/src/botan/src/lib/pubkey/blinding.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Blinding for public key operations |
3 | | * (C) 1999-2010,2015 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/blinding.h> |
9 | | |
10 | | namespace Botan { |
11 | | |
12 | | Blinder::Blinder(const BigInt& modulus, |
13 | | RandomNumberGenerator& rng, |
14 | | std::function<BigInt (const BigInt&)> fwd, |
15 | | std::function<BigInt (const BigInt&)> inv) : |
16 | | m_reducer(modulus), |
17 | | m_rng(rng), |
18 | | m_fwd_fn(fwd), |
19 | | m_inv_fn(inv), |
20 | | m_modulus_bits(modulus.bits()), |
21 | | m_e{}, |
22 | | m_d{}, |
23 | | m_counter{} |
24 | 0 | { |
25 | 0 | const BigInt k = blinding_nonce(); |
26 | 0 | m_e = m_fwd_fn(k); |
27 | 0 | m_d = m_inv_fn(k); |
28 | 0 | } |
29 | | |
30 | | BigInt Blinder::blinding_nonce() const |
31 | 0 | { |
32 | 0 | return BigInt(m_rng, m_modulus_bits - 1); |
33 | 0 | } |
34 | | |
35 | | BigInt Blinder::blind(const BigInt& i) const |
36 | 0 | { |
37 | 0 | if(!m_reducer.initialized()) |
38 | 0 | throw Invalid_State("Blinder not initialized, cannot blind"); |
39 | | |
40 | 0 | ++m_counter; |
41 | |
|
42 | 0 | if((BOTAN_BLINDING_REINIT_INTERVAL > 0) && (m_counter > BOTAN_BLINDING_REINIT_INTERVAL)) |
43 | 0 | { |
44 | 0 | const BigInt k = blinding_nonce(); |
45 | 0 | m_e = m_fwd_fn(k); |
46 | 0 | m_d = m_inv_fn(k); |
47 | 0 | m_counter = 0; |
48 | 0 | } |
49 | 0 | else |
50 | 0 | { |
51 | 0 | m_e = m_reducer.square(m_e); |
52 | 0 | m_d = m_reducer.square(m_d); |
53 | 0 | } |
54 | |
|
55 | 0 | return m_reducer.multiply(i, m_e); |
56 | 0 | } |
57 | | |
58 | | BigInt Blinder::unblind(const BigInt& i) const |
59 | 0 | { |
60 | 0 | if(!m_reducer.initialized()) |
61 | 0 | throw Invalid_State("Blinder not initialized, cannot unblind"); |
62 | | |
63 | 0 | return m_reducer.multiply(i, m_d); |
64 | 0 | } |
65 | | |
66 | | } |