diff options
| author | miod <> | 2014-05-01 11:29:18 +0000 |
|---|---|---|
| committer | miod <> | 2014-05-01 11:29:18 +0000 |
| commit | 9200af331902481ff4dd25e2d6670035e5f42472 (patch) | |
| tree | f108f3d039d9bca9110b834a40913a6167263c52 | |
| parent | 9dd0367cf85a93773fcf58bec09bb287c3249477 (diff) | |
| download | openbsd-9200af331902481ff4dd25e2d6670035e5f42472.tar.gz openbsd-9200af331902481ff4dd25e2d6670035e5f42472.tar.bz2 openbsd-9200af331902481ff4dd25e2d6670035e5f42472.zip | |
Add support for the french ANSSI FRP256v1 elliptic curve.
While not to be considered a good choice of elliptic curve (refer to
http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a
good decision to allow developers with requirements to use such a curve,
to be able to do this via a crypto library allowing for much better choices
to be made, without having to change (much of) their code to get better crypto.
ok beck@ deraadt@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_curve.c | 34 | ||||
| -rw-r--r-- | src/lib/libcrypto/objects/objects.txt | 2 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/ec/ec_curve.c | 34 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/objects/objects.txt | 2 |
4 files changed, 70 insertions, 2 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c index 372a533615..23bc3ab94e 100644 --- a/src/lib/libcrypto/ec/ec_curve.c +++ b/src/lib/libcrypto/ec/ec_curve.c | |||
| @@ -2250,6 +2250,36 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; } | |||
| 2250 | 0x9C,0xA9,0x00,0x69 } | 2250 | 0x9C,0xA9,0x00,0x69 } |
| 2251 | }; | 2251 | }; |
| 2252 | 2252 | ||
| 2253 | static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; } | ||
| 2254 | _EC_FRP256v1 = { | ||
| 2255 | { NID_X9_62_prime_field, 0,32,1 }, | ||
| 2256 | { /* no seed */ | ||
| 2257 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* p */ | ||
| 2258 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC, | ||
| 2259 | 0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E, | ||
| 2260 | 0x9C,0x03, | ||
| 2261 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* a */ | ||
| 2262 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC, | ||
| 2263 | 0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E, | ||
| 2264 | 0x9C,0x00, | ||
| 2265 | 0xEE,0x35,0x3F,0xCA,0x54,0x28,0xA9,0x30,0x0D,0x4A, /* b */ | ||
| 2266 | 0xBA,0x75,0x4A,0x44,0xC0,0x0F,0xDF,0xEC,0x0C,0x9A, | ||
| 2267 | 0xE4,0xB1,0xA1,0x80,0x30,0x75,0xED,0x96,0x7B,0x7B, | ||
| 2268 | 0xB7,0x3F, | ||
| 2269 | 0xB6,0xB3,0xD4,0xC3,0x56,0xC1,0x39,0xEB,0x31,0x18, /* x */ | ||
| 2270 | 0x3D,0x47,0x49,0xD4,0x23,0x95,0x8C,0x27,0xD2,0xDC, | ||
| 2271 | 0xAF,0x98,0xB7,0x01,0x64,0xC9,0x7A,0x2D,0xD9,0x8F, | ||
| 2272 | 0x5C,0xFF, | ||
| 2273 | 0x61,0x42,0xE0,0xF7,0xC8,0xB2,0x04,0x91,0x1F,0x92, /* y */ | ||
| 2274 | 0x71,0xF0,0xF3,0xEC,0xEF,0x8C,0x27,0x01,0xC3,0x07, | ||
| 2275 | 0xE8,0xE4,0xC9,0xE1,0x83,0x11,0x5A,0x15,0x54,0x06, | ||
| 2276 | 0x2C,0xFB, | ||
| 2277 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* order */ | ||
| 2278 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x53,0xDC,0x67,0xE1, | ||
| 2279 | 0x40,0xD2,0xBF,0x94,0x1F,0xFD,0xD4,0x59,0xC6,0xD6, | ||
| 2280 | 0x55,0xE1 } | ||
| 2281 | }; | ||
| 2282 | |||
| 2253 | typedef struct _ec_list_element_st { | 2283 | typedef struct _ec_list_element_st { |
| 2254 | int nid; | 2284 | int nid; |
| 2255 | const EC_CURVE_DATA *data; | 2285 | const EC_CURVE_DATA *data; |
| @@ -2370,7 +2400,9 @@ static const ec_list_element curve_list[] = { | |||
| 2370 | { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, | 2400 | { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, |
| 2371 | { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, | 2401 | { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, |
| 2372 | { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, | 2402 | { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, |
| 2373 | { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"} | 2403 | { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, |
| 2404 | /* ANSSI */ | ||
| 2405 | { NID_FRP256v1, &_EC_FRP256v1.h, 0, "FRP256v1"} | ||
| 2374 | }; | 2406 | }; |
| 2375 | 2407 | ||
| 2376 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) | 2408 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) |
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index 04939e7ead..487e079255 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt | |||
| @@ -1307,3 +1307,5 @@ brainpool 1 11 : brainpoolP384r1 | |||
| 1307 | brainpool 1 12 : brainpoolP384t1 | 1307 | brainpool 1 12 : brainpoolP384t1 |
| 1308 | brainpool 1 13 : brainpoolP512r1 | 1308 | brainpool 1 13 : brainpoolP512r1 |
| 1309 | brainpool 1 14 : brainpoolP512t1 | 1309 | brainpool 1 14 : brainpoolP512t1 |
| 1310 | |||
| 1311 | 1 2 250 1 223 101 256 1 : FRP256v1 | ||
diff --git a/src/lib/libssl/src/crypto/ec/ec_curve.c b/src/lib/libssl/src/crypto/ec/ec_curve.c index 372a533615..23bc3ab94e 100644 --- a/src/lib/libssl/src/crypto/ec/ec_curve.c +++ b/src/lib/libssl/src/crypto/ec/ec_curve.c | |||
| @@ -2250,6 +2250,36 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; } | |||
| 2250 | 0x9C,0xA9,0x00,0x69 } | 2250 | 0x9C,0xA9,0x00,0x69 } |
| 2251 | }; | 2251 | }; |
| 2252 | 2252 | ||
| 2253 | static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; } | ||
| 2254 | _EC_FRP256v1 = { | ||
| 2255 | { NID_X9_62_prime_field, 0,32,1 }, | ||
| 2256 | { /* no seed */ | ||
| 2257 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* p */ | ||
| 2258 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC, | ||
| 2259 | 0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E, | ||
| 2260 | 0x9C,0x03, | ||
| 2261 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* a */ | ||
| 2262 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC, | ||
| 2263 | 0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E, | ||
| 2264 | 0x9C,0x00, | ||
| 2265 | 0xEE,0x35,0x3F,0xCA,0x54,0x28,0xA9,0x30,0x0D,0x4A, /* b */ | ||
| 2266 | 0xBA,0x75,0x4A,0x44,0xC0,0x0F,0xDF,0xEC,0x0C,0x9A, | ||
| 2267 | 0xE4,0xB1,0xA1,0x80,0x30,0x75,0xED,0x96,0x7B,0x7B, | ||
| 2268 | 0xB7,0x3F, | ||
| 2269 | 0xB6,0xB3,0xD4,0xC3,0x56,0xC1,0x39,0xEB,0x31,0x18, /* x */ | ||
| 2270 | 0x3D,0x47,0x49,0xD4,0x23,0x95,0x8C,0x27,0xD2,0xDC, | ||
| 2271 | 0xAF,0x98,0xB7,0x01,0x64,0xC9,0x7A,0x2D,0xD9,0x8F, | ||
| 2272 | 0x5C,0xFF, | ||
| 2273 | 0x61,0x42,0xE0,0xF7,0xC8,0xB2,0x04,0x91,0x1F,0x92, /* y */ | ||
| 2274 | 0x71,0xF0,0xF3,0xEC,0xEF,0x8C,0x27,0x01,0xC3,0x07, | ||
| 2275 | 0xE8,0xE4,0xC9,0xE1,0x83,0x11,0x5A,0x15,0x54,0x06, | ||
| 2276 | 0x2C,0xFB, | ||
| 2277 | 0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12, /* order */ | ||
| 2278 | 0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x53,0xDC,0x67,0xE1, | ||
| 2279 | 0x40,0xD2,0xBF,0x94,0x1F,0xFD,0xD4,0x59,0xC6,0xD6, | ||
| 2280 | 0x55,0xE1 } | ||
| 2281 | }; | ||
| 2282 | |||
| 2253 | typedef struct _ec_list_element_st { | 2283 | typedef struct _ec_list_element_st { |
| 2254 | int nid; | 2284 | int nid; |
| 2255 | const EC_CURVE_DATA *data; | 2285 | const EC_CURVE_DATA *data; |
| @@ -2370,7 +2400,9 @@ static const ec_list_element curve_list[] = { | |||
| 2370 | { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, | 2400 | { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, |
| 2371 | { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, | 2401 | { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, |
| 2372 | { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, | 2402 | { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, |
| 2373 | { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"} | 2403 | { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, |
| 2404 | /* ANSSI */ | ||
| 2405 | { NID_FRP256v1, &_EC_FRP256v1.h, 0, "FRP256v1"} | ||
| 2374 | }; | 2406 | }; |
| 2375 | 2407 | ||
| 2376 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) | 2408 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) |
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt index 04939e7ead..487e079255 100644 --- a/src/lib/libssl/src/crypto/objects/objects.txt +++ b/src/lib/libssl/src/crypto/objects/objects.txt | |||
| @@ -1307,3 +1307,5 @@ brainpool 1 11 : brainpoolP384r1 | |||
| 1307 | brainpool 1 12 : brainpoolP384t1 | 1307 | brainpool 1 12 : brainpoolP384t1 |
| 1308 | brainpool 1 13 : brainpoolP512r1 | 1308 | brainpool 1 13 : brainpoolP512r1 |
| 1309 | brainpool 1 14 : brainpoolP512t1 | 1309 | brainpool 1 14 : brainpoolP512t1 |
| 1310 | |||
| 1311 | 1 2 250 1 223 101 256 1 : FRP256v1 | ||