NAME
secp256r1, secp256k1, secp384r1, ecdominit, ecdomfree, ecassign,
ecadd, ecmul, strtoec, ecgen, ecverify, ecpubverify, ecdsasign,
ecdsaverify, ecencodepub, ecdecodepub, ecpubfree, X509toECpub,
X509ecdsaverify, X509ecdsaverifydigest – elliptic curve cryptography |
SYNOPSIS
#include <u.h> #include <libc.h> #include <mp.h> #include <libsec.h> void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h) void secp256k1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h) void secp384r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h) void ecdominit(ECdomain *dom, void (*init)(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h)) void ecdomfree(ECdomain *dom) void ecassign(ECdomain *dom, ECpoint *old, ECpoint *new) void ecadd(ECdomain *dom, ECpoint *a, ECpoint *b, ECpoint *s) void ecmul(ECdomain *dom, ECpoint *a, mpint *k, ECpoint *s) ECpoint* strtoec(ECdomain *dom, char *s, char **rptr, ECpoint *p) ECpriv* ecgen(ECdomain *dom, ECpriv *p) int ecverify(ECdomain *dom, ECpoint *p) int ecpubverify(ECdomain *dom, ECpub *p) void ecdsasign(ECdomain *dom, ECpriv *priv, uchar *dig, int dlen, mpint *r, mpint *s) int ecdsaverify(ECdomain *dom, ECpub *pub, uchar *dig, int dlen, mpint *r, mpint *s) int ecencodepub(ECdomain *dom, ECpub *pub, uchar *data, int len) ECpub* ecdecodepub(ECdomain *dom, uchar *data, int len) void ecpubfree(ECpub *p); ECpub* X509toECpub(uchar *cert, int ncert, char *name, int nname, ECdomain *dom) char* X509ecdsaverify(uchar *cert, int ncert, ECdomain *dom, ECpub *pub)
char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest,
int edigestlen, ECdomain *dom, ECpub *pub) |
DESCRIPTION
These functions implement elliptic curve cryptography. An elliptic
curve together with cryptographic parameters are specified using
an ECdomain struct. Points on the curve are represented by ECpoint
structs. ecdominit initializes a ECdomain struct and calls the init function such as secp256r1 which fills in the parameters of the curve. ecdomfree frees the parameters of the curve and zeros the struct. It does not free the memory of the struct itself. ecassign, ecadd and ecmul are analogous to their counterparts in mp(2). strtoec converts a hex string representing an octet string as specified in Standards for Efficient Cryptography (SEC) 1 to an ECpoint struct. Both uncompressed and compressed formats are supported. If rptr is not nil, it is used to return the position in the string where the parser stopped. If p is nil space is allocated automatically, else the given struct is used. ecverify and ecpubverify verify that the given point or public key, respectively, is valid. ecgen generates a keypair and returns a pointer to it. If p is nil space is allocated automatically, else the given struct is used. ecdsasign and ecdsaverify create or verify, respectively, a signature using the ECDSA scheme specified in SEC 1. It is absolutely vital that dig is a cryptographic hash to the message. ecdsasign writes the signature to r and s which are assumed to be allocated properly. ecencodepub and ecdecodepub handle encoding and decoding of public keys in uncompressed format. Note that ecdecodepub also verifies that the public key is valid in the specified domain. ecpubfree frees a ECpub structure and its associated members.
Given a binary X.509 cert, the function X509toECpub initializes
domain parameters and returns the ECDSA public key. if name is
not nil, the CN part of the Distinguished Name of the certificate's
Subject is returned. X509ecdsaverify and X509ecdsaverifydigest
are analogs to the routines described by
rsa(2). |
RETURN VALUE
*verify functions return 1 for a positive result. Functions returning
pointers may return nil in case of error (e.g. failing malloc(2)). |
SOURCE
/sys/src/libsec/port/ecc.c |
SEE ALSO
rsa(2) Standards for Efficient Cryptography (SEC) 1: Elliptic Curve Cryptography – Certicom Research, 2009 |
HISTORY
This implementation of elliptic curve cryptography first appeared
in 9front (June, 2012). |