/src/botan/src/lib/pubkey/curve25519/curve25519.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Curve25519 |
3 | | * (C) 2014 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/curve25519.h> |
9 | | #include <botan/internal/pk_ops_impl.h> |
10 | | #include <botan/ber_dec.h> |
11 | | #include <botan/der_enc.h> |
12 | | #include <botan/rng.h> |
13 | | |
14 | | namespace Botan { |
15 | | |
16 | | void curve25519_basepoint(uint8_t mypublic[32], const uint8_t secret[32]) |
17 | 597 | { |
18 | 597 | const uint8_t basepoint[32] = { 9 }; |
19 | 597 | curve25519_donna(mypublic, secret, basepoint); |
20 | 597 | } |
21 | | |
22 | | namespace { |
23 | | |
24 | | void size_check(size_t size, const char* thing) |
25 | 114 | { |
26 | 114 | if(size != 32) |
27 | 111 | throw Decoding_Error("Invalid size " + std::to_string(size) + " for Curve25519 " + thing); |
28 | 114 | } |
29 | | |
30 | | secure_vector<uint8_t> curve25519(const secure_vector<uint8_t>& secret, |
31 | | const uint8_t pubval[32]) |
32 | 1 | { |
33 | 1 | secure_vector<uint8_t> out(32); |
34 | 1 | curve25519_donna(out.data(), secret.data(), pubval); |
35 | 1 | return out; |
36 | 1 | } |
37 | | |
38 | | } |
39 | | |
40 | | AlgorithmIdentifier Curve25519_PublicKey::algorithm_identifier() const |
41 | 0 | { |
42 | 0 | return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_EMPTY_PARAM); |
43 | 0 | } |
44 | | |
45 | | bool Curve25519_PublicKey::check_key(RandomNumberGenerator& /*rng*/, bool /*strong*/) const |
46 | 0 | { |
47 | 0 | return true; // no tests possible? |
48 | 0 | } |
49 | | |
50 | | Curve25519_PublicKey::Curve25519_PublicKey(const AlgorithmIdentifier& /*unused*/, |
51 | | const std::vector<uint8_t>& key_bits) |
52 | 1 | { |
53 | 1 | m_public = key_bits; |
54 | | |
55 | 1 | size_check(m_public.size(), "public key"); |
56 | 1 | } Unexecuted instantiation: Botan::Curve25519_PublicKey::Curve25519_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&) Botan::Curve25519_PublicKey::Curve25519_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&) Line | Count | Source | 52 | 1 | { | 53 | 1 | m_public = key_bits; | 54 | | | 55 | 1 | size_check(m_public.size(), "public key"); | 56 | 1 | } |
|
57 | | |
58 | | std::vector<uint8_t> Curve25519_PublicKey::public_key_bits() const |
59 | 0 | { |
60 | 0 | return m_public; |
61 | 0 | } |
62 | | |
63 | | Curve25519_PrivateKey::Curve25519_PrivateKey(const secure_vector<uint8_t>& secret_key) |
64 | 0 | { |
65 | 0 | if(secret_key.size() != 32) |
66 | 0 | throw Decoding_Error("Invalid size for Curve25519 private key"); |
67 | | |
68 | 0 | m_public.resize(32); |
69 | 0 | m_private = secret_key; |
70 | 0 | curve25519_basepoint(m_public.data(), m_private.data()); |
71 | 0 | } Unexecuted instantiation: Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> > const&) Unexecuted instantiation: Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> > const&) |
72 | | |
73 | | Curve25519_PrivateKey::Curve25519_PrivateKey(RandomNumberGenerator& rng) |
74 | 595 | { |
75 | 595 | m_private = rng.random_vec(32); |
76 | 595 | m_public.resize(32); |
77 | 595 | curve25519_basepoint(m_public.data(), m_private.data()); |
78 | 595 | } Unexecuted instantiation: Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(Botan::RandomNumberGenerator&) Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(Botan::RandomNumberGenerator&) Line | Count | Source | 74 | 595 | { | 75 | 595 | m_private = rng.random_vec(32); | 76 | 595 | m_public.resize(32); | 77 | 595 | curve25519_basepoint(m_public.data(), m_private.data()); | 78 | 595 | } |
|
79 | | |
80 | | Curve25519_PrivateKey::Curve25519_PrivateKey(const AlgorithmIdentifier& /*unused*/, |
81 | | const secure_vector<uint8_t>& key_bits) |
82 | 35 | { |
83 | 35 | BER_Decoder(key_bits).decode(m_private, ASN1_Type::OctetString).discard_remaining(); |
84 | | |
85 | 35 | size_check(m_private.size(), "private key"); |
86 | 35 | m_public.resize(32); |
87 | 35 | curve25519_basepoint(m_public.data(), m_private.data()); |
88 | 35 | } Unexecuted instantiation: Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> > const&) Botan::Curve25519_PrivateKey::Curve25519_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> > const&) Line | Count | Source | 82 | 35 | { | 83 | 35 | BER_Decoder(key_bits).decode(m_private, ASN1_Type::OctetString).discard_remaining(); | 84 | | | 85 | 35 | size_check(m_private.size(), "private key"); | 86 | 35 | m_public.resize(32); | 87 | 35 | curve25519_basepoint(m_public.data(), m_private.data()); | 88 | 35 | } |
|
89 | | |
90 | | std::unique_ptr<Public_Key> Curve25519_PrivateKey::public_key() const |
91 | 0 | { |
92 | 0 | return std::make_unique<Curve25519_PublicKey>(public_value()); |
93 | 0 | } |
94 | | |
95 | | secure_vector<uint8_t> Curve25519_PrivateKey::private_key_bits() const |
96 | 0 | { |
97 | 0 | return DER_Encoder().encode(m_private, ASN1_Type::OctetString).get_contents(); |
98 | 0 | } |
99 | | |
100 | | bool Curve25519_PrivateKey::check_key(RandomNumberGenerator& /*rng*/, bool /*strong*/) const |
101 | 0 | { |
102 | 0 | std::vector<uint8_t> public_point(32); |
103 | 0 | curve25519_basepoint(public_point.data(), m_private.data()); |
104 | 0 | return public_point == m_public; |
105 | 0 | } |
106 | | |
107 | | secure_vector<uint8_t> Curve25519_PrivateKey::agree(const uint8_t w[], size_t w_len) const |
108 | 82 | { |
109 | 82 | size_check(w_len, "public value"); |
110 | 82 | return curve25519(m_private, w); |
111 | 82 | } |
112 | | |
113 | | namespace { |
114 | | |
115 | | /** |
116 | | * Curve25519 operation |
117 | | */ |
118 | | class Curve25519_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF |
119 | | { |
120 | | public: |
121 | | |
122 | | Curve25519_KA_Operation(const Curve25519_PrivateKey& key, const std::string& kdf) : |
123 | | PK_Ops::Key_Agreement_with_KDF(kdf), |
124 | 82 | m_key(key) {} |
125 | | |
126 | 0 | size_t agreed_value_size() const override { return 32; } |
127 | | |
128 | | secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override |
129 | 82 | { |
130 | 82 | return m_key.agree(w, w_len); |
131 | 82 | } |
132 | | private: |
133 | | const Curve25519_PrivateKey& m_key; |
134 | | }; |
135 | | |
136 | | } |
137 | | |
138 | | std::unique_ptr<PK_Ops::Key_Agreement> |
139 | | Curve25519_PrivateKey::create_key_agreement_op(RandomNumberGenerator& /*rng*/, |
140 | | const std::string& params, |
141 | | const std::string& provider) const |
142 | 82 | { |
143 | 82 | if(provider == "base" || provider.empty()) |
144 | 82 | return std::make_unique<Curve25519_KA_Operation>(*this, params); |
145 | 0 | throw Provider_Not_Found(algo_name(), provider); |
146 | 82 | } |
147 | | |
148 | | } |