artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9caf19c)
Add support for the french ANSSI FRP256v1 elliptic curve.
authormiod <miod@openbsd.org>
Thu, 1 May 2014 11:29:18 +0000 (11:29 +0000)
committermiod <miod@openbsd.org>
Thu, 1 May 2014 11:29:18 +0000 (11:29 +0000)
While not to be considered a good choice of elliptic curve (refer to
http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a
good decision to allow developers with requirements to use such a curve,
to be able to do this via a crypto library allowing for much better choices
to be made, without having to change (much of) their code to get better crypto.

ok beck@ deraadt@

lib/libcrypto/ec/ec_curve.c patch | blob | history
lib/libcrypto/objects/objects.txt patch | blob | history
lib/libssl/src/crypto/ec/ec_curve.c patch | blob | history
lib/libssl/src/crypto/objects/objects.txt patch | blob | history

diff --git a/lib/libcrypto/ec/ec_curve.c b/lib/libcrypto/ec/ec_curve.c
index 372a533..23bc3ab 100644 (file)
--- a/lib/libcrypto/ec/ec_curve.c
+++ b/lib/libcrypto/ec/ec_curve.c
@@ -2250,6 +2250,36 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; }
          0x9C,0xA9,0x00,0x69 }
        };
 
+static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; }
+   _EC_FRP256v1 = {
+       { NID_X9_62_prime_field, 0,32,1 },
+       {                                                       /* no seed */
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* p */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC,
+         0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E,
+         0x9C,0x03,
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* a */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC,
+         0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E,
+         0x9C,0x00,
+         0xEE,0x35,0x3F,0xCA,0x54,0x28,0xA9,0x30,0x0D,0x4A,    /* b */
+         0xBA,0x75,0x4A,0x44,0xC0,0x0F,0xDF,0xEC,0x0C,0x9A,
+         0xE4,0xB1,0xA1,0x80,0x30,0x75,0xED,0x96,0x7B,0x7B,
+         0xB7,0x3F,
+         0xB6,0xB3,0xD4,0xC3,0x56,0xC1,0x39,0xEB,0x31,0x18,    /* x */
+         0x3D,0x47,0x49,0xD4,0x23,0x95,0x8C,0x27,0xD2,0xDC,
+         0xAF,0x98,0xB7,0x01,0x64,0xC9,0x7A,0x2D,0xD9,0x8F,
+         0x5C,0xFF,
+         0x61,0x42,0xE0,0xF7,0xC8,0xB2,0x04,0x91,0x1F,0x92,    /* y */
+         0x71,0xF0,0xF3,0xEC,0xEF,0x8C,0x27,0x01,0xC3,0x07,
+         0xE8,0xE4,0xC9,0xE1,0x83,0x11,0x5A,0x15,0x54,0x06,
+         0x2C,0xFB,
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* order */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x53,0xDC,0x67,0xE1,
+         0x40,0xD2,0xBF,0x94,0x1F,0xFD,0xD4,0x59,0xC6,0xD6,
+         0x55,0xE1 }
+       };
+
 typedef struct _ec_list_element_st {
        int     nid;
        const EC_CURVE_DATA *data;
@@ -2370,7 +2400,9 @@ static const ec_list_element curve_list[] = {
        { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
        { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
        { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
-       { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}
+       { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
+       /* ANSSI */
+       { NID_FRP256v1, &_EC_FRP256v1.h, 0, "FRP256v1"}
 };
 
 #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
diff --git a/lib/libcrypto/objects/objects.txt b/lib/libcrypto/objects/objects.txt
index 04939e7..487e079 100644 (file)
--- a/lib/libcrypto/objects/objects.txt
+++ b/lib/libcrypto/objects/objects.txt
@@ -1307,3 +1307,5 @@ brainpool 1 11 : brainpoolP384r1
 brainpool 1 12 : brainpoolP384t1
 brainpool 1 13 : brainpoolP512r1
 brainpool 1 14 : brainpoolP512t1
+
+1 2 250 1 223 101 256 1 : FRP256v1
diff --git a/lib/libssl/src/crypto/ec/ec_curve.c b/lib/libssl/src/crypto/ec/ec_curve.c
index 372a533..23bc3ab 100644 (file)
--- a/lib/libssl/src/crypto/ec/ec_curve.c
+++ b/lib/libssl/src/crypto/ec/ec_curve.c
@@ -2250,6 +2250,36 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; }
          0x9C,0xA9,0x00,0x69 }
        };
 
+static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; }
+   _EC_FRP256v1 = {
+       { NID_X9_62_prime_field, 0,32,1 },
+       {                                                       /* no seed */
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* p */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC,
+         0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E,
+         0x9C,0x03,
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* a */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x39,0x61,0xAD,0xBC,
+         0xAB,0xC8,0xCA,0x6D,0xE8,0xFC,0xF3,0x53,0xD8,0x6E,
+         0x9C,0x00,
+         0xEE,0x35,0x3F,0xCA,0x54,0x28,0xA9,0x30,0x0D,0x4A,    /* b */
+         0xBA,0x75,0x4A,0x44,0xC0,0x0F,0xDF,0xEC,0x0C,0x9A,
+         0xE4,0xB1,0xA1,0x80,0x30,0x75,0xED,0x96,0x7B,0x7B,
+         0xB7,0x3F,
+         0xB6,0xB3,0xD4,0xC3,0x56,0xC1,0x39,0xEB,0x31,0x18,    /* x */
+         0x3D,0x47,0x49,0xD4,0x23,0x95,0x8C,0x27,0xD2,0xDC,
+         0xAF,0x98,0xB7,0x01,0x64,0xC9,0x7A,0x2D,0xD9,0x8F,
+         0x5C,0xFF,
+         0x61,0x42,0xE0,0xF7,0xC8,0xB2,0x04,0x91,0x1F,0x92,    /* y */
+         0x71,0xF0,0xF3,0xEC,0xEF,0x8C,0x27,0x01,0xC3,0x07,
+         0xE8,0xE4,0xC9,0xE1,0x83,0x11,0x5A,0x15,0x54,0x06,
+         0x2C,0xFB,
+         0xF1,0xFD,0x17,0x8C,0x0B,0x3A,0xD5,0x8F,0x10,0x12,    /* order */
+         0x6D,0xE8,0xCE,0x42,0x43,0x5B,0x53,0xDC,0x67,0xE1,
+         0x40,0xD2,0xBF,0x94,0x1F,0xFD,0xD4,0x59,0xC6,0xD6,
+         0x55,0xE1 }
+       };
+
 typedef struct _ec_list_element_st {
        int     nid;
        const EC_CURVE_DATA *data;
@@ -2370,7 +2400,9 @@ static const ec_list_element curve_list[] = {
        { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
        { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
        { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
-       { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}
+       { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
+       /* ANSSI */
+       { NID_FRP256v1, &_EC_FRP256v1.h, 0, "FRP256v1"}
 };
 
 #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
diff --git a/lib/libssl/src/crypto/objects/objects.txt b/lib/libssl/src/crypto/objects/objects.txt
index 04939e7..487e079 100644 (file)
--- a/lib/libssl/src/crypto/objects/objects.txt
+++ b/lib/libssl/src/crypto/objects/objects.txt
@@ -1307,3 +1307,5 @@ brainpool 1 11 : brainpoolP384r1
 brainpool 1 12 : brainpoolP384t1
 brainpool 1 13 : brainpoolP512r1
 brainpool 1 14 : brainpoolP512t1
+
+1 2 250 1 223 101 256 1 : FRP256v1
OpenBSD src
by Ahmet Artu Yildirim