wolf SSL / wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents:   CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfssl/wolfcrypt/ecc.h@7:481bce714567, 2017-05-02 (annotated)

Committer:
wolfSSL
Date:
Tue May 02 08:44:47 2017 +0000
Revision:
7:481bce714567
wolfSSL3.10.2

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 7:481bce714567 1 /* ecc.h
wolfSSL 7:481bce714567 2 *
wolfSSL 7:481bce714567 3 * Copyright (C) 2006-2016 wolfSSL Inc.
wolfSSL 7:481bce714567 4 *
wolfSSL 7:481bce714567 5 * This file is part of wolfSSL.
wolfSSL 7:481bce714567 6 *
wolfSSL 7:481bce714567 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 7:481bce714567 8 * it under the terms of the GNU General Public License as published by
wolfSSL 7:481bce714567 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 7:481bce714567 10 * (at your option) any later version.
wolfSSL 7:481bce714567 11 *
wolfSSL 7:481bce714567 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 7:481bce714567 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 7:481bce714567 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 7:481bce714567 15 * GNU General Public License for more details.
wolfSSL 7:481bce714567 16 *
wolfSSL 7:481bce714567 17 * You should have received a copy of the GNU General Public License
wolfSSL 7:481bce714567 18 * along with this program; if not, write to the Free Software
wolfSSL 7:481bce714567 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 7:481bce714567 20 */
wolfSSL 7:481bce714567 21
wolfSSL 7:481bce714567 22
wolfSSL 7:481bce714567 23 #ifndef WOLF_CRYPT_ECC_H
wolfSSL 7:481bce714567 24 #define WOLF_CRYPT_ECC_H
wolfSSL 7:481bce714567 25
wolfSSL 7:481bce714567 26 #include <wolfssl/wolfcrypt/types.h>
wolfSSL 7:481bce714567 27
wolfSSL 7:481bce714567 28 #ifdef HAVE_ECC
wolfSSL 7:481bce714567 29
wolfSSL 7:481bce714567 30 #include <wolfssl/wolfcrypt/integer.h>
wolfSSL 7:481bce714567 31 #include <wolfssl/wolfcrypt/random.h>
wolfSSL 7:481bce714567 32
wolfSSL 7:481bce714567 33 #ifdef HAVE_X963_KDF
wolfSSL 7:481bce714567 34 #include <wolfssl/wolfcrypt/hash.h>
wolfSSL 7:481bce714567 35 #endif
wolfSSL 7:481bce714567 36
wolfSSL 7:481bce714567 37 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 7:481bce714567 38 #include <wolfssl/wolfcrypt/async.h>
wolfSSL 7:481bce714567 39 #endif
wolfSSL 7:481bce714567 40
wolfSSL 7:481bce714567 41 #ifdef WOLFSSL_ATECC508A
wolfSSL 7:481bce714567 42 #include <wolfssl/wolfcrypt/port/atmel/atmel.h>
wolfSSL 7:481bce714567 43 #endif /* WOLFSSL_ATECC508A */
wolfSSL 7:481bce714567 44
wolfSSL 7:481bce714567 45
wolfSSL 7:481bce714567 46 #ifdef __cplusplus
wolfSSL 7:481bce714567 47 extern "C" {
wolfSSL 7:481bce714567 48 #endif
wolfSSL 7:481bce714567 49
wolfSSL 7:481bce714567 50
wolfSSL 7:481bce714567 51 /* Enable curve B parameter if needed */
wolfSSL 7:481bce714567 52 #if defined(HAVE_COMP_KEY) || defined(ECC_CACHE_CURVE)
wolfSSL 7:481bce714567 53 #ifndef USE_ECC_B_PARAM /* Allow someone to force enable */
wolfSSL 7:481bce714567 54 #define USE_ECC_B_PARAM
wolfSSL 7:481bce714567 55 #endif
wolfSSL 7:481bce714567 56 #endif
wolfSSL 7:481bce714567 57
wolfSSL 7:481bce714567 58
wolfSSL 7:481bce714567 59 /* Use this as the key->idx if a custom ecc_set is used for key->dp */
wolfSSL 7:481bce714567 60 #define ECC_CUSTOM_IDX (-1)
wolfSSL 7:481bce714567 61
wolfSSL 7:481bce714567 62
wolfSSL 7:481bce714567 63 /* Determine max ECC bits based on enabled curves */
wolfSSL 7:481bce714567 64 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
wolfSSL 7:481bce714567 65 #define MAX_ECC_BITS 521
wolfSSL 7:481bce714567 66 #elif defined(HAVE_ECC512)
wolfSSL 7:481bce714567 67 #define MAX_ECC_BITS 512
wolfSSL 7:481bce714567 68 #elif defined(HAVE_ECC384)
wolfSSL 7:481bce714567 69 #define MAX_ECC_BITS 384
wolfSSL 7:481bce714567 70 #elif defined(HAVE_ECC320)
wolfSSL 7:481bce714567 71 #define MAX_ECC_BITS 320
wolfSSL 7:481bce714567 72 #elif defined(HAVE_ECC239)
wolfSSL 7:481bce714567 73 #define MAX_ECC_BITS 239
wolfSSL 7:481bce714567 74 #elif defined(HAVE_ECC224)
wolfSSL 7:481bce714567 75 #define MAX_ECC_BITS 224
wolfSSL 7:481bce714567 76 #elif !defined(NO_ECC256)
wolfSSL 7:481bce714567 77 #define MAX_ECC_BITS 256
wolfSSL 7:481bce714567 78 #elif defined(HAVE_ECC192)
wolfSSL 7:481bce714567 79 #define MAX_ECC_BITS 192
wolfSSL 7:481bce714567 80 #elif defined(HAVE_ECC160)
wolfSSL 7:481bce714567 81 #define MAX_ECC_BITS 160
wolfSSL 7:481bce714567 82 #elif defined(HAVE_ECC128)
wolfSSL 7:481bce714567 83 #define MAX_ECC_BITS 128
wolfSSL 7:481bce714567 84 #elif defined(HAVE_ECC112)
wolfSSL 7:481bce714567 85 #define MAX_ECC_BITS 112
wolfSSL 7:481bce714567 86 #endif
wolfSSL 7:481bce714567 87
wolfSSL 7:481bce714567 88 /* calculate max ECC bytes */
wolfSSL 7:481bce714567 89 #if ((MAX_ECC_BITS * 2) % 8) == 0
wolfSSL 7:481bce714567 90 #define MAX_ECC_BYTES (MAX_ECC_BITS / 8)
wolfSSL 7:481bce714567 91 #else
wolfSSL 7:481bce714567 92 /* add byte if not aligned */
wolfSSL 7:481bce714567 93 #define MAX_ECC_BYTES ((MAX_ECC_BITS / 8) + 1)
wolfSSL 7:481bce714567 94 #endif
wolfSSL 7:481bce714567 95
wolfSSL 7:481bce714567 96
wolfSSL 7:481bce714567 97 enum {
wolfSSL 7:481bce714567 98 ECC_PUBLICKEY = 1,
wolfSSL 7:481bce714567 99 ECC_PRIVATEKEY = 2,
wolfSSL 7:481bce714567 100 ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */
wolfSSL 7:481bce714567 101 SIG_HEADER_SZ = 6, /* ECC signature header size */
wolfSSL 7:481bce714567 102 ECC_BUFSIZE = 256, /* for exported keys temp buffer */
wolfSSL 7:481bce714567 103 ECC_MINSIZE = 20, /* MIN Private Key size */
wolfSSL 7:481bce714567 104 ECC_MAXSIZE = 66, /* MAX Private Key size */
wolfSSL 7:481bce714567 105 ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/
wolfSSL 7:481bce714567 106 ECC_MAX_PAD_SZ = 4, /* ECC maximum padding size */
wolfSSL 7:481bce714567 107 ECC_MAX_OID_LEN = 16,
wolfSSL 7:481bce714567 108 ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + SIG_HEADER_SZ)
wolfSSL 7:481bce714567 109 };
wolfSSL 7:481bce714567 110
wolfSSL 7:481bce714567 111 /* Curve Types */
wolfSSL 7:481bce714567 112 typedef enum ecc_curve_id {
wolfSSL 7:481bce714567 113 ECC_CURVE_DEF, /* NIST or SECP */
wolfSSL 7:481bce714567 114
wolfSSL 7:481bce714567 115 /* NIST Prime Curves */
wolfSSL 7:481bce714567 116 ECC_SECP192R1,
wolfSSL 7:481bce714567 117 ECC_PRIME192V2,
wolfSSL 7:481bce714567 118 ECC_PRIME192V3,
wolfSSL 7:481bce714567 119 ECC_PRIME239V1,
wolfSSL 7:481bce714567 120 ECC_PRIME239V2,
wolfSSL 7:481bce714567 121 ECC_PRIME239V3,
wolfSSL 7:481bce714567 122 ECC_SECP256R1,
wolfSSL 7:481bce714567 123
wolfSSL 7:481bce714567 124 /* SECP Curves */
wolfSSL 7:481bce714567 125 ECC_SECP112R1,
wolfSSL 7:481bce714567 126 ECC_SECP112R2,
wolfSSL 7:481bce714567 127 ECC_SECP128R1,
wolfSSL 7:481bce714567 128 ECC_SECP128R2,
wolfSSL 7:481bce714567 129 ECC_SECP160R1,
wolfSSL 7:481bce714567 130 ECC_SECP160R2,
wolfSSL 7:481bce714567 131 ECC_SECP224R1,
wolfSSL 7:481bce714567 132 ECC_SECP384R1,
wolfSSL 7:481bce714567 133 ECC_SECP521R1,
wolfSSL 7:481bce714567 134
wolfSSL 7:481bce714567 135 /* Koblitz */
wolfSSL 7:481bce714567 136 ECC_SECP160K1,
wolfSSL 7:481bce714567 137 ECC_SECP192K1,
wolfSSL 7:481bce714567 138 ECC_SECP224K1,
wolfSSL 7:481bce714567 139 ECC_SECP256K1,
wolfSSL 7:481bce714567 140
wolfSSL 7:481bce714567 141 /* Brainpool Curves */
wolfSSL 7:481bce714567 142 ECC_BRAINPOOLP160R1,
wolfSSL 7:481bce714567 143 ECC_BRAINPOOLP192R1,
wolfSSL 7:481bce714567 144 ECC_BRAINPOOLP224R1,
wolfSSL 7:481bce714567 145 ECC_BRAINPOOLP256R1,
wolfSSL 7:481bce714567 146 ECC_BRAINPOOLP320R1,
wolfSSL 7:481bce714567 147 ECC_BRAINPOOLP384R1,
wolfSSL 7:481bce714567 148 ECC_BRAINPOOLP512R1,
wolfSSL 7:481bce714567 149 } ecc_curve_id;
wolfSSL 7:481bce714567 150
wolfSSL 7:481bce714567 151 #ifdef HAVE_OID_ENCODING
wolfSSL 7:481bce714567 152 typedef word16 ecc_oid_t;
wolfSSL 7:481bce714567 153 #else
wolfSSL 7:481bce714567 154 typedef byte ecc_oid_t;
wolfSSL 7:481bce714567 155 /* OID encoded with ASN scheme:
wolfSSL 7:481bce714567 156 first element = (oid[0] * 40) + oid[1]
wolfSSL 7:481bce714567 157 if any element > 127 then MSB 0x80 indicates additional byte */
wolfSSL 7:481bce714567 158 #endif
wolfSSL 7:481bce714567 159
wolfSSL 7:481bce714567 160 /* ECC set type defined a GF(p) curve */
wolfSSL 7:481bce714567 161 typedef struct ecc_set_type {
wolfSSL 7:481bce714567 162 int size; /* The size of the curve in octets */
wolfSSL 7:481bce714567 163 int id; /* id of this curve */
wolfSSL 7:481bce714567 164 const char* name; /* name of this curve */
wolfSSL 7:481bce714567 165 const char* prime; /* prime that defines the field, curve is in (hex) */
wolfSSL 7:481bce714567 166 const char* Af; /* fields A param (hex) */
wolfSSL 7:481bce714567 167 const char* Bf; /* fields B param (hex) */
wolfSSL 7:481bce714567 168 const char* order; /* order of the curve (hex) */
wolfSSL 7:481bce714567 169 const char* Gx; /* x coordinate of the base point on curve (hex) */
wolfSSL 7:481bce714567 170 const char* Gy; /* y coordinate of the base point on curve (hex) */
wolfSSL 7:481bce714567 171 const ecc_oid_t* oid;
wolfSSL 7:481bce714567 172 word32 oidSz;
wolfSSL 7:481bce714567 173 word32 oidSum; /* sum of encoded OID bytes */
wolfSSL 7:481bce714567 174 int cofactor;
wolfSSL 7:481bce714567 175 } ecc_set_type;
wolfSSL 7:481bce714567 176
wolfSSL 7:481bce714567 177
wolfSSL 7:481bce714567 178 #ifdef ALT_ECC_SIZE
wolfSSL 7:481bce714567 179
wolfSSL 7:481bce714567 180 /* Note on ALT_ECC_SIZE:
wolfSSL 7:481bce714567 181 * The fast math code uses an array of a fixed size to store the big integers.
wolfSSL 7:481bce714567 182 * By default, the array is big enough for RSA keys. There is a size,
wolfSSL 7:481bce714567 183 * FP_MAX_BITS which can be used to make the array smaller when one wants ECC
wolfSSL 7:481bce714567 184 * but not RSA. Some people want fast math sized for both RSA and ECC, where
wolfSSL 7:481bce714567 185 * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate
wolfSSL 7:481bce714567 186 * ecc_point structure that uses an alternate fp_int that has a shorter array
wolfSSL 7:481bce714567 187 * of fp_digits.
wolfSSL 7:481bce714567 188 *
wolfSSL 7:481bce714567 189 * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of
wolfSSL 7:481bce714567 190 * mp_ints for the components of the point. With ALT_ECC_SIZE, the components
wolfSSL 7:481bce714567 191 * of the point are pointers that are set to each of a three item array of
wolfSSL 7:481bce714567 192 * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
wolfSSL 7:481bce714567 193 * structure, the alt_fp_int will only have 528 bits. A size value was added
wolfSSL 7:481bce714567 194 * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
wolfSSL 7:481bce714567 195 * functions fp_zero() and fp_copy() use the size parameter. An int needs to
wolfSSL 7:481bce714567 196 * be initialized before using it instead of just fp_zeroing it, the init will
wolfSSL 7:481bce714567 197 * call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
wolfSSL 7:481bce714567 198 * number of bits used in the alternate FP_INT.
wolfSSL 7:481bce714567 199 *
wolfSSL 7:481bce714567 200 * Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
wolfSSL 7:481bce714567 201 */
wolfSSL 7:481bce714567 202
wolfSSL 7:481bce714567 203 #ifndef USE_FAST_MATH
wolfSSL 7:481bce714567 204 #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
wolfSSL 7:481bce714567 205 #endif
wolfSSL 7:481bce714567 206
wolfSSL 7:481bce714567 207 /* determine max bits required for ECC math */
wolfSSL 7:481bce714567 208 #ifndef FP_MAX_BITS_ECC
wolfSSL 7:481bce714567 209 /* check alignment */
wolfSSL 7:481bce714567 210 #if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0
wolfSSL 7:481bce714567 211 /* max bits is double */
wolfSSL 7:481bce714567 212 #define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2)
wolfSSL 7:481bce714567 213 #else
wolfSSL 7:481bce714567 214 /* max bits is doubled, plus one digit of fudge */
wolfSSL 7:481bce714567 215 #define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT)
wolfSSL 7:481bce714567 216 #endif
wolfSSL 7:481bce714567 217 #else
wolfSSL 7:481bce714567 218 /* verify alignment */
wolfSSL 7:481bce714567 219 #if FP_MAX_BITS_ECC % CHAR_BIT
wolfSSL 7:481bce714567 220 #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
wolfSSL 7:481bce714567 221 #endif
wolfSSL 7:481bce714567 222 #endif
wolfSSL 7:481bce714567 223
wolfSSL 7:481bce714567 224 /* determine buffer size */
wolfSSL 7:481bce714567 225 #define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT)
wolfSSL 7:481bce714567 226
wolfSSL 7:481bce714567 227
wolfSSL 7:481bce714567 228 /* This needs to match the size of the fp_int struct, except the
wolfSSL 7:481bce714567 229 * fp_digit array will be shorter. */
wolfSSL 7:481bce714567 230 typedef struct alt_fp_int {
wolfSSL 7:481bce714567 231 int used, sign, size;
wolfSSL 7:481bce714567 232 fp_digit dp[FP_SIZE_ECC];
wolfSSL 7:481bce714567 233 } alt_fp_int;
wolfSSL 7:481bce714567 234 #endif /* ALT_ECC_SIZE */
wolfSSL 7:481bce714567 235
wolfSSL 7:481bce714567 236 /* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
wolfSSL 7:481bce714567 237 (x/z^2, y/z^3, 1) when interpreted as affine */
wolfSSL 7:481bce714567 238 typedef struct {
wolfSSL 7:481bce714567 239 #ifndef ALT_ECC_SIZE
wolfSSL 7:481bce714567 240 mp_int x[1]; /* The x coordinate */
wolfSSL 7:481bce714567 241 mp_int y[1]; /* The y coordinate */
wolfSSL 7:481bce714567 242 mp_int z[1]; /* The z coordinate */
wolfSSL 7:481bce714567 243 #else
wolfSSL 7:481bce714567 244 mp_int* x; /* The x coordinate */
wolfSSL 7:481bce714567 245 mp_int* y; /* The y coordinate */
wolfSSL 7:481bce714567 246 mp_int* z; /* The z coordinate */
wolfSSL 7:481bce714567 247 alt_fp_int xyz[3];
wolfSSL 7:481bce714567 248 #endif
wolfSSL 7:481bce714567 249 } ecc_point;
wolfSSL 7:481bce714567 250
wolfSSL 7:481bce714567 251 /* ECC Flags */
wolfSSL 7:481bce714567 252 enum {
wolfSSL 7:481bce714567 253 WC_ECC_FLAG_NONE = 0x00,
wolfSSL 7:481bce714567 254 #ifdef HAVE_ECC_CDH
wolfSSL 7:481bce714567 255 WC_ECC_FLAG_COFACTOR = 0x01,
wolfSSL 7:481bce714567 256 #endif
wolfSSL 7:481bce714567 257 };
wolfSSL 7:481bce714567 258
wolfSSL 7:481bce714567 259 /* An ECC Key */
wolfSSL 7:481bce714567 260 typedef struct ecc_key {
wolfSSL 7:481bce714567 261 int type; /* Public or Private */
wolfSSL 7:481bce714567 262 int idx; /* Index into the ecc_sets[] for the parameters of
wolfSSL 7:481bce714567 263 this curve if -1, this key is using user supplied
wolfSSL 7:481bce714567 264 curve in dp */
wolfSSL 7:481bce714567 265 int state;
wolfSSL 7:481bce714567 266 word32 flags;
wolfSSL 7:481bce714567 267 const ecc_set_type* dp; /* domain parameters, either points to NIST
wolfSSL 7:481bce714567 268 curves (idx >= 0) or user supplied */
wolfSSL 7:481bce714567 269 void* heap; /* heap hint */
wolfSSL 7:481bce714567 270 #ifdef WOLFSSL_ATECC508A
wolfSSL 7:481bce714567 271 int slot; /* Key Slot Number (-1 unknown) */
wolfSSL 7:481bce714567 272 byte pubkey[PUB_KEY_SIZE];
wolfSSL 7:481bce714567 273 #else
wolfSSL 7:481bce714567 274 ecc_point pubkey; /* public key */
wolfSSL 7:481bce714567 275 mp_int k; /* private key */
wolfSSL 7:481bce714567 276 #endif
wolfSSL 7:481bce714567 277 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 7:481bce714567 278 mp_int* r; /* sign/verify temps */
wolfSSL 7:481bce714567 279 mp_int* s;
wolfSSL 7:481bce714567 280 AsyncCryptDev asyncDev;
wolfSSL 7:481bce714567 281 #endif
wolfSSL 7:481bce714567 282 } ecc_key;
wolfSSL 7:481bce714567 283
wolfSSL 7:481bce714567 284
wolfSSL 7:481bce714567 285 /* ECC predefined curve sets */
wolfSSL 7:481bce714567 286 extern const ecc_set_type ecc_sets[];
wolfSSL 7:481bce714567 287
wolfSSL 7:481bce714567 288
wolfSSL 7:481bce714567 289 WOLFSSL_API
wolfSSL 7:481bce714567 290 int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
wolfSSL 7:481bce714567 291 WOLFSSL_API
wolfSSL 7:481bce714567 292 int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
wolfSSL 7:481bce714567 293 int curve_id);
wolfSSL 7:481bce714567 294 WOLFSSL_API
wolfSSL 7:481bce714567 295 int wc_ecc_check_key(ecc_key* key);
wolfSSL 7:481bce714567 296 WOLFSSL_API
wolfSSL 7:481bce714567 297 int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime);
wolfSSL 7:481bce714567 298
wolfSSL 7:481bce714567 299 #ifdef HAVE_ECC_DHE
wolfSSL 7:481bce714567 300 WOLFSSL_API
wolfSSL 7:481bce714567 301 int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
wolfSSL 7:481bce714567 302 word32* outlen);
wolfSSL 7:481bce714567 303 WOLFSSL_LOCAL
wolfSSL 7:481bce714567 304 int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point,
wolfSSL 7:481bce714567 305 byte* out, word32 *outlen);
wolfSSL 7:481bce714567 306 WOLFSSL_API
wolfSSL 7:481bce714567 307 int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
wolfSSL 7:481bce714567 308 byte* out, word32 *outlen);
wolfSSL 7:481bce714567 309 #define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */
wolfSSL 7:481bce714567 310 #endif /* HAVE_ECC_DHE */
wolfSSL 7:481bce714567 311
wolfSSL 7:481bce714567 312 #ifdef HAVE_ECC_SIGN
wolfSSL 7:481bce714567 313 WOLFSSL_API
wolfSSL 7:481bce714567 314 int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
wolfSSL 7:481bce714567 315 WC_RNG* rng, ecc_key* key);
wolfSSL 7:481bce714567 316 WOLFSSL_API
wolfSSL 7:481bce714567 317 int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
wolfSSL 7:481bce714567 318 ecc_key* key, mp_int *r, mp_int *s);
wolfSSL 7:481bce714567 319 #endif /* HAVE_ECC_SIGN */
wolfSSL 7:481bce714567 320
wolfSSL 7:481bce714567 321 #ifdef HAVE_ECC_VERIFY
wolfSSL 7:481bce714567 322 WOLFSSL_API
wolfSSL 7:481bce714567 323 int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
wolfSSL 7:481bce714567 324 word32 hashlen, int* stat, ecc_key* key);
wolfSSL 7:481bce714567 325 WOLFSSL_API
wolfSSL 7:481bce714567 326 int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
wolfSSL 7:481bce714567 327 word32 hashlen, int* stat, ecc_key* key);
wolfSSL 7:481bce714567 328 #endif /* HAVE_ECC_VERIFY */
wolfSSL 7:481bce714567 329
wolfSSL 7:481bce714567 330 WOLFSSL_API
wolfSSL 7:481bce714567 331 int wc_ecc_init(ecc_key* key);
wolfSSL 7:481bce714567 332 WOLFSSL_API
wolfSSL 7:481bce714567 333 int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
wolfSSL 7:481bce714567 334 WOLFSSL_API
wolfSSL 7:481bce714567 335 void wc_ecc_free(ecc_key* key);
wolfSSL 7:481bce714567 336 WOLFSSL_API
wolfSSL 7:481bce714567 337 int wc_ecc_set_flags(ecc_key* key, word32 flags);
wolfSSL 7:481bce714567 338 WOLFSSL_API
wolfSSL 7:481bce714567 339 void wc_ecc_fp_free(void);
wolfSSL 7:481bce714567 340
wolfSSL 7:481bce714567 341 WOLFSSL_API
wolfSSL 7:481bce714567 342 int wc_ecc_is_valid_idx(int n);
wolfSSL 7:481bce714567 343 WOLFSSL_API
wolfSSL 7:481bce714567 344 const char* wc_ecc_get_curve_name_from_id(int curve_id);
wolfSSL 7:481bce714567 345 WOLFSSL_API
wolfSSL 7:481bce714567 346 int wc_ecc_get_curve_size_from_id(int curve_id);
wolfSSL 7:481bce714567 347
wolfSSL 7:481bce714567 348 #ifndef WOLFSSL_ATECC508A
wolfSSL 7:481bce714567 349
wolfSSL 7:481bce714567 350 WOLFSSL_API
wolfSSL 7:481bce714567 351 ecc_point* wc_ecc_new_point(void);
wolfSSL 7:481bce714567 352 WOLFSSL_API
wolfSSL 7:481bce714567 353 ecc_point* wc_ecc_new_point_h(void* h);
wolfSSL 7:481bce714567 354 WOLFSSL_API
wolfSSL 7:481bce714567 355 void wc_ecc_del_point(ecc_point* p);
wolfSSL 7:481bce714567 356 WOLFSSL_API
wolfSSL 7:481bce714567 357 void wc_ecc_del_point_h(ecc_point* p, void* h);
wolfSSL 7:481bce714567 358 WOLFSSL_API
wolfSSL 7:481bce714567 359 int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
wolfSSL 7:481bce714567 360 WOLFSSL_API
wolfSSL 7:481bce714567 361 int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
wolfSSL 7:481bce714567 362 WOLFSSL_API
wolfSSL 7:481bce714567 363 int wc_ecc_point_is_at_infinity(ecc_point *p);
wolfSSL 7:481bce714567 364 WOLFSSL_API
wolfSSL 7:481bce714567 365 int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
wolfSSL 7:481bce714567 366 mp_int* a, mp_int* modulus, int map);
wolfSSL 7:481bce714567 367 WOLFSSL_LOCAL
wolfSSL 7:481bce714567 368 int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
wolfSSL 7:481bce714567 369 mp_int* a, mp_int* modulus, int map, void* heap);
wolfSSL 7:481bce714567 370 #endif /* !WOLFSSL_ATECC508A */
wolfSSL 7:481bce714567 371
wolfSSL 7:481bce714567 372
wolfSSL 7:481bce714567 373 #ifdef HAVE_ECC_KEY_EXPORT
wolfSSL 7:481bce714567 374 /* ASN key helpers */
wolfSSL 7:481bce714567 375 WOLFSSL_API
wolfSSL 7:481bce714567 376 int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen);
wolfSSL 7:481bce714567 377 WOLFSSL_API
wolfSSL 7:481bce714567 378 int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
wolfSSL 7:481bce714567 379 /* extended functionality with compressed option */
wolfSSL 7:481bce714567 380 #endif /* HAVE_ECC_KEY_EXPORT */
wolfSSL 7:481bce714567 381
wolfSSL 7:481bce714567 382 #ifdef HAVE_ECC_KEY_IMPORT
wolfSSL 7:481bce714567 383 WOLFSSL_API
wolfSSL 7:481bce714567 384 int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
wolfSSL 7:481bce714567 385 WOLFSSL_API
wolfSSL 7:481bce714567 386 int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
wolfSSL 7:481bce714567 387 int curve_id);
wolfSSL 7:481bce714567 388 WOLFSSL_API
wolfSSL 7:481bce714567 389 int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
wolfSSL 7:481bce714567 390 word32 pubSz, ecc_key* key);
wolfSSL 7:481bce714567 391 WOLFSSL_API
wolfSSL 7:481bce714567 392 int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
wolfSSL 7:481bce714567 393 const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
wolfSSL 7:481bce714567 394 WOLFSSL_API
wolfSSL 7:481bce714567 395 int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
wolfSSL 7:481bce714567 396 WOLFSSL_API
wolfSSL 7:481bce714567 397 int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
wolfSSL 7:481bce714567 398 byte* s, word32* sLen);
wolfSSL 7:481bce714567 399 WOLFSSL_API
wolfSSL 7:481bce714567 400 int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
wolfSSL 7:481bce714567 401 const char* d, const char* curveName);
wolfSSL 7:481bce714567 402 WOLFSSL_API
wolfSSL 7:481bce714567 403 int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy,
wolfSSL 7:481bce714567 404 const char* d, int curve_id);
wolfSSL 7:481bce714567 405 #endif /* HAVE_ECC_KEY_IMPORT */
wolfSSL 7:481bce714567 406
wolfSSL 7:481bce714567 407 #ifdef HAVE_ECC_KEY_EXPORT
wolfSSL 7:481bce714567 408 WOLFSSL_API
wolfSSL 7:481bce714567 409 int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
wolfSSL 7:481bce714567 410 WOLFSSL_API
wolfSSL 7:481bce714567 411 int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen,
wolfSSL 7:481bce714567 412 byte* qy, word32* qyLen);
wolfSSL 7:481bce714567 413 WOLFSSL_API
wolfSSL 7:481bce714567 414 int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen,
wolfSSL 7:481bce714567 415 byte* qy, word32* qyLen, byte* d, word32* dLen);
wolfSSL 7:481bce714567 416 #endif /* HAVE_ECC_KEY_EXPORT */
wolfSSL 7:481bce714567 417
wolfSSL 7:481bce714567 418 #ifdef HAVE_ECC_KEY_EXPORT
wolfSSL 7:481bce714567 419
wolfSSL 7:481bce714567 420 WOLFSSL_API
wolfSSL 7:481bce714567 421 int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
wolfSSL 7:481bce714567 422 byte* out, word32* outLen);
wolfSSL 7:481bce714567 423 #endif /* HAVE_ECC_KEY_EXPORT */
wolfSSL 7:481bce714567 424
wolfSSL 7:481bce714567 425
wolfSSL 7:481bce714567 426 #ifdef HAVE_ECC_KEY_IMPORT
wolfSSL 7:481bce714567 427 WOLFSSL_API
wolfSSL 7:481bce714567 428 int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
wolfSSL 7:481bce714567 429 ecc_point* point);
wolfSSL 7:481bce714567 430 #endif /* HAVE_ECC_KEY_IMPORT */
wolfSSL 7:481bce714567 431
wolfSSL 7:481bce714567 432 /* size helper */
wolfSSL 7:481bce714567 433 WOLFSSL_API
wolfSSL 7:481bce714567 434 int wc_ecc_size(ecc_key* key);
wolfSSL 7:481bce714567 435 WOLFSSL_API
wolfSSL 7:481bce714567 436 int wc_ecc_sig_size(ecc_key* key);
wolfSSL 7:481bce714567 437
wolfSSL 7:481bce714567 438 WOLFSSL_API
wolfSSL 7:481bce714567 439 int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz);
wolfSSL 7:481bce714567 440
wolfSSL 7:481bce714567 441 #ifdef WOLFSSL_CUSTOM_CURVES
wolfSSL 7:481bce714567 442 WOLFSSL_API
wolfSSL 7:481bce714567 443 int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp);
wolfSSL 7:481bce714567 444 #endif
wolfSSL 7:481bce714567 445
wolfSSL 7:481bce714567 446 #ifdef HAVE_ECC_ENCRYPT
wolfSSL 7:481bce714567 447 /* ecc encrypt */
wolfSSL 7:481bce714567 448
wolfSSL 7:481bce714567 449 enum ecEncAlgo {
wolfSSL 7:481bce714567 450 ecAES_128_CBC = 1, /* default */
wolfSSL 7:481bce714567 451 ecAES_256_CBC = 2
wolfSSL 7:481bce714567 452 };
wolfSSL 7:481bce714567 453
wolfSSL 7:481bce714567 454 enum ecKdfAlgo {
wolfSSL 7:481bce714567 455 ecHKDF_SHA256 = 1, /* default */
wolfSSL 7:481bce714567 456 ecHKDF_SHA1 = 2
wolfSSL 7:481bce714567 457 };
wolfSSL 7:481bce714567 458
wolfSSL 7:481bce714567 459 enum ecMacAlgo {
wolfSSL 7:481bce714567 460 ecHMAC_SHA256 = 1, /* default */
wolfSSL 7:481bce714567 461 ecHMAC_SHA1 = 2
wolfSSL 7:481bce714567 462 };
wolfSSL 7:481bce714567 463
wolfSSL 7:481bce714567 464 enum {
wolfSSL 7:481bce714567 465 KEY_SIZE_128 = 16,
wolfSSL 7:481bce714567 466 KEY_SIZE_256 = 32,
wolfSSL 7:481bce714567 467 IV_SIZE_64 = 8,
wolfSSL 7:481bce714567 468 IV_SIZE_128 = 16,
wolfSSL 7:481bce714567 469 EXCHANGE_SALT_SZ = 16,
wolfSSL 7:481bce714567 470 EXCHANGE_INFO_SZ = 23
wolfSSL 7:481bce714567 471 };
wolfSSL 7:481bce714567 472
wolfSSL 7:481bce714567 473 enum ecFlags {
wolfSSL 7:481bce714567 474 REQ_RESP_CLIENT = 1,
wolfSSL 7:481bce714567 475 REQ_RESP_SERVER = 2
wolfSSL 7:481bce714567 476 };
wolfSSL 7:481bce714567 477
wolfSSL 7:481bce714567 478
wolfSSL 7:481bce714567 479 typedef struct ecEncCtx ecEncCtx;
wolfSSL 7:481bce714567 480
wolfSSL 7:481bce714567 481 WOLFSSL_API
wolfSSL 7:481bce714567 482 ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
wolfSSL 7:481bce714567 483 WOLFSSL_API
wolfSSL 7:481bce714567 484 ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap);
wolfSSL 7:481bce714567 485 WOLFSSL_API
wolfSSL 7:481bce714567 486 void wc_ecc_ctx_free(ecEncCtx*);
wolfSSL 7:481bce714567 487 WOLFSSL_API
wolfSSL 7:481bce714567 488 int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */
wolfSSL 7:481bce714567 489
wolfSSL 7:481bce714567 490 WOLFSSL_API
wolfSSL 7:481bce714567 491 const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
wolfSSL 7:481bce714567 492 WOLFSSL_API
wolfSSL 7:481bce714567 493 int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
wolfSSL 7:481bce714567 494 WOLFSSL_API
wolfSSL 7:481bce714567 495 int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
wolfSSL 7:481bce714567 496
wolfSSL 7:481bce714567 497 WOLFSSL_API
wolfSSL 7:481bce714567 498 int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
wolfSSL 7:481bce714567 499 word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
wolfSSL 7:481bce714567 500 WOLFSSL_API
wolfSSL 7:481bce714567 501 int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
wolfSSL 7:481bce714567 502 word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
wolfSSL 7:481bce714567 503
wolfSSL 7:481bce714567 504 #endif /* HAVE_ECC_ENCRYPT */
wolfSSL 7:481bce714567 505
wolfSSL 7:481bce714567 506 #ifdef HAVE_X963_KDF
wolfSSL 7:481bce714567 507 WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret,
wolfSSL 7:481bce714567 508 word32 secretSz, const byte* sinfo, word32 sinfoSz,
wolfSSL 7:481bce714567 509 byte* out, word32 outSz);
wolfSSL 7:481bce714567 510 #endif
wolfSSL 7:481bce714567 511
wolfSSL 7:481bce714567 512 #ifdef ECC_CACHE_CURVE
wolfSSL 7:481bce714567 513 WOLFSSL_API void wc_ecc_curve_cache_free(void);
wolfSSL 7:481bce714567 514 #endif
wolfSSL 7:481bce714567 515
wolfSSL 7:481bce714567 516 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 7:481bce714567 517 WOLFSSL_API int wc_ecc_async_handle(ecc_key* key,
wolfSSL 7:481bce714567 518 WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
wolfSSL 7:481bce714567 519 WOLFSSL_API int wc_ecc_async_wait(int ret, ecc_key* key);
wolfSSL 7:481bce714567 520 #endif
wolfSSL 7:481bce714567 521
wolfSSL 7:481bce714567 522 #ifdef __cplusplus
wolfSSL 7:481bce714567 523 } /* extern "C" */
wolfSSL 7:481bce714567 524 #endif
wolfSSL 7:481bce714567 525
wolfSSL 7:481bce714567 526 #endif /* HAVE_ECC */
wolfSSL 7:481bce714567 527 #endif /* WOLF_CRYPT_ECC_H */
wolfSSL 7:481bce714567 528