Corrected ECC key generation.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-11-10 22:13:12 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-11-10 22:13:41 +0100
commit: 8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b (patch)
tree: 6796eb8a50ab9f8e877c6e8e185f1fec7dd22ca1
parent: 2c4c2351f7c39ee61b3e4eebdb848db9445a6e38 (diff)
download: gnutls-8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b.tar.gz
8 files changed, 63 insertions, 53 deletions
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index 0a2002534a..389e025c67 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -245,6 +245,16 @@
  *  [8] is k (private key)
  */
 
+#define ECC_PRIME 0
+#define ECC_ORDER 1
+#define ECC_A 2
+#define ECC_B 3
+#define ECC_GX 4
+#define ECC_GY 5
+#define ECC_X 6
+#define ECC_Y 7
+#define ECC_K 8
+
 /**
  * gnutls_direction_t:
  * @GNUTLS_IMPORT: Import direction.
diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c
index 4d85f9f112..9c5a97a208 100644
--- a/lib/gnutls_ecc.c
+++ b/lib/gnutls_ecc.c
@@ -122,7 +122,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[0], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_PRIME], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
@@ -138,7 +138,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[1], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_ORDER], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
@@ -154,7 +154,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[2], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_A], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
@@ -170,7 +170,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[3], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_B], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
@@ -186,7 +186,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[4], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_GX], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
@@ -202,7 +202,7 @@ int ret;
       goto cleanup;
     }
 
-  ret = _gnutls_mpi_scan_nz(&params->params[5], val, val_size);
+  ret = _gnutls_mpi_scan_nz(&params->params[ECC_GY], val, val_size);
   if (ret < 0)
     {
       gnutls_assert();
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c
index fbbaa57e2f..f9d8d2f747 100644
--- a/lib/gnutls_pubkey.c
+++ b/lib/gnutls_pubkey.c
@@ -740,7 +740,7 @@ gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
   *curve = key->params.flags;
 
   /* X */
-  ret = _gnutls_mpi_dprint_lz (key->params.params[6], x);
+  ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x);
   if (ret < 0)
     {
       gnutls_assert ();
@@ -748,7 +748,7 @@ gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
     }
 
   /* Y */
-  ret = _gnutls_mpi_dprint_lz (key->params.params[7], y);
+  ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y);
   if (ret < 0)
     {
       gnutls_assert ();
@@ -1137,7 +1137,7 @@ gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key,
   if (ret < 0)
     return gnutls_assert_val(ret);
 
-  if (_gnutls_mpi_scan_nz (&key->params.params[6], x->data, x->size))
+  if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size))
     {
       gnutls_assert ();
       ret = GNUTLS_E_MPI_SCAN_FAILED;
@@ -1145,7 +1145,7 @@ gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key,
     }
   key->params.params_nr++;
 
-  if (_gnutls_mpi_scan_nz (&key->params.params[7], y->data, y->size))
+  if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size))
     {
       gnutls_assert ();
       ret = GNUTLS_E_MPI_SCAN_FAILED;
@@ -1199,7 +1199,7 @@ gnutls_pubkey_import_ecc_x962 (gnutls_pubkey_t key,
     }
 
   ret = _gnutls_ecc_ansi_x963_import(ecpoint->data, ecpoint->size,
-         &key->params.params[6], &key->params.params[7]);
+         &key->params.params[ECC_X], &key->params.params[ECC_Y]);
   if (ret < 0)
     {
       gnutls_assert ();
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 826c27b064..c56288ed17 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -86,15 +86,15 @@ _ecc_params_to_privkey(const gnutls_pk_params_st * pk_params,
                        ecc_key * priv)
 {
         priv->type = PK_PRIVATE;
-        memcpy(&priv->prime, pk_params->params[0], sizeof(mpz_t));
-        memcpy(&priv->order, pk_params->params[1], sizeof(mpz_t));
-        memcpy(&priv->A, pk_params->params[2], sizeof(mpz_t));
-        memcpy(&priv->B, pk_params->params[3], sizeof(mpz_t));
-        memcpy(&priv->Gx, pk_params->params[4], sizeof(mpz_t));
-        memcpy(&priv->Gy, pk_params->params[5], sizeof(mpz_t));
-        memcpy(&priv->pubkey.x, pk_params->params[6], sizeof(mpz_t));
-        memcpy(&priv->pubkey.y, pk_params->params[7], sizeof(mpz_t));
-        memcpy(&priv->k, pk_params->params[8], sizeof(mpz_t));
+        memcpy(&priv->prime, pk_params->params[ECC_PRIME], sizeof(mpz_t));
+        memcpy(&priv->order, pk_params->params[ECC_ORDER], sizeof(mpz_t));
+        memcpy(&priv->A, pk_params->params[ECC_A], sizeof(mpz_t));
+        memcpy(&priv->B, pk_params->params[ECC_B], sizeof(mpz_t));
+        memcpy(&priv->Gx, pk_params->params[ECC_GX], sizeof(mpz_t));
+        memcpy(&priv->Gy, pk_params->params[ECC_GY], sizeof(mpz_t));
+        memcpy(&priv->pubkey.x, pk_params->params[ECC_X], sizeof(mpz_t));
+        memcpy(&priv->pubkey.y, pk_params->params[ECC_Y], sizeof(mpz_t));
+        memcpy(&priv->k, pk_params->params[ECC_K], sizeof(mpz_t));
         mpz_init_set_ui(priv->pubkey.z, 1);
 }
 
@@ -108,14 +108,14 @@ _ecc_params_to_pubkey(const gnutls_pk_params_st * pk_params,
                        ecc_key * pub)
 {
         pub->type = PK_PUBLIC;
-        memcpy(&pub->prime, pk_params->params[0], sizeof(mpz_t));
-        memcpy(&pub->order, pk_params->params[1], sizeof(mpz_t));
-        memcpy(&pub->A, pk_params->params[2], sizeof(mpz_t));
-        memcpy(&pub->B, pk_params->params[3], sizeof(mpz_t));
-        memcpy(&pub->Gx, pk_params->params[4], sizeof(mpz_t));
-        memcpy(&pub->Gy, pk_params->params[5], sizeof(mpz_t));
-        memcpy(&pub->pubkey.x, pk_params->params[6], sizeof(mpz_t));
-        memcpy(&pub->pubkey.y, pk_params->params[7], sizeof(mpz_t));
+        memcpy(&pub->prime, pk_params->params[ECC_PRIME], sizeof(mpz_t));
+        memcpy(&pub->order, pk_params->params[ECC_ORDER], sizeof(mpz_t));
+        memcpy(&pub->A, pk_params->params[ECC_A], sizeof(mpz_t));
+        memcpy(&pub->B, pk_params->params[ECC_B], sizeof(mpz_t));
+        memcpy(&pub->Gx, pk_params->params[ECC_GX], sizeof(mpz_t));
+        memcpy(&pub->Gy, pk_params->params[ECC_GY], sizeof(mpz_t));
+        memcpy(&pub->pubkey.x, pk_params->params[ECC_X], sizeof(mpz_t));
+        memcpy(&pub->pubkey.y, pk_params->params[ECC_Y], sizeof(mpz_t));
         mpz_init_set_ui(pub->pubkey.z, 1);
 }
 
@@ -141,7 +141,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, gnutls_datum_t * o
         _ecc_params_to_pubkey(pub, &ecc_pub);
         _ecc_params_to_privkey(priv, &ecc_priv);
         
-        if (ecc_projective_check_point(&ecc_pub.pubkey, pub->params[3], pub->params[0]) != 0)
+        if (ecc_projective_check_point(&ecc_pub.pubkey, pub->params[ECC_B], pub->params[ECC_PRIME]) != 0)
           {
             ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
             goto ecc_cleanup;
@@ -819,15 +819,15 @@ rsa_fail:
           }
         params->flags = level;
 
-        mpz_set(TOMPZ(params->params[0]), key.prime);
-        mpz_set(TOMPZ(params->params[1]), key.order);
-        mpz_set(TOMPZ(params->params[2]), key.A);
-        mpz_set(TOMPZ(params->params[3]), key.B);
-        mpz_set(TOMPZ(params->params[4]), key.Gx);
-        mpz_set(TOMPZ(params->params[5]), key.Gy);
-        mpz_set(TOMPZ(params->params[6]), key.pubkey.x);
-        mpz_set(TOMPZ(params->params[7]), key.pubkey.y);
-        mpz_set(TOMPZ(params->params[8]), key.k);
+        mpz_set(TOMPZ(params->params[ECC_PRIME]), key.prime);
+        mpz_set(TOMPZ(params->params[ECC_ORDER]), key.order);
+        mpz_set(TOMPZ(params->params[ECC_A]), key.A);
+        mpz_set(TOMPZ(params->params[ECC_B]), key.B);
+        mpz_set(TOMPZ(params->params[ECC_GX]), key.Gx);
+        mpz_set(TOMPZ(params->params[ECC_GY]), key.Gy);
+        mpz_set(TOMPZ(params->params[ECC_X]), key.pubkey.x);
+        mpz_set(TOMPZ(params->params[ECC_Y]), key.pubkey.y);
+        mpz_set(TOMPZ(params->params[ECC_K]), key.k);
         
 ecc_fail:
         ecc_free(&key);
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index 8d867fb605..005b92d419 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -447,7 +447,7 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
             goto cleanup;
           }
 
-        ret = _gnutls_mpi_dprint_lz(&key->params.params[8], &x);
+        ret = _gnutls_mpi_dprint_lz(&key->params.params[ECC_K], &x);
         if (ret < 0)
           {
             gnutls_assert ();
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c
index 7d430e81fe..8383a941c3 100644
--- a/lib/x509/key_decode.c
+++ b/lib/x509/key_decode.c
@@ -102,8 +102,8 @@ _gnutls_x509_read_ecc_pubkey (opaque * der, int dersize, gnutls_pk_params_st * p
 /* Eventhough RFC5480 defines the public key to be an ECPoint (i.e. OCTET STRING),
  * it is actually copied in raw there. Why do they use ASN.1 anyway?
  */
-  return _gnutls_ecc_ansi_x963_import (der, dersize, &params->params[6],
-                                     &params->params[7]);
+  return _gnutls_ecc_ansi_x963_import (der, dersize, &params->params[ECC_X],
+                                     &params->params[ECC_Y]);
 }
 
 
diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c
index 1caf72172c..926148a1bf 100644
--- a/lib/x509/key_encode.c
+++ b/lib/x509/key_encode.c
@@ -118,7 +118,7 @@ _gnutls_x509_write_ecc_pubkey (gnutls_pk_params_st * params,
   if (params->params_nr < ECC_PUBLIC_PARAMS)
     return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-  result = _gnutls_ecc_ansi_x963_export(params->flags, params->params[6], params->params[7], /*&out*/der);
+  result = _gnutls_ecc_ansi_x963_export(params->flags, params->params[ECC_X], params->params[ECC_Y], /*&out*/der);
   if (result < 0)
     return gnutls_assert_val(result);
 
@@ -580,7 +580,7 @@ _gnutls_asn1_encode_ecc (ASN1_TYPE * c2, gnutls_pk_params_st * params)
   if (params->params_nr != ECC_PRIVATE_PARAMS || oid == NULL)
     return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-  ret = _gnutls_ecc_ansi_x963_export(params->flags, params->params[6], params->params[7], &pubkey);
+  ret = _gnutls_ecc_ansi_x963_export(params->flags, params->params[ECC_X], params->params[ECC_Y], &pubkey);
   if (ret < 0)
     return gnutls_assert_val(ret);
   
@@ -610,7 +610,7 @@ _gnutls_asn1_encode_ecc (ASN1_TYPE * c2, gnutls_pk_params_st * params)
       goto cleanup;
     }
 
-  ret = _gnutls_x509_write_int (*c2, "privateKey", params->params[7], 1);
+  ret = _gnutls_x509_write_int (*c2, "privateKey", params->params[ECC_K], 1);
   if (ret < 0)
     {
       gnutls_assert ();
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index f7d7f3d01a..75e59bd497 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -307,8 +307,8 @@ _gnutls_privkey_decode_ecc_key (const gnutls_datum_t * raw_key,
       goto error;
     }
 
-  ret = _gnutls_ecc_ansi_x963_import (out.data, out.size, &pkey->params.params[6],
-                                         &pkey->params.params[7]);
+  ret = _gnutls_ecc_ansi_x963_import (out.data, out.size, &pkey->params.params[ECC_X],
+                                         &pkey->params.params[ECC_Y]);
   
   _gnutls_free_datum(&out);
   if (ret < 0)
@@ -319,7 +319,7 @@ _gnutls_privkey_decode_ecc_key (const gnutls_datum_t * raw_key,
   pkey->params.params_nr += 2;
 
   /* read the private key */
-  ret = _gnutls_x509_read_int (pkey_asn, "privateKey", &pkey->params.params[8]);
+  ret = _gnutls_x509_read_int (pkey_asn, "privateKey", &pkey->params.params[ECC_K]);
   if (ret < 0)
     {
       gnutls_assert();
@@ -860,7 +860,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
   if (ret < 0)
     return gnutls_assert_val(ret);
 
-  if (_gnutls_mpi_scan_nz (&key->params.params[6], x->data, x->size))
+  if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size))
     {
       gnutls_assert ();
       ret = GNUTLS_E_MPI_SCAN_FAILED;
@@ -868,7 +868,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
     }
   key->params.params_nr++;
 
-  if (_gnutls_mpi_scan_nz (&key->params.params[7], y->data, y->size))
+  if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size))
     {
       gnutls_assert ();
       ret = GNUTLS_E_MPI_SCAN_FAILED;
@@ -876,7 +876,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
     }
   key->params.params_nr++;
 
-  if (_gnutls_mpi_scan_nz (&key->params.params[8], k->data, k->size))
+  if (_gnutls_mpi_scan_nz (&key->params.params[ECC_K], k->data, k->size))
     {
       gnutls_assert ();
       ret = GNUTLS_E_MPI_SCAN_FAILED;
@@ -1022,7 +1022,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
   *curve = key->params.flags;
 
   /* X */
-  ret = _gnutls_mpi_dprint_lz (key->params.params[6], x);
+  ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x);
   if (ret < 0)
     {
       gnutls_assert ();
@@ -1030,7 +1030,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
     }
 
   /* Y */
-  ret = _gnutls_mpi_dprint_lz (key->params.params[7], y);
+  ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y);
   if (ret < 0)
     {
       gnutls_assert ();
@@ -1040,7 +1040,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
 
 
   /* K */
-  ret = _gnutls_mpi_dprint_lz (key->params.params[8], k);
+  ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_K], k);
   if (ret < 0)
     {
       gnutls_assert ();
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-11-10 22:13:12 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-11-10 22:13:41 +0100
commit	8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b (patch)
tree	6796eb8a50ab9f8e877c6e8e185f1fec7dd22ca1
parent	2c4c2351f7c39ee61b3e4eebdb848db9445a6e38 (diff)
download	gnutls-8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b.tar.gz