From 2e2b5c5b158da43095ed0b4ee595c1b9c38ac97f Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 2 Mar 2010 00:23:26 +0000 Subject: Move all of the ECC domain parameter sets to policy.cpp, encoded as PEM, instead of weird custom format hard-coded in ec_dompar.cpp --- src/libstate/policy.cpp | 296 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 296 insertions(+) (limited to 'src/libstate') diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp index 3e9c8e122..bb775b049 100644 --- a/src/libstate/policy.cpp +++ b/src/libstate/policy.cpp @@ -194,6 +194,41 @@ void set_default_oids(Library_State& config) add_oid(config, "1.3.6.1.5.5.7.8.5", "PKIX.XMPPAddr"); + /* ECC domain parameters */ + + add_oid(config, "1.3.132.0.6", "secp112r1"); + add_oid(config, "1.3.132.0.7", "secp112r2"); + add_oid(config, "1.3.132.0.8", "secp160r1"); + add_oid(config, "1.3.132.0.9", "secp160k1"); + add_oid(config, "1.3.132.0.10", "secp256k1"); + add_oid(config, "1.3.132.0.28", "secp128r1"); + add_oid(config, "1.3.132.0.29", "secp128r2"); + add_oid(config, "1.3.132.0.30", "secp160r2"); + add_oid(config, "1.3.132.0.31", "secp192k1"); + add_oid(config, "1.3.132.0.32", "secp224k1"); + add_oid(config, "1.3.132.0.33", "secp224r1"); + add_oid(config, "1.3.132.0.34", "secp384r1"); + add_oid(config, "1.3.132.0.35", "secp521r1"); + + add_oid(config, "1.2.840.10045.3.1.1", "secp192r1"); + add_oid(config, "1.2.840.10045.3.1.2", "x962_p192v2"); + add_oid(config, "1.2.840.10045.3.1.3", "x962_p192v3"); + add_oid(config, "1.2.840.10045.3.1.4", "x962_p239v1"); + add_oid(config, "1.2.840.10045.3.1.5", "x962_p239v2"); + add_oid(config, "1.2.840.10045.3.1.6", "x962_p239v3"); + add_oid(config, "1.2.840.10045.3.1.7", "secp256r1"); + + add_oid(config, "1.3.36.3.3.2.8.1.1.1", "brainpool160r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.3", "brainpool192r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.5", "brainpool224r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.7", "brainpool256r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.9", "brainpool320r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.11", "brainpool384r1"); + add_oid(config, "1.3.36.3.3.2.8.1.1.13", "brainpool512r1"); + + add_oid(config, "1.2.643.2.2.35.1", "gost_256A"); + add_oid(config, "1.2.643.2.2.36.0", "gost_256A"); + /* CVC */ add_oid(config, "0.4.0.127.0.7.3.1.2.1", "CertificateHolderAuthorizationTemplate"); @@ -506,6 +541,267 @@ void set_default_dl_groups(Library_State& config) "dqoG9JKAoscsF8xC1bbnQMXEsas8UcLtCSviotiwU65Xc9FCXtKwjwbi3VBZLfGk" "eMFVkc39EVZP+I/zi3IdQjkv2kcyEtz9jS2IqXagCv/m//tDCjWeZMorNRyiQSOU" "-----END DSA PARAMETERS-----"); + + config.set("ec", "secp112r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MHQCAQEwGgYHKoZIzj0BAQIPANt8Kr9i415mgHa+rSCLMCAEDtt8Kr9i415mgHa+" + "rSCIBA5lnvi6BDkW7t6JEXArIgQdBAlIcjmZWl7na1X5wvCYqJzlr4ckwKI+Dg/3" + "dQACDwDbfCq/YuNedijfrGVhxQIBAQ==" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp112r2", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MHMCAQEwGgYHKoZIzj0BAQIPANt8Kr9i415mgHa+rSCLMCAEDmEnwkwF84oKqvZc" + "DvAsBA5R3vGBXbXtdPzDTIXXCQQdBEujCrXokrThZJ3QkoZDrc1G9YguN0fe826V" + "bpcCDjbfCq/YuNdZfKEFINBLAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp128r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGAAgEBMBwGByqGSM49AQECEQD////9////////////////MCQEEP////3/////" + "//////////wEEOh1ecEQefQ92CSZPCzuXtMEIQQWH/dSi4mbLQwoYHylLFuGz1rI" + "OVuv6xPALaKS3e16gwIRAP////4AAAAAdaMNG5A4oRUCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp128r2", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MH8CAQEwHAYHKoZIzj0BAQIRAP////3///////////////8wJAQQ1gMZmNGzu/6/" + "Wcybv/mu4QQQXu78o4DQKRncLGVYu22KXQQhBHtqpdheVymD5vsyp83rwUAntpFq" + "iU067nEG/oBfw0tEAhA/////f////74AJHIGE7WjAgEE" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp160k1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGYAgEBMCAGByqGSM49AQECFQD////////////////////+//+sczAsBBQAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAQUAAAAAAAAAAAAAAAAAAAAAAAAAAcEKQQ7TDgs43qh" + "kqQBnnYwNvT13U1+u5OM+TUxj9zta8KChlMXM8PwPE/uAhUBAAAAAAAAAAAAAbj6" + "Ft+rmsoWtrMCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp160r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGYAgEBMCAGByqGSM49AQECFQD/////////////////////f////zAsBBT/////" + "////////////////f////AQUHJe+/FS9eotlrPifgdTUrcVl+kUEKQRKlrVojvVz" + "KEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAAAAAAAfTI" + "+Seu08p1IlcCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp160r2", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGYAgEBMCAGByqGSM49AQECFQD////////////////////+//+sczAsBBT/////" + "///////////////+//+scAQUtOE00/tZ64urVydJBGZNWvUDiLoEKQRS3LA0KToR" + "fh9P8Rsw9xmdMUTObf6v/vLjMfKW4HH6DfmYLP6n1D8uAhUBAAAAAAAAAAAAADUe" + "54aoGPOhoWsCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp192k1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGwAgEBMCQGByqGSM49AQECGQD//////////////////////////v//7jcwNAQY" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAMEMQTbT/EOwFfpriawfQKAt/Q0HaXRsergbH2bLy9tnFYop4RBY9AVvoY0QIKq" + "iNleL50CGQD///////////////4m8vwXD2lGanTe/Y0CAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp192r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGwAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wNAQY" + "/////////////////////v/////////8BBhkIQUZ5ZyA5w+n6atyJDBJ/rje7MFG" + "ubEEMQQYjagOsDCQ9ny/IOtDoYgA9P8K/YL/EBIHGSuV/8jaeGMQEe1rJM3Vc/l3" + "oR55SBECGQD///////////////+Z3vg2FGvJsbTSKDECAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp224k1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHIAgEBMCgGByqGSM49AQECHQD///////////////////////////////7//+Vt" + "MDwEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEHAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAUEOQShRVszTfCZ3zD8KKFppGfp5HB1qQ9+ZQ62t6Rcfgif" + "7X+6NEKCyvvW9+MZ98CwvVniykvbVW1hpQIdAQAAAAAAAAAAAAAAAAAB3OjS7GGE" + "yvCpcXafsfcCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp224r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHIAgEBMCgGByqGSM49AQECHQD/////////////////////AAAAAAAAAAAAAAAB" + "MDwEHP////////////////////7///////////////4EHLQFCoUMBLOr9UEyVlBE" + "sLfXv9i6Jws5QyNV/7QEOQS3Dgy9a7S/fzITkLlKA8HTVsIRIjQygNYRXB0hvTdj" + "iLX3I/tMIt/mzUN1oFoHR2RE1YGZhQB+NAIdAP//////////////////FqLguPA+" + "E90pRVxcKj0CAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp256k1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHgAgEBMCwGByqGSM49AQECIQD////////////////////////////////////+" + "///8LzBEBCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQgAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEQQR5vmZ++dy7rFWgYpXOhwsHApv8" + "2y3OKNlZ8oFbFvgXmEg62ncmo8RlXaT7/A4RCKj9F7RIpoVUGZxH0I/7ENS4AiEA" + "/////////////////////rqu3OavSKA7v9JejNA2QUECAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp256r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHgAgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////" + "/////zBEBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6" + "k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsEQQRrF9Hy4SxCR/i85uVjpEDydwN9" + "gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA" + "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp384r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBQAIBATA8BgcqhkjOPQEBAjEA////////////////////////////////////" + "//////7/////AAAAAAAAAAD/////MGQEMP//////////////////////////////" + "///////////+/////wAAAAAAAAAA/////AQwszEvp+I+5+SYjgVr4/gtGRgdnG7+" + "gUESAxQIj1ATh1rGVjmNii7RnSqFyO3T7CrvBGEEqofKIr6LBTeOscce8yCtdG4d" + "O2KLp5uYWfdB4IJUKjhVAvJdv1UpbDpUXjhydgq3NhfeSpYmLG9dnpi/kpLcKfj0" + "Hb0omhR86doxE7XwuMAKYLHOHX6BnXpDHXyQ6g5fAjEA////////////////////" + "////////////x2NNgfQ3Ld9YGg2ySLCneuzsGWrMxSlzAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "secp521r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBrAIBATBNBgcqhkjOPQEBAkIB////////////////////////////////////" + "//////////////////////////////////////////////////8wgYgEQgH/////" + "////////////////////////////////////////////////////////////////" + "/////////////////ARCAFGVPrlhjhyaH5KaIaC2hUDuotpyW5mzFfO4tImRjvEJ" + "4VYZOVHsfpN7FlLAvTuxvwc1c9+IPSw08e9FH9RrUD8ABIGFBADGhY4GtwQE6c2e" + "PstmI5W0QpxkgTkFP7Uh+CivYGtNPbqhS1537+dZKP4dwSei/6jeM0izwYVqQpv5" + "fn4xwuW9ZgEYOSlqeJo7wARcil+0LH0b2Zj1RElXm0RoF6+9Fyc+ZiyX7nKZXvQm" + "QMVQuQE/rQdhNTxwhqJywkCIvpR2n9FmUAJCAf//////////////////////////" + "////////////////+lGGh4O/L5Zrf8wBSPcJpdA7tcm4iZxHrrtvtx6ROGQJAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "1.3.6.1.4.1.8301.3.1.2.9.0.38", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBrAIBATBNBgcqhkjOPQEBAkIB////////////////////////////////////" + "//////////////////////////////////////////////////8wgYgEQgH/////" + "////////////////////////////////////////////////////////////////" + "/////////////////ARCAFGVPrlhjhyaH5KaIaC2hUDuotpyW5mzFfO4tImRjvEJ" + "4VYZOVHsfpN7FlLAvTuxvwc1c9+IPSw08e9FH9RrUD8ABIGFBADGhY4GtwQE6c2e" + "PstmI5W0QpxkgTkFP7Uh+CivYGtNPbqhS1537+dZKP4dwSei/6jeM0izwYVqQpv5" + "fn4xwuW9ZgEYOSlqeJo7wARcil+0LH0b2Zj1RElXm0RoF6+9Fyc+ZiyX7nKZXvQm" + "QMVQuQE/rQdhNTxwhqJywkCIvpR2n9FmUAJCAf//////////////////////////" + "////////////////+lGGh4O/L5Zrf8wBSPcJpdA7tcm4iZxHrrtvtx6ROGQJAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool160r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGYAgEBMCAGByqGSM49AQECFQDpXkpfc3BZ3GDfx62Vs9gTlRViDzAsBBQ0Dnvi" + "ooDrdOK+YbradF2X6PfDAAQUHliahZVCNBITT6otveyVyNhnXlgEKQS+1a8W6j9q" + "T2KTjEYx61r3vbzbwxZny0d6Go7DOPlHQWacl2MW2mMhAhUA6V5KX3NwWdxg31mR" + "1FApQJ5g/AkCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool192r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGwAgEBMCQGByqGSM49AQECGQDDAvQdkyo2zaejRjCT0Y23j85HbeGoYpcwNAQY" + "apEXQHax4OGcOcAx/oaFwcrgQOXGmijvBBhGmijvfCjMo9xyHQRPRJa8yn70FG+/" + "JckEMQTAoGR+qrakh1OwM8VssPCQCi9cSFM3X9YUtpCGar1buItfSCjBSQAC5nc/" + "ovopm48CGQDDAvQdkyo2zaejRi+enpFrW+jxAprErMECAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool224r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHIAgEBMCgGByqGSM49AQECHQDXwTSqJkNmhioYMCV10deHsJ8HV5faifV+yMD/" + "MDwEHGil5iypzmwcKZgDpsFTC1FOGCrYsAQqWcrSn0MEHCWA9jzP5EE4hwcTsakj" + "aeM+ITXSZtuzcjhsQAsEOQQNkCmtLH5c9DQII7KofcaMnkzjF0webv3uEsB9WKpW" + "93LAcm8kxrieTs2sJDVLnpnKo/bTdhQCzQIdANfBNKomQ2aGKhgwJXXQ+5jRFrxL" + "bd68o6Wnk58CAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool256r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHgAgEBMCwGByqGSM49AQECIQCp+1fboe6pvD5mCpCdg41ybjv2I9UmICggE0gd" + "H25TdzBEBCB9Wgl1/CwwV+72dTBBev/n+4BVwSbcXGzpSktE8zC12QQgJtxcbOlK" + "S0TzMLXZu9d8v5WEFilc9+HOa8zcGP+MB7YEQQSL0q65y35XyyxLSC/8gbevud4n" + "4eO9I8I6RFO9ms4yYlR++DXD2sT9l/hGGhRhHcnCd0UTLe2OVFwdVMcvBGmXAiEA" + "qftX26Huqbw+ZgqQnYONcYw5eqO1Yab3kB4OgpdIVqcCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool320r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBEAIBATA0BgcqhkjOPQEBAikA015HIDa8T7fhPHhe0gHgZfmPz6b29A3vT5K5" + "7HiT7Cj81BKx8bMuJzBUBCg+4wtWj7qw+IPM69RtPzu4oqc1E/XredpmGQ6whf+p" + "9JLzdal9hg60BChSCIOUnf28QtOtGYZAaIpv4T9BNJVUtJrMMdzNiEU5gW9etKyP" + "sfGmBFEEQ71+mvtT2LhSibzEjuW/5vIBN9EKCH6254ceKhClmccQr40NOeIGERT9" + "0FVF7BzIq0CTJH93J14HQ//tEXGC6qnHeHeqrGrH01JF0WkujuECKQDTXkcgNrxP" + "t+E8eF7SAeBl+Y/PpbaPEqMtSC7H7oZY6YaRVVtExZMRAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool384r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBQAIBATA8BgcqhkjOPQEBAjEAjLkegqM4bSgPXW9+UOZB3xUvcQntVFa0ErHa" + "GX+3ESOs06cpkB0acYdHABMxB+xTMGQEMHvDgsY9jBUMPHIICs4Fr6DCvqKOT7In" + "hxORZe+6kfkPiqWBSlA61OsEqMfdIs4oJgQwBKjH3SLOKCaLObVUFvBEfC+3feEH" + "3NKmLogOpT7rYtV8tDkCldvJlDq3hpb6UEwRBGEEHRxk8GjPRf+ipjqBt8E/a4hH" + "o+d+8U/j23/K/gy9EOjoJuA0NtZGqu+HsuJH1K8eir4ddSD5wqRcseuOlc/VUmK3" + "Cyn+7Fhk4ZwFT/mRKSgORkYhd5GBEUKCA0EmPFMVAjEAjLkegqM4bSgPXW9+UOZB" + "3xUvcQntVFazHxZubKwEJafPOrava3/DEDuIMgLpBGVlAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "brainpool512r1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIIBogIBATBMBgcqhkjOPQEBAkEAqt2duNvpxIs/1OauM8n8B8swjbOzydIO1mOc" + "ynAzCHF9TZsAm8ZoQq7NoSrmo4DmKIH/Ly2CxoUoqmBWWDpI8zCBhARAeDCjMYtg" + "O4niMnFFrCNMxZTL3Y09+RYQqDRByuqYY7wt7V1aqCU6oQou8cmLmsi1fxEXpyvy" + "x7nnwaxNd/yUygRAPfkWEKg0QcrqmGO8Le1dWqglOqEKLvHJi5rItX8RF6cr8se5" + "58GsTXf8lMrcCD5nmEBQt1665d0oCb1jgBb3IwSBgQSBruS92C7ZZFohMi6cTGqT" + "he2fcLXZFsG0O2Lu9NAJjv87H3ji0NSNUNFoe5O5fV98bVBHQGpeaIs1Igm8ufgi" + "fd44XVZjMuzA6r+pz3gi/fIJ9wAkpXsaoADFW4gfgRGy3N5JSl9IXlvKS9iKJ2Ou" + "0corL6jwVAZ4zR4POtgIkgJBAKrdnbjb6cSLP9TmrjPJ/AfLMI2zs8nSDtZjnMpw" + "MwhwVT5cQUypJhlBhmEZf6wQRx2x04EIXdrdtYeWgpypAGkCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "x962_p192v2", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGwAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wNAQY" + "/////////////////////v/////////8BBjMItbfuVxrJeScDWNkpOWYDDk6ohZo" + "2VMEMQTuorrn4Ul4QvLed2nP6cmJwHKtaW9IA0pldNEdabbsemcruCoIPfLysIR9" + "6XCy3hUCGQD///////////////5fsack3IBBhkjY3TECAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "x962_p192v3", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIGwAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wNAQY" + "/////////////////////v/////////8BBgiEj3COVoFyqdCPa7MyUdgp9RiJWvV" + "aRYEMQR9KXeBAMZaHaF4NxZYjc4ri0rujiKPGJY4qQ8iY3M3M0tJ3LZqbcj5l4rK" + "dkipQ7ACGQD///////////////96YtAxyD9ClPZA7BMCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "x962_p239v1", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHSAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH//////" + "/zBABB5///////////////9///////+AAAAAAAB///////wEHmsBbDvc8YlB0NZU" + "khR1ynGp2y+yfR03eWGFwpQsCgQ9BA/6ljzcqIFszDO4ZCvt+QXD01hXPT8n+707" + "PLmqr33r6OTpCl2ubkBUylMLoEZUs2gYziJrOfzLewLxrgIef///////////////" + "f///nl6an12QcfvRUiaIkJ0LAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "x962_p239v2", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHSAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH//////" + "/zBABB5///////////////9///////+AAAAAAAB///////wEHmF/q2gyV2y7/tUN" + "mfAknD/uWLlLoAOMeuhMjIMvLAQ9BDivCdmHJ3BRIMkhu16eJilqPNzy81dXoOr9" + "h7gw51sBJeTb6g7HIG2g/AHZsIEyn7VV3m70YCN9/4vkugIef///////////////" + "gAAAz6foWUN31BTAOCG8WCBjAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "x962_p239v3", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHSAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH//////" + "/zBABB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL" + "A9anUKMMJQEC1JiHF9m6FattPgQ9BGdoro4Yu5LPzwBclJqixtlIU9DmYLv4VLHJ" + "UF/pWhYH5omPOQwGvB1VK60ibztvz+SLboGEma8Y4+1s8wIef///////////////" + "f///l13rQbOmBXw8QyFGUmVRAgEB" + "-----END ECC DOMAIN PARAMETERS-----"); + + config.set("ec", "gost_256A", + "-----BEGIN ECC DOMAIN PARAMETERS-----" + "MIHgAgEBMCwGByqGSM49AQECIQD/////////////////////////////////////" + "///9lzBEBCD////////////////////////////////////////9lAQgAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKYEQQQAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAY2R5HHgmJzaJ99QWkU/K3Y1KU8t3yPjsSKsyZyenx4UAiEA" + "/////////////////////2xhEHCZWtEARYQbCbdhuJMCAQE=" + "-----END ECC DOMAIN PARAMETERS-----"); } } -- cgit v1.2.3 From 1fac460e94edf5c4dda296588a87476195f08c24 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 2 Mar 2010 02:53:51 +0000 Subject: Remove ECDSA_Op and its attendant bits --- src/engine/def_engine/def_pk_ops.cpp | 16 -------- src/engine/def_engine/default_engine.h | 6 --- src/engine/engine.h | 12 ------ src/libstate/pk_engine.cpp | 21 ---------- src/libstate/pk_engine.h | 11 ----- src/pubkey/ecdsa/ecdsa.cpp | 75 ++++++++++++++++++++-------------- src/pubkey/ecdsa/ecdsa.h | 9 ---- src/pubkey/ecdsa/ecdsa_core.cpp | 58 -------------------------- src/pubkey/ecdsa/ecdsa_core.h | 46 --------------------- src/pubkey/ecdsa/ecdsa_op.cpp | 74 --------------------------------- src/pubkey/ecdsa/ecdsa_op.h | 64 ----------------------------- 11 files changed, 45 insertions(+), 347 deletions(-) delete mode 100644 src/pubkey/ecdsa/ecdsa_core.cpp delete mode 100644 src/pubkey/ecdsa/ecdsa_core.h delete mode 100644 src/pubkey/ecdsa/ecdsa_op.cpp delete mode 100644 src/pubkey/ecdsa/ecdsa_op.h (limited to 'src/libstate') diff --git a/src/engine/def_engine/def_pk_ops.cpp b/src/engine/def_engine/def_pk_ops.cpp index 3ac608819..177040805 100644 --- a/src/engine/def_engine/def_pk_ops.cpp +++ b/src/engine/def_engine/def_pk_ops.cpp @@ -27,10 +27,6 @@ #include #endif -#if defined(BOTAN_HAS_ECDSA) - #include -#endif - #if defined(BOTAN_HAS_ECKAEG) #include #endif @@ -94,18 +90,6 @@ DH_Operation* Default_Engine::dh_op(const DL_Group& group, } #endif -#if defined(BOTAN_HAS_ECDSA) -/* -* Acquire a ECDSA op -*/ -ECDSA_Operation* Default_Engine::ecdsa_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) const - { - return new Default_ECDSA_Op(dom_pars, priv_key, pub_key); - } -#endif - #if defined(BOTAN_HAS_ECKAEG) /* * Acquire a ECKAEG op diff --git a/src/engine/def_engine/default_engine.h b/src/engine/def_engine/default_engine.h index 6846d3497..5fe4c373b 100644 --- a/src/engine/def_engine/default_engine.h +++ b/src/engine/def_engine/default_engine.h @@ -44,12 +44,6 @@ class Default_Engine : public Engine DH_Operation* dh_op(const DL_Group&, const BigInt&) const; #endif -#if defined(BOTAN_HAS_ECDSA) - virtual ECDSA_Operation* ecdsa_op(const EC_Domain_Params&, - const BigInt&, - const PointGFp&) const; -#endif - #if defined(BOTAN_HAS_ECKAEG) virtual ECKAEG_Operation* eckaeg_op(const EC_Domain_Params&, const BigInt&, diff --git a/src/engine/engine.h b/src/engine/engine.h index 66a159e38..8c1b9dd5f 100644 --- a/src/engine/engine.h +++ b/src/engine/engine.h @@ -39,11 +39,6 @@ #include #endif -#if defined(BOTAN_HAS_ECDSA) - #include - #include -#endif - #if defined(BOTAN_HAS_ECKAEG) #include #include @@ -120,13 +115,6 @@ class BOTAN_DLL Engine { return 0; } #endif -#if defined(BOTAN_HAS_ECDSA) - virtual ECDSA_Operation* ecdsa_op(const EC_Domain_Params&, - const BigInt&, - const PointGFp&) const - { return 0; } -#endif - #if defined(BOTAN_HAS_ECKAEG) virtual ECKAEG_Operation* eckaeg_op(const EC_Domain_Params&, const BigInt&, diff --git a/src/libstate/pk_engine.cpp b/src/libstate/pk_engine.cpp index d6f4f7015..38fe17d73 100644 --- a/src/libstate/pk_engine.cpp +++ b/src/libstate/pk_engine.cpp @@ -110,27 +110,6 @@ DH_Operation* dh_op(const DL_Group& group, const BigInt& x) } #endif -#if defined(BOTAN_HAS_ECDSA) -/* -* Acquire an ECDSA op -*/ -ECDSA_Operation* ecdsa_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) - { - Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory()); - - while(const Engine* engine = i.next()) - { - ECDSA_Operation* op = engine->ecdsa_op(dom_pars, priv_key, pub_key); - if(op) - return op; - } - - throw Lookup_Error("Engine_Core::ecdsa_op: Unable to find a working engine"); - } -#endif - #if defined(BOTAN_HAS_ECKAEG) /* * Acquire a ECKAEG op diff --git a/src/libstate/pk_engine.h b/src/libstate/pk_engine.h index 256a47c20..6c45c3fca 100644 --- a/src/libstate/pk_engine.h +++ b/src/libstate/pk_engine.h @@ -31,11 +31,6 @@ #include #endif -#if defined(BOTAN_HAS_ECDSA) - #include - #include -#endif - #if defined(BOTAN_HAS_ECKAEG) #include #include @@ -76,12 +71,6 @@ ELG_Operation* elg_op(const DL_Group&, const BigInt&, const BigInt&); DH_Operation* dh_op(const DL_Group&, const BigInt&); #endif -#if defined(BOTAN_HAS_ECDSA) -ECDSA_Operation* ecdsa_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key); -#endif - #if defined(BOTAN_HAS_ECKAEG) ECKAEG_Operation* eckaeg_op(const EC_Domain_Params& dom_pars, const BigInt& priv_key, diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp index 7afbf96af..f5ded5aa6 100644 --- a/src/pubkey/ecdsa/ecdsa.cpp +++ b/src/pubkey/ecdsa/ecdsa.cpp @@ -9,17 +9,21 @@ #include -#include - namespace Botan { +ECDSA_PublicKey::ECDSA_PublicKey(const EC_Domain_Params& dom_par, + const PointGFp& pub_point) + { + domain_encoding = EC_DOMPAR_ENC_EXPLICIT; + domain_params = dom_par; + public_key = pub_point; + } + ECDSA_PrivateKey::ECDSA_PrivateKey(RandomNumberGenerator& rng, const EC_Domain_Params& dom_pars) { domain_params = dom_pars; generate_private_key(rng); - - ecdsa_core = ECDSA_Core(domain(), private_value(), public_point()); } ECDSA_PrivateKey::ECDSA_PrivateKey(const EC_Domain_Params& dom_pars, @@ -38,36 +42,34 @@ ECDSA_PrivateKey::ECDSA_PrivateKey(const EC_Domain_Params& dom_pars, { throw Invalid_State("ECDSA key generation failed"); } - - ecdsa_core = ECDSA_Core(domain(), private_value(), public_point()); } bool ECDSA_PublicKey::verify(const byte msg[], u32bit msg_len, const byte sig[], u32bit sig_len) const { - return ecdsa_core.verify(msg, msg_len, sig, sig_len); - } + const BigInt& n = domain().get_order(); -ECDSA_PublicKey::ECDSA_PublicKey(const EC_Domain_Params& dom_par, - const PointGFp& pub_point) - { - domain_encoding = EC_DOMPAR_ENC_EXPLICIT; - domain_params = dom_par; - public_key = pub_point; + if(n == 0) + throw Invalid_State("ECDSA_PublicKey::verify: Not initialized"); - ecdsa_core = ECDSA_Core(domain(), 0, public_point()); - } + if(sig_len != n.bytes()*2) + return false; -void ECDSA_PublicKey::X509_load_hook() - { - EC_PublicKey::X509_load_hook(); - ecdsa_core = ECDSA_Core(domain(), 0, public_point()); - } + BigInt e(msg, msg_len); -void ECDSA_PrivateKey::PKCS8_load_hook(bool generated) - { - EC_PrivateKey::PKCS8_load_hook(generated); - ecdsa_core = ECDSA_Core(domain(), private_value(), public_point()); + BigInt r(sig, sig_len / 2); + BigInt s(sig + sig_len / 2, sig_len / 2); + + if(r < 0 || r >= n || s < 0 || s >= n) + return false; + + BigInt w = inverse_mod(s, n); + + PointGFp R = w * (e * domain().get_base_point() + r*public_point()); + if(R.is_zero()) + return false; + + return (R.get_affine_x() % n == r); } SecureVector ECDSA_PrivateKey::sign(const byte msg[], @@ -76,17 +78,30 @@ SecureVector ECDSA_PrivateKey::sign(const byte msg[], { const BigInt& n = domain().get_order(); - if(n == 0) - throw Invalid_State("ECDSA_PrivateKey: Not initialized"); - - assert(n.bits() >= 1); + if(n == 0 || private_value() == 0) + throw Invalid_State("ECDSA_PrivateKey::sign: Not initialized"); BigInt k; do k.randomize(rng, n.bits()-1); while(k >= n); - return ecdsa_core.sign(msg, msg_len, k); + BigInt e(msg, msg_len); + + PointGFp k_times_P = domain().get_base_point() * k; + BigInt r = k_times_P.get_affine_x() % n; + + if(r == 0) + throw Internal_Error("Default_ECDSA_Op::sign: r was zero"); + + BigInt k_inv = inverse_mod(k, n); + + BigInt s = (((r * private_value()) + e) * k_inv) % n; + + SecureVector output(2*n.bytes()); + r.binary_encode(output + (output.size() / 2 - r.bytes())); + s.binary_encode(output + (output.size() - s.bytes())); + return output; } } diff --git a/src/pubkey/ecdsa/ecdsa.h b/src/pubkey/ecdsa/ecdsa.h index bc767d8ad..447bc3758 100644 --- a/src/pubkey/ecdsa/ecdsa.h +++ b/src/pubkey/ecdsa/ecdsa.h @@ -11,7 +11,6 @@ #define BOTAN_ECDSA_KEY_H__ #include -#include namespace Botan { @@ -64,11 +63,6 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey, */ ECDSA_PublicKey(const EC_Domain_Params& dom_par, const PointGFp& public_point); // sets core - - protected: - void X509_load_hook(); - - ECDSA_Core ecdsa_core; }; /** @@ -108,9 +102,6 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey, SecureVector sign(const byte message[], u32bit mess_len, RandomNumberGenerator& rng) const; - - private: - void PKCS8_load_hook(bool = false); }; } diff --git a/src/pubkey/ecdsa/ecdsa_core.cpp b/src/pubkey/ecdsa/ecdsa_core.cpp deleted file mode 100644 index d661963f2..000000000 --- a/src/pubkey/ecdsa/ecdsa_core.cpp +++ /dev/null @@ -1,58 +0,0 @@ -/* -* ECDSA Core -* (C) 1999-2010 Jack Lloyd -* (C) 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#include -#include - -namespace Botan { - -/* -* ECDSA Operation -*/ -bool ECDSA_Core::verify(const byte signature[], u32bit sig_len, - const byte message[], u32bit mess_len) const - { - if(op == 0) - throw Invalid_State("ECDSA_Core: uninitialized"); - - return op->verify(signature, sig_len, message, mess_len); - } - -SecureVector ECDSA_Core::sign(const byte message[], - u32bit mess_len, - const BigInt& k) const - { - if(op == 0) - throw Invalid_State("ECDSA_Core: uninitialized"); - - return op->sign(message, mess_len, k); - } - -ECDSA_Core& ECDSA_Core::operator=(const ECDSA_Core& core) - { - delete op; - if(core.op) - op = core.op->clone(); - return (*this); - } - -ECDSA_Core::ECDSA_Core(const ECDSA_Core& core) - { - op = 0; - if(core.op) - op = core.op->clone(); - } - -ECDSA_Core::ECDSA_Core(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) - { - op = Engine_Core::ecdsa_op(dom_pars, priv_key, pub_key); - } - -} diff --git a/src/pubkey/ecdsa/ecdsa_core.h b/src/pubkey/ecdsa/ecdsa_core.h deleted file mode 100644 index c6583a86f..000000000 --- a/src/pubkey/ecdsa/ecdsa_core.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -* ECDSA Core -* (C) 1999-2007 Jack Lloyd -* (C) 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_ECDSA_CORE_H__ -#define BOTAN_ECDSA_CORE_H__ - -#include -#include - -namespace Botan { - -/* -* ECDSA Core -*/ -class BOTAN_DLL ECDSA_Core - { - public: - bool verify(const byte signature[], u32bit sig_len, - const byte message[], u32bit mess_len) const; - - SecureVector sign(const byte message[], u32bit mess_len, - const BigInt& k) const; - - ECDSA_Core& operator=(const ECDSA_Core&); - - ECDSA_Core() { op = 0; } - - ECDSA_Core(const ECDSA_Core&); - - ECDSA_Core(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key); - - ~ECDSA_Core() { delete op; } - private: - ECDSA_Operation* op; - }; - -} - -#endif diff --git a/src/pubkey/ecdsa/ecdsa_op.cpp b/src/pubkey/ecdsa/ecdsa_op.cpp deleted file mode 100644 index dd92ac5c0..000000000 --- a/src/pubkey/ecdsa/ecdsa_op.cpp +++ /dev/null @@ -1,74 +0,0 @@ -/* -* ECDSA Operation -* (C) 2007 FlexSecure GmbH -* 2008-2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include -#include - -namespace Botan { - -Default_ECDSA_Op::Default_ECDSA_Op(const EC_Domain_Params& domain, - const BigInt& priv, - const PointGFp& pub) : - dom_pars(domain), mod_n(dom_pars.get_order()), - pub_key(pub), priv_key(priv) - { - } - -bool Default_ECDSA_Op::verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const - { - const BigInt& n = dom_pars.get_order(); - - if(sig_len != n.bytes()*2) - return false; - - BigInt e(msg, msg_len); - - BigInt r(sig, sig_len / 2); - BigInt s(sig + sig_len / 2, sig_len / 2); - - if(r < 0 || r >= n || s < 0 || s >= n) - return false; - - BigInt w = inverse_mod(s, n); - - PointGFp R = w * (e * dom_pars.get_base_point() + r*pub_key); - if(R.is_zero()) - return false; - - return (mod_n.reduce(R.get_affine_x()) == r); - } - -SecureVector Default_ECDSA_Op::sign(const byte msg[], u32bit msg_len, - const BigInt& k) const - { - if(priv_key == 0) - throw Internal_Error("Default_ECDSA_Op::sign(): no private key"); - - const BigInt& n = dom_pars.get_order(); - - BigInt e(msg, msg_len); - - PointGFp k_times_P = dom_pars.get_base_point() * k; - BigInt r = mod_n.reduce(k_times_P.get_affine_x()); - - if(r == 0) - throw Internal_Error("Default_ECDSA_Op::sign: r was zero"); - - BigInt k_inv = inverse_mod(k, n); - - BigInt s = mod_n.reduce(mod_n.multiply(r, priv_key) + e); - s = mod_n.multiply(s, k_inv); - - SecureVector output(2*n.bytes()); - r.binary_encode(output + (output.size() / 2 - r.bytes())); - s.binary_encode(output + (output.size() - s.bytes())); - return output; - } - -} diff --git a/src/pubkey/ecdsa/ecdsa_op.h b/src/pubkey/ecdsa/ecdsa_op.h deleted file mode 100644 index 3a492ccf4..000000000 --- a/src/pubkey/ecdsa/ecdsa_op.h +++ /dev/null @@ -1,64 +0,0 @@ -/* -* ECDSA Operations -* (C) 1999-2008 Jack Lloyd -* (C) 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_ECDSA_OPERATIONS_H__ -#define BOTAN_ECDSA_OPERATIONS_H__ - -#include -#include - -namespace Botan { - -/* -* ECDSA Operation -*/ -class BOTAN_DLL ECDSA_Operation - { - public: - virtual bool verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const = 0; - - virtual SecureVector sign(const byte msg[], u32bit msg_len, - const BigInt& k) const = 0; - - virtual ECDSA_Operation* clone() const = 0; - - virtual ~ECDSA_Operation() {} - }; - -/* -* Default ECDSA operation -*/ -class BOTAN_DLL Default_ECDSA_Op : public ECDSA_Operation - { - public: - bool verify(const byte sig[], u32bit sig_len, - const byte msg[], u32bit msg_len) const; - - SecureVector sign(const byte msg[], u32bit msg_len, - const BigInt& k) const; - - ECDSA_Operation* clone() const - { - return new Default_ECDSA_Op(*this); - } - - Default_ECDSA_Op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key); - private: - EC_Domain_Params dom_pars; - Modular_Reducer mod_n; - - PointGFp pub_key; - BigInt priv_key; - }; - -} - -#endif -- cgit v1.2.3 From 19e77947ee00b4db6b732ef3dabfdbb9ee2adfd6 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 2 Mar 2010 03:06:13 +0000 Subject: Kill ECKAEG_Op --- src/engine/def_engine/def_pk_ops.cpp | 16 --------- src/engine/def_engine/default_engine.h | 6 ---- src/engine/engine.h | 12 ------- src/libstate/pk_engine.cpp | 21 ------------ src/libstate/pk_engine.h | 11 ------- src/pubkey/ecdsa/info.txt | 2 -- src/pubkey/eckaeg/eckaeg.cpp | 50 ++++++++++++---------------- src/pubkey/eckaeg/eckaeg.h | 23 +++++++------ src/pubkey/eckaeg/eckaeg_core.cpp | 60 ---------------------------------- src/pubkey/eckaeg/eckaeg_core.h | 44 ------------------------- src/pubkey/eckaeg/eckaeg_op.cpp | 39 ---------------------- src/pubkey/eckaeg/eckaeg_op.h | 49 --------------------------- 12 files changed, 32 insertions(+), 301 deletions(-) delete mode 100644 src/pubkey/eckaeg/eckaeg_core.cpp delete mode 100644 src/pubkey/eckaeg/eckaeg_core.h delete mode 100644 src/pubkey/eckaeg/eckaeg_op.cpp delete mode 100644 src/pubkey/eckaeg/eckaeg_op.h (limited to 'src/libstate') diff --git a/src/engine/def_engine/def_pk_ops.cpp b/src/engine/def_engine/def_pk_ops.cpp index 177040805..e1040142e 100644 --- a/src/engine/def_engine/def_pk_ops.cpp +++ b/src/engine/def_engine/def_pk_ops.cpp @@ -27,10 +27,6 @@ #include #endif -#if defined(BOTAN_HAS_ECKAEG) - #include -#endif - namespace Botan { #if defined(BOTAN_HAS_IF_PUBLIC_KEY_FAMILY) @@ -90,16 +86,4 @@ DH_Operation* Default_Engine::dh_op(const DL_Group& group, } #endif -#if defined(BOTAN_HAS_ECKAEG) -/* -* Acquire a ECKAEG op -*/ -ECKAEG_Operation* Default_Engine::eckaeg_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) const - { - return new Default_ECKAEG_Op(dom_pars, priv_key, pub_key); - } -#endif - } diff --git a/src/engine/def_engine/default_engine.h b/src/engine/def_engine/default_engine.h index 5fe4c373b..aa753fadb 100644 --- a/src/engine/def_engine/default_engine.h +++ b/src/engine/def_engine/default_engine.h @@ -44,12 +44,6 @@ class Default_Engine : public Engine DH_Operation* dh_op(const DL_Group&, const BigInt&) const; #endif -#if defined(BOTAN_HAS_ECKAEG) - virtual ECKAEG_Operation* eckaeg_op(const EC_Domain_Params&, - const BigInt&, - const PointGFp&) const; -#endif - Modular_Exponentiator* mod_exp(const BigInt&, Power_Mod::Usage_Hints) const; diff --git a/src/engine/engine.h b/src/engine/engine.h index 8c1b9dd5f..ba5f95c27 100644 --- a/src/engine/engine.h +++ b/src/engine/engine.h @@ -39,11 +39,6 @@ #include #endif -#if defined(BOTAN_HAS_ECKAEG) - #include - #include -#endif - namespace Botan { class Algorithm_Factory; @@ -114,13 +109,6 @@ class BOTAN_DLL Engine virtual DH_Operation* dh_op(const DL_Group&, const BigInt&) const { return 0; } #endif - -#if defined(BOTAN_HAS_ECKAEG) - virtual ECKAEG_Operation* eckaeg_op(const EC_Domain_Params&, - const BigInt&, - const PointGFp&) const - { return 0; } -#endif }; } diff --git a/src/libstate/pk_engine.cpp b/src/libstate/pk_engine.cpp index 38fe17d73..ac2fa68b0 100644 --- a/src/libstate/pk_engine.cpp +++ b/src/libstate/pk_engine.cpp @@ -110,27 +110,6 @@ DH_Operation* dh_op(const DL_Group& group, const BigInt& x) } #endif -#if defined(BOTAN_HAS_ECKAEG) -/* -* Acquire a ECKAEG op -*/ -ECKAEG_Operation* eckaeg_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) - { - Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory()); - - while(const Engine* engine = i.next()) - { - ECKAEG_Operation* op = engine->eckaeg_op(dom_pars, priv_key, pub_key); - if(op) - return op; - } - - throw Lookup_Error("Engine_Core::eckaeg_op: Unable to find a working engine"); - } -#endif - /* * Acquire a modular exponentiator */ diff --git a/src/libstate/pk_engine.h b/src/libstate/pk_engine.h index 6c45c3fca..25f326ef0 100644 --- a/src/libstate/pk_engine.h +++ b/src/libstate/pk_engine.h @@ -31,11 +31,6 @@ #include #endif -#if defined(BOTAN_HAS_ECKAEG) - #include - #include -#endif - namespace Botan { class Algorithm_Factory; @@ -71,12 +66,6 @@ ELG_Operation* elg_op(const DL_Group&, const BigInt&, const BigInt&); DH_Operation* dh_op(const DL_Group&, const BigInt&); #endif -#if defined(BOTAN_HAS_ECKAEG) -ECKAEG_Operation* eckaeg_op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key); -#endif - } } diff --git a/src/pubkey/ecdsa/info.txt b/src/pubkey/ecdsa/info.txt index 799fff32f..ca2694ad1 100644 --- a/src/pubkey/ecdsa/info.txt +++ b/src/pubkey/ecdsa/info.txt @@ -1,11 +1,9 @@ define ECDSA -alloc asn1 ec_dompar ecc_key -libstate numbertheory rng diff --git a/src/pubkey/eckaeg/eckaeg.cpp b/src/pubkey/eckaeg/eckaeg.cpp index 639060f33..95b5afdbb 100644 --- a/src/pubkey/eckaeg/eckaeg.cpp +++ b/src/pubkey/eckaeg/eckaeg.cpp @@ -2,47 +2,23 @@ * ECKAEG implemenation * (C) 2007 Manuel Hartl, FlexSecure GmbH * 2007 Falko Strenzke, FlexSecure GmbH -* 2008 Jack Lloyd +* 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ #include -#include -#include -#include -#include -#include namespace Botan { -void ECKAEG_PublicKey::X509_load_hook() - { - EC_PublicKey::X509_load_hook(); - m_eckaeg_core = ECKAEG_Core(domain(), 0, public_point()); - } - ECKAEG_PublicKey::ECKAEG_PublicKey(const EC_Domain_Params& dom_par, const PointGFp& pub_point) { domain_params = dom_par; public_key = pub_point; - if(domain().get_curve() != pub_point.get_curve()) + if(domain().get_curve() != public_point().get_curve()) throw Invalid_Argument("ECKAEG_PublicKey: curve mismatch in constructor"); - - m_eckaeg_core = ECKAEG_Core(domain(), 0, public_point()); - } - -void ECKAEG_PrivateKey::PKCS8_load_hook(bool generated) - { - EC_PrivateKey::PKCS8_load_hook(generated); - m_eckaeg_core = ECKAEG_Core(domain(), private_value(), public_point()); - } - -MemoryVector ECKAEG_PrivateKey::public_value() const - { - return EC2OSP(public_point(), PointGFp::UNCOMPRESSED); } ECKAEG_PrivateKey::ECKAEG_PrivateKey(RandomNumberGenerator& rng, @@ -50,7 +26,6 @@ ECKAEG_PrivateKey::ECKAEG_PrivateKey(RandomNumberGenerator& rng, { domain_params = dom_pars; generate_private_key(rng); - m_eckaeg_core = ECKAEG_Core(domain(), private_value(), public_point()); } /** @@ -62,7 +37,7 @@ SecureVector ECKAEG_PrivateKey::derive_key(const byte key[], MemoryVector key_x(key, key_len); // FIXME: nasty/slow PointGFp point = OS2ECP(key_x, public_point().get_curve()); - return m_eckaeg_core.agree(point); + return derive_key(point); } /** @@ -70,7 +45,24 @@ SecureVector ECKAEG_PrivateKey::derive_key(const byte key[], */ SecureVector ECKAEG_PrivateKey::derive_key(const ECKAEG_PublicKey& key) const { - return m_eckaeg_core.agree(key.public_point()); + return derive_key(key.public_point()); + } + +/** +* Derive a key +*/ +SecureVector ECKAEG_PrivateKey::derive_key(const PointGFp& point) const + { + const BigInt& cofactor = domain().get_cofactor(); + const BigInt& n = domain().get_order(); + + BigInt l = inverse_mod(cofactor, n); // can precompute this + + PointGFp S = (cofactor * point) * (private_value() * l); + S.check_invariants(); + + return BigInt::encode_1363(S.get_affine_x(), + point.get_curve().get_p().bytes()); } } diff --git a/src/pubkey/eckaeg/eckaeg.h b/src/pubkey/eckaeg/eckaeg.h index fbd263e82..6bc4340ac 100644 --- a/src/pubkey/eckaeg/eckaeg.h +++ b/src/pubkey/eckaeg/eckaeg.h @@ -2,7 +2,7 @@ * ECKAEG * (C) 2007 Falko Strenzke, FlexSecure GmbH * Manuel Hartl, FlexSecure GmbH -* (C) 2008 Jack Lloyd +* (C) 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -11,7 +11,6 @@ #define BOTAN_ECKAEG_KEY_H__ #include -#include namespace Botan { @@ -49,11 +48,6 @@ class BOTAN_DLL ECKAEG_PublicKey : public virtual EC_PublicKey * @result the maximum number of input bits */ u32bit max_input_bits() const { return domain().get_order().bits(); } - - protected: - void X509_load_hook(); - - ECKAEG_Core m_eckaeg_core; }; /** @@ -78,22 +72,27 @@ class BOTAN_DLL ECKAEG_PrivateKey : public ECKAEG_PublicKey, */ ECKAEG_PrivateKey() {} - MemoryVector public_value() const; - - void PKCS8_load_hook(bool = false); + MemoryVector public_value() const + { return EC2OSP(public_point(), PointGFp::UNCOMPRESSED); } /** - * Derive a shared key with the other partys public key. + * Derive a shared key with the other parties public key. * @param key the other partys public key * @param key_len the other partys public key */ SecureVector derive_key(const byte key[], u32bit key_len) const; /** - * Derive a shared key with the other partys public key. + * Derive a shared key with the other parties public key. * @param other the other partys public key */ SecureVector derive_key(const ECKAEG_PublicKey& other) const; + + /** + * Derive a shared key with the other parties public key. + * @param point the public point of the other parties key + */ + SecureVector derive_key(const PointGFp& point) const; }; } diff --git a/src/pubkey/eckaeg/eckaeg_core.cpp b/src/pubkey/eckaeg/eckaeg_core.cpp deleted file mode 100644 index e22a6dcfe..000000000 --- a/src/pubkey/eckaeg/eckaeg_core.cpp +++ /dev/null @@ -1,60 +0,0 @@ -/* -* ECKAEG Core -* (C) 1999-2010 Jack Lloyd -* (C) 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#include -#include -#include -#include -#include - -namespace Botan { - -/* -* ECKAEG_Core Constructor -*/ -ECKAEG_Core::ECKAEG_Core(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) - { - op = Engine_Core::eckaeg_op(dom_pars, priv_key, pub_key); - } - -/* -* ECKAEG_Core Copy Constructor -*/ -ECKAEG_Core::ECKAEG_Core(const ECKAEG_Core& core) - { - op = 0; - if(core.op) - op = core.op->clone(); - blinder = core.blinder; - } - -/* -* ECKAEG_Core Assignment Operator -*/ -ECKAEG_Core& ECKAEG_Core::operator=(const ECKAEG_Core& core) - { - delete op; - if(core.op) - op = core.op->clone(); - blinder = core.blinder; - return (*this); - } - -/* -* ECKAEG Operation -*/ -SecureVector ECKAEG_Core::agree(const PointGFp& otherKey) const - { - if(op == 0) - throw Invalid_State("ECKAEG_Core: uninitialized"); - return op->agree(otherKey); - } - -} diff --git a/src/pubkey/eckaeg/eckaeg_core.h b/src/pubkey/eckaeg/eckaeg_core.h deleted file mode 100644 index d632c9451..000000000 --- a/src/pubkey/eckaeg/eckaeg_core.h +++ /dev/null @@ -1,44 +0,0 @@ -/* -* ECKAEG Core -* (C) 1999-2007 Jack Lloyd -* (C) 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_ECKAEG_CORE_H__ -#define BOTAN_ECKAEG_CORE_H__ - -#include -#include -#include - -namespace Botan { - -/* -* ECKAEG Core -*/ -class BOTAN_DLL ECKAEG_Core - { - public: - SecureVector agree(const PointGFp&) const; - - ECKAEG_Core& operator=(const ECKAEG_Core&); - - ECKAEG_Core() { op = 0; } - - ECKAEG_Core(const ECKAEG_Core&); - - ECKAEG_Core(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - PointGFp const& pub_key); - - ~ECKAEG_Core() { delete op; } - private: - ECKAEG_Operation* op; - Blinder blinder; - }; - -} - -#endif diff --git a/src/pubkey/eckaeg/eckaeg_op.cpp b/src/pubkey/eckaeg/eckaeg_op.cpp deleted file mode 100644 index 4fb0a23eb..000000000 --- a/src/pubkey/eckaeg/eckaeg_op.cpp +++ /dev/null @@ -1,39 +0,0 @@ -/* -* ECKAEG Operation -* (C) 2007 FlexSecure GmbH -* 2008-2010 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include -#include - -namespace Botan { - -Default_ECKAEG_Op::Default_ECKAEG_Op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key) - : m_dom_pars(dom_pars), - m_pub_key(pub_key), - m_priv_key(priv_key) - { - } - -SecureVector Default_ECKAEG_Op::agree(const PointGFp& i) const - { - BigInt cofactor = m_dom_pars.get_cofactor(); - BigInt n = m_dom_pars.get_order(); - - BigInt l = inverse_mod(cofactor, n); - - PointGFp S = cofactor * i; - S *= (m_priv_key * l) % n; - - S.check_invariants(); - - return BigInt::encode_1363(S.get_affine_x(), - S.get_curve().get_p().bytes()); - } - -} diff --git a/src/pubkey/eckaeg/eckaeg_op.h b/src/pubkey/eckaeg/eckaeg_op.h deleted file mode 100644 index 27cf4f367..000000000 --- a/src/pubkey/eckaeg/eckaeg_op.h +++ /dev/null @@ -1,49 +0,0 @@ -/* -* ECKAEG Operations -* (C) 1999-2008 Jack Lloyd -* 2007 FlexSecure GmbH -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_ECKAEG_OPERATIONS_H__ -#define BOTAN_ECKAEG_OPERATIONS_H__ - -#include - -namespace Botan { - -/* -* ECKAEG Operation -*/ -class BOTAN_DLL ECKAEG_Operation - { - public: - virtual SecureVector agree(const PointGFp&) const = 0; - virtual ECKAEG_Operation* clone() const = 0; - virtual ~ECKAEG_Operation() {} - }; - -/* -* Default ECKAEG operation -*/ -class BOTAN_DLL Default_ECKAEG_Op : public ECKAEG_Operation - { - public: - SecureVector agree(const PointGFp& i) const; - - ECKAEG_Operation* clone() const { return new Default_ECKAEG_Op(*this); } - - Default_ECKAEG_Op(const EC_Domain_Params& dom_pars, - const BigInt& priv_key, - const PointGFp& pub_key); - private: - EC_Domain_Params m_dom_pars; - PointGFp m_pub_key; - BigInt m_priv_key; - }; - - -} - -#endif -- cgit v1.2.3