IPSec/IKE/Oakley curves [[email protected]: DH over ECC groups]

Sat, 15 Nov 2003 04:34:13 -0800 

Dear OpenSSL team,

please consider a patch attached.
It adds 2 binary curves defined in RFC 2409 and 2412.
It unclear whether any well-known OID was ever assigned
and I'm not quite sure what are the right cofactor values

regards,
Vadim

----- Forwarded message from Vadim Fedukovich <[EMAIL PROTECTED]> -----

Date: Fri, 14 Nov 2003 17:43:48 +0200
From: Vadim Fedukovich <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: DH over ECC groups

Dear list,

any plans to make racoon aware of elliptic-curve groups,
namely ID 3 and 4 from RFC 2409? What is group 7?
Any test vectors? Other ideas for testing?

A patch is ready that could generate DH private/public values
using group 3. What are patch submission rules?
Requirements to have it accepted?
This patch needs OpenSSL-0.9.8 (snapshot) supporting binary groups

regards,
Vadim Fedukovich

----- End forwarded message -----


--- crypto/ec/ec_curve.c.orig   Thu Jan 16 21:15:21 2003
+++ crypto/ec/ec_curve.c        Sat Nov 15 14:24:16 2003
@@ -981,6 +981,31 @@
        "113 bit binary curve from the WTLS standard"
        };
 
+/* IPSec curves */
+static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
+       NID_X9_62_characteristic_two_field,
+       "0800000000000000000000004000000000000001",
+       "0",
+       "07338f",
+       "7b",
+       "1c8",
+       "57db5698537193aef944",4, // 12
+       NULL, 0,
+       "IPSec/IKE/Oakley curve #3 over a 155 bit binary field"
+       };
+
+static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = {
+       NID_X9_62_characteristic_two_field,
+       "020000000000000000000000000000200000000000000001",
+       "0",
+       "1ee9",
+       "18",
+       "0d",
+       "01ffffffffffffffffffffffdbf2f889b73e484175f94ebc",2, // 4
+       NULL, 0,
+       "IPSec/IKE/Oakley curve #4 over a 185 bit binary field"
+       };
+
 typedef struct _ec_list_element_st {
        int     nid;
        const EC_CURVE_DATA *data;
@@ -1061,6 +1086,9 @@
        { NID_wap_wsg_idm_ecid_wtls10, &_EC_SECG_CHAR2_233K1},
        { NID_wap_wsg_idm_ecid_wtls11, &_EC_SECG_CHAR2_233R1},
        { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12},
+       /* IPSec curves */
+       { 0, &_EC_IPSEC_163_ID3}, // NIDs to be assigned
+       { 0, &_EC_IPSEC_185_ID4},
 };
 
 static size_t curve_list_length = sizeof(curve_list)/sizeof(ec_list_element);

Reply via email to