ecdsa.h 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114
  1. /*############################################################################
  2. # Copyright 2016-2017 Intel Corporation
  3. #
  4. # Licensed under the Apache License, Version 2.0 (the "License");
  5. # you may not use this file except in compliance with the License.
  6. # You may obtain a copy of the License at
  7. #
  8. # http://www.apache.org/licenses/LICENSE-2.0
  9. #
  10. # Unless required by applicable law or agreed to in writing, software
  11. # distributed under the License is distributed on an "AS IS" BASIS,
  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. # See the License for the specific language governing permissions and
  14. # limitations under the License.
  15. ############################################################################*/
  16. /*!
  17. * \file
  18. * \brief Ecdsa interface.
  19. */
  20. #ifndef EPID_COMMON_MATH_ECDSA_H_
  21. #define EPID_COMMON_MATH_ECDSA_H_
  22. #include <stddef.h>
  23. #include "epid/common/bitsupplier.h"
  24. #include "epid/common/errors.h"
  25. #include "epid/common/types.h"
  26. /// Elliptic Curve Digital Signature Algorithm Primitives
  27. /*!
  28. \defgroup EcdsaPrimitives ecdsa
  29. Provides APIs for computing and checking buffer signatures using the
  30. Elliptic Curve Digital Signature Algorithm.
  31. \ingroup EpidMath
  32. @{
  33. */
  34. /// Verifies authenticity of a digital signature over a buffer
  35. /*!
  36. Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to verify
  37. that the SHA-256 hash of the input buffer was signed with the
  38. private key corresponding to the provided public key.
  39. The operation is over the standard secp256r1 curve.
  40. \warning
  41. It is the responsibility of the caller to verify the identity of
  42. the public key.
  43. \param[in] buf
  44. Pointer to buffer containing message to verify.
  45. \param[in] buf_len
  46. The size of buf in bytes.
  47. \param[in] pubkey
  48. The ECDSA public key on secp256r1 curve.
  49. \param[in] sig
  50. The ECDSA signature to be verified.
  51. \returns ::EpidStatus
  52. \retval ::kEpidSigValid
  53. EcdsaSignature is valid for the given buffer.
  54. \retval ::kEpidSigInvalid
  55. EcdsaSignature is invalid for the given buffer.
  56. \see EcdsaSignBuffer
  57. */
  58. EpidStatus EcdsaVerifyBuffer(ConstOctStr buf, size_t buf_len,
  59. EcdsaPublicKey const* pubkey,
  60. EcdsaSignature const* sig);
  61. /// Creates ECDSA signature of buffer
  62. /*!
  63. Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to generate
  64. a signature of the SHA-256 hash of the input buffer with the provided
  65. private key.
  66. The operation is over the standard secp256r1 curve.
  67. \param[in] buf
  68. Pointer to buffer containing message to sign.
  69. \param[in] buf_len
  70. The size of buf in bytes.
  71. \param[in] privkey
  72. The ECDSA private key on secp256r1 curve.
  73. \param[in] rnd_func
  74. Random number generator.
  75. \param[in] rnd_param
  76. Pass through context data for rnd_func.
  77. \param[out] sig
  78. The resulting ECDSA signature.
  79. \returns ::EpidStatus
  80. \retval ::kEpidRandMaxIterErr
  81. Failed to sign after maximum number of iterations due to bad luck in
  82. random number generation.
  83. \see EcdsaSignBuffer
  84. */
  85. EpidStatus EcdsaSignBuffer(ConstOctStr buf, size_t buf_len,
  86. EcdsaPrivateKey const* privkey, BitSupplier rnd_func,
  87. void* rnd_param, EcdsaSignature* sig);
  88. /*!
  89. @}
  90. */
  91. #endif // EPID_COMMON_MATH_ECDSA_H_