1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
/*
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal EC functions for other submodules: not for application use */
#ifndef OSSL_CRYPTO_ECX_H
# define OSSL_CRYPTO_ECX_H
# pragma once
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_ECX
# include <openssl/core.h>
# include <openssl/e_os2.h>
# include <openssl/crypto.h>
# include "internal/refcount.h"
# include "crypto/types.h"
# define X25519_KEYLEN 32
# define X448_KEYLEN 56
# define ED25519_KEYLEN 32
# define ED448_KEYLEN 57
# define MAX_KEYLEN ED448_KEYLEN
# define X25519_BITS 253
# define X25519_SECURITY_BITS 128
# define X448_BITS 448
# define X448_SECURITY_BITS 224
# define ED25519_BITS 256
/* RFC8032 Section 8.5 */
# define ED25519_SECURITY_BITS 128
# define ED25519_SIGSIZE 64
# define ED448_BITS 456
/* RFC8032 Section 8.5 */
# define ED448_SECURITY_BITS 224
# define ED448_SIGSIZE 114
typedef enum {
ECX_KEY_TYPE_X25519,
ECX_KEY_TYPE_X448,
ECX_KEY_TYPE_ED25519,
ECX_KEY_TYPE_ED448
} ECX_KEY_TYPE;
#define KEYTYPE2NID(type) \
((type) == ECX_KEY_TYPE_X25519 \
? EVP_PKEY_X25519 \
: ((type) == ECX_KEY_TYPE_X448 \
? EVP_PKEY_X448 \
: ((type) == ECX_KEY_TYPE_ED25519 \
? EVP_PKEY_ED25519 \
: EVP_PKEY_ED448)))
struct ecx_key_st {
OSSL_LIB_CTX *libctx;
char *propq;
unsigned int haspubkey:1;
unsigned char pubkey[MAX_KEYLEN];
unsigned char *privkey;
size_t keylen;
ECX_KEY_TYPE type;
CRYPTO_REF_COUNT references;
};
size_t ossl_ecx_key_length(ECX_KEY_TYPE type);
ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type,
int haspubkey, const char *propq);
void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx);
unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key);
void ossl_ecx_key_free(ECX_KEY *key);
int ossl_ecx_key_up_ref(ECX_KEY *key);
ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection);
int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen,
unsigned char *secret, size_t *secretlen,
size_t outlen);
int ossl_x25519(uint8_t out_shared_key[32], const uint8_t private_key[32],
const uint8_t peer_public_value[32]);
void ossl_x25519_public_from_private(uint8_t out_public_value[32],
const uint8_t private_key[32]);
int
ossl_ed25519_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[32],
const uint8_t private_key[32],
const char *propq);
int
ossl_ed25519_sign(uint8_t *out_sig, const uint8_t *tbs, size_t tbs_len,
const uint8_t public_key[32], const uint8_t private_key[32],
const uint8_t dom2flag, const uint8_t phflag, const uint8_t csflag,
const uint8_t *context, size_t context_len,
OSSL_LIB_CTX *libctx, const char *propq);
int
ossl_ed25519_verify(const uint8_t *tbs, size_t tbs_len,
const uint8_t signature[64], const uint8_t public_key[32],
const uint8_t dom2flag, const uint8_t phflag, const uint8_t csflag,
const uint8_t *context, size_t context_len,
OSSL_LIB_CTX *libctx, const char *propq);
int
ossl_ed448_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[57],
const uint8_t private_key[57], const char *propq);
int
ossl_ed448_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig,
const uint8_t *message, size_t message_len,
const uint8_t public_key[57], const uint8_t private_key[57],
const uint8_t *context, size_t context_len,
const uint8_t phflag, const char *propq);
int
ossl_ed448_verify(OSSL_LIB_CTX *ctx,
const uint8_t *message, size_t message_len,
const uint8_t signature[114], const uint8_t public_key[57],
const uint8_t *context, size_t context_len,
const uint8_t phflag, const char *propq);
int
ossl_x448(uint8_t out_shared_key[56], const uint8_t private_key[56],
const uint8_t peer_public_value[56]);
void
ossl_x448_public_from_private(uint8_t out_public_value[56],
const uint8_t private_key[56]);
/* Backend support */
typedef enum {
KEY_OP_PUBLIC,
KEY_OP_PRIVATE,
KEY_OP_KEYGEN
} ecx_key_op_t;
ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg,
const unsigned char *p, int plen,
int pkey_id, ecx_key_op_t op,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_ecx_public_from_private(ECX_KEY *key);
int ossl_ecx_key_fromdata(ECX_KEY *ecx, const OSSL_PARAM params[],
int include_private);
ECX_KEY *ossl_ecx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
ECX_KEY *ossl_evp_pkey_get1_X25519(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_X448(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_ED25519(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_ED448(EVP_PKEY *pkey);
# endif /* OPENSSL_NO_ECX */
#endif
|
