Botan 2.19.1
Crypto and TLS for C&
ecdh.cpp
Go to the documentation of this file.
1/*
2* ECDH implemenation
3* (C) 2007 Manuel Hartl, FlexSecure GmbH
4* 2007 Falko Strenzke, FlexSecure GmbH
5* 2008-2010 Jack Lloyd
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#include <botan/ecdh.h>
11#include <botan/numthry.h>
12#include <botan/internal/pk_ops_impl.h>
13
14#if defined(BOTAN_HAS_OPENSSL)
15 #include <botan/internal/openssl.h>
16#endif
17
18namespace Botan {
19
20namespace {
21
22/**
23* ECDH operation
24*/
25class ECDH_KA_Operation final : public PK_Ops::Key_Agreement_with_KDF
26 {
27 public:
28
29 ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string& kdf, RandomNumberGenerator& rng) :
30 PK_Ops::Key_Agreement_with_KDF(kdf),
31 m_group(key.domain()),
32 m_rng(rng)
33 {
34 m_l_times_priv = m_group.inverse_mod_order(m_group.get_cofactor()) * key.private_value();
35 }
36
37 size_t agreed_value_size() const override { return m_group.get_p_bytes(); }
38
39 secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override
40 {
41 PointGFp input_point = m_group.get_cofactor() * m_group.OS2ECP(w, w_len);
42 input_point.randomize_repr(m_rng);
43
44 const PointGFp S = m_group.blinded_var_point_multiply(
45 input_point, m_l_times_priv, m_rng, m_ws);
46
47 if(S.on_the_curve() == false)
48 throw Internal_Error("ECDH agreed value was not on the curve");
49 return BigInt::encode_1363(S.get_affine_x(), m_group.get_p_bytes());
50 }
51 private:
52 const EC_Group m_group;
53 BigInt m_l_times_priv;
54 RandomNumberGenerator& m_rng;
55 std::vector<BigInt> m_ws;
56 };
57
58}
59
60std::unique_ptr<PK_Ops::Key_Agreement>
62 const std::string& params,
63 const std::string& provider) const
64 {
65#if defined(BOTAN_HAS_OPENSSL)
66 if(provider == "openssl" || provider.empty())
67 {
68 try
69 {
70 return make_openssl_ecdh_ka_op(*this, params);
71 }
72 catch(Lookup_Error&)
73 {
74 if(provider == "openssl")
75 throw;
76 }
77 }
78#endif
79
80 if(provider == "base" || provider.empty())
81 return std::unique_ptr<PK_Ops::Key_Agreement>(new ECDH_KA_Operation(*this, params, rng));
82
83 throw Provider_Not_Found(algo_name(), provider);
84 }
85
86
87}
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
Definition: big_code.cpp:111
std::unique_ptr< PK_Ops::Key_Agreement > create_key_agreement_op(RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
Definition: ecdh.cpp:61
std::string algo_name() const override
Definition: ecdh.h:45
int(* final)(unsigned char *, CTX *)
Definition: alg_id.cpp:13