ecc.c data structures
Sergi Blanch i Torné
sergi at calcurco.cat
Mon Dec 28 12:03:25 CET 2009
On Monday 28 December 2009 11:09:56 am Werner Koch wrote:
> With the draft you probably mean the OpenPGP ECC draft.
>
> This is not relevant for Libgcrypt. Libgcrypt has and should not have
> an idea of a concrete crypto protocol. What Libgcrypt provides are
> cryptographic building blocks and not protocol implementations.
yes, current draft http://tools.ietf.org/id/draft-jivsov-openpgp-ecc-04.txt
The algorithm makes a hash using a key derivation function (KDF, section 7)
using a counter, the x coordinate of the share point and a concatenation that
includes the receiver fingerprint:
Param = curve_OID_len || curve_OID || public_key_alg_ID ||
01 || KDF_hash_ID || AES_alg_ID for AESKeyWrap ||
"AnonymousSender" || recipient_fingerprint
I don't know how to find the last element of this concatenation.
Sooner or later this KDF has to live out of the ecc module like the aeswrap
does.
/Sergi.
More information about the Gcrypt-devel
mailing list