diff options
Diffstat (limited to 'comm/third_party/botan/src/lib/pubkey/rfc6979/rfc6979.cpp')
-rw-r--r-- | comm/third_party/botan/src/lib/pubkey/rfc6979/rfc6979.cpp | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/comm/third_party/botan/src/lib/pubkey/rfc6979/rfc6979.cpp b/comm/third_party/botan/src/lib/pubkey/rfc6979/rfc6979.cpp new file mode 100644 index 0000000000..94b313c3a2 --- /dev/null +++ b/comm/third_party/botan/src/lib/pubkey/rfc6979/rfc6979.cpp @@ -0,0 +1,59 @@ +/* +* RFC 6979 Deterministic Nonce Generator +* (C) 2014,2015 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/rfc6979.h> +#include <botan/hmac_drbg.h> +#include <botan/mac.h> + +namespace Botan { + +RFC6979_Nonce_Generator::RFC6979_Nonce_Generator(const std::string& hash, + const BigInt& order, + const BigInt& x) : + m_order(order), + m_qlen(m_order.bits()), + m_rlen(m_qlen / 8 + (m_qlen % 8 ? 1 : 0)), + m_rng_in(m_rlen * 2), + m_rng_out(m_rlen) + { + m_hmac_drbg.reset(new HMAC_DRBG(MessageAuthenticationCode::create("HMAC(" + hash + ")"))); + BigInt::encode_1363(m_rng_in.data(), m_rlen, x); + } + +RFC6979_Nonce_Generator::~RFC6979_Nonce_Generator() + { + // for ~unique_ptr + } + +const BigInt& RFC6979_Nonce_Generator::nonce_for(const BigInt& m) + { + BigInt::encode_1363(&m_rng_in[m_rlen], m_rlen, m); + m_hmac_drbg->clear(); + m_hmac_drbg->initialize_with(m_rng_in.data(), m_rng_in.size()); + + do + { + m_hmac_drbg->randomize(m_rng_out.data(), m_rng_out.size()); + m_k.binary_decode(m_rng_out.data(), m_rng_out.size()); + m_k >>= (8*m_rlen - m_qlen); + } + while(m_k == 0 || m_k >= m_order); + + return m_k; + } + +BigInt generate_rfc6979_nonce(const BigInt& x, + const BigInt& q, + const BigInt& h, + const std::string& hash) + { + RFC6979_Nonce_Generator gen(hash, q, x); + BigInt k = gen.nonce_for(h); + return k; + } + +} |