Botan::ECIES_KA_Operation Class Reference

#include <ecies.h>

Public Member Functions
SymmetricKey	derive_secret (const std::vector< uint8_t > &eph_public_key_bin, const EC_Point &other_public_key_point) const
	ECIES_KA_Operation (const PK_Key_Agreement_Key &private_key, const ECIES_KA_Params &ecies_params, bool for_encryption, RandomNumberGenerator &rng)

Detailed Description

ECIES secret derivation according to ISO 18033-2

Definition at line 167 of file ecies.h.

Constructor & Destructor Documentation

ECIES_KA_Operation()

Botan::ECIES_KA_Operation::ECIES_KA_Operation	(	const PK_Key_Agreement_Key &	private_key,
		const ECIES_KA_Params &	ecies_params,
		bool	for_encryption,
		RandomNumberGenerator &	rng )

Parameters

private_key	the (ephemeral) private key which is used to derive the secret
ecies_params	settings for ecies
for_encryption	disable cofactor mode if the secret will be used for encryption (according to ISO 18033 cofactor mode is only used during decryption)
rng	the RNG to use

Definition at line 121 of file ecies.cpp.

                                                                   :
      m_ka(create_key_agreement(private_key, ecies_params, for_encryption, rng)), m_params(ecies_params) {}

Member Function Documentation

derive_secret()

SymmetricKey Botan::ECIES_KA_Operation::derive_secret	(	const std::vector< uint8_t > &	eph_public_key_bin,
		const EC_Point &	other_public_key_point ) const

Performs a key agreement with the provided keys and derives the secret from the result

Parameters

eph_public_key_bin	the encoded (ephemeral) public key which belongs to the used (ephemeral) private key
other_public_key_point	public key point of the other party

ECIES secret derivation according to ISO 18033-2

Definition at line 130 of file ecies.cpp.

                                                                                             {
   if(other_public_key_point.is_zero()) {
      throw Invalid_Argument("ECIES: other public key point is zero");
   }
 
   auto kdf = KDF::create_or_throw(m_params.kdf_spec());
 
   EC_Point other_point = other_public_key_point;
 
   // ISO 18033: step b
   if(m_params.old_cofactor_mode()) {
      other_point *= m_params.domain().get_cofactor();
   }
 
   secure_vector<uint8_t> derivation_input;
 
   // ISO 18033: encryption step e / decryption step g
   if(!m_params.single_hash_mode()) {
      derivation_input += eph_public_key_bin;
   }
 
   // ISO 18033: encryption step f / decryption step h
   std::vector<uint8_t> other_public_key_bin = other_point.encode(m_params.compression_type());
   // Note: the argument `m_params.secret_length()` passed for `key_len` will only be used by providers because
   // "Raw" is passed to the `PK_Key_Agreement` if the implementation of botan is used.
   const SymmetricKey peh =
      m_ka.derive_key(m_params.domain().get_order_bytes(), other_public_key_bin.data(), other_public_key_bin.size());
   derivation_input.insert(derivation_input.end(), peh.begin(), peh.end());
 
   // ISO 18033: encryption step g / decryption step i
   return SymmetricKey(kdf->derive_key(m_params.secret_length(), derivation_input));
}

References Botan::OctetString::begin(), Botan::ECIES_KA_Params::compression_type(), Botan::KDF::create_or_throw(), Botan::PK_Key_Agreement::derive_key(), Botan::ECIES_KA_Params::domain(), Botan::EC_Point::encode(), Botan::OctetString::end(), Botan::EC_Group::get_cofactor(), Botan::EC_Group::get_order_bytes(), Botan::EC_Point::is_zero(), Botan::ECIES_KA_Params::kdf_spec(), Botan::ECIES_KA_Params::old_cofactor_mode(), Botan::ECIES_KA_Params::secret_length(), and Botan::ECIES_KA_Params::single_hash_mode().

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/ecies/ecies.h
• src/lib/pubkey/ecies/ecies.cpp