PolarSSL v1.3.9
ecp.h
Go to the documentation of this file.
1 
27 #ifndef POLARSSL_ECP_H
28 #define POLARSSL_ECP_H
29 
30 #include "bignum.h"
31 
32 /*
33  * ECP error codes
34  */
35 #define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80
36 #define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
37 #define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
38 #define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00
39 #define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80
40 #define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00
41 #define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80
42 #define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
44 #ifdef __cplusplus
45 extern "C" {
46 #endif
47 
57 typedef enum
58 {
75 } ecp_group_id;
76 
82 #define POLARSSL_ECP_DP_MAX 12
83 
87 typedef struct
88 {
90  uint16_t tls_id;
91  uint16_t size;
92  const char *name;
94 
104 typedef struct
105 {
106  mpi X;
107  mpi Y;
108  mpi Z;
109 }
110 ecp_point;
111 
136 typedef struct
137 {
139  mpi P;
140  mpi A;
141  mpi B;
143  mpi N;
144  size_t pbits;
145  size_t nbits;
146  unsigned int h;
147  int (*modp)(mpi *);
148  int (*t_pre)(ecp_point *, void *);
149  int (*t_post)(ecp_point *, void *);
150  void *t_data;
152  size_t T_size;
153 }
154 ecp_group;
155 
163 typedef struct
164 {
166  mpi d;
168 }
170 
179 #if !defined(POLARSSL_ECP_MAX_BITS)
180 
183 #define POLARSSL_ECP_MAX_BITS 521
184 #endif
185 
186 #define POLARSSL_ECP_MAX_BYTES ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 )
187 #define POLARSSL_ECP_MAX_PT_LEN ( 2 * POLARSSL_ECP_MAX_BYTES + 1 )
188 
189 #if !defined(POLARSSL_ECP_WINDOW_SIZE)
190 /*
191  * Maximum "window" size used for point multiplication.
192  * Default: 6.
193  * Minimum value: 2. Maximum value: 7.
194  *
195  * Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) )
196  * points used for point multiplication. This value is directly tied to EC
197  * peak memory usage, so decreasing it by one should roughly cut memory usage
198  * by two (if large curves are in use).
199  *
200  * Reduction in size may reduce speed, but larger curves are impacted first.
201  * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
202  * w-size: 6 5 4 3 2
203  * 521 145 141 135 120 97
204  * 384 214 209 198 177 146
205  * 256 320 320 303 262 226
206 
207  * 224 475 475 453 398 342
208  * 192 640 640 633 587 476
209  */
210 #define POLARSSL_ECP_WINDOW_SIZE 6
211 #endif /* POLARSSL_ECP_WINDOW_SIZE */
212 
213 #if !defined(POLARSSL_ECP_FIXED_POINT_OPTIM)
214 /*
215  * Trade memory for speed on fixed-point multiplication.
216  *
217  * This speeds up repeated multiplication of the generator (that is, the
218  * multiplication in ECDSA signatures, and half of the multiplications in
219  * ECDSA verification and ECDHE) by a factor roughly 3 to 4.
220  *
221  * The cost is increasing EC peak memory usage by a factor roughly 2.
222  *
223  * Change this value to 0 to reduce peak memory usage.
224  */
225 #define POLARSSL_ECP_FIXED_POINT_OPTIM 1
226 #endif /* POLARSSL_ECP_FIXED_POINT_OPTIM */
227 
228 /* \} name SECTION: Module settings */
229 
230 /*
231  * Point formats, from RFC 4492's enum ECPointFormat
232  */
233 #define POLARSSL_ECP_PF_UNCOMPRESSED 0
234 #define POLARSSL_ECP_PF_COMPRESSED 1
236 /*
237  * Some other constants from RFC 4492
238  */
239 #define POLARSSL_ECP_TLS_NAMED_CURVE 3
247 const ecp_curve_info *ecp_curve_list( void );
248 
256 const ecp_group_id *ecp_grp_id_list( void );
257 
266 
274 const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id );
275 
283 const ecp_curve_info *ecp_curve_info_from_name( const char *name );
284 
288 void ecp_point_init( ecp_point *pt );
289 
293 void ecp_group_init( ecp_group *grp );
294 
298 void ecp_keypair_init( ecp_keypair *key );
299 
303 void ecp_point_free( ecp_point *pt );
304 
308 void ecp_group_free( ecp_group *grp );
309 
313 void ecp_keypair_free( ecp_keypair *key );
314 
324 int ecp_copy( ecp_point *P, const ecp_point *Q );
325 
335 int ecp_group_copy( ecp_group *dst, const ecp_group *src );
336 
345 int ecp_set_zero( ecp_point *pt );
346 
354 int ecp_is_zero( ecp_point *pt );
355 
366 int ecp_point_read_string( ecp_point *P, int radix,
367  const char *x, const char *y );
368 
383 int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P,
384  int format, size_t *olen,
385  unsigned char *buf, size_t buflen );
386 
405 int ecp_point_read_binary( const ecp_group *grp, ecp_point *P,
406  const unsigned char *buf, size_t ilen );
407 
420 int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt,
421  const unsigned char **buf, size_t len );
422 
437 int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt,
438  int format, size_t *olen,
439  unsigned char *buf, size_t blen );
440 
456 int ecp_group_read_string( ecp_group *grp, int radix,
457  const char *p, const char *b,
458  const char *gx, const char *gy, const char *n);
459 
473 int ecp_use_known_dp( ecp_group *grp, ecp_group_id index );
474 
486 int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len );
487 
499 int ecp_tls_write_group( const ecp_group *grp, size_t *olen,
500  unsigned char *buf, size_t blen );
501 
516 int ecp_add( const ecp_group *grp, ecp_point *R,
517  const ecp_point *P, const ecp_point *Q );
518 
533 int ecp_sub( const ecp_group *grp, ecp_point *R,
534  const ecp_point *P, const ecp_point *Q );
535 
562 int ecp_mul( ecp_group *grp, ecp_point *R,
563  const mpi *m, const ecp_point *P,
564  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
565 
587 int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt );
588 
602 int ecp_check_privkey( const ecp_group *grp, const mpi *d );
603 
620 int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q,
621  int (*f_rng)(void *, unsigned char *, size_t),
622  void *p_rng );
623 
635 int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key,
636  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
637 
638 #if defined(POLARSSL_SELF_TEST)
639 
644 int ecp_self_test( int verbose );
645 #endif
646 
647 #ifdef __cplusplus
648 }
649 #endif
650 
651 #endif /* ecp.h */