wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfssl/wolfcrypt/ecc.h@16:8e0d178b1d1e, 2020-06-04 (annotated)
- Committer:
- wolfSSL
- Date:
- Thu Jun 04 23:57:22 2020 +0000
- Revision:
- 16:8e0d178b1d1e
- Parent:
- 15:117db924cf7c
wolfSSL 4.4.0
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
wolfSSL | 15:117db924cf7c | 1 | /* ecc.h |
wolfSSL | 15:117db924cf7c | 2 | * |
wolfSSL | 16:8e0d178b1d1e | 3 | * Copyright (C) 2006-2020 wolfSSL Inc. |
wolfSSL | 15:117db924cf7c | 4 | * |
wolfSSL | 15:117db924cf7c | 5 | * This file is part of wolfSSL. |
wolfSSL | 15:117db924cf7c | 6 | * |
wolfSSL | 15:117db924cf7c | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
wolfSSL | 15:117db924cf7c | 8 | * it under the terms of the GNU General Public License as published by |
wolfSSL | 15:117db924cf7c | 9 | * the Free Software Foundation; either version 2 of the License, or |
wolfSSL | 15:117db924cf7c | 10 | * (at your option) any later version. |
wolfSSL | 15:117db924cf7c | 11 | * |
wolfSSL | 15:117db924cf7c | 12 | * wolfSSL is distributed in the hope that it will be useful, |
wolfSSL | 15:117db924cf7c | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
wolfSSL | 15:117db924cf7c | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
wolfSSL | 15:117db924cf7c | 15 | * GNU General Public License for more details. |
wolfSSL | 15:117db924cf7c | 16 | * |
wolfSSL | 15:117db924cf7c | 17 | * You should have received a copy of the GNU General Public License |
wolfSSL | 15:117db924cf7c | 18 | * along with this program; if not, write to the Free Software |
wolfSSL | 15:117db924cf7c | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
wolfSSL | 15:117db924cf7c | 20 | */ |
wolfSSL | 15:117db924cf7c | 21 | |
wolfSSL | 15:117db924cf7c | 22 | /*! |
wolfSSL | 15:117db924cf7c | 23 | \file wolfssl/wolfcrypt/ecc.h |
wolfSSL | 15:117db924cf7c | 24 | */ |
wolfSSL | 15:117db924cf7c | 25 | |
wolfSSL | 15:117db924cf7c | 26 | |
wolfSSL | 15:117db924cf7c | 27 | #ifndef WOLF_CRYPT_ECC_H |
wolfSSL | 15:117db924cf7c | 28 | #define WOLF_CRYPT_ECC_H |
wolfSSL | 15:117db924cf7c | 29 | |
wolfSSL | 15:117db924cf7c | 30 | #include <wolfssl/wolfcrypt/types.h> |
wolfSSL | 15:117db924cf7c | 31 | |
wolfSSL | 15:117db924cf7c | 32 | #ifdef HAVE_ECC |
wolfSSL | 15:117db924cf7c | 33 | |
wolfSSL | 16:8e0d178b1d1e | 34 | #if defined(HAVE_FIPS) && \ |
wolfSSL | 16:8e0d178b1d1e | 35 | defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) |
wolfSSL | 15:117db924cf7c | 36 | #include <wolfssl/wolfcrypt/fips.h> |
wolfSSL | 15:117db924cf7c | 37 | #endif /* HAVE_FIPS_VERSION >= 2 */ |
wolfSSL | 15:117db924cf7c | 38 | |
wolfSSL | 15:117db924cf7c | 39 | #include <wolfssl/wolfcrypt/integer.h> |
wolfSSL | 15:117db924cf7c | 40 | #include <wolfssl/wolfcrypt/random.h> |
wolfSSL | 15:117db924cf7c | 41 | |
wolfSSL | 15:117db924cf7c | 42 | #ifdef HAVE_X963_KDF |
wolfSSL | 15:117db924cf7c | 43 | #include <wolfssl/wolfcrypt/hash.h> |
wolfSSL | 15:117db924cf7c | 44 | #endif |
wolfSSL | 15:117db924cf7c | 45 | |
wolfSSL | 15:117db924cf7c | 46 | #ifdef WOLFSSL_ASYNC_CRYPT |
wolfSSL | 15:117db924cf7c | 47 | #include <wolfssl/wolfcrypt/async.h> |
wolfSSL | 15:117db924cf7c | 48 | #ifdef WOLFSSL_CERT_GEN |
wolfSSL | 15:117db924cf7c | 49 | #include <wolfssl/wolfcrypt/asn.h> |
wolfSSL | 15:117db924cf7c | 50 | #endif |
wolfSSL | 15:117db924cf7c | 51 | #endif |
wolfSSL | 15:117db924cf7c | 52 | |
wolfSSL | 15:117db924cf7c | 53 | #ifdef WOLFSSL_ATECC508A |
wolfSSL | 15:117db924cf7c | 54 | #include <wolfssl/wolfcrypt/port/atmel/atmel.h> |
wolfSSL | 15:117db924cf7c | 55 | #endif /* WOLFSSL_ATECC508A */ |
wolfSSL | 15:117db924cf7c | 56 | |
wolfSSL | 16:8e0d178b1d1e | 57 | #if defined(WOLFSSL_CRYPTOCELL) |
wolfSSL | 16:8e0d178b1d1e | 58 | #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h> |
wolfSSL | 16:8e0d178b1d1e | 59 | #endif |
wolfSSL | 15:117db924cf7c | 60 | |
wolfSSL | 15:117db924cf7c | 61 | #ifdef __cplusplus |
wolfSSL | 15:117db924cf7c | 62 | extern "C" { |
wolfSSL | 15:117db924cf7c | 63 | #endif |
wolfSSL | 15:117db924cf7c | 64 | |
wolfSSL | 15:117db924cf7c | 65 | |
wolfSSL | 15:117db924cf7c | 66 | /* Enable curve B parameter if needed */ |
wolfSSL | 15:117db924cf7c | 67 | #if defined(HAVE_COMP_KEY) || defined(ECC_CACHE_CURVE) |
wolfSSL | 15:117db924cf7c | 68 | #ifndef USE_ECC_B_PARAM /* Allow someone to force enable */ |
wolfSSL | 15:117db924cf7c | 69 | #define USE_ECC_B_PARAM |
wolfSSL | 15:117db924cf7c | 70 | #endif |
wolfSSL | 15:117db924cf7c | 71 | #endif |
wolfSSL | 15:117db924cf7c | 72 | |
wolfSSL | 15:117db924cf7c | 73 | |
wolfSSL | 15:117db924cf7c | 74 | /* Use this as the key->idx if a custom ecc_set is used for key->dp */ |
wolfSSL | 15:117db924cf7c | 75 | #define ECC_CUSTOM_IDX (-1) |
wolfSSL | 15:117db924cf7c | 76 | |
wolfSSL | 15:117db924cf7c | 77 | |
wolfSSL | 15:117db924cf7c | 78 | /* Determine max ECC bits based on enabled curves */ |
wolfSSL | 15:117db924cf7c | 79 | #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) |
wolfSSL | 15:117db924cf7c | 80 | #define MAX_ECC_BITS 521 |
wolfSSL | 15:117db924cf7c | 81 | #elif defined(HAVE_ECC512) |
wolfSSL | 15:117db924cf7c | 82 | #define MAX_ECC_BITS 512 |
wolfSSL | 15:117db924cf7c | 83 | #elif defined(HAVE_ECC384) |
wolfSSL | 15:117db924cf7c | 84 | #define MAX_ECC_BITS 384 |
wolfSSL | 15:117db924cf7c | 85 | #elif defined(HAVE_ECC320) |
wolfSSL | 15:117db924cf7c | 86 | #define MAX_ECC_BITS 320 |
wolfSSL | 15:117db924cf7c | 87 | #elif !defined(NO_ECC256) |
wolfSSL | 15:117db924cf7c | 88 | #define MAX_ECC_BITS 256 |
wolfSSL | 15:117db924cf7c | 89 | #elif defined(HAVE_ECC239) |
wolfSSL | 15:117db924cf7c | 90 | #define MAX_ECC_BITS 239 |
wolfSSL | 15:117db924cf7c | 91 | #elif defined(HAVE_ECC224) |
wolfSSL | 15:117db924cf7c | 92 | #define MAX_ECC_BITS 224 |
wolfSSL | 15:117db924cf7c | 93 | #elif defined(HAVE_ECC192) |
wolfSSL | 15:117db924cf7c | 94 | #define MAX_ECC_BITS 192 |
wolfSSL | 15:117db924cf7c | 95 | #elif defined(HAVE_ECC160) |
wolfSSL | 15:117db924cf7c | 96 | #define MAX_ECC_BITS 160 |
wolfSSL | 15:117db924cf7c | 97 | #elif defined(HAVE_ECC128) |
wolfSSL | 15:117db924cf7c | 98 | #define MAX_ECC_BITS 128 |
wolfSSL | 15:117db924cf7c | 99 | #elif defined(HAVE_ECC112) |
wolfSSL | 15:117db924cf7c | 100 | #define MAX_ECC_BITS 112 |
wolfSSL | 15:117db924cf7c | 101 | #endif |
wolfSSL | 15:117db924cf7c | 102 | |
wolfSSL | 15:117db924cf7c | 103 | /* calculate max ECC bytes */ |
wolfSSL | 15:117db924cf7c | 104 | #if ((MAX_ECC_BITS * 2) % 8) == 0 |
wolfSSL | 15:117db924cf7c | 105 | #define MAX_ECC_BYTES (MAX_ECC_BITS / 8) |
wolfSSL | 15:117db924cf7c | 106 | #else |
wolfSSL | 15:117db924cf7c | 107 | /* add byte if not aligned */ |
wolfSSL | 15:117db924cf7c | 108 | #define MAX_ECC_BYTES ((MAX_ECC_BITS / 8) + 1) |
wolfSSL | 15:117db924cf7c | 109 | #endif |
wolfSSL | 15:117db924cf7c | 110 | |
wolfSSL | 16:8e0d178b1d1e | 111 | #ifndef ECC_MAX_PAD_SZ |
wolfSSL | 16:8e0d178b1d1e | 112 | /* ECC maximum padding size (when MSB is set extra byte required for R and S) */ |
wolfSSL | 16:8e0d178b1d1e | 113 | #define ECC_MAX_PAD_SZ 2 |
wolfSSL | 16:8e0d178b1d1e | 114 | #endif |
wolfSSL | 15:117db924cf7c | 115 | |
wolfSSL | 15:117db924cf7c | 116 | enum { |
wolfSSL | 15:117db924cf7c | 117 | ECC_PUBLICKEY = 1, |
wolfSSL | 15:117db924cf7c | 118 | ECC_PRIVATEKEY = 2, |
wolfSSL | 15:117db924cf7c | 119 | ECC_PRIVATEKEY_ONLY = 3, |
wolfSSL | 15:117db924cf7c | 120 | ECC_MAXNAME = 16, /* MAX CURVE NAME LENGTH */ |
wolfSSL | 16:8e0d178b1d1e | 121 | SIG_HEADER_SZ = 7, /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */ |
wolfSSL | 15:117db924cf7c | 122 | ECC_BUFSIZE = 256, /* for exported keys temp buffer */ |
wolfSSL | 15:117db924cf7c | 123 | ECC_MINSIZE = 20, /* MIN Private Key size */ |
wolfSSL | 15:117db924cf7c | 124 | ECC_MAXSIZE = 66, /* MAX Private Key size */ |
wolfSSL | 15:117db924cf7c | 125 | ECC_MAXSIZE_GEN = 74, /* MAX Buffer size required when generating ECC keys*/ |
wolfSSL | 15:117db924cf7c | 126 | ECC_MAX_OID_LEN = 16, |
wolfSSL | 15:117db924cf7c | 127 | ECC_MAX_SIG_SIZE= ((MAX_ECC_BYTES * 2) + ECC_MAX_PAD_SZ + SIG_HEADER_SZ), |
wolfSSL | 15:117db924cf7c | 128 | |
wolfSSL | 15:117db924cf7c | 129 | /* max crypto hardware size */ |
wolfSSL | 15:117db924cf7c | 130 | #ifdef WOLFSSL_ATECC508A |
wolfSSL | 15:117db924cf7c | 131 | ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */ |
wolfSSL | 15:117db924cf7c | 132 | ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2), |
wolfSSL | 15:117db924cf7c | 133 | #elif defined(PLUTON_CRYPTO_ECC) |
wolfSSL | 15:117db924cf7c | 134 | ECC_MAX_CRYPTO_HW_SIZE = 32, |
wolfSSL | 16:8e0d178b1d1e | 135 | #elif defined(WOLFSSL_CRYPTOCELL) |
wolfSSL | 16:8e0d178b1d1e | 136 | #ifndef CRYPTOCELL_KEY_SIZE |
wolfSSL | 16:8e0d178b1d1e | 137 | CRYPTOCELL_KEY_SIZE = ECC_MAXSIZE, |
wolfSSL | 16:8e0d178b1d1e | 138 | #endif |
wolfSSL | 16:8e0d178b1d1e | 139 | ECC_MAX_CRYPTO_HW_SIZE = CRYPTOCELL_KEY_SIZE, |
wolfSSL | 15:117db924cf7c | 140 | #endif |
wolfSSL | 15:117db924cf7c | 141 | |
wolfSSL | 15:117db924cf7c | 142 | /* point compression type */ |
wolfSSL | 15:117db924cf7c | 143 | ECC_POINT_COMP_EVEN = 0x02, |
wolfSSL | 15:117db924cf7c | 144 | ECC_POINT_COMP_ODD = 0x03, |
wolfSSL | 15:117db924cf7c | 145 | ECC_POINT_UNCOMP = 0x04, |
wolfSSL | 15:117db924cf7c | 146 | |
wolfSSL | 15:117db924cf7c | 147 | /* Shamir's dual add constants */ |
wolfSSL | 15:117db924cf7c | 148 | SHAMIR_PRECOMP_SZ = 16, |
wolfSSL | 16:8e0d178b1d1e | 149 | |
wolfSSL | 16:8e0d178b1d1e | 150 | #ifdef HAVE_PKCS11 |
wolfSSL | 16:8e0d178b1d1e | 151 | ECC_MAX_ID_LEN = 32, |
wolfSSL | 16:8e0d178b1d1e | 152 | #endif |
wolfSSL | 15:117db924cf7c | 153 | }; |
wolfSSL | 15:117db924cf7c | 154 | |
wolfSSL | 15:117db924cf7c | 155 | /* Curve Types */ |
wolfSSL | 15:117db924cf7c | 156 | typedef enum ecc_curve_id { |
wolfSSL | 15:117db924cf7c | 157 | ECC_CURVE_INVALID = -1, |
wolfSSL | 15:117db924cf7c | 158 | ECC_CURVE_DEF = 0, /* NIST or SECP */ |
wolfSSL | 15:117db924cf7c | 159 | |
wolfSSL | 15:117db924cf7c | 160 | /* NIST Prime Curves */ |
wolfSSL | 15:117db924cf7c | 161 | ECC_SECP192R1, |
wolfSSL | 15:117db924cf7c | 162 | ECC_PRIME192V2, |
wolfSSL | 15:117db924cf7c | 163 | ECC_PRIME192V3, |
wolfSSL | 15:117db924cf7c | 164 | ECC_PRIME239V1, |
wolfSSL | 15:117db924cf7c | 165 | ECC_PRIME239V2, |
wolfSSL | 15:117db924cf7c | 166 | ECC_PRIME239V3, |
wolfSSL | 15:117db924cf7c | 167 | ECC_SECP256R1, |
wolfSSL | 15:117db924cf7c | 168 | |
wolfSSL | 15:117db924cf7c | 169 | /* SECP Curves */ |
wolfSSL | 15:117db924cf7c | 170 | ECC_SECP112R1, |
wolfSSL | 15:117db924cf7c | 171 | ECC_SECP112R2, |
wolfSSL | 15:117db924cf7c | 172 | ECC_SECP128R1, |
wolfSSL | 15:117db924cf7c | 173 | ECC_SECP128R2, |
wolfSSL | 15:117db924cf7c | 174 | ECC_SECP160R1, |
wolfSSL | 15:117db924cf7c | 175 | ECC_SECP160R2, |
wolfSSL | 15:117db924cf7c | 176 | ECC_SECP224R1, |
wolfSSL | 15:117db924cf7c | 177 | ECC_SECP384R1, |
wolfSSL | 15:117db924cf7c | 178 | ECC_SECP521R1, |
wolfSSL | 15:117db924cf7c | 179 | |
wolfSSL | 15:117db924cf7c | 180 | /* Koblitz */ |
wolfSSL | 15:117db924cf7c | 181 | ECC_SECP160K1, |
wolfSSL | 15:117db924cf7c | 182 | ECC_SECP192K1, |
wolfSSL | 15:117db924cf7c | 183 | ECC_SECP224K1, |
wolfSSL | 15:117db924cf7c | 184 | ECC_SECP256K1, |
wolfSSL | 15:117db924cf7c | 185 | |
wolfSSL | 15:117db924cf7c | 186 | /* Brainpool Curves */ |
wolfSSL | 15:117db924cf7c | 187 | ECC_BRAINPOOLP160R1, |
wolfSSL | 15:117db924cf7c | 188 | ECC_BRAINPOOLP192R1, |
wolfSSL | 15:117db924cf7c | 189 | ECC_BRAINPOOLP224R1, |
wolfSSL | 15:117db924cf7c | 190 | ECC_BRAINPOOLP256R1, |
wolfSSL | 15:117db924cf7c | 191 | ECC_BRAINPOOLP320R1, |
wolfSSL | 15:117db924cf7c | 192 | ECC_BRAINPOOLP384R1, |
wolfSSL | 15:117db924cf7c | 193 | ECC_BRAINPOOLP512R1, |
wolfSSL | 15:117db924cf7c | 194 | |
wolfSSL | 15:117db924cf7c | 195 | /* Twisted Edwards Curves */ |
wolfSSL | 15:117db924cf7c | 196 | #ifdef HAVE_CURVE25519 |
wolfSSL | 15:117db924cf7c | 197 | ECC_X25519, |
wolfSSL | 15:117db924cf7c | 198 | #endif |
wolfSSL | 16:8e0d178b1d1e | 199 | #ifdef HAVE_CURVE448 |
wolfSSL | 15:117db924cf7c | 200 | ECC_X448, |
wolfSSL | 15:117db924cf7c | 201 | #endif |
wolfSSL | 15:117db924cf7c | 202 | |
wolfSSL | 15:117db924cf7c | 203 | #ifdef WOLFSSL_CUSTOM_CURVES |
wolfSSL | 15:117db924cf7c | 204 | ECC_CURVE_CUSTOM, |
wolfSSL | 15:117db924cf7c | 205 | #endif |
wolfSSL | 15:117db924cf7c | 206 | } ecc_curve_id; |
wolfSSL | 15:117db924cf7c | 207 | |
wolfSSL | 15:117db924cf7c | 208 | #ifdef HAVE_OID_ENCODING |
wolfSSL | 15:117db924cf7c | 209 | typedef word16 ecc_oid_t; |
wolfSSL | 15:117db924cf7c | 210 | #else |
wolfSSL | 15:117db924cf7c | 211 | typedef byte ecc_oid_t; |
wolfSSL | 15:117db924cf7c | 212 | /* OID encoded with ASN scheme: |
wolfSSL | 15:117db924cf7c | 213 | first element = (oid[0] * 40) + oid[1] |
wolfSSL | 15:117db924cf7c | 214 | if any element > 127 then MSB 0x80 indicates additional byte */ |
wolfSSL | 15:117db924cf7c | 215 | #endif |
wolfSSL | 15:117db924cf7c | 216 | |
wolfSSL | 16:8e0d178b1d1e | 217 | |
wolfSSL | 16:8e0d178b1d1e | 218 | #if !defined(WOLFSSL_ECC_CURVE_STATIC) && defined(USE_WINDOWS_API) |
wolfSSL | 16:8e0d178b1d1e | 219 | /* MSC does something different with the pointers to the arrays than GCC, |
wolfSSL | 16:8e0d178b1d1e | 220 | * and it causes the FIPS checksum to fail. In the case of windows builds, |
wolfSSL | 16:8e0d178b1d1e | 221 | * store everything as arrays instead of pointers to strings. */ |
wolfSSL | 16:8e0d178b1d1e | 222 | |
wolfSSL | 16:8e0d178b1d1e | 223 | #define WOLFSSL_ECC_CURVE_STATIC |
wolfSSL | 16:8e0d178b1d1e | 224 | #endif |
wolfSSL | 16:8e0d178b1d1e | 225 | |
wolfSSL | 15:117db924cf7c | 226 | /* ECC set type defined a GF(p) curve */ |
wolfSSL | 16:8e0d178b1d1e | 227 | #ifndef WOLFSSL_ECC_CURVE_STATIC |
wolfSSL | 15:117db924cf7c | 228 | typedef struct ecc_set_type { |
wolfSSL | 15:117db924cf7c | 229 | int size; /* The size of the curve in octets */ |
wolfSSL | 15:117db924cf7c | 230 | int id; /* id of this curve */ |
wolfSSL | 15:117db924cf7c | 231 | const char* name; /* name of this curve */ |
wolfSSL | 15:117db924cf7c | 232 | const char* prime; /* prime that defines the field, curve is in (hex) */ |
wolfSSL | 15:117db924cf7c | 233 | const char* Af; /* fields A param (hex) */ |
wolfSSL | 15:117db924cf7c | 234 | const char* Bf; /* fields B param (hex) */ |
wolfSSL | 15:117db924cf7c | 235 | const char* order; /* order of the curve (hex) */ |
wolfSSL | 15:117db924cf7c | 236 | const char* Gx; /* x coordinate of the base point on curve (hex) */ |
wolfSSL | 15:117db924cf7c | 237 | const char* Gy; /* y coordinate of the base point on curve (hex) */ |
wolfSSL | 15:117db924cf7c | 238 | const ecc_oid_t* oid; |
wolfSSL | 15:117db924cf7c | 239 | word32 oidSz; |
wolfSSL | 15:117db924cf7c | 240 | word32 oidSum; /* sum of encoded OID bytes */ |
wolfSSL | 15:117db924cf7c | 241 | int cofactor; |
wolfSSL | 15:117db924cf7c | 242 | } ecc_set_type; |
wolfSSL | 15:117db924cf7c | 243 | #else |
wolfSSL | 15:117db924cf7c | 244 | #define MAX_ECC_NAME 16 |
wolfSSL | 15:117db924cf7c | 245 | #define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 1) |
wolfSSL | 15:117db924cf7c | 246 | /* The values are stored as text strings. */ |
wolfSSL | 15:117db924cf7c | 247 | |
wolfSSL | 15:117db924cf7c | 248 | typedef struct ecc_set_type { |
wolfSSL | 15:117db924cf7c | 249 | int size; /* The size of the curve in octets */ |
wolfSSL | 15:117db924cf7c | 250 | int id; /* id of this curve */ |
wolfSSL | 15:117db924cf7c | 251 | const char name[MAX_ECC_NAME]; /* name of this curve */ |
wolfSSL | 15:117db924cf7c | 252 | const char prime[MAX_ECC_STRING]; /* prime that defines the field, curve is in (hex) */ |
wolfSSL | 15:117db924cf7c | 253 | const char Af[MAX_ECC_STRING]; /* fields A param (hex) */ |
wolfSSL | 15:117db924cf7c | 254 | const char Bf[MAX_ECC_STRING]; /* fields B param (hex) */ |
wolfSSL | 15:117db924cf7c | 255 | const char order[MAX_ECC_STRING]; /* order of the curve (hex) */ |
wolfSSL | 15:117db924cf7c | 256 | const char Gx[MAX_ECC_STRING]; /* x coordinate of the base point on curve (hex) */ |
wolfSSL | 15:117db924cf7c | 257 | const char Gy[MAX_ECC_STRING]; /* y coordinate of the base point on curve (hex) */ |
wolfSSL | 15:117db924cf7c | 258 | const ecc_oid_t oid[10]; |
wolfSSL | 15:117db924cf7c | 259 | word32 oidSz; |
wolfSSL | 15:117db924cf7c | 260 | word32 oidSum; /* sum of encoded OID bytes */ |
wolfSSL | 15:117db924cf7c | 261 | int cofactor; |
wolfSSL | 15:117db924cf7c | 262 | } ecc_set_type; |
wolfSSL | 15:117db924cf7c | 263 | #endif |
wolfSSL | 15:117db924cf7c | 264 | |
wolfSSL | 15:117db924cf7c | 265 | |
wolfSSL | 15:117db924cf7c | 266 | #ifdef ALT_ECC_SIZE |
wolfSSL | 15:117db924cf7c | 267 | |
wolfSSL | 15:117db924cf7c | 268 | /* Note on ALT_ECC_SIZE: |
wolfSSL | 15:117db924cf7c | 269 | * The fast math code uses an array of a fixed size to store the big integers. |
wolfSSL | 15:117db924cf7c | 270 | * By default, the array is big enough for RSA keys. There is a size, |
wolfSSL | 15:117db924cf7c | 271 | * FP_MAX_BITS which can be used to make the array smaller when one wants ECC |
wolfSSL | 15:117db924cf7c | 272 | * but not RSA. Some people want fast math sized for both RSA and ECC, where |
wolfSSL | 15:117db924cf7c | 273 | * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate |
wolfSSL | 15:117db924cf7c | 274 | * ecc_point structure that uses an alternate fp_int that has a shorter array |
wolfSSL | 15:117db924cf7c | 275 | * of fp_digits. |
wolfSSL | 15:117db924cf7c | 276 | * |
wolfSSL | 15:117db924cf7c | 277 | * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of |
wolfSSL | 15:117db924cf7c | 278 | * mp_ints for the components of the point. With ALT_ECC_SIZE, the components |
wolfSSL | 15:117db924cf7c | 279 | * of the point are pointers that are set to each of a three item array of |
wolfSSL | 15:117db924cf7c | 280 | * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the |
wolfSSL | 15:117db924cf7c | 281 | * structure, the alt_fp_int will only have 528 bits. A size value was added |
wolfSSL | 15:117db924cf7c | 282 | * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The |
wolfSSL | 15:117db924cf7c | 283 | * functions fp_zero() and fp_copy() use the size parameter. An int needs to |
wolfSSL | 15:117db924cf7c | 284 | * be initialized before using it instead of just fp_zeroing it, the init will |
wolfSSL | 15:117db924cf7c | 285 | * call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the |
wolfSSL | 15:117db924cf7c | 286 | * number of bits used in the alternate FP_INT. |
wolfSSL | 15:117db924cf7c | 287 | * |
wolfSSL | 15:117db924cf7c | 288 | * Do not enable ALT_ECC_SIZE and disable fast math in the configuration. |
wolfSSL | 15:117db924cf7c | 289 | */ |
wolfSSL | 15:117db924cf7c | 290 | |
wolfSSL | 15:117db924cf7c | 291 | #ifndef USE_FAST_MATH |
wolfSSL | 15:117db924cf7c | 292 | #error USE_FAST_MATH must be defined to use ALT_ECC_SIZE |
wolfSSL | 15:117db924cf7c | 293 | #endif |
wolfSSL | 15:117db924cf7c | 294 | |
wolfSSL | 15:117db924cf7c | 295 | /* determine max bits required for ECC math */ |
wolfSSL | 15:117db924cf7c | 296 | #ifndef FP_MAX_BITS_ECC |
wolfSSL | 15:117db924cf7c | 297 | /* check alignment */ |
wolfSSL | 15:117db924cf7c | 298 | #if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0 |
wolfSSL | 15:117db924cf7c | 299 | /* max bits is double */ |
wolfSSL | 15:117db924cf7c | 300 | #define FP_MAX_BITS_ECC (MAX_ECC_BITS * 2) |
wolfSSL | 15:117db924cf7c | 301 | #else |
wolfSSL | 15:117db924cf7c | 302 | /* max bits is doubled, plus one digit of fudge */ |
wolfSSL | 15:117db924cf7c | 303 | #define FP_MAX_BITS_ECC ((MAX_ECC_BITS * 2) + DIGIT_BIT) |
wolfSSL | 15:117db924cf7c | 304 | #endif |
wolfSSL | 15:117db924cf7c | 305 | #else |
wolfSSL | 15:117db924cf7c | 306 | /* verify alignment */ |
wolfSSL | 15:117db924cf7c | 307 | #if FP_MAX_BITS_ECC % CHAR_BIT |
wolfSSL | 15:117db924cf7c | 308 | #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT |
wolfSSL | 15:117db924cf7c | 309 | #endif |
wolfSSL | 15:117db924cf7c | 310 | #endif |
wolfSSL | 15:117db924cf7c | 311 | |
wolfSSL | 15:117db924cf7c | 312 | /* determine buffer size */ |
wolfSSL | 15:117db924cf7c | 313 | #define FP_SIZE_ECC (FP_MAX_BITS_ECC/DIGIT_BIT) |
wolfSSL | 15:117db924cf7c | 314 | |
wolfSSL | 15:117db924cf7c | 315 | |
wolfSSL | 15:117db924cf7c | 316 | /* This needs to match the size of the fp_int struct, except the |
wolfSSL | 15:117db924cf7c | 317 | * fp_digit array will be shorter. */ |
wolfSSL | 15:117db924cf7c | 318 | typedef struct alt_fp_int { |
wolfSSL | 15:117db924cf7c | 319 | int used, sign, size; |
wolfSSL | 16:8e0d178b1d1e | 320 | mp_digit dp[FP_SIZE_ECC]; |
wolfSSL | 15:117db924cf7c | 321 | } alt_fp_int; |
wolfSSL | 15:117db924cf7c | 322 | #endif /* ALT_ECC_SIZE */ |
wolfSSL | 15:117db924cf7c | 323 | |
wolfSSL | 15:117db924cf7c | 324 | #ifndef WC_ECCKEY_TYPE_DEFINED |
wolfSSL | 15:117db924cf7c | 325 | typedef struct ecc_key ecc_key; |
wolfSSL | 15:117db924cf7c | 326 | #define WC_ECCKEY_TYPE_DEFINED |
wolfSSL | 15:117db924cf7c | 327 | #endif |
wolfSSL | 15:117db924cf7c | 328 | |
wolfSSL | 15:117db924cf7c | 329 | |
wolfSSL | 16:8e0d178b1d1e | 330 | /* A point on an ECC curve, stored in Jacobian format such that (x,y,z) => |
wolfSSL | 15:117db924cf7c | 331 | (x/z^2, y/z^3, 1) when interpreted as affine */ |
wolfSSL | 15:117db924cf7c | 332 | typedef struct { |
wolfSSL | 15:117db924cf7c | 333 | #ifndef ALT_ECC_SIZE |
wolfSSL | 15:117db924cf7c | 334 | mp_int x[1]; /* The x coordinate */ |
wolfSSL | 15:117db924cf7c | 335 | mp_int y[1]; /* The y coordinate */ |
wolfSSL | 15:117db924cf7c | 336 | mp_int z[1]; /* The z coordinate */ |
wolfSSL | 15:117db924cf7c | 337 | #else |
wolfSSL | 15:117db924cf7c | 338 | mp_int* x; /* The x coordinate */ |
wolfSSL | 15:117db924cf7c | 339 | mp_int* y; /* The y coordinate */ |
wolfSSL | 15:117db924cf7c | 340 | mp_int* z; /* The z coordinate */ |
wolfSSL | 15:117db924cf7c | 341 | alt_fp_int xyz[3]; |
wolfSSL | 15:117db924cf7c | 342 | #endif |
wolfSSL | 15:117db924cf7c | 343 | #ifdef WOLFSSL_SMALL_STACK_CACHE |
wolfSSL | 15:117db924cf7c | 344 | ecc_key* key; |
wolfSSL | 15:117db924cf7c | 345 | #endif |
wolfSSL | 15:117db924cf7c | 346 | } ecc_point; |
wolfSSL | 15:117db924cf7c | 347 | |
wolfSSL | 15:117db924cf7c | 348 | /* ECC Flags */ |
wolfSSL | 15:117db924cf7c | 349 | enum { |
wolfSSL | 15:117db924cf7c | 350 | WC_ECC_FLAG_NONE = 0x00, |
wolfSSL | 15:117db924cf7c | 351 | #ifdef HAVE_ECC_CDH |
wolfSSL | 15:117db924cf7c | 352 | WC_ECC_FLAG_COFACTOR = 0x01, |
wolfSSL | 15:117db924cf7c | 353 | #endif |
wolfSSL | 15:117db924cf7c | 354 | }; |
wolfSSL | 15:117db924cf7c | 355 | |
wolfSSL | 15:117db924cf7c | 356 | /* An ECC Key */ |
wolfSSL | 15:117db924cf7c | 357 | struct ecc_key { |
wolfSSL | 15:117db924cf7c | 358 | int type; /* Public or Private */ |
wolfSSL | 15:117db924cf7c | 359 | int idx; /* Index into the ecc_sets[] for the parameters of |
wolfSSL | 15:117db924cf7c | 360 | this curve if -1, this key is using user supplied |
wolfSSL | 15:117db924cf7c | 361 | curve in dp */ |
wolfSSL | 15:117db924cf7c | 362 | int state; |
wolfSSL | 15:117db924cf7c | 363 | word32 flags; |
wolfSSL | 15:117db924cf7c | 364 | const ecc_set_type* dp; /* domain parameters, either points to NIST |
wolfSSL | 15:117db924cf7c | 365 | curves (idx >= 0) or user supplied */ |
wolfSSL | 15:117db924cf7c | 366 | #ifdef WOLFSSL_CUSTOM_CURVES |
wolfSSL | 15:117db924cf7c | 367 | int deallocSet; |
wolfSSL | 15:117db924cf7c | 368 | #endif |
wolfSSL | 15:117db924cf7c | 369 | void* heap; /* heap hint */ |
wolfSSL | 15:117db924cf7c | 370 | ecc_point pubkey; /* public key */ |
wolfSSL | 15:117db924cf7c | 371 | mp_int k; /* private key */ |
wolfSSL | 15:117db924cf7c | 372 | #ifdef WOLFSSL_ATECC508A |
wolfSSL | 15:117db924cf7c | 373 | int slot; /* Key Slot Number (-1 unknown) */ |
wolfSSL | 15:117db924cf7c | 374 | byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE]; |
wolfSSL | 15:117db924cf7c | 375 | #endif |
wolfSSL | 16:8e0d178b1d1e | 376 | #if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB) |
wolfSSL | 15:117db924cf7c | 377 | int devId; |
wolfSSL | 15:117db924cf7c | 378 | #endif |
wolfSSL | 15:117db924cf7c | 379 | #ifdef WOLFSSL_ASYNC_CRYPT |
wolfSSL | 15:117db924cf7c | 380 | mp_int* r; /* sign/verify temps */ |
wolfSSL | 15:117db924cf7c | 381 | mp_int* s; |
wolfSSL | 15:117db924cf7c | 382 | WC_ASYNC_DEV asyncDev; |
wolfSSL | 15:117db924cf7c | 383 | #ifdef HAVE_CAVIUM_V |
wolfSSL | 15:117db924cf7c | 384 | mp_int* e; /* Sign, Verify and Shared Secret */ |
wolfSSL | 15:117db924cf7c | 385 | mp_int* signK; |
wolfSSL | 15:117db924cf7c | 386 | #endif |
wolfSSL | 15:117db924cf7c | 387 | #ifdef WOLFSSL_CERT_GEN |
wolfSSL | 15:117db924cf7c | 388 | CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ |
wolfSSL | 15:117db924cf7c | 389 | #endif |
wolfSSL | 15:117db924cf7c | 390 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 16:8e0d178b1d1e | 391 | #ifdef HAVE_PKCS11 |
wolfSSL | 16:8e0d178b1d1e | 392 | byte id[ECC_MAX_ID_LEN]; |
wolfSSL | 16:8e0d178b1d1e | 393 | int idLen; |
wolfSSL | 16:8e0d178b1d1e | 394 | #endif |
wolfSSL | 16:8e0d178b1d1e | 395 | #if defined(WOLFSSL_CRYPTOCELL) |
wolfSSL | 16:8e0d178b1d1e | 396 | ecc_context_t ctx; |
wolfSSL | 16:8e0d178b1d1e | 397 | #endif |
wolfSSL | 16:8e0d178b1d1e | 398 | |
wolfSSL | 16:8e0d178b1d1e | 399 | #ifdef WOLFSSL_ECDSA_SET_K |
wolfSSL | 16:8e0d178b1d1e | 400 | mp_int *sign_k; |
wolfSSL | 16:8e0d178b1d1e | 401 | #endif |
wolfSSL | 16:8e0d178b1d1e | 402 | |
wolfSSL | 15:117db924cf7c | 403 | #ifdef WOLFSSL_SMALL_STACK_CACHE |
wolfSSL | 15:117db924cf7c | 404 | mp_int* t1; |
wolfSSL | 15:117db924cf7c | 405 | mp_int* t2; |
wolfSSL | 15:117db924cf7c | 406 | #ifdef ALT_ECC_SIZE |
wolfSSL | 15:117db924cf7c | 407 | mp_int* x; |
wolfSSL | 15:117db924cf7c | 408 | mp_int* y; |
wolfSSL | 15:117db924cf7c | 409 | mp_int* z; |
wolfSSL | 15:117db924cf7c | 410 | #endif |
wolfSSL | 15:117db924cf7c | 411 | #endif |
wolfSSL | 16:8e0d178b1d1e | 412 | |
wolfSSL | 16:8e0d178b1d1e | 413 | #ifdef WOLFSSL_DSP |
wolfSSL | 16:8e0d178b1d1e | 414 | remote_handle64 handle; |
wolfSSL | 16:8e0d178b1d1e | 415 | #endif |
wolfSSL | 15:117db924cf7c | 416 | }; |
wolfSSL | 15:117db924cf7c | 417 | |
wolfSSL | 15:117db924cf7c | 418 | |
wolfSSL | 16:8e0d178b1d1e | 419 | WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void*); |
wolfSSL | 16:8e0d178b1d1e | 420 | WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key*); |
wolfSSL | 16:8e0d178b1d1e | 421 | |
wolfSSL | 16:8e0d178b1d1e | 422 | |
wolfSSL | 15:117db924cf7c | 423 | /* ECC predefined curve sets */ |
wolfSSL | 15:117db924cf7c | 424 | extern const ecc_set_type ecc_sets[]; |
wolfSSL | 16:8e0d178b1d1e | 425 | extern const size_t ecc_sets_count; |
wolfSSL | 15:117db924cf7c | 426 | |
wolfSSL | 15:117db924cf7c | 427 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 428 | const char* wc_ecc_get_name(int curve_id); |
wolfSSL | 15:117db924cf7c | 429 | |
wolfSSL | 15:117db924cf7c | 430 | #ifndef WOLFSSL_ATECC508A |
wolfSSL | 15:117db924cf7c | 431 | |
wolfSSL | 15:117db924cf7c | 432 | #ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL |
wolfSSL | 15:117db924cf7c | 433 | #define ECC_API WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 434 | #else |
wolfSSL | 15:117db924cf7c | 435 | #define ECC_API WOLFSSL_LOCAL |
wolfSSL | 15:117db924cf7c | 436 | #endif |
wolfSSL | 15:117db924cf7c | 437 | |
wolfSSL | 15:117db924cf7c | 438 | ECC_API int ecc_mul2add(ecc_point* A, mp_int* kA, |
wolfSSL | 15:117db924cf7c | 439 | ecc_point* B, mp_int* kB, |
wolfSSL | 15:117db924cf7c | 440 | ecc_point* C, mp_int* a, mp_int* modulus, void* heap); |
wolfSSL | 15:117db924cf7c | 441 | |
wolfSSL | 15:117db924cf7c | 442 | ECC_API int ecc_map(ecc_point*, mp_int*, mp_digit); |
wolfSSL | 16:8e0d178b1d1e | 443 | ECC_API int ecc_map_ex(ecc_point*, mp_int*, mp_digit, int ct); |
wolfSSL | 15:117db924cf7c | 444 | ECC_API int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R, |
wolfSSL | 15:117db924cf7c | 445 | mp_int* a, mp_int* modulus, mp_digit mp); |
wolfSSL | 15:117db924cf7c | 446 | ECC_API int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* a, |
wolfSSL | 15:117db924cf7c | 447 | mp_int* modulus, mp_digit mp); |
wolfSSL | 15:117db924cf7c | 448 | |
wolfSSL | 15:117db924cf7c | 449 | #endif |
wolfSSL | 15:117db924cf7c | 450 | |
wolfSSL | 15:117db924cf7c | 451 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 452 | int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key); |
wolfSSL | 16:8e0d178b1d1e | 453 | WOLFSSL_ABI WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 454 | int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id); |
wolfSSL | 15:117db924cf7c | 455 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 456 | int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut); |
wolfSSL | 15:117db924cf7c | 457 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 458 | int wc_ecc_check_key(ecc_key* key); |
wolfSSL | 15:117db924cf7c | 459 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 460 | int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime); |
wolfSSL | 16:8e0d178b1d1e | 461 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 462 | int wc_ecc_get_generator(ecc_point* ecp, int curve_idx); |
wolfSSL | 15:117db924cf7c | 463 | |
wolfSSL | 15:117db924cf7c | 464 | #ifdef HAVE_ECC_DHE |
wolfSSL | 15:117db924cf7c | 465 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 466 | int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, |
wolfSSL | 15:117db924cf7c | 467 | word32* outlen); |
wolfSSL | 15:117db924cf7c | 468 | WOLFSSL_LOCAL |
wolfSSL | 15:117db924cf7c | 469 | int wc_ecc_shared_secret_gen(ecc_key* private_key, ecc_point* point, |
wolfSSL | 15:117db924cf7c | 470 | byte* out, word32 *outlen); |
wolfSSL | 15:117db924cf7c | 471 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 472 | int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point, |
wolfSSL | 15:117db924cf7c | 473 | byte* out, word32 *outlen); |
wolfSSL | 16:8e0d178b1d1e | 474 | |
wolfSSL | 16:8e0d178b1d1e | 475 | #if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL) |
wolfSSL | 16:8e0d178b1d1e | 476 | #define wc_ecc_shared_secret_ssh wc_ecc_shared_secret |
wolfSSL | 16:8e0d178b1d1e | 477 | #else |
wolfSSL | 15:117db924cf7c | 478 | #define wc_ecc_shared_secret_ssh wc_ecc_shared_secret_ex /* For backwards compat */ |
wolfSSL | 16:8e0d178b1d1e | 479 | #endif |
wolfSSL | 16:8e0d178b1d1e | 480 | |
wolfSSL | 15:117db924cf7c | 481 | #endif /* HAVE_ECC_DHE */ |
wolfSSL | 15:117db924cf7c | 482 | |
wolfSSL | 15:117db924cf7c | 483 | #ifdef HAVE_ECC_SIGN |
wolfSSL | 16:8e0d178b1d1e | 484 | WOLFSSL_ABI WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 485 | int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, |
wolfSSL | 15:117db924cf7c | 486 | WC_RNG* rng, ecc_key* key); |
wolfSSL | 15:117db924cf7c | 487 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 488 | int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, |
wolfSSL | 15:117db924cf7c | 489 | ecc_key* key, mp_int *r, mp_int *s); |
wolfSSL | 16:8e0d178b1d1e | 490 | #ifdef WOLFSSL_ECDSA_SET_K |
wolfSSL | 16:8e0d178b1d1e | 491 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 492 | int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key); |
wolfSSL | 16:8e0d178b1d1e | 493 | #endif |
wolfSSL | 15:117db924cf7c | 494 | #endif /* HAVE_ECC_SIGN */ |
wolfSSL | 15:117db924cf7c | 495 | |
wolfSSL | 15:117db924cf7c | 496 | #ifdef HAVE_ECC_VERIFY |
wolfSSL | 15:117db924cf7c | 497 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 498 | int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, |
wolfSSL | 15:117db924cf7c | 499 | word32 hashlen, int* stat, ecc_key* key); |
wolfSSL | 15:117db924cf7c | 500 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 501 | int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, |
wolfSSL | 15:117db924cf7c | 502 | word32 hashlen, int* stat, ecc_key* key); |
wolfSSL | 15:117db924cf7c | 503 | #endif /* HAVE_ECC_VERIFY */ |
wolfSSL | 15:117db924cf7c | 504 | |
wolfSSL | 15:117db924cf7c | 505 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 506 | int wc_ecc_init(ecc_key* key); |
wolfSSL | 16:8e0d178b1d1e | 507 | WOLFSSL_ABI WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 508 | int wc_ecc_init_ex(ecc_key* key, void* heap, int devId); |
wolfSSL | 16:8e0d178b1d1e | 509 | #ifdef HAVE_PKCS11 |
wolfSSL | 15:117db924cf7c | 510 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 511 | int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap, |
wolfSSL | 16:8e0d178b1d1e | 512 | int devId); |
wolfSSL | 16:8e0d178b1d1e | 513 | #endif |
wolfSSL | 15:117db924cf7c | 514 | #ifdef WOLFSSL_CUSTOM_CURVES |
wolfSSL | 15:117db924cf7c | 515 | WOLFSSL_LOCAL |
wolfSSL | 15:117db924cf7c | 516 | void wc_ecc_free_curve(const ecc_set_type* curve, void* heap); |
wolfSSL | 15:117db924cf7c | 517 | #endif |
wolfSSL | 16:8e0d178b1d1e | 518 | WOLFSSL_ABI WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 519 | int wc_ecc_free(ecc_key* key); |
wolfSSL | 15:117db924cf7c | 520 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 521 | int wc_ecc_set_flags(ecc_key* key, word32 flags); |
wolfSSL | 15:117db924cf7c | 522 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 523 | void wc_ecc_fp_free(void); |
wolfSSL | 15:117db924cf7c | 524 | |
wolfSSL | 15:117db924cf7c | 525 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 526 | int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id); |
wolfSSL | 15:117db924cf7c | 527 | |
wolfSSL | 15:117db924cf7c | 528 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 529 | int wc_ecc_is_valid_idx(int n); |
wolfSSL | 15:117db924cf7c | 530 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 531 | int wc_ecc_get_curve_idx(int curve_id); |
wolfSSL | 15:117db924cf7c | 532 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 533 | int wc_ecc_get_curve_id(int curve_idx); |
wolfSSL | 15:117db924cf7c | 534 | #define wc_ecc_get_curve_name_from_id wc_ecc_get_name |
wolfSSL | 15:117db924cf7c | 535 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 536 | int wc_ecc_get_curve_size_from_id(int curve_id); |
wolfSSL | 15:117db924cf7c | 537 | |
wolfSSL | 15:117db924cf7c | 538 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 539 | int wc_ecc_get_curve_idx_from_name(const char* curveName); |
wolfSSL | 15:117db924cf7c | 540 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 541 | int wc_ecc_get_curve_size_from_name(const char* curveName); |
wolfSSL | 15:117db924cf7c | 542 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 543 | int wc_ecc_get_curve_id_from_name(const char* curveName); |
wolfSSL | 15:117db924cf7c | 544 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 545 | int wc_ecc_get_curve_id_from_params(int fieldSize, |
wolfSSL | 15:117db924cf7c | 546 | const byte* prime, word32 primeSz, const byte* Af, word32 AfSz, |
wolfSSL | 15:117db924cf7c | 547 | const byte* Bf, word32 BfSz, const byte* order, word32 orderSz, |
wolfSSL | 15:117db924cf7c | 548 | const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor); |
wolfSSL | 16:8e0d178b1d1e | 549 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 550 | int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp); |
wolfSSL | 15:117db924cf7c | 551 | |
wolfSSL | 16:8e0d178b1d1e | 552 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 553 | int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len); |
wolfSSL | 16:8e0d178b1d1e | 554 | |
wolfSSL | 16:8e0d178b1d1e | 555 | WOLFSSL_API const ecc_set_type* wc_ecc_get_curve_params(int curve_idx); |
wolfSSL | 15:117db924cf7c | 556 | |
wolfSSL | 15:117db924cf7c | 557 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 558 | ecc_point* wc_ecc_new_point(void); |
wolfSSL | 15:117db924cf7c | 559 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 560 | ecc_point* wc_ecc_new_point_h(void* h); |
wolfSSL | 15:117db924cf7c | 561 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 562 | void wc_ecc_del_point(ecc_point* p); |
wolfSSL | 15:117db924cf7c | 563 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 564 | void wc_ecc_del_point_h(ecc_point* p, void* h); |
wolfSSL | 15:117db924cf7c | 565 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 566 | int wc_ecc_copy_point(ecc_point* p, ecc_point *r); |
wolfSSL | 15:117db924cf7c | 567 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 568 | int wc_ecc_cmp_point(ecc_point* a, ecc_point *b); |
wolfSSL | 15:117db924cf7c | 569 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 570 | int wc_ecc_point_is_at_infinity(ecc_point *p); |
wolfSSL | 15:117db924cf7c | 571 | |
wolfSSL | 15:117db924cf7c | 572 | #ifndef WOLFSSL_ATECC508A |
wolfSSL | 15:117db924cf7c | 573 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 574 | int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, |
wolfSSL | 15:117db924cf7c | 575 | mp_int* a, mp_int* modulus, int map); |
wolfSSL | 15:117db924cf7c | 576 | WOLFSSL_LOCAL |
wolfSSL | 15:117db924cf7c | 577 | int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, |
wolfSSL | 15:117db924cf7c | 578 | mp_int* a, mp_int* modulus, int map, void* heap); |
wolfSSL | 15:117db924cf7c | 579 | #endif /* !WOLFSSL_ATECC508A */ |
wolfSSL | 15:117db924cf7c | 580 | |
wolfSSL | 15:117db924cf7c | 581 | |
wolfSSL | 15:117db924cf7c | 582 | #ifdef HAVE_ECC_KEY_EXPORT |
wolfSSL | 15:117db924cf7c | 583 | /* ASN key helpers */ |
wolfSSL | 15:117db924cf7c | 584 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 585 | int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen); |
wolfSSL | 15:117db924cf7c | 586 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 587 | int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed); |
wolfSSL | 15:117db924cf7c | 588 | /* extended functionality with compressed option */ |
wolfSSL | 15:117db924cf7c | 589 | #endif /* HAVE_ECC_KEY_EXPORT */ |
wolfSSL | 15:117db924cf7c | 590 | |
wolfSSL | 15:117db924cf7c | 591 | #ifdef HAVE_ECC_KEY_IMPORT |
wolfSSL | 16:8e0d178b1d1e | 592 | WOLFSSL_ABI WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 593 | int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); |
wolfSSL | 15:117db924cf7c | 594 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 595 | int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, |
wolfSSL | 15:117db924cf7c | 596 | int curve_id); |
wolfSSL | 15:117db924cf7c | 597 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 598 | int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, |
wolfSSL | 15:117db924cf7c | 599 | word32 pubSz, ecc_key* key); |
wolfSSL | 15:117db924cf7c | 600 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 601 | int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, |
wolfSSL | 15:117db924cf7c | 602 | const byte* pub, word32 pubSz, ecc_key* key, int curve_id); |
wolfSSL | 15:117db924cf7c | 603 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 604 | int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen); |
wolfSSL | 15:117db924cf7c | 605 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 606 | int wc_ecc_rs_raw_to_sig(const byte* r, word32 rSz, const byte* s, word32 sSz, |
wolfSSL | 15:117db924cf7c | 607 | byte* out, word32* outlen); |
wolfSSL | 15:117db924cf7c | 608 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 609 | int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, |
wolfSSL | 15:117db924cf7c | 610 | byte* s, word32* sLen); |
wolfSSL | 15:117db924cf7c | 611 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 612 | int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, |
wolfSSL | 15:117db924cf7c | 613 | const char* d, const char* curveName); |
wolfSSL | 15:117db924cf7c | 614 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 615 | int wc_ecc_import_raw_ex(ecc_key* key, const char* qx, const char* qy, |
wolfSSL | 15:117db924cf7c | 616 | const char* d, int curve_id); |
wolfSSL | 15:117db924cf7c | 617 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 618 | int wc_ecc_import_unsigned(ecc_key* key, byte* qx, byte* qy, |
wolfSSL | 15:117db924cf7c | 619 | byte* d, int curve_id); |
wolfSSL | 15:117db924cf7c | 620 | #endif /* HAVE_ECC_KEY_IMPORT */ |
wolfSSL | 15:117db924cf7c | 621 | |
wolfSSL | 15:117db924cf7c | 622 | #ifdef HAVE_ECC_KEY_EXPORT |
wolfSSL | 15:117db924cf7c | 623 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 624 | int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen, |
wolfSSL | 16:8e0d178b1d1e | 625 | byte* qy, word32* qyLen, byte* d, word32* dLen, |
wolfSSL | 16:8e0d178b1d1e | 626 | int encType); |
wolfSSL | 16:8e0d178b1d1e | 627 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 628 | int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); |
wolfSSL | 15:117db924cf7c | 629 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 630 | int wc_ecc_export_public_raw(ecc_key* key, byte* qx, word32* qxLen, |
wolfSSL | 15:117db924cf7c | 631 | byte* qy, word32* qyLen); |
wolfSSL | 15:117db924cf7c | 632 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 633 | int wc_ecc_export_private_raw(ecc_key* key, byte* qx, word32* qxLen, |
wolfSSL | 16:8e0d178b1d1e | 634 | byte* qy, word32* qyLen, byte* d, word32* dLen); |
wolfSSL | 15:117db924cf7c | 635 | #endif /* HAVE_ECC_KEY_EXPORT */ |
wolfSSL | 15:117db924cf7c | 636 | |
wolfSSL | 15:117db924cf7c | 637 | #ifdef HAVE_ECC_KEY_EXPORT |
wolfSSL | 16:8e0d178b1d1e | 638 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 639 | int wc_ecc_export_point_der_ex(const int curve_idx, ecc_point* point, byte* out, |
wolfSSL | 16:8e0d178b1d1e | 640 | word32* outLen, int compressed); |
wolfSSL | 15:117db924cf7c | 641 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 642 | int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, |
wolfSSL | 15:117db924cf7c | 643 | byte* out, word32* outLen); |
wolfSSL | 16:8e0d178b1d1e | 644 | WOLFSSL_LOCAL |
wolfSSL | 16:8e0d178b1d1e | 645 | int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, |
wolfSSL | 16:8e0d178b1d1e | 646 | byte* out, word32* outLen); |
wolfSSL | 15:117db924cf7c | 647 | #endif /* HAVE_ECC_KEY_EXPORT */ |
wolfSSL | 15:117db924cf7c | 648 | |
wolfSSL | 15:117db924cf7c | 649 | |
wolfSSL | 15:117db924cf7c | 650 | #ifdef HAVE_ECC_KEY_IMPORT |
wolfSSL | 15:117db924cf7c | 651 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 652 | int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, |
wolfSSL | 16:8e0d178b1d1e | 653 | ecc_point* point, int shortKeySize); |
wolfSSL | 16:8e0d178b1d1e | 654 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 655 | int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, |
wolfSSL | 15:117db924cf7c | 656 | ecc_point* point); |
wolfSSL | 15:117db924cf7c | 657 | #endif /* HAVE_ECC_KEY_IMPORT */ |
wolfSSL | 15:117db924cf7c | 658 | |
wolfSSL | 15:117db924cf7c | 659 | /* size helper */ |
wolfSSL | 15:117db924cf7c | 660 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 661 | int wc_ecc_size(ecc_key* key); |
wolfSSL | 15:117db924cf7c | 662 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 663 | int wc_ecc_sig_size_calc(int sz); |
wolfSSL | 15:117db924cf7c | 664 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 665 | int wc_ecc_sig_size(ecc_key* key); |
wolfSSL | 15:117db924cf7c | 666 | |
wolfSSL | 15:117db924cf7c | 667 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 668 | int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz); |
wolfSSL | 15:117db924cf7c | 669 | |
wolfSSL | 15:117db924cf7c | 670 | #ifdef WOLFSSL_CUSTOM_CURVES |
wolfSSL | 15:117db924cf7c | 671 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 672 | int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp); |
wolfSSL | 15:117db924cf7c | 673 | #endif |
wolfSSL | 15:117db924cf7c | 674 | |
wolfSSL | 15:117db924cf7c | 675 | #ifdef HAVE_ECC_ENCRYPT |
wolfSSL | 15:117db924cf7c | 676 | /* ecc encrypt */ |
wolfSSL | 15:117db924cf7c | 677 | |
wolfSSL | 15:117db924cf7c | 678 | enum ecEncAlgo { |
wolfSSL | 15:117db924cf7c | 679 | ecAES_128_CBC = 1, /* default */ |
wolfSSL | 15:117db924cf7c | 680 | ecAES_256_CBC = 2 |
wolfSSL | 15:117db924cf7c | 681 | }; |
wolfSSL | 15:117db924cf7c | 682 | |
wolfSSL | 15:117db924cf7c | 683 | enum ecKdfAlgo { |
wolfSSL | 15:117db924cf7c | 684 | ecHKDF_SHA256 = 1, /* default */ |
wolfSSL | 15:117db924cf7c | 685 | ecHKDF_SHA1 = 2 |
wolfSSL | 15:117db924cf7c | 686 | }; |
wolfSSL | 15:117db924cf7c | 687 | |
wolfSSL | 15:117db924cf7c | 688 | enum ecMacAlgo { |
wolfSSL | 15:117db924cf7c | 689 | ecHMAC_SHA256 = 1, /* default */ |
wolfSSL | 15:117db924cf7c | 690 | ecHMAC_SHA1 = 2 |
wolfSSL | 15:117db924cf7c | 691 | }; |
wolfSSL | 15:117db924cf7c | 692 | |
wolfSSL | 15:117db924cf7c | 693 | enum { |
wolfSSL | 15:117db924cf7c | 694 | KEY_SIZE_128 = 16, |
wolfSSL | 15:117db924cf7c | 695 | KEY_SIZE_256 = 32, |
wolfSSL | 15:117db924cf7c | 696 | IV_SIZE_64 = 8, |
wolfSSL | 15:117db924cf7c | 697 | IV_SIZE_128 = 16, |
wolfSSL | 15:117db924cf7c | 698 | EXCHANGE_SALT_SZ = 16, |
wolfSSL | 15:117db924cf7c | 699 | EXCHANGE_INFO_SZ = 23 |
wolfSSL | 15:117db924cf7c | 700 | }; |
wolfSSL | 15:117db924cf7c | 701 | |
wolfSSL | 15:117db924cf7c | 702 | enum ecFlags { |
wolfSSL | 15:117db924cf7c | 703 | REQ_RESP_CLIENT = 1, |
wolfSSL | 15:117db924cf7c | 704 | REQ_RESP_SERVER = 2 |
wolfSSL | 15:117db924cf7c | 705 | }; |
wolfSSL | 15:117db924cf7c | 706 | |
wolfSSL | 15:117db924cf7c | 707 | |
wolfSSL | 15:117db924cf7c | 708 | typedef struct ecEncCtx ecEncCtx; |
wolfSSL | 15:117db924cf7c | 709 | |
wolfSSL | 15:117db924cf7c | 710 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 711 | ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng); |
wolfSSL | 15:117db924cf7c | 712 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 713 | ecEncCtx* wc_ecc_ctx_new_ex(int flags, WC_RNG* rng, void* heap); |
wolfSSL | 15:117db924cf7c | 714 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 715 | void wc_ecc_ctx_free(ecEncCtx*); |
wolfSSL | 15:117db924cf7c | 716 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 717 | int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */ |
wolfSSL | 15:117db924cf7c | 718 | |
wolfSSL | 15:117db924cf7c | 719 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 720 | const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*); |
wolfSSL | 15:117db924cf7c | 721 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 722 | int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); |
wolfSSL | 15:117db924cf7c | 723 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 724 | int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz); |
wolfSSL | 15:117db924cf7c | 725 | |
wolfSSL | 15:117db924cf7c | 726 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 727 | int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, |
wolfSSL | 15:117db924cf7c | 728 | word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); |
wolfSSL | 15:117db924cf7c | 729 | WOLFSSL_API |
wolfSSL | 15:117db924cf7c | 730 | int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, |
wolfSSL | 15:117db924cf7c | 731 | word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); |
wolfSSL | 15:117db924cf7c | 732 | |
wolfSSL | 15:117db924cf7c | 733 | #endif /* HAVE_ECC_ENCRYPT */ |
wolfSSL | 15:117db924cf7c | 734 | |
wolfSSL | 15:117db924cf7c | 735 | #ifdef HAVE_X963_KDF |
wolfSSL | 15:117db924cf7c | 736 | WOLFSSL_API int wc_X963_KDF(enum wc_HashType type, const byte* secret, |
wolfSSL | 15:117db924cf7c | 737 | word32 secretSz, const byte* sinfo, word32 sinfoSz, |
wolfSSL | 15:117db924cf7c | 738 | byte* out, word32 outSz); |
wolfSSL | 15:117db924cf7c | 739 | #endif |
wolfSSL | 15:117db924cf7c | 740 | |
wolfSSL | 15:117db924cf7c | 741 | #ifdef ECC_CACHE_CURVE |
wolfSSL | 15:117db924cf7c | 742 | WOLFSSL_API int wc_ecc_curve_cache_init(void); |
wolfSSL | 15:117db924cf7c | 743 | WOLFSSL_API void wc_ecc_curve_cache_free(void); |
wolfSSL | 15:117db924cf7c | 744 | #endif |
wolfSSL | 15:117db924cf7c | 745 | |
wolfSSL | 16:8e0d178b1d1e | 746 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 747 | int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order); |
wolfSSL | 16:8e0d178b1d1e | 748 | |
wolfSSL | 16:8e0d178b1d1e | 749 | #ifdef WOLFSSL_DSP |
wolfSSL | 16:8e0d178b1d1e | 750 | WOLFSSL_API |
wolfSSL | 16:8e0d178b1d1e | 751 | int wc_ecc_set_handle(ecc_key* key, remote_handle64 handle); |
wolfSSL | 16:8e0d178b1d1e | 752 | WOLFSSL_LOCAL |
wolfSSL | 16:8e0d178b1d1e | 753 | int sp_dsp_ecc_verify_256(remote_handle64 handle, const byte* hash, word32 hashLen, mp_int* pX, |
wolfSSL | 16:8e0d178b1d1e | 754 | mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap); |
wolfSSL | 16:8e0d178b1d1e | 755 | #endif |
wolfSSL | 15:117db924cf7c | 756 | |
wolfSSL | 15:117db924cf7c | 757 | #ifdef __cplusplus |
wolfSSL | 15:117db924cf7c | 758 | } /* extern "C" */ |
wolfSSL | 15:117db924cf7c | 759 | #endif |
wolfSSL | 15:117db924cf7c | 760 | |
wolfSSL | 15:117db924cf7c | 761 | #endif /* HAVE_ECC */ |
wolfSSL | 15:117db924cf7c | 762 | #endif /* WOLF_CRYPT_ECC_H */ |
wolfSSL | 15:117db924cf7c | 763 |