/src/botan/src/lib/pubkey/blinding.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Blinding for public key operations |
3 | | * (C) 1999-2010,2015 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/blinding.h> |
9 | | |
10 | | namespace Botan { |
11 | | |
12 | | Blinder::Blinder(const BigInt& modulus, |
13 | | RandomNumberGenerator& rng, |
14 | | std::function<BigInt(const BigInt&)> fwd, |
15 | | std::function<BigInt(const BigInt&)> inv) : |
16 | | m_reducer(modulus), |
17 | | m_rng(rng), |
18 | | m_fwd_fn(std::move(fwd)), |
19 | | m_inv_fn(std::move(inv)), |
20 | | m_modulus_bits(modulus.bits()), |
21 | | m_e{}, |
22 | | m_d{}, |
23 | 0 | m_counter{} { |
24 | 0 | const BigInt k = blinding_nonce(); |
25 | 0 | m_e = m_fwd_fn(k); |
26 | 0 | m_d = m_inv_fn(k); |
27 | 0 | } |
28 | | |
29 | 0 | BigInt Blinder::blinding_nonce() const { |
30 | 0 | return BigInt(m_rng, m_modulus_bits - 1); |
31 | 0 | } |
32 | | |
33 | 0 | BigInt Blinder::blind(const BigInt& i) const { |
34 | 0 | if(!m_reducer.initialized()) { |
35 | 0 | throw Invalid_State("Blinder not initialized, cannot blind"); |
36 | 0 | } |
37 | | |
38 | 0 | ++m_counter; |
39 | |
|
40 | 0 | if((BOTAN_BLINDING_REINIT_INTERVAL > 0) && (m_counter > BOTAN_BLINDING_REINIT_INTERVAL)) { |
41 | 0 | const BigInt k = blinding_nonce(); |
42 | 0 | m_e = m_fwd_fn(k); |
43 | 0 | m_d = m_inv_fn(k); |
44 | 0 | m_counter = 0; |
45 | 0 | } else { |
46 | 0 | m_e = m_reducer.square(m_e); |
47 | 0 | m_d = m_reducer.square(m_d); |
48 | 0 | } |
49 | |
|
50 | 0 | return m_reducer.multiply(i, m_e); |
51 | 0 | } |
52 | | |
53 | 0 | BigInt Blinder::unblind(const BigInt& i) const { |
54 | 0 | if(!m_reducer.initialized()) { |
55 | 0 | throw Invalid_State("Blinder not initialized, cannot unblind"); |
56 | 0 | } |
57 | | |
58 | 0 | return m_reducer.multiply(i, m_d); |
59 | 0 | } |
60 | | |
61 | | } // namespace Botan |