7 /* Forward reference from sshecc.c */
8 struct ec_point *ecp_mul(const struct ec_point *a, const Bignum b);
10 int ec_generate(struct ec_key *key, int bits, progfn_t pfn,
13 struct ec_point *publicKey;
16 key->publicKey.curve = ec_p256();
17 } else if (bits == 384) {
18 key->publicKey.curve = ec_p384();
19 } else if (bits == 521) {
20 key->publicKey.curve = ec_p521();
25 key->privateKey = bignum_random_in_range(One, key->publicKey.curve->w.n);
26 if (!key->privateKey) return 0;
28 publicKey = ec_public(key->privateKey, key->publicKey.curve);
30 freebn(key->privateKey);
31 key->privateKey = NULL;
35 key->publicKey.x = publicKey->x;
36 key->publicKey.y = publicKey->y;
37 key->publicKey.z = NULL;
43 int ec_edgenerate(struct ec_key *key, int bits, progfn_t pfn,
46 struct ec_point *publicKey;
49 key->publicKey.curve = ec_ed25519();
55 /* EdDSA secret keys are just 32 bytes of hash preimage; the
56 * 64-byte SHA-512 hash of that key will be used when signing,
57 * but the form of the key stored on disk is the preimage
59 Bignum privMax = bn_power_2(bits);
60 if (!privMax) return 0;
61 key->privateKey = bignum_random_in_range(Zero, privMax);
63 if (!key->privateKey) return 0;
66 publicKey = ec_public(key->privateKey, key->publicKey.curve);
68 freebn(key->privateKey);
69 key->privateKey = NULL;
73 key->publicKey.x = publicKey->x;
74 key->publicKey.y = publicKey->y;
75 key->publicKey.z = NULL;