Reece Wilson
033f7e2453
[+] Aurora::Crypto::X509::GenerateCertificate [*] Fix lazily copied gen1 RSA code [+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP256R1 [+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP256K1 [+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP384R1 [+] Aurora::Crypto::ECC::EECCCurve::eCurveSECP521R1 [*] Unfuck ECC interop [*] Tls pinning: use mbedtls_ssl_conf_verify for tls1.3 (when mbedtls is in a better state)
187 lines
8.4 KiB
C++
187 lines
8.4 KiB
C++
/***
|
|
Copyright (C) 2021 J Reece Wilson (a/k/a "Reece"). All rights reserved.
|
|
|
|
File: ECCCurves.cpp
|
|
Date: 2021-9-17
|
|
Author: Reece
|
|
***/
|
|
#include <Source/RuntimeInternal.hpp>
|
|
#include "ECC.hpp"
|
|
#include "ECCCurves.hpp"
|
|
#include "ECCGeneric.hpp"
|
|
#include <tomcrypt.h>
|
|
|
|
namespace Aurora::Crypto::ECC
|
|
{
|
|
static const ltc_ecc_curve kNistp256 =
|
|
{
|
|
/* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
|
|
/* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
|
|
/* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
|
|
/* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
|
|
/* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
|
|
/* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.2.840.10045.3.1.7"
|
|
};
|
|
|
|
static const ltc_ecc_curve kNistp384 =
|
|
{
|
|
/* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
|
|
/* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
|
|
/* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
|
|
/* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
|
|
/* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
|
|
/* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.3.132.0.34"
|
|
};
|
|
|
|
static const ltc_ecc_curve kNistp521 =
|
|
{
|
|
/* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
|
|
/* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
|
|
/* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
|
|
/* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
|
|
/* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
|
|
/* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.3.132.0.35"
|
|
};
|
|
|
|
static const ltc_ecc_curve kSECP256R1 =
|
|
{
|
|
/* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
|
|
/* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
|
|
/* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
|
|
/* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
|
|
/* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
|
|
/* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.2.840.10045.3.1.7"
|
|
};
|
|
|
|
static const ltc_ecc_curve kSECP256K1 =
|
|
{
|
|
/* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
|
|
/* A */ "0000000000000000000000000000000000000000000000000000000000000000",
|
|
/* B */ "0000000000000000000000000000000000000000000000000000000000000007",
|
|
/* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
|
|
/* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
|
|
/* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.3.132.0.10"
|
|
};
|
|
|
|
static const ltc_ecc_curve kSECP384R1 =
|
|
{
|
|
/* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
|
|
/* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
|
|
/* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
|
|
/* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
|
|
/* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
|
|
/* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.3.132.0.34"
|
|
};
|
|
|
|
static const ltc_ecc_curve kSECP521R1 =
|
|
{
|
|
/* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
|
|
/* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
|
|
/* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
|
|
/* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
|
|
/* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
|
|
/* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
|
|
/* cofactor */ 1,
|
|
/* OID */ "1.3.132.0.35"
|
|
};
|
|
|
|
static const EECCCurve kEccTypes[] = {
|
|
EECCCurve::eCurve256, EECCCurve::eCurve384, EECCCurve::eCurve521,
|
|
EECCCurve::eCurveSECP256K1, EECCCurve::eCurveSECP256R1, EECCCurve::eCurveSECP384R1,
|
|
EECCCurve::eCurveSECP521R1
|
|
};
|
|
|
|
static const ltc_ecc_curve *kEccCurves[] = {
|
|
&kNistp256, &kNistp384, &kNistp521,
|
|
&kSECP256K1, &kSECP256R1, &kSECP384R1,
|
|
&kSECP521R1
|
|
};
|
|
|
|
EECCCurve OIDToCurve(unsigned long *oid, unsigned long oidlen)
|
|
{
|
|
char tempAgain[256];
|
|
unsigned long size = AuArraySize(tempAgain);
|
|
|
|
if (pk_oid_num_to_str(oid, oidlen, tempAgain, &size) != CRYPT_OK)
|
|
{
|
|
return {};
|
|
}
|
|
|
|
// TODO: EVIL
|
|
auto evil = AuString(tempAgain, tempAgain + size);
|
|
|
|
for (AU_ITERATE_ARRAY(i, kEccCurves))
|
|
{
|
|
if (kEccCurves[i]->OID == evil)
|
|
{
|
|
return kEccTypes[i];
|
|
}
|
|
}
|
|
|
|
return EECCCurve::eEnumInvalid;
|
|
}
|
|
|
|
AuOptional<const ltc_ecc_curve *> GetECCCurve(unsigned long *oid, unsigned long oidlen)
|
|
{
|
|
char tempAgain[256];
|
|
unsigned long size = AuArraySize(tempAgain);
|
|
|
|
if (pk_oid_num_to_str(oid, oidlen, tempAgain, &size) != CRYPT_OK)
|
|
{
|
|
return {};
|
|
}
|
|
|
|
// TODO: EVIL
|
|
return GetECCCurve(AuString(tempAgain, tempAgain + size));
|
|
}
|
|
|
|
AuOptional<const ltc_ecc_curve *> GetECCCurve(const AuString &oid)
|
|
{
|
|
|
|
for (AU_ITERATE_ARRAY(i, kEccCurves))
|
|
{
|
|
if (kEccCurves[i]->OID == oid)
|
|
{
|
|
return kEccCurves[i];
|
|
}
|
|
}
|
|
|
|
return {};
|
|
}
|
|
|
|
AuOptional<const ltc_ecc_curve *> GetECCCurve(EECCCurve curve)
|
|
{
|
|
// TODO: consider using ecc_find_curve, it's basically the same thing with strings
|
|
switch (curve)
|
|
{
|
|
case EECCCurve::eCurve256:
|
|
return &kNistp256;
|
|
case EECCCurve::eCurve384:
|
|
return &kNistp384;
|
|
case EECCCurve::eCurve521:
|
|
return &kNistp521;
|
|
case EECCCurve::eCurveSECP256K1:
|
|
return &kSECP256K1;
|
|
case EECCCurve::eCurveSECP256R1:
|
|
return &kSECP256R1;
|
|
case EECCCurve::eCurveSECP384R1:
|
|
return &kSECP384R1;
|
|
case EECCCurve::eCurveSECP521R1:
|
|
return &kSECP521R1;
|
|
default:
|
|
return {};
|
|
}
|
|
}
|
|
} |