ecc.h

00001 #ifndef _MICRO_ECC_H_
00002 #define _MICRO_ECC_H_
00003 
00004 #include <stdint.h>
00005 
00006 /* Optimization settings. Define as 1 to enable an optimization, 0 to disable it.
00007 ECC_SQUARE_FUNC - If enabled, this will cause a specific function to be used for (scalar) squaring instead of the generic
00008                   multiplication function. Improves speed by about 8% .
00009 */
00010 #define ECC_SQUARE_FUNC 1
00011 
00012 /* Inline assembly options.
00013 Inline assembly (gcc format) is provided for selected operations for Thumb and Thumb2/ARM.
00014 Improves speed by about 57% on Cortex-M0 when using ecc_asm_thumb.
00015 
00016 Note: You must choose the appropriate option for your target architecture, or compilation will fail
00017 with strange assembler messages.
00018 */
00019 #define ecc_asm_none   0
00020 #define ecc_asm_thumb  1 /* ARM Thumb assembly (including Cortex-M0) */
00021 #define ecc_asm_thumb2 2 /* ARM Thumb-2 assembly (eg Cortex-M3) */
00022 #define ecc_asm_arm    3 /* Regular ARM assembly */
00023 #ifndef ECC_ASM
00024     #define ECC_ASM ecc_asm_1
00025 #endif
00026 
00027 #define ECC_CONCAT1(a, b) a##b
00028 #define ECC_CONCAT(a, b) ECC_CONCAT1(a, b)
00029 
00030 /* Curve selection options. */
00031 #define secp128r1 1
00032 #define secp192r1 2
00033 #define secp256r1 3
00034 #define secp384r1 4
00035 #define secp256k1 5
00036 
00037 #ifndef ECC_CURVE
00038     #define ECC_CURVE secp256r1
00039 #endif
00040 
00041 #define ecc_size_1 4
00042 #define ecc_size_2 6
00043 #define ecc_size_3 8
00044 #define ecc_size_4 12
00045 #define ecc_size_5 8
00046 
00047 #define NUM_ECC_DIGITS ECC_CONCAT(ecc_size_, ECC_CURVE)
00048 
00049 #ifdef __cplusplus
00050 extern "C" {
00051 #endif
00052 
00053 typedef struct EccPoint
00054 {
00055     uint32_t x[NUM_ECC_DIGITS];  // es un array de 8 digitos  (cada posicion es un numero de 32 bits) luego representa 256 bits
00056     uint32_t y[NUM_ECC_DIGITS];
00057 } EccPoint;
00058 
00059 /* ecc_make_key() function.
00060 Create a public/private key pair.
00061 
00062 You must use a new nonpredictable random number to generate each new key pair.
00063 
00064 Outputs:
00065     p_publicKey  - Will be filled in with the point representing the public key.
00066     p_privateKey - Will be filled in with the private key.
00067 
00068 Inputs:
00069     p_random - The random number to use to generate the key pair.
00070 
00071 Returns 1 if the key pair was generated successfully, 0 if an error occurred. If 0 is returned,
00072 try again with a different random number.
00073 */
00074 int ecc_make_key(EccPoint *p_publicKey, uint32_t p_privateKey[NUM_ECC_DIGITS],
00075     const uint32_t p_random[NUM_ECC_DIGITS]);
00076 
00077 /* ecc_valid_public_key() function.
00078 Determine whether or not a given point is on the chosen elliptic curve (ie, is a valid public key).
00079 
00080 Inputs:
00081     p_publicKey - The point to check.
00082 
00083 Returns 1 if the given point is valid, 0 if it is invalid.
00084 */
00085 int ecc_valid_public_key(const EccPoint *p_publicKey);
00086 
00087 /* ecdh_shared_secret() function.
00088 Compute a shared secret given your secret key and someone else's public key.
00089 
00090 Optionally, you can provide a random multiplier for resistance to DPA attacks. The random multiplier
00091 should probably be different for each invocation of ecdh_shared_secret().
00092 
00093 Outputs:
00094     p_secret - Will be filled in with the shared secret value.
00095     
00096 Inputs:
00097     p_publicKey  - The public key of the remote party.
00098     p_privateKey - Your private key.
00099     p_random     - An optional random number to resist DPA attacks. Pass in NULL if DPA attacks are not a concern.
00100 
00101 Returns 1 if the shared secret was computed successfully, 0 otherwise.
00102 
00103 Note: It is recommended that you hash the result of ecdh_shared_secret before using it for symmetric encryption or HMAC.
00104 If you do not hash the shared secret, you must call ecc_valid_public_key() to verify that the remote side's public key is valid.
00105 If this is not done, an attacker could create a public key that would cause your use of the shared secret to leak information
00106 about your private key. */
00107 int ecdh_shared_secret(uint32_t p_secret[NUM_ECC_DIGITS], const EccPoint *p_publicKey,
00108     const uint32_t p_privateKey[NUM_ECC_DIGITS], const uint32_t p_random[NUM_ECC_DIGITS]);
00109 
00110 /* ecdsa_sign() function.
00111 Generate an ECDSA signature for a given hash value.
00112 
00113 Usage: Compute a hash of the data you wish to sign (SHA-2 is recommended) and pass it in to
00114 this function along with your private key and a random number.
00115 You must use a new nonpredictable random number to generate each new signature.
00116 
00117 Outputs:
00118     r, s - Will be filled in with the signature values.
00119 
00120 Inputs:
00121     p_privateKey - Your private key.
00122     p_random     - The random number to use to generate the signature.
00123     p_hash       - The message hash to sign.
00124 
00125 Returns 1 if the signature generated successfully, 0 if an error occurred. If 0 is returned,
00126 try again with a different random number.
00127 */
00128 int ecdsa_sign(uint32_t r[NUM_ECC_DIGITS], uint32_t s[NUM_ECC_DIGITS],
00129     const uint32_t p_privateKey[NUM_ECC_DIGITS], const uint32_t p_random[NUM_ECC_DIGITS],
00130     const uint32_t p_hash[NUM_ECC_DIGITS]);
00131 
00132 /* ecdsa_verify() function.
00133 Verify an ECDSA signature.
00134 
00135 Usage: Compute the hash of the signed data using the same hash as the signer and
00136 pass it to this function along with the signer's public key and the signature values (r and s).
00137 
00138 Inputs:
00139     p_publicKey - The signer's public key
00140     p_hash      - The hash of the signed data.
00141     r, s        - The signature values.
00142 
00143 Returns 1 if the signature is valid, 0 if it is invalid.
00144 */
00145 int ecdsa_verify(const EccPoint *p_publicKey, const uint32_t p_hash[NUM_ECC_DIGITS],
00146     const uint32_t r[NUM_ECC_DIGITS], const uint32_t s[NUM_ECC_DIGITS]);
00147 
00148 /* ecc_bytes2native() function.
00149 Convert an integer in standard octet representation to the native format.
00150 
00151 Outputs:
00152     p_native - Will be filled in with the native integer value.
00153 
00154 Inputs:
00155     p_bytes - The standard octet representation of the integer to convert.
00156 */
00157 void ecc_bytes2native(uint32_t p_native[NUM_ECC_DIGITS], const uint8_t p_bytes[NUM_ECC_DIGITS*4]);
00158 
00159 /* ecc_native2bytes() function.
00160 Convert an integer in native format to the standard octet representation.
00161 
00162 Outputs:
00163     p_bytes - Will be filled in with the standard octet representation of the integer.
00164 
00165 Inputs:
00166     p_native - The native integer value to convert.
00167 */
00168 void ecc_native2bytes(uint8_t p_bytes[NUM_ECC_DIGITS*4], const uint32_t p_native[NUM_ECC_DIGITS]);
00169 
00170 /* ecc_point_compress() function.
00171 Compress a point from native format into the standard compressed octet representation.
00172 
00173 Outputs:
00174     p_compressed  - Will be filled in with the compressed point representation.
00175 
00176 Inputs:
00177     p_point - The point to compress.
00178 */
00179 void ecc_point_compress(uint8_t p_compressed[NUM_ECC_DIGITS*4 + 1], const EccPoint *p_point);
00180 
00181 /* ecc_point_decompress() function.
00182 Decompress a point from the standard compressed octet representation to native format.
00183 
00184 Outputs:
00185     p_point  - Will be filled in with the native point representation.
00186 
00187 Inputs:
00188     p_compressed - The standard compressed octet representation of the point.
00189 */
00190 void ecc_point_decompress(EccPoint *p_point, const uint8_t p_compressed[NUM_ECC_DIGITS*4 + 1]);
00191 
00192 #ifdef __cplusplus
00193 } // extern "C"
00194 #endif
00195 
00196 #endif /* _MICRO_ECC_H_ */