Update after fixing Add and Double
Jeffrey Walton
parent
64a6f53b65
commit
21518778c5
10
eccrypto.cpp
10
eccrypto.cpp
|
|
@ -28,6 +28,9 @@
|
||||||
#include "ec2n.h"
|
#include "ec2n.h"
|
||||||
#include "misc.h"
|
#include "misc.h"
|
||||||
|
|
||||||
|
#include <iostream>
|
||||||
|
#include <sstream>
|
||||||
|
|
||||||
// Squash MS LNK4221 and libtool warnings
|
// Squash MS LNK4221 and libtool warnings
|
||||||
#ifndef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
|
#ifndef CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES
|
||||||
extern const char ECCRYPTO_FNAME[] = __FILE__;
|
extern const char ECCRYPTO_FNAME[] = __FILE__;
|
||||||
|
|
@ -683,6 +686,13 @@ OID DL_GroupParameters_EC<EC>::GetAlgorithmID() const
|
||||||
return ASN1::id_ecPublicKey();
|
return ASN1::id_ecPublicKey();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::ostream& operator<<(std::ostream& os, const DL_GroupParameters_EC<ECP>::Element& obj)
|
||||||
|
{
|
||||||
|
std::ostringstream oss;
|
||||||
|
oss << "(" << std::hex << obj.x << ", " << std::hex << obj.y << ")";
|
||||||
|
return os << oss.str();
|
||||||
|
}
|
||||||
|
|
||||||
// ******************************************************************
|
// ******************************************************************
|
||||||
|
|
||||||
template <class EC>
|
template <class EC>
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,8 @@
|
||||||
#include "ecp.h"
|
#include "ecp.h"
|
||||||
#include "ec2n.h"
|
#include "ec2n.h"
|
||||||
|
|
||||||
|
#include <iosfwd>
|
||||||
|
|
||||||
#if CRYPTOPP_MSC_VERSION
|
#if CRYPTOPP_MSC_VERSION
|
||||||
# pragma warning(push)
|
# pragma warning(push)
|
||||||
# pragma warning(disable: 4231 4275)
|
# pragma warning(disable: 4231 4275)
|
||||||
|
|
@ -168,6 +170,8 @@ protected:
|
||||||
mutable bool m_compress, m_encodeAsOID; // presentation details
|
mutable bool m_compress, m_encodeAsOID; // presentation details
|
||||||
};
|
};
|
||||||
|
|
||||||
|
std::ostream& operator<<(std::ostream& os, const DL_GroupParameters_EC<ECP>::Element& obj);
|
||||||
|
|
||||||
/// \brief Elliptic Curve Discrete Log (DL) public key
|
/// \brief Elliptic Curve Discrete Log (DL) public key
|
||||||
/// \tparam EC elliptic curve field
|
/// \tparam EC elliptic curve field
|
||||||
template <class EC>
|
template <class EC>
|
||||||
|
|
|
||||||
36
fhmqv.h
36
fhmqv.h
|
|
@ -288,36 +288,18 @@ public:
|
||||||
bbs = StaticPublicKeyLength();
|
bbs = StaticPublicKeyLength();
|
||||||
}
|
}
|
||||||
|
|
||||||
// DecodeElement calls ValidateElement at level 1. Level 1 only calls
|
Element VV1 = params.DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
|
||||||
// VerifyPoint to ensure the element is in G*. If the other's PublicKey is
|
Element VV2 = params.DecodeElement(ephemeralOtherPublicKey, true);
|
||||||
// requested to be validated, we manually call ValidateElement at level 3.
|
|
||||||
Element VV1 = params.DecodeElement(staticOtherPublicKey, false);
|
|
||||||
if(!params.ValidateElement(validateStaticOtherPublicKey ? 3 : 1, VV1, NULLPTR))
|
|
||||||
{
|
|
||||||
CRYPTOPP_ASSERT(0);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// DecodeElement calls ValidateElement at level 1. Level 1 only calls
|
|
||||||
// VerifyPoint to ensure the element is in G*. Crank it up.
|
|
||||||
Element VV2 = params.DecodeElement(ephemeralOtherPublicKey, false);
|
|
||||||
if(!params.ValidateElement(3, VV2, NULLPTR))
|
|
||||||
{
|
|
||||||
CRYPTOPP_ASSERT(0);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
const Integer& q = params.GetSubgroupOrder();
|
const Integer& q = params.GetSubgroupOrder();
|
||||||
const unsigned int len /*bytes*/ = (((q.BitCount()+1)/2 +7)/8);
|
const unsigned int len /*bytes*/ = (((q.BitCount()+1)/2 +7)/8);
|
||||||
|
|
||||||
Integer d, e;
|
|
||||||
SecByteBlock dd(len), ee(len);
|
SecByteBlock dd(len), ee(len);
|
||||||
|
|
||||||
Hash(NULLPTR, XX, xxs, YY, yys, AA, aas, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
|
Hash(NULLPTR, XX, xxs, YY, yys, AA, aas, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
|
||||||
d.Decode(dd.BytePtr(), dd.SizeInBytes());
|
Integer d(dd.BytePtr(), dd.SizeInBytes());
|
||||||
|
|
||||||
Hash(NULLPTR, YY, yys, XX, xxs, AA, aas, BB, bbs, ee.BytePtr(), ee.SizeInBytes());
|
Hash(NULLPTR, YY, yys, XX, xxs, AA, aas, BB, bbs, ee.BytePtr(), ee.SizeInBytes());
|
||||||
e.Decode(ee.BytePtr(), ee.SizeInBytes());
|
Integer e(ee.BytePtr(), ee.SizeInBytes());
|
||||||
|
|
||||||
Element sigma;
|
Element sigma;
|
||||||
if(m_role == RoleServer)
|
if(m_role == RoleServer)
|
||||||
|
|
@ -372,11 +354,11 @@ protected:
|
||||||
|
|
||||||
if(sigma)
|
if(sigma)
|
||||||
{
|
{
|
||||||
//SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(false));
|
//Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
|
||||||
//GetAbstractGroupParameters().EncodeElement(false, *sigma, sbb);
|
//SecByteBlock sbb(x.MinEncodedSize());
|
||||||
Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
|
//x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
|
||||||
SecByteBlock sbb(x.MinEncodedSize());
|
SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(false));
|
||||||
x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
|
GetAbstractGroupParameters().EncodeElement(false, *sigma, sbb);
|
||||||
hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
|
hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
42
hmqv.h
42
hmqv.h
|
|
@ -287,38 +287,20 @@ public:
|
||||||
bbs = StaticPublicKeyLength();
|
bbs = StaticPublicKeyLength();
|
||||||
}
|
}
|
||||||
|
|
||||||
// DecodeElement calls ValidateElement at level 1. Level 1 only calls
|
Element VV1 = params.DecodeElement(staticOtherPublicKey, validateStaticOtherPublicKey);
|
||||||
// VerifyPoint to ensure the element is in G*. If the other's PublicKey is
|
Element VV2 = params.DecodeElement(ephemeralOtherPublicKey, true);
|
||||||
// requested to be validated, we manually call ValidateElement at level 3.
|
|
||||||
Element VV1 = params.DecodeElement(staticOtherPublicKey, false);
|
|
||||||
if(!params.ValidateElement(validateStaticOtherPublicKey ? 3 : 1, VV1, NULLPTR))
|
|
||||||
{
|
|
||||||
CRYPTOPP_ASSERT(0);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// DecodeElement calls ValidateElement at level 1. Level 1 only calls
|
|
||||||
// VerifyPoint to ensure the element is in G*. Crank it up.
|
|
||||||
Element VV2 = params.DecodeElement(ephemeralOtherPublicKey, false);
|
|
||||||
if(!params.ValidateElement(3, VV2, NULLPTR))
|
|
||||||
{
|
|
||||||
CRYPTOPP_ASSERT(0);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
const Integer& q = params.GetSubgroupOrder();
|
const Integer& q = params.GetSubgroupOrder();
|
||||||
const unsigned int len /*bytes*/ = (((q.BitCount()+1)/2 +7)/8);
|
const unsigned int len /*bytes*/ = (((q.BitCount()+1)/2 +7)/8);
|
||||||
|
|
||||||
Integer d, e;
|
|
||||||
SecByteBlock dd(len), ee(len);
|
SecByteBlock dd(len), ee(len);
|
||||||
|
|
||||||
// Compute $d = \hat{H}(X, \hat{B})$
|
// Compute $d = \hat{H}(X, \hat{B})$
|
||||||
Hash(NULLPTR, XX, xxs, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
|
Hash(NULLPTR, XX, xxs, BB, bbs, dd.BytePtr(), dd.SizeInBytes());
|
||||||
d.Decode(dd.BytePtr(), dd.SizeInBytes());
|
Integer d(dd.BytePtr(), dd.SizeInBytes());
|
||||||
|
|
||||||
// Compute $e = \hat{H}(Y, \hat{A})$
|
// Compute $e = \hat{H}(Y, \hat{A})$
|
||||||
Hash(NULLPTR, YY, yys, AA, aas, ee.BytePtr(), ee.SizeInBytes());
|
Hash(NULLPTR, YY, yys, AA, aas, ee.BytePtr(), ee.SizeInBytes());
|
||||||
e.Decode(ee.BytePtr(), ee.SizeInBytes());
|
Integer e(ee.BytePtr(), ee.SizeInBytes());
|
||||||
|
|
||||||
Element sigma;
|
Element sigma;
|
||||||
if(m_role == RoleServer)
|
if(m_role == RoleServer)
|
||||||
|
|
@ -345,11 +327,11 @@ public:
|
||||||
Element B = params.DecodeElement(BB, false);
|
Element B = params.DecodeElement(BB, false);
|
||||||
Element Y = params.DecodeElement(YY, false);
|
Element Y = params.DecodeElement(YY, false);
|
||||||
|
|
||||||
Element t1 = params.ExponentiateElement(B, e);
|
Element t3 = params.ExponentiateElement(B, e);
|
||||||
Element t2 = m_groupParameters.MultiplyElements(Y, t1);
|
Element t4 = m_groupParameters.MultiplyElements(Y, t3);
|
||||||
|
|
||||||
// $\sigma_A}=(Y \cdot B^{e})^{s_A}
|
// $\sigma_A}=(Y \cdot B^{e})^{s_A}
|
||||||
sigma = params.ExponentiateElement(t2, s_A);
|
sigma = params.ExponentiateElement(t4, s_A);
|
||||||
}
|
}
|
||||||
Hash(&sigma, NULLPTR, 0, NULLPTR, 0, agreedValue, AgreedValueLength());
|
Hash(&sigma, NULLPTR, 0, NULLPTR, 0, agreedValue, AgreedValueLength());
|
||||||
}
|
}
|
||||||
|
|
@ -379,11 +361,11 @@ protected:
|
||||||
if (e1len != 0 || s1len != 0) {
|
if (e1len != 0 || s1len != 0) {
|
||||||
CRYPTOPP_ASSERT(0);
|
CRYPTOPP_ASSERT(0);
|
||||||
}
|
}
|
||||||
//SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(false));
|
//Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
|
||||||
//GetAbstractGroupParameters().EncodeElement(false, *sigma, sbb);
|
//SecByteBlock sbb(x.MinEncodedSize());
|
||||||
Integer x = GetAbstractGroupParameters().ConvertElementToInteger(*sigma);
|
//x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
|
||||||
SecByteBlock sbb(x.MinEncodedSize());
|
SecByteBlock sbb(GetAbstractGroupParameters().GetEncodedElementSize(false));
|
||||||
x.Encode(sbb.BytePtr(), sbb.SizeInBytes());
|
GetAbstractGroupParameters().EncodeElement(false, *sigma, sbb);
|
||||||
hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
|
hash.Update(sbb.BytePtr(), sbb.SizeInBytes());
|
||||||
} else {
|
} else {
|
||||||
if (e1len == 0 || s1len == 0) {
|
if (e1len == 0 || s1len == 0) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue