/* * This call is used for precomputing the public key in expanded form * before using the shared key version with precomputing */ CSL_error CSL_PrecomputeFour(CSLOSEccPublicKey publicKey, CSLOSEccExpPublicKey prePublicKey){ point publickey; int j; #ifdef __KERNEL__ point *precomputedpublickey = kmalloc(sizeof(point) * 16, GFP_KERNEL); if (!precomputedpublickey) return CSL_NO_MEMORY; #else point precomputedpublickey[16]; #endif OS2ECP(publicKey, OCTET_STRING_LEN*2, &publickey); alg_do_precompute_four(&publickey, &(precomputedpublickey[0]), &named_curve); for(j = 0; j < 16; j++){ EC2OSP(&(precomputedpublickey[j]), (prePublicKey + ((OCTET_STRING_LEN*2)*j)), OCTET_STRING_LEN*2); } #ifdef __KERNEL__ kfree(precomputedpublickey); #endif return CSL_OK; }
CSL_error CSL_GenerateEccPublicKey(CSLOSEccPrivateKey privateKey, CSLOSEccPublicKey publicKey){ field_2n pvtkey; point publickey; CSL_error error = CSL_OK; /* this is needed because the sizes are extended to word size multiples*/ memset(publicKey, 0x0, sizeof(CSLOSEccPublicKey)); poly_elliptic_init_233_bit(); OS2FEP(privateKey, &pvtkey); error = alg_generate_public_key(&named_point, &named_curve, &pvtkey, &publickey); EC2OSP(&publickey, publicKey, OCTET_STRING_LEN*2); return error; }
VerificationVerdict verify(const DigitalSignature & data, const DataInputPolicy * dip = NULL) { if ( ! _isPublicKeyLoaded ) throw std::exception(); ZZ t = OS2IP(data.R); ZZ s = OS2IP(data.S); if ((L(t) > _Ln || (IsZero(t))) || (s > _Curve.getOrder())) return VerificationVerdict(); t %= _Curve.getOrder(); _Curve.enter_mod_context(EC_Dscr::aEC::FIELD_CONTEXT); typename EC_Dscr::aECP R = toAffine(_publicKey * t + _BasePoint * s); _Curve.leave_mod_context(); const Octet P = EC2OSP(R, EC_Dscr::aEC::EC2OSP_COMPRESSED); const ZZ d = (t - OS2IP(P)) % _Curve.getOrder(); Octet vdata = I2OSP(d); /* MAKE CHECKS */ const DSSDataOutput vmsg = dip == NULL ? _ECNR_Data.createOutput(vdata) : TDataInput<ECNR_Input>(*dip).createOutput(vdata); ManagedBlob M = vmsg.M_rec || data.M_clr; const DSSDataInput vsign = dip == NULL ? _ECNR_Data.createInput(M, P) : TDataInput<ECNR_Input>(*dip).createInput(M, P); if (vsign.d == vmsg.d_pad) { return VerificationVerdict(M); } else { return VerificationVerdict(); } }
DigitalSignature sign(const ManagedBlob & data, const DataInputPolicy * dip = NULL) { if (! _isPrivateKeyLoaded) throw std::exception(); const ZZ k = OS2IP(_PRNG()) % _Curve.getOrder(); Octet P; do { _Curve.enter_mod_context(EC_Dscr::aEC::FIELD_CONTEXT); const typename EC_Dscr::aECP PP = toAffine(_BasePoint * k); _Curve.leave_mod_context(); if (PP.isZero()) continue; P = EC2OSP(PP, EC_Dscr::aEC::EC2OSP_COMPRESSED); break; } while(1); /* FIX IT */ const DSSDataInput SignData = dip == NULL ? _ECNR_Data.createInput(data, P) : TDataInput<ECNR_Input>(*dip).createInput(data, P); _Curve.enter_mod_context(EC_Dscr::aEC::ORDER_CONTEXT); const ZZ_p pi = InMod(OS2IP(P)); const ZZ_p d = InMod(OS2IP(SignData.d)); const ZZ_p r = (d + pi); const ZZ_p s = (InMod(k) - InMod(_privateKey)*r); _Curve.leave_mod_context(); const ByteSeq R = I2OSP(r,_Ln); const ByteSeq S = I2OSP(s,_Ln); return DigitalSignature(R, S, SignData.M_clr); }
void SshKeyGenerator::generateOpenSslPublicKeyString(const KeyPtr &key) { QList<BigInt> params; QByteArray keyId; QByteArray q; switch (m_type) { case Rsa: { const QSharedPointer<RSA_PrivateKey> rsaKey = key.dynamicCast<RSA_PrivateKey>(); params << rsaKey->get_e() << rsaKey->get_n(); keyId = SshCapabilities::PubKeyRsa; break; } case Dsa: { const QSharedPointer<DSA_PrivateKey> dsaKey = key.dynamicCast<DSA_PrivateKey>(); params << dsaKey->group_p() << dsaKey->group_q() << dsaKey->group_g() << dsaKey->get_y(); keyId = SshCapabilities::PubKeyDss; break; } case Ecdsa: { const auto ecdsaKey = key.dynamicCast<ECDSA_PrivateKey>(); q = convertByteArray(EC2OSP(ecdsaKey->public_point(), PointGFp::UNCOMPRESSED)); keyId = SshCapabilities::ecdsaPubKeyAlgoForKeyWidth( static_cast<int>(ecdsaKey->private_value().bytes())); break; } } QByteArray publicKeyBlob = AbstractSshPacket::encodeString(keyId); foreach (const BigInt &b, params) publicKeyBlob += AbstractSshPacket::encodeMpInt(b); if (!q.isEmpty()) { publicKeyBlob += AbstractSshPacket::encodeString(keyId.mid(11)); // Without "ecdsa-sha2-" prefix. publicKeyBlob += AbstractSshPacket::encodeString(q); } publicKeyBlob = publicKeyBlob.toBase64(); const QByteArray id = "QtCreator/" + QDateTime::currentDateTime().toString(Qt::ISODate).toUtf8(); m_publicKey = keyId + ' ' + publicKeyBlob + ' ' + id; }
CSL_error CSL_ComputeEccSig(CSLOSDigest digest, u32 digestSize, CSLOSEccPrivateKey private_key, CSLOSEccSig sign, CSLOSEccSigRand random_data) { CSL_error ret; CSL_error reterr = CSL_OK; CSL_ComputeEccSig_big_locals *big_locals; #ifdef __KERNEL__ big_locals = kmalloc(sizeof(*big_locals), GFP_KERNEL); if (!big_locals) return CSL_NO_MEMORY; #else CSL_ComputeEccSig_big_locals _big_locals; big_locals = &_big_locals; #endif alg_init_233_bit_ECDSA(&big_locals->base, NUM_BITS); OS2FEP(private_key, &big_locals->pvtkey); OS2FEP(random_data, &big_locals->random_data_field); ret = alg_poly_ECDSA_signature((char *)digest, digestSize, &big_locals->base, &big_locals->pvtkey, &big_locals->signature, &big_locals->random_data_field); if (ret == CSL_OK) { EC2OSP((point *)&big_locals->signature, sign, OCTET_STRING_LEN*2); reterr = CSL_OK; } else reterr = CSL_DIVIDE_BY_ZERO; #ifdef __KERNEL__ kfree(big_locals); #endif return reterr; }
std::vector<uint8_t> EC_Group::DER_encode(EC_Group_Encoding form) const { if(form == EC_DOMPAR_ENC_EXPLICIT) { const size_t ecpVers1 = 1; OID curve_type("1.2.840.10045.1.1"); const size_t p_bytes = m_curve.get_p().bytes(); return DER_Encoder() .start_cons(SEQUENCE) .encode(ecpVers1) .start_cons(SEQUENCE) .encode(curve_type) .encode(m_curve.get_p()) .end_cons() .start_cons(SEQUENCE) .encode(BigInt::encode_1363(m_curve.get_a(), p_bytes), OCTET_STRING) .encode(BigInt::encode_1363(m_curve.get_b(), p_bytes), OCTET_STRING) .end_cons() .encode(EC2OSP(m_base_point, PointGFp::UNCOMPRESSED), OCTET_STRING) .encode(m_order) .encode(m_cofactor) .end_cons() .get_contents_unlocked(); } else if(form == EC_DOMPAR_ENC_OID) return DER_Encoder().encode(OID(get_oid())).get_contents_unlocked(); else if(form == EC_DOMPAR_ENC_IMPLICITCA) return DER_Encoder().encode_null().get_contents_unlocked(); else throw Internal_Error("EC_Group::DER_encode: Unknown encoding"); }
std::vector<byte> EC_PublicKey::x509_subject_public_key() const { return unlock(EC2OSP(public_point(), PointGFp::COMPRESSED)); }
std::vector<uint8_t> EC_PublicKey::public_key_bits() const { return unlock(EC2OSP(public_point(), PointGFp::COMPRESSED)); }
int sm2_enc ( sm2_pubkey *pubkey, unsigned char *plaintext, unsigned int plen, unsigned char *ciphertext, unsigned int *clen ) { mpz_t k; point_affn_t kG; unsigned int c1len, xylen; #ifndef MUL_BITS unsigned char tmp[FIELD_SIZE_IN_BYTES*2]; #else unsigned char tmp[32 * 2]; #endif unsigned int i; if( !ciphertext ) { *clen = FIELD_SIZE_IN_BYTES+1+plen+SM3_HASH_LEN; return 0; } else { if( *clen < (FIELD_SIZE_IN_BYTES+1+plen+SM3_HASH_LEN) ) return 1; } mpz_init(k); NN_BarrettSetBuf(&pXbufSubgrpOrder); random_limit(k, SUBGRP_ORDER); NN_BarrettSetBuf(&pXbufFieldPrime); #ifdef USE_ECC_256 //mpz_set_str(k, "4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16); #else //mpz_set_str(k, "ADB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F5656467", 16); #endif point_affn_init(kG); point_affn_mul(kG, GENERATOR, k); // dump_point(kG, "kG"); c1len = *clen; EC2OSP(ciphertext,(int *) &c1len, kG, pubkey->ecp); point_affn_clear(kG); point_affn_init(kG); point_affn_mul(kG, pubkey->sG, k); // dump_point(kG, "kG"); mpz_clear(k); xylen = sizeof(tmp); EC2OSP_XY(tmp, (int *)&xylen, kG); point_affn_clear(kG); dump_mem(tmp, 0x30, "tmp"); sm2_hash(tmp, xylen/2, plaintext, plen, tmp+xylen/2, xylen/2, ciphertext+c1len); sm2_KDF1_ex(ciphertext+c1len+SM3_HASH_LEN, plen, tmp, xylen, ALG_HASH_SM3, 1); for(i=0; i<plen; i++) ciphertext[c1len+SM3_HASH_LEN+i] ^= plaintext[i]; *clen = c1len+plen+SM3_HASH_LEN; return 0; }
MemoryVector<byte> key_bits() const { key->affirm_init(); return EC2OSP(*(key->mp_public_point), PointGFp::COMPRESSED); }