* \param order the order of the group generated by the generator.
* \param cofactor the index of the sub-group generated by the generator
* in the group of all points on the elliptic curve.
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
* \param group EC_GROUP object
* \param order BIGNUM to which the order is copied
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
* \param group EC_GROUP object
* \param cofactor BIGNUM to which the cofactor is copied
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
#endif
/** Copies EC_POINT object
* \param dst destination EC_POINT object
* \param src source EC_POINT object
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
/** Sets a point to infinity (neutral element)
* \param group underlying EC_GROUP object
* \param point EC_POINT to set to infinity
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
* \param y BIGNUM with the y-coordinate
* \param z BIGNUM with the z-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
* \param y BIGNUM for the y-coordinate
* \param z BIGNUM for the z-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
* \param buf memory buffer with the encoded ec point
* \param len length of the encoded ec point
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
const unsigned char *buf, size_t len, BN_CTX *ctx);
* \param a EC_POINT object with the first summand
* \param b EC_POINT object with the second summand
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
* \param r EC_POINT object for the result (r = 2 * a)
* \param a EC_POINT object
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
* \param group underlying EC_GROUP object
* \param a EC_POINT object to be inverted (it's used for the result as well)
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
* \param p array of size num of EC_POINT objects
* \param m array of size num of BIGNUM objects
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
* \param q EC_POINT object with the first factor of the second summand
* \param m BIGNUM with the second factor of the second summand
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
- * \return 1 on success and 0 if an error occured
+ * \return 1 on success and 0 if an error occurred
*/
int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
/* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-/** Sets whether ECDSA operations with the given key will calculate their k
- * value from SHA512(private_key + message + random) in order to protect
- * against a weak PRNG.
- * \param on Whether to calculate k from a hash or not
- */
-void EC_KEY_set_nonce_from_hash(EC_KEY *key, int on);
-
-/** Returns the value of nonce_from_hash
- */
-int EC_KEY_get_nonce_from_hash(const EC_KEY *key);
-
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.
* \param key EC_KEY object
int EC_KEY_check_key(const EC_KEY *key);
/** Sets a public key from affine coordindates performing
- * neccessary NIST PKV tests.
+ * necessary NIST PKV tests.
* \param key the EC_KEY object
* \param x public key x coordinate
* \param y public key y coordinate
EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
+#define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
+
+#define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
+
+#define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
+
+#define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
+
+#define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
+
+#define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
+
+#define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
+
+#define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
+
+#define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
+
+#define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
+
#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
+#define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
+#define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
+#define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
+#define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
+#define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
+#define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
+#define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
+#define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
+/* KDF types */
+#define EVP_PKEY_ECDH_KDF_NONE 1
+#define EVP_PKEY_ECDH_KDF_X9_62 2
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
#define EC_F_D2I_ECPKPARAMETERS 145
#define EC_F_D2I_ECPRIVATEKEY 146
#define EC_F_DO_EC_KEY_PRINT 221
+#define EC_F_ECDH_CMS_DECRYPT 238
+#define EC_F_ECDH_CMS_SET_SHARED_INFO 239
#define EC_F_ECKEY_PARAM2TYPE 223
#define EC_F_ECKEY_PARAM_DECODE 212
#define EC_F_ECKEY_PRIV_DECODE 213
#define EC_R_INVALID_COMPRESSED_POINT 110
#define EC_R_INVALID_COMPRESSION_BIT 109
#define EC_R_INVALID_CURVE 141
+#define EC_R_INVALID_DIGEST 151
#define EC_R_INVALID_DIGEST_TYPE 138
#define EC_R_INVALID_ENCODING 102
#define EC_R_INVALID_FIELD 103
#define EC_R_INVALID_PENTANOMIAL_BASIS 132
#define EC_R_INVALID_PRIVATE_KEY 123
#define EC_R_INVALID_TRINOMIAL_BASIS 137
+#define EC_R_KDF_PARAMETER_ERROR 148
#define EC_R_KEYS_NOT_SET 140
#define EC_R_MISSING_PARAMETERS 124
#define EC_R_MISSING_PRIVATE_KEY 125
#define EC_R_NO_FIELD_MOD 133
#define EC_R_NO_PARAMETERS_SET 139
#define EC_R_PASSED_NULL_PARAMETER 134
+#define EC_R_PEER_KEY_ERROR 149
#define EC_R_PKPARAMETERS2GROUP_FAILURE 127
#define EC_R_POINT_AT_INFINITY 106
#define EC_R_POINT_IS_NOT_ON_CURVE 107
+#define EC_R_SHARED_INFO_ERROR 150
#define EC_R_SLOT_FULL 108
#define EC_R_UNDEFINED_GENERATOR 113
#define EC_R_UNDEFINED_ORDER 128