X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fecdsa%2Fecdsa.h;h=e6081bb2af52ad7a27ee52899dd2474d92adaec7;hp=00cd71d068f529a162259ae8cfbe9c664ef918fa;hb=42ba5d2329a2705d45417db3dd374c677eb47e05;hpb=0bee0e6294882b18ffa0053597532058a19d6f89 diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 00cd71d068..e6081bb2af 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -1,6 +1,10 @@ /* crypto/ecdsa/ecdsa.h */ +/** + * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions + * \author Written by Nils Larsch for the OpenSSL project + */ /* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -55,148 +59,217 @@ #ifndef HEADER_ECDSA_H #define HEADER_ECDSA_H +#include + #ifdef OPENSSL_NO_ECDSA #error ECDSA is disabled. #endif -#ifndef OPENSSL_NO_BIO -#include -#endif -#include #include #include +#ifndef OPENSSL_NO_DEPRECATED +#include +#endif #ifdef __cplusplus extern "C" { #endif -typedef struct ecdsa_st ECDSA; +/* Already defined in ossl_typ.h */ +/* typedef struct ecdsa_method ECDSA_METHOD; */ typedef struct ECDSA_SIG_st -{ + { BIGNUM *r; BIGNUM *s; -} ECDSA_SIG; + } ECDSA_SIG; -typedef struct ecdsa_method -{ +struct ecdsa_method + { const char *name; - ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); - int (*ecdsa_sign_setup)(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa); - int (*init)(ECDSA *ecdsa); - int (*finish)(ECDSA *ecdsa); + ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, + EC_KEY *eckey); + int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **r); + int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey); +#if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +#endif int flags; char *app_data; -} ECDSA_METHOD; + }; -struct ecdsa_st -{ - int version; - point_conversion_form_t conversion_form; +typedef struct ecdsa_data_st { + /* EC_KEY_METH_DATA part */ + int (*init)(EC_KEY *); + void (*finish)(EC_KEY *); + /* method (ECDSA) specific part */ + BIGNUM *kinv; /* signing pre-calc */ + BIGNUM *r; /* signing pre-calc */ + ENGINE *engine; + int flags; + const ECDSA_METHOD *meth; + CRYPTO_EX_DATA ex_data; +} ECDSA_DATA; - EC_GROUP *group; +/** ECDSA_SIG *ECDSA_SIG_new(void) + * allocates and initialize a ECDSA_SIG structure + * \return pointer to a ECDSA_SIG structure or NULL if an error occurred + */ +ECDSA_SIG *ECDSA_SIG_new(void); - EC_POINT *pub_key; - BIGNUM *priv_key; +/** ECDSA_SIG_free + * frees a ECDSA_SIG structure + * \param a pointer to the ECDSA_SIG structure + */ +void ECDSA_SIG_free(ECDSA_SIG *a); - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ +/** i2d_ECDSA_SIG + * DER encode content of ECDSA_SIG object (note: this function modifies *pp + * (*pp += length of the DER encoded signature)). + * \param a pointer to the ECDSA_SIG object + * \param pp pointer to a unsigned char pointer for the output or NULL + * \return the length of the DER encoded ECDSA_SIG object or 0 + */ +int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp); - unsigned int enc_flag; +/** d2i_ECDSA_SIG + * decodes a DER encoded ECDSA signature (note: this function changes *pp + * (*pp += len)). + * \param v pointer to ECDSA_SIG pointer (may be NULL) + * \param pp buffer with the DER encoded signature + * \param len bufferlength + * \return pointer to the decoded ECDSA_SIG structure (or NULL) + */ +ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len); - int references; - int flags; - CRYPTO_EX_DATA ex_data; - const ECDSA_METHOD *meth; - struct engine_st *engine; -}; +/** ECDSA_DATA_new + * creates a new ECDSA_DATA object + * \return pointer to a newly allocated (and initialized) ECDSA_DATA object + */ +ECDSA_DATA *ECDSA_DATA_new(void); -/* some values for the encoding_flag */ -#define ECDSA_PKEY_NO_PARAMETERS 0x001 -#define ECDSA_PKEY_NO_PUBKEY 0x002 +/** ECDSA_DATA_new_method + * creates a new ECDSA_DATA object using a specified ENGINE + * \param eng pointer to a ENGINE structure + * \return pointer to a newly allocated (and initialized) ECDSA_DATA object + */ +ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng); -ECDSA_SIG *ECDSA_SIG_new(void); -void ECDSA_SIG_free(ECDSA_SIG *a); -int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp); -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length); +/** ECDSA_DATA_free + * frees ECDSA_DATA structure + * \param data pointer to a ECDSA_DATA structure + */ +void ECDSA_DATA_free(ECDSA_DATA *data); + +/** ecdsa_check + * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure + * and if not it removes the old meth_data and creates a ECDSA_DATA structure. + * \param eckey pointer to a EC_KEY object + * \return pointer to a ECDSA_DATA structure + */ +ECDSA_DATA *ecdsa_check(EC_KEY *eckey); + +/** ECDSA_do_sign + * computes the ECDSA signature of the given hash value using + * the supplied private key and returns the created signature. + * \param dgst pointer to the hash value + * \param dgst_len length of the hash value + * \param eckey pointer to the EC_KEY object containing a private EC key + * \return pointer to a ECDSA_SIG structure or NULL + */ +ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey); -ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA* ecdsa); -int ECDSA_generate_key(ECDSA *ecdsa); -int ECDSA_check_key(ECDSA *ecdsa); +/** ECDSA_do_verify + * verifies that the supplied signature is a valid ECDSA + * signature of the supplied hash value using the supplied public key. + * \param dgst pointer to the hash value + * \param dgst_len length of the hash value + * \param sig pointer to the ECDSA_SIG structure + * \param eckey pointer to the EC_KEY object containing a public EC key + * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error + */ +int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG + *sig, EC_KEY* eckey); const ECDSA_METHOD *ECDSA_OpenSSL(void); -void ECDSA_set_default_method(const ECDSA_METHOD *); +/** ECDSA_set_default_method + * sets the default ECDSA method + * \param meth the new default ECDSA_METHOD + */ +void ECDSA_set_default_method(const ECDSA_METHOD *meth); + +/** ECDSA_get_default_method + * returns the default ECDSA method + * \return pointer to ECDSA_METHOD structure containing the default method + */ const ECDSA_METHOD *ECDSA_get_default_method(void); -int ECDSA_set_method(ECDSA *, const ECDSA_METHOD *); - -ECDSA *ECDSA_new(void); -ECDSA *ECDSA_new_method(ENGINE *engine); -int ECDSA_size(const ECDSA *); -int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp); -int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, unsigned char *sig, - unsigned int *siglen, ECDSA *ecdsa); -int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sig, - int sig_len, ECDSA *ecdsa); -int ECDSA_up_ref(ECDSA *ecdsa); -void ECDSA_free(ECDSA *a); -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg); -void *ECDSA_get_ex_data(ECDSA *d, int idx); - -#ifndef OPENSSL_NO_BIO -int ECDSAParameters_print(BIO *bp, const ECDSA *x); -int ECDSA_print(BIO *bp, const ECDSA *x, int off); -#endif -#ifndef OPENSSL_NO_FP_API -int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x); -int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off); -#endif - -/* the ECDSA_{set|get}_enc_flag() specify the encoding - * of the elliptic curve private key */ -unsigned int ECDSA_get_enc_flag(const ECDSA *); -void ECDSA_set_enc_flag(ECDSA *, unsigned int); - -/* The ECDSA_{set|get}_conversion_type() functions set/get the - * conversion form for ec-points (see ec.h) in a ECDSA-structure */ -void ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t); -point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *); -/* The ECDSA_{set|get}_default_conversion_form() functions set/get the - * default conversion form */ -void ECDSA_set_default_conversion_form(const point_conversion_form_t); -point_conversion_form_t ECDSA_get_default_conversion_form(void); - -/* the basic de- and encode functions ( see ecs_asn1.c ) */ -ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAParameters(ECDSA *a, unsigned char **out); - -ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out); - -/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure. - * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero - * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */ -ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len); -/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding - * of the public key. If out != NULL then the function returns in *out - * a pointer to the octet string */ -int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out); - - -#define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \ - (char *(*)())d2i_ECDSAParameters,(char *)(x)) -#define d2i_ECDSAParameters_fp(fp,x) (ECDSA *)ASN1_d2i_fp((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(fp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECDSAParameters,(fp), \ - (unsigned char *)(x)) -#define d2i_ECDSAParameters_bio(bp,x) (ECDSA *)ASN1_d2i_bio((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(bp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECDSAParameters,(bp), \ - (unsigned char *)(x)) + +/** ECDSA_set_method + * sets method to be used for the ECDSA operations + * \param eckey pointer to the EC_KEY object + * \param meth pointer to the new method + * \return 1 on success and 0 otherwise + */ +int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); + +/** ECDSA_size + * returns the maximum length of the DER encoded signature + * \param eckey pointer to a EC_KEY object + * \return numbers of bytes required for the DER encoded signature + */ +int ECDSA_size(const EC_KEY *eckey); + +/** ECDSA_sign_setup + * precompute parts of the signing operation (the computed values may be + * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature + * computation). + * \param eckey pointer to the EC_KEY object containing a private EC key + * \param ctx pointer to a BN_CTX object (may be NULL) + * \param kinv pointer to a BIGNUM pointer for the inverse of k + * \param rp pointer to a BIGNUM pointer for x coordinate of k * generator + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **rp); + +/** ECDSA_sign + * computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param type this parameter is ignored + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param sig buffer to hold the DER encoded signature + * \param siglen pointer to the length of the returned signature + * \param eckey pointer to the EC_KEY object containing a private EC key + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, + unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + +/** ECDSA_verify + * verifies that the given signature is valid ECDSA signature + * of the supplied hash value using the specified public key. + * \param type this parameter is ignored + * \param dgst pointer to the hash value + * \param dgstlen length of the hash value + * \param sig pointer to the DER encoded signature + * \param siglen length of the DER encoded signature + * \param eckey pointer to the EC_KEY object containing a public EC key + * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error + */ +int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, + const unsigned char *sig, int siglen, EC_KEY *eckey); + +/* the standard ex_data functions */ +int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); +void *ECDSA_get_ex_data(EC_KEY *d, int idx); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -207,72 +280,18 @@ void ERR_load_ECDSA_strings(void); /* Error codes for the ECDSA functions. */ /* Function codes. */ -#define ECDSA_F_D2I_ECDSAPARAMETERS 100 -#define ECDSA_F_D2I_ECDSAPRIVATEKEY 101 -#define ECDSA_F_ECDSAPARAMETERS_PRINT 102 -#define ECDSA_F_ECDSAPARAMETERS_PRINT_FP 103 -#define ECDSA_F_ECDSA_DO_SIGN 104 -#define ECDSA_F_ECDSA_DO_VERIFY 105 -#define ECDSA_F_ECDSA_GENERATE_KEY 106 -#define ECDSA_F_ECDSA_GET 107 -#define ECDSA_F_ECDSA_GET_CURVE_NID 120 -#define ECDSA_F_ECDSA_GET_ECDSA 121 -#define ECDSA_F_ECDSA_GET_EC_PARAMETERS 122 -#define ECDSA_F_ECDSA_GET_X9_62_CURVE 108 -#define ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS 109 -#define ECDSA_F_ECDSA_GET_X9_62_FIELDID 110 -#define ECDSA_F_ECDSA_NEW 111 -#define ECDSA_F_ECDSA_PRINT 112 -#define ECDSA_F_ECDSA_PRINT_FP 113 -#define ECDSA_F_ECDSA_SET_GROUP_P 114 -#define ECDSA_F_ECDSA_SET_PRIME_GROUP 123 -#define ECDSA_F_ECDSA_SIGN_SETUP 115 -#define ECDSA_F_I2D_ECDSAPARAMETERS 116 -#define ECDSA_F_I2D_ECDSAPRIVATEKEY 117 -#define ECDSA_F_I2D_ECDSAPUBLICKEY 118 -#define ECDSA_F_SIG_CB 119 +#define ECDSA_F_ECDSA_DATA_NEW 100 +#define ECDSA_F_ECDSA_DO_SIGN 101 +#define ECDSA_F_ECDSA_DO_VERIFY 102 +#define ECDSA_F_ECDSA_SIGN_SETUP 103 /* Reason codes. */ #define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_CAN_NOT_GET_GENERATOR 101 -#define ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY 102 -#define ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE 103 -#define ECDSA_R_D2I_EC_PARAMETERS_FAILURE 133 -#define ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 104 -#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 105 -#define ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE 106 -#define ECDSA_R_ECDSA_F_ECDSA_NEW 107 -#define ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE 134 -#define ECDSA_R_ECDSA_GET_FAILURE 108 -#define ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE 109 -#define ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE 110 -#define ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE 111 -#define ECDSA_R_ECDSA_NEW_FAILURE 112 -#define ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE 135 -#define ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 113 -#define ECDSA_R_ECPARAMETERS2ECDSA_FAILURE 138 -#define ECDSA_R_EC_GROUP_NID2CURVE_FAILURE 136 -#define ECDSA_R_ERR_EC_LIB 114 -#define ECDSA_R_I2D_ECDSA_PRIVATEKEY 115 -#define ECDSA_R_I2D_ECDSA_PUBLICKEY 116 -#define ECDSA_R_MISSING_PARAMETERS 117 -#define ECDSA_R_MISSING_PRIVATE_KEY 139 -#define ECDSA_R_NOT_SUPPORTED 118 -#define ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED 119 -#define ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED 120 -#define ECDSA_R_NO_CURVE_SPECIFIED 121 -#define ECDSA_R_NO_FIELD_SPECIFIED 122 -#define ECDSA_R_PRIME_MISSING 123 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 124 -#define ECDSA_R_SIGNATURE_MALLOC_FAILED 125 -#define ECDSA_R_UNEXPECTED_ASN1_TYPE 126 -#define ECDSA_R_UNEXPECTED_PARAMETER 127 -#define ECDSA_R_UNEXPECTED_PARAMETER_LENGTH 128 -#define ECDSA_R_UNEXPECTED_VERSION_NUMER 129 -#define ECDSA_R_UNKNOWN_PARAMETERS_TYPE 137 -#define ECDSA_R_WRONG_FIELD_IDENTIFIER 130 -#define ECDSA_R_X9_62_CURVE_NEW_FAILURE 131 -#define ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE 132 +#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 +#define ECDSA_R_ERR_EC_LIB 102 +#define ECDSA_R_MISSING_PARAMETERS 103 +#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 +#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 #ifdef __cplusplus }