subject:"Re\: \[PATCH\] ec\: add support for several more GOST curves"

Re: [PATCH] ec: add support for several more GOST curves

2020-03-28 Thread Dmitry Baryshkov

сб, 28 мар. 2020 г. в 11:30, Kinichiro Inoguchi :
>
> Hi,
>
> I have a 3 questions,
> - parameter set values for Twisted Edwards
> - description in _ec_list_element_st
> - naming about object identifier
>
> details are described below.
>
>
> On Thu, Mar 26, 2020 at 09:25:57PM +0300, dbarysh...@gmail.com wrote:
> > From: Dmitry Baryshkov 
> >
> > Add support for GOST curves defined by RFC 7836 and
> > draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see
> > draft-smyshlyaev-tls12-gost-suites).
> >
> > Sponsored by ROSA Linux.
> >
> > Signed-off-by: Dmitry Baryshkov 
> > ---
> >  src/lib/libcrypto/ec/ec_curve.c   | 158 +-
> >  src/lib/libcrypto/objects/obj_mac.num |   6 +
> >  src/lib/libcrypto/objects/objects.txt |  10 +-
> >  3 files changed, 168 insertions(+), 6 deletions(-)
> >
> > diff --git a/src/lib/libcrypto/ec/ec_curve.c 
> > b/src/lib/libcrypto/ec/ec_curve.c
> > index e075b1ed3ea5..a1bc88ee2cc6 100644
> > --- a/src/lib/libcrypto/ec/ec_curve.c
> > +++ b/src/lib/libcrypto/ec/ec_curve.c
> > @@ -2900,11 +2900,101 @@ static const struct {
> >   }
> >  };
> >
> > +static const struct {
> > + EC_CURVE_DATA h;
> > + unsigned char data[0 + 32 * 6];
> > +}
> > + _EC_GOST_2012_256_TC26_A = {
> > + {
> > + NID_X9_62_prime_field, 0, 32, 1
> > + },
> > + {   /* no seed */
> > + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,   
> >   /* p */
> > + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > + 0xFD, 0x97,
> > + 0xc2, 0x17, 0x3f, 0x15, 0x13, 0x98, 0x16, 0x73, 0xaf, 0x48,   
> >   /* a */
> > + 0x92, 0xc2, 0x30, 0x35, 0xa2, 0x7c, 0xe2, 0x5e, 0x20, 0x13,
> > + 0xbf, 0x95, 0xaa, 0x33, 0xb2, 0x2c, 0x65, 0x6f, 0x27, 0x7e,
> > + 0x73, 0x35,
> > + 0x29, 0x5f, 0x9b, 0xae, 0x74, 0x28, 0xed, 0x9c, 0xcc, 0x20,   
> >   /* b */
> > + 0xe7, 0xc3, 0x59, 0xa9, 0xd4, 0x1a, 0x22, 0xfc, 0xcd, 0x91,
> > + 0x08, 0xe1, 0x7b, 0xf7, 0xba, 0x93, 0x37, 0xa6, 0xf8, 0xae,
> > + 0x95, 0x13,
> > + 0x91, 0xe3, 0x84, 0x43, 0xa5, 0xe8, 0x2c, 0x0d, 0x88, 0x09,   
> >   /* x */
> > + 0x23, 0x42, 0x57, 0x12, 0xb2, 0xbb, 0x65, 0x8b, 0x91, 0x96,
> > + 0x93, 0x2e, 0x02, 0xc7, 0x8b, 0x25, 0x82, 0xfe, 0x74, 0x2d,
> > + 0xaa, 0x28,
> > + 0x32, 0x87, 0x94, 0x23, 0xab, 0x1a, 0x03, 0x75, 0x89, 0x57,   
> >   /* y */
> > + 0x86, 0xc4, 0xbb, 0x46, 0xe9, 0x56, 0x5f, 0xde, 0x0b, 0x53,
> > + 0x44, 0x76, 0x67, 0x40, 0xaf, 0x26, 0x8a, 0xdb, 0x32, 0x32,
> > + 0x2e, 0x5c,
> > + 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,   
> >   /* order */
> > + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0f, 0xd8, 0xcd, 0xdf,
> > + 0xc8, 0x7b, 0x66, 0x35, 0xc1, 0x15, 0xaf, 0x55, 0x6c, 0x36,
> > + 0x0c, 0x67,
> > + }
> > +};
> > +
>
>
> This diff adds * below, and 2 Twisted Edwards one misses m,e,d,u,v.
> Is this as you expected for now ?
>
>   Canonical:
>   *id-tc26-gost-3410-2012-512-paramSetTest order = m = q
>id-tc26-gost-3410-2012-512-paramSetAorder = m = q
>id-tc26-gost-3410-2012-512-paramSetBorder = m = q
>
>   Twisted Edwards:
>   *id-tc26-gost-3410-2012-512-paramSetCorder = q, misses m,e,d,u,v
>   *id-tc26-gost-3410-2012-256-paramSetAorder = q, misses m,e,d,u,v

This is expected. These curves are defined in Weierstrass form (a, b,
x, y) and in birationally equivalent Twisted Edwards form (e, d, u,
v). One can perform calculations in any of these forms. In this RFC m
= order of a whole curve, q is an order of the subgroup. Version 2 of
the patch will fix cofactors.


> >  #endif
> >
> >  typedef struct _ec_list_element_st {
> > @@ -3147,8 +3291,14 @@ static const ec_list_element curve_list[] = {
> >   {NID_id_GostR3410_2001_CryptoPro_C_ParamSet, 
> > &_EC_GOST_2001_CryptoPro_C.h, 0, "GOST R 34.10-2001 CryptoPro-C"},
> >   {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, 
> > &_EC_GOST_2001_CryptoPro_A.h, 0, "GOST R 34.10-2001 CryptoPro-XchA"},
> >   {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, 
> > &_EC_GOST_2001_CryptoPro_C.h, 0, "GOST R 34.10-2001 CryptoPro-XchB"},
> > - {NID_id_tc26_gost_3410_2012_512_paramSetA, &_EC_GOST_2012_TC26_A.h, 
> > 0, "GOST R 34.10-2012 TC26-A"},
> > - {NID_id_tc26_gost_3410_2012_512_paramSetB, &_EC_GOST_2012_TC26_B.h, 
> > 0, "GOST R 34.10-2012 TC26-B"},
> > + {NID_id_tc26_gost_3410_2012_256_paramSetA, 
> > &_EC_GOST_2012_256_TC26_A.h, 0, "GOST R 34.10-2012 256 TC26-A"},
> > + {NID_id_tc26_gost_3410_2012_256_paramSetB, 
> > &_EC_GOST_2001_CryptoPro_A.h, 0, "GOST R 34.10-2001 512 TC26-B"},
> > + {NID_id_tc26_gost_3410_2012_256_paramSetC, 
> > &_EC_GOST_2001_CryptoPro_B.h, 0, "GOST R 34.10-2001

Re: [PATCH] ec: add support for several more GOST curves

2020-03-28 Thread Kinichiro Inoguchi

Hi,

I have a 3 questions,
- parameter set values for Twisted Edwards
- description in _ec_list_element_st
- naming about object identifier

details are described below.


On Thu, Mar 26, 2020 at 09:25:57PM +0300, dbarysh...@gmail.com wrote:
> From: Dmitry Baryshkov 
> 
> Add support for GOST curves defined by RFC 7836 and
> draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see
> draft-smyshlyaev-tls12-gost-suites).
> 
> Sponsored by ROSA Linux.
> 
> Signed-off-by: Dmitry Baryshkov 
> ---
>  src/lib/libcrypto/ec/ec_curve.c   | 158 +-
>  src/lib/libcrypto/objects/obj_mac.num |   6 +
>  src/lib/libcrypto/objects/objects.txt |  10 +-
>  3 files changed, 168 insertions(+), 6 deletions(-)
> 
> diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
> index e075b1ed3ea5..a1bc88ee2cc6 100644
> --- a/src/lib/libcrypto/ec/ec_curve.c
> +++ b/src/lib/libcrypto/ec/ec_curve.c
> @@ -2900,11 +2900,101 @@ static const struct {
>   }
>  };
>  
> +static const struct {
> + EC_CURVE_DATA h;
> + unsigned char data[0 + 32 * 6];
> +}
> + _EC_GOST_2012_256_TC26_A = {
> + {
> + NID_X9_62_prime_field, 0, 32, 1
> + },
> + {   /* no seed */
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
> /* p */
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFD, 0x97,
> + 0xc2, 0x17, 0x3f, 0x15, 0x13, 0x98, 0x16, 0x73, 0xaf, 0x48, 
> /* a */
> + 0x92, 0xc2, 0x30, 0x35, 0xa2, 0x7c, 0xe2, 0x5e, 0x20, 0x13,
> + 0xbf, 0x95, 0xaa, 0x33, 0xb2, 0x2c, 0x65, 0x6f, 0x27, 0x7e,
> + 0x73, 0x35,
> + 0x29, 0x5f, 0x9b, 0xae, 0x74, 0x28, 0xed, 0x9c, 0xcc, 0x20, 
> /* b */
> + 0xe7, 0xc3, 0x59, 0xa9, 0xd4, 0x1a, 0x22, 0xfc, 0xcd, 0x91,
> + 0x08, 0xe1, 0x7b, 0xf7, 0xba, 0x93, 0x37, 0xa6, 0xf8, 0xae,
> + 0x95, 0x13,
> + 0x91, 0xe3, 0x84, 0x43, 0xa5, 0xe8, 0x2c, 0x0d, 0x88, 0x09, 
> /* x */
> + 0x23, 0x42, 0x57, 0x12, 0xb2, 0xbb, 0x65, 0x8b, 0x91, 0x96,
> + 0x93, 0x2e, 0x02, 0xc7, 0x8b, 0x25, 0x82, 0xfe, 0x74, 0x2d,
> + 0xaa, 0x28,
> + 0x32, 0x87, 0x94, 0x23, 0xab, 0x1a, 0x03, 0x75, 0x89, 0x57, 
> /* y */
> + 0x86, 0xc4, 0xbb, 0x46, 0xe9, 0x56, 0x5f, 0xde, 0x0b, 0x53,
> + 0x44, 0x76, 0x67, 0x40, 0xaf, 0x26, 0x8a, 0xdb, 0x32, 0x32,
> + 0x2e, 0x5c,
> + 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
> /* order */
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0f, 0xd8, 0xcd, 0xdf,
> + 0xc8, 0x7b, 0x66, 0x35, 0xc1, 0x15, 0xaf, 0x55, 0x6c, 0x36,
> + 0x0c, 0x67,
> + }
> +};
> +


This diff adds * below, and 2 Twisted Edwards one misses m,e,d,u,v.
Is this as you expected for now ?

  Canonical:
  *id-tc26-gost-3410-2012-512-paramSetTest order = m = q
   id-tc26-gost-3410-2012-512-paramSetAorder = m = q
   id-tc26-gost-3410-2012-512-paramSetBorder = m = q

  Twisted Edwards:
  *id-tc26-gost-3410-2012-512-paramSetCorder = q, misses m,e,d,u,v
  *id-tc26-gost-3410-2012-256-paramSetAorder = q, misses m,e,d,u,v


>  static const struct {
>   EC_CURVE_DATA h;
>   unsigned char data[0 + 64 * 6];
>  }
> - _EC_GOST_2012_TC26_A = {
> + _EC_GOST_2012_512_Test = {
> + {
> + NID_X9_62_prime_field, 0, 64, 1
> + },
> + {   /* no seed */
> + 0x45, 0x31, 0xac, 0xd1, 0xfe, 0x00, 0x23, 0xc7, 0x55, 0x0d, 
> /* p */
> + 0x26, 0x7b, 0x6b, 0x2f, 0xee, 0x80, 0x92, 0x2b, 0x14, 0xb2,
> + 0xff, 0xb9, 0x0f, 0x04, 0xd4, 0xeb, 0x7c, 0x09, 0xb5, 0xd2,
> + 0xd1, 0x5d, 0xf1, 0xd8, 0x52, 0x74, 0x1a, 0xf4, 0x70, 0x4a,
> + 0x04, 0x58, 0x04, 0x7e, 0x80, 0xe4, 0x54, 0x6d, 0x35, 0xb8,
> + 0x33, 0x6f, 0xac, 0x22, 0x4d, 0xd8, 0x16, 0x64, 0xbb, 0xf5,
> + 0x28, 0xbe, 0x63, 0x73,
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
> /* a */
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
> + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
> + 0x00, 0x00, 0x00, 0x07,
> + 0x1c, 0xff, 0x08, 0x06, 0xa3, 0x11, 0x16, 0xda, 0x29, 0xd8, 
> /* b */
> + 0xcf, 0xa5, 0x4e, 0x57, 0xeb, 0x74, 0x8b, 0xc5, 0xf3, 0x77,
> + 0xe4, 0x94, 0x00, 0xfd, 0xd7, 0x88, 0xb6, 0x49, 0xec, 0xa1,
> + 0xac, 0x43, 0x61, 0x83, 0x40, 0x13, 0xb2, 0xad, 0x73, 0x22,
> + 0x48, 0x0a,

Re: [PATCH] ec: add support for several more GOST curves

Re: [PATCH] ec: add support for several more GOST curves

2 matches

Site Navigation

Mail list logo

Footer information