Codebase list libcryptx-perl / 98cbb47
ECC support for curve y^2 = x^3 + a*x + b (`a` used to be fixed to -3) Karel Miko 10 years ago
24 changed file(s) with 55 addition(s) and 41 deletion(s). Raw diff Collapse all Expand all
+1
-0
lib/CryptX_PK_ECC.xs.inc less more
139139 if (self->key.idx>=0) {
140140 not_used = hv_store(rv_hash, "curve_name", 10, newSVpv(self->key.dp->name, strlen(self->key.dp->name)), 0);
141141 not_used = hv_store(rv_hash, "curve_prime", 11, newSVpv(self->key.dp->prime, strlen(self->key.dp->prime)), 0);
142 not_used = hv_store(rv_hash, "curve_A", 7, newSVpv(self->key.dp->A, strlen(self->key.dp->A)), 0);
142143 not_used = hv_store(rv_hash, "curve_B", 7, newSVpv(self->key.dp->B, strlen(self->key.dp->B)), 0);
143144 not_used = hv_store(rv_hash, "curve_order", 11, newSVpv(self->key.dp->order, strlen(self->key.dp->order)), 0);
144145 not_used = hv_store(rv_hash, "curve_Gx", 8, newSVpv(self->key.dp->Gx, strlen(self->key.dp->Gx)), 0);
+3
-0
src/ltc/headers/tomcrypt_pk.h less more
218218 /** The prime that defines the field the curve is in (encoded in hex) */
219219 char *prime;
220220
221 /** The fields A param (hex) */
222 char *A;
223
221224 /** The fields B param (hex) */
222225 char *B;
223226
+9
-1
src/ltc/pk/ecc/ecc.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
2929 14,
3030 "SECP112R1",
3131 "DB7C2ABF62E35E668076BEAD208B",
32 "DB7C2ABF62E35E668076BEAD2088",
3233 "659EF8BA043916EEDE8911702B22",
3334 "DB7C2ABF62E35E7628DFAC6561C5",
3435 "09487239995A5EE76B55F9C2F098",
4041 16,
4142 "SECP128R1",
4243 "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
44 "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
4345 "E87579C11079F43DD824993C2CEE5ED3",
4446 "FFFFFFFE0000000075A30D1B9038A115",
4547 "161FF7528B899B2D0C28607CA52C5B86",
5153 20,
5254 "SECP160R1",
5355 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
56 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
5457 "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
5558 "0100000000000000000001F4C8F927AED3CA752257",
5659 "4A96B5688EF573284664698968C38BB913CBFC82",
6265 24,
6366 "ECC-192",
6467 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
68 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
6569 "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
6670 "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
6771 "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
7377 28,
7478 "ECC-224",
7579 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
80 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
7681 "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
7782 "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
7883 "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
8489 32,
8590 "ECC-256",
8691 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
92 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
8793 "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
8894 "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
8995 "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
95101 48,
96102 "ECC-384",
97103 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
104 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
98105 "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
99106 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
100107 "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
106113 66,
107114 "ECC-521",
108115 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
116 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
109117 "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
110118 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
111119 "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
+1
-1
src/ltc/pk/ecc/ecc_ansi_x963_export.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_ansi_x963_import.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_decrypt_key.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_encrypt_key.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_export.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_free.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_get_size.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+22
-20
src/ltc/pk/ecc/ecc_import.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
1818 /**
1919 @file ecc_import.c
2020 ECC Crypto, Tom St Denis
21 */
21 */
2222
2323 #ifdef LTC_MECC
2424
2525 static int is_point(ecc_key *key)
2626 {
27 void *prime, *b, *t1, *t2;
27 void *prime, *a, *b, *t1, *t2;
2828 int err;
29
30 if ((err = mp_init_multi(&prime, &b, &t1, &t2, NULL)) != CRYPT_OK) {
29
30 if ((err = mp_init_multi(&prime, &a, &b, &t1, &t2, NULL)) != CRYPT_OK) {
3131 return err;
3232 }
33
34 /* load prime and b */
33
34 /* load prime, a and b */
3535 if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) { goto error; }
3636 if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) { goto error; }
37
37 if ((err = mp_read_radix(a, key->dp->A, 16)) != CRYPT_OK) { goto error; }
38
3839 /* compute y^2 */
3940 if ((err = mp_sqr(key->pubkey.y, t1)) != CRYPT_OK) { goto error; }
40
41
4142 /* compute x^3 */
4243 if ((err = mp_sqr(key->pubkey.x, t2)) != CRYPT_OK) { goto error; }
4344 if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) { goto error; }
4445 if ((err = mp_mul(key->pubkey.x, t2, t2)) != CRYPT_OK) { goto error; }
45
46
4647 /* compute y^2 - x^3 */
4748 if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) { goto error; }
48
49 /* compute y^2 - x^3 + 3x */
50 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; }
51 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; }
52 if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; }
53 if ((err = mp_mod(t1, prime, t1)) != CRYPT_OK) { goto error; }
49
50 /* compute y^2 - x^3 - a*x */
51 if ((err = mp_submod(prime, a, prime, t2)) != CRYPT_OK) { goto error; }
52 if ((err = mp_mulmod(t2, key->pubkey.x, prime, t2)) != CRYPT_OK) { goto error; }
53 if ((err = mp_addmod(t1, t2, prime, t1)) != CRYPT_OK) { goto error; }
54
55 /* adjust range (0, prime) */
5456 while (mp_cmp_d(t1, 0) == LTC_MP_LT) {
5557 if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) { goto error; }
5658 }
5759 while (mp_cmp(t1, prime) != LTC_MP_LT) {
5860 if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) { goto error; }
5961 }
60
62
6163 /* compare to b */
6264 if (mp_cmp(t1, b) != LTC_MP_EQ) {
6365 err = CRYPT_INVALID_PACKET;
6466 } else {
6567 err = CRYPT_OK;
6668 }
67
69
6870 error:
6971 mp_clear_multi(prime, b, t1, t2, NULL);
7072 return err;
106108 }
107109
108110 /* find out what type of key it is */
109 if ((err = der_decode_sequence_multi(in, inlen,
111 if ((err = der_decode_sequence_multi(in, inlen,
110112 LTC_ASN1_BIT_STRING, 1UL, &flags,
111113 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
112114 goto done;
152154 }
153155 /* set z */
154156 if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; }
155
157
156158 /* is it a point on the curve? */
157159 if ((err = is_point(key)) != CRYPT_OK) {
158160 goto done;
+1
-1
src/ltc/pk/ecc/ecc_make_key.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_shared_secret.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_sign_hash.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_sizes.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ecc_verify_hash.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_map.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_mul2add.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_mulmod.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_points.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_projective_add_point.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm
+1
-1
src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c less more
88 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
99 */
1010
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
11 /* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b
1212 *
1313 * All curves taken from NIST recommendation paper of July 1999
1414 * Available at http://csrc.nist.gov/cryptval/dss.htm