/src/botan/src/lib/pubkey/cecpq1/cecpq1.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * CECPQ1 (x25519 + NewHope) |
3 | | * (C) 2016 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/cecpq1.h> |
9 | | #include <botan/newhope.h> |
10 | | #include <botan/curve25519.h> |
11 | | #include <botan/rng.h> |
12 | | |
13 | | namespace Botan { |
14 | | |
15 | | void CECPQ1_offer(uint8_t send[CECPQ1_OFFER_BYTES], |
16 | | CECPQ1_key* offer_key_output, |
17 | | RandomNumberGenerator& rng) |
18 | 0 | { |
19 | 0 | offer_key_output->m_x25519 = rng.random_vec(32); |
20 | 0 | curve25519_basepoint(send, offer_key_output->m_x25519.data()); |
21 | |
|
22 | 0 | newhope_keygen(send + 32, &offer_key_output->m_newhope, |
23 | 0 | rng, Newhope_Mode::BoringSSL); |
24 | 0 | } |
25 | | |
26 | | void CECPQ1_accept(uint8_t shared_key[CECPQ1_SHARED_KEY_BYTES], |
27 | | uint8_t send[CECPQ1_ACCEPT_BYTES], |
28 | | const uint8_t received[CECPQ1_OFFER_BYTES], |
29 | | RandomNumberGenerator& rng) |
30 | 0 | { |
31 | 0 | secure_vector<uint8_t> x25519_key = rng.random_vec(32); |
32 | |
|
33 | 0 | curve25519_basepoint(send, x25519_key.data()); |
34 | |
|
35 | 0 | curve25519_donna(shared_key, x25519_key.data(), received); |
36 | |
|
37 | 0 | newhope_sharedb(shared_key + 32, send + 32, received + 32, |
38 | 0 | rng, Newhope_Mode::BoringSSL); |
39 | 0 | } |
40 | | |
41 | | void CECPQ1_finish(uint8_t shared_key[CECPQ1_SHARED_KEY_BYTES], |
42 | | const CECPQ1_key& offer_key, |
43 | | const uint8_t received[CECPQ1_ACCEPT_BYTES]) |
44 | 0 | { |
45 | 0 | curve25519_donna(shared_key, offer_key.m_x25519.data(), received); |
46 | |
|
47 | 0 | newhope_shareda(shared_key + 32, &offer_key.m_newhope, received + 32, |
48 | 0 | Newhope_Mode::BoringSSL); |
49 | 0 | } |
50 | | |
51 | | } |