ecdsa.h 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335
  1. /* crypto/ecdsa/ecdsa.h */
  2. /**
  3. * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
  4. * \author Written by Nils Larsch for the OpenSSL project
  5. */
  6. /* ====================================================================
  7. * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
  8. *
  9. * Redistribution and use in source and binary forms, with or without
  10. * modification, are permitted provided that the following conditions
  11. * are met:
  12. *
  13. * 1. Redistributions of source code must retain the above copyright
  14. * notice, this list of conditions and the following disclaimer.
  15. *
  16. * 2. Redistributions in binary form must reproduce the above copyright
  17. * notice, this list of conditions and the following disclaimer in
  18. * the documentation and/or other materials provided with the
  19. * distribution.
  20. *
  21. * 3. All advertising materials mentioning features or use of this
  22. * software must display the following acknowledgment:
  23. * "This product includes software developed by the OpenSSL Project
  24. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  25. *
  26. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27. * endorse or promote products derived from this software without
  28. * prior written permission. For written permission, please contact
  29. * [email protected].
  30. *
  31. * 5. Products derived from this software may not be called "OpenSSL"
  32. * nor may "OpenSSL" appear in their names without prior written
  33. * permission of the OpenSSL Project.
  34. *
  35. * 6. Redistributions of any form whatsoever must retain the following
  36. * acknowledgment:
  37. * "This product includes software developed by the OpenSSL Project
  38. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51. * OF THE POSSIBILITY OF SUCH DAMAGE.
  52. * ====================================================================
  53. *
  54. * This product includes cryptographic software written by Eric Young
  55. * ([email protected]). This product includes software written by Tim
  56. * Hudson ([email protected]).
  57. *
  58. */
  59. #ifndef HEADER_ECDSA_H
  60. # define HEADER_ECDSA_H
  61. # include <openssl/opensslconf.h>
  62. # ifdef OPENSSL_NO_ECDSA
  63. # error ECDSA is disabled.
  64. # endif
  65. # include <openssl/ec.h>
  66. # include <openssl/ossl_typ.h>
  67. # ifndef OPENSSL_NO_DEPRECATED
  68. # include <openssl/bn.h>
  69. # endif
  70. #ifdef __cplusplus
  71. extern "C" {
  72. #endif
  73. typedef struct ECDSA_SIG_st {
  74. BIGNUM *r;
  75. BIGNUM *s;
  76. } ECDSA_SIG;
  77. /** Allocates and initialize a ECDSA_SIG structure
  78. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  79. */
  80. ECDSA_SIG *ECDSA_SIG_new(void);
  81. /** frees a ECDSA_SIG structure
  82. * \param sig pointer to the ECDSA_SIG structure
  83. */
  84. void ECDSA_SIG_free(ECDSA_SIG *sig);
  85. /** DER encode content of ECDSA_SIG object (note: this function modifies *pp
  86. * (*pp += length of the DER encoded signature)).
  87. * \param sig pointer to the ECDSA_SIG object
  88. * \param pp pointer to a unsigned char pointer for the output or NULL
  89. * \return the length of the DER encoded ECDSA_SIG object or 0
  90. */
  91. int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
  92. /** Decodes a DER encoded ECDSA signature (note: this function changes *pp
  93. * (*pp += len)).
  94. * \param sig pointer to ECDSA_SIG pointer (may be NULL)
  95. * \param pp memory buffer with the DER encoded signature
  96. * \param len length of the buffer
  97. * \return pointer to the decoded ECDSA_SIG structure (or NULL)
  98. */
  99. ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
  100. /** Computes the ECDSA signature of the given hash value using
  101. * the supplied private key and returns the created signature.
  102. * \param dgst pointer to the hash value
  103. * \param dgst_len length of the hash value
  104. * \param eckey EC_KEY object containing a private EC key
  105. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  106. */
  107. ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
  108. EC_KEY *eckey);
  109. /** Computes ECDSA signature of a given hash value using the supplied
  110. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  111. * \param dgst pointer to the hash value to sign
  112. * \param dgstlen length of the hash value
  113. * \param kinv BIGNUM with a pre-computed inverse k (optional)
  114. * \param rp BIGNUM with a pre-computed rp value (optioanl),
  115. * see ECDSA_sign_setup
  116. * \param eckey EC_KEY object containing a private EC key
  117. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  118. */
  119. ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
  120. const BIGNUM *kinv, const BIGNUM *rp,
  121. EC_KEY *eckey);
  122. /** Verifies that the supplied signature is a valid ECDSA
  123. * signature of the supplied hash value using the supplied public key.
  124. * \param dgst pointer to the hash value
  125. * \param dgst_len length of the hash value
  126. * \param sig ECDSA_SIG structure
  127. * \param eckey EC_KEY object containing a public EC key
  128. * \return 1 if the signature is valid, 0 if the signature is invalid
  129. * and -1 on error
  130. */
  131. int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
  132. const ECDSA_SIG *sig, EC_KEY *eckey);
  133. const ECDSA_METHOD *ECDSA_OpenSSL(void);
  134. /** Sets the default ECDSA method
  135. * \param meth new default ECDSA_METHOD
  136. */
  137. void ECDSA_set_default_method(const ECDSA_METHOD *meth);
  138. /** Returns the default ECDSA method
  139. * \return pointer to ECDSA_METHOD structure containing the default method
  140. */
  141. const ECDSA_METHOD *ECDSA_get_default_method(void);
  142. /** Sets method to be used for the ECDSA operations
  143. * \param eckey EC_KEY object
  144. * \param meth new method
  145. * \return 1 on success and 0 otherwise
  146. */
  147. int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
  148. /** Returns the maximum length of the DER encoded signature
  149. * \param eckey EC_KEY object
  150. * \return numbers of bytes required for the DER encoded signature
  151. */
  152. int ECDSA_size(const EC_KEY *eckey);
  153. /** Precompute parts of the signing operation
  154. * \param eckey EC_KEY object containing a private EC key
  155. * \param ctx BN_CTX object (optional)
  156. * \param kinv BIGNUM pointer for the inverse of k
  157. * \param rp BIGNUM pointer for x coordinate of k * generator
  158. * \return 1 on success and 0 otherwise
  159. */
  160. int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
  161. /** Computes ECDSA signature of a given hash value using the supplied
  162. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  163. * \param type this parameter is ignored
  164. * \param dgst pointer to the hash value to sign
  165. * \param dgstlen length of the hash value
  166. * \param sig memory for the DER encoded created signature
  167. * \param siglen pointer to the length of the returned signature
  168. * \param eckey EC_KEY object containing a private EC key
  169. * \return 1 on success and 0 otherwise
  170. */
  171. int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
  172. unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
  173. /** Computes ECDSA signature of a given hash value using the supplied
  174. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  175. * \param type this parameter is ignored
  176. * \param dgst pointer to the hash value to sign
  177. * \param dgstlen length of the hash value
  178. * \param sig buffer to hold the DER encoded signature
  179. * \param siglen pointer to the length of the returned signature
  180. * \param kinv BIGNUM with a pre-computed inverse k (optional)
  181. * \param rp BIGNUM with a pre-computed rp value (optioanl),
  182. * see ECDSA_sign_setup
  183. * \param eckey EC_KEY object containing a private EC key
  184. * \return 1 on success and 0 otherwise
  185. */
  186. int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
  187. unsigned char *sig, unsigned int *siglen,
  188. const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
  189. /** Verifies that the given signature is valid ECDSA signature
  190. * of the supplied hash value using the specified public key.
  191. * \param type this parameter is ignored
  192. * \param dgst pointer to the hash value
  193. * \param dgstlen length of the hash value
  194. * \param sig pointer to the DER encoded signature
  195. * \param siglen length of the DER encoded signature
  196. * \param eckey EC_KEY object containing a public EC key
  197. * \return 1 if the signature is valid, 0 if the signature is invalid
  198. * and -1 on error
  199. */
  200. int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
  201. const unsigned char *sig, int siglen, EC_KEY *eckey);
  202. /* the standard ex_data functions */
  203. int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
  204. *new_func, CRYPTO_EX_dup *dup_func,
  205. CRYPTO_EX_free *free_func);
  206. int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
  207. void *ECDSA_get_ex_data(EC_KEY *d, int idx);
  208. /** Allocates and initialize a ECDSA_METHOD structure
  209. * \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
  210. * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
  211. */
  212. ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method);
  213. /** frees a ECDSA_METHOD structure
  214. * \param ecdsa_method pointer to the ECDSA_METHOD structure
  215. */
  216. void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
  217. /** Sets application specific data in the ECDSA_METHOD
  218. * \param ecdsa_method pointer to existing ECDSA_METHOD
  219. * \param app application specific data to set
  220. */
  221. void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
  222. /** Returns application specific data from a ECDSA_METHOD structure
  223. * \param ecdsa_method pointer to ECDSA_METHOD structure
  224. * \return pointer to application specific data.
  225. */
  226. void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
  227. /** Set the ECDSA_do_sign function in the ECDSA_METHOD
  228. * \param ecdsa_method pointer to existing ECDSA_METHOD
  229. * \param ecdsa_do_sign a funtion of type ECDSA_do_sign
  230. */
  231. void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
  232. ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
  233. *dgst, int dgst_len,
  234. const BIGNUM *inv,
  235. const BIGNUM *rp,
  236. EC_KEY *eckey));
  237. /** Set the ECDSA_sign_setup function in the ECDSA_METHOD
  238. * \param ecdsa_method pointer to existing ECDSA_METHOD
  239. * \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
  240. */
  241. void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
  242. int (*ecdsa_sign_setup) (EC_KEY *eckey,
  243. BN_CTX *ctx,
  244. BIGNUM **kinv,
  245. BIGNUM **r));
  246. /** Set the ECDSA_do_verify function in the ECDSA_METHOD
  247. * \param ecdsa_method pointer to existing ECDSA_METHOD
  248. * \param ecdsa_do_verify a funtion of type ECDSA_do_verify
  249. */
  250. void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
  251. int (*ecdsa_do_verify) (const unsigned char
  252. *dgst, int dgst_len,
  253. const ECDSA_SIG *sig,
  254. EC_KEY *eckey));
  255. void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
  256. /** Set the flags field in the ECDSA_METHOD
  257. * \param ecdsa_method pointer to existing ECDSA_METHOD
  258. * \param flags flags value to set
  259. */
  260. void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
  261. /** Set the name field in the ECDSA_METHOD
  262. * \param ecdsa_method pointer to existing ECDSA_METHOD
  263. * \param name name to set
  264. */
  265. /* BEGIN ERROR CODES */
  266. /*
  267. * The following lines are auto generated by the script mkerr.pl. Any changes
  268. * made after this point may be overwritten when the script is next run.
  269. */
  270. void ERR_load_ECDSA_strings(void);
  271. /* Error codes for the ECDSA functions. */
  272. /* Function codes. */
  273. # define ECDSA_F_ECDSA_CHECK 104
  274. # define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
  275. # define ECDSA_F_ECDSA_DO_SIGN 101
  276. # define ECDSA_F_ECDSA_DO_VERIFY 102
  277. # define ECDSA_F_ECDSA_METHOD_NEW 105
  278. # define ECDSA_F_ECDSA_SIGN_SETUP 103
  279. /* Reason codes. */
  280. # define ECDSA_R_BAD_SIGNATURE 100
  281. # define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
  282. # define ECDSA_R_ERR_EC_LIB 102
  283. # define ECDSA_R_MISSING_PARAMETERS 103
  284. # define ECDSA_R_NEED_NEW_SETUP_VALUES 106
  285. # define ECDSA_R_NON_FIPS_METHOD 107
  286. # define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
  287. # define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
  288. #ifdef __cplusplus
  289. }
  290. #endif
  291. #endif