ReactOS
0.4.15dev5459gb85f005

This file contains ECDSA definitions and functions. More...
Go to the source code of this file.
Macros  
#define  MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) 
#define  MBEDTLS_DEPRECATED 
Typedefs  
typedef mbedtls_ecp_keypair  mbedtls_ecdsa_context 
The ECDSA context structure. More...  
typedef void  mbedtls_ecdsa_restart_ctx 
Functions  
int  mbedtls_ecdsa_sign (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) 
This function computes the ECDSA signature of a previouslyhashed message. More...  
int  mbedtls_ecdsa_sign_det (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg) 
This function computes the ECDSA signature of a previouslyhashed message, deterministic version. More...  
int  mbedtls_ecdsa_sign_det_ext (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg, int(*f_rng_blind)(void *, unsigned char *, size_t), void *p_rng_blind) 
This function computes the ECDSA signature of a previouslyhashed message, deterministic version. More...  
int  mbedtls_ecdsa_verify (mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) 
This function verifies the ECDSA signature of a previouslyhashed message. More...  
int  mbedtls_ecdsa_write_signature (mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) 
This function computes the ECDSA signature and writes it to a buffer, serialized as defined in RFC4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). More...  
int  mbedtls_ecdsa_write_signature_restartable (mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx) 
This function computes the ECDSA signature and writes it to a buffer, in a restartable way. More...  
int  mbedtls_ecdsa_write_signature_det (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED 
This function computes an ECDSA signature and writes it to a buffer, serialized as defined in RFC4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). More...  
int  mbedtls_ecdsa_read_signature (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen) 
This function reads and verifies an ECDSA signature. More...  
int  mbedtls_ecdsa_read_signature_restartable (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx) 
This function reads and verifies an ECDSA signature, in a restartable way. More...  
int  mbedtls_ecdsa_genkey (mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) 
This function generates an ECDSA keypair on the given curve. More...  
int  mbedtls_ecdsa_from_keypair (mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) 
This function sets up an ECDSA context from an EC key pair. More...  
void  mbedtls_ecdsa_init (mbedtls_ecdsa_context *ctx) 
This function initializes an ECDSA context. More...  
void  mbedtls_ecdsa_free (mbedtls_ecdsa_context *ctx) 
This function frees an ECDSA context. More...  
This file contains ECDSA definitions and functions.
The Elliptic Curve Digital Signature Algorithm (ECDSA) is defined in Standards for Efficient Cryptography Group (SECG): SEC1 Elliptic Curve Cryptography. The use of ECDSA for TLS is defined in RFC4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
Definition in file ecdsa.h.
#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) 
typedef void mbedtls_ecdsa_restart_ctx 
void mbedtls_ecdsa_free  (  mbedtls_ecdsa_context *  ctx  ) 
int mbedtls_ecdsa_from_keypair  (  mbedtls_ecdsa_context *  ctx, 
const mbedtls_ecp_keypair *  key  
) 
This function sets up an ECDSA context from an EC key pair.
ctx  The ECDSA context to setup. This must be initialized. 
key  The EC key to use. This must be initialized and hold a privatepublic key pair or a public key. In the former case, the ECDSA context may be used for signature creation and verification after this call. In the latter case, it may be used for signature verification. 
0
on success. MBEDTLS_ERR_ECP_XXX
code on failure. int mbedtls_ecdsa_genkey  (  mbedtls_ecdsa_context *  ctx, 
mbedtls_ecp_group_id  gid,  
int(*)(void *, unsigned char *, size_t)  f_rng,  
void *  p_rng  
) 
This function generates an ECDSA keypair on the given curve.
ctx  The ECDSA context to store the keypair in. This must be initialized. 
gid  The elliptic curve to use. One of the various MBEDTLS_ECP_DP_XXX macros depending on configuration. 
f_rng  The RNG function to use. This must not be NULL . 
p_rng  The RNG context to be passed to f_rng . This may be NULL if f_rng doesn't need a context argument. 
0
on success. MBEDTLS_ERR_ECP_XXX
code on failure. void mbedtls_ecdsa_init  (  mbedtls_ecdsa_context *  ctx  ) 
int mbedtls_ecdsa_read_signature  (  mbedtls_ecdsa_context *  ctx, 
const unsigned char *  hash,  
size_t  hlen,  
const unsigned char *  sig,  
size_t  slen  
) 
This function reads and verifies an ECDSA signature.
ctx  The ECDSA context to use. This must be initialized and have a group and public key bound to it. 
hash  The message hash that was signed. This must be a readable buffer of length size Bytes. 
hlen  The size of the hash hash . 
sig  The signature to read and verify. This must be a readable buffer of length slen Bytes. 
slen  The size of sig in Bytes. 
0
on success. sig
, but its length is less than siglen
. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_ERR_MPI_XXX
error code on failure for any other reason. int mbedtls_ecdsa_read_signature_restartable  (  mbedtls_ecdsa_context *  ctx, 
const unsigned char *  hash,  
size_t  hlen,  
const unsigned char *  sig,  
size_t  slen,  
mbedtls_ecdsa_restart_ctx *  rs_ctx  
) 
This function reads and verifies an ECDSA signature, in a restartable way.
mbedtls_ecdsa_read_signature()
mbedtls_ecdsa_read_signature()
but it can return early and restart according to the limit set with mbedtls_ecp_set_max_ops()
to reduce blocking.ctx  The ECDSA context to use. This must be initialized and have a group and public key bound to it. 
hash  The message hash that was signed. This must be a readable buffer of length size Bytes. 
hlen  The size of the hash hash . 
sig  The signature to read and verify. This must be a readable buffer of length slen Bytes. 
slen  The size of sig in Bytes. 
rs_ctx  The restart context to use. This may be NULL to disable restarting. If it is not NULL , it must point to an initialized restart context. 
0
on success. sig
, but its length is less than siglen
. mbedtls_ecp_set_max_ops()
. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_ERR_MPI_XXX
error code on failure for any other reason. int mbedtls_ecdsa_sign  (  mbedtls_ecp_group *  grp, 
mbedtls_mpi *  r,  
mbedtls_mpi *  s,  
const mbedtls_mpi *  d,  
const unsigned char *  buf,  
size_t  blen,  
int(*)(void *, unsigned char *, size_t)  f_rng,  
void *  p_rng  
) 
This function computes the ECDSA signature of a previouslyhashed message.
grp  The context for the elliptic curve to use. This must be initialized and have group parameters set, for example through mbedtls_ecp_group_load(). 
r  The MPI context in which to store the first part the signature. This must be initialized. 
s  The MPI context in which to store the second part the signature. This must be initialized. 
d  The private signing key. This must be initialized. 
buf  The content to be signed. This is usually the hash of the original data to be signed. This must be a readable buffer of length blen Bytes. It may be NULL if blen is zero. 
blen  The length of buf in Bytes. 
f_rng  The RNG function. This must not be NULL . 
p_rng  The RNG context to be passed to f_rng . This may be NULL if f_rng doesn't need a context parameter. 
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure. int mbedtls_ecdsa_sign_det  (  mbedtls_ecp_group *  grp, 
mbedtls_mpi *  r,  
mbedtls_mpi *  s,  
const mbedtls_mpi *  d,  
const unsigned char *  buf,  
size_t  blen,  
mbedtls_md_type_t  md_alg  
) 
This function computes the ECDSA signature of a previouslyhashed message, deterministic version.
For more information, see RFC6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
(Optimally the blinding is a random value that is different on every execution. In this case the blinding is still random from the attackers perspective, but is the same on each execution. This means that this blinding does not prevent attackers from recovering secrets by combining several measurement traces, but may prevent some attacks that exploit relationships between secret data.)
grp  The context for the elliptic curve to use. This must be initialized and have group parameters set, for example through mbedtls_ecp_group_load(). 
r  The MPI context in which to store the first part the signature. This must be initialized. 
s  The MPI context in which to store the second part the signature. This must be initialized. 
d  The private signing key. This must be initialized and setup, for example through mbedtls_ecp_gen_privkey(). 
buf  The hashed content to be signed. This must be a readable buffer of length blen Bytes. It may be NULL if blen is zero. 
blen  The length of buf in Bytes. 
md_alg  The hash algorithm used to hash the original data. 
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure. int mbedtls_ecdsa_sign_det_ext  (  mbedtls_ecp_group *  grp, 
mbedtls_mpi *  r,  
mbedtls_mpi *  s,  
const mbedtls_mpi *  d,  
const unsigned char *  buf,  
size_t  blen,  
mbedtls_md_type_t  md_alg,  
int(*)(void *, unsigned char *, size_t)  f_rng_blind,  
void *  p_rng_blind  
) 
This function computes the ECDSA signature of a previouslyhashed message, deterministic version.
For more information, see RFC6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
grp  The context for the elliptic curve to use. This must be initialized and have group parameters set, for example through mbedtls_ecp_group_load(). 
r  The MPI context in which to store the first part the signature. This must be initialized. 
s  The MPI context in which to store the second part the signature. This must be initialized. 
d  The private signing key. This must be initialized and setup, for example through mbedtls_ecp_gen_privkey(). 
buf  The hashed content to be signed. This must be a readable buffer of length blen Bytes. It may be NULL if blen is zero. 
blen  The length of buf in Bytes. 
md_alg  The hash algorithm used to hash the original data. 
f_rng_blind  The RNG function used for blinding. This must not be NULL . 
p_rng_blind  The RNG context to be passed to f_rng . This may be NULL if f_rng doesn't need a context parameter. 
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure. int mbedtls_ecdsa_verify  (  mbedtls_ecp_group *  grp, 
const unsigned char *  buf,  
size_t  blen,  
const mbedtls_ecp_point *  Q,  
const mbedtls_mpi *  r,  
const mbedtls_mpi *  s  
) 
This function verifies the ECDSA signature of a previouslyhashed message.
grp  The ECP group to use. This must be initialized and have group parameters set, for example through mbedtls_ecp_group_load(). 
buf  The hashed content that was signed. This must be a readable buffer of length blen Bytes. It may be NULL if blen is zero. 
blen  The length of buf in Bytes. 
Q  The public key to use for verification. This must be initialized and setup. 
r  The first integer of the signature. This must be initialized. 
s  The second integer of the signature. This must be initialized. 
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure for any other reason. int mbedtls_ecdsa_write_signature  (  mbedtls_ecdsa_context *  ctx, 
mbedtls_md_type_t  md_alg,  
const unsigned char *  hash,  
size_t  hlen,  
unsigned char *  sig,  
size_t *  slen,  
int(*)(void *, unsigned char *, size_t)  f_rng,  
void *  p_rng  
) 
This function computes the ECDSA signature and writes it to a buffer, serialized as defined in RFC4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
ctx  The ECDSA context to use. This must be initialized and have a group and private key bound to it, for example via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). 
md_alg  The message digest that was used to hash the message. 
hash  The message hash to be signed. This must be a readable buffer of length blen Bytes. 
hlen  The length of the hash hash in Bytes. 
sig  The buffer to which to write the signature. This must be a writable buffer of length at least twice as large as the size of the curve used, plus 9. For example, 73 Bytes if a 256bit curve is used. A buffer length of MBEDTLS_ECDSA_MAX_LEN is always safe. 
slen  The address at which to store the actual length of the signature written. Must not be NULL . 
f_rng  The RNG function. This must not be NULL if MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise, it is unused and may be set to NULL . 
p_rng  The RNG context to be passed to f_rng . This may be NULL if f_rng is NULL or doesn't use a context. 
0
on success. MBEDTLS_ERR_ECP_XXX
, MBEDTLS_ERR_MPI_XXX
or MBEDTLS_ERR_ASN1_XXX
error code on failure. int mbedtls_ecdsa_write_signature_det  (  mbedtls_ecdsa_context *  ctx, 
const unsigned char *  hash,  
size_t  hlen,  
unsigned char *  sig,  
size_t *  slen,  
mbedtls_md_type_t  md_alg  
) 
This function computes an ECDSA signature and writes it to a buffer, serialized as defined in RFC4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
The deterministic version is defined in RFC6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
ctx  The ECDSA context to use. This must be initialized and have a group and private key bound to it, for example via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). 
hash  The message hash to be signed. This must be a readable buffer of length blen Bytes. 
hlen  The length of the hash hash in Bytes. 
sig  The buffer to which to write the signature. This must be a writable buffer of length at least twice as large as the size of the curve used, plus 9. For example, 73 Bytes if a 256bit curve is used. A buffer length of MBEDTLS_ECDSA_MAX_LEN is always safe. 
slen  The address at which to store the actual length of the signature written. Must not be NULL . 
md_alg  The message digest that was used to hash the message. 
0
on success. MBEDTLS_ERR_ECP_XXX
, MBEDTLS_ERR_MPI_XXX
or MBEDTLS_ERR_ASN1_XXX
error code on failure. int mbedtls_ecdsa_write_signature_restartable  (  mbedtls_ecdsa_context *  ctx, 
mbedtls_md_type_t  md_alg,  
const unsigned char *  hash,  
size_t  hlen,  
unsigned char *  sig,  
size_t *  slen,  
int(*)(void *, unsigned char *, size_t)  f_rng,  
void *  p_rng,  
mbedtls_ecdsa_restart_ctx *  rs_ctx  
) 
This function computes the ECDSA signature and writes it to a buffer, in a restartable way.
mbedtls_ecdsa_write_signature()
mbedtls_ecdsa_write_signature()
but it can return early and restart according to the limit set with mbedtls_ecp_set_max_ops()
to reduce blocking.ctx  The ECDSA context to use. This must be initialized and have a group and private key bound to it, for example via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). 
md_alg  The message digest that was used to hash the message. 
hash  The message hash to be signed. This must be a readable buffer of length blen Bytes. 
hlen  The length of the hash hash in Bytes. 
sig  The buffer to which to write the signature. This must be a writable buffer of length at least twice as large as the size of the curve used, plus 9. For example, 73 Bytes if a 256bit curve is used. A buffer length of MBEDTLS_ECDSA_MAX_LEN is always safe. 
slen  The address at which to store the actual length of the signature written. Must not be NULL . 
f_rng  The RNG function. This must not be NULL if MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise, it is unused and may be set to NULL . 
p_rng  The RNG context to be passed to f_rng . This may be NULL if f_rng is NULL or doesn't use a context. 
rs_ctx  The restart context to use. This may be NULL to disable restarting. If it is not NULL , it must point to an initialized restart context. 
0
on success. mbedtls_ecp_set_max_ops()
. MBEDTLS_ERR_ECP_XXX
, MBEDTLS_ERR_MPI_XXX
or MBEDTLS_ERR_ASN1_XXX
error code on failure.