signature.h 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
  1. /*!
  2. \ingroup Signature
  3. \brief This function returns the maximum size of the resulting signature.
  4. \return Returns SIG_TYPE_E if sig_type is not supported. Returns
  5. BAD_FUNC_ARG if sig_type was invalid. A positive return value indicates
  6. the maximum size of a signature.
  7. \param sig_type A signature type enum value such as
  8. WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
  9. \param key Pointer to a key structure such as ecc_key or RsaKey.
  10. \param key_len Size of the key structure.
  11. _Example_
  12. \code
  13. // Get signature length
  14. enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_ECC;
  15. ecc_key eccKey;
  16. word32 sigLen;
  17. wc_ecc_init(&eccKey);
  18. sigLen = wc_SignatureGetSize(sig_type, &eccKey, sizeof(eccKey));
  19. if (sigLen > 0) {
  20. // Success
  21. }
  22. \endcode
  23. \sa wc_HashGetDigestSize
  24. \sa wc_SignatureGenerate
  25. \sa wc_SignatureVerify
  26. */
  27. WOLFSSL_API int wc_SignatureGetSize(enum wc_SignatureType sig_type,
  28. const void* key, word32 key_len);
  29. /*!
  30. \ingroup Signature
  31. \brief This function validates a signature by hashing the data and
  32. using the resulting hash and key to verify the signature.
  33. \return 0 Success
  34. \return SIG_TYPE_E -231, signature type not enabled/ available
  35. \return BAD_FUNC_ARG -173, bad function argument provided
  36. \return BUFFER_E -132, output buffer too small or input too large.
  37. \param hash_type A hash type from the “enum wc_HashType” such as
  38. “WC_HASH_TYPE_SHA256”.
  39. \param sig_type A signature type enum value such as
  40. WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
  41. \param data Pointer to buffer containing the data to hash.
  42. \param data_len Length of the data buffer.
  43. \param sig Pointer to buffer to output signature.
  44. \param sig_len Length of the signature output buffer.
  45. \param key Pointer to a key structure such as ecc_key or RsaKey.
  46. \param key_len Size of the key structure.
  47. _Example_
  48. \code
  49. int ret;
  50. ecc_key eccKey;
  51. // Import the public key
  52. wc_ecc_init(&eccKey);
  53. ret = wc_ecc_import_x963(eccPubKeyBuf, eccPubKeyLen, &eccKey);
  54. // Perform signature verification using public key
  55. ret = wc_SignatureVerify(
  56. WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
  57. fileBuf, fileLen,
  58. sigBuf, sigLen,
  59. &eccKey, sizeof(eccKey));
  60. printf("Signature Verification: %s
  61. (%d)\n", (ret == 0) ? "Pass" : "Fail", ret);
  62. wc_ecc_free(&eccKey);
  63. \endcode
  64. \sa wc_SignatureGetSize
  65. \sa wc_SignatureGenerate
  66. */
  67. WOLFSSL_API int wc_SignatureVerify(
  68. enum wc_HashType hash_type, enum wc_SignatureType sig_type,
  69. const byte* data, word32 data_len,
  70. const byte* sig, word32 sig_len,
  71. const void* key, word32 key_len);
  72. /*!
  73. \ingroup Signature
  74. \brief This function generates a signature from the data using a
  75. key. It first creates a hash of the data then signs the hash using the key.
  76. \return 0 Success
  77. \return SIG_TYPE_E -231, signature type not enabled/ available
  78. \return BAD_FUNC_ARG -173, bad function argument provided
  79. \return BUFFER_E -132, output buffer too small or input too large.
  80. \param hash_type A hash type from the “enum wc_HashType”
  81. such as “WC_HASH_TYPE_SHA256”.
  82. \param sig_type A signature type enum value such as
  83. WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
  84. \param data Pointer to buffer containing the data to hash.
  85. \param data_len Length of the data buffer.
  86. \param sig Pointer to buffer to output signature.
  87. \param sig_len Length of the signature output buffer.
  88. \param key Pointer to a key structure such as ecc_key or RsaKey.
  89. \param key_len Size of the key structure.
  90. \param rng Pointer to an initialized RNG structure.
  91. _Example_
  92. \code
  93. int ret;
  94. WC_RNG rng;
  95. ecc_key eccKey;
  96. wc_InitRng(&rng);
  97. wc_ecc_init(&eccKey);
  98. // Generate key
  99. ret = wc_ecc_make_key(&rng, 32, &eccKey);
  100. // Get signature length and allocate buffer
  101. sigLen = wc_SignatureGetSize(sig_type, &eccKey, sizeof(eccKey));
  102. sigBuf = malloc(sigLen);
  103. // Perform signature verification using public key
  104. ret = wc_SignatureGenerate(
  105. WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
  106. fileBuf, fileLen,
  107. sigBuf, &sigLen,
  108. &eccKey, sizeof(eccKey),
  109. &rng);
  110. printf("Signature Generation: %s
  111. (%d)\n", (ret == 0) ? "Pass" : "Fail", ret);
  112. free(sigBuf);
  113. wc_ecc_free(&eccKey);
  114. wc_FreeRng(&rng);
  115. \endcode
  116. \sa wc_SignatureGetSize
  117. \sa wc_SignatureVerify
  118. */
  119. WOLFSSL_API int wc_SignatureGenerate(
  120. enum wc_HashType hash_type, enum wc_SignatureType sig_type,
  121. const byte* data, word32 data_len,
  122. byte* sig, word32 *sig_len,
  123. const void* key, word32 key_len,
  124. WC_RNG* rng);