/// <inheritdoc />
public (SecureBigNumber, ECPoint) GenerateRandomElement(RandomNumberGenerator randomNumberGenerator)
{
using (var keyHandle = ECKeyHandle.Create())
{
ECKeyHandle.SetGroup(keyHandle, Handle);
// note(lumip): OpenSSL up to version 1.1.1 does not generate private keys for EC
// as secure BIGNUM. Workaround by setting an empty secure private key BIGNUM before
// generation. (cf. https://github.com/openssl/openssl/issues/13892)
using (var privKeyTemplateHandle = BigNumberHandle.CreateSecure())
{
ECKeyHandle.SetPrivateKey(keyHandle, privKeyTemplateHandle);
}
ECKeyHandle.GenerateKey(keyHandle);
// note(lumip): ensure the workaround worked
var privKeyHandle = ECKeyHandle.GetPrivateKey(keyHandle);
Debug.Assert(!privKeyHandle.IsInvalid);
Debug.Assert(BigNumberHandle.GetFlags(privKeyHandle).HasFlag(BigNumberFlags.Secure));
var pubKeyHandle = ECKeyHandle.GetPublicKey(keyHandle);
Debug.Assert(!pubKeyHandle.IsInvalid);
var point = new ECPoint(Handle, pubKeyHandle);
var index = SecureBigNumber.FromRawHandle(privKeyHandle);
return(index, point);
}
}
public void TestConstructor()
{
var number = new SecureBigNumber();
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.Secure).HasFlag(BigNumberFlags.Secure)
);
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.ConstantTime).HasFlag(BigNumberFlags.ConstantTime)
);
Assert.That(!number.Handle.IsInvalid);
Assert.That(!number.Handle.IsClosed);
}
public void TestFromRawHandle()
{
using (var handle = BigNumberHandle.Create())
{
BigNumberHandle.SetWord(handle, 3);
var number = SecureBigNumber.FromRawHandle(handle);
Assert.That(BigNumberHandle.Compare(number.Handle, handle) == 0);
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.Secure).HasFlag(BigNumberFlags.Secure)
);
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.ConstantTime).HasFlag(BigNumberFlags.ConstantTime)
);
}
}
/// <summary>
/// Creates a <see cref="BigNumber" /> instance from a valid <see cref="BigNumberHandle" />
/// to an OpenSSL <c>BIGNUM</c> structure. A copy of the pointed to <c>BIGNUM</c> structure
/// is made for the created instance.
/// </summary>
/// <param name="bigNumberHandle">
/// A handle to a raw OpenSSL <c>BIGNUM</c> structure with which to initialize the new <see cref="BigNumber" />.
/// </param>
/// <returns>
/// A new <see cref="BigNumber" /> instance with the same value as
/// referred to by <paramref name="bigNumberHandle"/>.
/// </returns>
internal static BigNumber FromRawHandle(BigNumberHandle bigNumberHandle)
{
if (bigNumberHandle.IsInvalid)
{
throw new ArgumentException("The provided handle is invalid.", nameof(bigNumberHandle));
}
if (BigNumberHandle.GetFlags(bigNumberHandle).HasFlag(BigNumberFlags.Secure))
{
throw new ArgumentException(
"The provided handle is that of a secure big number. Converting secure into regular big numbers is not supported.",
nameof(bigNumberHandle)
);
}
var bn = new BigNumber();
BigNumberHandle.Copy(bn.Handle, bigNumberHandle);
return(bn);
}
public void TestRandom()
{
var NumTests = 100;
var range = new BigNumber(0x869375a76);
for (var k = 0; k < NumTests; k++)
{
using (var number = SecureBigNumber.Random(range))
{
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.Secure).HasFlag(BigNumberFlags.Secure)
);
Assert.That(BigNumberHandle.GetFlags(
number.Handle, BigNumberFlags.ConstantTime).HasFlag(BigNumberFlags.ConstantTime)
);
Assert.That(BigNumberHandle.Compare(number.Handle, range.Handle) < 0);
}
}
}
