diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2015-08-06 17:31:41 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2015-08-06 17:31:41 +0900 |
| commit | e93f4c21c59756604440ad8cbf27e67d29c99ffd (patch) | |
| tree | 4b97f8a1f8d8804f6897c3afb21527897eda04e6 /cipher/ecc-curves.c | |
| parent | b4b1d872ba651bc44761b35d245b1a519a33f515 (diff) | |
| download | libgcrypt-e93f4c21c59756604440ad8cbf27e67d29c99ffd.tar.gz | |
Add Curve25519 support.
* cipher/ecc-curves.c (curve_aliases, domain_parms): Add Curve25519.
* tests/curves.c (N_CURVES): It's 22 now.
* src/cipher.h (PUBKEY_FLAG_DJB_TWEAK): New.
* cipher/ecc-common.h (_gcry_ecc_mont_decodepoint): New.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): New.
* cipher/ecc.c (nist_generate_key): Handle the case of
PUBKEY_FLAG_DJB_TWEAK and Montgomery curve.
(test_ecdh_only_keys, check_secret_key): Likewise.
(ecc_generate): Support Curve25519 which is Montgomery curve with flag
PUBKEY_FLAG_DJB_TWEAK and PUBKEY_FLAG_COMP.
(ecc_encrypt_raw): Get flags from KEYPARMS and handle
PUBKEY_FLAG_DJB_TWEAK and Montgomery curve.
(ecc_decrypt_raw): Likewise.
(compute_keygrip): Handle the case of PUBKEY_FLAG_DJB_TWEAK.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist):
PUBKEY_FLAG_EDDSA implies PUBKEY_FLAG_DJB_TWEAK.
Parse "djb-tweak" for PUBKEY_FLAG_DJB_TWEAK.
--
With PUBKEY_FLAG_DJB_TWEAK, secret key has msb set and it should be
always multiple by cofactor.
Diffstat (limited to 'cipher/ecc-curves.c')
| -rw-r--r-- | cipher/ecc-curves.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 9975bb42..51d9e39d 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -40,7 +40,7 @@ static const struct const char *other; /* Other name. */ } curve_aliases[] = { - /*{ "Curve25519", "1.3.6.1.4.1.3029.1.5.1" },*/ + { "Curve25519", "1.3.6.1.4.1.3029.1.5.1" }, { "Ed25519", "1.3.6.1.4.1.11591.15.1" }, { "NIST P-192", "1.2.840.10045.3.1.1" }, /* X9.62 OID */ @@ -107,7 +107,8 @@ typedef struct const char *p; /* The prime defining the field. */ const char *a, *b; /* The coefficients. For Twisted Edwards - Curves b is used for d. */ + Curves b is used for d. For Montgomery + Curves a has (A-2)/4. */ const char *n; /* The order of the base point. */ const char *g_x, *g_y; /* Base point. */ const char *h; /* Cofactor. */ @@ -129,6 +130,18 @@ static const ecc_domain_parms_t domain_parms[] = "0x6666666666666666666666666666666666666666666666666666666666666658", "0x08" }, + { + /* (y^2 = x^3 + 486662*x^2 + x) */ + "Curve25519", 256, 0, + MPI_EC_MONTGOMERY, ECC_DIALECT_STANDARD, + "0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED", + "0x01DB41", + "0x01", + "0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED", + "0x0000000000000000000000000000000000000000000000000000000000000009", + "0x20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9", + "0x08" + }, #if 0 /* No real specs yet found. */ { /* x^2 + y^2 = 1 + 3617x^2y^2 mod 2^414 - 17 */ |