[svn] gcry - r1234 - in trunk: cipher doc

svn author wk cvs at cvs.gnupg.org
Fri Apr 20 12:52:31 CEST 2007


Author: wk
Date: 2007-04-20 12:52:30 +0200 (Fri, 20 Apr 2007)
New Revision: 1234

Modified:
   trunk/cipher/ChangeLog
   trunk/cipher/ecc.c
   trunk/cipher/pubkey.c
   trunk/doc/gcrypt.texi
Log:
Support more curves.


Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2007-04-18 12:59:00 UTC (rev 1233)
+++ trunk/cipher/ChangeLog	2007-04-20 10:52:30 UTC (rev 1234)
@@ -1,3 +1,7 @@
+2007-04-20  Werner Koch  <wk at g10code.com>
+
+	* ecc.c (domain_parms): Add standard brainpool curves.
+
 2007-04-18  Werner Koch  <wk at g10code.com>
 
 	* ecc.c (generate_curve): Implement alias mechanism.

Modified: trunk/cipher/ecc.c
===================================================================
--- trunk/cipher/ecc.c	2007-04-18 12:59:00 UTC (rev 1233)
+++ trunk/cipher/ecc.c	2007-04-20 10:52:30 UTC (rev 1234)
@@ -98,15 +98,26 @@
     { "NIST P-192", "secp192r1"  },          /* SECP name.  */
 
     { "NIST P-224", "secp224r1" },
+    { "NIST P-224", "1.3.132.0.33" },        /* SECP OID.  */
 
     { "NIST P-256", "1.2.840.10045.3.1.7" }, 
     { "NIST P-256", "prime256v1" },          
     { "NIST P-256", "secp256r1"  },          
 
     { "NIST P-384", "secp384r1" },
+    { "NIST P-384", "1.3.132.0.34" },       
 
     { "NIST P-521", "secp521r1" },
+    { "NIST P-521", "1.3.132.0.35" },
 
+    { "brainpoolP160r1", "1.3.36.3.3.2.8.1.1.1" },
+    { "brainpoolP192r1", "1.3.36.3.3.2.8.1.1.3" },
+    { "brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5" },
+    { "brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7" },
+    { "brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9" },
+    { "brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11"},
+    { "brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13"},
+
     { NULL, NULL}
   };
 
@@ -123,16 +134,6 @@
   const char *g_x, *g_y;      /* Base point.  */
 } domain_parms[] =
   {
-    { "secp160r1", 160,
-      "0x",
-      "0x",
-      "0x",
-      "0x",
-
-      "0x",
-      "0x"
-    }, 
-
     {
       "NIST P-192", 192,
       "0xfffffffffffffffffffffffffffffffeffffffffffffffff",
@@ -195,6 +196,88 @@
       "0x11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e6"
       "62c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"
     },
+
+    { "brainpoolP160r1", 160,
+      "0xe95e4a5f737059dc60dfc7ad95b3d8139515620f",
+      "0x340e7be2a280eb74e2be61bada745d97e8f7c300",
+      "0x1e589a8595423412134faa2dbdec95c8d8675e58",
+      "0xe95e4a5f737059dc60df5991d45029409e60fc09",
+      "0xbed5af16ea3f6a4f62938c4631eb5af7bdbcdbc3",
+      "0x1667cb477a1a8ec338f94741669c976316da6321"
+    },
+
+    { "brainpoolP192r1", 192,
+      "0xc302f41d932a36cda7a3463093d18db78fce476de1a86297",
+      "0x6a91174076b1e0e19c39c031fe8685c1cae040e5c69a28ef",
+      "0x469a28ef7c28cca3dc721d044f4496bcca7ef4146fbf25c9",
+      "0xc302f41d932a36cda7a3462f9e9e916b5be8f1029ac4acc1",
+      "0xc0a0647eaab6a48753b033c56cb0f0900a2f5c4853375fd6",
+      "0x14b690866abd5bb88b5f4828c1490002e6773fa2fa299b8f"
+    },
+
+    { "brainpoolP224r1", 224,
+      "0xd7c134aa264366862a18302575d1d787b09f075797da89f57ec8c0ff",
+      "0x68a5e62ca9ce6c1c299803a6c1530b514e182ad8b0042a59cad29f43",
+      "0x2580f63ccfe44138870713b1a92369e33e2135d266dbb372386c400b",
+      "0xd7c134aa264366862a18302575d0fb98d116bc4b6ddebca3a5a7939f",
+      "0x0d9029ad2c7e5cf4340823b2a87dc68c9e4ce3174c1e6efdee12c07d",
+      "0x58aa56f772c0726f24c6b89e4ecdac24354b9e99caa3f6d3761402cd"
+    },
+
+    { "brainpoolP256r1", 256, 
+      "0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377",
+      "0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9",
+      "0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6",
+      "0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7",
+      "0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262",
+      "0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997"
+    },
+
+    { "brainpoolP320r1", 320, 
+      "0xd35e472036bc4fb7e13c785ed201e065f98fcfa6f6f40def4f92b9ec7893ec28"
+      "fcd412b1f1b32e27",
+      "0x3ee30b568fbab0f883ccebd46d3f3bb8a2a73513f5eb79da66190eb085ffa9f4"
+      "92f375a97d860eb4",
+      "0x520883949dfdbc42d3ad198640688a6fe13f41349554b49acc31dccd88453981"
+      "6f5eb4ac8fb1f1a6",
+      "0xd35e472036bc4fb7e13c785ed201e065f98fcfa5b68f12a32d482ec7ee8658e9"
+      "8691555b44c59311",
+      "0x43bd7e9afb53d8b85289bcc48ee5bfe6f20137d10a087eb6e7871e2a10a599c7"
+      "10af8d0d39e20611",
+      "0x14fdd05545ec1cc8ab4093247f77275e0743ffed117182eaa9c77877aaac6ac7"
+      "d35245d1692e8ee1"
+    },
+
+    { "brainpoolP384r1", 384, 
+      "0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123"
+      "acd3a729901d1a71874700133107ec53",
+      "0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f"
+      "8aa5814a503ad4eb04a8c7dd22ce2826",
+      "0x04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d5"
+      "7cb4390295dbc9943ab78696fa504c11",
+      "0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7"
+      "cf3ab6af6b7fc3103b883202e9046565",
+      "0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8"
+      "e826e03436d646aaef87b2e247d4af1e",
+      "0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff9912928"
+      "0e4646217791811142820341263c5315"
+    },
+
+    { "brainpoolP512r1", 512,
+      "0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330871"
+      "7d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3",
+      "0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc"
+      "2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca",
+      "0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a7"
+      "2bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723",
+      "0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870"
+      "553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069",
+      "0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098e"
+      "ff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822",
+      "0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111"
+      "b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892"
+    },
+
     { NULL, 0, NULL, NULL, NULL, NULL }
   };
 

Modified: trunk/cipher/pubkey.c
===================================================================
--- trunk/cipher/pubkey.c	2007-04-18 12:59:00 UTC (rev 1233)
+++ trunk/cipher/pubkey.c	2007-04-20 10:52:30 UTC (rev 1234)
@@ -2278,7 +2278,7 @@
    Get the number of nbits from the public key.
 
    Hmmm: Should we have really this function or is it better to have a
-   more general function to retrieve different propoerties of the key?  */
+   more general function to retrieve different properties of the key?  */
 unsigned int
 gcry_pk_get_nbits (gcry_sexp_t key)
 {

Modified: trunk/doc/gcrypt.texi
===================================================================
--- trunk/doc/gcrypt.texi	2007-04-18 12:59:00 UTC (rev 1233)
+++ trunk/doc/gcrypt.texi	2007-04-20 10:52:30 UTC (rev 1234)
@@ -2137,7 +2137,7 @@
 @end table
 
 @noindent
-To describe how Libgcrypt expect keys, we use some examples. Note that
+To describe how Libgcrypt expect keys, we use examples. Note that
 words in
 @ifnottex
 uppercase
@@ -2147,8 +2147,70 @@
 @end iftex
 indicate parameters whereas lowercase words are literals.
 
+Note that all MPI (big integer) values are expected to be in
+ at code{GCRYMPI_FMT_USG} format.  An easy way to create S-expressions is
+by using @code{gcry_sexp_build} which allows to pass a string with
+printf-like escapes to insert MPI values.
+
+ at menu
+* RSA key parameters::  Parameters used with an RSA key.
+* DSA key parameters::  Parameters used with a DSA key.
+* ECC key parameters::  Parameters used with ECC keys.
+ at end menu
+
+ at node RSA key parameters
+ at subsection RSA key parameters
+
+ at noindent
+An RSA private key is described by this S-expression:
+
 @example
 (private-key
+  (rsa
+    (n @var{n-mpi})
+    (e @var{e-mpi})
+    (d @var{d-mpi})
+    (p @var{p-mpi})
+    (q @var{q-mpi})
+    (u @var{u-mpi})))
+ at end example
+
+ at noindent
+An RSA public key is described by this S-expression:
+
+ at example
+(public-key
+  (rsa
+    (n @var{n-mpi})
+    (e @var{e-mpi})))
+ at end example
+
+
+ at table @var
+ at item n-mpi
+RSA public modulus @math{n}.
+ at item e-mpi
+RSA public exponent @math{e}.
+ at item d-mpi
+RSA secret exponent @math{d = e^{-1} \bmod (p-1)(q-1)}.
+ at item p-mpi
+RSA secret prime @math{p}.
+ at item q-mpi
+RSA secret prime @math{q} with @math{q > p}.
+ at item u-mpi
+multiplicative inverse @math{u = p^{-1} \bmod q}.
+ at end table
+
+
+
+ at node DSA key parameters
+ at subsection DSA key parameters
+
+ at noindent
+A DSA private key is described by this S-expression:
+
+ at example
+(private-key
   (dsa
     (p @var{p-mpi})
     (q @var{q-mpi})
@@ -2157,9 +2219,6 @@
     (x @var{x-mpi})))
 @end example
 
- at noindent
-This specifies a DSA private key with the following parameters:
-
 @table @var
 @item p-mpi
 DSA prime @math{p}.
@@ -2173,46 +2232,98 @@
 DSA secret exponent x.
 @end table
 
-All the MPI values are  expected to be in @code{GCRYMPI_FMT_USG} format.
 The public key is similar with "private-key" replaced by "public-key"
 and no @var{x-mpi}.
 
-An easy way to create such an S-expressions is by using
- at code{gcry_sexp_build} which allows to pass a string with printf-like
-escapes to insert MPI values.
 
+ at node ECC key parameters
+ at subsection ECC key parameters
+
 @noindent
-Here is an example for an RSA key:
+An ECC private key is described by this S-expression:
 
 @example
 (private-key
-  (rsa
+  (ecc
+    (p @var{p-mpi})
+    (a @var{a-mpi})
+    (b @var{b-mpi})
+    (g @var{g-point})
     (n @var{n-mpi})
-    (e @var{e-mpi})
-    (d @var{d-mpi})
-    (p @var{p-mpi})
-    (q @var{q-mpi})
-    (u @var{u-mpi})
+    (q @var{q-point})
+    (d @var{d-mpi})))
 @end example
 
- at noindent
-with
-
 @table @var
+ at item p-mpi
+Prime specifying the field @math{GF(p)}.
+ at item a-mpi
+ at itemx b-mpi
+The two coefficients of the Weierstrass equation @math{y^2 = x^3 + ax + b}
+ at item g-point
+Base point @math{g}.
 @item n-mpi
-RSA public modulus @math{n}.
- at item e-mpi
-RSA public exponent @math{e}.
+Order of @math{g}
+ at item q-point
+The point representing the public key @math{Q = dP}.
 @item d-mpi
-RSA secret exponent @math{d = e^{-1} \bmod (p-1)(q-1)}.
- at item p-mpi
-RSA secret prime @math{p}.
- at item q-mpi
-RSA secret prime @math{q} with @math{q > p}.
- at item u-mpi
-multiplicative inverse @math{u = p^{-1} \bmod q}.
+The private key @math{d}
 @end table
 
+All point values are encoded in standard format; Libgcrypt does
+currently only support uncompressed points, thus the first byte needs to
+be @code{0x04}.
+
+The public key is similar with "private-key" replaced by "public-key"
+and no @var{d-mpi}.
+
+If the domain parameters are well-known, the name of this curve may be
+used.  For example
+
+ at example
+(private-key
+  (ecc
+    (curve "NIST P-192")
+    (q @var{q-point})
+    (d @var{d-mpi})))
+ at end example
+
+The @code{curve} parameter may be given in any case and is used to replace
+missing parameters.
+
+ at noindent
+Currently implemented curves are:
+ at table @code
+ at item NIST P-192
+ at itemx 1.2.840.10045.3.1.1
+ at itemx prime192v1
+ at itemx secp192r1
+The NIST 192 bit curve, its OID, X9.62 and SECP aliases.
+
+ at item NIST P-224
+ at itemx secp224r1
+The NIST 224 bit curve and its SECP alias.
+
+ at item NIST P-256
+ at itemx 1.2.840.10045.3.1.7
+ at itemx prime256v1
+ at itemx secp256r1
+The NIST 256 bit curve, its OID, X9.62 and SECP aliases.
+
+ at item NIST P-384
+ at itemx secp384r1
+The NIST 384 bit curve and its SECP alias.
+
+ at item NIST P-521
+ at itemx secp521r1
+The NIST 521 bit curve and its SECP alias.
+
+ at end table
+As usual the OIDs may optionally be prefixed with the string @code{OID.}
+or @code{oid.}.
+
+
+
 @node Public key modules
 @section Public key modules
 
@@ -2729,6 +2840,13 @@
 is a string with a number in C-notation.  The value should be a multiple
 of 8.
 
+ at item curve @var{name}
+For ECC a named curve may be used instead of giving the number of
+requested bits.  This allows to request a specific curve to override a
+default selection Libgcrypt would have taken if @code{nbits} has been
+given.  The available names are listed with the description of the ECC
+public key parameters.
+
 @item rsa-use-e
 This is only used with RSA to give a hint for the public exponent. The
 value will be used as a base to test for a usable exponent. Some values
@@ -2761,7 +2879,7 @@
 Q = 256
 @item N = 7680
 Q = 384
-w at item N = 15360
+ at item N = 15360
 Q = 512
 @end table
 Note that in this case only the values for N, as given in the table,




More information about the Gnupg-commits mailing list