]>
Commit | Line | Data |
---|---|---|
4d94ae00 | 1 | /* crypto/ecdsa/ecdsa.h */ |
c6700d27 GT |
2 | /** |
3 | * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions | |
4 | * \author Written by Nils Larsch for the OpenSSL project | |
5 | */ | |
4d94ae00 | 6 | /* ==================================================================== |
b17ecb64 | 7 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
4d94ae00 BM |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | |
12 | * | |
13 | * 1. Redistributions of source code must retain the above copyright | |
14 | * notice, this list of conditions and the following disclaimer. | |
15 | * | |
16 | * 2. Redistributions in binary form must reproduce the above copyright | |
17 | * notice, this list of conditions and the following disclaimer in | |
18 | * the documentation and/or other materials provided with the | |
19 | * distribution. | |
20 | * | |
21 | * 3. All advertising materials mentioning features or use of this | |
22 | * software must display the following acknowledgment: | |
23 | * "This product includes software developed by the OpenSSL Project | |
24 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
25 | * | |
26 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
27 | * endorse or promote products derived from this software without | |
28 | * prior written permission. For written permission, please contact | |
29 | * licensing@OpenSSL.org. | |
30 | * | |
31 | * 5. Products derived from this software may not be called "OpenSSL" | |
32 | * nor may "OpenSSL" appear in their names without prior written | |
33 | * permission of the OpenSSL Project. | |
34 | * | |
35 | * 6. Redistributions of any form whatsoever must retain the following | |
36 | * acknowledgment: | |
37 | * "This product includes software developed by the OpenSSL Project | |
38 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
39 | * | |
40 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
41 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
43 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
44 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
45 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
46 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
47 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
49 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
50 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
51 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
52 | * ==================================================================== | |
53 | * | |
54 | * This product includes cryptographic software written by Eric Young | |
55 | * (eay@cryptsoft.com). This product includes software written by Tim | |
56 | * Hudson (tjh@cryptsoft.com). | |
57 | * | |
58 | */ | |
59 | #ifndef HEADER_ECDSA_H | |
60 | #define HEADER_ECDSA_H | |
61 | ||
3b6aa36c RL |
62 | #include <openssl/opensslconf.h> |
63 | ||
4d94ae00 BM |
64 | #ifdef OPENSSL_NO_ECDSA |
65 | #error ECDSA is disabled. | |
66 | #endif | |
67 | ||
4d94ae00 | 68 | #include <openssl/ec.h> |
4d94ae00 | 69 | #include <openssl/ossl_typ.h> |
0f814687 GT |
70 | #ifndef OPENSSL_NO_DEPRECATED |
71 | #include <openssl/bn.h> | |
72 | #endif | |
4d94ae00 BM |
73 | |
74 | #ifdef __cplusplus | |
75 | extern "C" { | |
76 | #endif | |
77 | ||
4d94ae00 | 78 | typedef struct ECDSA_SIG_st |
3a87a9b9 | 79 | { |
4d94ae00 BM |
80 | BIGNUM *r; |
81 | BIGNUM *s; | |
3a87a9b9 | 82 | } ECDSA_SIG; |
4d94ae00 | 83 | |
b17ecb64 NL |
84 | /** Allocates and initialize a ECDSA_SIG structure |
85 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | |
c6700d27 | 86 | */ |
4d94ae00 | 87 | ECDSA_SIG *ECDSA_SIG_new(void); |
c6700d27 | 88 | |
b17ecb64 NL |
89 | /** frees a ECDSA_SIG structure |
90 | * \param sig pointer to the ECDSA_SIG structure | |
c6700d27 | 91 | */ |
b17ecb64 | 92 | void ECDSA_SIG_free(ECDSA_SIG *sig); |
c6700d27 | 93 | |
b17ecb64 NL |
94 | /** DER encode content of ECDSA_SIG object (note: this function modifies *pp |
95 | * (*pp += length of the DER encoded signature)). | |
96 | * \param sig pointer to the ECDSA_SIG object | |
97 | * \param pp pointer to a unsigned char pointer for the output or NULL | |
98 | * \return the length of the DER encoded ECDSA_SIG object or 0 | |
c6700d27 | 99 | */ |
b17ecb64 | 100 | int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); |
4d94ae00 | 101 | |
b17ecb64 NL |
102 | /** Decodes a DER encoded ECDSA signature (note: this function changes *pp |
103 | * (*pp += len)). | |
104 | * \param sig pointer to ECDSA_SIG pointer (may be NULL) | |
105 | * \param pp memory buffer with the DER encoded signature | |
106 | * \param len length of the buffer | |
107 | * \return pointer to the decoded ECDSA_SIG structure (or NULL) | |
c6700d27 | 108 | */ |
6343829a | 109 | ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); |
c6700d27 | 110 | |
b17ecb64 NL |
111 | /** Computes the ECDSA signature of the given hash value using |
112 | * the supplied private key and returns the created signature. | |
113 | * \param dgst pointer to the hash value | |
114 | * \param dgst_len length of the hash value | |
115 | * \param eckey EC_KEY object containing a private EC key | |
116 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | |
c6700d27 GT |
117 | */ |
118 | ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey); | |
14a7cfb3 | 119 | |
b17ecb64 NL |
120 | /** Computes ECDSA signature of a given hash value using the supplied |
121 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | |
122 | * \param dgst pointer to the hash value to sign | |
123 | * \param dgstlen length of the hash value | |
124 | * \param kinv BIGNUM with a pre-computed inverse k (optional) | |
125 | * \param rp BIGNUM with a pre-computed rp value (optioanl), | |
126 | * see ECDSA_sign_setup | |
127 | * \param eckey EC_KEY object containing a private EC key | |
128 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | |
9dd84053 NL |
129 | */ |
130 | ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, | |
131 | const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); | |
132 | ||
b17ecb64 NL |
133 | /** Verifies that the supplied signature is a valid ECDSA |
134 | * signature of the supplied hash value using the supplied public key. | |
135 | * \param dgst pointer to the hash value | |
136 | * \param dgst_len length of the hash value | |
137 | * \param sig ECDSA_SIG structure | |
138 | * \param eckey EC_KEY object containing a public EC key | |
139 | * \return 1 if the signature is valid, 0 if the signature is invalid | |
140 | * and -1 on error | |
c6700d27 | 141 | */ |
a0bee97e NL |
142 | int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, |
143 | const ECDSA_SIG *sig, EC_KEY* eckey); | |
4d94ae00 BM |
144 | |
145 | const ECDSA_METHOD *ECDSA_OpenSSL(void); | |
146 | ||
b17ecb64 NL |
147 | /** Sets the default ECDSA method |
148 | * \param meth new default ECDSA_METHOD | |
c6700d27 GT |
149 | */ |
150 | void ECDSA_set_default_method(const ECDSA_METHOD *meth); | |
151 | ||
b17ecb64 NL |
152 | /** Returns the default ECDSA method |
153 | * \return pointer to ECDSA_METHOD structure containing the default method | |
c6700d27 | 154 | */ |
af1cb47e | 155 | const ECDSA_METHOD *ECDSA_get_default_method(void); |
4d94ae00 | 156 | |
b17ecb64 NL |
157 | /** Sets method to be used for the ECDSA operations |
158 | * \param eckey EC_KEY object | |
159 | * \param meth new method | |
160 | * \return 1 on success and 0 otherwise | |
c6700d27 GT |
161 | */ |
162 | int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); | |
163 | ||
b17ecb64 NL |
164 | /** Returns the maximum length of the DER encoded signature |
165 | * \param eckey EC_KEY object | |
166 | * \return numbers of bytes required for the DER encoded signature | |
c6700d27 GT |
167 | */ |
168 | int ECDSA_size(const EC_KEY *eckey); | |
169 | ||
b17ecb64 NL |
170 | /** Precompute parts of the signing operation |
171 | * \param eckey EC_KEY object containing a private EC key | |
172 | * \param ctx BN_CTX object (optional) | |
173 | * \param kinv BIGNUM pointer for the inverse of k | |
174 | * \param rp BIGNUM pointer for x coordinate of k * generator | |
175 | * \return 1 on success and 0 otherwise | |
c6700d27 | 176 | */ |
14a7cfb3 BM |
177 | int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, |
178 | BIGNUM **rp); | |
c6700d27 | 179 | |
b17ecb64 NL |
180 | /** Computes ECDSA signature of a given hash value using the supplied |
181 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | |
182 | * \param type this parameter is ignored | |
183 | * \param dgst pointer to the hash value to sign | |
184 | * \param dgstlen length of the hash value | |
185 | * \param sig memory for the DER encoded created signature | |
186 | * \param siglen pointer to the length of the returned signature | |
187 | * \param eckey EC_KEY object containing a private EC key | |
188 | * \return 1 on success and 0 otherwise | |
c6700d27 GT |
189 | */ |
190 | int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, | |
14a7cfb3 | 191 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); |
4d94ae00 | 192 | |
9dd84053 | 193 | |
b17ecb64 NL |
194 | /** Computes ECDSA signature of a given hash value using the supplied |
195 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | |
196 | * \param type this parameter is ignored | |
197 | * \param dgst pointer to the hash value to sign | |
198 | * \param dgstlen length of the hash value | |
199 | * \param sig buffer to hold the DER encoded signature | |
200 | * \param siglen pointer to the length of the returned signature | |
201 | * \param kinv BIGNUM with a pre-computed inverse k (optional) | |
202 | * \param rp BIGNUM with a pre-computed rp value (optioanl), | |
203 | * see ECDSA_sign_setup | |
204 | * \param eckey EC_KEY object containing a private EC key | |
205 | * \return 1 on success and 0 otherwise | |
9dd84053 NL |
206 | */ |
207 | int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, | |
208 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, | |
209 | const BIGNUM *rp, EC_KEY *eckey); | |
210 | ||
b17ecb64 NL |
211 | /** Verifies that the given signature is valid ECDSA signature |
212 | * of the supplied hash value using the specified public key. | |
213 | * \param type this parameter is ignored | |
214 | * \param dgst pointer to the hash value | |
215 | * \param dgstlen length of the hash value | |
216 | * \param sig pointer to the DER encoded signature | |
217 | * \param siglen length of the DER encoded signature | |
218 | * \param eckey EC_KEY object containing a public EC key | |
219 | * \return 1 if the signature is valid, 0 if the signature is invalid | |
220 | * and -1 on error | |
c6700d27 GT |
221 | */ |
222 | int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, | |
223 | const unsigned char *sig, int siglen, EC_KEY *eckey); | |
4d94ae00 | 224 | |
c6700d27 | 225 | /* the standard ex_data functions */ |
14a7cfb3 BM |
226 | int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new |
227 | *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); | |
228 | int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); | |
229 | void *ECDSA_get_ex_data(EC_KEY *d, int idx); | |
4d94ae00 | 230 | |
fe26d066 DSH |
231 | #ifdef OPENSSL_FIPS |
232 | /* Standalone FIPS signature operations */ | |
233 | ECDSA_SIG * FIPS_ecdsa_sign_digest(EC_KEY *key, | |
234 | const unsigned char *dig, int dlen); | |
235 | ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx); | |
236 | int FIPS_ecdsa_verify_digest(EC_KEY *key, | |
237 | const unsigned char *dig, int dlen, ECDSA_SIG *s); | |
238 | int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s); | |
f4324e51 DSH |
239 | int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen, |
240 | const EVP_MD *mhash, ECDSA_SIG *s); | |
241 | ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key, | |
242 | const unsigned char *msg, size_t msglen, | |
243 | const EVP_MD *mhash); | |
fe26d066 DSH |
244 | #endif |
245 | ||
4d94ae00 BM |
246 | |
247 | /* BEGIN ERROR CODES */ | |
248 | /* The following lines are auto generated by the script mkerr.pl. Any changes | |
249 | * made after this point may be overwritten when the script is next run. | |
250 | */ | |
af1cb47e | 251 | void ERR_load_ECDSA_strings(void); |
4d94ae00 BM |
252 | |
253 | /* Error codes for the ECDSA functions. */ | |
254 | ||
255 | /* Function codes. */ | |
aa4ce731 | 256 | #define ECDSA_F_ECDSA_DATA_NEW_METHOD 100 |
14a7cfb3 BM |
257 | #define ECDSA_F_ECDSA_DO_SIGN 101 |
258 | #define ECDSA_F_ECDSA_DO_VERIFY 102 | |
259 | #define ECDSA_F_ECDSA_SIGN_SETUP 103 | |
4d94ae00 BM |
260 | |
261 | /* Reason codes. */ | |
262 | #define ECDSA_R_BAD_SIGNATURE 100 | |
14a7cfb3 BM |
263 | #define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 |
264 | #define ECDSA_R_ERR_EC_LIB 102 | |
265 | #define ECDSA_R_MISSING_PARAMETERS 103 | |
2fc281d0 | 266 | #define ECDSA_R_NEED_NEW_SETUP_VALUES 106 |
8a99cb29 | 267 | #define ECDSA_R_NONCE_CANNOT_BE_PRECOMPUTED 107 |
14a7cfb3 BM |
268 | #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 |
269 | #define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 | |
4d94ae00 BM |
270 | |
271 | #ifdef __cplusplus | |
272 | } | |
273 | #endif | |
274 | #endif |