deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add call-ec_p256k1

Browse Source
This commit is contained in:
NIIBE Yutaka
2014-02-20 10:55:20 +09:00
parent deaf340687
commit a32f577dfa
6 changed files with 138 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@@ -1,3 +1,10 @@
2014-02-20 Niibe Yutaka <gniibe@fsij.org>
* src/call-ec_p256k1.c: New. Use call-ec.c.
* src/call-ec_p256r1.c: Use call-ec.c.
* src/call-ec.c: New.
(ecdsa_sign): Change the signature.
2014-02-19 Niibe Yutaka <gniibe@fsij.org> 2014-02-19 Niibe Yutaka <gniibe@fsij.org>
* tool/calc_precompute_table_ecc.py: New. * tool/calc_precompute_table_ecc.py: New.

86
src/call-ec.c Normal file
View File

@@ -0,0 +1,86 @@
/*
* call-ec.c - interface between Gnuk and Elliptic curve over GF(prime)
*
* Copyright (C) 2013 Free Software Initiative of Japan
* Author: NIIBE Yutaka <gniibe@fsij.org>
*
* This file is a part of Gnuk, a GnuPG USB Token implementation.
*
* Gnuk is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Gnuk is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
* License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include "field-group-select.h"
/* We are little endian. */
#define ECDSA_BYTE_SIZE 32
int
FUNC(ecdsa_sign) (const uint8_t *hash, uint8_t *output,
const uint8_t *key_data)
{
int i;
bn256 r[1], s[1], z[1], d[1];
uint8_t *p;
p = (uint8_t *)d;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = key_data[i];
p = (uint8_t *)z;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = hash[i];
FUNC(ecdsa) (r, s, z, d);
p = (uint8_t *)r;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*output++ = p[ECDSA_BYTE_SIZE - i - 1];
p = (uint8_t *)s;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*output++ = p[ECDSA_BYTE_SIZE - i - 1];
return 0;
}
uint8_t *
FUNC(ecdsa_compute_public) (const uint8_t *key_data)
{
uint8_t *p0, *p, *p1;
ac q[1];
bn256 k[1];
int i;
p0 = (uint8_t *)malloc (ECDSA_BYTE_SIZE * 2);
if (p0 == NULL)
return NULL;
p = (uint8_t *)k;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = key_data[i];
if (FUNC(compute_kG) (q, k) < 0)
{
free (p0);
return NULL;
}
p = p0;
p1 = (uint8_t *)q->x;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*p++ = p1[ECDSA_BYTE_SIZE - i - 1];
p1 = (uint8_t *)q->y;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*p++ = p1[ECDSA_BYTE_SIZE - i - 1];
return p0;
}

34
src/call-ec_p256k1.c Normal file
View File

@@ -0,0 +1,34 @@
/*
* call-ec_p256k1.c - interface between Gnuk and Elliptic curve over
* GF(p256k1)
*
* Copyright (C) 2014 Free Software Initiative of Japan
* Author: NIIBE Yutaka <gniibe@fsij.org>
*
* This file is a part of Gnuk, a GnuPG USB Token implementation.
*
* Gnuk is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Gnuk is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
* License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "bn.h"
#include "jpc-ac_p256k1.h"
#include "ec_p256k1.h"
#define FIELD p256k1
#include "call-ec.c"

68
src/call-ec_p256r1.c
View File

@@ -2,7 +2,7 @@
* call-ec_p256r1.c - interface between Gnuk and Elliptic curve over * call-ec_p256r1.c - interface between Gnuk and Elliptic curve over
* GF(p256r1) * GF(p256r1)
* *
* Copyright (C) 2013 Free Software Initiative of Japan * Copyright (C) 2014 Free Software Initiative of Japan
* Author: NIIBE Yutaka <gniibe@fsij.org> * Author: NIIBE Yutaka <gniibe@fsij.org>
* *
* This file is a part of Gnuk, a GnuPG USB Token implementation. * This file is a part of Gnuk, a GnuPG USB Token implementation.
@@ -29,68 +29,6 @@
#include "jpc-ac_p256r1.h" #include "jpc-ac_p256r1.h"
#include "ec_p256r1.h" #include "ec_p256r1.h"
#include "config.h" #define FIELD p256r1
#include "gnuk.h" #include "call-ec.c"
/* We are little endian. */
#define ECDSA_BYTE_SIZE 32
int
ecdsa_sign (const uint8_t *hash, uint8_t *output,
const struct key_data *kd)
{
int i;
bn256 r[1], s[1], z[1], d[1];
uint8_t *p;
p = (uint8_t *)d;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = kd->data[i];
p = (uint8_t *)z;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = hash[i];
ecdsa_p256r1 (r, s, z, d);
p = (uint8_t *)r;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*output++ = p[ECDSA_BYTE_SIZE - i - 1];
p = (uint8_t *)s;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*output++ = p[ECDSA_BYTE_SIZE - i - 1];
return 0;
}
uint8_t *
ecdsa_compute_public (const uint8_t *key_data)
{
uint8_t *p0, *p, *p1;
ac q[1];
bn256 k[1];
int i;
p0 = (uint8_t *)malloc (ECDSA_BYTE_SIZE * 2);
if (p0 == NULL)
return NULL;
p = (uint8_t *)k;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
p[ECDSA_BYTE_SIZE - i - 1] = key_data[i];
if (compute_kG (q, k) < 0)
{
free (p0);
return NULL;
}
p = p0;
p1 = (uint8_t *)q->x;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*p++ = p1[ECDSA_BYTE_SIZE - i - 1];
p1 = (uint8_t *)q->y;
for (i = 0; i < ECDSA_BYTE_SIZE; i++)
*p++ = p1[ECDSA_BYTE_SIZE - i - 1];
return p0;
}

10
src/gnuk.h
View File

@@ -246,9 +246,13 @@ extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash,
const uint8_t *signature); const uint8_t *signature);
extern uint8_t *rsa_genkey (void); extern uint8_t *rsa_genkey (void);
extern int ecdsa_sign (const uint8_t *hash, uint8_t *output, extern int ecdsa_sign_p256r1 (const uint8_t *hash, uint8_t *output,
const struct key_data *kd); const uint8_t *key_data);
extern uint8_t *ecdsa_compute_public (const uint8_t *key_data); extern uint8_t *ecdsa_compute_public_p256r1 (const uint8_t *key_data);
extern int ecdsa_sign_p256k1 (const uint8_t *hash, uint8_t *output,
const uint8_t *key_data);
extern uint8_t *ecdsa_compute_public_p256k1 (const uint8_t *key_data);
extern const uint8_t *gpg_do_read_simple (uint8_t); extern const uint8_t *gpg_do_read_simple (uint8_t);
extern void gpg_do_write_simple (uint8_t, const uint8_t *, int); extern void gpg_do_write_simple (uint8_t, const uint8_t *, int);

2
src/openpgp.c
View File

@@ -966,7 +966,7 @@ cmd_internal_authenticate (void)
res_APDU_size = ECDSA_SIGNATURE_LENGTH; res_APDU_size = ECDSA_SIGNATURE_LENGTH;
r = ecdsa_sign (apdu.cmd_apdu_data, res_APDU, r = ecdsa_sign (apdu.cmd_apdu_data, res_APDU,
&kd[GPG_KEY_FOR_AUTHENTICATION]); kd[GPG_KEY_FOR_AUTHENTICATION]->data);
if (r < 0) if (r < 0)
GPG_ERROR (); GPG_ERROR ();
} }