Botan
2.19.3
Crypto and TLS for C&
src
lib
pubkey
rfc6979
rfc6979.cpp
Go to the documentation of this file.
1
/*
2
* RFC 6979 Deterministic Nonce Generator
3
* (C) 2014,2015 Jack Lloyd
4
*
5
* Botan is released under the Simplified BSD License (see license.txt)
6
*/
7
8
#include <botan/rfc6979.h>
9
#include <botan/hmac_drbg.h>
10
#include <botan/mac.h>
11
12
namespace
Botan
{
13
14
RFC6979_Nonce_Generator::RFC6979_Nonce_Generator
(
const
std::string&
hash
,
15
const
BigInt
& order,
16
const
BigInt
& x) :
17
m_order(order),
18
m_qlen(m_order.bits()),
19
m_rlen(m_qlen / 8 + (m_qlen % 8 ? 1 : 0)),
20
m_rng_in(m_rlen * 2),
21
m_rng_out(m_rlen)
22
{
23
m_hmac_drbg.reset(
new
HMAC_DRBG
(
MessageAuthenticationCode::create
(
"HMAC("
+
hash
+
")"
)));
24
BigInt::encode_1363
(m_rng_in.data(), m_rlen, x);
25
}
26
27
RFC6979_Nonce_Generator::~RFC6979_Nonce_Generator
()
28
{
29
// for ~unique_ptr
30
}
31
32
const
BigInt
&
RFC6979_Nonce_Generator::nonce_for
(
const
BigInt
& m)
33
{
34
BigInt::encode_1363
(&m_rng_in[m_rlen], m_rlen, m);
35
m_hmac_drbg->clear();
36
m_hmac_drbg->initialize_with(m_rng_in.data(), m_rng_in.size());
37
38
do
39
{
40
m_hmac_drbg->randomize(m_rng_out.data(), m_rng_out.size());
41
m_k.
binary_decode
(m_rng_out.data(), m_rng_out.size());
42
m_k >>= (8*m_rlen - m_qlen);
43
}
44
while
(m_k == 0 || m_k >= m_order);
45
46
return
m_k;
47
}
48
49
BigInt
generate_rfc6979_nonce
(
const
BigInt
& x,
50
const
BigInt
& q,
51
const
BigInt
& h,
52
const
std::string&
hash
)
53
{
54
RFC6979_Nonce_Generator
gen(
hash
, q, x);
55
BigInt
k = gen.
nonce_for
(h);
56
return
k;
57
}
58
59
}
Botan::BigInt
Definition
bigint.h:25
Botan::BigInt::binary_decode
void binary_decode(const uint8_t buf[], size_t length)
Definition
bigint.cpp:432
Botan::BigInt::encode_1363
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
Definition
big_code.cpp:111
Botan::HMAC_DRBG
Definition
hmac_drbg.h:22
Botan::MessageAuthenticationCode::create
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition
mac.cpp:46
Botan::RFC6979_Nonce_Generator
Definition
rfc6979.h:22
Botan::RFC6979_Nonce_Generator::RFC6979_Nonce_Generator
RFC6979_Nonce_Generator(const std::string &hash, const BigInt &order, const BigInt &x)
Definition
rfc6979.cpp:14
Botan::RFC6979_Nonce_Generator::nonce_for
const BigInt & nonce_for(const BigInt &m)
Definition
rfc6979.cpp:32
Botan::RFC6979_Nonce_Generator::~RFC6979_Nonce_Generator
~RFC6979_Nonce_Generator()
Definition
rfc6979.cpp:27
Botan
Definition
alg_id.cpp:13
Botan::generate_rfc6979_nonce
BigInt generate_rfc6979_nonce(const BigInt &x, const BigInt &q, const BigInt &h, const std::string &hash)
Definition
rfc6979.cpp:49
hash
MechanismType hash
Definition
p11_mechanism.cpp:64
Generated by
1.9.8