2
0

ecc.h 63 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034
  1. /*!
  2. \ingroup ECC
  3. \brief This function generates a new ecc_key and stores it in key.
  4. \return 0 Returned on success.
  5. \return ECC_BAD_ARG_E Returned if rng or key evaluate to NULL
  6. \return BAD_FUNC_ARG Returned if the specified key size is not in the
  7. correct range of supported keys
  8. \return MEMORY_E Returned if there is an error allocating memory while
  9. computing the ecc key
  10. \return MP_INIT_E may be returned if there is an error while computing
  11. the ecc key
  12. \return MP_READ_E may be returned if there is an error while computing
  13. the ecc key
  14. \return MP_CMP_E may be returned if there is an error while computing the
  15. ecc key
  16. \return MP_INVMOD_E may be returned if there is an error while computing
  17. the ecc key
  18. \return MP_EXPTMOD_E may be returned if there is an error while computing
  19. the ecc key
  20. \return MP_MOD_E may be returned if there is an error while computing the
  21. ecc key
  22. \return MP_MUL_E may be returned if there is an error while computing the
  23. ecc key
  24. \return MP_ADD_E may be returned if there is an error while computing the
  25. ecc key
  26. \return MP_MULMOD_E may be returned if there is an error while computing
  27. the ecc key
  28. \return MP_TO_E may be returned if there is an error while computing the
  29. ecc key
  30. \return MP_MEM may be returned if there is an error while computing the
  31. ecc key
  32. \param rng pointer to an initialized RNG object with which to generate
  33. the key
  34. \param keysize desired length for the ecc_key
  35. \param key pointer to the ecc_key for which to generate a key
  36. _Example_
  37. \code
  38. ecc_key key;
  39. wc_ecc_init(&key);
  40. WC_RNG rng;
  41. wc_InitRng(&rng);
  42. wc_ecc_make_key(&rng, 32, &key); // initialize 32 byte ecc key
  43. \endcode
  44. \sa wc_ecc_init
  45. \sa wc_ecc_shared_secret
  46. */
  47. int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
  48. /*!
  49. \ingroup ECC
  50. \brief This function generates a new ecc_key and stores it in key.
  51. \return 0 Returned on success.
  52. \return ECC_BAD_ARG_E Returned if rng or key evaluate to NULL
  53. \return BAD_FUNC_ARG Returned if the specified key size is not in the
  54. correct range of supported keys
  55. \return MEMORY_E Returned if there is an error allocating memory while
  56. computing the ecc key
  57. \return MP_INIT_E may be returned if there is an error while computing
  58. the ecc key
  59. \return MP_READ_E may be returned if there is an error while computing
  60. the ecc key
  61. \return MP_CMP_E may be returned if there is an error while computing the
  62. ecc key
  63. \return MP_INVMOD_E may be returned if there is an error while computing
  64. the ecc key
  65. \return MP_EXPTMOD_E may be returned if there is an error while computing
  66. the ecc key
  67. \return MP_MOD_E may be returned if there is an error while computing the
  68. ecc key
  69. \return MP_MUL_E may be returned if there is an error while computing the
  70. ecc key
  71. \return MP_ADD_E may be returned if there is an error while computing the
  72. ecc key
  73. \return MP_MULMOD_E may be returned if there is an error while computing
  74. the ecc key
  75. \return MP_TO_E may be returned if there is an error while computing the
  76. ecc key
  77. \return MP_MEM may be returned if there is an error while computing the
  78. ecc key
  79. \param key Pointer to store the created key.
  80. \param keysize size of key to be created in bytes, set based on curveId
  81. \param rng Rng to be used in key creation
  82. \param curve_id Curve to use for key
  83. _Example_
  84. \code
  85. ecc_key key;
  86. int ret;
  87. WC_RNG rng;
  88. wc_ecc_init(&key);
  89. wc_InitRng(&rng);
  90. int curveId = ECC_SECP521R1;
  91. int keySize = wc_ecc_get_curve_size_from_id(curveId);
  92. ret = wc_ecc_make_key_ex(&rng, keySize, &key, curveId);
  93. if (ret != MP_OKAY) {
  94. // error handling
  95. }
  96. \endcode
  97. \sa wc_ecc_make_key
  98. \sa wc_ecc_get_curve_size_from_id
  99. */
  100. int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
  101. /*!
  102. \ingroup ECC
  103. \brief Perform sanity checks on ecc key validity.
  104. \return MP_OKAY Success, key is OK.
  105. \return BAD_FUNC_ARG Returns if key is NULL.
  106. \return ECC_INF_E Returns if wc_ecc_point_is_at_infinity returns 1.
  107. \param key Pointer to key to check.
  108. _Example_
  109. \code
  110. ecc_key key;
  111. WC_RNG rng;
  112. int check_result;
  113. wc_ecc_init(&key);
  114. wc_InitRng(&rng);
  115. wc_ecc_make_key(&rng, 32, &key);
  116. check_result = wc_ecc_check_key(&key);
  117. if (check_result == MP_OKAY)
  118. {
  119. // key check succeeded
  120. }
  121. else
  122. {
  123. // key check failed
  124. }
  125. \endcode
  126. \sa wc_ecc_point_is_at_infinity
  127. */
  128. int wc_ecc_check_key(ecc_key* key);
  129. /*!
  130. \ingroup ECC
  131. \brief This function frees an ecc_key key after it has been used.
  132. \param key pointer to the ecc_key structure to free
  133. _Example_
  134. \code
  135. // initialize key and perform ECC operations
  136. ...
  137. wc_ecc_key_free(&key);
  138. \endcode
  139. \sa wc_ecc_key_new
  140. \sa wc_ecc_init_ex
  141. */
  142. void wc_ecc_key_free(ecc_key* key);
  143. /*!
  144. \ingroup ECC
  145. \brief This function generates a new secret key using a local private key
  146. and a received public key. It stores this shared secret key in the buffer
  147. out and updates outlen to hold the number of bytes written to the output
  148. buffer.
  149. \return 0 Returned upon successfully generating a shared secret key
  150. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  151. NULL
  152. \return ECC_BAD_ARG_E Returned if the type of the private key given as
  153. argument, private_key, is not ECC_PRIVATEKEY, or if the public and private
  154. key types (given by ecc->dp) are not equivalent
  155. \return MEMORY_E Returned if there is an error generating a new ecc point
  156. \return BUFFER_E Returned if the generated shared secret key is too long
  157. to store in the provided buffer
  158. \return MP_INIT_E may be returned if there is an error while computing the
  159. shared key
  160. \return MP_READ_E may be returned if there is an error while computing the
  161. shared key
  162. \return MP_CMP_E may be returned if there is an error while computing the
  163. shared key
  164. \return MP_INVMOD_E may be returned if there is an error while computing
  165. the shared key
  166. \return MP_EXPTMOD_E may be returned if there is an error while computing
  167. the shared key
  168. \return MP_MOD_E may be returned if there is an error while computing the
  169. shared key
  170. \return MP_MUL_E may be returned if there is an error while computing the
  171. shared key
  172. \return MP_ADD_E may be returned if there is an error while computing the
  173. shared key
  174. \return MP_MULMOD_E may be returned if there is an error while computing
  175. the shared key
  176. \return MP_TO_E may be returned if there is an error while computing the
  177. shared key
  178. \return MP_MEM may be returned if there is an error while computing the
  179. shared key
  180. \param private_key pointer to the ecc_key structure containing the local
  181. private key
  182. \param public_key pointer to the ecc_key structure containing the received
  183. public key
  184. \param out pointer to an output buffer in which to store the generated
  185. shared secret key
  186. \param outlen pointer to the word32 object containing the length of the
  187. output buffer. Will be overwritten with the length written to the output
  188. buffer upon successfully generating a shared secret key
  189. _Example_
  190. \code
  191. ecc_key priv, pub;
  192. WC_RNG rng;
  193. byte secret[1024]; // can hold 1024 byte shared secret key
  194. word32 secretSz = sizeof(secret);
  195. int ret;
  196. wc_InitRng(&rng); // initialize rng
  197. wc_ecc_init(&priv); // initialize key
  198. wc_ecc_make_key(&rng, 32, &priv); // make public/private key pair
  199. // receive public key, and initialise into pub
  200. ret = wc_ecc_shared_secret(&priv, &pub, secret, &secretSz);
  201. // generate secret key
  202. if ( ret != 0 ) {
  203. // error generating shared secret key
  204. }
  205. \endcode
  206. \sa wc_ecc_init
  207. \sa wc_ecc_make_key
  208. */
  209. int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
  210. word32* outlen);
  211. /*!
  212. \ingroup ECC
  213. \brief Create an ECC shared secret between private key and public point.
  214. \return MP_OKAY Indicates success.
  215. \return BAD_FUNC_ARG Error returned when any arguments are null.
  216. \return ECC_BAD_ARG_E Error returned if private_key->type is not
  217. ECC_PRIVATEKEY or private_key->idx fails to validate.
  218. \return BUFFER_E Error when outlen is too small.
  219. \return MEMORY_E Error to create a new point.
  220. \return MP_VAL possible when an initialization failure occurs.
  221. \return MP_MEM possible when an initialization failure occurs.
  222. \param private_key The private ECC key.
  223. \param point The point to use (public key).
  224. \param out Output destination of the shared secret. Conforms to
  225. EC-DH from ANSI X9.63.
  226. \param outlen Input the max size and output the resulting size of
  227. the shared secret.
  228. _Example_
  229. \code
  230. ecc_key key;
  231. ecc_point* point;
  232. byte shared_secret[];
  233. int secret_size;
  234. int result;
  235. point = wc_ecc_new_point();
  236. result = wc_ecc_shared_secret_ex(&key, point,
  237. &shared_secret, &secret_size);
  238. if (result != MP_OKAY)
  239. {
  240. // Handle error
  241. }
  242. \endcode
  243. \sa wc_ecc_verify_hash_ex
  244. */
  245. int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
  246. byte* out, word32 *outlen);
  247. /*!
  248. \ingroup ECC
  249. \brief This function signs a message digest using an ecc_key object to
  250. guarantee authenticity.
  251. \return 0 Returned upon successfully generating a signature for the
  252. message digest
  253. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  254. NULL, or if the output buffer is too small to store the generated signature
  255. \return ECC_BAD_ARG_E Returned if the input key is not a private key, or
  256. if the ECC OID is invalid
  257. \return RNG_FAILURE_E Returned if the rng cannot successfully generate a
  258. satisfactory key
  259. \return MP_INIT_E may be returned if there is an error while computing
  260. the message signature
  261. \return MP_READ_E may be returned if there is an error while computing
  262. the message signature
  263. \return MP_CMP_E may be returned if there is an error while computing the
  264. message signature
  265. \return MP_INVMOD_E may be returned if there is an error while computing
  266. the message signature
  267. \return MP_EXPTMOD_E may be returned if there is an error while computing
  268. the message signature
  269. \return MP_MOD_E may be returned if there is an error while computing the
  270. message signature
  271. \return MP_MUL_E may be returned if there is an error while computing the
  272. message signature
  273. \return MP_ADD_E may be returned if there is an error while computing the
  274. message signature
  275. \return MP_MULMOD_E may be returned if there is an error while computing
  276. the message signature
  277. \return MP_TO_E may be returned if there is an error while computing the
  278. message signature
  279. \return MP_MEM may be returned if there is an error while computing the
  280. message signature
  281. \param in pointer to the buffer containing the message hash to sign
  282. \param inlen length of the message hash to sign
  283. \param out buffer in which to store the generated signature
  284. \param outlen max length of the output buffer. Will store the bytes
  285. written to out upon successfully generating a message signature
  286. \param key pointer to a private ECC key with which to generate the
  287. signature
  288. _Example_
  289. \code
  290. ecc_key key;
  291. WC_RNG rng;
  292. int ret, sigSz;
  293. byte sig[512]; // will hold generated signature
  294. sigSz = sizeof(sig);
  295. byte digest[] = { // initialize with message hash };
  296. wc_InitRng(&rng); // initialize rng
  297. wc_ecc_init(&key); // initialize key
  298. wc_ecc_make_key(&rng, 32, &key); // make public/private key pair
  299. ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &sigSz, &key);
  300. if ( ret != 0 ) {
  301. // error generating message signature
  302. }
  303. \endcode
  304. \sa wc_ecc_verify_hash
  305. */
  306. int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
  307. WC_RNG* rng, ecc_key* key);
  308. /*!
  309. \ingroup ECC
  310. \brief Sign a message digest.
  311. \return MP_OKAY Returned upon successfully generating a signature for the
  312. message digest
  313. \return ECC_BAD_ARG_E Returned if the input key is not a private key, or
  314. if the ECC IDX is invalid, or if any of the input parameters evaluate to
  315. NULL, or if the output buffer is too small to store the generated signature
  316. \return RNG_FAILURE_E Returned if the rng cannot successfully generate a
  317. satisfactory key
  318. \return MP_INIT_E may be returned if there is an error while computing the
  319. message signature
  320. \return MP_READ_E may be returned if there is an error while computing the
  321. message signature
  322. \return MP_CMP_E may be returned if there is an error while computing the
  323. message signature
  324. \return MP_INVMOD_E may be returned if there is an error while computing
  325. the message signature
  326. \return MP_EXPTMOD_E may be returned if there is an error while computing
  327. the message signature
  328. \return MP_MOD_E may be returned if there is an error while computing the
  329. message signature
  330. \return MP_MUL_E may be returned if there is an error while computing the
  331. message signature
  332. \return MP_ADD_E may be returned if there is an error while computing the
  333. message signature
  334. \return MP_MULMOD_E may be returned if there is an error while computing
  335. the message signature
  336. \return MP_TO_E may be returned if there is an error while computing the
  337. message signature
  338. \return MP_MEM may be returned if there is an error while computing the
  339. message signature
  340. \param in The message digest to sign.
  341. \param inlen The length of the digest.
  342. \param rng Pointer to WC_RNG struct.
  343. \param key A private ECC key.
  344. \param r The destination for r component of the signature.
  345. \param s The destination for s component of the signature.
  346. _Example_
  347. \code
  348. ecc_key key;
  349. WC_RNG rng;
  350. int ret, sigSz;
  351. mp_int r; // destination for r component of signature.
  352. mp_int s; // destination for s component of signature.
  353. byte sig[512]; // will hold generated signature
  354. sigSz = sizeof(sig);
  355. byte digest[] = { initialize with message hash };
  356. wc_InitRng(&rng); // initialize rng
  357. wc_ecc_init(&key); // initialize key
  358. mp_init(&r); // initialize r component
  359. mp_init(&s); // initialize s component
  360. wc_ecc_make_key(&rng, 32, &key); // make public/private key pair
  361. ret = wc_ecc_sign_hash_ex(digest, sizeof(digest), &rng, &key, &r, &s);
  362. if ( ret != MP_OKAY ) {
  363. // error generating message signature
  364. }
  365. \endcode
  366. \sa wc_ecc_verify_hash_ex
  367. */
  368. int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
  369. ecc_key* key, mp_int *r, mp_int *s);
  370. /*!
  371. \ingroup ECC
  372. \brief This function verifies the ECC signature of a hash to ensure
  373. authenticity. It returns the answer through stat, with 1 corresponding
  374. to a valid signature, and 0 corresponding to an invalid signature.
  375. \return 0 Returned upon successfully performing the signature
  376. verification. Note: This does not mean that the signature is verified.
  377. The authenticity information is stored instead in stat
  378. \return BAD_FUNC_ARG Returned any of the input parameters evaluate to NULL
  379. \return MEMORY_E Returned if there is an error allocating memory
  380. \return MP_INIT_E may be returned if there is an error while computing
  381. the message signature
  382. \return MP_READ_E may be returned if there is an error while computing
  383. the message signature
  384. \return MP_CMP_E may be returned if there is an error while computing
  385. the message signature
  386. \return MP_INVMOD_E may be returned if there is an error while computing
  387. the message signature
  388. \return MP_EXPTMOD_E may be returned if there is an error while
  389. computing the message signature
  390. \return MP_MOD_E may be returned if there is an error while computing
  391. the message signature
  392. \return MP_MUL_E may be returned if there is an error while computing
  393. the message signature
  394. \return MP_ADD_E may be returned if there is an error while computing
  395. the message signature
  396. \return MP_MULMOD_E may be returned if there is an error while computing
  397. the message signature
  398. \return MP_TO_E may be returned if there is an error while computing the
  399. message signature
  400. \return MP_MEM may be returned if there is an error while computing the
  401. message signature
  402. \param sig pointer to the buffer containing the signature to verify
  403. \param siglen length of the signature to verify
  404. \param hash pointer to the buffer containing the hash of the message
  405. verified
  406. \param hashlen length of the hash of the message verified
  407. \param stat pointer to the result of the verification. 1 indicates the
  408. message was successfully verified
  409. \param key pointer to a public ECC key with which to verify the signature
  410. _Example_
  411. \code
  412. ecc_key key;
  413. int ret, verified = 0;
  414. byte sig[1024] { initialize with received signature };
  415. byte digest[] = { initialize with message hash };
  416. // initialize key with received public key
  417. ret = wc_ecc_verify_hash(sig, sizeof(sig), digest,sizeof(digest),
  418. &verified, &key);
  419. if ( ret != 0 ) {
  420. // error performing verification
  421. } else if ( verified == 0 ) {
  422. // the signature is invalid
  423. }
  424. \endcode
  425. \sa wc_ecc_sign_hash
  426. \sa wc_ecc_verify_hash_ex
  427. */
  428. int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
  429. word32 hashlen, int* stat, ecc_key* key);
  430. /*!
  431. \ingroup ECC
  432. \brief Verify an ECC signature. Result is written to stat.
  433. 1 is valid, 0 is invalid.
  434. Note: Do not use the return value to test for valid. Only use stat.
  435. \return MP_OKAY If successful (even if the signature is not valid)
  436. \return ECC_BAD_ARG_E Returns if arguments are null or if
  437. key-idx is invalid.
  438. \return MEMORY_E Error allocating ints or points.
  439. \param r The signature R component to verify
  440. \param s The signature S component to verify
  441. \param hash The hash (message digest) that was signed
  442. \param hashlen The length of the hash (octets)
  443. \param stat Result of signature, 1==valid, 0==invalid
  444. \param key The corresponding public ECC key
  445. _Example_
  446. \code
  447. mp_int r;
  448. mp_int s;
  449. int stat;
  450. byte hash[] = { Some hash }
  451. ecc_key key;
  452. if(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &stat, &key) == MP_OKAY)
  453. {
  454. // Check stat
  455. }
  456. \endcode
  457. \sa wc_ecc_verify_hash
  458. */
  459. int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
  460. word32 hashlen, int* stat, ecc_key* key);
  461. /*!
  462. \ingroup ECC
  463. \brief This function initializes an ecc_key object for future
  464. use with message verification or key negotiation.
  465. \return 0 Returned upon successfully initializing the ecc_key object
  466. \return MEMORY_E Returned if there is an error allocating memory
  467. \param key pointer to the ecc_key object to initialize
  468. _Example_
  469. \code
  470. ecc_key key;
  471. wc_ecc_init(&key);
  472. \endcode
  473. \sa wc_ecc_make_key
  474. \sa wc_ecc_free
  475. */
  476. int wc_ecc_init(ecc_key* key);
  477. /*!
  478. \ingroup ECC
  479. \brief This function initializes an ecc_key object for future
  480. use with message verification or key negotiation.
  481. \return 0 Returned upon successfully initializing the ecc_key object
  482. \return MEMORY_E Returned if there is an error allocating memory
  483. \param key pointer to the ecc_key object to initialize
  484. \param heap pointer to a heap identifier
  485. \param devId ID to use with crypto callbacks or async hardware. Set to INVALID_DEVID (-2) if not used
  486. _Example_
  487. \code
  488. ecc_key key;
  489. wc_ecc_init_ex(&key, heap, devId);
  490. \endcode
  491. \sa wc_ecc_make_key
  492. \sa wc_ecc_free
  493. \sa wc_ecc_init
  494. */
  495. int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
  496. /*!
  497. \ingroup ECC
  498. \brief This function uses a user defined heap and allocates space for the
  499. key structure.
  500. \return 0 Returned upon successfully initializing the ecc_key object
  501. \return MEMORY_E Returned if there is an error allocating memory
  502. _Example_
  503. \code
  504. wc_ecc_key_new(&heap);
  505. \endcode
  506. \sa wc_ecc_make_key
  507. \sa wc_ecc_key_free
  508. \sa wc_ecc_init
  509. */
  510. ecc_key* wc_ecc_key_new(void* heap);
  511. /*!
  512. \ingroup ECC
  513. \brief This function frees an ecc_key object after it has been used.
  514. \return int integer returned indicating wolfSSL error or success status.
  515. \param key pointer to the ecc_key object to free
  516. _Example_
  517. \code
  518. // initialize key and perform secure exchanges
  519. ...
  520. wc_ecc_free(&key);
  521. \endcode
  522. \sa wc_ecc_init
  523. */
  524. int wc_ecc_free(ecc_key* key);
  525. /*!
  526. \ingroup ECC
  527. \brief This function frees the fixed-point cache, which can be used
  528. with ecc to speed up computation times. To use this functionality,
  529. FP_ECC (fixed-point ecc), should be defined. Threaded applications should
  530. call this function before exiting the thread.
  531. \return none No returns.
  532. \param none No parameters.
  533. _Example_
  534. \code
  535. ecc_key key;
  536. // initialize key and perform secure exchanges
  537. ...
  538. wc_ecc_fp_free();
  539. \endcode
  540. \sa wc_ecc_free
  541. */
  542. void wc_ecc_fp_free(void);
  543. /*!
  544. \ingroup ECC
  545. \brief Checks if an ECC idx is valid.
  546. \return 1 Return if valid.
  547. \return 0 Return if not valid.
  548. \param n The idx number to check.
  549. _Example_
  550. \code
  551. ecc_key key;
  552. WC_RNG rng;
  553. int is_valid;
  554. wc_ecc_init(&key);
  555. wc_InitRng(&rng);
  556. wc_ecc_make_key(&rng, 32, &key);
  557. is_valid = wc_ecc_is_valid_idx(key.idx);
  558. if (is_valid == 1)
  559. {
  560. // idx is valid
  561. }
  562. else if (is_valid == 0)
  563. {
  564. // idx is not valid
  565. }
  566. \endcode
  567. \sa none
  568. */
  569. int wc_ecc_is_valid_idx(int n);
  570. /*!
  571. \ingroup ECC
  572. \brief Allocate a new ECC point.
  573. \return p A newly allocated point.
  574. \return NULL Returns NULL on error.
  575. \param none No parameters.
  576. _Example_
  577. \code
  578. ecc_point* point;
  579. point = wc_ecc_new_point();
  580. if (point == NULL)
  581. {
  582. // Handle point creation error
  583. }
  584. // Do stuff with point
  585. \endcode
  586. \sa wc_ecc_del_point
  587. \sa wc_ecc_cmp_point
  588. \sa wc_ecc_copy_point
  589. */
  590. ecc_point* wc_ecc_new_point(void);
  591. /*!
  592. \ingroup ECC
  593. \brief Free an ECC point from memory.
  594. \return none No returns.
  595. \param p The point to free.
  596. _Example_
  597. \code
  598. ecc_point* point;
  599. point = wc_ecc_new_point();
  600. if (point == NULL)
  601. {
  602. // Handle point creation error
  603. }
  604. // Do stuff with point
  605. wc_ecc_del_point(point);
  606. \endcode
  607. \sa wc_ecc_new_point
  608. \sa wc_ecc_cmp_point
  609. \sa wc_ecc_copy_point
  610. */
  611. void wc_ecc_del_point(ecc_point* p);
  612. /*!
  613. \ingroup ECC
  614. \brief Copy the value of one point to another one.
  615. \return ECC_BAD_ARG_E Error thrown when p or r is null.
  616. \return MP_OKAY Point copied successfully
  617. \return ret Error from internal functions. Can be...
  618. \param p The point to copy.
  619. \param r The created point.
  620. _Example_
  621. \code
  622. ecc_point* point;
  623. ecc_point* copied_point;
  624. int copy_return;
  625. point = wc_ecc_new_point();
  626. copy_return = wc_ecc_copy_point(point, copied_point);
  627. if (copy_return != MP_OKAY)
  628. {
  629. // Handle error
  630. }
  631. \endcode
  632. \sa wc_ecc_new_point
  633. \sa wc_ecc_cmp_point
  634. \sa wc_ecc_del_point
  635. */
  636. int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
  637. /*!
  638. \ingroup ECC
  639. \brief Compare the value of a point with another one.
  640. \return BAD_FUNC_ARG One or both arguments are NULL.
  641. \return MP_EQ The points are equal.
  642. \return ret Either MP_LT or MP_GT and signifies that the
  643. points are not equal.
  644. \param a First point to compare.
  645. \param b Second point to compare.
  646. _Example_
  647. \code
  648. ecc_point* point;
  649. ecc_point* point_to_compare;
  650. int cmp_result;
  651. point = wc_ecc_new_point();
  652. point_to_compare = wc_ecc_new_point();
  653. cmp_result = wc_ecc_cmp_point(point, point_to_compare);
  654. if (cmp_result == BAD_FUNC_ARG)
  655. {
  656. // arguments are invalid
  657. }
  658. else if (cmp_result == MP_EQ)
  659. {
  660. // Points are equal
  661. }
  662. else
  663. {
  664. // Points are not equal
  665. }
  666. \endcode
  667. \sa wc_ecc_new_point
  668. \sa wc_ecc_del_point
  669. \sa wc_ecc_copy_point
  670. */
  671. int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
  672. /*!
  673. \ingroup ECC
  674. \brief Checks if a point is at infinity. Returns 1 if point is
  675. at infinity, 0 if not, < 0 on error
  676. \return 1 p is at infinity.
  677. \return 0 p is not at infinity.
  678. \return <0 Error.
  679. \param p The point to check.
  680. _Example_
  681. \code
  682. ecc_point* point;
  683. int is_infinity;
  684. point = wc_ecc_new_point();
  685. is_infinity = wc_ecc_point_is_at_infinity(point);
  686. if (is_infinity < 0)
  687. {
  688. // Handle error
  689. }
  690. else if (is_infinity == 0)
  691. {
  692. // Point is not at infinity
  693. }
  694. else if (is_infinity == 1)
  695. {
  696. // Point is at infinity
  697. }
  698. \endcode
  699. \sa wc_ecc_new_point
  700. \sa wc_ecc_del_point
  701. \sa wc_ecc_cmp_point
  702. \sa wc_ecc_copy_point
  703. */
  704. int wc_ecc_point_is_at_infinity(ecc_point *p);
  705. /*!
  706. \ingroup ECC
  707. \brief Perform ECC Fixed Point multiplication.
  708. \return MP_OKAY Returns on successful operation.
  709. \return MP_INIT_E Returned if there is an error initializing an integer
  710. for use with the multiple precision integer (mp_int) library.
  711. \param k The multiplicand.
  712. \param G Base point to multiply.
  713. \param R Destination of product.
  714. \param modulus The modulus for the curve.
  715. \param map If non-zero maps the point back to affine coordinates,
  716. otherwise it's left in jacobian-montgomery form.
  717. _Example_
  718. \code
  719. ecc_point* base;
  720. ecc_point* destination;
  721. // Initialize points
  722. base = wc_ecc_new_point();
  723. destination = wc_ecc_new_point();
  724. // Setup other arguments
  725. mp_int multiplicand;
  726. mp_int modulus;
  727. int map;
  728. \endcode
  729. \sa none
  730. */
  731. int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
  732. mp_int* a, mp_int* modulus, int map);
  733. /*!
  734. \ingroup ECC
  735. \brief This function exports the ECC key from the ecc_key structure,
  736. storing the result in out. The key will be stored in ANSI X9.63 format.
  737. It stores the bytes written to the output buffer in outLen.
  738. \return 0 Returned on successfully exporting the ecc_key
  739. \return LENGTH_ONLY_E Returned if the output buffer evaluates to NULL,
  740. but the other two input parameters are valid. Indicates that the function
  741. is only returning the length required to store the key
  742. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL,
  743. or the key is unsupported (has an invalid index)
  744. \return BUFFER_E Returned if the output buffer is too small to store the
  745. ecc key. If the output buffer is too small, the size needed will be
  746. returned in outLen
  747. \return MEMORY_E Returned if there is an error allocating memory with
  748. XMALLOC
  749. \return MP_INIT_E may be returned if there is an error processing the
  750. ecc_key
  751. \return MP_READ_E may be returned if there is an error processing the
  752. ecc_key
  753. \return MP_CMP_E may be returned if there is an error processing the
  754. ecc_key
  755. \return MP_INVMOD_E may be returned if there is an error processing the
  756. ecc_key
  757. \return MP_EXPTMOD_E may be returned if there is an error processing the
  758. ecc_key
  759. \return MP_MOD_E may be returned if there is an error processing the
  760. ecc_key
  761. \return MP_MUL_E may be returned if there is an error processing the
  762. ecc_key
  763. \return MP_ADD_E may be returned if there is an error processing the
  764. ecc_key
  765. \return MP_MULMOD_E may be returned if there is an error processing the
  766. ecc_key
  767. \return MP_TO_E may be returned if there is an error processing the ecc_key
  768. \return MP_MEM may be returned if there is an error processing the ecc_key
  769. \param key pointer to the ecc_key object to export
  770. \param out pointer to the buffer in which to store the ANSI X9.63
  771. formatted key
  772. \param outLen size of the output buffer. On successfully storing the
  773. key, will hold the bytes written to the output buffer
  774. _Example_
  775. \code
  776. int ret;
  777. byte buff[1024];
  778. word32 buffSz = sizeof(buff);
  779. ecc_key key;
  780. // initialize key, make key
  781. ret = wc_ecc_export_x963(&key, buff, &buffSz);
  782. if ( ret != 0) {
  783. // error exporting key
  784. }
  785. \endcode
  786. \sa wc_ecc_export_x963_ex
  787. \sa wc_ecc_import_x963
  788. */
  789. int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
  790. /*!
  791. \ingroup ECC
  792. \brief This function exports the ECC key from the ecc_key structure,
  793. storing the result in out. The key will be stored in ANSI X9.63 format.
  794. It stores the bytes written to the output buffer in outLen. This function
  795. allows the additional option of compressing the certificate through the
  796. compressed parameter. When this parameter is true, the key will be stored
  797. in ANSI X9.63 compressed format.
  798. \return 0 Returned on successfully exporting the ecc_key
  799. \return NOT_COMPILED_IN Returned if the HAVE_COMP_KEY was not enabled at
  800. compile time, but the key was requested in compressed format
  801. \return LENGTH_ONLY_E Returned if the output buffer evaluates to NULL, but
  802. the other two input parameters are valid. Indicates that the function is
  803. only returning the length required to store the key
  804. \return ECC_BAD_ARG_E Returned if any of the input parameters are NULL, or
  805. the key is unsupported (has an invalid index)
  806. \return BUFFER_E Returned if the output buffer is too small to store the
  807. ecc key. If the output buffer is too small, the size needed will be
  808. returned in outLen
  809. \return MEMORY_E Returned if there is an error allocating memory with
  810. XMALLOC
  811. \return MP_INIT_E may be returned if there is an error processing the
  812. ecc_key
  813. \return MP_READ_E may be returned if there is an error processing the
  814. ecc_key
  815. \return MP_CMP_E may be returned if there is an error processing the
  816. ecc_key
  817. \return MP_INVMOD_E may be returned if there is an error processing the
  818. ecc_key
  819. \return MP_EXPTMOD_E may be returned if there is an error processing
  820. the ecc_key
  821. \return MP_MOD_E may be returned if there is an error processing the
  822. ecc_key
  823. \return MP_MUL_E may be returned if there is an error processing the
  824. ecc_key
  825. \return MP_ADD_E may be returned if there is an error processing the
  826. ecc_key
  827. \return MP_MULMOD_E may be returned if there is an error processing
  828. the ecc_key
  829. \return MP_TO_E may be returned if there is an error processing the ecc_key
  830. \return MP_MEM may be returned if there is an error processing the ecc_key
  831. \param key pointer to the ecc_key object to export
  832. \param out pointer to the buffer in which to store the ANSI X9.63
  833. formatted key
  834. \param outLen size of the output buffer. On successfully storing the
  835. key, will hold the bytes written to the output buffer
  836. \param compressed indicator of whether to store the key in compressed
  837. format. 1==compressed, 0==uncompressed
  838. _Example_
  839. \code
  840. int ret;
  841. byte buff[1024];
  842. word32 buffSz = sizeof(buff);
  843. ecc_key key;
  844. // initialize key, make key
  845. ret = wc_ecc_export_x963_ex(&key, buff, &buffSz, 1);
  846. if ( ret != 0) {
  847. // error exporting key
  848. }
  849. \endcode
  850. \sa wc_ecc_export_x963
  851. \sa wc_ecc_import_x963
  852. */
  853. int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed);
  854. /*!
  855. \ingroup ECC
  856. \brief This function imports a public ECC key from a buffer containing the
  857. key stored in ANSI X9.63 format. This function will handle both compressed
  858. and uncompressed keys, as long as compressed keys are enabled at compile
  859. time through the HAVE_COMP_KEY option.
  860. \return 0 Returned on successfully importing the ecc_key
  861. \return NOT_COMPILED_IN Returned if the HAVE_COMP_KEY was not enabled at
  862. compile time, but the key is stored in compressed format
  863. \return ECC_BAD_ARG_E Returned if in or key evaluate to NULL, or the
  864. inLen is even (according to the x9.63 standard, the key must be odd)
  865. \return MEMORY_E Returned if there is an error allocating memory
  866. \return ASN_PARSE_E Returned if there is an error parsing the ECC key;
  867. may indicate that the ECC key is not stored in valid ANSI X9.63 format
  868. \return IS_POINT_E Returned if the public key exported is not a point
  869. on the ECC curve
  870. \return MP_INIT_E may be returned if there is an error processing the
  871. ecc_key
  872. \return MP_READ_E may be returned if there is an error processing the
  873. ecc_key
  874. \return MP_CMP_E may be returned if there is an error processing the
  875. ecc_key
  876. \return MP_INVMOD_E may be returned if there is an error processing the
  877. ecc_key
  878. \return MP_EXPTMOD_E may be returned if there is an error processing the
  879. ecc_key
  880. \return MP_MOD_E may be returned if there is an error processing the
  881. ecc_key
  882. \return MP_MUL_E may be returned if there is an error processing the
  883. ecc_key
  884. \return MP_ADD_E may be returned if there is an error processing the
  885. ecc_key
  886. \return MP_MULMOD_E may be returned if there is an error processing the
  887. ecc_key
  888. \return MP_TO_E may be returned if there is an error processing the ecc_key
  889. \return MP_MEM may be returned if there is an error processing the ecc_key
  890. \param in pointer to the buffer containing the ANSI x9.63 formatted ECC key
  891. \param inLen length of the input buffer
  892. \param key pointer to the ecc_key object in which to store the imported key
  893. _Example_
  894. \code
  895. int ret;
  896. byte buff[] = { initialize with ANSI X9.63 formatted key };
  897. ecc_key pubKey;
  898. wc_ecc_init(&pubKey);
  899. ret = wc_ecc_import_x963(buff, sizeof(buff), &pubKey);
  900. if ( ret != 0) {
  901. // error importing key
  902. }
  903. \endcode
  904. \sa wc_ecc_export_x963
  905. \sa wc_ecc_import_private_key
  906. */
  907. int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
  908. /*!
  909. \ingroup ECC
  910. \brief This function imports a public/private ECC key pair from a buffer
  911. containing the raw private key, and a second buffer containing the ANSI
  912. X9.63 formatted public key. This function will handle both compressed and
  913. uncompressed keys, as long as compressed keys are enabled at compile time
  914. through the HAVE_COMP_KEY option.
  915. \return 0 Returned on successfully importing the ecc_key
  916. NOT_COMPILED_IN Returned if the HAVE_COMP_KEY was not enabled at compile
  917. time, but the key is stored in compressed format
  918. \return ECC_BAD_ARG_E Returned if in or key evaluate to NULL, or the
  919. inLen is even (according to the x9.63 standard, the key must be odd)
  920. \return MEMORY_E Returned if there is an error allocating memory
  921. \return ASN_PARSE_E Returned if there is an error parsing the ECC key;
  922. may indicate that the ECC key is not stored in valid ANSI X9.63 format
  923. \return IS_POINT_E Returned if the public key exported is not a point
  924. on the ECC curve
  925. \return MP_INIT_E may be returned if there is an error processing the
  926. ecc_key
  927. \return MP_READ_E may be returned if there is an error processing the
  928. ecc_key
  929. \return MP_CMP_E may be returned if there is an error processing the
  930. ecc_key
  931. \return MP_INVMOD_E may be returned if there is an error processing
  932. the ecc_key
  933. \return MP_EXPTMOD_E may be returned if there is an error processing
  934. the ecc_key
  935. \return MP_MOD_E may be returned if there is an error processing the
  936. ecc_key
  937. \return MP_MUL_E may be returned if there is an error processing the
  938. ecc_key
  939. \return MP_ADD_E may be returned if there is an error processing the
  940. ecc_key
  941. \return MP_MULMOD_E may be returned if there is an error processing
  942. the ecc_key
  943. \return MP_TO_E may be returned if there is an error processing the ecc_key
  944. \return MP_MEM may be returned if there is an error processing the ecc_key
  945. \param priv pointer to the buffer containing the raw private key
  946. \param privSz size of the private key buffer
  947. \param pub pointer to the buffer containing the ANSI x9.63 formatted ECC
  948. public key
  949. \param pubSz length of the public key input buffer
  950. \param key pointer to the ecc_key object in which to store the imported
  951. private/public key pair
  952. _Example_
  953. \code
  954. int ret;
  955. byte pub[] = { initialize with ANSI X9.63 formatted key };
  956. byte priv[] = { initialize with the raw private key };
  957. ecc_key key;
  958. wc_ecc_init(&key);
  959. ret = wc_ecc_import_private_key(priv, sizeof(priv), pub, sizeof(pub),
  960. &key);
  961. if ( ret != 0) {
  962. // error importing key
  963. }
  964. \endcode
  965. \sa wc_ecc_export_x963
  966. \sa wc_ecc_import_private_key
  967. */
  968. int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
  969. word32 pubSz, ecc_key* key);
  970. /*!
  971. \ingroup ECC
  972. \brief This function converts the R and S portions of an ECC signature
  973. into a DER-encoded ECDSA signature. This function also stores the length
  974. written to the output buffer, out, in outlen.
  975. \return 0 Returned on successfully converting the signature
  976. \return ECC_BAD_ARG_E Returned if any of the input parameters evaluate
  977. to NULL, or if the input buffer is not large enough to hold the
  978. DER-encoded ECDSA signature
  979. \return MP_INIT_E may be returned if there is an error processing
  980. the ecc_key
  981. \return MP_READ_E may be returned if there is an error processing
  982. the ecc_key
  983. \return MP_CMP_E may be returned if there is an error processing
  984. the ecc_key
  985. \return MP_INVMOD_E may be returned if there is an error processing
  986. the ecc_key
  987. \return MP_EXPTMOD_E may be returned if there is an error processing
  988. the ecc_key
  989. \return MP_MOD_E may be returned if there is an error processing the
  990. ecc_key
  991. \return MP_MUL_E may be returned if there is an error processing the
  992. ecc_key
  993. \return MP_ADD_E may be returned if there is an error processing the
  994. ecc_key
  995. \return MP_MULMOD_E may be returned if there is an error processing
  996. the ecc_key
  997. \return MP_TO_E may be returned if there is an error processing the ecc_key
  998. \return MP_MEM may be returned if there is an error processing the ecc_key
  999. \param r pointer to the buffer containing the R portion of the signature
  1000. as a string
  1001. \param s pointer to the buffer containing the S portion of the signature
  1002. as a string
  1003. \param out pointer to the buffer in which to store the DER-encoded ECDSA
  1004. signature
  1005. \param outlen length of the output buffer available. Will store the bytes
  1006. written to the buffer after successfully converting the signature to
  1007. ECDSA format
  1008. _Example_
  1009. \code
  1010. int ret;
  1011. ecc_key key;
  1012. // initialize key, generate R and S
  1013. char r[] = { initialize with R };
  1014. char s[] = { initialize with S };
  1015. byte sig[wc_ecc_sig_size(key)];
  1016. // signature size will be 2 * ECC key size + ~10 bytes for ASN.1 overhead
  1017. word32 sigSz = sizeof(sig);
  1018. ret = wc_ecc_rs_to_sig(r, s, sig, &sigSz);
  1019. if ( ret != 0) {
  1020. // error converting parameters to signature
  1021. }
  1022. \endcode
  1023. \sa wc_ecc_sign_hash
  1024. \sa wc_ecc_sig_size
  1025. */
  1026. int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
  1027. /*!
  1028. \ingroup ECC
  1029. \brief This function fills an ecc_key structure with the raw components
  1030. of an ECC signature.
  1031. \return 0 Returned upon successfully importing into the ecc_key structure
  1032. \return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL
  1033. \return MEMORY_E Returned if there is an error initializing space to
  1034. store the parameters of the ecc_key
  1035. \return ASN_PARSE_E Returned if the input curveName is not defined
  1036. in ecc_sets
  1037. \return MP_INIT_E may be returned if there is an error processing the
  1038. input parameters
  1039. \return MP_READ_E may be returned if there is an error processing the
  1040. input parameters
  1041. \return MP_CMP_E may be returned if there is an error processing the
  1042. input parameters
  1043. \return MP_INVMOD_E may be returned if there is an error processing the
  1044. input parameters
  1045. \return MP_EXPTMOD_E may be returned if there is an error processing the
  1046. input parameters
  1047. \return MP_MOD_E may be returned if there is an error processing the
  1048. input parameters
  1049. \return MP_MUL_E may be returned if there is an error processing the
  1050. input parameters
  1051. \return MP_ADD_E may be returned if there is an error processing the
  1052. input parameters
  1053. \return MP_MULMOD_E may be returned if there is an error processing
  1054. the input parameters
  1055. \return MP_TO_E may be returned if there is an error processing the
  1056. input parameters
  1057. \return MP_MEM may be returned if there is an error processing the
  1058. input parameters
  1059. \param key pointer to an ecc_key structure to fill
  1060. \param qx pointer to a buffer containing the x component of the base
  1061. point as an ASCII hex string
  1062. \param qy pointer to a buffer containing the y component of the base
  1063. point as an ASCII hex string
  1064. \param d pointer to a buffer containing the private key as an ASCII
  1065. hex string
  1066. \param curveName pointer to a string containing the ECC curve name,
  1067. as found in ecc_sets
  1068. _Example_
  1069. \code
  1070. int ret;
  1071. ecc_key key;
  1072. wc_ecc_init(&key);
  1073. char qx[] = { initialize with x component of base point };
  1074. char qy[] = { initialize with y component of base point };
  1075. char d[] = { initialize with private key };
  1076. ret = wc_ecc_import_raw(&key,qx, qy, d, "ECC-256");
  1077. if ( ret != 0) {
  1078. // error initializing key with given inputs
  1079. }
  1080. \endcode
  1081. \sa wc_ecc_import_private_key
  1082. */
  1083. int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
  1084. const char* d, const char* curveName);
  1085. /*!
  1086. \ingroup ECC
  1087. \brief This function exports only the private key from an ecc_key
  1088. structure. It stores the private key in the buffer out, and sets
  1089. the bytes written to this buffer in outLen.
  1090. \return 0 Returned upon successfully exporting the private key
  1091. \return ECC_BAD_ARG_E Returned if any of the input values evaluate to NULL
  1092. \return MEMORY_E Returned if there is an error initializing space
  1093. to store the parameters of the ecc_key
  1094. \return ASN_PARSE_E Returned if the input curveName is not defined
  1095. in ecc_sets
  1096. \return MP_INIT_E may be returned if there is an error processing
  1097. the input parameters
  1098. \return MP_READ_E may be returned if there is an error processing the
  1099. input parameters
  1100. \return MP_CMP_E may be returned if there is an error processing the
  1101. input parameters
  1102. \return MP_INVMOD_E may be returned if there is an error processing
  1103. the input parameters
  1104. \return MP_EXPTMOD_E may be returned if there is an error processing
  1105. the input parameters
  1106. \return MP_MOD_E may be returned if there is an error processing the
  1107. input parameters
  1108. \return MP_MUL_E may be returned if there is an error processing the
  1109. input parameters
  1110. \return MP_ADD_E may be returned if there is an error processing the
  1111. input parameters
  1112. \return MP_MULMOD_E may be returned if there is an error processing
  1113. the input parameters
  1114. \return MP_TO_E may be returned if there is an error processing the
  1115. input parameters
  1116. \return MP_MEM may be returned if there is an error processing the
  1117. input parameters
  1118. \param key pointer to an ecc_key structure from which to export the
  1119. private key
  1120. \param out pointer to the buffer in which to store the private key
  1121. \param outLen pointer to a word32 object with the size available in
  1122. out. Set with the number of bytes written to out after successfully
  1123. exporting the private key
  1124. _Example_
  1125. \code
  1126. int ret;
  1127. ecc_key key;
  1128. // initialize key, make key
  1129. char priv[ECC_KEY_SIZE];
  1130. word32 privSz = sizeof(priv);
  1131. ret = wc_ecc_export_private_only(&key, priv, &privSz);
  1132. if ( ret != 0) {
  1133. // error exporting private key
  1134. }
  1135. \endcode
  1136. \sa wc_ecc_import_private_key
  1137. */
  1138. int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
  1139. /*!
  1140. \ingroup ECC
  1141. \brief Export point to der.
  1142. \return 0 Returned on success.
  1143. \return ECC_BAD_ARG_E Returns if curve_idx is less than 0 or
  1144. invalid. Also returns when
  1145. \return LENGTH_ONLY_E outLen is set but nothing else.
  1146. \return BUFFER_E Returns if outLen is less than 1 + 2 * the curve size.
  1147. \return MEMORY_E Returns if there is a problem allocating memory.
  1148. \param curve_idx Index of the curve used from ecc_sets.
  1149. \param point Point to export to der.
  1150. \param out Destination for the output.
  1151. \param outLen Maxsize allowed for output, destination for
  1152. final size of output
  1153. _Example_
  1154. \code
  1155. int curve_idx;
  1156. ecc_point* point;
  1157. byte out[];
  1158. word32 outLen;
  1159. wc_ecc_export_point_der(curve_idx, point, out, &outLen);
  1160. \endcode
  1161. \sa wc_ecc_import_point_der
  1162. */
  1163. int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
  1164. byte* out, word32* outLen);
  1165. /*!
  1166. \ingroup ECC
  1167. \brief Import point from der format.
  1168. \return ECC_BAD_ARG_E Returns if any arguments are null or if
  1169. inLen is even.
  1170. \return MEMORY_E Returns if there is an error initializing
  1171. \return NOT_COMPILED_IN Returned if HAVE_COMP_KEY is not true
  1172. and in is a compressed cert
  1173. \return MP_OKAY Successful operation.
  1174. \param in der buffer to import point from.
  1175. \param inLen Length of der buffer.
  1176. \param curve_idx Index of curve.
  1177. \param point Destination for point.
  1178. _Example_
  1179. \code
  1180. byte in[];
  1181. word32 inLen;
  1182. int curve_idx;
  1183. ecc_point* point;
  1184. wc_ecc_import_point_der(in, inLen, curve_idx, point);
  1185. \endcode
  1186. \sa wc_ecc_export_point_der
  1187. */
  1188. int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
  1189. ecc_point* point);
  1190. /*!
  1191. \ingroup ECC
  1192. \brief This function returns the key size of an ecc_key
  1193. structure in octets.
  1194. \return Given a valid key, returns the key size in octets
  1195. \return 0 Returned if the given key is NULL
  1196. \param key pointer to an ecc_key structure for which to get the key size
  1197. _Example_
  1198. \code
  1199. int keySz;
  1200. ecc_key key;
  1201. // initialize key, make key
  1202. keySz = wc_ecc_size(&key);
  1203. if ( keySz == 0) {
  1204. // error determining key size
  1205. }
  1206. \endcode
  1207. \sa wc_ecc_make_key
  1208. */
  1209. int wc_ecc_size(ecc_key* key);
  1210. /*!
  1211. \ingroup ECC
  1212. \brief This function returns the worst case size for an ECC signature,
  1213. given by: (keySz * 2) + SIG_HEADER_SZ + ECC_MAX_PAD_SZ.
  1214. The actual signature size can be computed with wc_ecc_sign_hash.
  1215. \return returns the maximum signature
  1216. size, in octets
  1217. \param key size
  1218. _Example_
  1219. \code
  1220. int sigSz = wc_ecc_sig_size_calc(32);
  1221. if ( sigSz == 0) {
  1222. // error determining sig size
  1223. }
  1224. \endcode
  1225. \sa wc_ecc_sign_hash
  1226. \sa wc_ecc_sig_size
  1227. */
  1228. int wc_ecc_sig_size_calc(int sz);
  1229. /*!
  1230. \ingroup ECC
  1231. \brief This function returns the worst case size for an ECC signature,
  1232. given by: (keySz * 2) + SIG_HEADER_SZ + ECC_MAX_PAD_SZ.
  1233. The actual signature size can be computed with wc_ecc_sign_hash.
  1234. \return Success Given a valid key, returns the maximum signature
  1235. size, in octets
  1236. \return 0 Returned if the given key is NULL
  1237. \param key pointer to an ecc_key structure for which to get the
  1238. signature size
  1239. _Example_
  1240. \code
  1241. int sigSz;
  1242. ecc_key key;
  1243. // initialize key, make key
  1244. sigSz = wc_ecc_sig_size(&key);
  1245. if ( sigSz == 0) {
  1246. // error determining sig size
  1247. }
  1248. \endcode
  1249. \sa wc_ecc_sign_hash
  1250. \sa wc_ecc_sig_size_calc
  1251. */
  1252. int wc_ecc_sig_size(ecc_key* key);
  1253. /*!
  1254. \ingroup ECC
  1255. \brief This function allocates and initializes space for a new ECC
  1256. context object to allow secure message exchange with ECC.
  1257. \return Success On successfully generating a new ecEncCtx object,
  1258. returns a pointer to that object
  1259. \return NULL Returned if the function fails to generate a new
  1260. ecEncCtx object
  1261. \param flags indicate whether this is a server or client context
  1262. Options are: REQ_RESP_CLIENT, and REQ_RESP_SERVER
  1263. \param rng pointer to a RNG object with which to generate a salt
  1264. _Example_
  1265. \code
  1266. ecEncCtx* ctx;
  1267. WC_RNG rng;
  1268. wc_InitRng(&rng);
  1269. ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  1270. if(ctx == NULL) {
  1271. // error generating new ecEncCtx object
  1272. }
  1273. \endcode
  1274. \sa wc_ecc_encrypt
  1275. \sa wc_ecc_encrypt_ex
  1276. \sa wc_ecc_decrypt
  1277. */
  1278. ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
  1279. /*!
  1280. \ingroup ECC
  1281. \brief This function frees the ecEncCtx object used for encrypting
  1282. and decrypting messages.
  1283. \return none Returns.
  1284. \param ctx pointer to the ecEncCtx object to free
  1285. _Example_
  1286. \code
  1287. ecEncCtx* ctx;
  1288. WC_RNG rng;
  1289. wc_InitRng(&rng);
  1290. ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  1291. // do secure communication
  1292. ...
  1293. wc_ecc_ctx_free(&ctx);
  1294. \endcode
  1295. \sa wc_ecc_ctx_new
  1296. */
  1297. void wc_ecc_ctx_free(ecEncCtx*);
  1298. /*!
  1299. \ingroup ECC
  1300. \brief This function resets an ecEncCtx structure to avoid having
  1301. to free and allocate a new context object.
  1302. \return 0 Returned if the ecEncCtx structure is successfully reset
  1303. \return BAD_FUNC_ARG Returned if either rng or ctx is NULL
  1304. \return RNG_FAILURE_E Returned if there is an error generating a
  1305. new salt for the ECC object
  1306. \param ctx pointer to the ecEncCtx object to reset
  1307. \param rng pointer to an RNG object with which to generate a new salt
  1308. _Example_
  1309. \code
  1310. ecEncCtx* ctx;
  1311. WC_RNG rng;
  1312. wc_InitRng(&rng);
  1313. ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  1314. // do secure communication
  1315. ...
  1316. wc_ecc_ctx_reset(&ctx, &rng);
  1317. // do more secure communication
  1318. \endcode
  1319. \sa wc_ecc_ctx_new
  1320. */
  1321. int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng); /* reset for use again w/o alloc/free */
  1322. /*!
  1323. \ingroup ECC
  1324. \brief This function can optionally be called after
  1325. wc_ecc_ctx_new. It sets the encryption, KDF, and MAC algorithms
  1326. into an ecEncCtx object.
  1327. \return 0 Returned upon successfully setting the information
  1328. for the ecEncCtx object.
  1329. \return BAD_FUNC_ARG Returned if the given ecEncCtx object is
  1330. NULL.
  1331. \param ctx pointer to the ecEncCtx for which to set the info
  1332. \param encAlgo encryption algorithm to use.
  1333. \param kdfAlgo KDF algorithm to use.
  1334. \param macAlgo MAC algorithm to use.
  1335. _Example_
  1336. \code
  1337. ecEncCtx* ctx;
  1338. // initialize ctx
  1339. if(wc_ecc_ctx_set_algo(&ctx, ecAES_128_CTR, ecHKDF_SHA256, ecHMAC_SHA256))) {
  1340. // error setting info
  1341. }
  1342. \endcode
  1343. \sa wc_ecc_ctx_new
  1344. */
  1345. int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
  1346. byte macAlgo);
  1347. /*!
  1348. \ingroup ECC
  1349. \brief This function returns the salt of an ecEncCtx object. This
  1350. function should only be called when the ecEncCtx's state is
  1351. ecSRV_INIT or ecCLI_INIT.
  1352. \return Success On success, returns the ecEncCtx salt
  1353. \return NULL Returned if the ecEncCtx object is NULL, or the ecEncCtx's
  1354. state is not ecSRV_INIT or ecCLI_INIT. In the latter two cases, this
  1355. function also sets the ecEncCtx's state to ecSRV_BAD_STATE or
  1356. ecCLI_BAD_STATE, respectively
  1357. \param ctx pointer to the ecEncCtx object from which to get the salt
  1358. _Example_
  1359. \code
  1360. ecEncCtx* ctx;
  1361. WC_RNG rng;
  1362. const byte* salt;
  1363. wc_InitRng(&rng);
  1364. ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  1365. salt = wc_ecc_ctx_get_own_salt(&ctx);
  1366. if(salt == NULL) {
  1367. // error getting salt
  1368. }
  1369. \endcode
  1370. \sa wc_ecc_ctx_new
  1371. \sa wc_ecc_ctx_set_peer_salt
  1372. \sa wc_ecc_ctx_set_kdf_salt
  1373. */
  1374. const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
  1375. /*!
  1376. \ingroup ECC
  1377. \brief This function sets the peer salt of an ecEncCtx object.
  1378. \return 0 Returned upon successfully setting the peer salt for the
  1379. ecEncCtx object.
  1380. \return BAD_FUNC_ARG Returned if the given ecEncCtx object is NULL
  1381. or has an invalid protocol, or if the given salt is NULL
  1382. \return BAD_ENC_STATE_E Returned if the ecEncCtx's state is
  1383. ecSRV_SALT_GET or ecCLI_SALT_GET. In the latter two cases, this
  1384. function also sets the ecEncCtx's state to ecSRV_BAD_STATE or
  1385. ecCLI_BAD_STATE, respectively
  1386. \param ctx pointer to the ecEncCtx for which to set the salt
  1387. \param salt pointer to the peer's salt
  1388. _Example_
  1389. \code
  1390. ecEncCtx* cliCtx, srvCtx;
  1391. WC_RNG rng;
  1392. const byte* cliSalt, srvSalt;
  1393. int ret;
  1394. wc_InitRng(&rng);
  1395. cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  1396. srvCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
  1397. cliSalt = wc_ecc_ctx_get_own_salt(&cliCtx);
  1398. srvSalt = wc_ecc_ctx_get_own_salt(&srvCtx);
  1399. ret = wc_ecc_ctx_set_peer_salt(&cliCtx, srvSalt);
  1400. \endcode
  1401. \sa wc_ecc_ctx_get_own_salt
  1402. \sa wc_ecc_ctx_set_kdf_salt
  1403. */
  1404. int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
  1405. /*!
  1406. \ingroup ECC
  1407. \brief This function sets the salt pointer and length to use with KDF
  1408. into the ecEncCtx object.
  1409. \return 0 Returned upon successfully setting the salt for the
  1410. ecEncCtx object.
  1411. \return BAD_FUNC_ARG Returned if the given ecEncCtx object is NULL
  1412. or if the given salt is NULL and length is not NULL.
  1413. \param ctx pointer to the ecEncCtx for which to set the salt
  1414. \param salt pointer to salt buffer
  1415. \param sz length salt in bytes
  1416. _Example_
  1417. \code
  1418. ecEncCtx* srvCtx;
  1419. WC_RNG rng;
  1420. byte cliSalt[] = { fixed salt data };
  1421. word32 cliSaltLen = (word32)sizeof(cliSalt);
  1422. int ret;
  1423. wc_InitRng(&rng);
  1424. cliCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
  1425. ret = wc_ecc_ctx_set_kdf_salt(&cliCtx, cliSalt, cliSaltLen);
  1426. \endcode
  1427. \sa wc_ecc_ctx_get_own_salt
  1428. \sa wc_ecc_ctx_get_peer_salt
  1429. */
  1430. int wc_ecc_ctx_set_kdf_salt(ecEncCtx* ctx, const byte* salt, word32 sz);
  1431. /*!
  1432. \ingroup ECC
  1433. \brief This function can optionally be called before or after
  1434. wc_ecc_ctx_set_peer_salt. It sets optional information for
  1435. an ecEncCtx object.
  1436. \return 0 Returned upon successfully setting the information
  1437. for the ecEncCtx object.
  1438. \return BAD_FUNC_ARG Returned if the given ecEncCtx object is
  1439. NULL, the input info is NULL or it's size is invalid
  1440. \param ctx pointer to the ecEncCtx for which to set the info
  1441. \param info pointer to a buffer containing the info to set
  1442. \param sz size of the info buffer
  1443. _Example_
  1444. \code
  1445. ecEncCtx* ctx;
  1446. byte info[] = { initialize with information };
  1447. // initialize ctx, get salt,
  1448. if(wc_ecc_ctx_set_info(&ctx, info, sizeof(info))) {
  1449. // error setting info
  1450. }
  1451. \endcode
  1452. \sa wc_ecc_ctx_new
  1453. */
  1454. int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz);
  1455. /*!
  1456. \ingroup ECC
  1457. \brief This function encrypts the given input message from msg
  1458. to out. This function takes an optional ctx object as parameter.
  1459. When supplied, encryption proceeds based on the ecEncCtx's
  1460. encAlgo, kdfAlgo, and macAlgo. If ctx is not supplied, processing
  1461. completes with the default algorithms, ecAES_128_CBC,
  1462. ecHKDF_SHA256 and ecHMAC_SHA256. This function requires that
  1463. the messages are padded according to the encryption type specified by ctx.
  1464. \return 0 Returned upon successfully encrypting the input message
  1465. \return BAD_FUNC_ARG Returned if privKey, pubKey, msg, msgSz, out,
  1466. or outSz are NULL, or the ctx object specifies an unsupported
  1467. encryption type
  1468. \return BAD_ENC_STATE_E Returned if the ctx object given is in a
  1469. state that is not appropriate for encryption
  1470. \return BUFFER_E Returned if the supplied output buffer is too
  1471. small to store the encrypted ciphertext
  1472. \return MEMORY_E Returned if there is an error allocating memory
  1473. for the shared secret key
  1474. \param privKey pointer to the ecc_key object containing the
  1475. private key to use for encryption
  1476. \param pubKey pointer to the ecc_key object containing the public
  1477. key of the peer with whom one wishes to communicate
  1478. \param msg pointer to the buffer holding the message to encrypt
  1479. \param msgSz size of the buffer to encrypt
  1480. \param out pointer to the buffer in which to store the encrypted
  1481. ciphertext
  1482. \param outSz pointer to a word32 object containing the available
  1483. size in the out buffer. Upon successfully encrypting the message,
  1484. holds the number of bytes written to the output buffer
  1485. \param ctx Optional: pointer to an ecEncCtx object specifying different
  1486. encryption algorithms to use
  1487. _Example_
  1488. \code
  1489. byte msg[] = { initialize with msg to encrypt. Ensure padded to block size };
  1490. byte out[sizeof(msg)];
  1491. word32 outSz = sizeof(out);
  1492. int ret;
  1493. ecc_key cli, serv;
  1494. // initialize cli with private key
  1495. // initialize serv with received public key
  1496. ecEncCtx* cliCtx, servCtx;
  1497. // initialize cliCtx and servCtx
  1498. // exchange salts
  1499. ret = wc_ecc_encrypt(&cli, &serv, msg, sizeof(msg), out, &outSz, cliCtx);
  1500. if(ret != 0) {
  1501. // error encrypting message
  1502. }
  1503. \endcode
  1504. \sa wc_ecc_encrypt_ex
  1505. \sa wc_ecc_decrypt
  1506. */
  1507. int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
  1508. word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
  1509. /*!
  1510. \ingroup ECC
  1511. \brief This function encrypts the given input message from msg
  1512. to out. This function takes an optional ctx object as parameter.
  1513. When supplied, encryption proceeds based on the ecEncCtx's
  1514. encAlgo, kdfAlgo, and macAlgo. If ctx is not supplied, processing
  1515. completes with the default algorithms, ecAES_128_CBC,
  1516. ecHKDF_SHA256 and ecHMAC_SHA256. This function requires that
  1517. the messages are padded according to the encryption type specified by ctx.
  1518. \return 0 Returned upon successfully encrypting the input message
  1519. \return BAD_FUNC_ARG Returned if privKey, pubKey, msg, msgSz, out,
  1520. or outSz are NULL, or the ctx object specifies an unsupported
  1521. encryption type
  1522. \return BAD_ENC_STATE_E Returned if the ctx object given is in a
  1523. state that is not appropriate for encryption
  1524. \return BUFFER_E Returned if the supplied output buffer is too
  1525. small to store the encrypted ciphertext
  1526. \return MEMORY_E Returned if there is an error allocating memory
  1527. for the shared secret key
  1528. \param privKey pointer to the ecc_key object containing the
  1529. private key to use for encryption
  1530. \param pubKey pointer to the ecc_key object containing the public
  1531. key of the peer with whom one wishes to communicate
  1532. \param msg pointer to the buffer holding the message to encrypt
  1533. \param msgSz size of the buffer to encrypt
  1534. \param out pointer to the buffer in which to store the encrypted
  1535. ciphertext
  1536. \param outSz pointer to a word32 object containing the available
  1537. size in the out buffer. Upon successfully encrypting the message,
  1538. holds the number of bytes written to the output buffer
  1539. \param ctx Optional: pointer to an ecEncCtx object specifying different
  1540. encryption algorithms to use
  1541. \param compressed Public key field is to be output in compressed format.
  1542. _Example_
  1543. \code
  1544. byte msg[] = { initialize with msg to encrypt. Ensure padded to block size };
  1545. byte out[sizeof(msg)];
  1546. word32 outSz = sizeof(out);
  1547. int ret;
  1548. ecc_key cli, serv;
  1549. // initialize cli with private key
  1550. // initialize serv with received public key
  1551. ecEncCtx* cliCtx, servCtx;
  1552. // initialize cliCtx and servCtx
  1553. // exchange salts
  1554. ret = wc_ecc_encrypt_ex(&cli, &serv, msg, sizeof(msg), out, &outSz, cliCtx,
  1555. 1);
  1556. if(ret != 0) {
  1557. // error encrypting message
  1558. }
  1559. \endcode
  1560. \sa wc_ecc_encrypt
  1561. \sa wc_ecc_decrypt
  1562. */
  1563. int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
  1564. word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed);
  1565. /*!
  1566. \ingroup ECC
  1567. \brief This function decrypts the ciphertext from msg to out. This
  1568. function takes an optional ctx object as parameter. When supplied,
  1569. encryption proceeds based on the ecEncCtx's encAlgo, kdfAlgo, and
  1570. macAlgo. If ctx is not supplied, processing completes with the
  1571. default algorithms, ecAES_128_CBC, ecHKDF_SHA256 and ecHMAC_SHA256.
  1572. This function requires that the messages are padded according to
  1573. the encryption type specified by ctx.
  1574. \return 0 Returned upon successfully decrypting the input message
  1575. \return BAD_FUNC_ARG Returned if privKey, pubKey, msg, msgSz, out,
  1576. or outSz are NULL, or the ctx object specifies an unsupported
  1577. encryption type
  1578. \return BAD_ENC_STATE_E Returned if the ctx object given is in
  1579. a state that is not appropriate for decryption
  1580. \return BUFFER_E Returned if the supplied output buffer is too
  1581. small to store the decrypted plaintext
  1582. \return MEMORY_E Returned if there is an error allocating memory
  1583. for the shared secret key
  1584. \param privKey pointer to the ecc_key object containing the private
  1585. key to use for decryption
  1586. \param pubKey pointer to the ecc_key object containing the public
  1587. key of the peer with whom one wishes to communicate
  1588. \param msg pointer to the buffer holding the ciphertext to decrypt
  1589. \param msgSz size of the buffer to decrypt
  1590. \param out pointer to the buffer in which to store the decrypted plaintext
  1591. \param outSz pointer to a word32 object containing the available
  1592. size in the out buffer. Upon successfully decrypting the
  1593. ciphertext, holds the number of bytes written to the output buffer
  1594. \param ctx Optional: pointer to an ecEncCtx object specifying
  1595. different decryption algorithms to use
  1596. _Example_
  1597. \code
  1598. byte cipher[] = { initialize with
  1599. ciphertext to decrypt. Ensure padded to block size };
  1600. byte plain[sizeof(cipher)];
  1601. word32 plainSz = sizeof(plain);
  1602. int ret;
  1603. ecc_key cli, serv;
  1604. // initialize cli with private key
  1605. // initialize serv with received public key
  1606. ecEncCtx* cliCtx, servCtx;
  1607. // initialize cliCtx and servCtx
  1608. // exchange salts
  1609. ret = wc_ecc_decrypt(&cli, &serv, cipher, sizeof(cipher),
  1610. plain, &plainSz, cliCtx);
  1611. if(ret != 0) {
  1612. // error decrypting message
  1613. }
  1614. \endcode
  1615. \sa wc_ecc_encrypt
  1616. \sa wc_ecc_encrypt_ex
  1617. */
  1618. int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
  1619. word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
  1620. /*!
  1621. \ingroup ECC
  1622. \brief Enable ECC support for non-blocking operations. Supported for
  1623. Single Precision (SP) math with the following build options:
  1624. WOLFSSL_SP_NONBLOCK
  1625. WOLFSSL_SP_SMALL
  1626. WOLFSSL_SP_NO_MALLOC
  1627. WC_ECC_NONBLOCK
  1628. \return 0 Returned upon successfully setting the callback context the input message
  1629. \param key pointer to the ecc_key object
  1630. \param ctx pointer to ecc_nb_ctx_t structure with stack data cache for SP
  1631. _Example_
  1632. \code
  1633. int ret;
  1634. ecc_key ecc;
  1635. ecc_nb_ctx_t nb_ctx;
  1636. ret = wc_ecc_init(&ecc);
  1637. if (ret == 0) {
  1638. ret = wc_ecc_set_nonblock(&ecc, &nb_ctx);
  1639. if (ret == 0) {
  1640. do {
  1641. ret = wc_ecc_verify_hash_ex(
  1642. &r, &s, // r/s as mp_int
  1643. hash, hashSz, // computed hash digest
  1644. &verify_res, // verification result 1=success
  1645. &key
  1646. );
  1647. // TODO: Real-time work can be called here
  1648. } while (ret == FP_WOULDBLOCK);
  1649. }
  1650. wc_ecc_free(&key);
  1651. }
  1652. \endcode
  1653. */
  1654. int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
  1655. /*!
  1656. \ingroup ECC
  1657. \brief Compare a curve which has larger key than specified size or the curve matched curve ID,
  1658. set a curve with smaller key size to the key.
  1659. \return 0 Returned upon successfully setting the key
  1660. \param keysize Key size in bytes
  1661. \param curve_id Curve ID
  1662. _Example_
  1663. \code int ret;
  1664. ecc_key ecc;
  1665. ret = wc_ecc_init(&ecc);
  1666. if (ret != 0)
  1667. return ret;
  1668. ret = wc_ecc_set_curve(&ecc, 32, ECC_SECP256R1));
  1669. if (ret != 0)
  1670. return ret;
  1671. \endcode
  1672. */
  1673. int wc_ecc_set_curve(ecc_key *key, int keysize, int curve_id);