Add EC_POINT_add support #261
Conversation
|
This looks pretty reasonable, but I'm no SSL expert, do you mind explaining what it does? |
|
I'm not sure how well I can explain the math behind it (still getting my head around it), but as far as a practical application, I'm working with a client to build a Ruby implementation of their zero-knowledge authentication protocol. We need to be able to add EC points together as part of the proof verification process. |
|
Okay, do you think it makes sense to add a few more details to the documentation about what it's used for? Even if it's just a one sentence summary of what you said. |
| GetECPoint(result, point_result); | ||
|
|
||
| if (EC_POINT_add(group, point_result, point_self, point_other, ossl_bn_ctx) != 1) { | ||
| ossl_raise(eEC_POINT, "EC_POINT_add"); |
There was a problem hiding this comment.
I gave this some thought earlier today, and I’m not sure more documentation makes sense here.
In ECC, point multiplication acts as a one-way hash, and while it probably isn’t implemented this way under the hood for performance reasons, point addition is a more primitive operation that forms the basis for point multiplication.
Most people won’t typically need this operation unless they’re implementing their own protocol (at which point, they’ll know what it is and what to do with it).
As you can see from the Wikipedia overview, the math is somewhat involved (though this post on Hacker Noon may be easier to follow).
I’m not sure a fuller description of ECC makes sense in context of the API docs.
There was a problem hiding this comment.
Fair enough - I was just specifically wondering how this could fail, and under what situations the exception would be raised.
There was a problem hiding this comment.
Ah. So digging through the OpenSSL source code, it looks like the top level checks involve whether a point is compatible with a particular curve. But given how points are created in Ruby, this would trigger an exception elsewhere. I suspect there are also other low-level checks further in depending on the group type.
I had assumed from looking at the other code in the openssl gem that ossl_raise would just do the right thing in any case.
Hi, all.
I added support for
EC_POINT_add.I'll be the first to admit that I'm still learning my way around elliptic curve cryptography in general and OpenSSL in particular. This is also the first time I've ventured down to C with Ruby.
All of that's to say, I welcome your feedback.