Re: [Ocf-linux-users] Public Key Operation help.
Brought to you by:
david-m
Menu
▾
▴
Re: [Ocf-linux-users] Public Key Operation help.
|
From: Nawang C. <naw...@gm...> - 2008-10-17 06:56:22
|
On Fri, Oct 17, 2008 at 10:17 AM, David McCullough
<Dav...@se...> wrote:
>
> Jivin Nawang Chhetan lays it down ...
>> Hi David,
>> I am trying to perform MODEXP operation through OCF. Device I
>> am using is "safe". But I am totally lost is middle with issues like:
>> 1. Endianess: Looking at the cryptoktest program it seems we have to pass
>> the data to "ocf" in Little Endian format.
>
> Thats sounds about right.
>
>> 2. Word Length: While converting a byte string into Little Endian format, I
>> am not sure what is the length of a word(4bytes or 8 bytes).
>
> The parameters for OCF MODEXP are byte arrays, all the code I can see
> works on bytes.
>
Does that mean, if I have a (hex) byte array as BIGNUM input, I need
to convert it into little
endian format i.e. if BigNUM=0x1a2b3c4d 5e6f7182 than I should covert
it to little endian format by reversing the
complete string to: 0x82716f5e 4d3c2b1a
> The BIGNUM format from openssl however is word based IIRC.
>
>> With lack of proper API documentation I am finding it even hard.
>> Can you give me some pointers where I can clear my above doubts.
>
> You might find it easier to look at the openswan patches and how it
> converts various formats to the OCF version and back.
>
> Although both cryptokeytest and openswan convert from BIGNUM to OCF
> format. It may help to understand the BIGNUM format first. Then you
> can see how cryptokeytest does the same op using both openssl and
> it's own modexp,
>
BIGNUM in openssl library is a structure,
struct bignum_st
{
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
int top; /* Index of last used d +1. */
/* The next are internal book keeping for bn_expand. */
int dmax; /* Size of the d array. */
int neg; /* one if the number is negative */
int flags;
};
BN_BITS2=64,
when bignum_to_le conversion is done in cryptoktest each BN_BITS2
words in "bignum_st->d"( not the complete byte string) is converted to
little endian.
Is this right comprehension ?
If so then,(to reiterate you) the modexp input data i.e mod, exp and
base are stored as caddr_t which boils down to char * i.e. modexp data
in byte string.
Don't you think little endian conversion of entire byte string should
have been done, instead of each word.
> Cheers,
> Davidm
>
> --
> David McCullough, dav...@se..., Ph:+61 734352815
> Secure Computing - SnapGear http://www.uCdot.org http://www.snapgear.com
>
--
Nawang
|
