Botan  2.1.0
Crypto and TLS for C++11
curve25519.cpp
Go to the documentation of this file.
1 /*
2 * Curve25519
3 * (C) 2014 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/curve25519.h>
9 #include <botan/internal/pk_ops_impl.h>
10 #include <botan/ber_dec.h>
11 #include <botan/der_enc.h>
12 
13 namespace Botan {
14 
15 void curve25519_basepoint(uint8_t mypublic[32], const uint8_t secret[32])
16  {
17  const uint8_t basepoint[32] = { 9 };
18  curve25519_donna(mypublic, secret, basepoint);
19  }
20 
21 namespace {
22 
23 void size_check(size_t size, const char* thing)
24  {
25  if(size != 32)
26  throw Decoding_Error("Invalid size " + std::to_string(size) + " for Curve25519 " + thing);
27  }
28 
29 secure_vector<uint8_t> curve25519(const secure_vector<uint8_t>& secret,
30  const uint8_t pubval[32])
31  {
32  secure_vector<uint8_t> out(32);
33  curve25519_donna(out.data(), secret.data(), pubval);
34  return out;
35  }
36 
37 }
38 
40  {
42  }
43 
45  {
46  return true; // no tests possible?
47  }
48 
50  const std::vector<uint8_t>& key_bits)
51  {
52  BER_Decoder(key_bits)
55  .end_cons();
56 
57  size_check(m_public.size(), "public key");
58  }
59 
60 std::vector<uint8_t> Curve25519_PublicKey::public_key_bits() const
61  {
62  return DER_Encoder()
65  .end_cons()
67  }
68 
70  {
71  m_private = rng.random_vec(32);
72  m_public.resize(32);
73  curve25519_basepoint(m_public.data(), m_private.data());
74  }
75 
77  const secure_vector<uint8_t>& key_bits)
78  {
79  BER_Decoder(key_bits)
82  .decode(m_private, OCTET_STRING)
83  .end_cons();
84 
85  size_check(m_public.size(), "public key");
86  size_check(m_private.size(), "private key");
87  }
88 
90  {
91  return DER_Encoder()
94  .encode(m_private, OCTET_STRING)
95  .end_cons()
96  .get_contents();
97  }
98 
100  {
101  std::vector<uint8_t> public_point(32);
102  curve25519_basepoint(public_point.data(), m_private.data());
103  return public_point == m_public;
104  }
105 
106 secure_vector<uint8_t> Curve25519_PrivateKey::agree(const uint8_t w[], size_t w_len) const
107  {
108  size_check(w_len, "public value");
109  return curve25519(m_private, w);
110  }
111 
112 namespace {
113 
114 /**
115 * Curve25519 operation
116 */
117 class Curve25519_KA_Operation : public PK_Ops::Key_Agreement_with_KDF
118  {
119  public:
120 
121  Curve25519_KA_Operation(const Curve25519_PrivateKey& key, const std::string& kdf) :
122  PK_Ops::Key_Agreement_with_KDF(kdf),
123  m_key(key) {}
124 
125  secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) override
126  {
127  return m_key.agree(w, w_len);
128  }
129  private:
130  const Curve25519_PrivateKey& m_key;
131  };
132 
133 }
134 
135 std::unique_ptr<PK_Ops::Key_Agreement>
137  const std::string& params,
138  const std::string& provider) const
139  {
140  if(provider == "base" || provider.empty())
141  return std::unique_ptr<PK_Ops::Key_Agreement>(new Curve25519_KA_Operation(*this, params));
142  throw Provider_Not_Found(algo_name(), provider);
143  }
144 
145 }
bool check_key(RandomNumberGenerator &rng, bool strong) const override
Definition: curve25519.cpp:99
secure_vector< uint8_t > random_vec(size_t bytes)
Definition: rng.h:133
std::vector< uint8_t > get_contents_unlocked()
Definition: der_enc.h:27
std::string algo_name() const override
Definition: curve25519.h:18
secure_vector< uint8_t > get_contents()
Definition: der_enc.cpp:124
AlgorithmIdentifier algorithm_identifier() const override
Definition: curve25519.cpp:39
BER_Decoder & decode(bool &v)
Definition: ber_dec.cpp:376
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:47
DER_Encoder & end_cons()
Definition: der_enc.cpp:147
virtual OID get_oid() const
Definition: pk_keys.cpp:30
bool check_key(RandomNumberGenerator &rng, bool strong) const override
Definition: curve25519.cpp:44
DER_Encoder & encode(bool b)
Definition: der_enc.cpp:216
std::vector< uint8_t > public_key_bits() const override
Definition: curve25519.cpp:60
secure_vector< uint8_t > private_key_bits() const override
Definition: curve25519.cpp:89
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
BER_Decoder & end_cons()
Definition: ber_dec.cpp:272
std::unique_ptr< PK_Ops::Key_Agreement > create_key_agreement_op(RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
Definition: curve25519.cpp:136
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition: ber_dec.cpp:258
Curve25519_PrivateKey(const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &key_bits)
Definition: curve25519.cpp:76
Definition: alg_id.cpp:13
std::vector< uint8_t > m_public
Definition: curve25519.h:55
void curve25519_basepoint(uint8_t mypublic[32], const uint8_t secret[32])
Definition: curve25519.cpp:15
secure_vector< uint8_t > agree(const uint8_t w[], size_t w_len) const
Definition: curve25519.cpp:106
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition: der_enc.cpp:137
void BOTAN_DLL curve25519_donna(uint8_t mypublic[32], const uint8_t secret[32], const uint8_t basepoint[32])
const Curve25519_PrivateKey & m_key
Definition: curve25519.cpp:130