/src/botan/src/lib/pubkey/dh/dh.cpp
Line | Count | Source |
1 | | /* |
2 | | * Diffie-Hellman |
3 | | * (C) 1999-2007,2016,2019,2023 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/dh.h> |
9 | | |
10 | | #include <botan/internal/blinding.h> |
11 | | #include <botan/internal/dl_scheme.h> |
12 | | #include <botan/internal/pk_ops_impl.h> |
13 | | |
14 | | namespace Botan { |
15 | | |
16 | 242 | DH_PublicKey::DH_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) { |
17 | 242 | m_public_key = std::make_shared<DL_PublicKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42); |
18 | 242 | } Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Botan::DH_PublicKey::DH_PublicKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Line | Count | Source | 16 | 242 | DH_PublicKey::DH_PublicKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) { | 17 | 242 | m_public_key = std::make_shared<DL_PublicKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42); | 18 | 242 | } |
|
19 | | |
20 | 0 | DH_PublicKey::DH_PublicKey(const DL_Group& group, const BigInt& y) { |
21 | 0 | m_public_key = std::make_shared<DL_PublicKey>(group, y); |
22 | 0 | } Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::DL_Group const&, Botan::BigInt const&) Unexecuted instantiation: Botan::DH_PublicKey::DH_PublicKey(Botan::DL_Group const&, Botan::BigInt const&) |
23 | | |
24 | 0 | size_t DH_PublicKey::estimated_strength() const { |
25 | 0 | return m_public_key->estimated_strength(); |
26 | 0 | } |
27 | | |
28 | 0 | size_t DH_PublicKey::key_length() const { |
29 | 0 | return m_public_key->p_bits(); |
30 | 0 | } |
31 | | |
32 | 0 | const BigInt& DH_PublicKey::get_int_field(std::string_view field) const { |
33 | 0 | return m_public_key->get_int_field(algo_name(), field); |
34 | 0 | } |
35 | | |
36 | 0 | const DL_Group& DH_PublicKey::group() const { |
37 | 0 | return m_public_key->group(); |
38 | 0 | } |
39 | | |
40 | 0 | AlgorithmIdentifier DH_PublicKey::algorithm_identifier() const { |
41 | 0 | return AlgorithmIdentifier(object_identifier(), m_public_key->group().DER_encode(DL_Group_Format::ANSI_X9_42)); |
42 | 0 | } |
43 | | |
44 | 0 | std::vector<uint8_t> DH_PublicKey::raw_public_key_bits() const { |
45 | 0 | return m_public_key->public_key_as_bytes(); |
46 | 0 | } |
47 | | |
48 | 0 | std::vector<uint8_t> DH_PublicKey::public_key_bits() const { |
49 | 0 | return m_public_key->DER_encode(); |
50 | 0 | } |
51 | | |
52 | 0 | bool DH_PublicKey::check_key(RandomNumberGenerator& rng, bool strong) const { |
53 | 0 | return m_public_key->check_key(rng, strong); |
54 | 0 | } |
55 | | |
56 | 0 | std::unique_ptr<Private_Key> DH_PublicKey::generate_another(RandomNumberGenerator& rng) const { |
57 | 0 | return std::make_unique<DH_PrivateKey>(rng, group()); |
58 | 0 | } |
59 | | |
60 | 0 | DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng, const DL_Group& group) { |
61 | 0 | m_private_key = std::make_shared<DL_PrivateKey>(group, rng); |
62 | 0 | m_public_key = m_private_key->public_key(); |
63 | 0 | } Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::RandomNumberGenerator&, Botan::DL_Group const&) Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::RandomNumberGenerator&, Botan::DL_Group const&) |
64 | | |
65 | 0 | DH_PrivateKey::DH_PrivateKey(const DL_Group& group, const BigInt& x) { |
66 | 0 | m_private_key = std::make_shared<DL_PrivateKey>(group, x); |
67 | 0 | m_public_key = m_private_key->public_key(); |
68 | 0 | } Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::DL_Group const&, Botan::BigInt const&) Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::DL_Group const&, Botan::BigInt const&) |
69 | | |
70 | 171 | DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) { |
71 | 171 | m_private_key = std::make_shared<DL_PrivateKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42); |
72 | 171 | m_public_key = m_private_key->public_key(); |
73 | 171 | } Unexecuted instantiation: Botan::DH_PrivateKey::DH_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Botan::DH_PrivateKey::DH_PrivateKey(Botan::AlgorithmIdentifier const&, std::__1::span<unsigned char const, 18446744073709551615ul>) Line | Count | Source | 70 | 171 | DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id, std::span<const uint8_t> key_bits) { | 71 | 171 | m_private_key = std::make_shared<DL_PrivateKey>(alg_id, key_bits, DL_Group_Format::ANSI_X9_42); | 72 | 171 | m_public_key = m_private_key->public_key(); | 73 | 171 | } |
|
74 | | |
75 | 0 | std::unique_ptr<Public_Key> DH_PrivateKey::public_key() const { |
76 | 0 | return std::unique_ptr<DH_PublicKey>(new DH_PublicKey(m_public_key)); |
77 | 0 | } |
78 | | |
79 | 0 | std::vector<uint8_t> DH_PrivateKey::public_value() const { |
80 | 0 | return raw_public_key_bits(); |
81 | 0 | } |
82 | | |
83 | 0 | secure_vector<uint8_t> DH_PrivateKey::private_key_bits() const { |
84 | 0 | return m_private_key->DER_encode(); |
85 | 0 | } |
86 | | |
87 | 0 | secure_vector<uint8_t> DH_PrivateKey::raw_private_key_bits() const { |
88 | 0 | return m_private_key->raw_private_key_bits(); |
89 | 0 | } |
90 | | |
91 | 0 | const BigInt& DH_PrivateKey::get_int_field(std::string_view field) const { |
92 | 0 | return m_private_key->get_int_field(algo_name(), field); |
93 | 0 | } |
94 | | |
95 | | namespace { |
96 | | |
97 | | /** |
98 | | * DH operation |
99 | | */ |
100 | | class DH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF { |
101 | | public: |
102 | | DH_KA_Operation(const std::shared_ptr<const DL_PrivateKey>& key, |
103 | | std::string_view kdf, |
104 | | RandomNumberGenerator& rng) : |
105 | 0 | PK_Ops::Key_Agreement_with_KDF(kdf), |
106 | 0 | m_key(key), |
107 | 0 | m_key_bits(m_key->private_key().bits()), |
108 | 0 | m_blinder( |
109 | 0 | m_key->group()._reducer_mod_p(), |
110 | 0 | rng, |
111 | 0 | [](const BigInt& k) { return k; }, |
112 | 0 | [this](const BigInt& k) { return powermod_x_p(group().inverse_mod_p(k)); }) {} |
113 | | |
114 | 0 | size_t agreed_value_size() const override { return group().p_bytes(); } |
115 | | |
116 | | secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override; |
117 | | |
118 | | private: |
119 | 0 | const DL_Group& group() const { return m_key->group(); } |
120 | | |
121 | 0 | BigInt powermod_x_p(const BigInt& v) const { return group().power_b_p(v, m_key->private_key(), m_key_bits); } |
122 | | |
123 | | std::shared_ptr<const DL_PrivateKey> m_key; |
124 | | const size_t m_key_bits; |
125 | | Blinder m_blinder; |
126 | | }; |
127 | | |
128 | 0 | secure_vector<uint8_t> DH_KA_Operation::raw_agree(const uint8_t w[], size_t w_len) { |
129 | 0 | BigInt v = BigInt::from_bytes(std::span{w, w_len}); |
130 | |
|
131 | 0 | if(v <= 1 || v >= group().get_p()) { |
132 | 0 | throw Invalid_Argument("DH agreement - invalid key provided"); |
133 | 0 | } |
134 | | |
135 | 0 | v = m_blinder.blind(v); |
136 | 0 | v = powermod_x_p(v); |
137 | 0 | v = m_blinder.unblind(v); |
138 | |
|
139 | 0 | return v.serialize<secure_vector<uint8_t>>(group().p_bytes()); |
140 | 0 | } |
141 | | |
142 | | } // namespace |
143 | | |
144 | | std::unique_ptr<PK_Ops::Key_Agreement> DH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng, |
145 | | std::string_view params, |
146 | 0 | std::string_view provider) const { |
147 | 0 | if(provider == "base" || provider.empty()) { |
148 | 0 | return std::make_unique<DH_KA_Operation>(this->m_private_key, params, rng); |
149 | 0 | } |
150 | 0 | throw Provider_Not_Found(algo_name(), provider); |
151 | 0 | } |
152 | | |
153 | | } // namespace Botan |