diff options
Diffstat (limited to 'src/lib/pubkey/ecdh/ecdh.cpp')
-rw-r--r-- | src/lib/pubkey/ecdh/ecdh.cpp | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/src/lib/pubkey/ecdh/ecdh.cpp b/src/lib/pubkey/ecdh/ecdh.cpp index 1bdf2c209..ed2f404dc 100644 --- a/src/lib/pubkey/ecdh/ecdh.cpp +++ b/src/lib/pubkey/ecdh/ecdh.cpp @@ -27,32 +27,38 @@ class ECDH_KA_Operation : public PK_Ops::Key_Agreement_with_KDF { public: - ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string& kdf) : + ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string& kdf, RandomNumberGenerator& rng) : PK_Ops::Key_Agreement_with_KDF(kdf), m_curve(key.domain().get_curve()), - m_cofactor(key.domain().get_cofactor()) + m_cofactor(key.domain().get_cofactor()), + m_order(key.domain().get_order()), + m_rng(rng) { - m_l_times_priv = inverse_mod(m_cofactor, key.domain().get_order()) * key.private_value(); + m_l_times_priv = inverse_mod(m_cofactor, m_order) * key.private_value(); } secure_vector<byte> raw_agree(const byte w[], size_t w_len) override { PointGFp point = OS2ECP(w, w_len, m_curve); - // TODO: add blinding - PointGFp S = (m_cofactor * point) * m_l_times_priv; + PointGFp S = m_cofactor * point; + Blinded_Point_Multiply blinder(S, m_order); + S = blinder.blinded_multiply(m_l_times_priv, m_rng); BOTAN_ASSERT(S.on_the_curve(), "ECDH agreed value was on the curve"); return BigInt::encode_1363(S.get_affine_x(), m_curve.get_p().bytes()); } private: const CurveGFp& m_curve; const BigInt& m_cofactor; + const BigInt& m_order; BigInt m_l_times_priv; + RandomNumberGenerator& m_rng; + }; } std::unique_ptr<PK_Ops::Key_Agreement> -ECDH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& /*rng*/, +ECDH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng, const std::string& params, const std::string& provider) const { @@ -72,7 +78,7 @@ ECDH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& /*rng*/, #endif if(provider == "base" || provider.empty()) - return std::unique_ptr<PK_Ops::Key_Agreement>(new ECDH_KA_Operation(*this, params)); + return std::unique_ptr<PK_Ops::Key_Agreement>(new ECDH_KA_Operation(*this, params, rng)); throw Provider_Not_Found(algo_name(), provider); } |