wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ecc-keygen'

Browse Source
This commit is contained in:
toddouska
2015-08-27 10:32:21 -07:00
parent 3c614b5ba7 3814871f71
commit 1ee27f7a04
2 changed files with 21 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
wolfcrypt/src/ecc.c
View File

@@ -1661,7 +1661,7 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
byte* buf; byte* buf;
#else #else
byte buf[ECC_MAXSIZE]; byte buf[ECC_MAXSIZE_GEN];
#endif #endif
int keysize; int keysize;
int po_init = 0; /* prime order Init flag for clear */ int po_init = 0; /* prime order Init flag for clear */
@@ -1670,22 +1670,23 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL) if (buf == NULL)
return MEMORY_E; return MEMORY_E;
#endif #endif
key->idx = -1; key->idx = -1;
key->dp = dp; key->dp = dp;
keysize = dp->size;
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
keysize = dp->size + 8;
/* allocate ram */ /* allocate ram */
base = NULL; base = NULL;
/* make up random string */ /* make up random string */
err = wc_RNG_GenerateBlock(rng, buf, keysize); err = wc_RNG_GenerateBlock(rng, buf, keysize);
if (err == 0)
buf[0] |= 0x0c;
/* setup the key variables */ /* setup the key variables */
if (err == 0) { if (err == 0) {
@@ -1728,6 +1729,12 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_read_unsigned_bin(&key->k, (byte*)buf, keysize); err = mp_read_unsigned_bin(&key->k, (byte*)buf, keysize);
/* quick sanity check to make sure we're not dealing with a 0 key */
if (err == MP_OKAY) {
if (MP_YES == mp_iszero(&key->k))
err = MP_ZERO_E;
}
/* the key should be smaller than the order of base point */ /* the key should be smaller than the order of base point */
if (err == MP_OKAY) { if (err == MP_OKAY) {
if (mp_cmp(&key->k, &order) != MP_LT) if (mp_cmp(&key->k, &order) != MP_LT)

17
wolfssl/wolfcrypt/ecc.h
View File

@@ -34,19 +34,20 @@
#endif #endif
enum { enum {
ECC_PUBLICKEY = 1, ECC_PUBLICKEY = 1,
ECC_PRIVATEKEY = 2, ECC_PRIVATEKEY = 2,
ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */
SIG_HEADER_SZ = 6, /* ECC signature header size */ SIG_HEADER_SZ = 6, /* ECC signature header size */
ECC_BUFSIZE = 256, /* for exported keys temp buffer */ ECC_BUFSIZE = 256, /* for exported keys temp buffer */
ECC_MINSIZE = 20, /* MIN Private Key size */ ECC_MINSIZE = 20, /* MIN Private Key size */
ECC_MAXSIZE = 66 /* MAX Private Key size */ ECC_MAXSIZE = 66, /* MAX Private Key size */
ECC_MAXSIZE_GEN = 74 /* MAX Buffer size required when generating ECC keys*/
}; };
/* ECC set type defined a NIST GF(p) curve */ /* ECC set type defined a NIST GF(p) curve */
typedef struct { typedef struct {
int size; /* The size of the curve in octets */ int size; /* The size of the curve in octets */
int nid; /* id of this curve */ int nid; /* id of this curve */
const char* name; /* name of this curve */ const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */ const char* prime; /* prime that defines the field, curve is in (hex) */