1 /* $OpenBSD: ecdsa.h,v 1.8 2019/01/19 01:17:41 tb Exp $ */ 2 /** 3 * Include file for the OpenSSL ECDSA functions 4 * 5 * Author: Written by Nils Larsch for the OpenSSL project 6 */ 7 /* ==================================================================== 8 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in 19 * the documentation and/or other materials provided with the 20 * distribution. 21 * 22 * 3. All advertising materials mentioning features or use of this 23 * software must display the following acknowledgment: 24 * "This product includes software developed by the OpenSSL Project 25 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 26 * 27 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 28 * endorse or promote products derived from this software without 29 * prior written permission. For written permission, please contact 30 * licensing@OpenSSL.org. 31 * 32 * 5. Products derived from this software may not be called "OpenSSL" 33 * nor may "OpenSSL" appear in their names without prior written 34 * permission of the OpenSSL Project. 35 * 36 * 6. Redistributions of any form whatsoever must retain the following 37 * acknowledgment: 38 * "This product includes software developed by the OpenSSL Project 39 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 42 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 44 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 45 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 46 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 47 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 48 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 49 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 50 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 51 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 52 * OF THE POSSIBILITY OF SUCH DAMAGE. 53 * ==================================================================== 54 * 55 * This product includes cryptographic software written by Eric Young 56 * (eay@cryptsoft.com). This product includes software written by Tim 57 * Hudson (tjh@cryptsoft.com). 58 * 59 */ 60 module libressl_d.openssl.ecdsa; 61 62 63 private static import core.stdc.config; 64 public import libressl_d.openssl.ec; 65 public import libressl_d.openssl.opensslconf; 66 public import libressl_d.openssl.ossl_typ; 67 68 version (OPENSSL_NO_ECDSA) { 69 static assert(false, "ECDSA is disabled."); 70 } 71 72 version (OPENSSL_NO_DEPRECATED) { 73 } else { 74 public import libressl_d.openssl.bn; 75 } 76 77 extern (C): 78 nothrow @nogc: 79 80 alias ECDSA_SIG = .ECDSA_SIG_st; 81 82 struct ecdsa_method 83 { 84 const (char)* name; 85 .ECDSA_SIG* function(const (ubyte)* dgst, int dgst_len, const (libressl_d.openssl.ossl_typ.BIGNUM)* inv, const (libressl_d.openssl.ossl_typ.BIGNUM)* rp, libressl_d.openssl.ec.EC_KEY* eckey) ecdsa_do_sign; 86 int function(libressl_d.openssl.ec.EC_KEY* eckey, libressl_d.openssl.ossl_typ.BN_CTX* ctx, libressl_d.openssl.ossl_typ.BIGNUM** kinv, libressl_d.openssl.ossl_typ.BIGNUM** r) ecdsa_sign_setup; 87 int function(const (ubyte)* dgst, int dgst_len, const (.ECDSA_SIG)* sig, libressl_d.openssl.ec.EC_KEY* eckey) ecdsa_do_verify; 88 89 version (none) { 90 int function(libressl_d.openssl.ec.EC_KEY* eckey) init; 91 int function(libressl_d.openssl.ec.EC_KEY* eckey) finish; 92 } 93 94 int flags; 95 char* app_data; 96 } 97 98 /* 99 * If this flag is set the ECDSA method is FIPS compliant and can be used 100 * in FIPS mode. This is set in the validated module method. If an 101 * application sets this flag in its own methods it is its responsibility 102 * to ensure the result is compliant. 103 */ 104 105 enum ECDSA_FLAG_FIPS_METHOD = 0x01; 106 107 struct ECDSA_SIG_st 108 { 109 libressl_d.openssl.ossl_typ.BIGNUM* r; 110 libressl_d.openssl.ossl_typ.BIGNUM* s; 111 } 112 113 /** 114 * Allocates and initialize a ECDSA_SIG structure 115 * 116 * Returns: pointer to a ECDSA_SIG structure or null if an error occurred 117 */ 118 .ECDSA_SIG* ECDSA_SIG_new(); 119 120 /** 121 * frees a ECDSA_SIG structure 122 * 123 * Params: 124 * sig = pointer to the ECDSA_SIG structure 125 */ 126 void ECDSA_SIG_free(.ECDSA_SIG* sig); 127 128 /** 129 * DER encode content of ECDSA_SIG object (note: this function modifies *pp 130 * (*pp += length of the DER encoded signature)). 131 * 132 * Params: 133 * sig = pointer to the ECDSA_SIG object 134 * pp = pointer to a ubyte pointer for the output or null 135 * 136 * Returns: the length of the DER encoded ECDSA_SIG object or 0 137 */ 138 int i2d_ECDSA_SIG(const (.ECDSA_SIG)* sig, ubyte** pp); 139 140 /** 141 * Decodes a DER encoded ECDSA signature (note: this function changes *pp 142 * (*pp += len)). 143 * 144 * Params: 145 * sig = pointer to ECDSA_SIG pointer (may be null) 146 * pp = memory buffer with the DER encoded signature 147 * len = length of the buffer 148 * 149 * Returns: pointer to the decoded ECDSA_SIG structure (or null) 150 */ 151 .ECDSA_SIG* d2i_ECDSA_SIG(.ECDSA_SIG** sig, const (ubyte)** pp, core.stdc.config.c_long len); 152 153 /** 154 * Accessor for r and s fields of ECDSA_SIG 155 * 156 * Params: 157 * sig = pointer to ECDSA_SIG pointer 158 * pr = pointer to BIGNUM pointer for r (may be null) 159 * ps = pointer to BIGNUM pointer for s (may be null) 160 */ 161 void ECDSA_SIG_get0(const (.ECDSA_SIG)* sig, const (libressl_d.openssl.ossl_typ.BIGNUM)** pr, const (libressl_d.openssl.ossl_typ.BIGNUM)** ps); 162 163 /** 164 * Setter for r and s fields of ECDSA_SIG 165 * 166 * Params: 167 * sig = pointer to ECDSA_SIG pointer 168 * r = pointer to BIGNUM for r (may be null) 169 * s = pointer to BIGNUM for s (may be null) 170 */ 171 int ECDSA_SIG_set0(.ECDSA_SIG* sig, libressl_d.openssl.ossl_typ.BIGNUM* r, libressl_d.openssl.ossl_typ.BIGNUM* s); 172 173 /** 174 * Computes the ECDSA signature of the given hash value using the supplied private key and returns the created signature. 175 * 176 * Params: 177 * dgst = pointer to the hash value 178 * dgst_len = length of the hash value 179 * eckey = EC_KEY object containing a private EC key 180 * 181 * Returns: pointer to a ECDSA_SIG structure or null if an error occurred 182 */ 183 .ECDSA_SIG* ECDSA_do_sign(const (ubyte)* dgst, int dgst_len, libressl_d.openssl.ec.EC_KEY* eckey); 184 185 /** 186 * Computes ECDSA signature of a given hash value using the supplied private key (note: sig must point to ECDSA_size(eckey) bytes of memory). 187 * 188 * Params: 189 * dgst = pointer to the hash value to sign 190 * dgstlen = length of the hash value 191 * kinv = BIGNUM with a pre-computed inverse k (optional) 192 * rp = BIGNUM with a pre-computed rp value (optioanl), see ECDSA_sign_setup 193 * eckey = EC_KEY object containing a private EC key 194 * 195 * Returns: pointer to a ECDSA_SIG structure or null if an error occurred 196 */ 197 .ECDSA_SIG* ECDSA_do_sign_ex(const (ubyte)* dgst, int dgstlen, const (libressl_d.openssl.ossl_typ.BIGNUM)* kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* rp, libressl_d.openssl.ec.EC_KEY* eckey); 198 199 /** 200 * Verifies that the supplied signature is a valid ECDSA signature of the supplied hash value using the supplied public key. 201 * 202 * Params: 203 * dgst = pointer to the hash value 204 * dgst_len = length of the hash value 205 * sig = ECDSA_SIG structure 206 * eckey = EC_KEY object containing a public EC key 207 * 208 * Returns: 1 if the signature is valid, 0 if the signature is invalid and -1 on error 209 */ 210 int ECDSA_do_verify(const (ubyte)* dgst, int dgst_len, const (.ECDSA_SIG)* sig, libressl_d.openssl.ec.EC_KEY* eckey); 211 212 const (libressl_d.openssl.ossl_typ.ECDSA_METHOD)* ECDSA_OpenSSL(); 213 214 /** 215 * Sets the default ECDSA method 216 * 217 * Params: 218 * meth = new default ECDSA_METHOD 219 */ 220 void ECDSA_set_default_method(const (libressl_d.openssl.ossl_typ.ECDSA_METHOD)* meth); 221 222 /** 223 * Returns the default ECDSA method 224 * 225 * Returns: pointer to ECDSA_METHOD structure containing the default method 226 */ 227 const (libressl_d.openssl.ossl_typ.ECDSA_METHOD)* ECDSA_get_default_method(); 228 229 /** 230 * Sets method to be used for the ECDSA operations 231 * 232 * Params: 233 * eckey = EC_KEY object 234 * meth = new method 235 * 236 * Returns: 1 on success and 0 otherwise 237 */ 238 int ECDSA_set_method(libressl_d.openssl.ec.EC_KEY* eckey, const (libressl_d.openssl.ossl_typ.ECDSA_METHOD)* meth); 239 240 /** 241 * Returns the maximum length of the DER encoded signature 242 * 243 * Params: 244 * eckey = EC_KEY object 245 * 246 * Returns: numbers of bytes required for the DER encoded signature 247 */ 248 int ECDSA_size(const (libressl_d.openssl.ec.EC_KEY)* eckey); 249 250 /** 251 * Precompute parts of the signing operation 252 * 253 * Params: 254 * eckey = EC_KEY object containing a private EC key 255 * ctx = BN_CTX object (optional) 256 * kinv = BIGNUM pointer for the inverse of k 257 * rp = BIGNUM pointer for x coordinate of k * generator 258 * 259 * Returns: 1 on success and 0 otherwise 260 */ 261 int ECDSA_sign_setup(libressl_d.openssl.ec.EC_KEY* eckey, libressl_d.openssl.ossl_typ.BN_CTX* ctx, libressl_d.openssl.ossl_typ.BIGNUM** kinv, libressl_d.openssl.ossl_typ.BIGNUM** rp); 262 263 /** 264 * Computes ECDSA signature of a given hash value using the supplied private key (note: sig must point to ECDSA_size(eckey) bytes of memory). 265 * 266 * Params: 267 * type = this parameter is ignored 268 * dgst = pointer to the hash value to sign 269 * dgstlen = length of the hash value 270 * sig = memory for the DER encoded created signature 271 * siglen = pointer to the length of the returned signature 272 * eckey = EC_KEY object containing a private EC key 273 * 274 * Returns: 1 on success and 0 otherwise 275 */ 276 int ECDSA_sign(int type, const (ubyte)* dgst, int dgstlen, ubyte* sig, uint* siglen, libressl_d.openssl.ec.EC_KEY* eckey); 277 278 /** 279 * Computes ECDSA signature of a given hash value using the supplied private key (note: sig must point to ECDSA_size(eckey) bytes of memory). 280 * 281 * Params: 282 * type = this parameter is ignored 283 * dgst = pointer to the hash value to sign 284 * dgstlen = length of the hash value 285 * sig = buffer to hold the DER encoded signature 286 * siglen = pointer to the length of the returned signature 287 * kinv = BIGNUM with a pre-computed inverse k (optional) 288 * rp = BIGNUM with a pre-computed rp value (optioanl), see ECDSA_sign_setup 289 * eckey = EC_KEY object containing a private EC key 290 * 291 * Returns: 1 on success and 0 otherwise 292 */ 293 int ECDSA_sign_ex(int type, const (ubyte)* dgst, int dgstlen, ubyte* sig, uint* siglen, const (libressl_d.openssl.ossl_typ.BIGNUM)* kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* rp, libressl_d.openssl.ec.EC_KEY* eckey); 294 295 /** 296 * Verifies that the given signature is valid ECDSA signature of the supplied hash value using the specified public key. 297 * 298 * Params: 299 * type = this parameter is ignored 300 * dgst = pointer to the hash value 301 * dgstlen = length of the hash value 302 * sig = pointer to the DER encoded signature 303 * siglen = length of the DER encoded signature 304 * eckey = EC_KEY object containing a public EC key 305 * 306 * Returns: 1 if the signature is valid, 0 if the signature is invalid and -1 on error 307 */ 308 int ECDSA_verify(int type, const (ubyte)* dgst, int dgstlen, const (ubyte)* sig, int siglen, libressl_d.openssl.ec.EC_KEY* eckey); 309 310 /* the standard ex_data functions */ 311 int ECDSA_get_ex_new_index(core.stdc.config.c_long argl, void* argp, libressl_d.openssl.ossl_typ.CRYPTO_EX_new* new_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_dup* dup_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_free* free_func); 312 int ECDSA_set_ex_data(libressl_d.openssl.ec.EC_KEY* d, int idx, void* arg); 313 void* ECDSA_get_ex_data(libressl_d.openssl.ec.EC_KEY* d, int idx); 314 315 /* XXX should be in ec.h, but needs ECDSA_SIG */ 316 void EC_KEY_METHOD_set_sign(libressl_d.openssl.ec.EC_KEY_METHOD* meth, int function(int type, const (ubyte)* dgst, int dlen, ubyte* sig, uint* siglen, const (libressl_d.openssl.ossl_typ.BIGNUM)* kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* r, libressl_d.openssl.ec.EC_KEY* eckey) sign, int function(libressl_d.openssl.ec.EC_KEY* eckey, libressl_d.openssl.ossl_typ.BN_CTX* ctx_in, libressl_d.openssl.ossl_typ.BIGNUM** kinvp, libressl_d.openssl.ossl_typ.BIGNUM** rp) sign_setup, .ECDSA_SIG* function(const (ubyte)* dgst, int dgst_len, const (libressl_d.openssl.ossl_typ.BIGNUM)* in_kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* in_r, libressl_d.openssl.ec.EC_KEY* eckey) sign_sig); 317 void EC_KEY_METHOD_set_verify(libressl_d.openssl.ec.EC_KEY_METHOD* meth, int function(int type, const (ubyte)* dgst, int dgst_len, const (ubyte)* sigbuf, int sig_len, libressl_d.openssl.ec.EC_KEY* eckey) verify, int function(const (ubyte)* dgst, int dgst_len, const (.ECDSA_SIG)* sig, libressl_d.openssl.ec.EC_KEY* eckey) verify_sig); 318 void EC_KEY_METHOD_get_sign(const (libressl_d.openssl.ec.EC_KEY_METHOD)* meth, int function(int type, const (ubyte)* dgst, int dlen, ubyte* sig, uint* siglen, const (libressl_d.openssl.ossl_typ.BIGNUM)* kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* r, libressl_d.openssl.ec.EC_KEY* eckey)* psign, int function(libressl_d.openssl.ec.EC_KEY* eckey, libressl_d.openssl.ossl_typ.BN_CTX* ctx_in, libressl_d.openssl.ossl_typ.BIGNUM** kinvp, libressl_d.openssl.ossl_typ.BIGNUM** rp)* psign_setup, .ECDSA_SIG* function(const (ubyte)* dgst, int dgst_len, const (libressl_d.openssl.ossl_typ.BIGNUM)* in_kinv, const (libressl_d.openssl.ossl_typ.BIGNUM)* in_r, libressl_d.openssl.ec.EC_KEY* eckey)* psign_sig); 319 void EC_KEY_METHOD_get_verify(const (libressl_d.openssl.ec.EC_KEY_METHOD)* meth, int function(int type, const (ubyte)* dgst, int dgst_len, const (ubyte)* sigbuf, int sig_len, libressl_d.openssl.ec.EC_KEY* eckey)* pverify, int function(const (ubyte)* dgst, int dgst_len, const (.ECDSA_SIG)* sig, libressl_d.openssl.ec.EC_KEY* eckey)* pverify_sig); 320 321 /* BEGIN ERROR CODES */ 322 /** 323 * The following lines are auto generated by the script mkerr.pl. Any changes 324 * made after this point may be overwritten when the script is next run. 325 */ 326 void ERR_load_ECDSA_strings(); 327 328 /* Error codes for the ECDSA functions. */ 329 330 /* Function codes. */ 331 enum ECDSA_F_ECDSA_CHECK = 104; 332 enum ECDSA_F_ECDSA_DATA_NEW_METHOD = 100; 333 enum ECDSA_F_ECDSA_DO_SIGN = 101; 334 enum ECDSA_F_ECDSA_DO_VERIFY = 102; 335 enum ECDSA_F_ECDSA_SIGN_SETUP = 103; 336 337 /* Reason codes. */ 338 enum ECDSA_R_BAD_SIGNATURE = 100; 339 enum ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 101; 340 enum ECDSA_R_ERR_EC_LIB = 102; 341 enum ECDSA_R_MISSING_PARAMETERS = 103; 342 enum ECDSA_R_NEED_NEW_SETUP_VALUES = 106; 343 enum ECDSA_R_NON_FIPS_METHOD = 107; 344 enum ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED = 104; 345 enum ECDSA_R_SIGNATURE_MALLOC_FAILED = 105;