Cryptography Reference
In-Depth Information
load_huge( &target->G.x, prime192v1_Gx,
sizeof( prime192v1_Gx ) );
load_huge( &target->G.y, prime192v1_Gy,
sizeof( prime192v1_Gy ) );
load_huge( &target->n, prime192v1_N, sizeof( prime192v1_N ) );
return 0;
}
else if ( !strcmp( “prime256v1”, curve_name ) ||
!strcmp( “secp256r1”, curve_name ) )
{
load_huge( &target->p, prime256v1_P, sizeof( prime256v1_P ) );
load_huge( &target->a, prime256v1_A, sizeof( prime256v1_A ) );
load_huge( &target->b, prime256v1_B, sizeof( prime256v1_B ) );
load_huge( &target->G.x, prime256v1_Gx,
sizeof( prime256v1_Gx ) );
load_huge( &target->G.y, prime256v1_Gy,
sizeof( prime256v1_Gy ) );
load_huge( &target->n, prime256v1_N, sizeof( prime256v1_N ) );
return 0;
}
// Unsupported named curve
return 1;
}
Of course, there's no rule that you must use a named curve. Everywhere
that TLS calls for an elliptic curve, a provision is made to enable either side to
declare a curve explicitly by providing the
p
,
a
,
b
,
G
, and
n
values. However,
named curves are far more common, so explicit curves aren't examined here.
ECDSA Certifi cate Parsing
The fi rst step in adding ECC support is parsing an ECDSA certifi cate — that is,
an X.509 certifi cate whose public key info includes an ECDSA public key and a
description of a curve to which the public key (a point on the curve) is relative.
Recall from Chapter 5 that a certifi cate consists of eight elements: the version,
the serial number, the signature algorithm, the issuer, the validity period, the
subject, the subject's public key, and an optional set of extensions. Of these,
only two are dependent on the public key algorithm: the signature algorithm
and the public key itself.
First, add ECDSA as a valid algorithm identifi er as shown in Listing 9-32 and
then modify
parse_algorithm_identifier
from Listing 5-16 to accept SHA-256
with ECDSA as shown in Listing 9-33.
Search WWH ::
Custom Search