Mercurial > dropbear
comparison ecc.c @ 143:5d99163f7e32 libtomcrypt-orig
import of libtomcrypt 0.99
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 19 Dec 2004 11:34:45 +0000 |
| parents | 7faae8f46238 |
| children |
comparison
equal
deleted
inserted
replaced
| 15:6362d3854bb4 | 143:5d99163f7e32 |
|---|---|
| 16 */ | 16 */ |
| 17 | 17 |
| 18 #include "mycrypt.h" | 18 #include "mycrypt.h" |
| 19 | 19 |
| 20 #ifdef MECC | 20 #ifdef MECC |
| 21 | |
| 22 /* size of our temp buffers for exported keys */ | |
| 23 #define ECC_BUF_SIZE 160 | |
| 24 | |
| 25 /* max private key size */ | |
| 26 #define ECC_MAXSIZE 66 | |
| 21 | 27 |
| 22 /* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ | 28 /* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ |
| 23 static const struct { | 29 static const struct { |
| 24 int size; | 30 int size; |
| 25 char *name, *prime, *B, *order, *Gx, *Gy; | 31 char *name, *prime, *B, *order, *Gx, *Gy; |
| 217 mp_clear_multi(&tx, &ty, &x, &y, &p, &pp, &r, &B, &tmp1, &tmp2, NULL); | 223 mp_clear_multi(&tx, &ty, &x, &y, &p, &pp, &r, &B, &tmp1, &tmp2, NULL); |
| 218 } | 224 } |
| 219 | 225 |
| 220 #endif | 226 #endif |
| 221 | 227 |
| 222 | |
| 223 | |
| 224 | |
| 225 static int is_valid_idx(int n) | 228 static int is_valid_idx(int n) |
| 226 { | 229 { |
| 227 int x; | 230 int x; |
| 228 | 231 |
| 229 for (x = 0; sets[x].size != 0; x++); | 232 for (x = 0; sets[x].size != 0; x++); |
| 366 | 369 |
| 367 /* perform R = kG where k == integer and G == ecc_point */ | 370 /* perform R = kG where k == integer and G == ecc_point */ |
| 368 static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus) | 371 static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus) |
| 369 { | 372 { |
| 370 ecc_point *tG, *M[8]; | 373 ecc_point *tG, *M[8]; |
| 371 int i, j, err; | 374 int i, j, err; |
| 372 mp_int mu; | 375 mp_int mu; |
| 373 mp_digit buf; | 376 mp_digit buf; |
| 374 int first, bitbuf, bitcpy, bitcnt, mode, digidx; | 377 int first, bitbuf, bitcpy, bitcnt, mode, digidx; |
| 375 | 378 |
| 376 /* init barrett reduction */ | 379 /* init barrett reduction */ |
| 377 if ((err = mp_init(&mu)) != MP_OKAY) { | 380 if ((err = mp_init(&mu)) != MP_OKAY) { |
| 378 return mpi_to_ltc_error(err); | 381 return mpi_to_ltc_error(err); |
| 379 } | 382 } |
| 593 } | 596 } |
| 594 } | 597 } |
| 595 | 598 |
| 596 int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key) | 599 int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key) |
| 597 { | 600 { |
| 598 int x, err; | 601 int x, err; |
| 599 ecc_point *base; | 602 ecc_point *base; |
| 600 mp_int prime; | 603 mp_int prime; |
| 601 unsigned char buf[128]; | 604 unsigned char *buf; |
| 602 | 605 |
| 603 _ARGCHK(key != NULL); | 606 _ARGCHK(key != NULL); |
| 604 | 607 |
| 605 /* good prng? */ | 608 /* good prng? */ |
| 606 if ((err = prng_is_valid(wprng)) != CRYPT_OK) { | 609 if ((err = prng_is_valid(wprng)) != CRYPT_OK) { |
| 608 } | 611 } |
| 609 | 612 |
| 610 /* find key size */ | 613 /* find key size */ |
| 611 for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++); | 614 for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++); |
| 612 keysize = sets[x].size; | 615 keysize = sets[x].size; |
| 616 _ARGCHK(keysize <= ECC_MAXSIZE); | |
| 613 | 617 |
| 614 if (sets[x].size == 0) { | 618 if (sets[x].size == 0) { |
| 615 return CRYPT_INVALID_KEYSIZE; | 619 return CRYPT_INVALID_KEYSIZE; |
| 616 } | 620 } |
| 617 key->idx = x; | 621 key->idx = x; |
| 618 | 622 |
| 623 /* allocate ram */ | |
| 624 base = NULL; | |
| 625 buf = XMALLOC(ECC_MAXSIZE); | |
| 626 if (buf == NULL) { | |
| 627 return CRYPT_MEM; | |
| 628 } | |
| 629 | |
| 619 /* make up random string */ | 630 /* make up random string */ |
| 620 if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) { | 631 if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) { |
| 621 return CRYPT_ERROR_READPRNG; | 632 err = CRYPT_ERROR_READPRNG; |
| 633 goto __ERR2; | |
| 622 } | 634 } |
| 623 | 635 |
| 624 /* setup the key variables */ | 636 /* setup the key variables */ |
| 625 if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL)) != MP_OKAY) { | 637 if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL)) != MP_OKAY) { |
| 626 return mpi_to_ltc_error(err); | 638 err = mpi_to_ltc_error(err); |
| 639 goto __ERR; | |
| 627 } | 640 } |
| 628 base = new_point(); | 641 base = new_point(); |
| 629 if (base == NULL) { | 642 if (base == NULL) { |
| 630 mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL); | 643 mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL); |
| 631 return CRYPT_MEM; | 644 err = CRYPT_MEM; |
| 645 goto __ERR; | |
| 632 } | 646 } |
| 633 | 647 |
| 634 /* read in the specs for this key */ | 648 /* read in the specs for this key */ |
| 635 if ((err = mp_read_radix(&prime, (char *)sets[key->idx].prime, 64)) != MP_OKAY) { goto error; } | 649 if ((err = mp_read_radix(&prime, (char *)sets[key->idx].prime, 64)) != MP_OKAY) { goto error; } |
| 636 if ((err = mp_read_radix(&base->x, (char *)sets[key->idx].Gx, 64)) != MP_OKAY) { goto error; } | 650 if ((err = mp_read_radix(&base->x, (char *)sets[key->idx].Gx, 64)) != MP_OKAY) { goto error; } |
| 637 if ((err = mp_read_radix(&base->y, (char *)sets[key->idx].Gy, 64)) != MP_OKAY) { goto error; } | 651 if ((err = mp_read_radix(&base->y, (char *)sets[key->idx].Gy, 64)) != MP_OKAY) { goto error; } |
| 638 if ((err = mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize)) != MP_OKAY) { goto error; } | 652 if ((err = mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize)) != MP_OKAY) { goto error; } |
| 639 | 653 |
| 640 /* make the public key */ | 654 /* make the public key */ |
| 641 if ((err = ecc_mulmod(&key->k, base, &key->pubkey, &prime)) != CRYPT_OK) { goto done; } | 655 if ((err = ecc_mulmod(&key->k, base, &key->pubkey, &prime)) != CRYPT_OK) { goto __ERR; } |
| 642 key->type = PK_PRIVATE; | 656 key->type = PK_PRIVATE; |
| 643 | 657 |
| 644 /* shrink key */ | 658 /* shrink key */ |
| 645 if ((err = mp_shrink(&key->k)) != MP_OKAY) { goto error; } | 659 if ((err = mp_shrink(&key->k)) != MP_OKAY) { goto error; } |
| 646 if ((err = mp_shrink(&key->pubkey.x)) != MP_OKAY) { goto error; } | 660 if ((err = mp_shrink(&key->pubkey.x)) != MP_OKAY) { goto error; } |
| 647 if ((err = mp_shrink(&key->pubkey.y)) != MP_OKAY) { goto error; } | 661 if ((err = mp_shrink(&key->pubkey.y)) != MP_OKAY) { goto error; } |
| 648 | 662 |
| 649 /* free up ram */ | 663 /* free up ram */ |
| 650 err = CRYPT_OK; | 664 err = CRYPT_OK; |
| 651 goto done; | 665 goto __ERR; |
| 652 error: | 666 error: |
| 653 err = mpi_to_ltc_error(err); | 667 err = mpi_to_ltc_error(err); |
| 654 done: | 668 __ERR: |
| 655 del_point(base); | 669 del_point(base); |
| 656 mp_clear(&prime); | 670 mp_clear(&prime); |
| 671 __ERR2: | |
| 657 #ifdef CLEAN_STACK | 672 #ifdef CLEAN_STACK |
| 658 zeromem(buf, sizeof(buf)); | 673 zeromem(buf, ECC_MAXSIZE); |
| 659 #endif | 674 #endif |
| 675 | |
| 676 XFREE(buf); | |
| 677 | |
| 660 return err; | 678 return err; |
| 661 } | 679 } |
| 662 | 680 |
| 663 void ecc_free(ecc_key *key) | 681 void ecc_free(ecc_key *key) |
| 664 { | 682 { |