ecdsa.h 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268
  1. /* crypto/ecdsa/ecdsa.h */
  2. /**
  3. * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
  4. * \author Written by Nils Larsch for the OpenSSL project
  5. */
  6. /* ====================================================================
  7. * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
  8. *
  9. * Redistribution and use in source and binary forms, with or without
  10. * modification, are permitted provided that the following conditions
  11. * are met:
  12. *
  13. * 1. Redistributions of source code must retain the above copyright
  14. * notice, this list of conditions and the following disclaimer.
  15. *
  16. * 2. Redistributions in binary form must reproduce the above copyright
  17. * notice, this list of conditions and the following disclaimer in
  18. * the documentation and/or other materials provided with the
  19. * distribution.
  20. *
  21. * 3. All advertising materials mentioning features or use of this
  22. * software must display the following acknowledgment:
  23. * "This product includes software developed by the OpenSSL Project
  24. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  25. *
  26. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27. * endorse or promote products derived from this software without
  28. * prior written permission. For written permission, please contact
  29. * licensing@OpenSSL.org.
  30. *
  31. * 5. Products derived from this software may not be called "OpenSSL"
  32. * nor may "OpenSSL" appear in their names without prior written
  33. * permission of the OpenSSL Project.
  34. *
  35. * 6. Redistributions of any form whatsoever must retain the following
  36. * acknowledgment:
  37. * "This product includes software developed by the OpenSSL Project
  38. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51. * OF THE POSSIBILITY OF SUCH DAMAGE.
  52. * ====================================================================
  53. *
  54. * This product includes cryptographic software written by Eric Young
  55. * (eay@cryptsoft.com). This product includes software written by Tim
  56. * Hudson (tjh@cryptsoft.com).
  57. *
  58. */
  59. #ifndef HEADER_ECDSA_H
  60. #define HEADER_ECDSA_H
  61. #include <openssl/opensslconf.h>
  62. #ifdef OPENSSL_NO_ECDSA
  63. #error ECDSA is disabled.
  64. #endif
  65. #include <openssl/ec.h>
  66. #include <openssl/ossl_typ.h>
  67. #ifndef OPENSSL_NO_DEPRECATED
  68. #include <openssl/bn.h>
  69. #endif
  70. #ifdef __cplusplus
  71. extern "C" {
  72. #endif
  73. typedef struct ECDSA_SIG_st
  74. {
  75. BIGNUM *r;
  76. BIGNUM *s;
  77. } ECDSA_SIG;
  78. /** Allocates and initialize a ECDSA_SIG structure
  79. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  80. */
  81. ECDSA_SIG *ECDSA_SIG_new(void);
  82. /** frees a ECDSA_SIG structure
  83. * \param sig pointer to the ECDSA_SIG structure
  84. */
  85. void ECDSA_SIG_free(ECDSA_SIG *sig);
  86. /** DER encode content of ECDSA_SIG object (note: this function modifies *pp
  87. * (*pp += length of the DER encoded signature)).
  88. * \param sig pointer to the ECDSA_SIG object
  89. * \param pp pointer to a unsigned char pointer for the output or NULL
  90. * \return the length of the DER encoded ECDSA_SIG object or 0
  91. */
  92. int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
  93. /** Decodes a DER encoded ECDSA signature (note: this function changes *pp
  94. * (*pp += len)).
  95. * \param sig pointer to ECDSA_SIG pointer (may be NULL)
  96. * \param pp memory buffer with the DER encoded signature
  97. * \param len length of the buffer
  98. * \return pointer to the decoded ECDSA_SIG structure (or NULL)
  99. */
  100. ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
  101. /** Computes the ECDSA signature of the given hash value using
  102. * the supplied private key and returns the created signature.
  103. * \param dgst pointer to the hash value
  104. * \param dgst_len length of the hash value
  105. * \param eckey EC_KEY object containing a private EC key
  106. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  107. */
  108. ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
  109. /** Computes ECDSA signature of a given hash value using the supplied
  110. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  111. * \param dgst pointer to the hash value to sign
  112. * \param dgstlen length of the hash value
  113. * \param kinv BIGNUM with a pre-computed inverse k (optional)
  114. * \param rp BIGNUM with a pre-computed rp value (optioanl),
  115. * see ECDSA_sign_setup
  116. * \param eckey EC_KEY object containing a private EC key
  117. * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  118. */
  119. ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
  120. const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
  121. /** Verifies that the supplied signature is a valid ECDSA
  122. * signature of the supplied hash value using the supplied public key.
  123. * \param dgst pointer to the hash value
  124. * \param dgst_len length of the hash value
  125. * \param sig ECDSA_SIG structure
  126. * \param eckey EC_KEY object containing a public EC key
  127. * \return 1 if the signature is valid, 0 if the signature is invalid
  128. * and -1 on error
  129. */
  130. int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
  131. const ECDSA_SIG *sig, EC_KEY* eckey);
  132. const ECDSA_METHOD *ECDSA_OpenSSL(void);
  133. /** Sets the default ECDSA method
  134. * \param meth new default ECDSA_METHOD
  135. */
  136. void ECDSA_set_default_method(const ECDSA_METHOD *meth);
  137. /** Returns the default ECDSA method
  138. * \return pointer to ECDSA_METHOD structure containing the default method
  139. */
  140. const ECDSA_METHOD *ECDSA_get_default_method(void);
  141. /** Sets method to be used for the ECDSA operations
  142. * \param eckey EC_KEY object
  143. * \param meth new method
  144. * \return 1 on success and 0 otherwise
  145. */
  146. int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
  147. /** Returns the maximum length of the DER encoded signature
  148. * \param eckey EC_KEY object
  149. * \return numbers of bytes required for the DER encoded signature
  150. */
  151. int ECDSA_size(const EC_KEY *eckey);
  152. /** Precompute parts of the signing operation
  153. * \param eckey EC_KEY object containing a private EC key
  154. * \param ctx BN_CTX object (optional)
  155. * \param kinv BIGNUM pointer for the inverse of k
  156. * \param rp BIGNUM pointer for x coordinate of k * generator
  157. * \return 1 on success and 0 otherwise
  158. */
  159. int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
  160. BIGNUM **rp);
  161. /** Computes ECDSA signature of a given hash value using the supplied
  162. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  163. * \param type this parameter is ignored
  164. * \param dgst pointer to the hash value to sign
  165. * \param dgstlen length of the hash value
  166. * \param sig memory for the DER encoded created signature
  167. * \param siglen pointer to the length of the returned signature
  168. * \param eckey EC_KEY object containing a private EC key
  169. * \return 1 on success and 0 otherwise
  170. */
  171. int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
  172. unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
  173. /** Computes ECDSA signature of a given hash value using the supplied
  174. * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
  175. * \param type this parameter is ignored
  176. * \param dgst pointer to the hash value to sign
  177. * \param dgstlen length of the hash value
  178. * \param sig buffer to hold the DER encoded signature
  179. * \param siglen pointer to the length of the returned signature
  180. * \param kinv BIGNUM with a pre-computed inverse k (optional)
  181. * \param rp BIGNUM with a pre-computed rp value (optioanl),
  182. * see ECDSA_sign_setup
  183. * \param eckey EC_KEY object containing a private EC key
  184. * \return 1 on success and 0 otherwise
  185. */
  186. int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
  187. unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
  188. const BIGNUM *rp, EC_KEY *eckey);
  189. /** Verifies that the given signature is valid ECDSA signature
  190. * of the supplied hash value using the specified public key.
  191. * \param type this parameter is ignored
  192. * \param dgst pointer to the hash value
  193. * \param dgstlen length of the hash value
  194. * \param sig pointer to the DER encoded signature
  195. * \param siglen length of the DER encoded signature
  196. * \param eckey EC_KEY object containing a public EC key
  197. * \return 1 if the signature is valid, 0 if the signature is invalid
  198. * and -1 on error
  199. */
  200. int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
  201. const unsigned char *sig, int siglen, EC_KEY *eckey);
  202. /* the standard ex_data functions */
  203. int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
  204. *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
  205. int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
  206. void *ECDSA_get_ex_data(EC_KEY *d, int idx);
  207. #ifdef OPENSSL_FIPS
  208. /* Standalone FIPS signature operations */
  209. ECDSA_SIG * FIPS_ecdsa_sign_digest(EC_KEY *key,
  210. const unsigned char *dig, int dlen);
  211. ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx);
  212. int FIPS_ecdsa_verify_digest(EC_KEY *key,
  213. const unsigned char *dig, int dlen, ECDSA_SIG *s);
  214. int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s);
  215. #endif
  216. /* BEGIN ERROR CODES */
  217. /* The following lines are auto generated by the script mkerr.pl. Any changes
  218. * made after this point may be overwritten when the script is next run.
  219. */
  220. void ERR_load_ECDSA_strings(void);
  221. /* Error codes for the ECDSA functions. */
  222. /* Function codes. */
  223. #define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
  224. #define ECDSA_F_ECDSA_DO_SIGN 101
  225. #define ECDSA_F_ECDSA_DO_VERIFY 102
  226. #define ECDSA_F_ECDSA_SIGN_SETUP 103
  227. /* Reason codes. */
  228. #define ECDSA_R_BAD_SIGNATURE 100
  229. #define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
  230. #define ECDSA_R_ERR_EC_LIB 102
  231. #define ECDSA_R_MISSING_PARAMETERS 103
  232. #define ECDSA_R_NEED_NEW_SETUP_VALUES 106
  233. #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
  234. #define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
  235. #ifdef __cplusplus
  236. }
  237. #endif
  238. #endif