Botan  1.10.9
dh.cpp
Go to the documentation of this file.
1 /*
2 * Diffie-Hellman
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/dh.h>
9 #include <botan/numthry.h>
10 #include <botan/libstate.h>
11 #include <botan/internal/workfactor.h>
12 
13 namespace Botan {
14 
15 /*
16 * DH_PublicKey Constructor
17 */
19  {
20  group = grp;
21  y = y1;
22  }
23 
24 /*
25 * Return the public value for key agreement
26 */
28  {
29  return BigInt::encode_1363(y, group_p().bytes());
30  }
31 
32 /*
33 * Create a DH private key
34 */
36  const DL_Group& grp,
37  const BigInt& x_arg)
38  {
39  group = grp;
40  x = x_arg;
41 
42  if(x == 0)
43  {
44  const BigInt& p = group_p();
45  x.randomize(rng, 2 * dl_work_factor(p.bits()));
46  }
47 
48  if(y == 0)
49  y = power_mod(group_g(), x, group_p());
50 
51  if(x == 0)
52  gen_check(rng);
53  else
54  load_check(rng);
55  }
56 
57 /*
58 * Load a DH private key
59 */
61  const MemoryRegion<byte>& key_bits,
63  DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
64  {
65  if(y == 0)
66  y = power_mod(group_g(), x, group_p());
67 
68  load_check(rng);
69  }
70 
71 /*
72 * Return the public value for key agreement
73 */
75  {
77  }
78 
80  p(dh.group_p()), powermod_x_p(dh.get_x(), p)
81  {
82  BigInt k(global_state().global_rng(), p.bits() - 1);
83  blinder = Blinder(k, powermod_x_p(inverse_mod(k, p)), p);
84  }
85 
87  {
88  BigInt input = BigInt::decode(w, w_len);
89 
90  if(input <= 1 || input >= p - 1)
91  throw Invalid_Argument("DH agreement - invalid key provided");
92 
93  BigInt r = blinder.unblind(powermod_x_p(blinder.blind(input)));
94 
95  return BigInt::encode_1363(r, p.bytes());
96  }
97 
98 }
void load_check(RandomNumberGenerator &rng) const
Definition: pk_keys.cpp:40
MemoryVector< byte > public_value() const
Definition: dh.cpp:74
const BigInt & group_p() const
Definition: dl_algo.h:44
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
SecureVector< byte > agree(const byte w[], size_t w_len)
Definition: dh.cpp:86
unsigned char byte
Definition: types.h:22
size_t bits() const
Definition: bigint.cpp:253
MemoryVector< byte > public_value() const
Definition: dh.cpp:27
DH_PrivateKey(const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &key_bits, RandomNumberGenerator &rng)
Definition: dh.cpp:60
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
void randomize(RandomNumberGenerator &rng, size_t bitsize=0)
Definition: big_rand.cpp:29
Library_State & global_state()
DH_KA_Operation(const DH_PrivateKey &key)
Definition: dh.cpp:79
BigInt unblind(const BigInt &x) const
Definition: blinding.cpp:42
BigInt inverse_mod(const BigInt &n, const BigInt &mod)
Definition: numthry.cpp:202
BigInt blind(const BigInt &x) const
Definition: blinding.cpp:29
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
Definition: numthry.cpp:251
static BigInt decode(const byte buf[], size_t length, Base base=Binary)
Definition: big_code.cpp:102
BigInt r
Definition: numthry.cpp:26
const BigInt & group_g() const
Definition: dl_algo.h:56
size_t dl_work_factor(size_t bits)
Definition: workfactor.cpp:14
void gen_check(RandomNumberGenerator &rng) const
Definition: pk_keys.cpp:49
static SecureVector< byte > encode_1363(const BigInt &n, size_t bytes)
Definition: big_code.cpp:78
size_t bytes() const
Definition: bigint.cpp:245