wolf SSL
SSL/TLS Library
CyaSSL is SSL/TLS library for embedded systems.
cyassl/ctaocrypt/ecc.h@0:9d17e4342598, 2014-04-20 (annotated)
- Committer:
- wolfSSL
- Date:
- Sun Apr 20 12:40:57 2014 +0000
- Revision:
- 0:9d17e4342598
CyaSSL SSL/TLS Library 2.9.4;
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 0:9d17e4342598 | 1 | /* ecc.h |
| wolfSSL | 0:9d17e4342598 | 2 | * |
| wolfSSL | 0:9d17e4342598 | 3 | * Copyright (C) 2006-2013 wolfSSL Inc. |
| wolfSSL | 0:9d17e4342598 | 4 | * |
| wolfSSL | 0:9d17e4342598 | 5 | * This file is part of CyaSSL. |
| wolfSSL | 0:9d17e4342598 | 6 | * |
| wolfSSL | 0:9d17e4342598 | 7 | * CyaSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 0:9d17e4342598 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 0:9d17e4342598 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 0:9d17e4342598 | 10 | * (at your option) any later version. |
| wolfSSL | 0:9d17e4342598 | 11 | * |
| wolfSSL | 0:9d17e4342598 | 12 | * CyaSSL is distributed in the hope that it will be useful, |
| wolfSSL | 0:9d17e4342598 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 0:9d17e4342598 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 0:9d17e4342598 | 15 | * GNU General Public License for more details. |
| wolfSSL | 0:9d17e4342598 | 16 | * |
| wolfSSL | 0:9d17e4342598 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 0:9d17e4342598 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 0:9d17e4342598 | 19 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA |
| wolfSSL | 0:9d17e4342598 | 20 | */ |
| wolfSSL | 0:9d17e4342598 | 21 | |
| wolfSSL | 0:9d17e4342598 | 22 | #ifdef HAVE_ECC |
| wolfSSL | 0:9d17e4342598 | 23 | |
| wolfSSL | 0:9d17e4342598 | 24 | #ifndef CTAO_CRYPT_ECC_H |
| wolfSSL | 0:9d17e4342598 | 25 | #define CTAO_CRYPT_ECC_H |
| wolfSSL | 0:9d17e4342598 | 26 | |
| wolfSSL | 0:9d17e4342598 | 27 | #include <cyassl/ctaocrypt/types.h> |
| wolfSSL | 0:9d17e4342598 | 28 | #include <cyassl/ctaocrypt/integer.h> |
| wolfSSL | 0:9d17e4342598 | 29 | #include <cyassl/ctaocrypt/random.h> |
| wolfSSL | 0:9d17e4342598 | 30 | |
| wolfSSL | 0:9d17e4342598 | 31 | #ifdef __cplusplus |
| wolfSSL | 0:9d17e4342598 | 32 | extern "C" { |
| wolfSSL | 0:9d17e4342598 | 33 | #endif |
| wolfSSL | 0:9d17e4342598 | 34 | |
| wolfSSL | 0:9d17e4342598 | 35 | |
| wolfSSL | 0:9d17e4342598 | 36 | enum { |
| wolfSSL | 0:9d17e4342598 | 37 | ECC_PUBLICKEY = 1, |
| wolfSSL | 0:9d17e4342598 | 38 | ECC_PRIVATEKEY = 2, |
| wolfSSL | 0:9d17e4342598 | 39 | ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ |
| wolfSSL | 0:9d17e4342598 | 40 | SIG_HEADER_SZ = 6, /* ECC signature header size */ |
| wolfSSL | 0:9d17e4342598 | 41 | ECC_BUFSIZE = 256, /* for exported keys temp buffer */ |
| wolfSSL | 0:9d17e4342598 | 42 | ECC_MINSIZE = 20, /* MIN Private Key size */ |
| wolfSSL | 0:9d17e4342598 | 43 | ECC_MAXSIZE = 66 /* MAX Private Key size */ |
| wolfSSL | 0:9d17e4342598 | 44 | }; |
| wolfSSL | 0:9d17e4342598 | 45 | |
| wolfSSL | 0:9d17e4342598 | 46 | |
| wolfSSL | 0:9d17e4342598 | 47 | /* ECC set type defined a NIST GF(p) curve */ |
| wolfSSL | 0:9d17e4342598 | 48 | typedef struct { |
| wolfSSL | 0:9d17e4342598 | 49 | int size; /* The size of the curve in octets */ |
| wolfSSL | 0:9d17e4342598 | 50 | const char* name; /* name of this curve */ |
| wolfSSL | 0:9d17e4342598 | 51 | const char* prime; /* prime that defines the field, curve is in (hex) */ |
| wolfSSL | 0:9d17e4342598 | 52 | const char* Bf; /* fields B param (hex) */ |
| wolfSSL | 0:9d17e4342598 | 53 | const char* order; /* order of the curve (hex) */ |
| wolfSSL | 0:9d17e4342598 | 54 | const char* Gx; /* x coordinate of the base point on curve (hex) */ |
| wolfSSL | 0:9d17e4342598 | 55 | const char* Gy; /* y coordinate of the base point on curve (hex) */ |
| wolfSSL | 0:9d17e4342598 | 56 | } ecc_set_type; |
| wolfSSL | 0:9d17e4342598 | 57 | |
| wolfSSL | 0:9d17e4342598 | 58 | |
| wolfSSL | 0:9d17e4342598 | 59 | /* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) => |
| wolfSSL | 0:9d17e4342598 | 60 | (x/z^2, y/z^3, 1) when interpreted as affine */ |
| wolfSSL | 0:9d17e4342598 | 61 | typedef struct { |
| wolfSSL | 0:9d17e4342598 | 62 | mp_int x; /* The x coordinate */ |
| wolfSSL | 0:9d17e4342598 | 63 | mp_int y; /* The y coordinate */ |
| wolfSSL | 0:9d17e4342598 | 64 | mp_int z; /* The z coordinate */ |
| wolfSSL | 0:9d17e4342598 | 65 | } ecc_point; |
| wolfSSL | 0:9d17e4342598 | 66 | |
| wolfSSL | 0:9d17e4342598 | 67 | |
| wolfSSL | 0:9d17e4342598 | 68 | /* An ECC Key */ |
| wolfSSL | 0:9d17e4342598 | 69 | typedef struct { |
| wolfSSL | 0:9d17e4342598 | 70 | int type; /* Public or Private */ |
| wolfSSL | 0:9d17e4342598 | 71 | int idx; /* Index into the ecc_sets[] for the parameters of |
| wolfSSL | 0:9d17e4342598 | 72 | this curve if -1, this key is using user supplied |
| wolfSSL | 0:9d17e4342598 | 73 | curve in dp */ |
| wolfSSL | 0:9d17e4342598 | 74 | const ecc_set_type* dp; /* domain parameters, either points to NIST |
| wolfSSL | 0:9d17e4342598 | 75 | curves (idx >= 0) or user supplied */ |
| wolfSSL | 0:9d17e4342598 | 76 | ecc_point pubkey; /* public key */ |
| wolfSSL | 0:9d17e4342598 | 77 | mp_int k; /* private key */ |
| wolfSSL | 0:9d17e4342598 | 78 | } ecc_key; |
| wolfSSL | 0:9d17e4342598 | 79 | |
| wolfSSL | 0:9d17e4342598 | 80 | |
| wolfSSL | 0:9d17e4342598 | 81 | /* ECC predefined curve sets */ |
| wolfSSL | 0:9d17e4342598 | 82 | extern const ecc_set_type ecc_sets[]; |
| wolfSSL | 0:9d17e4342598 | 83 | |
| wolfSSL | 0:9d17e4342598 | 84 | |
| wolfSSL | 0:9d17e4342598 | 85 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 86 | int ecc_make_key(RNG* rng, int keysize, ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 87 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 88 | int ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, |
| wolfSSL | 0:9d17e4342598 | 89 | word32* outlen); |
| wolfSSL | 0:9d17e4342598 | 90 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 91 | int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, |
| wolfSSL | 0:9d17e4342598 | 92 | RNG* rng, ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 93 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 94 | int ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, |
| wolfSSL | 0:9d17e4342598 | 95 | word32 hashlen, int* stat, ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 96 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 97 | void ecc_init(ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 98 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 99 | void ecc_free(ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 100 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 101 | void ecc_fp_free(void); |
| wolfSSL | 0:9d17e4342598 | 102 | |
| wolfSSL | 0:9d17e4342598 | 103 | |
| wolfSSL | 0:9d17e4342598 | 104 | /* ASN key helpers */ |
| wolfSSL | 0:9d17e4342598 | 105 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 106 | int ecc_export_x963(ecc_key*, byte* out, word32* outLen); |
| wolfSSL | 0:9d17e4342598 | 107 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 108 | int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 109 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 110 | int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, |
| wolfSSL | 0:9d17e4342598 | 111 | word32 pubSz, ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 112 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 113 | int ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); |
| wolfSSL | 0:9d17e4342598 | 114 | |
| wolfSSL | 0:9d17e4342598 | 115 | /* size helper */ |
| wolfSSL | 0:9d17e4342598 | 116 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 117 | int ecc_size(ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 118 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 119 | int ecc_sig_size(ecc_key* key); |
| wolfSSL | 0:9d17e4342598 | 120 | |
| wolfSSL | 0:9d17e4342598 | 121 | |
| wolfSSL | 0:9d17e4342598 | 122 | #ifdef HAVE_ECC_ENCRYPT |
| wolfSSL | 0:9d17e4342598 | 123 | /* ecc encrypt */ |
| wolfSSL | 0:9d17e4342598 | 124 | |
| wolfSSL | 0:9d17e4342598 | 125 | enum ecEncAlgo { |
| wolfSSL | 0:9d17e4342598 | 126 | ecAES_128_CBC = 1, /* default */ |
| wolfSSL | 0:9d17e4342598 | 127 | ecAES_256_CBC = 2 |
| wolfSSL | 0:9d17e4342598 | 128 | }; |
| wolfSSL | 0:9d17e4342598 | 129 | |
| wolfSSL | 0:9d17e4342598 | 130 | enum ecKdfAlgo { |
| wolfSSL | 0:9d17e4342598 | 131 | ecHKDF_SHA256 = 1, /* default */ |
| wolfSSL | 0:9d17e4342598 | 132 | ecHKDF_SHA1 = 2 |
| wolfSSL | 0:9d17e4342598 | 133 | }; |
| wolfSSL | 0:9d17e4342598 | 134 | |
| wolfSSL | 0:9d17e4342598 | 135 | enum ecMacAlgo { |
| wolfSSL | 0:9d17e4342598 | 136 | ecHMAC_SHA256 = 1, /* default */ |
| wolfSSL | 0:9d17e4342598 | 137 | ecHMAC_SHA1 = 2 |
| wolfSSL | 0:9d17e4342598 | 138 | }; |
| wolfSSL | 0:9d17e4342598 | 139 | |
| wolfSSL | 0:9d17e4342598 | 140 | enum { |
| wolfSSL | 0:9d17e4342598 | 141 | KEY_SIZE_128 = 16, |
| wolfSSL | 0:9d17e4342598 | 142 | KEY_SIZE_256 = 32, |
| wolfSSL | 0:9d17e4342598 | 143 | IV_SIZE_64 = 8, |
| wolfSSL | 0:9d17e4342598 | 144 | EXCHANGE_SALT_SZ = 16, |
| wolfSSL | 0:9d17e4342598 | 145 | EXCHANGE_INFO_SZ = 23 |
| wolfSSL | 0:9d17e4342598 | 146 | }; |
| wolfSSL | 0:9d17e4342598 | 147 | |
| wolfSSL | 0:9d17e4342598 | 148 | enum ecFlags { |
| wolfSSL | 0:9d17e4342598 | 149 | REQ_RESP_CLIENT = 1, |
| wolfSSL | 0:9d17e4342598 | 150 | REQ_RESP_SERVER = 2 |
| wolfSSL | 0:9d17e4342598 | 151 | }; |
| wolfSSL | 0:9d17e4342598 | 152 | |
| wolfSSL | 0:9d17e4342598 | 153 | |
| wolfSSL | 0:9d17e4342598 | 154 | typedef struct ecEncCtx ecEncCtx; |
| wolfSSL | 0:9d17e4342598 | 155 | |
| wolfSSL | 0:9d17e4342598 | 156 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 157 | ecEncCtx* ecc_ctx_new(int flags, RNG* rng); |
| wolfSSL | 0:9d17e4342598 | 158 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 159 | void ecc_ctx_free(ecEncCtx*); |
| wolfSSL | 0:9d17e4342598 | 160 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 161 | int ecc_ctx_reset(ecEncCtx*, RNG*); /* reset for use again w/o alloc/free */ |
| wolfSSL | 0:9d17e4342598 | 162 | |
| wolfSSL | 0:9d17e4342598 | 163 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 164 | const byte* ecc_ctx_get_own_salt(ecEncCtx*); |
| wolfSSL | 0:9d17e4342598 | 165 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 166 | int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); |
| wolfSSL | 0:9d17e4342598 | 167 | |
| wolfSSL | 0:9d17e4342598 | 168 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 169 | int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, |
| wolfSSL | 0:9d17e4342598 | 170 | word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); |
| wolfSSL | 0:9d17e4342598 | 171 | CYASSL_API |
| wolfSSL | 0:9d17e4342598 | 172 | int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, |
| wolfSSL | 0:9d17e4342598 | 173 | word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); |
| wolfSSL | 0:9d17e4342598 | 174 | |
| wolfSSL | 0:9d17e4342598 | 175 | #endif /* HAVE_ECC_ENCRYPT */ |
| wolfSSL | 0:9d17e4342598 | 176 | |
| wolfSSL | 0:9d17e4342598 | 177 | #ifdef __cplusplus |
| wolfSSL | 0:9d17e4342598 | 178 | } /* extern "C" */ |
| wolfSSL | 0:9d17e4342598 | 179 | #endif |
| wolfSSL | 0:9d17e4342598 | 180 | |
| wolfSSL | 0:9d17e4342598 | 181 | #endif /* CTAO_CRYPT_ECC_H */ |
| wolfSSL | 0:9d17e4342598 | 182 | #endif /* HAVE_ECC */ |