curve25519.h 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678
  1. /*!
  2. \ingroup Curve25519
  3. \brief This function generates a curve25519 key using the given random
  4. number generator, rng, of the size given (keysize), and stores it in
  5. the given curve25519_key structure. It should be called after the key
  6. structure has been initialized through wc_curve25519_init.
  7. \return 0 Returned on successfully generating the key and and storing
  8. it in the given curve25519_key structure
  9. \return ECC_BAD_ARG_E Returned if rng or key evaluate to NULL, or
  10. the input keysize does not correspond to the keysize for a
  11. curve25519 key ( 32 bytes)
  12. \return RNG_FAILURE_E Returned if the rng internal status is not
  13. DRBG_OK or if there is in generating the next random block with rng
  14. \param rng pointer to the RNG object used to generate the ecc key
  15. \param keysize size of the key to generate. Must be 32 bytes for curve25519
  16. \param key pointer to the curve25519_key structure in which to
  17. store the generated key
  18. _Example_
  19. \code
  20. curve25519_key key;
  21. wc_curve25519_init(&key); // initialize key
  22. WC_RNG rng;
  23. wc_InitRng(&rng); // initialize random number generator
  24. if( wc_curve25519_make_key(&rng, 32, &key) != 0) {
  25. // making 25519 key
  26. }
  27. \endcode
  28. \sa wc_curve25519_init
  29. */
  30. WOLFSSL_API
  31. int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
  32. /*!
  33. \ingroup Curve25519
  34. \brief This function computes a shared secret key given a secret private
  35. key and a received public key. It stores the generated secret key in the
  36. buffer out and assigns the variable of the secret key to outlen. Only
  37. supports big endian.
  38. \return 0 Returned on successfully computing a shared secret key
  39. \return BAD_FUNC_ARG Returned if any of the input parameters passed in
  40. are NULL
  41. \return ECC_BAD_ARG_E Returned if the first bit of the public key is
  42. set, to avoid implementation fingerprinting
  43. \param private_key pointer to the curve25519_key structure initialized
  44. with the user’s private key
  45. \param public_key pointer to the curve25519_key structure containing
  46. the received public key
  47. \param out pointer to a buffer in which to store the 32 byte computed
  48. secret key
  49. \param outlen pointer in which to store the length written to the
  50. output buffer
  51. _Example_
  52. \code
  53. byte sharedKey[32];
  54. word32 keySz;
  55. curve25519_key privKey, pubKey;
  56. // initialize both keys
  57. if ( wc_curve25519_shared_secret(&privKey, &pubKey, sharedKey,
  58. &keySz) != 0 ) {
  59. // error generating shared key
  60. }
  61. \endcode
  62. \sa wc_curve25519_init
  63. \sa wc_curve25519_make_key
  64. \sa wc_curve25519_shared_secret_ex
  65. */
  66. WOLFSSL_API
  67. int wc_curve25519_shared_secret(curve25519_key* private_key,
  68. curve25519_key* public_key,
  69. byte* out, word32* outlen);
  70. /*!
  71. \ingroup Curve25519
  72. \brief This function computes a shared secret key given a secret private
  73. key and a received public key. It stores the generated secret key in the
  74. buffer out and assigns the variable of the secret key to outlen. Supports
  75. both big and little endian.
  76. \return 0 Returned on successfully computing a shared secret key
  77. \return BAD_FUNC_ARG Returned if any of the input parameters passed in
  78. are NULL
  79. \return ECC_BAD_ARG_E Returned if the first bit of the public key is set,
  80. to avoid implementation fingerprinting
  81. \param private_key pointer to the curve25519_key structure initialized
  82. with the user’s private key
  83. \param public_key pointer to the curve25519_key structure containing
  84. the received public key
  85. \param out pointer to a buffer in which to store the 32 byte computed
  86. secret key
  87. \param outlen pointer in which to store the length written to the output
  88. buffer
  89. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
  90. form to use.
  91. _Example_
  92. \code
  93. byte sharedKey[32];
  94. word32 keySz;
  95. curve25519_key privKey, pubKey;
  96. // initialize both keys
  97. if ( wc_curve25519_shared_secret_ex(&privKey, &pubKey, sharedKey, &keySz,
  98. EC25519_BIG_ENDIAN) != 0 ) {
  99. // error generating shared key
  100. }
  101. \endcode
  102. \sa wc_curve25519_init
  103. \sa wc_curve25519_make_key
  104. \sa wc_curve25519_shared_secret
  105. */
  106. WOLFSSL_API
  107. int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
  108. curve25519_key* public_key,
  109. byte* out, word32* outlen, int endian);
  110. /*!
  111. \ingroup Curve25519
  112. \brief This function initializes a curve25519 key. It should be called
  113. before generating a key for the structure with wc_curve25519_init and
  114. before using the key to encrypt data.
  115. \return 0 Returned on successfully initializing the curve25519_key
  116. structure
  117. \param key pointer to the curve25519_key structure to initialize
  118. _Example_
  119. \code
  120. curve25519_key key;
  121. wc_curve25519_init(&key); // initialize key
  122. // make key and proceed to encryption
  123. \endcode
  124. \sa wc_curve25519_make_key
  125. */
  126. WOLFSSL_API
  127. int wc_curve25519_init(curve25519_key* key);
  128. /*!
  129. \ingroup Curve25519
  130. \brief This function frees a curve 25519 object.
  131. \return none No returns.
  132. \param key pointer to the key object to free
  133. _Example_
  134. \code
  135. curve25519_key privKey;
  136. // initialize key, use it to generate shared secret key
  137. wc_curve25519_free(&privKey);
  138. \endcode
  139. \sa wc_curve25519_init
  140. \sa wc_curve25519_make_key
  141. */
  142. WOLFSSL_API
  143. void wc_curve25519_free(curve25519_key* key);
  144. /*!
  145. \ingroup Curve25519
  146. \brief This function imports a curve25519 private key only. (Big endian).
  147. \return 0 Success
  148. \return BAD_FUNC_ARG Returns if key or priv is null.
  149. \return ECC_BAD_ARG_E Returns if privSz is not equal to
  150. wc_curve25519_size(key).
  151. \param priv Private key buffer
  152. \param privSz Size of private key buffer.
  153. \param key The curve25519_key structure to store the private key.
  154. _Example_
  155. \code
  156. byte priv[] = { Contents of private key };
  157. curve25519_key key;
  158. wc_curve25519_init(&key);
  159. if(wc_curve25519_import_private(priv, sizeof(priv), &key) != 0)
  160. {
  161. // Some error was thrown
  162. }
  163. \endcode
  164. \sa wc_curve25519_import_private_ex
  165. \sa wc_curve25519_size
  166. */
  167. WOLFSSL_API
  168. int wc_curve25519_import_private(const byte* priv, word32 privSz,
  169. curve25519_key* key);
  170. /*!
  171. \ingroup Curve25519
  172. \brief curve25519 private key import only. (Big or Little endian).
  173. \return 0 Success
  174. \return Returns if key or priv is null.
  175. \return ECC_BAD_ARG_E Returns if privSz is not equal to
  176. wc_curve25519_size(key).
  177. \param priv Buffer for private key.
  178. \param privSz Size of private key buffer.
  179. \param key The curve25519_key structure to store the private key.
  180. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to
  181. set which form to use.
  182. _Example_
  183. \code
  184. byte priv[] = { // Contents of private key };
  185. curve25519_key key;
  186. wc_curve25519_init(&key);
  187. if(wc_curve25519_import_private_ex(priv, sizeof(priv), &key,
  188. EC25519_BIG_ENDIAN) != 0)
  189. {
  190. // Some error was thrown
  191. }
  192. \endcode
  193. \sa wc_curve25519_import_private
  194. \sa wc_curbe25519_size
  195. */
  196. WOLFSSL_API
  197. int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
  198. curve25519_key* key, int endian);
  199. /*!
  200. \ingroup Curve25519
  201. \brief This function imports a public-private key pair into a
  202. curve25519_key structure. Big endian only.
  203. \return 0 Returned on importing into the curve25519_key structure
  204. \return ECC_BAD_ARG_E Returned if any of the input parameters
  205. are NULL, or the input key’s key size does not match the public
  206. or private key sizes
  207. \param priv pointer to a buffer containing the private key to import
  208. \param privSz length of the private key to import
  209. \param pub pointer to a buffer containing the public key to import
  210. \param pubSz length of the public key to import
  211. \param key pointer to the structure in which to store the imported keys
  212. _Example_
  213. \code
  214. int ret;
  215. byte priv[32];
  216. byte pub[32];
  217. // initialize with public and private keys
  218. curve25519_key key;
  219. wc_curve25519_init(&key);
  220. // initialize key
  221. ret = wc_curve25519_import_private_raw(&priv, sizeof(priv), pub,
  222. sizeof(pub),&key);
  223. if (ret != 0) {
  224. // error importing keys
  225. }
  226. \endcode
  227. \sa wc_curve25519_init
  228. \sa wc_curve25519_make_key
  229. \sa wc_curve25519_import_public
  230. \sa wc_curve25519_export_private_raw
  231. */
  232. WOLFSSL_API
  233. int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
  234. const byte* pub, word32 pubSz, curve25519_key* key);
  235. /*!
  236. \ingroup Curve25519
  237. \brief This function imports a public-private key pair into a curve25519_key structure. Supports both big and little endian.
  238. \return 0 Returned on importing into the curve25519_key structure
  239. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL,
  240. or the input key’s key size does not match the public or private key sizes
  241. \param priv pointer to a buffer containing the private key to import
  242. \param privSz length of the private key to import
  243. \param pub pointer to a buffer containing the public key to import
  244. \param pubSz length of the public key to import
  245. \param key pointer to the structure in which to store the imported keys
  246. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set
  247. which form to use.
  248. _Example_
  249. \code
  250. int ret;
  251. byte priv[32];
  252. byte pub[32];
  253. // initialize with public and private keys
  254. curve25519_key key;
  255. wc_curve25519_init(&key);
  256. // initialize key
  257. ret = wc_curve25519_import_private_raw_ex(&priv, sizeof(priv), pub,
  258. sizeof(pub),&key, EC25519_BIG_ENDIAN);
  259. if (ret != 0) {
  260. // error importing keys
  261. }
  262. \endcode
  263. \sa wc_curve25519_init
  264. \sa wc_curve25519_make_key
  265. \sa wc_curve25519_import_public
  266. \sa wc_curve25519_export_private_rawm
  267. \sa wc_curve25519_import_private_raw
  268. */
  269. WOLFSSL_API
  270. int wc_curve25519_import_private_raw_ex(const byte* priv, word32 privSz,
  271. const byte* pub, word32 pubSz,
  272. curve25519_key* key, int endian);
  273. /*!
  274. \ingroup Curve25519
  275. \brief This function exports a private key from a curve25519_key structure
  276. and stores it in the given out buffer. It also sets outLen to be the size
  277. of the exported key. Big Endian only.
  278. \return 0 Returned on successfully exporting the private key from the
  279. curve25519_key structure
  280. \return BAD_FUNC_ARG Returned if any input parameters are NULL.
  281. \return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
  282. \param key pointer to the structure from which to export the key
  283. \param out pointer to the buffer in which to store the exported key
  284. \param outLen will store the bytes written to the output buffer
  285. _Example_
  286. \code
  287. int ret;
  288. byte priv[32];
  289. int privSz;
  290. curve25519_key key;
  291. // initialize and make key
  292. ret = wc_curve25519_export_private_raw(&key, priv, &privSz);
  293. if (ret != 0) {
  294. // error exporting key
  295. }
  296. \endcode
  297. \sa wc_curve25519_init
  298. \sa wc_curve25519_make_key
  299. \sa wc_curve25519_import_private_raw
  300. \sa wc_curve25519_export_private_raw_ex
  301. */
  302. WOLFSSL_API
  303. int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
  304. word32* outLen);
  305. /*!
  306. \ingroup Curve25519
  307. \brief This function exports a private key from a curve25519_key structure
  308. and stores it in the given out buffer. It also sets outLen to be the size
  309. of the exported key. Can specify whether it's big or little endian.
  310. \return 0 Returned on successfully exporting the private key from the
  311. curve25519_key structure
  312. \return BAD_FUNC_ARG Returned if any input parameters are NULL.
  313. \return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
  314. \param key pointer to the structure from which to export the key
  315. \param out pointer to the buffer in which to store the exported key
  316. \param outLen will store the bytes written to the output buffer
  317. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
  318. form to use.
  319. _Example_
  320. \code
  321. int ret;
  322. byte priv[32];
  323. int privSz;
  324. curve25519_key key;
  325. // initialize and make key
  326. ret = wc_curve25519_export_private_raw_ex(&key, priv, &privSz,
  327. EC25519_BIG_ENDIAN);
  328. if (ret != 0) {
  329. // error exporting key
  330. }
  331. \endcode
  332. \sa wc_curve25519_init
  333. \sa wc_curve25519_make_key
  334. \sa wc_curve25519_import_private_raw
  335. \sa wc_curve25519_export_private_raw
  336. \sa wc_curve25519_size
  337. */
  338. WOLFSSL_API
  339. int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
  340. word32* outLen, int endian);
  341. /*!
  342. \ingroup Curve25519
  343. \brief This function imports a public key from the given in buffer and
  344. stores it in the curve25519_key structure.
  345. \return 0 Returned on successfully importing the public key into the
  346. curve25519_key structure
  347. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL,
  348. or if the inLen
  349. parameter does not match the key size of the key structure.
  350. \return BAD_FUNC_ARG Returned if any of the input parameters are NULL.
  351. \param in pointer to the buffer containing the public key to import
  352. \param inLen length of the public key to import
  353. \param key pointer to the curve25519_key structure in which to store
  354. the key
  355. _Example_
  356. \code
  357. int ret;
  358. byte pub[32];
  359. // initialize pub with public key
  360. curve25519_key key;
  361. // initialize key
  362. ret = wc_curve25519_import_public(pub,sizeof(pub), &key);
  363. if (ret != 0) {
  364. // error exporting key
  365. }
  366. \endcode
  367. \sa wc_curve25519_init
  368. \sa wc_curve25519_export_public
  369. \sa wc_curve25519_import_private_raw
  370. \sa wc_curve25519_public_ex
  371. */
  372. WOLFSSL_API
  373. int wc_curve25519_import_public(const byte* in, word32 inLen,
  374. curve25519_key* key);
  375. /*!
  376. \ingroup Curve25519
  377. \brief This function imports a public key from the given in buffer and
  378. stores it in the curve25519_key structure.
  379. \brief 0 Returned on successfully importing the public key into the
  380. curve25519_key structure
  381. \brief ECC_BAD_ARG_E Returned if the inLen parameter does not match the
  382. key size of the key structure
  383. \brief BAD_FUNC_ARG Returned if any of the input parameters are NULL.
  384. \param in pointer to the buffer containing the public key to import
  385. \param inLen length of the public key to import
  386. \param key pointer to the curve25519_key structure in which to store
  387. the key
  388. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
  389. form to use.
  390. _Example_
  391. \code
  392. int ret;
  393. byte pub[32];
  394. // initialize pub with public key
  395. curve25519_key key;
  396. // initialize key
  397. ret = wc_curve25519_import_public_ex(pub,sizeof(pub), &key,
  398. EC25519_BIG_ENDIAN);
  399. if (ret != 0) {
  400. // error exporting key
  401. }
  402. \endcode
  403. \sa wc_curve25519_init
  404. \sa wc_curve25519_export_public
  405. \sa wc_curve25519_import_private_raw
  406. \sa wc_curve25519_import_public
  407. \sa wc_25519_size
  408. */
  409. WOLFSSL_API
  410. int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
  411. curve25519_key* key, int endian);
  412. /*!
  413. \ingroup Curve25519
  414. \brief This function exports a public key from the given key structure and
  415. stores the result in the out buffer. Big endian only.
  416. \return 0 Returned on successfully exporting the public key from the
  417. curve25519_key structure
  418. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL
  419. \param key pointer to the curve25519_key structure in from which to
  420. export the key
  421. \param out pointer to the buffer in which to store the public key
  422. \param outLen will store the bytes written to the output buffer
  423. _Example_
  424. \code
  425. int ret;
  426. byte pub[32];
  427. int pubSz;
  428. curve25519_key key;
  429. // initialize and make key
  430. ret = wc_curve25519_export_public(&key,pub, &pubSz);
  431. if (ret != 0) {
  432. // error exporting key
  433. }
  434. \endcode
  435. \sa wc_curve25519_init
  436. \sa wc_curve25519_export_private_raw
  437. \sa wc_curve25519_import_public
  438. */
  439. WOLFSSL_API
  440. int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
  441. /*!
  442. \ingroup Curve25519
  443. \brief This function exports a public key from the given key structure and
  444. stores the result in the out buffer. Supports both big and little endian.
  445. \return 0 Returned on successfully exporting the public key from the
  446. curve25519_key structure
  447. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL
  448. \param key pointer to the curve25519_key structure in from which to
  449. export the key
  450. \param out pointer to the buffer in which to store the public key
  451. \param outLen will store the bytes written to the output buffer
  452. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
  453. form to use.
  454. _Example_
  455. \code
  456. int ret;
  457. byte pub[32];
  458. int pubSz;
  459. curve25519_key key;
  460. // initialize and make key
  461. ret = wc_curve25519_export_public_ex(&key,pub, &pubSz, EC25519_BIG_ENDIAN);
  462. if (ret != 0) {
  463. // error exporting key
  464. }
  465. \endcode
  466. \sa wc_curve25519_init
  467. \sa wc_curve25519_export_private_raw
  468. \sa wc_curve25519_import_public
  469. */
  470. WOLFSSL_API
  471. int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
  472. word32* outLen, int endian);
  473. /*!
  474. \ingroup Curve25519
  475. \brief Export curve25519 key pair. Big endian only.
  476. \return 0 Success
  477. \return BAD_FUNC_ARG Returned if any input parameters are NULL.
  478. \return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
  479. \param key Description
  480. \param priv Private key buffer.
  481. \param privSz Size of private key buffer.
  482. \param pub Public key buffer.
  483. \param pubSz Size of public key buffer.
  484. _Example_
  485. \code
  486. int ret;
  487. byte pub[32];
  488. byte priv[32];
  489. int pubSz;
  490. int privSz;
  491. curve25519_key key;
  492. // initialize and make key
  493. ret = wc_curve25519_export_key_raw(&key, priv, &privSz, pub, &pubSz);
  494. if (ret != 0) {
  495. // error exporting key
  496. }
  497. \endcode
  498. \sa wc_curve25519_export_key_raw_ex
  499. \sa wc_curve25519_export_private_raw
  500. \sa wc_curve25519_export_public_raw
  501. */
  502. WOLFSSL_API
  503. int wc_curve25519_export_key_raw(curve25519_key* key,
  504. byte* priv, word32 *privSz,
  505. byte* pub, word32 *pubSz);
  506. /*!
  507. \ingroup Curve25519
  508. \brief Export curve25519 key pair. Big or little endian.
  509. \return 0 Success
  510. \return BAD_FUNC_ARG Returned if any input parameters are NULL.
  511. \return ECC_BAD_ARG_E Returned if wc_curve25519_size() is not equal to key.
  512. \param key Description
  513. \param priv Private key buffer.
  514. \param privSz Size of private key buffer.
  515. \param pub Public key buffer.
  516. \param pubSz Size of public key buffer.
  517. \param endian EC25519_BIG_ENDIAN or EC25519_LITTLE_ENDIAN to set which
  518. form to use.
  519. _Example_
  520. \code
  521. int ret;
  522. byte pub[32];
  523. byte priv[32];
  524. int pubSz;
  525. int privSz;
  526. curve25519_key key;
  527. // initialize and make key
  528. ret = wc_curve25519_export_key_raw_ex(&key,priv, &privSz, pub, &pubSz,
  529. EC25519_BIG_ENDIAN);
  530. if (ret != 0) {
  531. // error exporting key
  532. }
  533. \endcode
  534. \sa wc_curve25519_export_key_raw
  535. \sa wc_curve25519_export_private_raw_ex
  536. \sa wc_curve25519_export_public_ex
  537. */
  538. WOLFSSL_API
  539. int wc_curve25519_export_key_raw_ex(curve25519_key* key,
  540. byte* priv, word32 *privSz,
  541. byte* pub, word32 *pubSz,
  542. int endian);
  543. /*!
  544. \ingroup Curve25519
  545. \brief This function returns the key size of the given key structure.
  546. \return Success Given a valid, initialized curve25519_key structure,
  547. returns the size of the key.
  548. \return 0 Returned if key is NULL
  549. \param key pointer to the curve25519_key structure in for which to
  550. determine the key size
  551. _Example_
  552. \code
  553. curve25519_key key;
  554. // initialize and make key
  555. int keySz;
  556. keySz = wc_curve25519_size(&key);
  557. \endcode
  558. \sa wc_curve25519_init
  559. \sa wc_curve25519_make_key
  560. */
  561. WOLFSSL_API
  562. int wc_curve25519_size(curve25519_key* key);