-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create API to gather curve params from an OpenSSL::PKey::EC::Group
#432
base: master
Are you sure you want to change the base?
Changes from 2 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -1021,6 +1021,100 @@ static VALUE ossl_ec_group_set_seed(VALUE self, VALUE seed) | |
|
||
/* get/set curve GFp, GF2m */ | ||
|
||
|
||
|
||
/* | ||
* call-seq: | ||
* group.field_type => Symbol | ||
* | ||
* See the OpenSSL documentation for EC_METHOD_get_field_type() | ||
*/ | ||
static VALUE ossl_ec_group_get_field_type(VALUE self) | ||
{ | ||
EC_GROUP *group; | ||
GetECGroup(self, group); | ||
if (!group) { | ||
rb_raise(eEC_GROUP, "EC_GROUP is not initialized"); | ||
return Qnil; | ||
} | ||
|
||
const EC_METHOD *method = EC_GROUP_method_of(group); | ||
int field_type_id = EC_METHOD_get_field_type(method); | ||
if (field_type_id == NID_X9_62_prime_field) { | ||
return ID2SYM(s_GFp); | ||
} else if (field_type_id == NID_X9_62_characteristic_two_field) { | ||
return ID2SYM(s_GF2m); | ||
} | ||
|
||
return INT2NUM(field_type_id); | ||
rickmark marked this conversation as resolved.
Show resolved
Hide resolved
|
||
} | ||
|
||
/* | ||
* call-seq: | ||
* group.curve_params => Array | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As per #425, this returns Hash? |
||
* | ||
* See the OpenSSL documentation for EC_GROUP_get_curve_GFp() and EC_GROUP_set_curve_GF2m() | ||
*/ | ||
static VALUE ossl_ec_group_get_curve_params(VALUE self) | ||
{ | ||
EC_GROUP *group; | ||
VALUE pBN, aBN, bBN; | ||
BIGNUM *p, *a, *b; | ||
|
||
GetECGroup(self, group); | ||
if (!group) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
rb_raise(eEC_GROUP, "EC_GROUP not initialized"); | ||
return Qnil; | ||
rickmark marked this conversation as resolved.
Show resolved
Hide resolved
|
||
} | ||
|
||
pBN = ossl_bn_new(NULL); | ||
aBN = ossl_bn_new(NULL); | ||
bBN = ossl_bn_new(NULL); | ||
|
||
p = GetBNPtr(pBN); | ||
a = GetBNPtr(aBN); | ||
b = GetBNPtr(bBN); | ||
|
||
VALUE result = rb_ary_new_capa(4); | ||
VALUE field_type = SYM2ID(ossl_ec_group_get_field_type(self)); | ||
rickmark marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
if (field_type == s_GFp) { | ||
EC_GROUP_get_curve_GFp(group, p, a, b, NULL); | ||
} | ||
else if (field_type == s_GF2m) { | ||
EC_GROUP_set_curve_GF2m(group, p, a, b, NULL); | ||
} | ||
else { | ||
rb_raise(eEC_GROUP, "EC_GROUP field_type was not GFp or GF2m"); | ||
return Qnil; | ||
} | ||
|
||
rb_ary_store(result, 0, ID2SYM(field_type)); | ||
rb_ary_store(result, 1, pBN); | ||
rb_ary_store(result, 2, aBN); | ||
rb_ary_store(result, 3, bBN); | ||
|
||
return result; | ||
} | ||
|
||
/* | ||
* call-seq: | ||
* group.field => aBN | ||
* | ||
* See the OpenSSL documentation for EC_GROUP_get_curve_GFp() and EC_GROUP_set_curve_GF2m() for parameter *p | ||
*/ | ||
static VALUE ossl_ec_group_get_field(VALUE self) | ||
{ | ||
VALUE curve_params = ossl_ec_group_get_curve_params(self); | ||
|
||
if (RARRAY_LEN(curve_params) < 2) { | ||
rb_raise(cEC_GROUP, "EC_CURVE parameters malformed"); | ||
return Qnil; | ||
} | ||
|
||
return rb_ary_entry(curve_params, 1); | ||
} | ||
|
||
/* | ||
* call-seq: | ||
* group.degree => integer | ||
|
@@ -1628,7 +1722,11 @@ void Init_ossl_ec(void) | |
rb_define_method(cEC_GROUP, "seed", ossl_ec_group_get_seed, 0); | ||
rb_define_method(cEC_GROUP, "seed=", ossl_ec_group_set_seed, 1); | ||
|
||
/* get/set GFp, GF2m */ | ||
rb_define_method(cEC_GROUP, "field", ossl_ec_group_get_field, 0); | ||
rb_define_method(cEC_GROUP, "field_type", ossl_ec_group_get_field_type, 0); | ||
rb_define_method(cEC_GROUP, "curve_params", ossl_ec_group_get_curve_params, 0); | ||
|
||
/* set GFp, GF2m */ | ||
|
||
rb_define_method(cEC_GROUP, "degree", ossl_ec_group_get_degree, 0); | ||
|
||
|
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
@@ -0,0 +1,61 @@ | ||||||
# frozen_string_literal: true | ||||||
require_relative 'utils' | ||||||
|
||||||
if defined?(OpenSSL) && defined?(OpenSSL::PKey::EC) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I know this came from
Suggested change
|
||||||
|
||||||
class OpenSSL::TestECGroup < OpenSSL::PKeyTestCase | ||||||
SECP256K1_NAME = 'secp256k1' | ||||||
SECP256K1_FIELD = OpenSSL::BN.new "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16 | ||||||
SECP256K1_A = 0.to_bn | ||||||
SECP256K1_B = 7.to_bn | ||||||
SECP256K1_G_COMPRESSED = OpenSSL::BN.new "0279BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16 | ||||||
SECP256K1_G_UNCOMPRESSED = OpenSSL::BN.new "0479BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798" \ | ||||||
"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", 16 | ||||||
SECP256K1_ORDER = OpenSSL::BN.new "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 16 | ||||||
SECP256K1_COFACTOR = 1 | ||||||
SECP256K1_DEGREE = 256 | ||||||
|
||||||
def test_ec_group | ||||||
group1 = OpenSSL::PKey::EC::Group.new("prime256v1") | ||||||
key1 = OpenSSL::PKey::EC.new(group1) | ||||||
assert_equal group1, key1.group | ||||||
|
||||||
group2 = OpenSSL::PKey::EC::Group.new(group1) | ||||||
assert_equal group1.to_der, group2.to_der | ||||||
assert_equal group1, group2 | ||||||
group2.asn1_flag ^=OpenSSL::PKey::EC::NAMED_CURVE | ||||||
assert_not_equal group1.to_der, group2.to_der | ||||||
assert_equal group1, group2 | ||||||
|
||||||
group3 = group1.dup | ||||||
assert_equal group1.to_der, group3.to_der | ||||||
|
||||||
assert group1.asn1_flag & OpenSSL::PKey::EC::NAMED_CURVE # our default | ||||||
der = group1.to_der | ||||||
group4 = OpenSSL::PKey::EC::Group.new(der) | ||||||
group1.point_conversion_form = group4.point_conversion_form = :uncompressed | ||||||
assert_equal :uncompressed, group1.point_conversion_form | ||||||
assert_equal :uncompressed, group4.point_conversion_form | ||||||
assert_equal group1, group4 | ||||||
assert_equal group1.curve_name, group4.curve_name | ||||||
assert_equal group1.generator.to_octet_string(:uncompressed), | ||||||
group4.generator.to_octet_string(:uncompressed) | ||||||
assert_equal group1.order, group4.order | ||||||
assert_equal group1.cofactor, group4.cofactor | ||||||
assert_equal group1.seed, group4.seed | ||||||
assert_equal group1.degree, group4.degree | ||||||
end | ||||||
|
||||||
def test_get_group_parameters | ||||||
group = OpenSSL::PKey::EC::Group.new SECP256K1_NAME | ||||||
|
||||||
assert_equal(SECP256K1_NAME, group.curve_name) | ||||||
assert_equal(SECP256K1_ORDER, group.order) | ||||||
assert_equal(SECP256K1_COFACTOR, group.cofactor) | ||||||
assert_equal(SECP256K1_DEGREE, group.degree) | ||||||
assert_equal(SECP256K1_FIELD, group.field) | ||||||
assert_equal(:GFp, group.field_type) | ||||||
assert_equal([:GFp, SECP256K1_FIELD, SECP256K1_A, SECP256K1_B], group.curve_params) | ||||||
end | ||||||
end | ||||||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Variable declarations need to be at the beginning of the block while we support Ruby <= 2.6.