1*8fb009dcSAndroid Build Coastguard Worker /* Originally written by Bodo Moeller for the OpenSSL project. 2*8fb009dcSAndroid Build Coastguard Worker * ==================================================================== 3*8fb009dcSAndroid Build Coastguard Worker * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 4*8fb009dcSAndroid Build Coastguard Worker * 5*8fb009dcSAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without 6*8fb009dcSAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions 7*8fb009dcSAndroid Build Coastguard Worker * are met: 8*8fb009dcSAndroid Build Coastguard Worker * 9*8fb009dcSAndroid Build Coastguard Worker * 1. Redistributions of source code must retain the above copyright 10*8fb009dcSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer. 11*8fb009dcSAndroid Build Coastguard Worker * 12*8fb009dcSAndroid Build Coastguard Worker * 2. Redistributions in binary form must reproduce the above copyright 13*8fb009dcSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer in 14*8fb009dcSAndroid Build Coastguard Worker * the documentation and/or other materials provided with the 15*8fb009dcSAndroid Build Coastguard Worker * distribution. 16*8fb009dcSAndroid Build Coastguard Worker * 17*8fb009dcSAndroid Build Coastguard Worker * 3. All advertising materials mentioning features or use of this 18*8fb009dcSAndroid Build Coastguard Worker * software must display the following acknowledgment: 19*8fb009dcSAndroid Build Coastguard Worker * "This product includes software developed by the OpenSSL Project 20*8fb009dcSAndroid Build Coastguard Worker * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 21*8fb009dcSAndroid Build Coastguard Worker * 22*8fb009dcSAndroid Build Coastguard Worker * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 23*8fb009dcSAndroid Build Coastguard Worker * endorse or promote products derived from this software without 24*8fb009dcSAndroid Build Coastguard Worker * prior written permission. For written permission, please contact 25*8fb009dcSAndroid Build Coastguard Worker * [email protected]. 26*8fb009dcSAndroid Build Coastguard Worker * 27*8fb009dcSAndroid Build Coastguard Worker * 5. Products derived from this software may not be called "OpenSSL" 28*8fb009dcSAndroid Build Coastguard Worker * nor may "OpenSSL" appear in their names without prior written 29*8fb009dcSAndroid Build Coastguard Worker * permission of the OpenSSL Project. 30*8fb009dcSAndroid Build Coastguard Worker * 31*8fb009dcSAndroid Build Coastguard Worker * 6. Redistributions of any form whatsoever must retain the following 32*8fb009dcSAndroid Build Coastguard Worker * acknowledgment: 33*8fb009dcSAndroid Build Coastguard Worker * "This product includes software developed by the OpenSSL Project 34*8fb009dcSAndroid Build Coastguard Worker * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 35*8fb009dcSAndroid Build Coastguard Worker * 36*8fb009dcSAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 37*8fb009dcSAndroid Build Coastguard Worker * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 38*8fb009dcSAndroid Build Coastguard Worker * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 39*8fb009dcSAndroid Build Coastguard Worker * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 40*8fb009dcSAndroid Build Coastguard Worker * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 41*8fb009dcSAndroid Build Coastguard Worker * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 42*8fb009dcSAndroid Build Coastguard Worker * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 43*8fb009dcSAndroid Build Coastguard Worker * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 44*8fb009dcSAndroid Build Coastguard Worker * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 45*8fb009dcSAndroid Build Coastguard Worker * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 46*8fb009dcSAndroid Build Coastguard Worker * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 47*8fb009dcSAndroid Build Coastguard Worker * OF THE POSSIBILITY OF SUCH DAMAGE. 48*8fb009dcSAndroid Build Coastguard Worker * ==================================================================== 49*8fb009dcSAndroid Build Coastguard Worker * 50*8fb009dcSAndroid Build Coastguard Worker * This product includes cryptographic software written by Eric Young 51*8fb009dcSAndroid Build Coastguard Worker * ([email protected]). This product includes software written by Tim 52*8fb009dcSAndroid Build Coastguard Worker * Hudson ([email protected]). 53*8fb009dcSAndroid Build Coastguard Worker * 54*8fb009dcSAndroid Build Coastguard Worker */ 55*8fb009dcSAndroid Build Coastguard Worker /* ==================================================================== 56*8fb009dcSAndroid Build Coastguard Worker * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 57*8fb009dcSAndroid Build Coastguard Worker * 58*8fb009dcSAndroid Build Coastguard Worker * Portions of the attached software ("Contribution") are developed by 59*8fb009dcSAndroid Build Coastguard Worker * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 60*8fb009dcSAndroid Build Coastguard Worker * 61*8fb009dcSAndroid Build Coastguard Worker * The Contribution is licensed pursuant to the OpenSSL open source 62*8fb009dcSAndroid Build Coastguard Worker * license provided above. 63*8fb009dcSAndroid Build Coastguard Worker * 64*8fb009dcSAndroid Build Coastguard Worker * The elliptic curve binary polynomial software is originally written by 65*8fb009dcSAndroid Build Coastguard Worker * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems 66*8fb009dcSAndroid Build Coastguard Worker * Laboratories. */ 67*8fb009dcSAndroid Build Coastguard Worker 68*8fb009dcSAndroid Build Coastguard Worker #ifndef OPENSSL_HEADER_EC_KEY_H 69*8fb009dcSAndroid Build Coastguard Worker #define OPENSSL_HEADER_EC_KEY_H 70*8fb009dcSAndroid Build Coastguard Worker 71*8fb009dcSAndroid Build Coastguard Worker #include <openssl/base.h> 72*8fb009dcSAndroid Build Coastguard Worker 73*8fb009dcSAndroid Build Coastguard Worker #include <openssl/ec.h> 74*8fb009dcSAndroid Build Coastguard Worker #include <openssl/engine.h> 75*8fb009dcSAndroid Build Coastguard Worker #include <openssl/ex_data.h> 76*8fb009dcSAndroid Build Coastguard Worker 77*8fb009dcSAndroid Build Coastguard Worker #if defined(__cplusplus) 78*8fb009dcSAndroid Build Coastguard Worker extern "C" { 79*8fb009dcSAndroid Build Coastguard Worker #endif 80*8fb009dcSAndroid Build Coastguard Worker 81*8fb009dcSAndroid Build Coastguard Worker 82*8fb009dcSAndroid Build Coastguard Worker // ec_key.h contains functions that handle elliptic-curve points that are 83*8fb009dcSAndroid Build Coastguard Worker // public/private keys. 84*8fb009dcSAndroid Build Coastguard Worker 85*8fb009dcSAndroid Build Coastguard Worker 86*8fb009dcSAndroid Build Coastguard Worker // EC key objects. 87*8fb009dcSAndroid Build Coastguard Worker // 88*8fb009dcSAndroid Build Coastguard Worker // An |EC_KEY| object represents a public or private EC key. A given object may 89*8fb009dcSAndroid Build Coastguard Worker // be used concurrently on multiple threads by non-mutating functions, provided 90*8fb009dcSAndroid Build Coastguard Worker // no other thread is concurrently calling a mutating function. Unless otherwise 91*8fb009dcSAndroid Build Coastguard Worker // documented, functions which take a |const| pointer are non-mutating and 92*8fb009dcSAndroid Build Coastguard Worker // functions which take a non-|const| pointer are mutating. 93*8fb009dcSAndroid Build Coastguard Worker 94*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_new returns a fresh |EC_KEY| object or NULL on error. 95*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_new(void); 96*8fb009dcSAndroid Build Coastguard Worker 97*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_new_method acts the same as |EC_KEY_new|, but takes an explicit 98*8fb009dcSAndroid Build Coastguard Worker // |ENGINE|. 99*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_new_method(const ENGINE *engine); 100*8fb009dcSAndroid Build Coastguard Worker 101*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_new_by_curve_name returns a fresh EC_KEY for group specified by |nid| 102*8fb009dcSAndroid Build Coastguard Worker // or NULL on error. 103*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_new_by_curve_name(int nid); 104*8fb009dcSAndroid Build Coastguard Worker 105*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_free frees all the data owned by |key| and |key| itself. 106*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT void EC_KEY_free(EC_KEY *key); 107*8fb009dcSAndroid Build Coastguard Worker 108*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_dup returns a fresh copy of |src| or NULL on error. 109*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_dup(const EC_KEY *src); 110*8fb009dcSAndroid Build Coastguard Worker 111*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_up_ref increases the reference count of |key| and returns one. It does 112*8fb009dcSAndroid Build Coastguard Worker // not mutate |key| for thread-safety purposes and may be used concurrently. 113*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_up_ref(EC_KEY *key); 114*8fb009dcSAndroid Build Coastguard Worker 115*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_is_opaque returns one if |key| is opaque and doesn't expose its key 116*8fb009dcSAndroid Build Coastguard Worker // material. Otherwise it return zero. 117*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_is_opaque(const EC_KEY *key); 118*8fb009dcSAndroid Build Coastguard Worker 119*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_get0_group returns a pointer to the |EC_GROUP| object inside |key|. 120*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); 121*8fb009dcSAndroid Build Coastguard Worker 122*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_group sets the |EC_GROUP| object that |key| will use to |group|. 123*8fb009dcSAndroid Build Coastguard Worker // It returns one on success and zero if |key| is already configured with a 124*8fb009dcSAndroid Build Coastguard Worker // different group. 125*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); 126*8fb009dcSAndroid Build Coastguard Worker 127*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_get0_private_key returns a pointer to the private key inside |key|. 128*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); 129*8fb009dcSAndroid Build Coastguard Worker 130*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_private_key sets the private key of |key| to |priv|. It returns 131*8fb009dcSAndroid Build Coastguard Worker // one on success and zero otherwise. |key| must already have had a group 132*8fb009dcSAndroid Build Coastguard Worker // configured (see |EC_KEY_set_group| and |EC_KEY_new_by_curve_name|). 133*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv); 134*8fb009dcSAndroid Build Coastguard Worker 135*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_get0_public_key returns a pointer to the public key point inside 136*8fb009dcSAndroid Build Coastguard Worker // |key|. 137*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); 138*8fb009dcSAndroid Build Coastguard Worker 139*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_public_key sets the public key of |key| to |pub|, by copying it. 140*8fb009dcSAndroid Build Coastguard Worker // It returns one on success and zero otherwise. |key| must already have had a 141*8fb009dcSAndroid Build Coastguard Worker // group configured (see |EC_KEY_set_group| and |EC_KEY_new_by_curve_name|), and 142*8fb009dcSAndroid Build Coastguard Worker // |pub| must also belong to that group. 143*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); 144*8fb009dcSAndroid Build Coastguard Worker 145*8fb009dcSAndroid Build Coastguard Worker #define EC_PKEY_NO_PARAMETERS 0x001 146*8fb009dcSAndroid Build Coastguard Worker #define EC_PKEY_NO_PUBKEY 0x002 147*8fb009dcSAndroid Build Coastguard Worker 148*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_get_enc_flags returns the encoding flags for |key|, which is a 149*8fb009dcSAndroid Build Coastguard Worker // bitwise-OR of |EC_PKEY_*| values. 150*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT unsigned EC_KEY_get_enc_flags(const EC_KEY *key); 151*8fb009dcSAndroid Build Coastguard Worker 152*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_enc_flags sets the encoding flags for |key|, which is a 153*8fb009dcSAndroid Build Coastguard Worker // bitwise-OR of |EC_PKEY_*| values. 154*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT void EC_KEY_set_enc_flags(EC_KEY *key, unsigned flags); 155*8fb009dcSAndroid Build Coastguard Worker 156*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_get_conv_form returns the conversation form that will be used by 157*8fb009dcSAndroid Build Coastguard Worker // |key|. 158*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); 159*8fb009dcSAndroid Build Coastguard Worker 160*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_conv_form sets the conversion form to be used by |key|. 161*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT void EC_KEY_set_conv_form(EC_KEY *key, 162*8fb009dcSAndroid Build Coastguard Worker point_conversion_form_t cform); 163*8fb009dcSAndroid Build Coastguard Worker 164*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_check_key performs several checks on |key| (possibly including an 165*8fb009dcSAndroid Build Coastguard Worker // expensive check that the public key is in the primary subgroup). It returns 166*8fb009dcSAndroid Build Coastguard Worker // one if all checks pass and zero otherwise. If it returns zero then detail 167*8fb009dcSAndroid Build Coastguard Worker // about the problem can be found on the error stack. 168*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_check_key(const EC_KEY *key); 169*8fb009dcSAndroid Build Coastguard Worker 170*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_check_fips performs both a signing pairwise consistency test 171*8fb009dcSAndroid Build Coastguard Worker // (FIPS 140-2 4.9.2) and the consistency test from SP 800-56Ar3 section 172*8fb009dcSAndroid Build Coastguard Worker // 5.6.2.1.4. It returns one if it passes and zero otherwise. 173*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_check_fips(const EC_KEY *key); 174*8fb009dcSAndroid Build Coastguard Worker 175*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_public_key_affine_coordinates sets the public key in |key| to 176*8fb009dcSAndroid Build Coastguard Worker // (|x|, |y|). It returns one on success and zero on error. It's considered an 177*8fb009dcSAndroid Build Coastguard Worker // error if |x| and |y| do not represent a point on |key|'s curve. 178*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, 179*8fb009dcSAndroid Build Coastguard Worker const BIGNUM *x, 180*8fb009dcSAndroid Build Coastguard Worker const BIGNUM *y); 181*8fb009dcSAndroid Build Coastguard Worker 182*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_oct2key decodes |len| bytes from |in| as an EC public key in X9.62 183*8fb009dcSAndroid Build Coastguard Worker // form. |key| must already have a group configured. On success, it sets the 184*8fb009dcSAndroid Build Coastguard Worker // public key in |key| to the result and returns one. Otherwise, it returns 185*8fb009dcSAndroid Build Coastguard Worker // zero. 186*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_oct2key(EC_KEY *key, const uint8_t *in, size_t len, 187*8fb009dcSAndroid Build Coastguard Worker BN_CTX *ctx); 188*8fb009dcSAndroid Build Coastguard Worker 189*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_key2buf behaves like |EC_POINT_point2buf|, except it encodes the 190*8fb009dcSAndroid Build Coastguard Worker // public key in |key|. 191*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT size_t EC_KEY_key2buf(const EC_KEY *key, 192*8fb009dcSAndroid Build Coastguard Worker point_conversion_form_t form, 193*8fb009dcSAndroid Build Coastguard Worker uint8_t **out_buf, BN_CTX *ctx); 194*8fb009dcSAndroid Build Coastguard Worker 195*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_oct2priv decodes a big-endian, zero-padded integer from |len| bytes 196*8fb009dcSAndroid Build Coastguard Worker // from |in| and sets |key|'s private key to the result. It returns one on 197*8fb009dcSAndroid Build Coastguard Worker // success and zero on error. The input must be padded to the size of |key|'s 198*8fb009dcSAndroid Build Coastguard Worker // group order. 199*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_oct2priv(EC_KEY *key, const uint8_t *in, size_t len); 200*8fb009dcSAndroid Build Coastguard Worker 201*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_priv2oct serializes |key|'s private key as a big-endian integer, 202*8fb009dcSAndroid Build Coastguard Worker // zero-padded to the size of |key|'s group order and writes the result to at 203*8fb009dcSAndroid Build Coastguard Worker // most |max_out| bytes of |out|. It returns the number of bytes written on 204*8fb009dcSAndroid Build Coastguard Worker // success and zero on error. If |out| is NULL, it returns the number of bytes 205*8fb009dcSAndroid Build Coastguard Worker // needed without writing anything. 206*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT size_t EC_KEY_priv2oct(const EC_KEY *key, uint8_t *out, 207*8fb009dcSAndroid Build Coastguard Worker size_t max_out); 208*8fb009dcSAndroid Build Coastguard Worker 209*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_priv2buf behaves like |EC_KEY_priv2oct| but sets |*out_buf| to a 210*8fb009dcSAndroid Build Coastguard Worker // newly-allocated buffer containing the result. It returns the size of the 211*8fb009dcSAndroid Build Coastguard Worker // result on success and zero on error. The caller must release |*out_buf| with 212*8fb009dcSAndroid Build Coastguard Worker // |OPENSSL_free| when done. 213*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT size_t EC_KEY_priv2buf(const EC_KEY *key, uint8_t **out_buf); 214*8fb009dcSAndroid Build Coastguard Worker 215*8fb009dcSAndroid Build Coastguard Worker 216*8fb009dcSAndroid Build Coastguard Worker // Key generation. 217*8fb009dcSAndroid Build Coastguard Worker 218*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_generate_key generates a random, private key, calculates the 219*8fb009dcSAndroid Build Coastguard Worker // corresponding public key and stores both in |key|. It returns one on success 220*8fb009dcSAndroid Build Coastguard Worker // or zero otherwise. 221*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_generate_key(EC_KEY *key); 222*8fb009dcSAndroid Build Coastguard Worker 223*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_generate_key_fips behaves like |EC_KEY_generate_key| but performs 224*8fb009dcSAndroid Build Coastguard Worker // additional checks for FIPS compliance. This function is applicable when 225*8fb009dcSAndroid Build Coastguard Worker // generating keys for either signing/verification or key agreement because 226*8fb009dcSAndroid Build Coastguard Worker // both types of consistency check (PCT) are performed. 227*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_generate_key_fips(EC_KEY *key); 228*8fb009dcSAndroid Build Coastguard Worker 229*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_derive_from_secret deterministically derives a private key for |group| 230*8fb009dcSAndroid Build Coastguard Worker // from an input secret using HKDF-SHA256. It returns a newly-allocated |EC_KEY| 231*8fb009dcSAndroid Build Coastguard Worker // on success or NULL on error. |secret| must not be used in any other 232*8fb009dcSAndroid Build Coastguard Worker // algorithm. If using a base secret for multiple operations, derive separate 233*8fb009dcSAndroid Build Coastguard Worker // values with a KDF such as HKDF first. 234*8fb009dcSAndroid Build Coastguard Worker // 235*8fb009dcSAndroid Build Coastguard Worker // Note this function implements an arbitrary derivation scheme, rather than any 236*8fb009dcSAndroid Build Coastguard Worker // particular standard one. New protocols are recommended to use X25519 and 237*8fb009dcSAndroid Build Coastguard Worker // Ed25519, which have standard byte import functions. See 238*8fb009dcSAndroid Build Coastguard Worker // |X25519_public_from_private| and |ED25519_keypair_from_seed|. 239*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_derive_from_secret(const EC_GROUP *group, 240*8fb009dcSAndroid Build Coastguard Worker const uint8_t *secret, 241*8fb009dcSAndroid Build Coastguard Worker size_t secret_len); 242*8fb009dcSAndroid Build Coastguard Worker 243*8fb009dcSAndroid Build Coastguard Worker 244*8fb009dcSAndroid Build Coastguard Worker // Serialisation. 245*8fb009dcSAndroid Build Coastguard Worker 246*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_parse_private_key parses a DER-encoded ECPrivateKey structure (RFC 247*8fb009dcSAndroid Build Coastguard Worker // 5915) from |cbs| and advances |cbs|. It returns a newly-allocated |EC_KEY| or 248*8fb009dcSAndroid Build Coastguard Worker // NULL on error. If |group| is non-null, the parameters field of the 249*8fb009dcSAndroid Build Coastguard Worker // ECPrivateKey may be omitted (but must match |group| if present). Otherwise, 250*8fb009dcSAndroid Build Coastguard Worker // the parameters field is required. 251*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *EC_KEY_parse_private_key(CBS *cbs, 252*8fb009dcSAndroid Build Coastguard Worker const EC_GROUP *group); 253*8fb009dcSAndroid Build Coastguard Worker 254*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_marshal_private_key marshals |key| as a DER-encoded ECPrivateKey 255*8fb009dcSAndroid Build Coastguard Worker // structure (RFC 5915) and appends the result to |cbb|. It returns one on 256*8fb009dcSAndroid Build Coastguard Worker // success and zero on failure. |enc_flags| is a combination of |EC_PKEY_*| 257*8fb009dcSAndroid Build Coastguard Worker // values and controls whether corresponding fields are omitted. 258*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key, 259*8fb009dcSAndroid Build Coastguard Worker unsigned enc_flags); 260*8fb009dcSAndroid Build Coastguard Worker 261*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_parse_curve_name parses a DER-encoded OBJECT IDENTIFIER as a curve 262*8fb009dcSAndroid Build Coastguard Worker // name from |cbs| and advances |cbs|. It returns the decoded |EC_GROUP| or NULL 263*8fb009dcSAndroid Build Coastguard Worker // on error. 264*8fb009dcSAndroid Build Coastguard Worker // 265*8fb009dcSAndroid Build Coastguard Worker // This function returns a non-const pointer which may be passed to 266*8fb009dcSAndroid Build Coastguard Worker // |EC_GROUP_free|. However, the resulting object is actually static and calling 267*8fb009dcSAndroid Build Coastguard Worker // |EC_GROUP_free| is optional. 268*8fb009dcSAndroid Build Coastguard Worker // 269*8fb009dcSAndroid Build Coastguard Worker // TODO(davidben): Make this return a const pointer, if it does not break too 270*8fb009dcSAndroid Build Coastguard Worker // many callers. 271*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_GROUP *EC_KEY_parse_curve_name(CBS *cbs); 272*8fb009dcSAndroid Build Coastguard Worker 273*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_marshal_curve_name marshals |group| as a DER-encoded OBJECT IDENTIFIER 274*8fb009dcSAndroid Build Coastguard Worker // and appends the result to |cbb|. It returns one on success and zero on 275*8fb009dcSAndroid Build Coastguard Worker // failure. 276*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_marshal_curve_name(CBB *cbb, const EC_GROUP *group); 277*8fb009dcSAndroid Build Coastguard Worker 278*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_parse_parameters parses a DER-encoded ECParameters structure (RFC 279*8fb009dcSAndroid Build Coastguard Worker // 5480) from |cbs| and advances |cbs|. It returns the resulting |EC_GROUP| or 280*8fb009dcSAndroid Build Coastguard Worker // NULL on error. It supports the namedCurve and specifiedCurve options, but use 281*8fb009dcSAndroid Build Coastguard Worker // of specifiedCurve is deprecated. Use |EC_KEY_parse_curve_name| instead. 282*8fb009dcSAndroid Build Coastguard Worker // 283*8fb009dcSAndroid Build Coastguard Worker // This function returns a non-const pointer which may be passed to 284*8fb009dcSAndroid Build Coastguard Worker // |EC_GROUP_free|. However, the resulting object is actually static and calling 285*8fb009dcSAndroid Build Coastguard Worker // |EC_GROUP_free| is optional. 286*8fb009dcSAndroid Build Coastguard Worker // 287*8fb009dcSAndroid Build Coastguard Worker // TODO(davidben): Make this return a const pointer, if it does not break too 288*8fb009dcSAndroid Build Coastguard Worker // many callers. 289*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_GROUP *EC_KEY_parse_parameters(CBS *cbs); 290*8fb009dcSAndroid Build Coastguard Worker 291*8fb009dcSAndroid Build Coastguard Worker 292*8fb009dcSAndroid Build Coastguard Worker // ex_data functions. 293*8fb009dcSAndroid Build Coastguard Worker // 294*8fb009dcSAndroid Build Coastguard Worker // These functions are wrappers. See |ex_data.h| for details. 295*8fb009dcSAndroid Build Coastguard Worker 296*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_get_ex_new_index(long argl, void *argp, 297*8fb009dcSAndroid Build Coastguard Worker CRYPTO_EX_unused *unused, 298*8fb009dcSAndroid Build Coastguard Worker CRYPTO_EX_dup *dup_unused, 299*8fb009dcSAndroid Build Coastguard Worker CRYPTO_EX_free *free_func); 300*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int EC_KEY_set_ex_data(EC_KEY *r, int idx, void *arg); 301*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT void *EC_KEY_get_ex_data(const EC_KEY *r, int idx); 302*8fb009dcSAndroid Build Coastguard Worker 303*8fb009dcSAndroid Build Coastguard Worker 304*8fb009dcSAndroid Build Coastguard Worker // ECDSA method. 305*8fb009dcSAndroid Build Coastguard Worker 306*8fb009dcSAndroid Build Coastguard Worker // ECDSA_FLAG_OPAQUE specifies that this ECDSA_METHOD does not expose its key 307*8fb009dcSAndroid Build Coastguard Worker // material. This may be set if, for instance, it is wrapping some other crypto 308*8fb009dcSAndroid Build Coastguard Worker // API, like a platform key store. 309*8fb009dcSAndroid Build Coastguard Worker #define ECDSA_FLAG_OPAQUE 1 310*8fb009dcSAndroid Build Coastguard Worker 311*8fb009dcSAndroid Build Coastguard Worker // ecdsa_method_st is a structure of function pointers for implementing ECDSA. 312*8fb009dcSAndroid Build Coastguard Worker // See engine.h. 313*8fb009dcSAndroid Build Coastguard Worker struct ecdsa_method_st { 314*8fb009dcSAndroid Build Coastguard Worker struct openssl_method_common_st common; 315*8fb009dcSAndroid Build Coastguard Worker 316*8fb009dcSAndroid Build Coastguard Worker void *app_data; 317*8fb009dcSAndroid Build Coastguard Worker 318*8fb009dcSAndroid Build Coastguard Worker int (*init)(EC_KEY *key); 319*8fb009dcSAndroid Build Coastguard Worker int (*finish)(EC_KEY *key); 320*8fb009dcSAndroid Build Coastguard Worker 321*8fb009dcSAndroid Build Coastguard Worker // group_order_size returns the number of bytes needed to represent the order 322*8fb009dcSAndroid Build Coastguard Worker // of the group. This is used to calculate the maximum size of an ECDSA 323*8fb009dcSAndroid Build Coastguard Worker // signature in |ECDSA_size|. 324*8fb009dcSAndroid Build Coastguard Worker size_t (*group_order_size)(const EC_KEY *key); 325*8fb009dcSAndroid Build Coastguard Worker 326*8fb009dcSAndroid Build Coastguard Worker // sign matches the arguments and behaviour of |ECDSA_sign|. 327*8fb009dcSAndroid Build Coastguard Worker int (*sign)(const uint8_t *digest, size_t digest_len, uint8_t *sig, 328*8fb009dcSAndroid Build Coastguard Worker unsigned int *sig_len, EC_KEY *eckey); 329*8fb009dcSAndroid Build Coastguard Worker 330*8fb009dcSAndroid Build Coastguard Worker int flags; 331*8fb009dcSAndroid Build Coastguard Worker }; 332*8fb009dcSAndroid Build Coastguard Worker 333*8fb009dcSAndroid Build Coastguard Worker 334*8fb009dcSAndroid Build Coastguard Worker // Deprecated functions. 335*8fb009dcSAndroid Build Coastguard Worker 336*8fb009dcSAndroid Build Coastguard Worker // EC_KEY_set_asn1_flag does nothing. 337*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT void EC_KEY_set_asn1_flag(EC_KEY *key, int flag); 338*8fb009dcSAndroid Build Coastguard Worker 339*8fb009dcSAndroid Build Coastguard Worker // d2i_ECPrivateKey parses a DER-encoded ECPrivateKey structure (RFC 5915) from 340*8fb009dcSAndroid Build Coastguard Worker // |len| bytes at |*inp|, as described in |d2i_SAMPLE|. On input, if |*out_key| 341*8fb009dcSAndroid Build Coastguard Worker // is non-NULL and has a group configured, the parameters field may be omitted 342*8fb009dcSAndroid Build Coastguard Worker // but must match that group if present. 343*8fb009dcSAndroid Build Coastguard Worker // 344*8fb009dcSAndroid Build Coastguard Worker // Use |EC_KEY_parse_private_key| instead. 345*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey(EC_KEY **out_key, const uint8_t **inp, 346*8fb009dcSAndroid Build Coastguard Worker long len); 347*8fb009dcSAndroid Build Coastguard Worker 348*8fb009dcSAndroid Build Coastguard Worker // i2d_ECPrivateKey marshals |key| as a DER-encoded ECPrivateKey structure (RFC 349*8fb009dcSAndroid Build Coastguard Worker // 5915), as described in |i2d_SAMPLE|. 350*8fb009dcSAndroid Build Coastguard Worker // 351*8fb009dcSAndroid Build Coastguard Worker // Use |EC_KEY_marshal_private_key| instead. 352*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp); 353*8fb009dcSAndroid Build Coastguard Worker 354*8fb009dcSAndroid Build Coastguard Worker // d2i_ECParameters parses a DER-encoded ECParameters structure (RFC 5480) from 355*8fb009dcSAndroid Build Coastguard Worker // |len| bytes at |*inp|, as described in |d2i_SAMPLE|. 356*8fb009dcSAndroid Build Coastguard Worker // 357*8fb009dcSAndroid Build Coastguard Worker // Use |EC_KEY_parse_parameters| or |EC_KEY_parse_curve_name| instead. 358*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *d2i_ECParameters(EC_KEY **out_key, const uint8_t **inp, 359*8fb009dcSAndroid Build Coastguard Worker long len); 360*8fb009dcSAndroid Build Coastguard Worker 361*8fb009dcSAndroid Build Coastguard Worker // i2d_ECParameters marshals |key|'s parameters as a DER-encoded OBJECT 362*8fb009dcSAndroid Build Coastguard Worker // IDENTIFIER, as described in |i2d_SAMPLE|. 363*8fb009dcSAndroid Build Coastguard Worker // 364*8fb009dcSAndroid Build Coastguard Worker // Use |EC_KEY_marshal_curve_name| instead. 365*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int i2d_ECParameters(const EC_KEY *key, uint8_t **outp); 366*8fb009dcSAndroid Build Coastguard Worker 367*8fb009dcSAndroid Build Coastguard Worker // o2i_ECPublicKey parses an EC point from |len| bytes at |*inp| into 368*8fb009dcSAndroid Build Coastguard Worker // |*out_key|. Note that this differs from the d2i format in that |*out_key| 369*8fb009dcSAndroid Build Coastguard Worker // must be non-NULL with a group set. On successful exit, |*inp| is advanced by 370*8fb009dcSAndroid Build Coastguard Worker // |len| bytes. It returns |*out_key| or NULL on error. 371*8fb009dcSAndroid Build Coastguard Worker // 372*8fb009dcSAndroid Build Coastguard Worker // Use |EC_POINT_oct2point| instead. 373*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT EC_KEY *o2i_ECPublicKey(EC_KEY **out_key, const uint8_t **inp, 374*8fb009dcSAndroid Build Coastguard Worker long len); 375*8fb009dcSAndroid Build Coastguard Worker 376*8fb009dcSAndroid Build Coastguard Worker // i2o_ECPublicKey marshals an EC point from |key|, as described in 377*8fb009dcSAndroid Build Coastguard Worker // |i2d_SAMPLE|, except it returns zero on error instead of a negative value. 378*8fb009dcSAndroid Build Coastguard Worker // 379*8fb009dcSAndroid Build Coastguard Worker // Use |EC_POINT_point2cbb| instead. 380*8fb009dcSAndroid Build Coastguard Worker OPENSSL_EXPORT int i2o_ECPublicKey(const EC_KEY *key, unsigned char **outp); 381*8fb009dcSAndroid Build Coastguard Worker 382*8fb009dcSAndroid Build Coastguard Worker 383*8fb009dcSAndroid Build Coastguard Worker #if defined(__cplusplus) 384*8fb009dcSAndroid Build Coastguard Worker } // extern C 385*8fb009dcSAndroid Build Coastguard Worker 386*8fb009dcSAndroid Build Coastguard Worker extern "C++" { 387*8fb009dcSAndroid Build Coastguard Worker 388*8fb009dcSAndroid Build Coastguard Worker BSSL_NAMESPACE_BEGIN 389*8fb009dcSAndroid Build Coastguard Worker 390*8fb009dcSAndroid Build Coastguard Worker BORINGSSL_MAKE_DELETER(EC_KEY, EC_KEY_free) 391*8fb009dcSAndroid Build Coastguard Worker BORINGSSL_MAKE_UP_REF(EC_KEY, EC_KEY_up_ref) 392*8fb009dcSAndroid Build Coastguard Worker 393*8fb009dcSAndroid Build Coastguard Worker BSSL_NAMESPACE_END 394*8fb009dcSAndroid Build Coastguard Worker 395*8fb009dcSAndroid Build Coastguard Worker } // extern C++ 396*8fb009dcSAndroid Build Coastguard Worker 397*8fb009dcSAndroid Build Coastguard Worker #endif 398*8fb009dcSAndroid Build Coastguard Worker 399*8fb009dcSAndroid Build Coastguard Worker #endif // OPENSSL_HEADER_EC_KEY_H 400