diff options
author | Rob Austein <sra@hactrn.net> | 2017-01-26 00:49:12 -0500 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2017-01-26 00:49:12 -0500 |
commit | 99407a540c7f1fbbc0987837173d1b81aee790bc (patch) | |
tree | f533863a16eca8069df8b939a0af3d509d89109d /hashsig.h | |
parent | 31ce1c88f745c2946b3c0eb9986e0aaed164485c (diff) |
First attempt at using Pavel's ecdsa256 core. Not working yet.
Attempts to use Pavel's ecdsa256 base point multiplier instead of
software point multiplier when selecting new random points (that is,
when generating P-256 keys or P-256 signatures). Resulting points
pass the point validation test (point_is_on_curve()) but the resulting
signatures are invalid. Don't know why yet. Seems like an odd
combination, as one would expect random garbage to fail validation.
In any case: this commit is intended to archive progress so far, and
perhaps see if somebody else can spot what's wrong. As presently
coded, this wouldn't be suitable for production use even if it worked.
NB: As I understand it, the ecdsa256 core is *not* a general purpose
point multiplier even just for the P-256 curve. Rather, it is
strictly a base point multiplier: it takes a single scalar as input,
and returns the X,Y affine coordinates of the curve's base point
multiplied by that scalar. This is essentially the eliptic curve
portion of the computation involved in picking a random point for key
or signature generation, but is not useful for signature validation.
See the README.md in Pavel's source repository for further details.
Diffstat (limited to 'hashsig.h')
0 files changed, 0 insertions, 0 deletions