Cryptography Reference
In-Depth Information
// A.K.A. secp192R1, AKA NIST P-192
static const unsigned char OID_PRIME192V1[] =
{ 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01 };
static int parse_public_key_info( public_key_info *target,
struct asn1struct *source )
{
…
public_key = source->children->next;
if ( !memcmp( oid->data, &OID_ECDSA, sizeof( OID_ECDSA ) ) )
{
// TODO this only supports named curves (actually, only one specific
// curve).
struct asn1struct *curve = oid->next;
target->algorithm = ecdsa;
if ( !memcmp( curve->data, &OID_PRIME192V1, sizeof( OID_PRIME192V1 ) ) )
{
// TODO generate a mapping of OIDs to curve names
if ( get_named_curve( “prime192v1”, &target->ecdsa_curve ) )
{
return 1;
}
}
else
{
fprintf( stderr,
“Error, unsupported named curve in ECDSA certificate\n” );
return 1;
}
load_huge( &target->ecdsa_public_key.x, public_key->data + 2,
( public_key->length - 2 ) / 2 );
load_huge( &target->ecdsa_public_key.y,
( public_key->data + 2 ) + ( ( public_key->length - 2 ) / 2 ),
( public_key->length - 2 ) / 2 );
return 0;
}
...
As you can see, the certifi cate doesn't refer to curve names by their actual
names; it uses another alias in OID form. The named curve OID is inserted
after the public key OID — if the OID is recognized, it's converted into a string
curve name and the curve is populated into the
ecdsa_curve
parameter of the
supplied
public_key_info
instance.
Now, if you go back and look at Listing 5-19 that parses the RSA public key
info or Listing 5-32 that parses the DSA public key info, you see that the next
step in both cases is to ASN.1 parse the bit string that contains the public key
info. ECDSA keys are not ASN.1 encoded. They're instead encoded as shown
in Figure 9-6.
Search WWH ::
Custom Search