本文整理汇总了C++中EC_POINT_new函数的典型用法代码示例。如果您正苦于以下问题:C++ EC_POINT_new函数的具体用法?C++ EC_POINT_new怎么用?C++ EC_POINT_new使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EC_POINT_new函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: compute_password_element
int compute_password_element(REQUEST *request, pwd_session_t *session, uint16_t grp_num,
char const *password, int password_len,
char const *id_server, int id_server_len,
char const *id_peer, int id_peer_len,
uint32_t *token)
{
BIGNUM *x_candidate = NULL, *rnd = NULL, *cofactor = NULL;
HMAC_CTX *hmac_ctx = NULL;
uint8_t pwe_digest[SHA256_DIGEST_LENGTH], *prf_buf = NULL, ctr;
int nid, is_odd, prime_bit_len, prime_byte_len, ret = 0;
switch (grp_num) { /* from IANA registry for IKE D-H groups */
case 19:
nid = NID_X9_62_prime256v1;
break;
case 20:
nid = NID_secp384r1;
break;
case 21:
nid = NID_secp521r1;
break;
case 25:
nid = NID_X9_62_prime192v1;
break;
case 26:
nid = NID_secp224r1;
break;
default:
REDEBUG("Unknown group %d", grp_num);
error:
ret = -1;
goto finish;
}
session->pwe = NULL;
session->order = NULL;
session->prime = NULL;
session->group = EC_GROUP_new_by_curve_name(nid);
if (!session->group) {
REDEBUG("Unable to create EC_GROUP");
goto error;
}
MEM(session->pwe = EC_POINT_new(session->group));
MEM(session->order = BN_new());
MEM(session->prime = BN_new());
MEM(rnd = BN_new());
MEM(cofactor = BN_new());
MEM(x_candidate = BN_new());
if (!EC_GROUP_get_curve_GFp(session->group, session->prime, NULL, NULL, NULL)) {
REDEBUG("Unable to get prime for GFp curve");
goto error;
}
if (!EC_GROUP_get_order(session->group, session->order, NULL)) {
REDEBUG("Unable to get order for curve");
goto error;
}
if (!EC_GROUP_get_cofactor(session->group, cofactor, NULL)) {
REDEBUG("unable to get cofactor for curve");
goto error;
}
prime_bit_len = BN_num_bits(session->prime);
prime_byte_len = BN_num_bytes(session->prime);
MEM(prf_buf = talloc_zero_array(session, uint8_t, prime_byte_len));
MEM(hmac_ctx = HMAC_CTX_new());
ctr = 0;
for (;;) {
if (ctr > 10) {
REDEBUG("Unable to find random point on curve for group %d, something's fishy", grp_num);
goto error;
}
ctr++;
/*
* compute counter-mode password value and stretch to prime
* pwd-seed = H(token | peer-id | server-id | password |
* counter)
*/
HMAC_Init_ex(hmac_ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
HMAC_Update(hmac_ctx, (uint8_t *)token, sizeof(*token));
HMAC_Update(hmac_ctx, (uint8_t const *)id_peer, id_peer_len);
HMAC_Update(hmac_ctx, (uint8_t const *)id_server, id_server_len);
HMAC_Update(hmac_ctx, (uint8_t const *)password, password_len);
HMAC_Update(hmac_ctx, (uint8_t *)&ctr, sizeof(ctr));
pwd_hmac_final(hmac_ctx, pwe_digest);
BN_bin2bn(pwe_digest, SHA256_DIGEST_LENGTH, rnd);
eap_pwd_kdf(pwe_digest, SHA256_DIGEST_LENGTH, "EAP-pwd Hunting And Pecking",
strlen("EAP-pwd Hunting And Pecking"), prf_buf, prime_bit_len);
//.........这里部分代码省略.........
示例2: eckey_priv_decode
static int
eckey_priv_decode(EVP_PKEY * pkey, PKCS8_PRIV_KEY_INFO * p8)
{
const unsigned char *p = NULL;
void *pval;
int ptype, pklen;
EC_KEY *eckey = NULL;
X509_ALGOR *palg;
if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
return 0;
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
eckey = eckey_type2param(ptype, pval);
if (!eckey)
goto ecliberr;
/* We have parameters now set private key */
if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
goto ecerr;
}
/* calculate public key (if necessary) */
if (EC_KEY_get0_public_key(eckey) == NULL) {
const BIGNUM *priv_key;
const EC_GROUP *group;
EC_POINT *pub_key;
/*
* the public key was not included in the SEC1 private key =>
* calculate the public key
*/
group = EC_KEY_get0_group(eckey);
pub_key = EC_POINT_new(group);
if (pub_key == NULL) {
ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
goto ecliberr;
}
if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
EC_POINT_free(pub_key);
ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
goto ecliberr;
}
priv_key = EC_KEY_get0_private_key(eckey);
if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) {
EC_POINT_free(pub_key);
ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
goto ecliberr;
}
if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
EC_POINT_free(pub_key);
ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
goto ecliberr;
}
EC_POINT_free(pub_key);
}
EVP_PKEY_assign_EC_KEY(pkey, eckey);
return 1;
ecliberr:
ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
ecerr:
if (eckey)
EC_KEY_free(eckey);
return 0;
}示例3: ECerr
EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
{
EC_EXTRA_DATA *d;
if (dest == NULL || src == NULL)
{
ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
/* copy the parameters */
if (src->group)
{
const EC_METHOD *meth = EC_GROUP_method_of(src->group);
/* clear the old group */
if (dest->group)
EC_GROUP_free(dest->group);
dest->group = EC_GROUP_new(meth);
if (dest->group == NULL)
return NULL;
if (!EC_GROUP_copy(dest->group, src->group))
return NULL;
}
/* copy the public key */
if (src->pub_key && src->group)
{
if (dest->pub_key)
EC_POINT_free(dest->pub_key);
dest->pub_key = EC_POINT_new(src->group);
if (dest->pub_key == NULL)
return NULL;
if (!EC_POINT_copy(dest->pub_key, src->pub_key))
return NULL;
}
/* copy the private key */
if (src->priv_key)
{
if (dest->priv_key == NULL)
{
dest->priv_key = BN_new();
if (dest->priv_key == NULL)
return NULL;
}
if (!BN_copy(dest->priv_key, src->priv_key))
return NULL;
}
/* copy method/extra data */
EC_EX_DATA_free_all_data(&dest->method_data);
for (d = src->method_data; d != NULL; d = d->next)
{
void *t = d->dup_func(d->data);
if (t == NULL)
return 0;
if (!EC_EX_DATA_set_data(&dest->method_data, t, d->dup_func, d->free_func, d->clear_free_func))
return 0;
}
/* copy the rest */
dest->enc_flag = src->enc_flag;
dest->nonce_from_hash_flag = src->nonce_from_hash_flag;
dest->conv_form = src->conv_form;
dest->version = src->version;
dest->flags = src->flags;
return dest;
}示例4: input_kex_ecdh_init
static int
input_kex_ecdh_init(int type, u_int32_t seq, void *ctxt)
{
struct ssh *ssh = ctxt;
struct kex *kex = ssh->kex;
EC_POINT *client_public;
EC_KEY *server_key = NULL;
const EC_GROUP *group;
const EC_POINT *public_key;
BIGNUM *shared_secret = NULL;
struct sshkey *server_host_private, *server_host_public;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf = NULL;
u_char hash[SSH_DIGEST_MAX_LENGTH];
size_t slen, sbloblen;
size_t klen = 0, hashlen;
int r;
if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if (EC_KEY_generate_key(server_key) != 1) {
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
group = EC_KEY_get0_group(server_key);
#ifdef DEBUG_KEXECDH
fputs("server private key:\n", stderr);
sshkey_dump_ec_key(server_key);
#endif
if (kex->load_host_public_key == NULL ||
kex->load_host_private_key == NULL) {
r = SSH_ERR_INVALID_ARGUMENT;
goto out;
}
server_host_public = kex->load_host_public_key(kex->hostkey_type,
kex->hostkey_nid, ssh);
server_host_private = kex->load_host_private_key(kex->hostkey_type,
kex->hostkey_nid, ssh);
if (server_host_public == NULL) {
r = SSH_ERR_NO_HOSTKEY_LOADED;
goto out;
}
if ((client_public = EC_POINT_new(group)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshpkt_get_ec(ssh, client_public, group)) != 0 ||
(r = sshpkt_get_end(ssh)) != 0)
goto out;
#ifdef DEBUG_KEXECDH
fputs("client public key:\n", stderr);
sshkey_dump_ec_point(group, client_public);
#endif
if (sshkey_ec_validate_public(group, client_public) != 0) {
sshpkt_disconnect(ssh, "invalid client public key");
r = SSH_ERR_MESSAGE_INCOMPLETE;
goto out;
}
/* Calculate shared_secret */
klen = (EC_GROUP_get_degree(group) + 7) / 8;
if ((kbuf = malloc(klen)) == NULL ||
(shared_secret = BN_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if (ECDH_compute_key(kbuf, klen, client_public,
server_key, NULL) != (int)klen ||
BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
#ifdef DEBUG_KEXECDH
dump_digest("shared secret", kbuf, klen);
#endif
/* calc H */
if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
&sbloblen)) != 0)
goto out;
hashlen = sizeof(hash);
if ((r = kex_ecdh_hash(
kex->hash_alg,
group,
kex->client_version_string,
kex->server_version_string,
sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
sshbuf_ptr(kex->my), sshbuf_len(kex->my),
server_host_key_blob, sbloblen,
client_public,
EC_KEY_get0_public_key(server_key),
shared_secret,
hash, &hashlen)) != 0)
goto out;
//.........这里部分代码省略.........
示例5: EC_GROUP_copy
int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
{
EC_EXTRA_DATA *d;
if (dest->meth->group_copy == 0)
{
ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (dest->meth != src->meth)
{
ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
if (dest == src)
return 1;
EC_EX_DATA_free_all_data(&dest->extra_data);
for (d = src->extra_data; d != NULL; d = d->next)
{
void *t = d->dup_func(d->data);
if (t == NULL)
return 0;
if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func, d->free_func, d->clear_free_func))
return 0;
}
if (src->generator != NULL)
{
if (dest->generator == NULL)
{
dest->generator = EC_POINT_new(dest);
if (dest->generator == NULL) return 0;
}
if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
}
else
{
/* src->generator == NULL */
if (dest->generator != NULL)
{
EC_POINT_clear_free(dest->generator);
dest->generator = NULL;
}
}
if (!BN_copy(&dest->order, &src->order)) return 0;
if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
dest->curve_name = src->curve_name;
dest->asn1_flag = src->asn1_flag;
dest->asn1_form = src->asn1_form;
if (src->seed)
{
if (dest->seed)
OPENSSL_free(dest->seed);
dest->seed = OPENSSL_malloc(src->seed_len);
if (dest->seed == NULL)
return 0;
if (!memcpy(dest->seed, src->seed, src->seed_len))
return 0;
dest->seed_len = src->seed_len;
}
else
{
if (dest->seed)
OPENSSL_free(dest->seed);
dest->seed = NULL;
dest->seed_len = 0;
}
return dest->meth->group_copy(dest, src);
}示例6: ecdh_cavs_kat
/*
* NIST SP800-56A co-factor ECDH tests.
* KATs taken from NIST documents with parameters:
*
* - (QCAVSx,QCAVSy) is the public key for CAVS.
* - dIUT is the private key for IUT.
* - (QIUTx,QIUTy) is the public key for IUT.
* - ZIUT is the shared secret KAT.
*
* CAVS: Cryptographic Algorithm Validation System
* IUT: Implementation Under Test
*
* This function tests two things:
*
* 1. dIUT * G = (QIUTx,QIUTy)
* i.e. public key for IUT computes correctly.
* 2. x-coord of cofactor * dIUT * (QCAVSx,QCAVSy) = ZIUT
* i.e. co-factor ECDH key computes correctly.
*
* returns zero on failure or unsupported curve. One otherwise.
*/
static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat)
{
int rv = 0, is_char_two = 0;
EC_KEY *key1 = NULL;
EC_POINT *pub = NULL;
const EC_GROUP *group = NULL;
BIGNUM *bnz = NULL, *x = NULL, *y = NULL;
unsigned char *Ztmp = NULL, *Z = NULL;
size_t Ztmplen, Zlen;
BIO_puts(out, "Testing ECC CDH Primitive SP800-56A with ");
BIO_puts(out, OBJ_nid2sn(kat->nid));
/* dIUT is IUT's private key */
if ((key1 = mk_eckey(kat->nid, kat->dIUT)) == NULL)
goto err;
/* these are cofactor ECDH KATs */
EC_KEY_set_flags(key1, EC_FLAG_COFACTOR_ECDH);
if ((group = EC_KEY_get0_group(key1)) == NULL)
goto err;
if ((pub = EC_POINT_new(group)) == NULL)
goto err;
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field)
is_char_two = 1;
/* (QIUTx, QIUTy) is IUT's public key */
if(!BN_hex2bn(&x, kat->QIUTx))
goto err;
if(!BN_hex2bn(&y, kat->QIUTy))
goto err;
if (is_char_two) {
#ifdef OPENSSL_NO_EC2M
goto err;
#else
if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL))
goto err;
#endif
}
else {
if (!EC_POINT_set_affine_coordinates_GFp(group, pub, x, y, NULL))
goto err;
}
/* dIUT * G = (QIUTx, QIUTy) should hold */
if (EC_POINT_cmp(group, EC_KEY_get0_public_key(key1), pub, NULL))
goto err;
/* (QCAVSx, QCAVSy) is CAVS's public key */
if(!BN_hex2bn(&x, kat->QCAVSx))
goto err;
if(!BN_hex2bn(&y, kat->QCAVSy))
goto err;
if (is_char_two) {
#ifdef OPENSSL_NO_EC2M
goto err;
#else
if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL))
goto err;
#endif
}
else {
if (!EC_POINT_set_affine_coordinates_GFp(group, pub, x, y, NULL))
goto err;
}
/* ZIUT is the shared secret */
if(!BN_hex2bn(&bnz, kat->ZIUT))
goto err;
Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7) / 8;
Zlen = BN_num_bytes(bnz);
if (Zlen > Ztmplen)
goto err;
if((Ztmp = OPENSSL_zalloc(Ztmplen)) == NULL)
goto err;
if((Z = OPENSSL_zalloc(Ztmplen)) == NULL)
goto err;
if(!BN_bn2binpad(bnz, Z, Ztmplen))
goto err;
if (!ECDH_compute_key(Ztmp, Ztmplen, pub, key1, 0))
//.........这里部分代码省略.........
示例7: LUA_FUNCTION
//.........这里部分代码省略.........
}
}
}
}
}
else if (strcasecmp(alg, "dh") == 0)
{
pkey = EVP_PKEY_new();
if (pkey)
{
DH *dh = DH_new();
if (dh)
{
OPENSSL_PKEY_SET_BN(-1, dh, p);
OPENSSL_PKEY_SET_BN(-1, dh, g);
OPENSSL_PKEY_SET_BN(-1, dh, priv_key);
OPENSSL_PKEY_SET_BN(-1, dh, pub_key);
if (dh->p && dh->g)
{
if (!dh->pub_key)
{
DH_generate_key(dh);
}
if (!EVP_PKEY_assign_DH(pkey, dh))
{
EVP_PKEY_free(pkey);
pkey = NULL;
}
}
}
}
}
else if (strcasecmp(alg, "ec") == 0)
{
BIGNUM *d = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BIGNUM *z = NULL;
EC_GROUP *group = NULL;
lua_getfield(L, -1, "ec_name");
lua_getfield(L, -2, "param_enc");
lua_getfield(L, -3, "conv_form");
group = openssl_get_ec_group(L, -3, -2, -1);
lua_pop(L, 3);
if (!group)
{
luaL_error(L, "get openssl.ec_group fail");
}
EC_GET_FIELD(d);
EC_GET_FIELD(x);
EC_GET_FIELD(y);
EC_GET_FIELD(z);
pkey = EVP_PKEY_new();
if (pkey)
{
EC_KEY *ec = EC_KEY_new();
if (ec)
{
EC_KEY_set_group(ec, group);
if (d)
EC_KEY_set_private_key(ec, d);
if (x != NULL && y != NULL)
{
EC_POINT *pnt = EC_POINT_new(group);
if (z == NULL)
EC_POINT_set_affine_coordinates_GFp(group, pnt, x, y, NULL);
else
EC_POINT_set_Jprojective_coordinates_GFp(group, pnt, x, y, z, NULL);
EC_KEY_set_public_key(ec, pnt);
}
if (!EVP_PKEY_assign_EC_KEY(pkey, ec))
{
EC_KEY_free(ec);
EVP_PKEY_free(pkey);
pkey = NULL;
}
if (d && !EC_KEY_check_key(ec))
{
EC_KEY_generate_key_part(ec);
}
}
}
}
}
if (pkey)
{
PUSH_OBJECT(pkey, "openssl.evp_pkey");
return 1;
}
return 0;
}示例8: ms_initParameterSets
/***************************************************************************//**
* Initialise the Mikey Sakke Parameter set storage. Presently there is only
* one set (1), defined in RFC 6509, Appendix A.
*
* @return A boolean indicating success or failure.
******************************************************************************/
short ms_initParameterSets() {
short ret_val = 1;
uint8_t c = 0;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
BN_CTX *bn_ctx = NULL;
if (!ms_parameter_sets_initialised) {
/* Clear out the storage structure */
memset(ms_parameter_sets, 0, sizeof(ms_parameter_sets));
/**********************************************************************/
/* Add Parameter Set 1 (the default) */
/* - these values are immutable and defined in RFC 6509, Appendix A.*/
/**********************************************************************/
ms_parameter_sets[c].iana_sakke_params = 1;
ms_parameter_sets[c].n = 128;
ms_parameter_sets[c].p = BN_new();
BN_hex2bn(&ms_parameter_sets[c].p, MIKEY_SAKKE_p);
ms_parameter_sets[c].q = BN_new();
BN_hex2bn(&ms_parameter_sets[c].q, MIKEY_SAKKE_q);
ms_parameter_sets[c].Px = BN_new();
BN_hex2bn(&ms_parameter_sets[c].Px, MIKEY_SAKKE_Px);
ms_parameter_sets[c].Py = BN_new();
BN_hex2bn(&ms_parameter_sets[c].Py, MIKEY_SAKKE_Py);
ms_parameter_sets[c].g = BN_new();
BN_hex2bn(&ms_parameter_sets[c].g, MIKEY_SAKKE_g);
ms_parameter_sets[c].data_set = ES_TRUE;
if ((NULL != ms_parameter_sets[c].Px) &&
(NULL != ms_parameter_sets[c].Py) &&
(NULL != ms_parameter_sets[c].p)) {
bn_ctx = BN_CTX_new();
a = BN_new();
b = BN_new();
/* Create a curve E */
BN_dec2bn(&a, "-3l"); /* Coefficient of 'x', see RFC 6508 Section
* 2.1 description of 'E'.
*/
BN_dec2bn(&b, "0");
ms_parameter_sets[c].E =
EC_GROUP_new_curve_GFp(ms_parameter_sets[c].p, a, b, bn_ctx);
if (NULL != ms_parameter_sets[c].E) {
ms_parameter_sets[c].P = EC_POINT_new(ms_parameter_sets[c].E);
if (EC_POINT_set_affine_coordinates_GFp(
ms_parameter_sets[c].E,
ms_parameter_sets[c].P,
ms_parameter_sets[c].Px,
ms_parameter_sets[c].Py, bn_ctx)) {
/* Indicate the MS parameter set(s) storage is initialised. */
ret_val = 0;
ms_parameter_sets_initialised = ES_TRUE;
ret_val = 0;
}
else {
ES_ERROR("%s:%s:%d - MS parameter initialisation, unable to create Point 'P'!",
__FILE__, __FUNCTION__, __LINE__);
}
}
else {
ES_ERROR("%s:%s:%d - MS parameter initialisation, unable to create curve 'E'!",
__FILE__, __FUNCTION__, __LINE__);
}
BN_CTX_free(bn_ctx);
BN_clear_free(a);
BN_clear_free(b);
bn_ctx = NULL;
a = NULL;
b = NULL;
}
/* Else just fall through and fail. */
/**********************************************************************/
/* !!!!! Add new Mikey Sakke parameter sets here. !!!!! */
/**********************************************************************/
/* increment c to add new set. */
}
else {
ES_ERROR("%s:%s:%d - MS parameter set already initialiased. Delete and reinitialise.",
__FILE__, __FUNCTION__, __LINE__);
/* Already initialised so return success. */
ret_val = 0;
//.........这里部分代码省略.........
示例9: EC_GROUP_copy
int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
{
if (dest->meth->group_copy == 0) {
ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (dest->meth != src->meth) {
ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
if (dest == src)
return 1;
/* Copy precomputed */
dest->pre_comp_type = src->pre_comp_type;
switch (src->pre_comp_type) {
case PCT_none:
dest->pre_comp.ec = NULL;
break;
case PCT_nistz256:
#ifdef ECP_NISTZ256_ASM
dest->pre_comp.nistz256 = EC_nistz256_pre_comp_dup(src->pre_comp.nistz256);
#endif
break;
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
case PCT_nistp224:
dest->pre_comp.nistp224 = EC_nistp224_pre_comp_dup(src->pre_comp.nistp224);
break;
case PCT_nistp256:
dest->pre_comp.nistp256 = EC_nistp256_pre_comp_dup(src->pre_comp.nistp256);
break;
case PCT_nistp521:
dest->pre_comp.nistp521 = EC_nistp521_pre_comp_dup(src->pre_comp.nistp521);
break;
#else
case PCT_nistp224:
case PCT_nistp256:
case PCT_nistp521:
break;
#endif
case PCT_ec:
dest->pre_comp.ec = EC_ec_pre_comp_dup(src->pre_comp.ec);
break;
}
if (src->mont_data != NULL) {
if (dest->mont_data == NULL) {
dest->mont_data = BN_MONT_CTX_new();
if (dest->mont_data == NULL)
return 0;
}
if (!BN_MONT_CTX_copy(dest->mont_data, src->mont_data))
return 0;
} else {
/* src->generator == NULL */
BN_MONT_CTX_free(dest->mont_data);
dest->mont_data = NULL;
}
if (src->generator != NULL) {
if (dest->generator == NULL) {
dest->generator = EC_POINT_new(dest);
if (dest->generator == NULL)
return 0;
}
if (!EC_POINT_copy(dest->generator, src->generator))
return 0;
} else {
/* src->generator == NULL */
EC_POINT_clear_free(dest->generator);
dest->generator = NULL;
}
if ((src->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) {
if (!BN_copy(dest->order, src->order))
return 0;
if (!BN_copy(dest->cofactor, src->cofactor))
return 0;
}
dest->curve_name = src->curve_name;
dest->asn1_flag = src->asn1_flag;
dest->asn1_form = src->asn1_form;
if (src->seed) {
OPENSSL_free(dest->seed);
dest->seed = OPENSSL_malloc(src->seed_len);
if (dest->seed == NULL)
return 0;
if (!memcpy(dest->seed, src->seed, src->seed_len))
return 0;
dest->seed_len = src->seed_len;
} else {
OPENSSL_free(dest->seed);
dest->seed = NULL;
dest->seed_len = 0;
}
return dest->meth->group_copy(dest, src);
}示例10: main
int main()
{
BIGNUM *x, *y, *exp, *m, *order, *cof;
BIGNUM t, store[30];
COMPLEX *a, *b, *r;
EC_POINT *point, *Q;
int i;
x = BN_new();
y = BN_new();
order = BN_new();
exp = BN_new();
m = BN_new();
a = COMP_new();
b = COMP_new();
r = COMP_new();
for( i = 0; i < 30; i++ )
BN_init( &(store[i]) );
if ( Context == NULL )
Context = BN_CTX_new();
bi_init( &malloc );
group = EC_GROUP_new( EC_GFp_simple_method() );
if ( group == NULL )
goto err;
if(!BN_set_word(m, 43l))
goto err;
BN_set_word(x, 1l);
BN_set_word(y, 0l);
if ( !EC_GROUP_set_curve_GFp( group, m, x, y, Context) )
goto err;
BN_set_word(x, 23l);
BN_set_word(y, 8l);
BN_set_word(order, 11l);
point = EC_POINT_new( group );
EC_POINT_set_affine_coordinates_GFp( group, point, x, y, Context );
cof = BN_new();
BN_set_word( cof, 4 );
EC_GROUP_set_generator( group, point, order, cof );
if ( EC_GROUP_check( group, Context ) )
printf(" group set is ok \n");
TSS_DAA_ISSUER_KEY issuer_key;
TSS_DAA_ISSUER_PROOF issuer_proof;
TSS_DAA_JOIN_issuer_setup(&issuer_key, &issuer_proof);
// printf("\n");
// BN_set_word(x, 41l);
// BN_mod_inverse(x, x, m, Context);
// BN_print_fp(stdout, x);
//
// printf("\n");
// BN_set_word(x, 11l);
// BN_mod_inverse(x, x, m, Context);
// BN_print_fp(stdout, x);
char *str = "abcdefghijklmnop";
Q = map_to_point( str );
BN_set_word(x, 23l);
BN_set_word(y, 8l);
BN_set_word(order, 11l);
Q = EC_POINT_new( group );
EC_POINT_set_affine_coordinates_GFp( group, Q, x, y, Context );
Tate( point, Q, order, 0, store, a );
printf("tate pair t(p, Q) =:\n a.x: ");
BN_print_fp(stdout, &a->x);
printf("\na.y: ");
BN_print_fp(stdout, &a->y);
EC_POINT_dbl( group, point, point, Context);
EC_POINT_get_affine_coordinates_GFp( group, point, x, y, Context);
printf("2A.x =:\n");
BN_print_fp(stdout, x);
printf("2P.y= :\n");
BN_print_fp(stdout, y);
Tate( point, Q, order, 0, store, a );
printf("tate pair t(2p, Q) =:\n a.x: ");
BN_print_fp(stdout, &a->x);
printf("\na.y: ");
BN_print_fp(stdout, &a->y);
BN_free( x );
BN_free( y );
BN_free( exp );
BN_free( m );
BN_free( order );
//.........这里部分代码省略.........
示例11: vg_thread_loop
void *
vg_thread_loop(void *arg)
{
unsigned char hash_buf[128];
unsigned char *eckey_buf;
unsigned char hash1[32];
int i, c, len, output_interval;
int hash_len;
const BN_ULONG rekey_max = 10000000;
BN_ULONG npoints, rekey_at, nbatch;
vg_context_t *vcp = (vg_context_t *) arg;
EC_KEY *pkey = NULL;
const EC_GROUP *pgroup;
const EC_POINT *pgen;
const int ptarraysize = 256;
EC_POINT *ppnt[ptarraysize];
EC_POINT *pbatchinc;
vg_test_func_t test_func = vcp->vc_test;
vg_exec_context_t ctx;
vg_exec_context_t *vxcp;
struct timeval tvstart;
memset(&ctx, 0, sizeof(ctx));
vxcp = &ctx;
vg_exec_context_init(vcp, &ctx);
pkey = vxcp->vxc_key;
pgroup = EC_KEY_get0_group(pkey);
pgen = EC_GROUP_get0_generator(pgroup);
for (i = 0; i < ptarraysize; i++) {
ppnt[i] = EC_POINT_new(pgroup);
if (!ppnt[i]) {
fprintf(stderr, "ERROR: out of memory?\n");
exit(1);
}
}
pbatchinc = EC_POINT_new(pgroup);
if (!pbatchinc) {
fprintf(stderr, "ERROR: out of memory?\n");
exit(1);
}
BN_set_word(&vxcp->vxc_bntmp, ptarraysize);
EC_POINT_mul(pgroup, pbatchinc, &vxcp->vxc_bntmp, NULL, NULL,
vxcp->vxc_bnctx);
EC_POINT_make_affine(pgroup, pbatchinc, vxcp->vxc_bnctx);
npoints = 0;
rekey_at = 0;
nbatch = 0;
vxcp->vxc_key = pkey;
vxcp->vxc_binres[0] = vcp->vc_addrtype;
c = 0;
output_interval = 1000;
gettimeofday(&tvstart, NULL);
if (vcp->vc_format == VCF_SCRIPT) {
hash_buf[ 0] = 0x51; // OP_1
hash_buf[ 1] = 0x41; // pubkey length
// gap for pubkey
hash_buf[67] = 0x51; // OP_1
hash_buf[68] = 0xae; // OP_CHECKMULTISIG
eckey_buf = hash_buf + 2;
hash_len = 69;
} else {
eckey_buf = hash_buf;
hash_len = 65;
}
while (!vcp->vc_halt) {
if (++npoints >= rekey_at) {
vg_exec_context_upgrade_lock(vxcp);
/* Generate a new random private key */
EC_KEY_generate_key(pkey);
npoints = 0;
/* Determine rekey interval */
EC_GROUP_get_order(pgroup, &vxcp->vxc_bntmp,
vxcp->vxc_bnctx);
BN_sub(&vxcp->vxc_bntmp2,
&vxcp->vxc_bntmp,
EC_KEY_get0_private_key(pkey));
rekey_at = BN_get_word(&vxcp->vxc_bntmp2);
if ((rekey_at == BN_MASK2) || (rekey_at > rekey_max))
rekey_at = rekey_max;
assert(rekey_at > 0);
EC_POINT_copy(ppnt[0], EC_KEY_get0_public_key(pkey));
vg_exec_context_downgrade_lock(vxcp);
npoints++;
//.........这里部分代码省略.........
示例12: eap_pwd_perform_commit_exchange
static struct wpabuf *
eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
struct eap_method_ret *ret,
const struct wpabuf *reqData,
const u8 *payload, size_t payload_len)
{
struct wpabuf *resp = NULL;
EC_POINT *K = NULL, *point = NULL;
BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL;
u16 offset;
u8 *ptr, *scalar = NULL, *element = NULL;
if (((data->private_value = BN_new()) == NULL) ||
((data->my_element = EC_POINT_new(data->grp->group)) == NULL) ||
((cofactor = BN_new()) == NULL) ||
((data->my_scalar = BN_new()) == NULL) ||
((mask = BN_new()) == NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): scalar allocation fail");
goto fin;
}
if (!EC_GROUP_get_cofactor(data->grp->group, cofactor, NULL)) {
wpa_printf(MSG_INFO, "EAP-pwd (peer): unable to get cofactor "
"for curve");
goto fin;
}
BN_rand_range(data->private_value, data->grp->order);
BN_rand_range(mask, data->grp->order);
BN_add(data->my_scalar, data->private_value, mask);
BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
data->bnctx);
if (!EC_POINT_mul(data->grp->group, data->my_element, NULL,
data->grp->pwe, mask, data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): element allocation "
"fail");
eap_pwd_state(data, FAILURE);
goto fin;
}
if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx))
{
wpa_printf(MSG_INFO, "EAP-PWD (peer): element inversion fail");
goto fin;
}
BN_free(mask);
if (((x = BN_new()) == NULL) ||
((y = BN_new()) == NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): point allocation fail");
goto fin;
}
/* process the request */
if (((data->server_scalar = BN_new()) == NULL) ||
((data->k = BN_new()) == NULL) ||
((K = EC_POINT_new(data->grp->group)) == NULL) ||
((point = EC_POINT_new(data->grp->group)) == NULL) ||
((data->server_element = EC_POINT_new(data->grp->group)) == NULL))
{
wpa_printf(MSG_INFO, "EAP-PWD (peer): peer data allocation "
"fail");
goto fin;
}
/* element, x then y, followed by scalar */
ptr = (u8 *) payload;
BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), x);
ptr += BN_num_bytes(data->grp->prime);
BN_bin2bn(ptr, BN_num_bytes(data->grp->prime), y);
ptr += BN_num_bytes(data->grp->prime);
BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->server_scalar);
if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group,
data->server_element, x, y,
data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): setting peer element "
"fail");
goto fin;
}
/* check to ensure server's element is not in a small sub-group */
if (BN_cmp(cofactor, BN_value_one())) {
if (!EC_POINT_mul(data->grp->group, point, NULL,
data->server_element, cofactor, NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply "
"server element by order!\n");
goto fin;
}
if (EC_POINT_is_at_infinity(data->grp->group, point)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): server element "
"is at infinity!\n");
goto fin;
}
}
/* compute the shared key, k */
if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe,
data->server_scalar, data->bnctx)) ||
(!EC_POINT_add(data->grp->group, K, K, data->server_element,
//.........这里部分代码省略.........
示例13: fill_GOST2001_params
/*
* Fills EC_KEY structure hidden in the app_data field of DSA structure
* with parameter information, extracted from parameter array in
* params.c file.
*
* Also fils DSA->q field with copy of EC_GROUP order field to make
* DSA_size function work
*/
int fill_GOST2001_params(EC_KEY *eckey, int nid)
{
R3410_2001_params *params = R3410_2001_paramset;
EC_GROUP *grp = NULL;
BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL;
EC_POINT *P = NULL;
BN_CTX *ctx = BN_CTX_new();
int ok = 0;
if (!ctx) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
goto err;
}
BN_CTX_start(ctx);
p = BN_CTX_get(ctx);
a = BN_CTX_get(ctx);
b = BN_CTX_get(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
q = BN_CTX_get(ctx);
if (!p || !a || !b || !x || !y || !q) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
goto err;
}
while (params->nid != NID_undef && params->nid != nid)
params++;
if (params->nid == NID_undef) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS,
GOST_R_UNSUPPORTED_PARAMETER_SET);
goto err;
}
if (!BN_hex2bn(&p, params->p)
|| !BN_hex2bn(&a, params->a)
|| !BN_hex2bn(&b, params->b)) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS,
ERR_R_INTERNAL_ERROR);
goto err;
}
grp = EC_GROUP_new_curve_GFp(p, a, b, ctx);
if (!grp) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
goto err;
}
P = EC_POINT_new(grp);
if (!P) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!BN_hex2bn(&x, params->x)
|| !BN_hex2bn(&y, params->y)
|| !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx)
|| !BN_hex2bn(&q, params->q)) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
goto err;
}
#ifdef DEBUG_KEYS
fprintf(stderr, "Set params index %d oid %s\nq=",
(params - R3410_2001_paramset), OBJ_nid2sn(params->nid));
BN_print_fp(stderr, q);
fprintf(stderr, "\n");
#endif
if (!EC_GROUP_set_generator(grp, P, q, NULL)) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
goto err;
}
EC_GROUP_set_curve_name(grp, params->nid);
if (!EC_KEY_set_group(eckey, grp)) {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
goto err;
}
ok = 1;
err:
EC_POINT_free(P);
EC_GROUP_free(grp);
if (ctx)
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ok;
}示例14: StealthSecret
//.........这里部分代码省略.........
{
printf("StealthSecret(): eQ EC_POINT_mul failed\n");
rv = 1;
goto End;
};
if (!(bnOutQ = EC_POINT_point2bn(ecgrp, Q, POINT_CONVERSION_COMPRESSED, BN_new(), bnCtx)))
{
printf("StealthSecret(): Q EC_POINT_bn2point failed\n");
rv = 1;
goto End;
};
vchOutQ.resize(ec_compressed_size);
if (BN_num_bytes(bnOutQ) != (int) ec_compressed_size
|| BN_bn2bin(bnOutQ, &vchOutQ[0]) != (int) ec_compressed_size)
{
printf("StealthSecret(): bnOutQ incorrect length.\n");
rv = 1;
goto End;
};
SHA256(&vchOutQ[0], vchOutQ.size(), &sharedSOut.e[0]);
if (!(bnc = BN_bin2bn(&sharedSOut.e[0], ec_secret_size, BN_new())))
{
printf("StealthSecret(): BN_bin2bn failed\n");
rv = 1;
goto End;
};
// -- cG
if (!(C = EC_POINT_new(ecgrp)))
{
printf("StealthSecret(): C EC_POINT_new failed\n");
rv = 1;
goto End;
};
if (!EC_POINT_mul(ecgrp, C, bnc, NULL, NULL, bnCtx))
{
printf("StealthSecret(): C EC_POINT_mul failed\n");
rv = 1;
goto End;
};
if (!(bnR = BN_bin2bn(&pkSpend[0], pkSpend.size(), BN_new())))
{
printf("StealthSecret(): bnR BN_bin2bn failed\n");
rv = 1;
goto End;
};
if (!(R = EC_POINT_bn2point(ecgrp, bnR, NULL, bnCtx)))
{
printf("StealthSecret(): R EC_POINT_bn2point failed\n");
rv = 1;
goto End;
};
if (!EC_POINT_mul(ecgrp, C, bnc, NULL, NULL, bnCtx))
{
printf("StealthSecret(): C EC_POINT_mul failed\n");
rv = 1;示例15: input_kex_ecdh_reply
static int
input_kex_ecdh_reply(int type, u_int32_t seq, void *ctxt)
{
struct ssh *ssh = ctxt;
struct kex *kex = ssh->kex;
const EC_GROUP *group;
EC_POINT *server_public = NULL;
EC_KEY *client_key;
BIGNUM *shared_secret = NULL;
struct sshkey *server_host_key = NULL;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf = NULL;
u_char hash[SSH_DIGEST_MAX_LENGTH];
size_t slen, sbloblen;
size_t klen = 0, hashlen;
int r;
if (kex->verify_host_key == NULL) {
r = SSH_ERR_INVALID_ARGUMENT;
goto out;
}
group = kex->ec_group;
client_key = kex->ec_client_key;
/* hostkey */
if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
&sbloblen)) != 0 ||
(r = sshkey_from_blob(server_host_key_blob, sbloblen,
&server_host_key)) != 0)
goto out;
if (server_host_key->type != kex->hostkey_type ||
(kex->hostkey_type == KEY_ECDSA &&
server_host_key->ecdsa_nid != kex->hostkey_nid)) {
r = SSH_ERR_KEY_TYPE_MISMATCH;
goto out;
}
if (kex->verify_host_key(server_host_key, ssh) == -1) {
r = SSH_ERR_SIGNATURE_INVALID;
goto out;
}
/* Q_S, server public key */
/* signed H */
if ((server_public = EC_POINT_new(group)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshpkt_get_ec(ssh, server_public, group)) != 0 ||
(r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
(r = sshpkt_get_end(ssh)) != 0)
goto out;
#ifdef DEBUG_KEXECDH
fputs("server public key:\n", stderr);
sshkey_dump_ec_point(group, server_public);
#endif
if (sshkey_ec_validate_public(group, server_public) != 0) {
sshpkt_disconnect(ssh, "invalid server public key");
r = SSH_ERR_MESSAGE_INCOMPLETE;
goto out;
}
klen = (EC_GROUP_get_degree(group) + 7) / 8;
if ((kbuf = malloc(klen)) == NULL ||
(shared_secret = BN_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if (ECDH_compute_key(kbuf, klen, server_public,
client_key, NULL) != (int)klen ||
BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
#ifdef DEBUG_KEXECDH
dump_digest("shared secret", kbuf, klen);
#endif
/* calc and verify H */
hashlen = sizeof(hash);
if ((r = kex_ecdh_hash(
kex->hash_alg,
group,
kex->client_version_string,
kex->server_version_string,
sshbuf_ptr(kex->my), sshbuf_len(kex->my),
sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
server_host_key_blob, sbloblen,
EC_KEY_get0_public_key(client_key),
server_public,
shared_secret,
hash, &hashlen)) != 0)
goto out;
if ((r = sshkey_verify(server_host_key, signature, slen, hash,
hashlen, ssh->compat)) != 0)
goto out;
/* save session id */
if (kex->session_id == NULL) {
//.........这里部分代码省略.........