ecc.c data structures
Sergi Blanch i Torné
sergi at calcurco.cat
Mon Dec 28 12:03:25 CET 2009
On Monday 28 December 2009 11:09:56 am Werner Koch wrote:
> With the draft you probably mean the OpenPGP ECC draft.
> This is not relevant for Libgcrypt. Libgcrypt has and should not have
> an idea of a concrete crypto protocol. What Libgcrypt provides are
> cryptographic building blocks and not protocol implementations.
yes, current draft http://tools.ietf.org/id/draft-jivsov-openpgp-ecc-04.txt
The algorithm makes a hash using a key derivation function (KDF, section 7)
using a counter, the x coordinate of the share point and a concatenation that
includes the receiver fingerprint:
Param = curve_OID_len || curve_OID || public_key_alg_ID ||
01 || KDF_hash_ID || AES_alg_ID for AESKeyWrap ||
"AnonymousSender" || recipient_fingerprint
I don't know how to find the last element of this concatenation.
Sooner or later this KDF has to live out of the ecc module like the aeswrap
More information about the Gcrypt-devel