ecc.c data structures

Sergi Blanch i Torné sergi at
Mon Dec 28 12:03:25 CET 2009

On Monday 28 December 2009 11:09:56 am Werner Koch wrote:
> With the draft you probably mean the OpenPGP ECC draft.
> This is not relevant for Libgcrypt.  Libgcrypt has and should not have
> an idea of a concrete crypto protocol.  What Libgcrypt provides are
> cryptographic building blocks and not protocol implementations.

yes, current draft

The algorithm makes a hash using a key derivation function (KDF, section 7) 
using a counter, the x coordinate of the share point and a concatenation that 
includes the receiver fingerprint:
Param = curve_OID_len || curve_OID || public_key_alg_ID ||
           01 || KDF_hash_ID || AES_alg_ID for AESKeyWrap ||
          "AnonymousSender" || recipient_fingerprint

I don't know how to find the last element of this concatenation.

Sooner or later this KDF has to live out of the ecc module like the aeswrap 


More information about the Gcrypt-devel mailing list