botan: Simplify DH/ECDH key derivation
This commit is contained in:
parent
125222dca7
commit
40b3bf6ba7
|
@ -97,37 +97,14 @@ bool load_private_key(private_botan_diffie_hellman_t *this, chunk_t value)
|
|||
METHOD(diffie_hellman_t, set_other_public_value, bool,
|
||||
private_botan_diffie_hellman_t *this, chunk_t value)
|
||||
{
|
||||
botan_pk_op_ka_t op;
|
||||
|
||||
if (!diffie_hellman_verify_value(this->group, value))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (botan_pk_op_key_agreement_create(&op, this->dh_key, "Raw", 0))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
chunk_clear(&this->shared_secret);
|
||||
|
||||
if (botan_pk_op_key_agreement_size(op, &this->shared_secret.len))
|
||||
{
|
||||
botan_pk_op_key_agreement_destroy(op);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
this->shared_secret = chunk_alloc(this->shared_secret.len);
|
||||
if (botan_pk_op_key_agreement(op, this->shared_secret.ptr,
|
||||
&this->shared_secret.len, value.ptr,
|
||||
value.len, NULL, 0))
|
||||
{
|
||||
chunk_clear(&this->shared_secret);
|
||||
botan_pk_op_key_agreement_destroy(op);
|
||||
return FALSE;
|
||||
}
|
||||
botan_pk_op_key_agreement_destroy(op);
|
||||
return TRUE;
|
||||
return botan_dh_key_derivation(this->dh_key, value, &this->shared_secret);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_my_public_value, bool,
|
||||
|
|
|
@ -69,40 +69,17 @@ struct private_botan_ec_diffie_hellman_t {
|
|||
METHOD(diffie_hellman_t, set_other_public_value, bool,
|
||||
private_botan_ec_diffie_hellman_t *this, chunk_t value)
|
||||
{
|
||||
botan_pk_op_ka_t ka;
|
||||
|
||||
if (!diffie_hellman_verify_value(this->group, value))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (botan_pk_op_key_agreement_create(&ka, this->key, "Raw", 0))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
chunk_clear(&this->shared_secret);
|
||||
|
||||
if (botan_pk_op_key_agreement_size(ka, &this->shared_secret.len))
|
||||
{
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/* prepend 0x04 to indicate uncompressed point format */
|
||||
value = chunk_cata("cc", chunk_from_chars(0x04), value);
|
||||
|
||||
this->shared_secret = chunk_alloc(this->shared_secret.len);
|
||||
if (botan_pk_op_key_agreement(ka, this->shared_secret.ptr,
|
||||
&this->shared_secret.len, value.ptr,
|
||||
value.len, NULL, 0))
|
||||
{
|
||||
chunk_clear(&this->shared_secret);
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return FALSE;
|
||||
}
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return TRUE;
|
||||
return botan_dh_key_derivation(this->key, value, &this->shared_secret);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_my_public_value, bool,
|
||||
|
|
|
@ -259,3 +259,33 @@ bool botan_get_signature(botan_privkey_t key, const char *scheme,
|
|||
botan_pk_op_sign_destroy(sign_op);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header
|
||||
*/
|
||||
bool botan_dh_key_derivation(botan_privkey_t key, chunk_t pub, chunk_t *secret)
|
||||
{
|
||||
botan_pk_op_ka_t ka;
|
||||
|
||||
if (botan_pk_op_key_agreement_create(&ka, key, "Raw", 0))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (botan_pk_op_key_agreement_size(ka, &secret->len))
|
||||
{
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
*secret = chunk_alloc(secret->len);
|
||||
if (botan_pk_op_key_agreement(ka, secret->ptr, &secret->len, pub.ptr,
|
||||
pub.len, NULL, 0))
|
||||
{
|
||||
chunk_clear(secret);
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return FALSE;
|
||||
}
|
||||
botan_pk_op_key_agreement_destroy(ka);
|
||||
return TRUE;
|
||||
}
|
||||
|
|
|
@ -100,4 +100,17 @@ bool botan_get_fingerprint(botan_pubkey_t pubkey, void *cache,
|
|||
bool botan_get_signature(botan_privkey_t key, const char *scheme,
|
||||
chunk_t data, chunk_t *signature);
|
||||
|
||||
/**
|
||||
* Do the Diffie-Hellman key derivation using the given private key and public
|
||||
* value.
|
||||
*
|
||||
* Note that the public value is not verified in this function.
|
||||
*
|
||||
* @param key DH private key
|
||||
* @param pub other's public value
|
||||
* @param secret the derived secret (allocated on success)
|
||||
* @return TRUE if derivation was successful
|
||||
*/
|
||||
bool botan_dh_key_derivation(botan_privkey_t key, chunk_t pub, chunk_t *secret);
|
||||
|
||||
#endif /** BOTAN_UTIL_H_ @}*/
|
||||
|
|
Loading…
Reference in New Issue