diff options
author | Werner Koch <wk@gnupg.org> | 2013-09-07 10:06:46 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-09-18 13:14:31 +0200 |
commit | 63cd3474425cb5a7ec4d1a56be15b248ecda4680 (patch) | |
tree | 0cac978b7b066736b04c1205149834bfea406063 /mpi | |
parent | 89fe2173649a72019d75e059e6c6938efd10421f (diff) | |
download | libgcrypt-63cd3474425cb5a7ec4d1a56be15b248ecda4680.tar.gz |
ecc: Add Ed25519 key generation and prepare for optimizations.
* src/mpi.h (enum ecc_dialects): New.
* src/ec-context.h (mpi_ec_ctx_s): Add field DIALECT.
* cipher/ecc-common.h (elliptic_curve_t): Ditto.
* cipher/ecc-curves.c (ecc_domain_parms_t): Ditto.
(domain_parms): Add dialect values.
(_gcry_ecc_fill_in_curve): Set dialect.
(_gcry_ecc_get_curve): Ditto.
(_gcry_mpi_ec_new): Ditto.
(_gcry_ecc_get_param): Use ECC_DIALECT_STANDARD for now.
* cipher/ecc-misc.c (_gcry_ecc_curve_copy): Copy dialect.
(_gcry_ecc_dialect2str): New.
* mpi/ec.c (ec_p_init): Add arg DIALECT.
(_gcry_mpi_ec_p_internal_new): Ditto.
(_gcry_mpi_ec_p_new): Ditto.
* mpi/mpiutil.c (gcry_mpi_set_opaque): Set the secure flag.
(_gcry_mpi_set_opaque_copy): New.
* cipher/ecc-misc.c (_gcry_ecc_os2ec): Take care of an opaque MPI.
* cipher/ecc.c (eddsa_generate_key): New.
(generate_key): Rename to nist_generate_key and factor some code out
to ...
(ecc_generate_ext): here. Divert to eddsa_generate_key if desired.
(eddsa_decodepoint): Take care of an opaque MPI.
(ecc_check_secret_key): Ditto.
(ecc_sign): Ditto.
* cipher/pubkey.c (sexp_elements_extract_ecc): Store public and secret
key as opaque MPIs.
(gcry_pk_genkey): Add the curve_name also to the private key part of
the result.
* tests/benchmark.c (ecc_bench): Support Ed25519.
(main): Add option --debug.
* tests/curves.c (sample_key_2): Make sure that P and N are positive.
* tests/keygen.c (show): New.
(check_ecc_keys): Support Ed25519.
--
There are two main purposes of this patch: Add a key generation
feature for Ed25519 and add the "dialect" thingy which will eventually
be used to add curve specific optimization.
Note that the entire way of how we interface between the public key
modules and pubkey.c is overly complex and probably also the cause for
a lot of performance overhead. Given that we don't have the loadable
module system anymore, we should entirely get rid of the MPI-array
based internal interface and move parts of the s-expression handling
direct into the pubkey modules. This needs to be fixed or we are
turning Libgcrypt into another software incarnation of Heathrow
Airport.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'mpi')
-rw-r--r-- | mpi/ec.c | 8 | ||||
-rw-r--r-- | mpi/mpiutil.c | 15 |
2 files changed, 21 insertions, 2 deletions
@@ -431,6 +431,7 @@ ec_get_two_inv_p (mpi_ec_t ec) coefficient. CTX is expected to be zeroized. */ static void ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model, + enum ecc_dialects dialect, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { int i; @@ -438,6 +439,7 @@ ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model, /* Fixme: Do we want to check some constraints? e.g. a < p */ ctx->model = model; + ctx->dialect = dialect; ctx->p = mpi_copy (p); ctx->a = mpi_copy (a); if (b && model == MPI_EC_TWISTEDEDWARDS) @@ -516,12 +518,13 @@ ec_deinit (void *opaque) This context needs to be released using _gcry_mpi_ec_free. */ mpi_ec_t _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, + enum ecc_dialects dialect, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { mpi_ec_t ctx; ctx = gcry_xcalloc (1, sizeof *ctx); - ec_p_init (ctx, model, p, a, b); + ec_p_init (ctx, model, dialect, p, a, b); return ctx; } @@ -537,6 +540,7 @@ _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, enum gcry_mpi_ec_models model, + enum ecc_dialects dialect, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { gcry_ctx_t ctx; @@ -550,7 +554,7 @@ _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, if (!ctx) return gpg_err_code_from_syserror (); ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC); - ec_p_init (ec, model, p, a, b); + ec_p_init (ec, model, dialect, p, a, b); *r_ctx = ctx; return 0; diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 57fe72a7..3855dc47 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -276,10 +276,25 @@ gcry_mpi_set_opaque( gcry_mpi_t a, void *p, unsigned int nbits ) a->nlimbs = 0; a->sign = nbits; a->flags = 4; + if (gcry_is_secure (a->d)) + a->flags |= 1; return a; } +gcry_mpi_t +_gcry_mpi_set_opaque_copy (gcry_mpi_t a, void *p, unsigned int nbits) +{ + void *d; + unsigned int n; + + n = (nbits+7)/8; + d = gcry_is_secure (p)? gcry_malloc_secure (n) : gcry_malloc (n); + memcpy (d, p, n); + return gcry_mpi_set_opaque (a, d, nbits); +} + + void * gcry_mpi_get_opaque( gcry_mpi_t a, unsigned int *nbits ) { |