RetroArch
Macros | Typedefs | Functions
ecdsa.h File Reference

Elliptic curve DSA. More...

#include "ecp.h"
#include "md.h"
Include dependency graph for ecdsa.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define MBEDTLS_ECDSA_MAX_LEN   ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
 
#define MBEDTLS_DEPRECATED
 

Typedefs

typedef mbedtls_ecp_keypair mbedtls_ecdsa_context
 ECDSA context structure. More...
 

Functions

int mbedtls_ecdsa_sign (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Compute ECDSA signature of a previously hashed message. More...
 
int mbedtls_ecdsa_sign_det (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg)
 Compute ECDSA signature of a previously hashed message, deterministic version (RFC 6979). More...
 
int mbedtls_ecdsa_verify (mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
 Verify ECDSA signature of a previously hashed message. More...
 
int mbedtls_ecdsa_write_signature (mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. (Not thread-safe to use same context in multiple threads) More...
 
int mbedtls_ecdsa_write_signature_det (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED
 Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. Deterministic version, RFC 6979. (Not thread-safe to use same context in multiple threads) More...
 
int mbedtls_ecdsa_read_signature (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
 Read and verify an ECDSA signature. More...
 
int mbedtls_ecdsa_genkey (mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate an ECDSA keypair on the given curve. More...
 
int mbedtls_ecdsa_from_keypair (mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key)
 Set an ECDSA context from an EC key pair. More...
 
void mbedtls_ecdsa_init (mbedtls_ecdsa_context *ctx)
 Initialize context. More...
 
void mbedtls_ecdsa_free (mbedtls_ecdsa_context *ctx)
 Free context. More...
 

Detailed Description

Elliptic curve DSA.

Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This file is part of mbed TLS (https://tls.mbed.org)

Macro Definition Documentation

◆ MBEDTLS_DEPRECATED

#define MBEDTLS_DEPRECATED

◆ MBEDTLS_ECDSA_MAX_LEN

#define MBEDTLS_ECDSA_MAX_LEN   ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )

Maximum size of an ECDSA signature in bytes

Typedef Documentation

◆ mbedtls_ecdsa_context

ECDSA context structure.

Function Documentation

◆ mbedtls_ecdsa_free()

void mbedtls_ecdsa_free ( mbedtls_ecdsa_context ctx)

Free context.

Parameters
ctxContext to free
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_from_keypair()

int mbedtls_ecdsa_from_keypair ( mbedtls_ecdsa_context ctx,
const mbedtls_ecp_keypair key 
)

Set an ECDSA context from an EC key pair.

Parameters
ctxECDSA context to set
keyEC key to use
Returns
0 on success, or a MBEDTLS_ERR_ECP_XXX code.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_genkey()

int mbedtls_ecdsa_genkey ( mbedtls_ecdsa_context ctx,
mbedtls_ecp_group_id  gid,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Generate an ECDSA keypair on the given curve.

Parameters
ctxECDSA context in which the keypair should be stored
gidGroup (elliptic curve) to use. One of the various MBEDTLS_ECP_DP_XXX macros depending on configuration.
f_rngRNG function
p_rngRNG parameter
Returns
0 on success, or a MBEDTLS_ERR_ECP_XXX code.
Here is the call graph for this function:

◆ mbedtls_ecdsa_init()

void mbedtls_ecdsa_init ( mbedtls_ecdsa_context ctx)

Initialize context.

Parameters
ctxContext to initialize
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_read_signature()

int mbedtls_ecdsa_read_signature ( mbedtls_ecdsa_context ctx,
const unsigned char *  hash,
size_t  hlen,
const unsigned char *  sig,
size_t  slen 
)

Read and verify an ECDSA signature.

Parameters
ctxECDSA context
hashMessage hash
hlenSize of hash
sigSignature to read and verify
slenSize of sig
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.4 step 3.
Returns
0 if successful, MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid, MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is valid but its actual length is less than siglen, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_sign()

int mbedtls_ecdsa_sign ( mbedtls_ecp_group grp,
mbedtls_mpi r,
mbedtls_mpi s,
const mbedtls_mpi d,
const unsigned char *  buf,
size_t  blen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Compute ECDSA signature of a previously hashed message.

Note
The deterministic version is usually prefered.
Parameters
grpECP group
rFirst output integer
sSecond output integer
dPrivate signing key
bufMessage hash
blenLength of buf
f_rngRNG function
p_rngRNG parameter
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_sign_det()

int mbedtls_ecdsa_sign_det ( mbedtls_ecp_group grp,
mbedtls_mpi r,
mbedtls_mpi s,
const mbedtls_mpi d,
const unsigned char *  buf,
size_t  blen,
mbedtls_md_type_t  md_alg 
)

Compute ECDSA signature of a previously hashed message, deterministic version (RFC 6979).

Parameters
grpECP group
rFirst output integer
sSecond output integer
dPrivate signing key
bufMessage hash
blenLength of buf
md_algMD algorithm used to hash the message
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_verify()

int mbedtls_ecdsa_verify ( mbedtls_ecp_group grp,
const unsigned char *  buf,
size_t  blen,
const mbedtls_ecp_point Q,
const mbedtls_mpi r,
const mbedtls_mpi s 
)

Verify ECDSA signature of a previously hashed message.

Parameters
grpECP group
bufMessage hash
blenLength of buf
QPublic key to use for verification
rFirst integer of the signature
sSecond integer of the signature
Note
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.4 step 3.
Returns
0 if successful, MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_write_signature()

int mbedtls_ecdsa_write_signature ( mbedtls_ecdsa_context ctx,
mbedtls_md_type_t  md_alg,
const unsigned char *  hash,
size_t  hlen,
unsigned char *  sig,
size_t *  slen,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. (Not thread-safe to use same context in multiple threads)

Note
The deterministic version (RFC 6979) is used if MBEDTLS_ECDSA_DETERMINISTIC is defined.
Parameters
ctxECDSA context
md_algAlgorithm that was used to hash the message
hashMessage hash
hlenLength of hash
sigBuffer that will hold the signature
slenLength of the signature written
f_rngRNG function
p_rngRNG parameter
Note
The "sig" buffer must be at least as large as twice the size of the curve used, plus 9 (eg. 73 bytes if a 256-bit curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_ecdsa_write_signature_det()

int mbedtls_ecdsa_write_signature_det ( mbedtls_ecdsa_context ctx,
const unsigned char *  hash,
size_t  hlen,
unsigned char *  sig,
size_t *  slen,
mbedtls_md_type_t  md_alg 
)

Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20. Deterministic version, RFC 6979. (Not thread-safe to use same context in multiple threads)

Deprecated:
Superseded by mbedtls_ecdsa_write_signature() in 2.0.0
Parameters
ctxECDSA context
hashMessage hash
hlenLength of hash
sigBuffer that will hold the signature
slenLength of the signature written
md_algMD algorithm used to hash the message
Note
The "sig" buffer must be at least as large as twice the size of the curve used, plus 9 (eg. 73 bytes if a 256-bit curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
If the bitlength of the message hash is larger than the bitlength of the group order, then the hash is truncated as prescribed by SEC1 4.1.3 step 5.
Returns
0 if successful, or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
Here is the call graph for this function: