[SECNET REVIEW 00/56] Elliptic curve DH

Ian Jackson ijackson at chiark.greenend.org.uk
Thu Jan 2 01:18:30 GMT 2020 

This series was originally from Mark Wooding.  Thanks, Mark!
It provides x448 and x25519 DH closures.

There is also groundwork for using EC signatures, ed448 and ed25519,
although the secnet closures for that (and the corresponding
make-secnet-sites code etc.) are not provided yet.

Mark's branch was given to me as a work-in-progress so I have
substantially altered and overhauled it.

In particular, the script for importing code from Catacomb now runs in
two phases: firstly, we copy files unchanged from the Catacomb tree
and commit them to git; and then, later, during the build, we do the
massaging.  This means that the secnet repository actually ends up
containing (copies of) the source code for these files.

This is all based on my public key handling series wip.pubkeys.v2.

The number of commits is inflated by my reluctance to make single
commits containing substantial changes the Catacomb import script...

This can be found at:
  chiark:/u/ian/things/secnet
  git://git.chiark.greenend.org.uk/~ian/secnet.git
in
  refs/heads/wip.xdh.v5
and the commit range is
  82880e70fdef1a8bf8269c80adf9b28a20e49e50
to
  a8a74eb8dca5a226d6dfa128e4a9609bad622315

The basic branch structure is:

1. sha512 closure (Mark) and its test case (me):

  01  sha512.[ch]: Remove a bunch of unused code.
  02  sha512.c, etc.: Provide `sha512' as a hash function for signing.
  03  stest: New `hashclosure' variable
  04  stest: Test sha512 hash closure

2. cleanups and prep work (Mark):

  05  site.c, dh.c, secnet.h: Allow the dh `makeshared' method to fail.
  06  Change our view of the Diffie--Hellman closure protocol.
  07  site.c: Pass the length of the actual shared secret to the transform.
  08  dh.c, secnet.8: Allow `diffie-hellman' to take a dictionary of arguments.
  09  site.c: Abstract out generation of the Diffie--Hellman private secret.
  10  site.c: Allocate and free the Diffie--Hellman secret buffers each time.
  11  Introduce negotiation for Diffie--Hellman groups.
  12  Adjust the DH closure protocol to handle public values as raw binary.
  13  unaligned.h: Add macros for reading and writing little-endian 32-bit...

3. catacomb-import-update (Mark and then me) and the Catacomb import.

  14  import-catacomb-crypto: New script, but needs some work
  15  import-catacomb-crypto: Add emacs Local Variables block
  16  import-catacomb-crypto: Do not go mad on initial import
  17  import-catacomb-crypto: Add use strict and fix a bug revealed
  18  catacomb-import-update: Rename from import-catacomb-crypto
  19  catacomb-import-update: Separate import from convert
  20  catacomb-import-update: Improve a warning message
  21  catacomb-import-update: Improve import change listing algorithm
  22  catacomb-import-update: Import catacomb's licence notice too
  23  catacomb-import-update: Handle deletion
  24  catacomb-import-update: Prepare for out-of-tree builds
  25  catacomb-import-update: Install the conversion outputs at the end
  26  catacomb-import-update: Write conversion output to cat/ subdir
  27  catacomb-import-update: --import: Write .mk file
  28  Update crypto code from Catacomb 2.5.0.
  29  Catacomb: Make arrangements for running convert in `cat' subdir
  30  catacomb-import-update: --convert: Check the .mk is unchanged
  31  catacomb-import-update: Abolish a now-unused variable
  32  catacomb-import-update: commit_changes: Introduce $idir
  33  catacomb-import-update: Investigate donor during convert
  34  catacomb-import-update: Rename directory variables

4. Build system prep work (me)

  35  Makefiles: Rename test executables to end in .trun
  36  Makefiles: Rename test stamp files to .tconfirm (from .confirm)
  37  .gitignore: Ignore .trun and .tconfirm files en masse
  38  Makefiles: Better workaround for make bug (Debian #4073)
  39  Makefiles: Make cat_CATS variable available in toplevel

5. Crypto tests (Mark, commits reorganised by me)

  40  u64.h: Provide u64get{lo,hi} and u64not
  41  Catacomb import: Provide fake-mLib-bits.h
  42  crypto-test: Introduce first version of new .c file.
  43  crypto-test: C code for testing ed25519
  44  catacomb-import-update: Extra massaging of keccak code
  45  crypto-test: Support for text strings
  46  crypto test code for keccak and sha3
  47  crypto test code for ed448
  48  crypto-test.c: Don't print dead registers.
  49  ec-field-test.c: Make the field-element type use internal format.
  50  crypto-test: Generic test C file for XDH (X448, X25519)
  51  crypto tests: Wire into Makefiles

6. xdh support.

  52  xdh.c: New module defining elliptic curve Diffie--Hellman functions.
  53  xdh: End-to-end tests for the new DH key agreement groups
  54  make-secnet-sites: Add XDH groups

7. make-secnet-sites changes.

  55  Make the `dh' property be listish
  56  README.make-secnet-sites: Algorithm negotiation control keywords

Together with v2 of
  [SECNET REVIEW 000/227] New signature key arrangements
this is now 287 commits ahead of secnet master...

Thanks for your attention,
Ian.

-- 
Ian Jackson <ijackson at chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

More information about the sgo-software-discuss mailing list