/src/botan/src/lib/pubkey/dh/dh.cpp

Source (jump to first uncovered line)
/*
* Diffie-Hellman
* (C) 1999-2007,2016,2019,2023 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/dh.h>

#include <botan/internal/blinding.h>
#include <botan/internal/dl_scheme.h>
#include <botan/internal/pk_ops_impl.h>

namespace Botan {

DH_PublicKey::DH_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) {
   m_public_key = std::make_shared<DL_PublicKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42);
}

DH_PublicKey::DH_PublicKey(const DL_Group& group, const BigInt& y) {
   m_public_key = std::make_shared<DL_PublicKey>(group, y);
}

std::vector<uint8_t> DH_PublicKey::public_value() const {
   return m_public_key->public_key_as_bytes();
}

size_t DH_PublicKey::estimated_strength() const {
   return m_public_key->estimated_strength();
}

size_t DH_PublicKey::key_length() const {
   return m_public_key->p_bits();
}

const BigInt& DH_PublicKey::get_int_field(std::string_view field) const {
   return m_public_key->get_int_field(algo_name(), field);
}

const DL_Group& DH_PublicKey::group() const {
   return m_public_key->group();
}

AlgorithmIdentifier DH_PublicKey::algorithm_identifier() const {
   return AlgorithmIdentifier(object_identifier(), m_public_key->group().DER_encode(DL_Group_Format::ANSI_X9_42));
}

std::vector<uint8_t> DH_PublicKey::public_key_bits() const {
   return m_public_key->DER_encode();
}

bool DH_PublicKey::check_key(RandomNumberGenerator& rng, bool strong) const {
   return m_public_key->check_key(rng, strong);
}

std::unique_ptr<Private_Key> DH_PublicKey::generate_another(RandomNumberGenerator& rng) const {
   return std::make_unique<DH_PrivateKey>(rng, group());
}

DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng, const DL_Group& group) {
   m_private_key = std::make_shared<DL_PrivateKey>(group, rng);
   m_public_key = m_private_key->public_key();
}

DH_PrivateKey::DH_PrivateKey(const DL_Group& group, const BigInt& x) {
   m_private_key = std::make_shared<DL_PrivateKey>(group, x);
   m_public_key = m_private_key->public_key();
}

DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) {
   m_private_key = std::make_shared<DL_PrivateKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42);
   m_public_key = m_private_key->public_key();
}

std::unique_ptr<Public_Key> DH_PrivateKey::public_key() const {
   return std::unique_ptr<DH_PublicKey>(new DH_PublicKey(m_public_key));
}

std::vector<uint8_t> DH_PrivateKey::public_value() const {
   return DH_PublicKey::public_value();
}

secure_vector<uint8_t> DH_PrivateKey::private_key_bits() const {
   return m_private_key->DER_encode();
}

secure_vector<uint8_t> DH_PrivateKey::raw_private_key_bits() const {
   return m_private_key->raw_private_key_bits();
}

const BigInt& DH_PrivateKey::get_int_field(std::string_view field) const {
   return m_private_key->get_int_field(algo_name(), field);
}

namespace {

/**
* DH operation
*/
class DH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF {
   public:
      DH_KA_Operation(const std::shared_ptr<const DL_PrivateKey>& key,
                      std::string_view kdf,
                      RandomNumberGenerator& rng) :
            PK_Ops::Key_Agreement_with_KDF(kdf),
            m_key(key),
            m_key_bits(m_key->private_key().bits()),
            m_blinder(
               m_key->group().get_p(),
               rng,
               [](const BigInt& k) { return k; },
               [this](const BigInt& k) {
                  const BigInt inv_k = inverse_mod(k, group().get_p());
                  return powermod_x_p(inv_k);
               }) {}

      size_t agreed_value_size() const override { return group().p_bytes(); }

      secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override;

   private:
      const DL_Group& group() const { return m_key->group(); }

      BigInt powermod_x_p(const BigInt& v) const { return group().power_b_p(v, m_key->private_key(), m_key_bits); }

      std::shared_ptr<const DL_PrivateKey> m_key;
      std::shared_ptr<const Montgomery_Params> m_monty_p;
      const size_t m_key_bits;
      Blinder m_blinder;
};

secure_vector<uint8_t> DH_KA_Operation::raw_agree(const uint8_t w[], size_t w_len) {
   BigInt v = BigInt::decode(w, w_len);

   if(v <= 1 || v >= group().get_p()) {
      throw Invalid_Argument("DH agreement - invalid key provided");
   }

   v = m_blinder.blind(v);
   v = powermod_x_p(v);
   v = m_blinder.unblind(v);

   return BigInt::encode_1363(v, group().p_bytes());
}

}  // namespace

std::unique_ptr<PK_Ops::Key_Agreement> DH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng,
                                                                              std::string_view params,
                                                                              std::string_view provider) const {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<DH_KA_Operation>(this->m_private_key, params, rng);
   }
   throw Provider_Not_Found(algo_name(), provider);
}

}  // namespace Botan

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Diffie-Hellman
3		* (C) 1999-2007,2016,2019,2023 Jack Lloyd
4		*
5		* Botan is released under the Simplified BSD License (see license.txt)
6		*/
7
8		#include <botan/dh.h>
9
10		#include <botan/internal/blinding.h>
11		#include <botan/internal/dl_scheme.h>
12		#include <botan/internal/pk_ops_impl.h>
13
14		namespace Botan {
15
16	0	DH_PublicKey::DH_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) {
17	0	m_public_key = std::make_shared<DL_PublicKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42);
18	0	} Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>)
19
20	0	DH_PublicKey::DH_PublicKey(const DL_Group& group, const BigInt& y) {
21	0	m_public_key = std::make_shared<DL_PublicKey>(group, y);
22	0	} Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::DL_Group const&, Botan::BigInt const&) Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::DL_Group const&, Botan::BigInt const&)
23
24	0	std::vector<uint8_t> DH_PublicKey::public_value() const {
25	0	return m_public_key->public_key_as_bytes();
26	0	}
27
28	0	size_t DH_PublicKey::estimated_strength() const {
29	0	return m_public_key->estimated_strength();
30	0	}
31
32	0	size_t DH_PublicKey::key_length() const {
33	0	return m_public_key->p_bits();
34	0	}
35
36	0	const BigInt& DH_PublicKey::get_int_field(std::string_view field) const {
37	0	return m_public_key->get_int_field(algo_name(), field);
38	0	}
39
40	0	const DL_Group& DH_PublicKey::group() const {
41	0	return m_public_key->group();
42	0	}
43
44	0	AlgorithmIdentifier DH_PublicKey::algorithm_identifier() const {
45	0	return AlgorithmIdentifier(object_identifier(), m_public_key->group().DER_encode(DL_Group_Format::ANSI_X9_42));
46	0	}
47
48	0	std::vector<uint8_t> DH_PublicKey::public_key_bits() const {
49	0	return m_public_key->DER_encode();
50	0	}
51
52	0	bool DH_PublicKey::check_key(RandomNumberGenerator& rng, bool strong) const {
53	0	return m_public_key->check_key(rng, strong);
54	0	}
55
56	0	std::unique_ptr<Private_Key> DH_PublicKey::generate_another(RandomNumberGenerator& rng) const {
57	0	return std::make_unique<DH_PrivateKey>(rng, group());
58	0	}
59
60	0	DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng, const DL_Group& group) {
61	0	m_private_key = std::make_shared<DL_PrivateKey>(group, rng);
62	0	m_public_key = m_private_key->public_key();
63	0	} Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::RandomNumberGenerator&, Botan::DL_Group const&) Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::RandomNumberGenerator&, Botan::DL_Group const&)
64
65	0	DH_PrivateKey::DH_PrivateKey(const DL_Group& group, const BigInt& x) {
66	0	m_private_key = std::make_shared<DL_PrivateKey>(group, x);
67	0	m_public_key = m_private_key->public_key();
68	0	} Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::DL_Group const&, Botan::BigInt const&) Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::DL_Group const&, Botan::BigInt const&)
69
70	0	DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) {
71	0	m_private_key = std::make_shared<DL_PrivateKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42);
72	0	m_public_key = m_private_key->public_key();
73	0	} Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>)
74
75	0	std::unique_ptr<Public_Key> DH_PrivateKey::public_key() const {
76	0	return std::unique_ptr<DH_PublicKey>(new DH_PublicKey(m_public_key));
77	0	}
78
79	0	std::vector<uint8_t> DH_PrivateKey::public_value() const {
80	0	return DH_PublicKey::public_value();
81	0	}
82
83	0	secure_vector<uint8_t> DH_PrivateKey::private_key_bits() const {
84	0	return m_private_key->DER_encode();
85	0	}
86
87	0	secure_vector<uint8_t> DH_PrivateKey::raw_private_key_bits() const {
88	0	return m_private_key->raw_private_key_bits();
89	0	}
90
91	0	const BigInt& DH_PrivateKey::get_int_field(std::string_view field) const {
92	0	return m_private_key->get_int_field(algo_name(), field);
93	0	}
94
95		namespace {
96
97		/**
98		* DH operation
99		*/
100		class DH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF {
101		public:
102		DH_KA_Operation(const std::shared_ptr<const DL_PrivateKey>& key,
103		std::string_view kdf,
104		RandomNumberGenerator& rng) :
105		PK_Ops::Key_Agreement_with_KDF(kdf),
106		m_key(key),
107		m_key_bits(m_key->private_key().bits()),
108		m_blinder(
109		m_key->group().get_p(),
110		rng,
111	0	[](const BigInt& k) { return k; },
112	0	[this](const BigInt& k) {
113	0	const BigInt inv_k = inverse_mod(k, group().get_p());
114	0	return powermod_x_p(inv_k);
115	0	}) {}
116
117	0	size_t agreed_value_size() const override { return group().p_bytes(); }
118
119		secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override;
120
121		private:
122	0	const DL_Group& group() const { return m_key->group(); }
123
124	0	BigInt powermod_x_p(const BigInt& v) const { return group().power_b_p(v, m_key->private_key(), m_key_bits); }
125
126		std::shared_ptr<const DL_PrivateKey> m_key;
127		std::shared_ptr<const Montgomery_Params> m_monty_p;
128		const size_t m_key_bits;
129		Blinder m_blinder;
130		};
131
132	0	secure_vector<uint8_t> DH_KA_Operation::raw_agree(const uint8_t w[], size_t w_len) {
133	0	BigInt v = BigInt::decode(w, w_len);
134
135	0	if(v <= 1 \|\| v >= group().get_p()) {
136	0	throw Invalid_Argument("DH agreement - invalid key provided");
137	0	}
138
139	0	v = m_blinder.blind(v);
140	0	v = powermod_x_p(v);
141	0	v = m_blinder.unblind(v);
142
143	0	return BigInt::encode_1363(v, group().p_bytes());
144	0	}
145
146		} // namespace
147
148		std::unique_ptr<PK_Ops::Key_Agreement> DH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng,
149		std::string_view params,
150	0	std::string_view provider) const {
151	0	if(provider == "base" \|\| provider.empty()) {
152	0	return std::make_unique<DH_KA_Operation>(this->m_private_key, params, rng);
153	0	}
154	0	throw Provider_Not_Found(algo_name(), provider);
155	0	}
156
157		} // namespace Botan

Coverage Report

Created: 2023-12-08 07:00