-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crypt::PK::DH Improvements #4
Comments
He is how I see the necessary steps: 1/ in typedef struct Dh_key {
int idx, type;
void *x;
void *y;
+ void *base;
+ void *prime;
} dh_key; 2/ in int dh_make_key_ex(prng_state *prng, int wprng, char *prime_hex, char *base_hex, dh_key *key) 3/ turning 4/ fixing the following functions so that they work with the updated dh_key structure
5/ In
which means changing XS function like this (untested, just idea):
6/ at this point the old (current) test suite for DH in CryptX should PASS 7/ in the end we will need to fix 8/ in the end it might be a good idea to also support |
2/ Did you mean 'dh_make_key_hex'? Are you against doing the hex->bin conversion in the XS layer, or do you feel it should be done in libtom? The code I've already written does it in the XS and the key generation function takes mp_int arguments. The code I've written will take binary, octal, hex, base64, or binary input for the prime, base arguments. 3/ Do a wrapper using a macro? 7/ The prime value will need to be stored otherwise a shared secret calculation won't be possible. At first glance, adding prime shouldn't break backwards compatibility. |
ad 2/ I really mean As for passing mp_int arguments I do no think it is a good idea as libtomcrypt interface completely hides math c-types. If I recall correctly there is no function in public libtomcrypt interface that takes mp_int argument (and in the end we want ad 3/ I mean a wrapper like this int dh_make_key(prng_state *prng, int wprng, int size, dh_key *key) {
if (size == 128) {
dh_make_key_ex(prng, wprng, CONST_DH_P128, CONST_DH_G128, key);
}
else if (size == 256) {
dh_make_key_ex(prng, wprng, CONST_DH_P256, CONST_DH_G256, key);
}
//... Simply implementing |
The predefined set of DH primes is in base64... So we can either convert the sets to hex in dh_static.c or do the conversion before passing it to dh_make_key_ex. Or do you prefer a different method given the above example using defined constants? |
I think the constants should be converted to HEX |
The primes in dh_static.c are not the length they are supposed to be... I think this was alluded to here: https://github.com/libtom/libtomcrypt/pull/111 For example, the DH-768 entry is 786 bits (131 base64 chars, 131 * 6 == 786) I wonder if there was a reason for this? |
You are right here is the complete list:
|
Just a note here that further discussion happens in PR #10 |
Excellent work! Merged and released to CPAN as CryptX-0.032 I may try to bring some of these DH improvements upstream into libtomcrypt which is licensed as public domain (CryptX module is perl5). Do you agree with moving your contribution in PR #10 under public domain? |
I may try to bring some of these DH improvements upstream into libtomcrypt which is licensed as public domain (CryptX module is perl5). Do you agree with moving your contribution in PR #10 under public domain? —You are receiving this because you authored the thread.Reply to this email directly or view it on GitHub |
Great, thanks for your time. Closing. |
Moving discussion from email.
You said:
---QUOTE---
in my opinion the right way is to enhance https://metacpan.org/pod/Crypt::PK::DH#generate_key
Now it supports only:
my $pk = Crypt::PK::DH->new();
$pk->generate_key($keysize);
like:
$pk->generate_key(256);
it should be extended to - let's say:
$pk->generate_key({ p=> '62D031C83F4294F64....', g=> '02' });
It would be also nice to patch https://metacpan.org/pod/Crypt::PK::DH#key2hash so that key dump contains also p + g (and maybe import/export routines will need some attention as well).
I did similar kind of extension for EC crypto in https://metacpan.org/pod/Crypt::PK::ECC#generate_key some time ago.
But keep in mind that it will need some nontrivial changes to
cryptx/src/ltc/pk/dh/dh.c
especiallydh_make_key
.Basically I am not against major redesign of src/ltc/pk/dh/dh.c (I am member of libtomcrypt project so can try to push the changes upstream) but it is definitely a bunch of work.
---END QUOTE---
Other than supplying p and g to generate the key, I also need the following functionality, which is largely already written:
-Verify that a supplied public key is valid for my private key -- essentially a range check, y > 1 && y < (p - 1) and if g == 2 make sure more than one bit is set in y.
-Return public key in binary format. Not entirely necessary because we could unpack this from key2hash but nice nonetheless.
To modify Crypt::PK:DH, the path forward I see is:
-Add p,g to dh_key
-Remove index field from dh_key
-Redo import/export to include p,g in the packet and not index
-Change dh_get_size to return the used portion of the mp_int instead of looking up in table
-Free p,g parts of key in dh_free
-Change dh_encrypt_key, dh_decrypt_key to use p,g in key
I am not sure what to do with:
-dh_sizes function (probably leave alone).
Let me know your thoughts.
The text was updated successfully, but these errors were encountered: