diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-11-10 22:13:12 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-11-10 22:13:41 +0100 |
commit | 8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b (patch) | |
tree | 6796eb8a50ab9f8e877c6e8e185f1fec7dd22ca1 | |
parent | 2c4c2351f7c39ee61b3e4eebdb848db9445a6e38 (diff) | |
download | gnutls-8b5b5f8c07a735e160efd2fa619f2d5b2ee7ea6b.tar.gz |
Corrected ECC key generation.
-rw-r--r-- | lib/crypto-backend.h | 10 | ||||
-rw-r--r-- | lib/gnutls_ecc.c | 12 | ||||
-rw-r--r-- | lib/gnutls_pubkey.c | 10 | ||||
-rw-r--r-- | lib/nettle/pk.c | 54 | ||||
-rw-r--r-- | lib/pkcs11_write.c | 2 | ||||
-rw-r--r-- | lib/x509/key_decode.c | 4 | ||||
-rw-r--r-- | lib/x509/key_encode.c | 6 | ||||
-rw-r--r-- | lib/x509/privkey.c | 18 |
8 files changed, 63 insertions, 53 deletions
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h index 0a2002534a..389e025c67 100644 --- a/lib/crypto-backend.h +++ b/lib/crypto-backend.h @@ -245,6 +245,16 @@ * [8] is k (private key) */ +#define ECC_PRIME 0 +#define ECC_ORDER 1 +#define ECC_A 2 +#define ECC_B 3 +#define ECC_GX 4 +#define ECC_GY 5 +#define ECC_X 6 +#define ECC_Y 7 +#define ECC_K 8 + /** * gnutls_direction_t: * @GNUTLS_IMPORT: Import direction. diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c index 4d85f9f112..9c5a97a208 100644 --- a/lib/gnutls_ecc.c +++ b/lib/gnutls_ecc.c @@ -122,7 +122,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[0], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_PRIME], val, val_size); if (ret < 0) { gnutls_assert(); @@ -138,7 +138,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[1], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_ORDER], val, val_size); if (ret < 0) { gnutls_assert(); @@ -154,7 +154,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[2], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_A], val, val_size); if (ret < 0) { gnutls_assert(); @@ -170,7 +170,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[3], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_B], val, val_size); if (ret < 0) { gnutls_assert(); @@ -186,7 +186,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[4], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_GX], val, val_size); if (ret < 0) { gnutls_assert(); @@ -202,7 +202,7 @@ int ret; goto cleanup; } - ret = _gnutls_mpi_scan_nz(¶ms->params[5], val, val_size); + ret = _gnutls_mpi_scan_nz(¶ms->params[ECC_GY], val, val_size); if (ret < 0) { gnutls_assert(); diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index fbbaa57e2f..f9d8d2f747 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -740,7 +740,7 @@ gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve, *curve = key->params.flags; /* X */ - ret = _gnutls_mpi_dprint_lz (key->params.params[6], x); + ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x); if (ret < 0) { gnutls_assert (); @@ -748,7 +748,7 @@ gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve, } /* Y */ - ret = _gnutls_mpi_dprint_lz (key->params.params[7], y); + ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y); if (ret < 0) { gnutls_assert (); @@ -1137,7 +1137,7 @@ gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key, if (ret < 0) return gnutls_assert_val(ret); - if (_gnutls_mpi_scan_nz (&key->params.params[6], x->data, x->size)) + if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size)) { gnutls_assert (); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1145,7 +1145,7 @@ gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key, } key->params.params_nr++; - if (_gnutls_mpi_scan_nz (&key->params.params[7], y->data, y->size)) + if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size)) { gnutls_assert (); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1199,7 +1199,7 @@ gnutls_pubkey_import_ecc_x962 (gnutls_pubkey_t key, } ret = _gnutls_ecc_ansi_x963_import(ecpoint->data, ecpoint->size, - &key->params.params[6], &key->params.params[7]); + &key->params.params[ECC_X], &key->params.params[ECC_Y]); if (ret < 0) { gnutls_assert (); diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 826c27b064..c56288ed17 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -86,15 +86,15 @@ _ecc_params_to_privkey(const gnutls_pk_params_st * pk_params, ecc_key * priv) { priv->type = PK_PRIVATE; - memcpy(&priv->prime, pk_params->params[0], sizeof(mpz_t)); - memcpy(&priv->order, pk_params->params[1], sizeof(mpz_t)); - memcpy(&priv->A, pk_params->params[2], sizeof(mpz_t)); - memcpy(&priv->B, pk_params->params[3], sizeof(mpz_t)); - memcpy(&priv->Gx, pk_params->params[4], sizeof(mpz_t)); - memcpy(&priv->Gy, pk_params->params[5], sizeof(mpz_t)); - memcpy(&priv->pubkey.x, pk_params->params[6], sizeof(mpz_t)); - memcpy(&priv->pubkey.y, pk_params->params[7], sizeof(mpz_t)); - memcpy(&priv->k, pk_params->params[8], sizeof(mpz_t)); + memcpy(&priv->prime, pk_params->params[ECC_PRIME], sizeof(mpz_t)); + memcpy(&priv->order, pk_params->params[ECC_ORDER], sizeof(mpz_t)); + memcpy(&priv->A, pk_params->params[ECC_A], sizeof(mpz_t)); + memcpy(&priv->B, pk_params->params[ECC_B], sizeof(mpz_t)); + memcpy(&priv->Gx, pk_params->params[ECC_GX], sizeof(mpz_t)); + memcpy(&priv->Gy, pk_params->params[ECC_GY], sizeof(mpz_t)); + memcpy(&priv->pubkey.x, pk_params->params[ECC_X], sizeof(mpz_t)); + memcpy(&priv->pubkey.y, pk_params->params[ECC_Y], sizeof(mpz_t)); + memcpy(&priv->k, pk_params->params[ECC_K], sizeof(mpz_t)); mpz_init_set_ui(priv->pubkey.z, 1); } @@ -108,14 +108,14 @@ _ecc_params_to_pubkey(const gnutls_pk_params_st * pk_params, ecc_key * pub) { pub->type = PK_PUBLIC; - memcpy(&pub->prime, pk_params->params[0], sizeof(mpz_t)); - memcpy(&pub->order, pk_params->params[1], sizeof(mpz_t)); - memcpy(&pub->A, pk_params->params[2], sizeof(mpz_t)); - memcpy(&pub->B, pk_params->params[3], sizeof(mpz_t)); - memcpy(&pub->Gx, pk_params->params[4], sizeof(mpz_t)); - memcpy(&pub->Gy, pk_params->params[5], sizeof(mpz_t)); - memcpy(&pub->pubkey.x, pk_params->params[6], sizeof(mpz_t)); - memcpy(&pub->pubkey.y, pk_params->params[7], sizeof(mpz_t)); + memcpy(&pub->prime, pk_params->params[ECC_PRIME], sizeof(mpz_t)); + memcpy(&pub->order, pk_params->params[ECC_ORDER], sizeof(mpz_t)); + memcpy(&pub->A, pk_params->params[ECC_A], sizeof(mpz_t)); + memcpy(&pub->B, pk_params->params[ECC_B], sizeof(mpz_t)); + memcpy(&pub->Gx, pk_params->params[ECC_GX], sizeof(mpz_t)); + memcpy(&pub->Gy, pk_params->params[ECC_GY], sizeof(mpz_t)); + memcpy(&pub->pubkey.x, pk_params->params[ECC_X], sizeof(mpz_t)); + memcpy(&pub->pubkey.y, pk_params->params[ECC_Y], sizeof(mpz_t)); mpz_init_set_ui(pub->pubkey.z, 1); } @@ -141,7 +141,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, gnutls_datum_t * o _ecc_params_to_pubkey(pub, &ecc_pub); _ecc_params_to_privkey(priv, &ecc_priv); - if (ecc_projective_check_point(&ecc_pub.pubkey, pub->params[3], pub->params[0]) != 0) + if (ecc_projective_check_point(&ecc_pub.pubkey, pub->params[ECC_B], pub->params[ECC_PRIME]) != 0) { ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); goto ecc_cleanup; @@ -819,15 +819,15 @@ rsa_fail: } params->flags = level; - mpz_set(TOMPZ(params->params[0]), key.prime); - mpz_set(TOMPZ(params->params[1]), key.order); - mpz_set(TOMPZ(params->params[2]), key.A); - mpz_set(TOMPZ(params->params[3]), key.B); - mpz_set(TOMPZ(params->params[4]), key.Gx); - mpz_set(TOMPZ(params->params[5]), key.Gy); - mpz_set(TOMPZ(params->params[6]), key.pubkey.x); - mpz_set(TOMPZ(params->params[7]), key.pubkey.y); - mpz_set(TOMPZ(params->params[8]), key.k); + mpz_set(TOMPZ(params->params[ECC_PRIME]), key.prime); + mpz_set(TOMPZ(params->params[ECC_ORDER]), key.order); + mpz_set(TOMPZ(params->params[ECC_A]), key.A); + mpz_set(TOMPZ(params->params[ECC_B]), key.B); + mpz_set(TOMPZ(params->params[ECC_GX]), key.Gx); + mpz_set(TOMPZ(params->params[ECC_GY]), key.Gy); + mpz_set(TOMPZ(params->params[ECC_X]), key.pubkey.x); + mpz_set(TOMPZ(params->params[ECC_Y]), key.pubkey.y); + mpz_set(TOMPZ(params->params[ECC_K]), key.k); ecc_fail: ecc_free(&key); diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index 8d867fb605..005b92d419 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -447,7 +447,7 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url, goto cleanup; } - ret = _gnutls_mpi_dprint_lz(&key->params.params[8], &x); + ret = _gnutls_mpi_dprint_lz(&key->params.params[ECC_K], &x); if (ret < 0) { gnutls_assert (); diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index 7d430e81fe..8383a941c3 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -102,8 +102,8 @@ _gnutls_x509_read_ecc_pubkey (opaque * der, int dersize, gnutls_pk_params_st * p /* Eventhough RFC5480 defines the public key to be an ECPoint (i.e. OCTET STRING), * it is actually copied in raw there. Why do they use ASN.1 anyway? */ - return _gnutls_ecc_ansi_x963_import (der, dersize, ¶ms->params[6], - ¶ms->params[7]); + return _gnutls_ecc_ansi_x963_import (der, dersize, ¶ms->params[ECC_X], + ¶ms->params[ECC_Y]); } diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c index 1caf72172c..926148a1bf 100644 --- a/lib/x509/key_encode.c +++ b/lib/x509/key_encode.c @@ -118,7 +118,7 @@ _gnutls_x509_write_ecc_pubkey (gnutls_pk_params_st * params, if (params->params_nr < ECC_PUBLIC_PARAMS) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - result = _gnutls_ecc_ansi_x963_export(params->flags, params->params[6], params->params[7], /*&out*/der); + result = _gnutls_ecc_ansi_x963_export(params->flags, params->params[ECC_X], params->params[ECC_Y], /*&out*/der); if (result < 0) return gnutls_assert_val(result); @@ -580,7 +580,7 @@ _gnutls_asn1_encode_ecc (ASN1_TYPE * c2, gnutls_pk_params_st * params) if (params->params_nr != ECC_PRIVATE_PARAMS || oid == NULL) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - ret = _gnutls_ecc_ansi_x963_export(params->flags, params->params[6], params->params[7], &pubkey); + ret = _gnutls_ecc_ansi_x963_export(params->flags, params->params[ECC_X], params->params[ECC_Y], &pubkey); if (ret < 0) return gnutls_assert_val(ret); @@ -610,7 +610,7 @@ _gnutls_asn1_encode_ecc (ASN1_TYPE * c2, gnutls_pk_params_st * params) goto cleanup; } - ret = _gnutls_x509_write_int (*c2, "privateKey", params->params[7], 1); + ret = _gnutls_x509_write_int (*c2, "privateKey", params->params[ECC_K], 1); if (ret < 0) { gnutls_assert (); diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index f7d7f3d01a..75e59bd497 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -307,8 +307,8 @@ _gnutls_privkey_decode_ecc_key (const gnutls_datum_t * raw_key, goto error; } - ret = _gnutls_ecc_ansi_x963_import (out.data, out.size, &pkey->params.params[6], - &pkey->params.params[7]); + ret = _gnutls_ecc_ansi_x963_import (out.data, out.size, &pkey->params.params[ECC_X], + &pkey->params.params[ECC_Y]); _gnutls_free_datum(&out); if (ret < 0) @@ -319,7 +319,7 @@ _gnutls_privkey_decode_ecc_key (const gnutls_datum_t * raw_key, pkey->params.params_nr += 2; /* read the private key */ - ret = _gnutls_x509_read_int (pkey_asn, "privateKey", &pkey->params.params[8]); + ret = _gnutls_x509_read_int (pkey_asn, "privateKey", &pkey->params.params[ECC_K]); if (ret < 0) { gnutls_assert(); @@ -860,7 +860,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key, if (ret < 0) return gnutls_assert_val(ret); - if (_gnutls_mpi_scan_nz (&key->params.params[6], x->data, x->size)) + if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size)) { gnutls_assert (); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -868,7 +868,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key, } key->params.params_nr++; - if (_gnutls_mpi_scan_nz (&key->params.params[7], y->data, y->size)) + if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size)) { gnutls_assert (); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -876,7 +876,7 @@ gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key, } key->params.params_nr++; - if (_gnutls_mpi_scan_nz (&key->params.params[8], k->data, k->size)) + if (_gnutls_mpi_scan_nz (&key->params.params[ECC_K], k->data, k->size)) { gnutls_assert (); ret = GNUTLS_E_MPI_SCAN_FAILED; @@ -1022,7 +1022,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, *curve = key->params.flags; /* X */ - ret = _gnutls_mpi_dprint_lz (key->params.params[6], x); + ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x); if (ret < 0) { gnutls_assert (); @@ -1030,7 +1030,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, } /* Y */ - ret = _gnutls_mpi_dprint_lz (key->params.params[7], y); + ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y); if (ret < 0) { gnutls_assert (); @@ -1040,7 +1040,7 @@ int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, /* K */ - ret = _gnutls_mpi_dprint_lz (key->params.params[8], k); + ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_K], k); if (ret < 0) { gnutls_assert (); |