* Handbook of elliptic and hyperelliptic curve cryptography, Chapter 13
* http://cs.ucsb.edu/~koc/ccs130h/2013/EllipticHyperelliptic-CohenFrey.pdf
*
+ * Curve25519 spec from libssh (with reference to other things in the
+ * libssh code):
+ * https://git.libssh.org/users/aris/libssh.git/tree/doc/curve25519-sha256@libssh.org.txt
+ *
* Edwards DSA:
* http://ed25519.cr.yp.to/ed25519-20110926.pdf
*/
/* Read x bit and then reset it */
negative = bignum_bit(point->y, point->curve->fieldBits - 1);
bignum_set_bit(point->y, point->curve->fieldBits - 1, 0);
+ bn_restore_invariant(point->y);
/* Get the x from the y */
point->x = ecp_edx(point->curve, point->y);
/* Curve name is duplicated for Weierstrass form */
if (curve->type == EC_WEIERSTRASS) {
getstring(&data, &len, &p, &slen);
+ if (!p) return NULL;
if (!match_ssh_id(slen, p, curve->name)) return NULL;
}
ec->publicKey.x = NULL;
ec->publicKey.y = NULL;
ec->publicKey.z = NULL;
+ ec->privateKey = NULL;
if (!getmppoint(&data, &len, &ec->publicKey)) {
ecdsa_freekey(ec);
return NULL;
}
- ec->privateKey = NULL;
if (!ec->publicKey.x || !ec->publicKey.y ||
bignum_cmp(ec->publicKey.x, curve->p) >= 0 ||
}
getstring((const char**)blob, len, &q, &qlen);
- if (!q)
- return NULL;
- if (qlen != 64)
+ if (!q || qlen != 64) {
+ ecdsa_freekey(ec);
return NULL;
+ }
ec->privateKey = bignum_from_bytes_le((const unsigned char *)q, 32);
}
getstring(&sig, &siglen, &p, &slen);
+ if (!p) return 0;
if (ec->publicKey.curve->type == EC_EDWARDS) {
struct ec_point *r;
Bignum s, h;
bytes[0] &= 248;
bytes[31] &= 127;
bytes[31] |= 64;
- key->privateKey = bignum_from_bytes(bytes, sizeof(bytes));
- for (i = 0; i < sizeof(bytes); ++i)
- {
- ((volatile char*)bytes)[i] = 0;
- }
+ key->privateKey = bignum_from_bytes_le(bytes, sizeof(bytes));
+ smemclr(bytes, sizeof(bytes));
if (!key->privateKey) {
sfree(key);
return NULL;
return extra->oid;
}
-const int ec_nist_alg_and_curve_by_bits(int bits,
- const struct ec_curve **curve,
- const struct ssh_signkey **alg)
+const int ec_nist_curve_lengths[] = { 256, 384, 521 };
+const int n_ec_nist_curve_lengths = lenof(ec_nist_curve_lengths);
+
+int ec_nist_alg_and_curve_by_bits(int bits,
+ const struct ec_curve **curve,
+ const struct ssh_signkey **alg)
{
switch (bits) {
case 256: *alg = &ssh_ecdsa_nistp256; break;
return TRUE;
}
-const int ec_ed_alg_and_curve_by_bits(int bits,
- const struct ec_curve **curve,
- const struct ssh_signkey **alg)
+int ec_ed_alg_and_curve_by_bits(int bits,
+ const struct ec_curve **curve,
+ const struct ssh_signkey **alg)
{
switch (bits) {
case 256: *alg = &ssh_ecdsa_ed25519; break;
projects / PuTTY.git / blobdiff