Xuyi Wang
/
wolfcrypt
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
ecc.h
00001 /* ecc.h 00002 * 00003 * Copyright (C) 2006-2017 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 00022 /*! 00023 \file wolfssl/wolfcrypt/ecc.h 00024 */ 00025 00026 00027 #ifndef WOLF_CRYPT_ECC_H 00028 #define WOLF_CRYPT_ECC_H 00029 00030 #include <wolfcrypt/types.h> 00031 00032 #ifdef HAVE_ECC 00033 00034 #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 00035 #include <wolfcrypt/fips.h> 00036 #endif /* HAVE_FIPS_VERSION >= 2 */ 00037 00038 #include <wolfcrypt/integer.h> 00039 #include <wolfcrypt/random.h> 00040 00041 #ifdef HAVE_X963_KDF 00042 #include <wolfcrypt/hash.h> 00043 #endif 00044 00045 #ifdef WOLFSSL_ASYNC_CRYPT 00046 #include <wolfcrypt/async.h> 00047 #ifdef WOLFSSL_CERT_GEN 00048 #include <wolfcrypt/asn.h> 00049 #endif 00050 #endif 00051 00052 #ifdef WOLFSSL_ATECC508A 00053 #include <wolfcrypt/port/atmel/atmel.h> 00054 #endif /* WOLFSSL_ATECC508A */ 00055 00056 00057 #ifdef __cplusplus 00058 extern "C" { 00059 #endif 00060 00061 00062 /* Enable curve B parameter if needed */ 00063 #if defined(HAVE_COMP_KEY) || defined(ECC_CACHE_CURVE) 00064 #ifndef USE_ECC_B_PARAM /* Allow someone to force enable */ 00065 #define USE_ECC_B_PARAM 00066 #endif 00067 #endif 00068 00069 00070 /* Use this as the key->idx if a custom ecc_set is used for key->dp */ 00071 #define ECC_CUSTOM_IDX (-1) 00072 00073 00074 /* Determine max ECC bits based on enabled curves */ 00075 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 00076 #define MAX_ECC_BITS 521 00077 #elif defined(HAVE_ECC512) 00078 #define MAX_ECC_BITS 512 00079 #elif defined(HAVE_ECC384) 00080 #define MAX_ECC_BITS 384 00081 #elif defined(HAVE_ECC320) 00082 #define MAX_ECC_BITS 320 00083 #elif !defined(NO_ECC256) 00084 #define MAX_ECC_BITS 256 00085 #elif defined(HAVE_ECC239) 00086 #define MAX_ECC_BITS 239 00087 #elif defined(HAVE_ECC224) 00088 #define MAX_ECC_BITS 224 00089 #elif defined(HAVE_ECC192) 00090 #define MAX_ECC_BITS 192 00091 #elif defined(HAVE_ECC160) 00092 #define MAX_ECC_BITS 160 00093 #elif defined(HAVE_ECC128) 00094 #define MAX_ECC_BITS 128 00095 #elif defined(HAVE_ECC112) 00096 #define MAX_ECC_BITS 112 00097 #endif 00098 00099 /* calculate max ECC bytes */ 00100 #if ((MAX_ECC_BITS * 2) % 8) == 0 00101 #define MAX_ECC_BYTES (MAX_ECC_BITS / 8) 00102 #else 00103 /* add byte if not aligned */ 00104 #define MAX_ECC_BYTES ((MAX_ECC_BITS / 8) + 1) 00105 #endif 00106 00107 00108 enum { 00109 ECC_PUBLICKEY = 1, 00110 ECC_PRIVATEKEY = 2, 00111 ECC_PRIVATEKEY_ONLY = 3, 00112 ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ 00113 SIG_HEADER_SZ = 6, /* ECC signature header size */ 00114 ECC_BUFSIZE = 256, /* for exported keys temp buffer */ 00115 ECC_MINSIZE = 20, /* MIN Private Key size */ 00116 ECC_MAXSIZE = 66, /* MAX Private Key size */ 00117 ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ 00118 ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */ 00119 ECC_MAX_OID_LEN = 16, 00120 ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ), 00121 00122 /* max crypto hardware size */ 00123 #ifdef WOLFSSL_ATECC508A 00124 ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */ 00125 ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2), 00126 #elif defined(PLUTON_CRYPTO_ECC) 00127 ECC_MAX_CRYPTO_HW_SIZE = 32, 00128 #endif 00129 00130 /* point encoding type */ 00131 ECC_TYPE_HEX_STR = 1, 00132 ECC_TYPE_UNSIGNED_BIN = 2, 00133 00134 /* point compression type */ 00135 ECC_POINT_COMP_EVEN = 0x02, 00136 ECC_POINT_COMP_ODD = 0x03, 00137 ECC_POINT_UNCOMP = 0x04, 00138 00139 /* Shamir's dual add constants */ 00140 SHAMIR_PRECOMP_SZ = 16, 00141 }; 00142 00143 /* Curve Types */ 00144 typedef enum ecc_curve_id { 00145 ECC_CURVE_INVALID = -1, 00146 ECC_CURVE_DEF = 0, /* NIST or SECP */ 00147 00148 /* NIST Prime Curves */ 00149 ECC_SECP192R1, 00150 ECC_PRIME192V2, 00151 ECC_PRIME192V3, 00152 ECC_PRIME239V1, 00153 ECC_PRIME239V2, 00154 ECC_PRIME239V3, 00155 ECC_SECP256R1, 00156 00157 /* SECP Curves */ 00158 ECC_SECP112R1, 00159 ECC_SECP112R2, 00160 ECC_SECP128R1, 00161 ECC_SECP128R2, 00162 ECC_SECP160R1, 00163 ECC_SECP160R2, 00164 ECC_SECP224R1, 00165 ECC_SECP384R1, 00166 ECC_SECP521R1, 00167 00168 /* Koblitz */ 00169 ECC_SECP160K1, 00170 ECC_SECP192K1, 00171 ECC_SECP224K1, 00172 ECC_SECP256K1, 00173 00174 /* Brainpool Curves */ 00175 ECC_BRAINPOOLP160R1, 00176 ECC_BRAINPOOLP192R1, 00177 ECC_BRAINPOOLP224R1, 00178 ECC_BRAINPOOLP256R1, 00179 ECC_BRAINPOOLP320R1, 00180 ECC_BRAINPOOLP384R1, 00181 ECC_BRAINPOOLP512R1, 00182 00183 /* Twisted Edwards Curves */ 00184 #ifdef HAVE_CURVE25519 00185 ECC_X25519, 00186 #endif 00187 #ifdef HAVE_X448 00188 ECC_X448, 00189 #endif 00190 00191 #ifdef WOLFSSL_CUSTOM_CURVES 00192 ECC_CURVE_CUSTOM, 00193 #endif 00194 } ecc_curve_id; 00195 00196 #ifdef HAVE_OID_ENCODING 00197 typedef word16 ecc_oid_t; 00198 #else 00199 typedef byte ecc_oid_t; 00200 /* OID encoded with ASN scheme: 00201 first element = (oid[0] * 40) + oid[1] 00202 if any element > 127 then MSB 0x80 indicates additional byte */ 00203 #endif 00204 00205 /* ECC set type defined a GF(p) curve */ 00206 #ifndef USE_WINDOWS_API 00207 typedef struct ecc_set_type { 00208 int size; /* The size of the curve in octets */ 00209 int id; /* id of this curve */ 00210 const char* name; /* name of this curve */ 00211 const char* prime; /* prime that defines the field, curve is in (hex) */ 00212 const char* Af; /* fields A param (hex) */ 00213 const char* Bf; /* fields B param (hex) */ 00214 const char* order; /* order of the curve (hex) */ 00215 const char* Gx; /* x coordinate of the base point on curve (hex) */ 00216 const char* Gy; /* y coordinate of the base point on curve (hex) */ 00217 const ecc_oid_t* oid; 00218 word32 oidSz; 00219 word32 oidSum; /* sum of encoded OID bytes */ 00220 int cofactor; 00221 } ecc_set_type; 00222 #else 00223 /* MSC does something different with the pointers to the arrays than GCC, 00224 * and it causes the FIPS checksum to fail. In the case of windows builds, 00225 * store everything as arrays instead of pointers to strings. */ 00226 00227 #define MAX_ECC_NAME 16 00228 #define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1) 00229 /* The values are stored as text strings. */ 00230 00231 typedef struct ecc_set_type { 00232 int size; /* The size of the curve in octets */ 00233 int id; /* id of this curve */ 00234 const char name[MAX_ECC_NAME]; /* name of this curve */ 00235 const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */ 00236 const char Af[MAX_ECC_STRING]; /* fields A param (hex) */ 00237 const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */ 00238 const char order[MAX_ECC_STRING]; /* order of the curve (hex) */ 00239 const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */ 00240 const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */ 00241 const ecc_oid_t oid[10]; 00242 word32 oidSz; 00243 word32 oidSum; /* sum of encoded OID bytes */ 00244 int cofactor; 00245 } ecc_set_type; 00246 #endif 00247 00248 00249 #ifdef ALT_ECC_SIZE 00250 00251 /* Note on ALT_ECC_SIZE: 00252 * The fast math code uses an array of a fixed size to store the big integers. 00253 * By default, the array is big enough for RSA keys. There is a size, 00254 * FP_MAX_BITS which can be used to make the array smaller when one wants ECC 00255 * but not RSA. Some people want fast math sized for both RSA and ECC, where 00256 * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate 00257 * ecc_point structure that uses an alternate fp_int that has a shorter array 00258 * of fp_digits. 00259 * 00260 * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of 00261 * mp_ints for the components of the point. With ALT_ECC_SIZE, the components 00262 * of the point are pointers that are set to each of a three item array of 00263 * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the 00264 * structure, the alt_fp_int will only have 528 bits. A size value was added 00265 * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The 00266 * functions fp_zero() and fp_copy() use the size parameter. An int needs to 00267 * be initialized before using it instead of just fp_zeroing it, the init will 00268 * call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the 00269 * number of bits used in the alternate FP_INT. 00270 * 00271 * Do not enable ALT_ECC_SIZE and disable fast math in the configuration. 00272 */ 00273 00274 #ifndef USE_FAST_MATH 00275 #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE 00276 #endif 00277 00278 /* determine max bits required for ECC math */ 00279 #ifndef FP_MAX_BITS_ECC 00280 /* check alignment */ 00281 #if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0 00282 /* max bits is double */ 00283 #define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2) 00284 #else 00285 /* max bits is doubled, plus one digit of fudge */ 00286 #define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT) 00287 #endif 00288 #else 00289 /* verify alignment */ 00290 #if FP_MAX_BITS_ECC % CHAR_BIT 00291 #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT 00292 #endif 00293 #endif 00294 00295 /* determine buffer size */ 00296 #define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT) 00297 00298 00299 /* This needs to match the size of the fp_int struct, except the 00300 * fp_digit array will be shorter. */ 00301 typedef struct alt_fp_int { 00302 int used, sign, size; 00303 fp_digit dp[FP_SIZE_ECC]; 00304 } alt_fp_int; 00305 #endif /* ALT_ECC_SIZE */ 00306 00307 #ifndef WC_ECCKEY_TYPE_DEFINED 00308 typedef struct ecc_key ecc_key; 00309 #define WC_ECCKEY_TYPE_DEFINED 00310 #endif 00311 00312 00313 /* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) => 00314 (x/z^2, y/z^3, 1) when interpreted as affine */ 00315 typedef struct { 00316 #ifndef ALT_ECC_SIZE 00317 mp_int x[1]; /* The x coordinate */ 00318 mp_int y[1]; /* The y coordinate */ 00319 mp_int z[1]; /* The z coordinate */ 00320 #else 00321 mp_int* x; /* The x coordinate */ 00322 mp_int* y; /* The y coordinate */ 00323 mp_int* z; /* The z coordinate */ 00324 alt_fp_int xyz[3]; 00325 #endif 00326 #ifdef WOLFSSL_SMALL_STACK_CACHE 00327 ecc_key* key; 00328 #endif 00329 } ecc_point; 00330 00331 /* ECC Flags */ 00332 enum { 00333 WC_ECC_FLAG_NONE = 0x00, 00334 #ifdef HAVE_ECC_CDH 00335 WC_ECC_FLAG_COFACTOR = 0x01, 00336 #endif 00337 }; 00338 00339 /* An ECC Key */ 00340 struct ecc_key { 00341 int type; /* Public or Private */ 00342 int idx; /* Index into the ecc_sets[] for the parameters of 00343 this curve if -1, this key is using user supplied 00344 curve in dp */ 00345 int state; 00346 word32 flags; 00347 const ecc_set_type* dp; /* domain parameters, either points to NIST 00348 curves (idx >= 0) or user supplied */ 00349 #ifdef WOLFSSL_CUSTOM_CURVES 00350 int deallocSet; 00351 #endif 00352 void* heap; /* heap hint */ 00353 ecc_point pubkey; /* public key */ 00354 mp_int k; /* private key */ 00355 #ifdef WOLFSSL_ATECC508A 00356 int slot; /* Key Slot Number (-1 unknown) */ 00357 byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; 00358 #endif 00359 #if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV) 00360 int devId; 00361 #endif 00362 #ifdef WOLFSSL_ASYNC_CRYPT 00363 mp_int* r; /* sign/verify temps */ 00364 mp_int* s; 00365 WC_ASYNC_DEV asyncDev; 00366 #ifdef HAVE_CAVIUM_V 00367 mp_int* e; /* Sign, Verify and Shared Secret */ 00368 mp_int* signK; 00369 #endif 00370 #ifdef WOLFSSL_CERT_GEN 00371 CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ 00372 #endif 00373 #endif /* WOLFSSL_ASYNC_CRYPT */ 00374 #ifdef WOLFSSL_SMALL_STACK_CACHE 00375 mp_int* t1; 00376 mp_int* t2; 00377 #ifdef ALT_ECC_SIZE 00378 mp_int* x; 00379 mp_int* y; 00380 mp_int* z; 00381 #endif 00382 #endif 00383 }; 00384 00385 00386 /* ECC predefined curve sets */ 00387 extern const ecc_set_type ecc_sets[]; 00388 00389 WOLFSSL_API 00390 const char* wc_ecc_get_name(int curve_id); 00391 00392 #ifndef WOLFSSL_ATECC508A 00393 00394 #ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL 00395 #define ECC_API WOLFSSL_API 00396 #else 00397 #define ECC_API WOLFSSL_LOCAL 00398 #endif 00399 00400 ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA, 00401 ecc_point* B, mp_int* kB, 00402 ecc_point* C, mp_int* a, mp_int* modulus, void* heap); 00403 00404 ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit); 00405 ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R, 00406 mp_int* a, mp_int* modulus, mp_digit mp); 00407 ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a, 00408 mp_int* modulus, mp_digit mp); 00409 00410 #endif 00411 00412 WOLFSSL_API 00413 int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); 00414 WOLFSSL_API 00415 int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, 00416 int curve_id); 00417 WOLFSSL_API 00418 int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut); 00419 WOLFSSL_API 00420 int wc_ecc_check_key(ecc_key* key); 00421 WOLFSSL_API 00422 int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime); 00423 00424 #ifdef HAVE_ECC_DHE 00425 WOLFSSL_API 00426 int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, 00427 word32* outlen); 00428 WOLFSSL_LOCAL 00429 int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point, 00430 byte* out, word32 *outlen); 00431 WOLFSSL_API 00432 int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point, 00433 byte* out, word32 *outlen); 00434 #define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */ 00435 #endif /* HAVE_ECC_DHE */ 00436 00437 #ifdef HAVE_ECC_SIGN 00438 WOLFSSL_API 00439 int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, 00440 WC_RNG* rng, ecc_key* key); 00441 WOLFSSL_API 00442 int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, 00443 ecc_key* key, mp_int *r, mp_int *s); 00444 #endif /* HAVE_ECC_SIGN */ 00445 00446 #ifdef HAVE_ECC_VERIFY 00447 WOLFSSL_API 00448 int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, 00449 word32 hashlen, int* stat, ecc_key* key); 00450 WOLFSSL_API 00451 int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, 00452 word32 hashlen, int* stat, ecc_key* key); 00453 #endif /* HAVE_ECC_VERIFY */ 00454 00455 WOLFSSL_API 00456 int wc_ecc_init(ecc_key* key); 00457 WOLFSSL_API 00458 int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); 00459 #ifdef WOLFSSL_CUSTOM_CURVES 00460 WOLFSSL_LOCAL 00461 void wc_ecc_free_curve(const ecc_set_type* curve, void* heap); 00462 #endif 00463 WOLFSSL_API 00464 int wc_ecc_free(ecc_key* key); 00465 WOLFSSL_API 00466 int wc_ecc_set_flags(ecc_key* key, word32 flags); 00467 WOLFSSL_API 00468 void wc_ecc_fp_free(void); 00469 00470 WOLFSSL_API 00471 int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id); 00472 00473 WOLFSSL_API 00474 int wc_ecc_is_valid_idx(int n); 00475 WOLFSSL_API 00476 int wc_ecc_get_curve_idx(int curve_id); 00477 WOLFSSL_API 00478 int wc_ecc_get_curve_id(int curve_idx); 00479 #define wc_ecc_get_curve_name_from_id wc_ecc_get_name 00480 WOLFSSL_API 00481 int wc_ecc_get_curve_size_from_id(int curve_id); 00482 00483 WOLFSSL_API 00484 int wc_ecc_get_curve_idx_from_name(const char* curveName); 00485 WOLFSSL_API 00486 int wc_ecc_get_curve_size_from_name(const char* curveName); 00487 WOLFSSL_API 00488 int wc_ecc_get_curve_id_from_name(const char* curveName); 00489 WOLFSSL_API 00490 int wc_ecc_get_curve_id_from_params(int fieldSize, 00491 const byte* prime, word32 primeSz, const byte* Af, word32 AfSz, 00492 const byte* Bf, word32 BfSz, const byte* order, word32 orderSz, 00493 const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor); 00494 00495 00496 WOLFSSL_API 00497 ecc_point* wc_ecc_new_point(void); 00498 WOLFSSL_API 00499 ecc_point* wc_ecc_new_point_h(void* h); 00500 WOLFSSL_API 00501 void wc_ecc_del_point(ecc_point* p); 00502 WOLFSSL_API 00503 void wc_ecc_del_point_h(ecc_point* p, void* h); 00504 WOLFSSL_API 00505 int wc_ecc_copy_point(ecc_point* p, ecc_point *r); 00506 WOLFSSL_API 00507 int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); 00508 WOLFSSL_API 00509 int wc_ecc_point_is_at_infinity(ecc_point *p); 00510 00511 #ifndef WOLFSSL_ATECC508A 00512 WOLFSSL_API 00513 int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, 00514 mp_int* a, mp_int* modulus, int map); 00515 WOLFSSL_LOCAL 00516 int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, 00517 mp_int* a, mp_int* modulus, int map, void* heap); 00518 #endif /* !WOLFSSL_ATECC508A */ 00519 00520 00521 #ifdef HAVE_ECC_KEY_EXPORT 00522 /* ASN key helpers */ 00523 WOLFSSL_API 00524 int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen); 00525 WOLFSSL_API 00526 int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed); 00527 /* extended functionality with compressed option */ 00528 #endif /* HAVE_ECC_KEY_EXPORT */ 00529 00530 #ifdef HAVE_ECC_KEY_IMPORT 00531 WOLFSSL_API 00532 int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); 00533 WOLFSSL_API 00534 int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, 00535 int curve_id); 00536 WOLFSSL_API 00537 int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, 00538 word32 pubSz, ecc_key* key); 00539 WOLFSSL_API 00540 int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, 00541 const byte* pub, word32 pubSz, ecc_key* key, int curve_id); 00542 WOLFSSL_API 00543 int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); 00544 WOLFSSL_API 00545 int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, 00546 byte* out, word32* outlen); 00547 WOLFSSL_API 00548 int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, 00549 byte* s, word32* sLen); 00550 WOLFSSL_API 00551 int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, 00552 const char* d, const char* curveName); 00553 WOLFSSL_API 00554 int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, 00555 const char* d, int curve_id); 00556 WOLFSSL_API 00557 int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy, 00558 byte* d, int curve_id); 00559 #endif /* HAVE_ECC_KEY_IMPORT */ 00560 00561 #ifdef HAVE_ECC_KEY_EXPORT 00562 WOLFSSL_API 00563 int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); 00564 WOLFSSL_API 00565 int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen, 00566 byte* qy, word32* qyLen); 00567 WOLFSSL_API 00568 int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen, 00569 byte* qy, word32* qyLen, byte* d, word32* dLen); 00570 #endif /* HAVE_ECC_KEY_EXPORT */ 00571 00572 #ifdef HAVE_ECC_KEY_EXPORT 00573 00574 WOLFSSL_API 00575 int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, 00576 byte* out, word32* outLen); 00577 #endif /* HAVE_ECC_KEY_EXPORT */ 00578 00579 00580 #ifdef HAVE_ECC_KEY_IMPORT 00581 WOLFSSL_API 00582 int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, 00583 ecc_point* point); 00584 #endif /* HAVE_ECC_KEY_IMPORT */ 00585 00586 /* size helper */ 00587 WOLFSSL_API 00588 int wc_ecc_size(ecc_key* key); 00589 WOLFSSL_API 00590 int wc_ecc_sig_size_calc(int sz); 00591 WOLFSSL_API 00592 int wc_ecc_sig_size(ecc_key* key); 00593 00594 WOLFSSL_API 00595 int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz); 00596 00597 #ifdef WOLFSSL_CUSTOM_CURVES 00598 WOLFSSL_API 00599 int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp); 00600 #endif 00601 00602 #ifdef HAVE_ECC_ENCRYPT 00603 /* ecc encrypt */ 00604 00605 enum ecEncAlgo { 00606 ecAES_128_CBC = 1, /* default */ 00607 ecAES_256_CBC = 2 00608 }; 00609 00610 enum ecKdfAlgo { 00611 ecHKDF_SHA256 = 1, /* default */ 00612 ecHKDF_SHA1 = 2 00613 }; 00614 00615 enum ecMacAlgo { 00616 ecHMAC_SHA256 = 1, /* default */ 00617 ecHMAC_SHA1 = 2 00618 }; 00619 00620 enum { 00621 KEY_SIZE_128 = 16, 00622 KEY_SIZE_256 = 32, 00623 IV_SIZE_64 = 8, 00624 IV_SIZE_128 = 16, 00625 EXCHANGE_SALT_SZ = 16, 00626 EXCHANGE_INFO_SZ = 23 00627 }; 00628 00629 enum ecFlags { 00630 REQ_RESP_CLIENT = 1, 00631 REQ_RESP_SERVER = 2 00632 }; 00633 00634 00635 typedef struct ecEncCtx ecEncCtx; 00636 00637 WOLFSSL_API 00638 ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng); 00639 WOLFSSL_API 00640 ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap); 00641 WOLFSSL_API 00642 void wc_ecc_ctx_free(ecEncCtx*); 00643 WOLFSSL_API 00644 int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */ 00645 00646 WOLFSSL_API 00647 const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*); 00648 WOLFSSL_API 00649 int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); 00650 WOLFSSL_API 00651 int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz); 00652 00653 WOLFSSL_API 00654 int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, 00655 word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); 00656 WOLFSSL_API 00657 int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, 00658 word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); 00659 00660 #endif /* HAVE_ECC_ENCRYPT */ 00661 00662 #ifdef HAVE_X963_KDF 00663 WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret, 00664 word32 secretSz, const byte* sinfo, word32 sinfoSz, 00665 byte* out, word32 outSz); 00666 #endif 00667 00668 #ifdef ECC_CACHE_CURVE 00669 WOLFSSL_API int wc_ecc_curve_cache_init(void); 00670 WOLFSSL_API void wc_ecc_curve_cache_free(void); 00671 #endif 00672 00673 00674 #ifdef __cplusplus 00675 } /* extern "C" */ 00676 #endif 00677 00678 #endif /* HAVE_ECC */ 00679 #endif /* WOLF_CRYPT_ECC_H */ 00680
Generated on Tue Jul 12 2022 16:58:05 by
1.7.2