) - 1 ) ) / ( sizeof( unsigned ) << 3 );
unsigned int * a = (unsigned *)_alloca(n * sizeof(unsigned));
unsigned int h[ 5 ];
x.store(a, n);
SHA1 sha;
#ifndef LICENSING_BIG_ENDIAN
sha.Update((unsigned char *)a, (x.bits() + 7) >> 3);
#else
int nb = (x.bits() + 7) >> 3;
unsigned char * buf = (unsigned char *)_alloca(nb);
UintArrayToByteArray(a, x.bits(), buf);
sha.Update(buf, nb);
#endif
sha.Final();
#ifndef LICENSING_BIG_ENDIAN
sha.GetHash((unsigned char *)h);
#else
unsigned char bh[20];
sha.GetHash(bh);
ByteArrayToUintArray(bh, 20, h);
#endif
bigint r;
r.load( h, 5 );
return r % p;
}
void SetHashSize(int hashBits)
{
m_hashBits = hashBits;
}
void SetPublicKey(const KeyImpl & pubKey)
{
m_publicKey = pubKey;
}
bool Verify(const void * msg, int msgLen, const void * sig, int sigLen, int sigLenBits)
{
full_curve_parameter param(eccCurveTable[ m_publicKey.m_keyType ]);
ECC_BASE ecc(param);
bigint message;
bigint_pair signature;
int msgBufLen = (msgLen + sizeof(unsigned) - 1) / sizeof(unsigned);
int sigBufLen = (sigLen + sizeof(unsigned) - 1) / sizeof(unsigned);
unsigned * msgBuf = (unsigned *)_alloca(msgBufLen * sizeof(unsigned));
unsigned * sigBuf = (unsigned *)_alloca(sigBufLen * sizeof(unsigned));
#ifndef LICENSING_BIG_ENDIAN
memset(msgBuf, 0, msgBufLen * sizeof(unsigned));
memcpy(msgBuf, msg, msgLen);
memset(sigBuf, 0, sigBufLen * sizeof(unsigned));
memcpy(sigBuf, sig, sigLen);
#else
ByteArrayToUintArray((unsigned char *)msg, msgLen, msgBuf);
ByteArrayToUintArray((unsigned char *)sig, sigLen, sigBuf);
#endif
unsigned int msgHash[5];
SHA1 sha;
sha.Update((unsigned char *)msg, msgLen);
sha.Final();
#ifndef LICENSING_BIG_ENDIAN
sha.GetHash((unsigned char *)msgHash);
#else
unsigned char byteHash[20];
sha.GetHash(byteHash);
ByteArrayToUintArray(byteHash, 20, msgHash);
#endif
message.load(msgHash, 5);
signature.r.load(sigBuf, sigBufLen);
signature.r >>= m_publicKey.m_keySize; signature.r &= (pow2((unsigned)(sigLenBits - m_publicKey.m_keySize)) - 1);
signature.s.load(sigBuf, sigBufLen);
signature.s &= (pow2(m_publicKey.m_keySize) - 1);
return (m_hashBits && m_hashBits < m_publicKey.m_keySize) ? ecc.schnorr_verify(message, signature, m_publicKey.m_key, Hash, m_hashBits) : ecc.dsa_verify(message, signature, m_publicKey.m_key, Hash);
}
private:
int m_hashBits;
KeyImpl m_publicKey;
};
void GenerateKeyPair(KEY_TYPE keyType, Key **privKey, Key **pubKey)
{
full_curve_parameter param(eccCurveTable[ keyType ]);
ECC_BASE ecc(param);
Key * privateKey = new Key(),
* publicKey = new Key();
privateKey->m_Impl.m_key = ecc.create_private_key();
privateKey->m_Impl.SetKeyType(keyType);
privateKey->m_Impl.isPrivate = true;
publicKey->m_Impl.m_key = ecc.create_public_key(privateKey->m_Impl.m_key);
publicKey->m_Impl.SetKeyType(keyType);
*privKey = privateKey;
*pubKey = publicKey;
}
Key::Key():
m_Impl( *new KeyImpl() )
{
}
Key::Key(const void * keyBuf, int bufLen, KEY_TYPE keyType):
m_Impl( *new KeyImpl(keyBuf, bufLen, keyType) )
{
}
Key::Key(const char * base64Key, KEY_TYPE keyType):
m_Impl( *new KeyImpl(base64Key, keyType))
{
}
Key::~Key()
{
delete & m_Impl;
}
void Key::Load(const void * keyData, int keyLen, KEY_TYPE keyType)
{
m_Impl.Load(keyData, keyLen, keyType);
}
bool Key::Store(void * buf, int * bufLen) const
{
return m_Impl.Store(buf, bufLen);
}
const char * Key::ToString()
{
static string base64key;
int len = 2 + ((m_Impl.m_key.bits() + 7) >> 3);
unsigned char * buf = (unsigned char *)_alloca(len);
Store(buf, &len);
BASE64 base64;
auto base64Buf = base64.encode(buf, len, true);
if (base64Buf.empty())
throw new LicensingException(STATUS_GENERIC_ERROR, "could not encode buffer to base64");
base64key = base64Buf.c_str();
return base64key.c_str();
}
KEY_TYPE Key::GetKeyType()
{
return m_Impl.GetKeyType();
}
const Key & Key::operator = (const Key & key)
{
m_Impl = key.m_Impl;
return (const Key &)(*this);
}
Signer::Signer():
m_Impl(*new SignerImpl())
{
}
Signer::~Signer()
{
delete & m_Impl;
}
void Signer::SetHashSize(int hashBits)
{
m_Impl.SetHashSize(hashBits);
}
void Signer::SetPrivateKey(const Key * privKey)
{
m_Impl.SetPrivateKey(privKey->m_Impl);
}
void Signer::Sign(const void * msg, int msgLen, void * sigBuf, int * sigLen, int * sigLenBits)
{
m_Impl.Sign(msg, msgLen, sigBuf, sigLen, sigLenBits);
}
Verifier::Verifier():
m_Impl( *new VerifierImpl() )
{
}
Verifier::~Verifier()
{
delete & m_Impl;
}
void Verifier::SetHashSize(int hashBits)
{
m_Impl.SetHashSize(hashBits);
}
void Verifier::SetPublicKey(const Key * pubKey)
{
m_Impl.SetPublicKey(pubKey->m_Impl);
}
bool Verifier::Verify(const void * msg, int msgLen, const void * sig, int sigLen, int sigLenBits)
{
return m_Impl.Verify(msg, msgLen, sig, sigLen, sigLenBits);
}
}
Reference in New Issue Copy Permalink