diff options
author | lloyd <[email protected]> | 2014-03-22 14:16:19 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2014-03-22 14:16:19 +0000 |
commit | 6b043baa4f421e9d00272f3e0d93b7e40cac6b77 (patch) | |
tree | 293d9974f3fd8375e36e5826a44062039a51245e /src/lib/pubkey/rfc6979/rfc6979.cpp | |
parent | ee0698f8046d634dcfe6407227178e40475594b7 (diff) |
Add RFC 6979 nonce generator. Also some HMAC_DRBG cleanups.
Diffstat (limited to 'src/lib/pubkey/rfc6979/rfc6979.cpp')
-rw-r--r-- | src/lib/pubkey/rfc6979/rfc6979.cpp | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/lib/pubkey/rfc6979/rfc6979.cpp b/src/lib/pubkey/rfc6979/rfc6979.cpp new file mode 100644 index 000000000..634b3bcb0 --- /dev/null +++ b/src/lib/pubkey/rfc6979/rfc6979.cpp @@ -0,0 +1,48 @@ +/* +* RFC 6979 Deterministic Nonce Generator +* (C) 2014 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/rfc6979.h> +#include <botan/hmac_drbg.h> +#include <botan/libstate.h> + +#include <botan/hex.h> +#include <iostream> + +namespace Botan { + +BigInt generate_rfc6979_nonce(const BigInt& x, + const BigInt& q, + const BigInt& h, + const std::string& hash) + { + Algorithm_Factory& af = global_state().algorithm_factory(); + + HMAC_DRBG rng(af.make_mac("HMAC(" + hash + ")"), nullptr); + + const size_t qlen = q.bits(); + const size_t rlen = qlen / 8 + (qlen % 8 ? 1 : 0); + + secure_vector<byte> input = BigInt::encode_1363(x, rlen); + + input += BigInt::encode_1363(h, rlen); + + rng.add_entropy(&input[0], input.size()); + + BigInt k; + + secure_vector<byte> kbits(rlen); + + while(k == 0 || k >= q) + { + rng.randomize(&kbits[0], kbits.size()); + k = BigInt::decode(kbits) >> (8*rlen - qlen); + } + + return k; + } + +} |