Cryptography Reference
In-Depth Information
The parser must split the data in half and recognize that the fi rst half is
x
and
the last half is
y
.
What about the compressed format? Well, if you think about it, it's somewhat
redundant to provide the
y
value. After all, an elliptic curve is defi ned by an
algebraic formula that describes
y
in terms of
x
. Technically speaking, all you
really need to know is the
x
value, along with the curve parameters themselves,
and you can compute the
y
value. The only wrinkle here is that there are two
possible
y
values for a given
x
— one positive and one negative — because the
formula is
y
2
b
. A compressed point, then, is just the
x
value with
a single extra bit indicating whether the
y
value is the positive or the negative
one; the implementation must multiply out the elliptic curve to recover
y
. This
topic only deals with uncompressed points.
Modify the algorithm identifi er as shown in Listing 9-34 to recognize the
new public key algorithm type, and modify
parse_public_key_info
from
Listing 5-19 as shown in Listing 9-35 to properly parse ECDSA public keys.
x
3
ax
Listing 9-34:
“x509.h” ECDSA algorithm identifi er
typedef enum
{
rsa,
dsa,
dh,
ecdsa
}
algorithmIdentifier;
typedef struct
{
algorithmIdentifier algorithm;
…
elliptic_curve ecdsa_curve;
point ecdsa_public_key;
}
public_key_info;
Listing 9-35:
“x509.c” parse_public_key_info with ECDSA support
static const unsigned char OID_RSA[] =
{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01 };
static const unsigned char OID_DSA[] =
{ 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01 };
static const unsigned char OID_DH[] =
{ 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01 };
static const unsigned char OID_ECDSA[] =
{ 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01 };
(Continued)
Search WWH ::
Custom Search