2
0

ed25519.h 36 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087
  1. /*!
  2. \ingroup ED25519
  3. \brief This function generates the Ed25519 public key from the private key,
  4. stored in the ed25519_key object. It stores the public key in the buffer
  5. pubKey.
  6. \return 0 Returned upon successfully making the public key.
  7. \return BAD_FUNC_ARG Returned if key or pubKey evaluate to NULL, or if the
  8. specified key size is not 32 bytes (Ed25519 has 32 byte keys).
  9. \return ECC_PRIV_KEY_E returned if the ed25519_key object does not have
  10. the private key in it.
  11. \return MEMORY_E Returned if there is an error allocating memory
  12. during function execution.
  13. \param [in] key Pointer to the ed25519_key for which to generate a key.
  14. \param [out] pubKey Pointer to the buffer in which to store the public key.
  15. \param [in] pubKeySz Size of the public key. Should be ED25519_PUB_KEY_SIZE.
  16. _Example_
  17. \code
  18. int ret;
  19. ed25519_key key;
  20. byte priv[] = { initialize with 32 byte private key };
  21. byte pub[32];
  22. word32 pubSz = sizeof(pub);
  23. wc_ed25519_init(&key);
  24. wc_ed25519_import_private_only(priv, sizeof(priv), &key);
  25. ret = wc_ed25519_make_public(&key, pub, &pubSz);
  26. if (ret != 0) {
  27. // error making public key
  28. }
  29. \endcode
  30. \sa wc_ed25519_init
  31. \sa wc_ed25519_import_private_only
  32. \sa wc_ed25519_make_key
  33. */
  34. int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
  35. word32 pubKeySz);
  36. /*!
  37. \ingroup ED25519
  38. \brief This function generates a new Ed25519 key and stores it in key.
  39. \return 0 Returned upon successfully making an ed25519_key.
  40. \return BAD_FUNC_ARG Returned if rng or key evaluate to NULL, or if the
  41. specified key size is not 32 bytes (Ed25519 has 32 byte keys).
  42. \return MEMORY_E Returned if there is an error allocating memory
  43. during function execution.
  44. \param [in] rng Pointer to an initialized RNG object with which to
  45. generate the key.
  46. \param [in] keysize Length of key to generate. Should always be 32 for
  47. Ed25519.
  48. \param [in,out] key Pointer to the ed25519_key for which to generate a key.
  49. _Example_
  50. \code
  51. int ret;
  52. WC_RNG rng;
  53. ed25519_key key;
  54. wc_InitRng(&rng);
  55. wc_ed25519_init(&key);
  56. wc_ed25519_make_key(&rng, 32, &key);
  57. if (ret != 0) {
  58. // error making key
  59. }
  60. \endcode
  61. \sa wc_ed25519_init
  62. */
  63. int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
  64. /*!
  65. \ingroup ED25519
  66. \brief This function signs a message using an ed25519_key object
  67. to guarantee authenticity.
  68. \return 0 Returned upon successfully generating a signature for the
  69. message.
  70. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  71. NULL, or if the output buffer is too small to store the generated signature.
  72. \return MEMORY_E Returned if there is an error allocating memory during
  73. function execution.
  74. \param [in] in Pointer to the buffer containing the message to sign.
  75. \param [in] inlen Length of the message to sign.
  76. \param [out] out Buffer in which to store the generated signature.
  77. \param [in,out] outlen Maximum length of the output buffer. Will store the
  78. bytes written to out upon successfully generating a message signature.
  79. \param [in] key Pointer to a private ed25519_key with which to generate the
  80. signature.
  81. _Example_
  82. \code
  83. ed25519_key key;
  84. WC_RNG rng;
  85. int ret, sigSz;
  86. byte sig[64]; // will hold generated signature
  87. sigSz = sizeof(sig);
  88. byte message[] = { initialize with message };
  89. wc_InitRng(&rng); // initialize rng
  90. wc_ed25519_init(&key); // initialize key
  91. wc_ed25519_make_key(&rng, 32, &key); // make public/private key pair
  92. ret = wc_ed25519_sign_msg(message, sizeof(message), sig, &sigSz, &key);
  93. if (ret != 0) {
  94. // error generating message signature
  95. }
  96. \endcode
  97. \sa wc_ed25519ctx_sign_msg
  98. \sa wc_ed25519ph_sign_hash
  99. \sa wc_ed25519ph_sign_msg
  100. \sa wc_ed25519_verify_msg
  101. */
  102. int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
  103. word32 *outlen, ed25519_key* key);
  104. /*!
  105. \ingroup ED25519
  106. \brief This function signs a message using an ed25519_key object
  107. to guarantee authenticity. The context is part of the data signed.
  108. \return 0 Returned upon successfully generating a signature for the
  109. message.
  110. \return BAD_FUNC_ARG Returned any of the input parameters evaluate to
  111. NULL, or if the output buffer is too small to store the generated signature.
  112. \return MEMORY_E Returned if there is an error allocating memory during
  113. function execution.
  114. \param [in] in Pointer to the buffer containing the message to sign.
  115. \param [in] inlen Length of the message to sign.
  116. \param [out] out Buffer in which to store the generated signature.
  117. \param [in,out] outlen Maximum length of the output buffer. Will store the
  118. bytes written to out upon successfully generating a message signature.
  119. \param [in] key Pointer to a private ed25519_key with which to generate the
  120. signature.
  121. \param [in] context Pointer to the buffer containing the context for which
  122. message is being signed.
  123. \param [in] contextLen Length of the context buffer.
  124. _Example_
  125. \code
  126. ed25519_key key;
  127. WC_RNG rng;
  128. int ret, sigSz;
  129. byte sig[64]; // will hold generated signature
  130. sigSz = sizeof(sig);
  131. byte message[] = { initialize with message };
  132. byte context[] = { initialize with context of signing };
  133. wc_InitRng(&rng); // initialize rng
  134. wc_ed25519_init(&key); // initialize key
  135. wc_ed25519_make_key(&rng, 32, &key); // make public/private key pair
  136. ret = wc_ed25519ctx_sign_msg(message, sizeof(message), sig, &sigSz, &key,
  137. context, sizeof(context));
  138. if (ret != 0) {
  139. // error generating message signature
  140. }
  141. \endcode
  142. \sa wc_ed25519_sign_msg
  143. \sa wc_ed25519ph_sign_hash
  144. \sa wc_ed25519ph_sign_msg
  145. \sa wc_ed25519_verify_msg
  146. */
  147. int wc_ed25519ctx_sign_msg(const byte* in, word32 inlen, byte* out,
  148. word32 *outlen, ed25519_key* key,
  149. const byte* context, byte contextLen);
  150. /*!
  151. \ingroup ED25519
  152. \brief This function signs a message digest using an ed25519_key object
  153. to guarantee authenticity. The context is included as part of the data
  154. signed. The message is pre-hashed before signature calculation.
  155. \return 0 Returned upon successfully generating a signature for the
  156. message digest.
  157. \return BAD_FUNC_ARG Returned any of the input parameters evaluate to
  158. NULL, or if the output buffer is too small to store the generated signature.
  159. \return MEMORY_E Returned if there is an error allocating memory during
  160. function execution.
  161. \param [in] hash Pointer to the buffer containing the hash of the message
  162. to sign.
  163. \param [in] hashLen Length of the hash of the message to sign.
  164. \param [out] out Buffer in which to store the generated signature.
  165. \param [in,out] outlen Maximum length of the output buffer. Will store the
  166. bytes written to out upon successfully generating a message signature.
  167. \param [in] key Pointer to a private ed25519_key with which to generate the
  168. signature.
  169. \param [in] context Pointer to the buffer containing the context for which
  170. message is being signed.
  171. \param [in] contextLen Length of the context buffer.
  172. _Example_
  173. \code
  174. ed25519_key key;
  175. WC_RNG rng;
  176. int ret, sigSz;
  177. byte sig[64]; // will hold generated signature
  178. sigSz = sizeof(sig);
  179. byte hash[] = { initialize with SHA-512 hash of message };
  180. byte context[] = { initialize with context of signing };
  181. wc_InitRng(&rng); // initialize rng
  182. wc_ed25519_init(&key); // initialize key
  183. wc_ed25519_make_key(&rng, 32, &key); // make public/private key pair
  184. ret = wc_ed25519ph_sign_hash(hash, sizeof(hash), sig, &sigSz, &key,
  185. context, sizeof(context));
  186. if (ret != 0) {
  187. // error generating message signature
  188. }
  189. \endcode
  190. \sa wc_ed25519_sign_msg
  191. \sa wc_ed25519ctx_sign_msg
  192. \sa wc_ed25519ph_sign_msg
  193. \sa wc_ed25519_verify_msg
  194. */
  195. int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
  196. word32 *outLen, ed25519_key* key,
  197. const byte* context, byte contextLen);
  198. /*!
  199. \ingroup ED25519
  200. \brief This function signs a message using an ed25519_key object
  201. to guarantee authenticity. The context is included as part of the data
  202. signed. The message is pre-hashed before signature calculation.
  203. \return 0 Returned upon successfully generating a signature for the
  204. message.
  205. \return BAD_FUNC_ARG Returned any of the input parameters evaluate to
  206. NULL, or if the output buffer is too small to store the generated signature.
  207. \return MEMORY_E Returned if there is an error allocating memory during
  208. function execution.
  209. \param [in] in Pointer to the buffer containing the message to sign.
  210. \param [in] inlen Length of the message to sign.
  211. \param [out] out Buffer in which to store the generated signature.
  212. \param [in,out] outlen Maximum length of the output buffer. Will store the
  213. bytes written to out upon successfully generating a message signature.
  214. \param [in] key Pointer to a private ed25519_key with which to generate the
  215. signature.
  216. \param [in] context Pointer to the buffer containing the context for which
  217. message is being signed.
  218. \param [in] contextLen Length of the context buffer.
  219. _Example_
  220. \code
  221. ed25519_key key;
  222. WC_RNG rng;
  223. int ret, sigSz;
  224. byte sig[64]; // will hold generated signature
  225. sigSz = sizeof(sig);
  226. byte message[] = { initialize with message };
  227. byte context[] = { initialize with context of signing };
  228. wc_InitRng(&rng); // initialize rng
  229. wc_ed25519_init(&key); // initialize key
  230. wc_ed25519_make_key(&rng, 32, &key); // make public/private key pair
  231. ret = wc_ed25519ph_sign_msg(message, sizeof(message), sig, &sigSz, &key,
  232. context, sizeof(context));
  233. if (ret != 0) {
  234. // error generating message signature
  235. }
  236. \endcode
  237. \sa wc_ed25519_sign_msg
  238. \sa wc_ed25519ctx_sign_msg
  239. \sa wc_ed25519ph_sign_hash
  240. \sa wc_ed25519_verify_msg
  241. */
  242. int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
  243. word32 *outlen, ed25519_key* key,
  244. const byte* context, byte contextLen);
  245. /*!
  246. \ingroup ED25519
  247. \brief This function verifies the Ed25519 signature of a message to ensure
  248. authenticity. It returns the answer through ret, with 1 corresponding to
  249. a valid signature, and 0 corresponding to an invalid signature.
  250. \return 0 Returned upon successfully performing the signature
  251. verification and authentication.
  252. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  253. NULL, or if the siglen does not match the actual length of a signature.
  254. \return SIG_VERIFY_E Returned if verification completes, but the signature
  255. generated does not match the signature provided.
  256. \param [in] sig Pointer to the buffer containing the signature to verify.
  257. \param [in] siglen Length of the signature to verify.
  258. \param [in] msg Pointer to the buffer containing the message to verify.
  259. \param [in] msgLen Length of the message to verify.
  260. \param [out] ret Pointer to the result of the verification. 1 indicates the
  261. message was successfully verified.
  262. \param [in] key Pointer to a public Ed25519 key with which to verify the
  263. signature.
  264. _Example_
  265. \code
  266. ed25519_key key;
  267. int ret, verified = 0;
  268. byte sig[] { initialize with received signature };
  269. byte msg[] = { initialize with message };
  270. // initialize key with received public key
  271. ret = wc_ed25519_verify_msg(sig, sizeof(sig), msg, sizeof(msg), &verified,
  272. &key);
  273. if (ret < 0) {
  274. // error performing verification
  275. } else if (verified == 0)
  276. // the signature is invalid
  277. }
  278. \endcode
  279. \sa wc_ed25519ctx_verify_msg
  280. \sa wc_ed25519ph_verify_hash
  281. \sa wc_ed25519ph_verify_msg
  282. \sa wc_ed25519_sign_msg
  283. */
  284. int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
  285. word32 msgLen, int* ret, ed25519_key* key);
  286. /*!
  287. \ingroup ED25519
  288. \brief This function verifies the Ed25519 signature of a message to ensure
  289. authenticity. The context is included as part of the data
  290. verified. It returns the answer through ret, with 1 corresponding to
  291. a valid signature, and 0 corresponding to an invalid signature.
  292. \return 0 Returned upon successfully performing the signature
  293. verification and authentication.
  294. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  295. NULL, or if the siglen does not match the actual length of a signature.
  296. \return SIG_VERIFY_E Returned if verification completes, but the signature
  297. generated does not match the signature provided.
  298. \param [in] sig Pointer to the buffer containing the signature to verify.
  299. \param [in] siglen Length of the signature to verify.
  300. \param [in] msg Pointer to the buffer containing the message to verify.
  301. \param [in] msgLen Length of the message to verify.
  302. \param [out] ret Pointer to the result of the verification. 1 indicates the
  303. message was successfully verified.
  304. \param [in] key Pointer to a public Ed25519 key with which to verify the
  305. signature.
  306. \param [in] context Pointer to the buffer containing the context for which
  307. the message was signed.
  308. \param [in] contextLen Length of the context buffer.
  309. _Example_
  310. \code
  311. ed25519_key key;
  312. int ret, verified = 0;
  313. byte sig[] { initialize with received signature };
  314. byte msg[] = { initialize with message };
  315. byte context[] = { initialize with context of signature };
  316. // initialize key with received public key
  317. ret = wc_ed25519ctx_verify_msg(sig, sizeof(sig), msg, sizeof(msg),
  318. &verified, &key, );
  319. if (ret < 0) {
  320. // error performing verification
  321. } else if (verified == 0)
  322. // the signature is invalid
  323. }
  324. \endcode
  325. \sa wc_ed25519_verify_msg
  326. \sa wc_ed25519ph_verify_hash
  327. \sa wc_ed25519ph_verify_msg
  328. \sa wc_ed25519_sign_msg
  329. */
  330. int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
  331. word32 msgLen, int* ret, ed25519_key* key,
  332. const byte* context, byte contextLen);
  333. /*!
  334. \ingroup ED25519
  335. \brief This function verifies the Ed25519 signature of the digest of a
  336. message to ensure authenticity. The context is included as part of the data
  337. verified. The hash is the pre-hashed message before signature calculation.
  338. The hash algorithm used to create message digest must be SHA-512.
  339. The answer is returned through ret, with 1 corresponding to a valid
  340. signature, and 0 corresponding to an invalid signature.
  341. \return 0 Returned upon successfully performing the signature
  342. verification and authentication.
  343. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  344. NULL, or if the siglen does not match the actual length of a signature.
  345. \return SIG_VERIFY_E Returned if verification completes, but the signature
  346. generated does not match the signature provided.
  347. \param [in] sig Pointer to the buffer containing the signature to verify.
  348. \param [in] siglen Length of the signature to verify.
  349. \param [in] hash Pointer to the buffer containing the hash of the message
  350. to verify.
  351. \param [in] hashLen Length of the hash to verify.
  352. \param [out] ret Pointer to the result of the verification. 1 indicates the
  353. message was successfully verified.
  354. \param [in] key Pointer to a public Ed25519 key with which to verify the
  355. signature.
  356. \param [in] context Pointer to the buffer containing the context for which
  357. the message was signed.
  358. \param [in] contextLen Length of the context buffer.
  359. _Example_
  360. \code
  361. ed25519_key key;
  362. int ret, verified = 0;
  363. byte sig[] { initialize with received signature };
  364. byte hash[] = { initialize with SHA-512 hash of message };
  365. byte context[] = { initialize with context of signature };
  366. // initialize key with received public key
  367. ret = wc_ed25519ph_verify_hash(sig, sizeof(sig), msg, sizeof(msg),
  368. &verified, &key, );
  369. if (ret < 0) {
  370. // error performing verification
  371. } else if (verified == 0)
  372. // the signature is invalid
  373. }
  374. \endcode
  375. \sa wc_ed25519_verify_msg
  376. \sa wc_ed25519ctx_verify_msg
  377. \sa wc_ed25519ph_verify_msg
  378. \sa wc_ed25519_sign_msg
  379. */
  380. int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
  381. word32 hashLen, int* ret, ed25519_key* key,
  382. const byte* context, byte contextLen);
  383. /*!
  384. \ingroup ED25519
  385. \brief This function verifies the Ed25519 signature of a message to ensure
  386. authenticity. The context is included as part of the data
  387. verified. The message is pre-hashed before verification. It returns the
  388. answer through ret, with 1 corresponding to a valid signature, and 0
  389. corresponding to an invalid signature.
  390. \return 0 Returned upon successfully performing the signature
  391. verification and authentication.
  392. \return BAD_FUNC_ARG Returned if any of the input parameters evaluate to
  393. NULL, or if the siglen does not match the actual length of a signature.
  394. \return SIG_VERIFY_E Returned if verification completes, but the signature
  395. generated does not match the signature provided.
  396. \param [in] sig Pointer to the buffer containing the signature to verify.
  397. \param [in] siglen Length of the signature to verify.
  398. \param [in] msg Pointer to the buffer containing the message to verify.
  399. \param [in] msgLen Length of the message to verify.
  400. \param [out] ret Pointer to the result of the verification. 1 indicates the
  401. message was successfully verified.
  402. \param [in] key Pointer to a public Ed25519 key with which to verify the
  403. signature.
  404. \param [in] context Pointer to the buffer containing the context for which
  405. the message was signed.
  406. \param [in] contextLen Length of the context buffer.
  407. _Example_
  408. \code
  409. ed25519_key key;
  410. int ret, verified = 0;
  411. byte sig[] { initialize with received signature };
  412. byte msg[] = { initialize with message };
  413. byte context[] = { initialize with context of signature };
  414. // initialize key with received public key
  415. ret = wc_ed25519ctx_verify_msg(sig, sizeof(sig), msg, sizeof(msg),
  416. &verified, &key, );
  417. if (ret < 0) {
  418. // error performing verification
  419. } else if (verified == 0)
  420. // the signature is invalid
  421. }
  422. \endcode
  423. \sa wc_ed25519_verify_msg
  424. \sa wc_ed25519ph_verify_hash
  425. \sa wc_ed25519ph_verify_msg
  426. \sa wc_ed25519_sign_msg
  427. */
  428. int wc_ed25519ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
  429. word32 msgLen, int* ret, ed25519_key* key,
  430. const byte* context, byte contextLen);
  431. /*!
  432. \ingroup ED25519
  433. \brief This function initializes an ed25519_key object for future use
  434. with message verification.
  435. \return 0 Returned upon successfully initializing the ed25519_key object.
  436. \return BAD_FUNC_ARG Returned if key is NULL.
  437. \param [in,out] key Pointer to the ed25519_key object to initialize.
  438. _Example_
  439. \code
  440. ed25519_key key;
  441. wc_ed25519_init(&key);
  442. \endcode
  443. \sa wc_ed25519_make_key
  444. \sa wc_ed25519_free
  445. */
  446. int wc_ed25519_init(ed25519_key* key);
  447. /*!
  448. \ingroup ED25519
  449. \brief This function frees an Ed25519 object after it has been used.
  450. \param [in,out] key Pointer to the ed25519_key object to free
  451. _Example_
  452. \code
  453. ed25519_key key;
  454. // initialize key and perform secure exchanges
  455. ...
  456. wc_ed25519_free(&key);
  457. \endcode
  458. \sa wc_ed25519_init
  459. */
  460. void wc_ed25519_free(ed25519_key* key);
  461. /*!
  462. \ingroup ED25519
  463. \brief This function imports a public ed25519_key from a buffer
  464. containing the public key. This function will handle both compressed and
  465. uncompressed keys. The public key is checked that it matches the private
  466. key when one is present.
  467. \return 0 Returned on successfully importing the ed25519_key.
  468. \return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or inLen is
  469. less than the size of an Ed25519 key.
  470. \param [in] in Pointer to the buffer containing the public key.
  471. \param [in] inLen Length of the buffer containing the public key.
  472. \param [in,out] key Pointer to the ed25519_key object in which to store the
  473. public key.
  474. _Example_
  475. \code
  476. int ret;
  477. byte pub[] = { initialize Ed25519 public key };
  478. ed_25519 key;
  479. wc_ed25519_init_key(&key);
  480. ret = wc_ed25519_import_public(pub, sizeof(pub), &key);
  481. if (ret != 0) {
  482. // error importing key
  483. }
  484. \endcode
  485. \sa wc_ed25519_import_public_ex
  486. \sa wc_ed25519_import_private_key
  487. \sa wc_ed25519_import_private_key_ex
  488. \sa wc_ed25519_export_public
  489. */
  490. int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
  491. /*!
  492. \ingroup ED25519
  493. \brief This function imports a public ed25519_key from a buffer
  494. containing the public key. This function will handle both compressed and
  495. uncompressed keys. Check public key matches private key, when present,
  496. when not trusted.
  497. \return 0 Returned on successfully importing the ed25519_key.
  498. \return BAD_FUNC_ARG Returned if in or key evaluate to NULL, or inLen is
  499. less than the size of an Ed25519 key.
  500. \param [in] in Pointer to the buffer containing the public key.
  501. \param [in] inLen Length of the buffer containing the public key.
  502. \param [in,out] key Pointer to the ed25519_key object in which to store the
  503. public key.
  504. \param [in] trusted Public key data is trusted or not.
  505. _Example_
  506. \code
  507. int ret;
  508. byte pub[] = { initialize Ed25519 public key };
  509. ed_25519 key;
  510. wc_ed25519_init_key(&key);
  511. ret = wc_ed25519_import_public_ex(pub, sizeof(pub), &key, 1);
  512. if (ret != 0) {
  513. // error importing key
  514. }
  515. \endcode
  516. \sa wc_ed25519_import_public
  517. \sa wc_ed25519_import_private_key
  518. \sa wc_ed25519_import_private_key_ex
  519. \sa wc_ed25519_export_public
  520. */
  521. int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
  522. int trusted);
  523. /*!
  524. \ingroup ED25519
  525. \brief This function imports an Ed25519 private key only from a
  526. buffer.
  527. \return 0 Returned on successfully importing the Ed25519 key.
  528. \return BAD_FUNC_ARG Returned if priv or key evaluate to NULL, or if
  529. privSz is not equal to ED25519_KEY_SIZE.
  530. \param [in] priv Pointer to the buffer containing the private key.
  531. \param [in] privSz Length of the private key.
  532. \param [in,out] key Pointer to the ed25519_key object in which to store the
  533. imported private key.
  534. _Example_
  535. \code
  536. int ret;
  537. byte priv[] = { initialize with 32 byte private key };
  538. ed25519_key key;
  539. wc_ed25519_init_key(&key);
  540. ret = wc_ed25519_import_private_only(priv, sizeof(priv), &key);
  541. if (ret != 0) {
  542. // error importing private key
  543. }
  544. \endcode
  545. \sa wc_ed25519_import_public
  546. \sa wc_ed25519_import_public_ex
  547. \sa wc_ed25519_import_private_key
  548. \sa wc_ed25519_import_private_key_ex
  549. \sa wc_ed25519_export_private_only
  550. */
  551. int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
  552. ed25519_key* key);
  553. /*!
  554. \ingroup ED25519
  555. \brief This function imports a public/private Ed25519 key pair from a
  556. pair of buffers. This function will handle both compressed and
  557. uncompressed keys. The public key is assumed to be untrusted and is
  558. checked against the private key.
  559. \return 0 Returned on successfully importing the ed25519_key.
  560. \return BAD_FUNC_ARG Returned if priv or key evaluate to NULL; or if
  561. either privSz is not equal to ED25519_KEY_SIZE nor ED25519_PRV_KEY_SIZE, or
  562. pubSz is less than ED25519_PUB_KEY_SIZE.
  563. \param [in] priv Pointer to the buffer containing the private key.
  564. \param [in] privSz Length of the private key.
  565. \param [in] pub Pointer to the buffer containing the public key.
  566. \param [in] pubSz Length of the public key.
  567. \param [in,out] key Pointer to the ed25519_key object in which to store the
  568. imported private/public key pair.
  569. _Example_
  570. \code
  571. int ret;
  572. byte priv[] = { initialize with 32 byte private key };
  573. byte pub[] = { initialize with the corresponding public key };
  574. ed25519_key key;
  575. wc_ed25519_init_key(&key);
  576. ret = wc_ed25519_import_private_key(priv, sizeof(priv), pub, sizeof(pub),
  577. &key);
  578. if (ret != 0) {
  579. // error importing key
  580. }
  581. \endcode
  582. \sa wc_ed25519_import_public
  583. \sa wc_ed25519_import_public_ex
  584. \sa wc_ed25519_import_private_only
  585. \sa wc_ed25519_import_private_key_ex
  586. \sa wc_ed25519_export_private
  587. */
  588. int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
  589. const byte* pub, word32 pubSz, ed25519_key* key);
  590. /*!
  591. \ingroup ED25519
  592. \brief This function imports a public/private Ed25519 key pair from a
  593. pair of buffers. This function will handle both compressed and
  594. uncompressed keys. The public is checked against private key if not trusted.
  595. \return 0 Returned on successfully importing the ed25519_key.
  596. \return BAD_FUNC_ARG Returned if priv or key evaluate to NULL; or if
  597. either privSz is not equal to ED25519_KEY_SIZE nor ED25519_PRV_KEY_SIZE, or
  598. pubSz is less than ED25519_PUB_KEY_SIZE.
  599. \param [in] priv Pointer to the buffer containing the private key.
  600. \param [in] privSz Length of the private key.
  601. \param [in] pub Pointer to the buffer containing the public key.
  602. \param [in] pubSz Length of the public key.
  603. \param [in,out] key Pointer to the ed25519_key object in which to store the
  604. imported private/public key pair.
  605. \param [in] trusted Public key data is trusted or not.
  606. _Example_
  607. \code
  608. int ret;
  609. byte priv[] = { initialize with 32 byte private key };
  610. byte pub[] = { initialize with the corresponding public key };
  611. ed25519_key key;
  612. wc_ed25519_init_key(&key);
  613. ret = wc_ed25519_import_private_key(priv, sizeof(priv), pub, sizeof(pub),
  614. &key, 1);
  615. if (ret != 0) {
  616. // error importing key
  617. }
  618. \endcode
  619. \sa wc_ed25519_import_public
  620. \sa wc_ed25519_import_public_ex
  621. \sa wc_ed25519_import_private_only
  622. \sa wc_ed25519_import_private_key
  623. \sa wc_ed25519_export_private
  624. */
  625. int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
  626. const byte* pub, word32 pubSz, ed25519_key* key, int trusted);
  627. /*!
  628. \ingroup ED25519
  629. \brief This function exports the private key from an ed25519_key
  630. structure. It stores the public key in the buffer out, and sets the bytes
  631. written to this buffer in outLen.
  632. \return 0 Returned upon successfully exporting the public key.
  633. \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
  634. \return BUFFER_E Returned if the buffer provided is not large enough to
  635. store the private key. Upon returning this error, the function sets the
  636. size required in outLen.
  637. \param [in] key Pointer to an ed25519_key structure from which to export the
  638. public key.
  639. \param [out] out Pointer to the buffer in which to store the public key.
  640. \param [in,out] outLen Pointer to a word32 object with the size available
  641. in out. Set with the number of bytes written to out after successfully
  642. exporting the public key.
  643. _Example_
  644. \code
  645. int ret;
  646. ed25519_key key;
  647. // initialize key, make key
  648. char pub[32];
  649. word32 pubSz = sizeof(pub);
  650. ret = wc_ed25519_export_public(&key, pub, &pubSz);
  651. if (ret != 0) {
  652. // error exporting public key
  653. }
  654. \endcode
  655. \sa wc_ed25519_import_public
  656. \sa wc_ed25519_import_public_ex
  657. \sa wc_ed25519_export_private_only
  658. */
  659. int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
  660. /*!
  661. \ingroup ED25519
  662. \brief This function exports only the private key from an ed25519_key
  663. structure. It stores the private key in the buffer out, and sets
  664. the bytes written to this buffer in outLen.
  665. \return 0 Returned upon successfully exporting the private key.
  666. \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
  667. \return BUFFER_E Returned if the buffer provided is not large enough
  668. to store the private key.
  669. \param [in] key Pointer to an ed25519_key structure from which to export
  670. the private key.
  671. \param [out] out Pointer to the buffer in which to store the private key.
  672. \param [in,out] outLen Pointer to a word32 object with the size available in
  673. out. Set with the number of bytes written to out after successfully
  674. exporting the private key.
  675. _Example_
  676. \code
  677. int ret;
  678. ed25519_key key;
  679. // initialize key, make key
  680. char priv[32]; // 32 bytes because only private key
  681. word32 privSz = sizeof(priv);
  682. ret = wc_ed25519_export_private_only(&key, priv, &privSz);
  683. if (ret != 0) {
  684. // error exporting private key
  685. }
  686. \endcode
  687. \sa wc_ed25519_export_public
  688. \sa wc_ed25519_import_private_key
  689. \sa wc_ed25519_import_private_key_ex
  690. */
  691. int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
  692. /*!
  693. \ingroup ED25519
  694. \brief This function exports the key pair from an ed25519_key
  695. structure. It stores the key pair in the buffer out, and sets
  696. the bytes written to this buffer in outLen.
  697. \return 0 Returned upon successfully exporting the key pair.
  698. \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
  699. \return BUFFER_E Returned if the buffer provided is not large enough
  700. to store the key pair.
  701. \param [in] key Pointer to an ed25519_key structure from which to export
  702. the key pair.
  703. \param [out] out Pointer to the buffer in which to store the key pair.
  704. \param [in,out] outLen Pointer to a word32 object with the size available in
  705. out. Set with the number of bytes written to out after successfully
  706. exporting the key pair.
  707. _Example_
  708. \code
  709. ed25519_key key;
  710. wc_ed25519_init(&key);
  711. WC_RNG rng;
  712. wc_InitRng(&rng);
  713. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte Ed25519 key
  714. byte out[64]; // out needs to be a sufficient buffer size
  715. word32 outLen = sizeof(out);
  716. int key_size = wc_ed25519_export_private(&key, out, &outLen);
  717. if (key_size == BUFFER_E) {
  718. // Check size of out compared to outLen to see if function reset outLen
  719. }
  720. \endcode
  721. \sa wc_ed25519_import_private_key
  722. \sa wc_ed25519_import_private_key_ex
  723. \sa wc_ed25519_export_private_only
  724. */
  725. int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
  726. /*!
  727. \ingroup ED25519
  728. \brief This function exports the private and public key separately from an
  729. ed25519_key structure. It stores the private key in the buffer priv, and
  730. sets the bytes written to this buffer in privSz. It stores the public key
  731. in the buffer pub, and sets the bytes written to this buffer in pubSz.
  732. \return 0 Returned upon successfully exporting the key pair.
  733. \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
  734. \return BUFFER_E Returned if the buffer provided is not large enough
  735. to store the key pair.
  736. \param [in] key Pointer to an ed25519_key structure from which to export
  737. the key pair.
  738. \param [out] priv Pointer to the buffer in which to store the private key.
  739. \param [in,out] privSz Pointer to a word32 object with the size available in
  740. out. Set with the number of bytes written to out after successfully
  741. exporting the private key.
  742. \param [out] pub Pointer to the buffer in which to store the public key.
  743. \param [in,out] pubSz Pointer to a word32 object with the size available in
  744. out. Set with the number of bytes written to out after successfully
  745. exporting the public key.
  746. _Example_
  747. \code
  748. int ret;
  749. ed25519_key key;
  750. // initialize key, make key
  751. char pub[32];
  752. word32 pubSz = sizeof(pub);
  753. char priv[32];
  754. word32 privSz = sizeof(priv);
  755. ret = wc_ed25519_export_key(&key, priv, &pubSz, pub, &pubSz);
  756. if (ret != 0) {
  757. // error exporting public key
  758. }
  759. \endcode
  760. \sa wc_ed25519_export_private
  761. \sa wc_ed25519_export_public
  762. */
  763. int wc_ed25519_export_key(ed25519_key* key,
  764. byte* priv, word32 *privSz,
  765. byte* pub, word32 *pubSz);
  766. /*!
  767. \ingroup ED25519
  768. \brief This function checks the public key in ed25519_key structure matches
  769. the private key.
  770. \return 0 Returned if the private and public key matched.
  771. \return BAD_FUNC_ARG Returned if the given key is NULL.
  772. \return PUBLIC_KEY_E Returned if the no public key available or is invalid.
  773. \param [in] key Pointer to an ed25519_key structure holding a private and
  774. public key.
  775. _Example_
  776. \code
  777. int ret;
  778. byte priv[] = { initialize with 57 byte private key };
  779. byte pub[] = { initialize with the corresponding public key };
  780. ed25519_key key;
  781. wc_ed25519_init_key(&key);
  782. wc_ed25519_import_private_key_ex(priv, sizeof(priv), pub, sizeof(pub), &key,
  783. 1);
  784. ret = wc_ed25519_check_key(&key);
  785. if (ret != 0) {
  786. // error checking key
  787. }
  788. \endcode
  789. \sa wc_ed25519_import_private_key
  790. \sa wc_ed25519_import_private_key_ex
  791. */
  792. int wc_ed25519_check_key(ed25519_key* key);
  793. /*!
  794. \ingroup ED25519
  795. \brief This function returns the size of an Ed25519 - 32 bytes.
  796. \return ED25519_KEY_SIZE The size of a valid private key (32 bytes).
  797. \return BAD_FUNC_ARG Returned if the given key is NULL.
  798. \param [in] key Pointer to an ed25519_key structure for which to get the
  799. key size.
  800. _Example_
  801. \code
  802. int keySz;
  803. ed25519_key key;
  804. // initialize key, make key
  805. keySz = wc_ed25519_size(&key);
  806. if (keySz == 0) {
  807. // error determining key size
  808. }
  809. \endcode
  810. \sa wc_ed25519_make_key
  811. */
  812. int wc_ed25519_size(ed25519_key* key);
  813. /*!
  814. \ingroup ED25519
  815. \brief This function returns the private key size (secret + public) in
  816. bytes.
  817. \return ED25519_PRV_KEY_SIZE The size of the private key (64 bytes).
  818. \return BAD_FUNC_ARG Returned if key argument is NULL.
  819. \param [in] key Pointer to an ed25519_key structure for which to get the
  820. key size.
  821. _Example_
  822. \code
  823. ed25519_key key;
  824. wc_ed25519_init(&key);
  825. WC_RNG rng;
  826. wc_InitRng(&rng);
  827. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte Ed25519 key
  828. int key_size = wc_ed25519_priv_size(&key);
  829. \endcode
  830. \sa wc_ed25519_pub_size
  831. */
  832. int wc_ed25519_priv_size(ed25519_key* key);
  833. /*!
  834. \ingroup ED25519
  835. \brief This function returns the compressed key size in bytes (public key).
  836. \return ED25519_PUB_KEY_SIZE The size of the compressed public key
  837. (32 bytes).
  838. \return BAD_FUNC_ARG Returns if key argument is NULL.
  839. \param [in] key Pointer to an ed25519_key structure for which to get the
  840. key size.
  841. _Example_
  842. \code
  843. ed25519_key key;
  844. wc_ed25519_init(&key);
  845. WC_RNG rng;
  846. wc_InitRng(&rng);
  847. wc_ed25519_make_key(&rng, 32, &key); // initialize 32 byte Ed25519 key
  848. int key_size = wc_ed25519_pub_size(&key);
  849. \endcode
  850. \sa wc_ed25519_priv_size
  851. */
  852. int wc_ed25519_pub_size(ed25519_key* key);
  853. /*!
  854. \ingroup ED25519
  855. \brief This function returns the size of an Ed25519 signature (64 in bytes).
  856. \return ED25519_SIG_SIZE The size of an Ed25519 signature (64 bytes).
  857. \return BAD_FUNC_ARG Returns if key argument is NULL.
  858. \param [in] key Pointer to an ed25519_key structure for which to get the
  859. signature size.
  860. _Example_
  861. \code
  862. int sigSz;
  863. ed25519_key key;
  864. // initialize key, make key
  865. sigSz = wc_ed25519_sig_size(&key);
  866. if (sigSz == 0) {
  867. // error determining sig size
  868. }
  869. \endcode
  870. \sa wc_ed25519_sign_msg
  871. */
  872. int wc_ed25519_sig_size(ed25519_key* key);