doxygen/rfc6979_8h_source.html

/*

* RFC 6979 Deterministic Nonce Generator

* (C) 2014,2015,2024 Jack Lloyd

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#ifndef BOTAN_RFC6979_GENERATOR_H_

#define BOTAN_RFC6979_GENERATOR_H_


#include <botan/bigint.h>

#include <memory>

#include <span>

#include <string_view>


#if defined(BOTAN_HAS_ECC_GROUP)

   #include <botan/ec_scalar.h>

#endif


namespace Botan {


class HMAC_DRBG;


class BOTAN_TEST_API RFC6979_Nonce_Generator final {

   public:

      RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const BigInt& x);


      BigInt nonce_for(const BigInt& group_order, const BigInt& m);


#if defined(BOTAN_HAS_ECC_GROUP)

      RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const EC_Scalar& scalar);


      EC_Scalar nonce_for(const EC_Group& group, const EC_Scalar& m);

#endif


      RFC6979_Nonce_Generator(const RFC6979_Nonce_Generator& other) = delete;

      RFC6979_Nonce_Generator& operator=(const RFC6979_Nonce_Generator& other) = delete;


      RFC6979_Nonce_Generator(RFC6979_Nonce_Generator&& other) noexcept;

      RFC6979_Nonce_Generator& operator=(RFC6979_Nonce_Generator&& other) noexcept;

      ~RFC6979_Nonce_Generator();


   private:

      size_t m_qlen;

      size_t m_rlen;

      std::unique_ptr<HMAC_DRBG> m_hmac_drbg;

      secure_vector<uint8_t> m_rng_in;

      secure_vector<uint8_t> m_rng_out;

};


/**

* @param x the secret (EC)DSA key

* @param q the group order

* @param h the message hash already reduced mod q

* @param hash the hash function used to generate h

*/


inline BigInt generate_rfc6979_nonce(const BigInt& x, const BigInt& q, const BigInt& h, std::string_view hash) {

   RFC6979_Nonce_Generator gen(hash, q.bits(), x);

   return gen.nonce_for(q, h);

}


}  // namespace Botan


#endif

BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:41

Botan::BigInt
Definition bigint.h:25

Botan::BigInt::bits
size_t bits() const
Definition bigint.cpp:311

Botan::EC_Group
Definition ec_group.h:87

Botan::EC_Scalar
Definition ec_scalar.h:28

Botan::HMAC_DRBG
Definition hmac_drbg.h:21

Botan::RFC6979_Nonce_Generator
Definition rfc6979.h:24

Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator
RFC6979_Nonce_Generator(const RFC6979_Nonce_Generator &other)=delete

Botan::RFC6979_Nonce_Generator::operator=
RFC6979_Nonce_Generator & operator=(RFC6979_Nonce_Generator &&other) noexcept

Botan::RFC6979_Nonce_Generator::operator=
RFC6979_Nonce_Generator & operator=(const RFC6979_Nonce_Generator &other)=delete

Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator
RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const BigInt &x)
Definition rfc6979.cpp:22

Botan::RFC6979_Nonce_Generator::~RFC6979_Nonce_Generator
~RFC6979_Nonce_Generator()

Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator
RFC6979_Nonce_Generator(RFC6979_Nonce_Generator &&other) noexcept

Botan::RFC6979_Nonce_Generator::nonce_for
BigInt nonce_for(const BigInt &group_order, const BigInt &m)
Definition rfc6979.cpp:29

Botan
Definition alg_id.cpp:13

Botan::generate_rfc6979_nonce
BigInt generate_rfc6979_nonce(const BigInt &x, const BigInt &q, const BigInt &h, std::string_view hash)
Definition rfc6979.h:57

Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69