ed25519.h 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497
  1. /*!
  2. \ingroup ED25519
  3. \brief This function generates a new ed25519_key and stores it in key.
  4. \retrun 0 Returned upon successfully making an ed25519_key
  5. \retrun BAD_FUNC_ARG Returned if rng or key evaluate to NULL, or if the
  6. specified key size is not 32 bytes (ed25519 has 32 byte keys)
  7. \retrun MEMORY_E Returned if there is an error allocating memory
  8. during function execution
  9. \param rng pointer to an initialized RNG object with which to
  10. generate the key
  11. \param keysize length of key to generate. Should always be 32 for ed25519
  12. \param key pointer to the ed25519_key for which to generate a key
  13. _Example_
  14. \code
  15. ed25519_key key;
  16. wc_ed25519_init(&key);
  17. WC_RNG rng;
  18. wc_InitRng(&rng);
  19. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte ed25519 key
  20. \endcode
  21. \sa wc_ed25519_init
  22. */
  23. WOLFSSL_API
  24. int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
  25. /*!
  26. \ingroup ED25519
  27. \brief This function signs a message digest using an ed25519_key object
  28. to guarantee authenticity.
  29. \return 0 Returned upon successfully generating a signature for the
  30. message digest
  31. \return BAD_FUNC_ARG Returned any of the input parameters evaluate to
  32. NULL, or if the output buffer is too small to store the generated signature
  33. \return MEMORY_E Returned if there is an error allocating memory during
  34. function execution
  35. \param in pointer to the buffer containing the message to sign
  36. \param inlen length of the message to sign
  37. \param out buffer in which to store the generated signature
  38. \param outlen max length of the output buffer. Will store the bytes
  39. written to out upon successfully generating a message signature
  40. \param key pointer to a private ed25519_key with which to generate the
  41. signature
  42. _Example_
  43. \code
  44. ed25519_key key;
  45. WC_RNG rng;
  46. int ret, sigSz;
  47. byte sig[64]; // will hold generated signature
  48. sigSz = sizeof(sig);
  49. byte message[] = { // initialize with message };
  50. wc_InitRng(&rng); // initialize rng
  51. wc_ed25519_init(&key); // initialize key
  52. wc_ed25519_make_key(&rng, 32, &key); // make public/private key pair
  53. ret = wc_ed25519_sign_msg(message, sizeof(message), sig, &sigSz, &key);
  54. if ( ret != 0 ) {
  55. // error generating message signature
  56. }
  57. \endcode
  58. \sa wc_ed25519_verify_msg
  59. */
  60. WOLFSSL_API
  61. int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
  62. word32 *outlen, ed25519_key* key);
  63. /*!
  64. \ingroup ED25519
  65. \brief This function verifies the ed25519 signature of a message to ensure
  66. authenticity. It returns the answer through stat, with 1 corresponding to
  67. a valid signature, and 0 corresponding to an invalid signature.
  68. \return 0 Returned upon successfully performing the signature
  69. verification. Note: This does not mean that the signature is verified.
  70. The authenticity information is stored instead in stat
  71. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  72. NULL, or if the siglen does not match the actual length of a signature
  73. \return 1 Returned if verification completes, but the signature generated
  74. does not match the signature provided
  75. \param sig pointer to the buffer containing the signature to verify
  76. \param siglen length of the signature to verify
  77. \param msg pointer to the buffer containing the message to verify
  78. \param msglen length of the message to verify
  79. \param stat pointer to the result of the verification. 1 indicates the
  80. message was successfully verified
  81. \param key pointer to a public ed25519 key with which to verify the
  82. signature
  83. _Example_
  84. \code
  85. ed25519_key key;
  86. int ret, verified = 0;
  87. byte sig[] { // initialize with received signature };
  88. byte msg[] = { // initialize with message };
  89. // initialize key with received public key
  90. ret = wc_ed25519_verify_msg(sig, sizeof(sig), msg, sizeof(msg),
  91. &verified, &key);
  92. if ( return < 0 ) {
  93. // error performing verification
  94. } else if ( verified == 0 )
  95. // the signature is invalid
  96. }
  97. \endcode
  98. \sa wc_ed25519_sign_msg
  99. */
  100. WOLFSSL_API
  101. int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
  102. word32 msglen, int* stat, ed25519_key* key);
  103. /*!
  104. \ingroup ED25519
  105. \brief This function initializes an ed25519_key object for future use
  106. with message verification.
  107. \return 0 Returned upon successfully initializing the ed25519_key object
  108. \return BAD_FUNC_ARG Returned if key is NULL
  109. \param key pointer to the ed25519_key object to initialize
  110. _Example_
  111. \code
  112. ed25519_key key;
  113. wc_ed25519_init(&key);
  114. \endcode
  115. \sa wc_ed25519_make_key
  116. \sa wc_ed25519_free
  117. */
  118. WOLFSSL_API
  119. int wc_ed25519_init(ed25519_key* key);
  120. /*!
  121. \ingroup ED25519
  122. \brief This function frees an ed25519 object after it has been used.
  123. \return none No returns.
  124. \param key pointer to the ed25519_key object to free
  125. _Example_
  126. \code
  127. ed25519_key key;
  128. // initialize key and perform secure exchanges
  129. ...
  130. wc_ed25519_free(&key);
  131. \endcode
  132. \sa wc_ed25519_init
  133. */
  134. WOLFSSL_API
  135. void wc_ed25519_free(ed25519_key* key);
  136. /*!
  137. \ingroup ED25519
  138. \brief This function imports a public ed25519_key pair from a buffer
  139. containing the public key. This function will handle both compressed and
  140. uncompressed keys.
  141. \return 0 Returned on successfully importing the ed25519_key
  142. \return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or inLen is
  143. less than the size of an ed25519 key
  144. \param in pointer to the buffer containing the public key
  145. \param inLen length of the buffer containing the public key
  146. \param key pointer to the ed25519_key object in which to store the
  147. public key
  148. _Example_
  149. \code
  150. int ret;
  151. byte pub[] = { // initialize ed25519 public key };
  152. ed_25519 key;
  153. wc_ed25519_init_key(&key);
  154. ret = wc_ed25519_import_public(pub, sizeof(pub), &key);
  155. if ( ret != 0) {
  156. // error importing key
  157. }
  158. \endcode
  159. \sa wc_ed25519_import_private_key
  160. \sa wc_ed25519_export_public
  161. */
  162. WOLFSSL_API
  163. int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
  164. /*!
  165. \ingroup ED25519
  166. \brief This function imports a public/private ed25519 key pair from a
  167. pair of buffers. This function will handle both compressed and
  168. uncompressed keys.
  169. \return 0 Returned on successfully importing the ed25519_key
  170. \return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or if
  171. either privSz or pubSz are less than the size of an ed25519 key
  172. \param priv pointer to the buffer containing the private key
  173. \param privSz size of the private key
  174. \param pub pointer to the buffer containing the public key
  175. \param pubSz length of the public key
  176. \param key pointer to the ed25519_key object in which to store the
  177. imported private/public key pair
  178. _Example_
  179. \code
  180. int ret;
  181. byte priv[] = { // initialize with 32 byte private key };
  182. byte pub[] = { // initialize with the corresponding public key };
  183. ed25519_key key;
  184. wc_ed25519_init_key(&key);
  185. ret = wc_ed25519_import_private_key(priv, sizeof(priv), pub,
  186. sizeof(pub), &key);
  187. if ( ret != 0) {
  188. // error importing key
  189. }
  190. \endcode
  191. \sa wc_ed25519_import_public_key
  192. \sa wc_ed25519_export_private_only
  193. */
  194. WOLFSSL_API
  195. int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
  196. const byte* pub, word32 pubSz, ed25519_key* key);
  197. /*!
  198. \ingroup ED25519
  199. \brief This function exports the private key from an ed25519_key
  200. structure. It stores the public key in the buffer out, and sets the bytes
  201. written to this buffer in outLen.
  202. \return 0 Returned upon successfully exporting the public key
  203. \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL
  204. \return BUFFER_E Returned if the buffer provided is not large enough to
  205. store the private key. Upon returning this error, the function sets the
  206. size required in outLen
  207. \param key pointer to an ed25519_key structure from which to export the
  208. public key
  209. \param out pointer to the buffer in which to store the public key
  210. \param outLen pointer to a word32 object with the size available in out.
  211. Set with the number of bytes written to out after successfully exporting
  212. the private key
  213. _Example_
  214. \code
  215. int ret;
  216. ed25519_key key;
  217. // initialize key, make key
  218. char pub[32];
  219. word32 pubSz = sizeof(pub);
  220. ret = wc_ed25519_export_public(&key, pub, &pubSz);
  221. if ( ret != 0) {
  222. // error exporting public key
  223. }
  224. \endcode
  225. \sa wc_ed25519_import_public_key
  226. \sa wc_ed25519_export_private_only
  227. */
  228. WOLFSSL_API
  229. int wc_ed25519_export_public(ed25519_key*, byte* out, word32* outLen);
  230. /*!
  231. \ingroup ED25519
  232. \brief This function exports only the private key from an ed25519_key
  233. structure. It stores the private key in the buffer out, and sets
  234. the bytes written to this buffer in outLen.
  235. \return 0 Returned upon successfully exporting the private key
  236. \return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL
  237. \return BUFFER_E Returned if the buffer provided is not large enough
  238. to store the private key
  239. \param key pointer to an ed25519_key structure from which to export
  240. the private key
  241. \param out pointer to the buffer in which to store the private key
  242. \param outLen pointer to a word32 object with the size available in
  243. out. Set with the number of bytes written to out after successfully
  244. exporting the private key
  245. _Example_
  246. \code
  247. int ret;
  248. ed25519_key key;
  249. // initialize key, make key
  250. char priv[32]; // 32 bytes because only private key
  251. word32 privSz = sizeof(priv);
  252. ret = wc_ed25519_export_private_only(&key, priv, &privSz);
  253. if ( ret != 0) {
  254. // error exporting private key
  255. }
  256. \endcode
  257. \sa wc_ed25519_export_public
  258. \sa wc_ed25519_import_private_key
  259. */
  260. WOLFSSL_API
  261. int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
  262. /*!
  263. \ingroup ED25519
  264. \brief Export the private key, including public part.
  265. \return 0 Success
  266. \return BAD_FUNC_ARG Returns if any argument is null.
  267. \return BUFFER_E Returns if outLen is less than ED25519_PRV_KEY_SIZE
  268. \param key ed25519_key struct to export from.
  269. \param out Destination for private key.
  270. \param outLen Max length of output, set to the length of the exported
  271. private key.
  272. _Example_
  273. \code
  274. ed25519_key key;
  275. wc_ed25519_init(&key);
  276. WC_RNG rng;
  277. wc_InitRng(&rng);
  278. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte ed25519 key
  279. byte out[32]; // out needs to be a sufficient buffer size
  280. word32 outLen = sizeof(out);
  281. int key_size = wc_ed25519_export_private(&key, out, &outLen);
  282. if(key_size == BUFFER_E)
  283. {
  284. // Check size of out compared to outLen to see if function reset outLen
  285. }
  286. \endcode
  287. \sa none
  288. */
  289. WOLFSSL_API
  290. int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
  291. /*!
  292. \ingroup ED25519
  293. \brief Export full private key and public key.
  294. \return 0 Success
  295. \return BAD_FUNC_ARG: Returns if any argument is null.
  296. \return BUFFER_E: Returns if outLen is less than ED25519_PRV_KEY_SIZE
  297. or ED25519_PUB_KEY_SIZE
  298. \param key The ed25519_key structure to export to.
  299. \param priv Byte array to store private key.
  300. \param privSz Size of priv buffer.
  301. \param pub Byte array to store public key.
  302. \param pubSz Size of pub buffer.
  303. _Example_
  304. \code
  305. int ret;
  306. ed25519_key key;
  307. // initialize key, make key
  308. char pub[32];
  309. word32 pubSz = sizeof(pub);
  310. char priv[32];
  311. word32 privSz = sizeof(priv);
  312. ret = wc_ed25519_export_key(&key, priv, &pubSz, pub, &pubSz);
  313. if ( ret != 0) {
  314. // error exporting public key
  315. }
  316. \endcode
  317. \sa wc_ed25519_export_private
  318. \sa wc_ed25519_export_public
  319. */
  320. WOLFSSL_API
  321. int wc_ed25519_export_key(ed25519_key* key,
  322. byte* priv, word32 *privSz,
  323. byte* pub, word32 *pubSz);
  324. /*!
  325. \ingroup ED25519
  326. \brief This function returns the key size of an ed25519_key structure,
  327. or 32 bytes.
  328. \return Success Given a valid key, returns ED25519_KEY_SIZE (32 bytes)
  329. \return BAD_FUNC_ARGS Returned if the given key is NULL
  330. \param key pointer to an ed25519_key structure for which to get the
  331. key size
  332. _Example_
  333. \code
  334. int keySz;
  335. ed25519_key key;
  336. // initialize key, make key
  337. keySz = wc_ed25519_size(&key);
  338. if ( keySz == 0) {
  339. // error determining key size
  340. }
  341. \endcode
  342. \sa wc_ed25519_make_key
  343. */
  344. WOLFSSL_API
  345. int wc_ed25519_size(ed25519_key* key);
  346. /*!
  347. \ingroup ED25519
  348. \brief Returns the private key size (secret + public) in bytes.
  349. \return BAD_FUNC_ARG Returns if key argument is null.
  350. \return ED25519_PRV_KEY_SIZE The size of the private key.
  351. \param key The ed25119_key struct
  352. _Example_
  353. \code
  354. ed25519_key key;
  355. wc_ed25519_init(&key);
  356. WC_RNG rng;
  357. wc_InitRng(&rng);
  358. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte ed25519 key
  359. int key_size = wc_ed25519_priv_size(&key);
  360. \endcode
  361. \sa wc_ed25119_pub_size
  362. */
  363. WOLFSSL_API
  364. int wc_ed25519_priv_size(ed25519_key* key);
  365. /*!
  366. \ingroup ED25519
  367. \brief Returns the compressed key size in bytes (public key).
  368. \return BAD_FUNC_ARG returns if key is null.
  369. \return ED25519_PUB_KEY_SIZE Size of key.
  370. \param key Pointer to the ed25519_key struct.
  371. _Example_
  372. \code
  373. ed25519_key key;
  374. wc_ed25519_init(&key);
  375. WC_RNG rng;
  376. wc_InitRng(&rng);
  377. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte ed25519 key
  378. int key_size = wc_ed25519_pub_size(&key);
  379. \endcode
  380. \sa wc_ed25519_priv_size
  381. */
  382. WOLFSSL_API
  383. int wc_ed25519_pub_size(ed25519_key* key);
  384. /*!
  385. \ingroup ED25519
  386. \brief This function returns the size of an ed25519 signature (64 in bytes).
  387. \return Success Given a valid key, returns ED25519_SIG_SIZE (64 in bytes)
  388. \return 0 Returned if the given key is NULL
  389. \param key pointer to an ed25519_key structure for which to get the
  390. signature size
  391. _Example_
  392. \code
  393. int sigSz;
  394. ed25519_key key;
  395. // initialize key, make key
  396. sigSz = wc_ed25519_sig_size(&key);
  397. if ( sigSz == 0) {
  398. // error determining sig size
  399. }
  400. \endcode
  401. \sa wc_ed25519_sign_msg
  402. */
  403. WOLFSSL_API
  404. int wc_ed25519_sig_size(ed25519_key* key);