Botan 3.9.0
Crypto and TLS for C&
rfc6979.h
Go to the documentation of this file.
1/*
2* RFC 6979 Deterministic Nonce Generator
3* (C) 2014,2015,2024 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_RFC6979_GENERATOR_H_
9#define BOTAN_RFC6979_GENERATOR_H_
10
11#include <botan/bigint.h>
12#include <memory>
13#include <span>
14#include <string_view>
15
16#if defined(BOTAN_HAS_ECC_GROUP)
17 #include <botan/ec_scalar.h>
18#endif
19
20namespace Botan {
21
22class HMAC_DRBG;
23
25 public:
26 RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const BigInt& x);
27
28 BigInt nonce_for(const BigInt& group_order, const BigInt& m);
29
30#if defined(BOTAN_HAS_ECC_GROUP)
31 RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const EC_Scalar& scalar);
32
33 EC_Scalar nonce_for(const EC_Group& group, const EC_Scalar& m);
34#endif
35
38
42
43 private:
44 size_t m_qlen;
45 size_t m_rlen;
46 std::unique_ptr<HMAC_DRBG> m_hmac_drbg;
48 secure_vector<uint8_t> m_rng_out;
49};
50
51/**
52* @param x the secret (EC)DSA key
53* @param q the group order
54* @param h the message hash already reduced mod q
55* @param hash the hash function used to generate h
56*/
57inline BigInt generate_rfc6979_nonce(const BigInt& x, const BigInt& q, const BigInt& h, std::string_view hash) {
58 RFC6979_Nonce_Generator gen(hash, q.bits(), x);
59 return gen.nonce_for(q, h);
60}
61
62} // namespace Botan
63
64#endif
#define BOTAN_TEST_API
Definition api.h:41
size_t bits() const
Definition bigint.cpp:311
RFC6979_Nonce_Generator(const RFC6979_Nonce_Generator &other)=delete
RFC6979_Nonce_Generator & operator=(RFC6979_Nonce_Generator &&other) noexcept
RFC6979_Nonce_Generator & operator=(const RFC6979_Nonce_Generator &other)=delete
RFC6979_Nonce_Generator(std::string_view hash, size_t order_bits, const BigInt &x)
Definition rfc6979.cpp:22
RFC6979_Nonce_Generator(RFC6979_Nonce_Generator &&other) noexcept
BigInt nonce_for(const BigInt &group_order, const BigInt &m)
Definition rfc6979.cpp:29
BigInt generate_rfc6979_nonce(const BigInt &x, const BigInt &q, const BigInt &h, std::string_view hash)
Definition rfc6979.h:57
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69