blob: 3e7fb45d2f43b5c25d1fb45fadc0dfa303f91666 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
/*************************************************
* ECKAEG Operation *
* (C) 2007 FlexSecure GmbH *
* 2008 Jack Lloyd *
*************************************************/
#include <botan/eckaeg_op.h>
#include <botan/eng_def.h>
namespace Botan {
Default_ECKAEG_Op::Default_ECKAEG_Op(const EC_Domain_Params& dom_pars,
const BigInt& priv_key,
const PointGFp& pub_key)
: m_dom_pars(dom_pars),
m_pub_key(pub_key),
m_priv_key(priv_key)
{
}
SecureVector<byte> Default_ECKAEG_Op::agree(const PointGFp& i) const
{
BigInt cofactor(m_dom_pars.get_cofactor());
BigInt n = m_dom_pars.get_order();
BigInt l(inverse_mod(cofactor,n)); // l=h^-1 mod n
PointGFp Q(cofactor*i); // q = h*Pb
PointGFp S(Q);
BigInt group_order = m_dom_pars.get_cofactor() * n;
S.mult_this_secure((m_priv_key*l)%n, group_order, n-1);
S.check_invariants();
return FE2OSP(S.get_affine_x()); // fe2os(xs)
}
/*************************************************
* Acquire a ECKAEG op *
*************************************************/
ECKAEG_Operation* Default_Engine::eckaeg_op(const EC_Domain_Params& dom_pars,
const BigInt& priv_key,
const PointGFp& pub_key) const
{
return new Default_ECKAEG_Op(dom_pars, priv_key, pub_key);
}
}
|
