[Hipsec] Re: The exact method used to generate a HIT from a HI

From: Henderson, Thomas R <thomas.r.henderson(at)boeing.com>
Date: Thu Mar 13 2003 - 20:00:54 EST

> I'd like to add an exact algorithm used to generate
> an HIT from a HI.

Here is our interpretation of draft-moscowitz-05, sec 4.2:

Calculate DSA key. Using openssl, this is stored in a struct:

struct dsa_st

        {
        /* This first variable is used to pick up errors where
         * a DSA is passed instead of of a EVP_PKEY */
        int pad;
        int version;
        int write_params;
        BIGNUM *p;
        BIGNUM *q;      /* == 20 */
        BIGNUM *g;

        BIGNUM *pub_key;  /* y public key */
        BIGNUM *priv_key; /* x private key */

        BIGNUM *kinv;   /* Signing pre-calc */
        BIGNUM *r;      /* Signing pre-calc */

        int flags;
        /* Normally used to cache montgomery values */
        char *method_mont_p;
        int references;
        CRYPTO_EX_DATA ex_data;
        DSA_METHOD *meth;
        };

Next, we take dsa->pub_key and do the following:

        BN_bn2bin(dsa->pub_key, hi);
        /*
         * compute the HIT from the HI
         */
        SHA1_Init(&ctx);
        SHA1_Update(&ctx, hi, DSA_KEY_SIZE); 
        SHA1_Final(md, &ctx); /* md is 20 bytes of final hash value */

        /* HITs produced here assume the first format described in [HIP] 4.2,
         * namely it is the bits "01" followed by the lower 126-bits
         * of the SHA1 of the HI
         */
        memcpy(hit, &md[SHA_DIGEST_LENGTH-(HIT_BITSIZE/8)],(HIT_BITSIZE/8));
        hit[0] &= 0x4f;

Tom

---

Hipsec mailing list
Hipsec@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/hipsec Received on Thu Mar 13 20:34:22 2003