pgpikeec.c

PGP8.0源码 请认真阅读您的文件包然后写出其具体功能

/*____________________________________________________________________________
	Copyright (C) 2002 PGP Corporation
	All rights reserved.

	$Id: pgpIKEEC.c,v 1.21 2002/08/06 20:11:10 dallen Exp $
____________________________________________________________________________*/

/*
	Initialization of EC objects with predefined IKE parameters. 
	Following EC groups are implemented:
	
	Bit length		IKE Group Number 
	163				6, 7
	283				8, 9
	409				10,11
*/

#ifndef EC_TEST
	#include "pgpConfig.h"
	#include "pgpSDKPriv.h"

	#include "pgpMem.h"
	#include "pgpMemoryMgr.h"

	#include "pgpErrors.h"
	#include "pgpDebug.h"

	#include "pgpEC.h"	/* SDK case */
#else
	#include "ec.h"		/* test case */

	/* routines and types, exported from SDK */

	/* types */
	#define PGPError int
	#define PGPByte unsigned char
	#define PGPUInt32 unsigned
	#define PGPSize unsigned

	#define TRUE 1
	#define FALSE 0

	#define IsntPGPError(x) ((x)==0)
	#define IsPGPError(x) (x)

	#define PGPNewData(mgr,size,flags)	calloc(1,size)
	#define PGPFreeData(p)				free(p)
	#define PGPMemoryMgrRef				void *

	#define kPGPError_NoErr						0
	#define kPGPError_ImproperInitialization	(-1)
	#define kPGPError_CorruptData				(-2)
	#define kPGPError_OutOfMemory				(-3)
	#define kPGPError_BadParams					(-4)

	#define PGPECContextRef ecContextRef
	#define PGPECPointRef ecPointRef
	#define PGPECScalarRef ecScalarRef

	#define kPGPECMemoryMedium 0
	#define kPGPECMemoryHigh 1

	/* routines */
	#define PGPECCreate2mContext ecCreate2mContext		
	#define PGPECFreeContext ecFreeContext

	#define PGPECScalarCreate ecScalarCreate
	#define PGPECScalarFree ecScalarFree
	#define PGPECScalarInsertBytes ecScalarInsertBytes

	#define PGPECPointCreate ecPointCreate			
	#define PGPECPointFree ecPointFree				

	#define PGPECSetEC2mParamB ecSetEC2mParamB			
	#define PGPECSetEC2mParamA ecSetEC2mParamA			
	#define PGPECSetEC2mParamBInt ecSetEC2mParamBInt
	#define PGPECSetEC2mParamAInt ecSetEC2mParamAInt
	#define PGPECGetBufferSize ecGetBufferSize			
	#define PGPECPointExtractBytes ecPointExtractBytes
	#define PGPECPointExtractXYBytes ecPointExtractXYBytes
	#define PGPECPointAssignContext ecPointAssignContext	

	#define PGPECPointPrefBasis ecPointPrefBasis
	#define PGPECPointMul ecPointMul				
	#define PGPECPointAdd ecPointAdd

	#define PGPECPointSetZero ecPointSetZero			

	#define PGPECPointIsZero ecPointIsZero			
	#define PGPECPointIsConsistent ecPointIsConsistent		

	#define PGPECPointCompress ecPointCompress			
	#define PGPECPointDecompress ecPointDecompress

	#define PGPECPointInsertBytes ecPointInsertBytes

	#undef pgpAssert
	#if PGP_DEBUG
	#include <assert.h>
	#define pgpAssert assert
	#else
	#define pgpAssert(x)
	#endif

	#include <malloc.h>		/* malloc, calloc, free */
	#include <string.h>		/* memcmp, NULL */

#endif	/* EC_TEST */


#include "pgpIKEEC.h"


#ifdef EC_TEST
#include <stdio.h>
#include <stdlib.h>		/* rand */
#endif


typedef struct pgpECIKEContextPriv {
	unsigned			cofactor;

	PGPECContextRef		c;
	PGPECPointRef		G;
	PGPECPointRef		myY;
	PGPECPointRef		hisY;
	PGPECPointRef		out;

	PGPECScalarRef		secretX;
	PGPECScalarRef		orderG;
} pgpECIKEContextPriv;

/* 1 6 3 fields */
static const unsigned ec_6_a_163[6] = {
	0xD2782AE2, 0xBD88E246, 0x54FF8428, 0xEFA84F95, 0xB6882CAA,	7
};
static const unsigned ec_6_b_163[6] = {
	0xF958AFD9, 0xCA91F73A, 0x946BDA29, 0xDCB40AAB, 0x13612DCD, 7
};
static const unsigned char ec_6_G_163[(163+8)/8+1] = {
	0x03,/* compressed */
	0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89,
	0x77, 0x89, 0x56, 0x67, 0x89, 0x56, 0x7F, 0x78,
	0x7A, 0x78, 0x76, 0xA6, 0x54
};
static const unsigned char ec_6_G_163_order[(163+8)/8] = {
  0x03, 0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0x48,0xAA,
	    0xB6,0x89,0xC2,0x9C, 0xA7,0x10,0x27,0x9B
};

static const unsigned char ec_7_G_163[(163+8)/8 + 1] = 
{
	0x03,/* compressed */ 
	0x02,0xFE,0x13,0xC0, 0x53,0x7B,0xBC,0x11,
	0xAC,0xAA,0x07,0xD7, 0x93,0xDE,0x4E,0x6D,
	0x5E,0x5C,0x94,0xEE, 0xE8
};
static const unsigned char ec_7_G_163_order[(163+8)/8] = {
  0x04, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x02,0x01,0x08,
	    0xA2,0xE0,0xCC,0x0D, 0x99,0xF8,0xA5,0xEF
};

/* 2 8 3 fields */
static const unsigned ec_8_b_283[9] = {
	0x3B79A2F5,	0xF6263E31,	0xA581485A,	0x45309FA2,
	0xCA97FD76,	0x19A0303F,	0xA5A4AF8A,	0xC8B8596D,
	0x027B680A
};
static const unsigned char ec_8_G_283[(283+8)/8+1] = {
	0x03,
	0x05,0xF9,0x39,0x25, 0x8D,0xB7,0xDD,0x90,
	0xE1,0x93,0x4F,0x8C, 0x70,0xB0,0xDF,0xEC,
	0x2E,0xED,0x25,0xB8, 0x55,0x7E,0xAC,0x9C,
	0x80,0xE2,0xE1,0x98, 0xF8,0xCD,0xBE,0xCD,
	0x86,0xB1,0x20,0x53
};
static const unsigned char ec_8_G_283_order[(283+8)/8] = {
	0x03,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,
	0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xEF,0x90, 0x39,0x96,0x60,0xFC,
	0x93,0x8A,0x90,0x16, 0x5B,0x04,0x2A,0x7C, 0xEF,0xAD,0xB3,0x07
};

static const unsigned char ec_9_G_283[(283+8)/8+1] = {
	0x02,
	0x05,0x03,0x21,0x3F, 0x78,0xCA,0x44,0x88,
	0x3F,0x1A,0x3B,0x81, 0x62,0xF1,0x88,0xE5,
	0x53,0xCD,0x26,0x5F, 0x23,0xC1,0x56,0x7A,
	0x16,0x87,0x69,0x13, 0xB0,0xC2,0xAC,0x24,
	0x58,0x49,0x28,0x36
};
static const unsigned char ec_9_G_283_order[(283+8)/8] = {
	0x01,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,
	0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xE9,0xAE, 0x2E,0xD0,0x75,0x77,
	0x26,0x5D,0xFF,0x7F, 0x94,0x45,0x1E,0x06, 0x1E,0x16,0x3C,0x61
};


/* 4 0 9 fields */
static const unsigned ec_10_b_409[] = {
	0x7B13545F, 0x4F50AE31, 0xD57A55AA, 0x72822F6C, 
	0xA9A197B2, 0xD6AC27C8, 0x4761FA99, 0xF1F3DD67,	
	0x7FD6422E, 0x3B7B476B, 0x5C4B9A75, 0xC8EE9FEB, 
	0x021A5C2
};
static const unsigned char ec_10_G_409[(409+8)/8+1] = {
	0x03,
	0x01,0x5D,0x48,0x60, 0xD0,0x88,0xDD,0xB3, 
	0x49,0x6B,0x0C,0x60, 0x64,0x75,0x62,0x60,
	0x44,0x1C,0xDE,0x4A, 0xF1,0x77,0x1D,0x4D,
	0xB0,0x1F,0xFE,0x5B, 0x34,0xE5,0x97,0x03,
	0xDC,0x25,0x5A,0x86, 0x8A,0x11,0x80,0x51,
	0x56,0x03,0xAE,0xAB, 0x60,0x79,0x4E,0x54,
	0xBB,0x79,0x96,0xA7
};
static const unsigned char ec_10_G_409_order[(409+8)/8] = {
	0x01,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
	0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
	0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
	0x00,0x00,0x01,0xE2, 0xAA,0xD6,0xA6,0x12,
	0xF3,0x33,0x07,0xBE, 0x5F,0xA4,0x7C,0x3C,
	0x9E,0x05,0x2F,0x83, 0x81,0x64,0xCD,0x37,
	0xD9,0xA2,0x11,0x73
};

static const unsigned char ec_11_G_409[(409+8)/8+1] = {
	0x03,
	0x00,0x60,0xF0,0x5F, 0x65,0x8F,0x49,0xC1,
	0xAD,0x3A,0xB1,0x89, 0x0F,0x71,0x84,0x21,
	0x0E,0xFD,0x09,0x87, 0xE3,0x07,0xC8,0x4C,
	0x27,0xAC,0xCF,0xB8, 0xF9,0xF6,0x7C,0xC2,
	0xC4,0x60,0x18,0x9E, 0xB5,0xAA,0xAA,0x62,
	0xEE,0x22,0x2E,0xB1, 0xB3,0x55,0x40,0xCF,
	0xE9,0x02,0x37,0x46

};
static const unsigned char ec_11_G_409_order[(409+8)/8] = {
       0,0x7F,0xFF,0xFF,
	0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF, 
	0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF, 
	0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFE,0x5F, 
	0x83,0xB2,0xD4,0xEA, 0x20,0x40,0x0E,0xC4, 
	0x55,0x7D,0x5E,0xD3, 0xE3,0xE7,0xCA,0x5B, 
	0x4B,0x5C,0x83,0xB8, 0xE0,0x1E,0x5F,0xCF
};

static PGPError sInitGroup6( PGPMemoryMgrRef memoryMgr, 
					PGPECContextRef *c163, PGPECPointRef *G, 
					unsigned *cofactor, PGPECScalarRef *orderG )
{
	PGPError ret;
	PGPECPointRef p;

	PGPECCreate2mContext( memoryMgr, 163, kPGPECMemoryMedium, c163 );
	PGPECPointCreate( *c163, G );

	PGPECSetEC2mParamA( *c163, ec_6_a_163 );	
	PGPECSetEC2mParamB( *c163, ec_6_b_163 );	

	*cofactor = 2;

	PGPECPointInsertBytes( *G, (const void*)ec_6_G_163, 0 );

	ret = PGPECPointDecompress( *G );

	if( IsPGPError(ret) ) 
		return ret;

	/* decompressed OK */
	PGPECPointPrefBasis( *G );

	/* Check consistency of public parameters */

	/* first, generator must be a valid EC point */
	if( !PGPECPointIsConsistent( *G ) )  {
		PGPECPointSetZero( *G );
			/* statuc data are corrupted... */
		return kPGPError_ImproperInitialization;	
	}

	PGPECPointCreate( *c163, &p );

	/* just initialized point is not a zero point */
	pgpAssert( !PGPECPointIsZero(p) ); 

	/* second, listed order must satisfy its properties */
	PGPECScalarCreate( *c163, orderG, FALSE );
	PGPECScalarInsertBytes( *orderG, ec_6_G_163_order, NULL );
	ret = PGPECPointMul( *G, *orderG, FALSE, p );

	if( IsntPGPError(ret) && !PGPECPointIsZero(p) )  
		ret = kPGPError_ImproperInitialization;

	PGPECPointFree( p );

	if( IsPGPError(ret) ) 
		PGPECPointSetZero( *G );

	return ret;
}

static PGPError sInitGroup7( PGPMemoryMgrRef memoryMgr, 
					PGPECContextRef *c163, PGPECPointRef *G, 
					unsigned *cofactor, PGPECScalarRef *orderG )
{
	PGPError ret;
	PGPECPointRef p;

	PGPECCreate2mContext( memoryMgr, 163, kPGPECMemoryMedium, c163 );
	PGPECPointCreate( *c163, G );

	PGPECSetEC2mParamAInt( *c163, 1 );	
	PGPECSetEC2mParamBInt( *c163, 1 );	/* Koblitz curve */

	*cofactor = 2;

	PGPECPointInsertBytes( *G, (const void*)ec_7_G_163, 0 );

	ret = PGPECPointDecompress( *G );

	if( IsPGPError(ret) ) 
		return ret;

	/* decompressed OK */
	PGPECPointPrefBasis( *G );

	/* Check consistency of public parameters */

	/* first, generator must be a valid EC point */
	if( !PGPECPointIsConsistent( *G ) )  
	{
		PGPECPointSetZero( *G );
		return kPGPError_ImproperInitialization;
	}

	PGPECPointCreate( *c163, &p );

	/* just initialized point is not a zero point */
	pgpAssert( !PGPECPointIsZero(p) ); 

	/* second, listed order must satisfy its properties */
	PGPECScalarCreate( *c163, orderG, FALSE );
	PGPECScalarInsertBytes( *orderG, ec_7_G_163_order, NULL );
	ret = PGPECPointMul( *G, *orderG, FALSE, p );

	if( IsntPGPError(ret) && !PGPECPointIsZero(p) )  
		ret = kPGPError_ImproperInitialization;

	PGPECPointFree( p );

	if( IsPGPError(ret) ) 
		PGPECPointSetZero( *G );

	return ret;
}


static PGPError sInitGroup8( PGPMemoryMgrRef memoryMgr, 
					PGPECContextRef *c283, PGPECPointRef *G, 
					unsigned *cofactor, PGPECScalarRef *orderG )  
{
	PGPError ret;
	PGPECPointRef p;

	PGPECCreate2mContext( memoryMgr, 283, kPGPECMemoryMedium, c283 );
	PGPECPointCreate( *c283, G );

	PGPECSetEC2mParamAInt( *c283, 1 );	
	PGPECSetEC2mParamB( *c283, ec_8_b_283 );	

	*cofactor = 2;

	PGPECPointInsertBytes( *G, (const void*)ec_8_G_283, 0 );

	ret = PGPECPointDecompress( *G );

	if( IsPGPError(ret) ) 
		return ret;

	/* decompressed OK */
	PGPECPointPrefBasis( *G );

	/* Check consistency of public parameters */

	/* first, generator must be a valid EC point */
	if( !PGPECPointIsConsistent( *G ) )  
	{
		PGPECPointSetZero( *G );
		return kPGPError_ImproperInitialization;
	}

	PGPECPointCreate( *c283, &p );

	/* just initialized point is not a zero point */
	pgpAssert( !PGPECPointIsZero(p) ); 

	/* second, listed order must satisfy its properties */
	PGPECScalarCreate( *c283, orderG, FALSE );
	PGPECScalarInsertBytes( *orderG, ec_8_G_283_order, NULL );
	ret = PGPECPointMul( *G, *orderG, FALSE, p );

	if( IsntPGPError(ret) && !PGPECPointIsZero(p) )  
		ret = kPGPError_ImproperInitialization;

	PGPECPointFree( p );

	if( IsPGPError(ret) ) 
		PGPECPointSetZero( *G );

	return ret;
}