X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=sshecdsag.c;h=83eeeb0339f2770793eb82ccdc89404b3ec227f9;hb=510f49e405e71ba5c97875e7a019364e1ef5fac9;hp=049967d6acb5972576b6c46ee4c63902a943ad49;hpb=d23c0972cd850c77871f9a314e0520d7023c8b62;p=PuTTY.git diff --git a/sshecdsag.c b/sshecdsag.c index 049967d6..83eeeb03 100644 --- a/sshecdsag.c +++ b/sshecdsag.c @@ -12,20 +12,50 @@ int ec_generate(struct ec_key *key, int bits, progfn_t pfn, { struct ec_point *publicKey; - if (bits == 256) { - key->publicKey.curve = ec_p256(); - } else if (bits == 384) { - key->publicKey.curve = ec_p384(); - } else if (bits == 521) { - key->publicKey.curve = ec_p521(); - } else { + if (!ec_nist_alg_and_curve_by_bits(bits, &key->publicKey.curve, + &key->signalg)) return 0; - } - key->privateKey = bignum_random_in_range(One, key->publicKey.curve->n); + key->privateKey = bignum_random_in_range(One, key->publicKey.curve->w.n); if (!key->privateKey) return 0; - publicKey = ecp_mul(&key->publicKey.curve->G, key->privateKey); + publicKey = ec_public(key->privateKey, key->publicKey.curve); + if (!publicKey) { + freebn(key->privateKey); + key->privateKey = NULL; + return 0; + } + + key->publicKey.x = publicKey->x; + key->publicKey.y = publicKey->y; + key->publicKey.z = NULL; + sfree(publicKey); + + return 1; +} + +int ec_edgenerate(struct ec_key *key, int bits, progfn_t pfn, + void *pfnparam) +{ + struct ec_point *publicKey; + + if (!ec_ed_alg_and_curve_by_bits(bits, &key->publicKey.curve, + &key->signalg)) + return 0; + + { + /* EdDSA secret keys are just 32 bytes of hash preimage; the + * 64-byte SHA-512 hash of that key will be used when signing, + * but the form of the key stored on disk is the preimage + * only. */ + Bignum privMax = bn_power_2(bits); + if (!privMax) return 0; + key->privateKey = bignum_random_in_range(Zero, privMax); + freebn(privMax); + if (!key->privateKey) return 0; + } + + publicKey = ec_public(key->privateKey, key->publicKey.curve); if (!publicKey) { freebn(key->privateKey); key->privateKey = NULL;