1 /*############################################################################ 2 # Copyright 2016-2017 Intel Corporation 3 # 4 # Licensed under the Apache License, Version 2.0 (the "License"); 5 # you may not use this file except in compliance with the License. 6 # You may obtain a copy of the License at 7 # 8 # http://www.apache.org/licenses/LICENSE-2.0 9 # 10 # Unless required by applicable law or agreed to in writing, software 11 # distributed under the License is distributed on an "AS IS" BASIS, 12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 # See the License for the specific language governing permissions and 14 # limitations under the License. 15 ############################################################################*/ 16 17 /*! 18 * \file 19 * \brief Ecdsa interface. 20 */ 21 22 #ifndef EPID_COMMON_MATH_ECDSA_H_ 23 #define EPID_COMMON_MATH_ECDSA_H_ 24 25 #include <stddef.h> 26 27 #include "epid/common/bitsupplier.h" 28 #include "epid/common/errors.h" 29 #include "epid/common/types.h" 30 31 /// Elliptic Curve Digital Signature Algorithm Primitives 32 /*! 33 \defgroup EcdsaPrimitives ecdsa 34 Provides APIs for computing and checking buffer signatures using the 35 Elliptic Curve Digital Signature Algorithm. 36 37 \ingroup EpidMath 38 @{ 39 */ 40 41 /// Verifies authenticity of a digital signature over a buffer 42 /*! 43 44 Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to verify 45 that the SHA-256 hash of the input buffer was signed with the 46 private key corresponding to the provided public key. 47 48 The operation is over the standard secp256r1 curve. 49 50 \warning 51 It is the responsibility of the caller to verify the identity of 52 the public key. 53 54 \param[in] buf 55 Pointer to buffer containing message to verify. 56 \param[in] buf_len 57 The size of buf in bytes. 58 \param[in] pubkey 59 The ECDSA public key on secp256r1 curve. 60 \param[in] sig 61 The ECDSA signature to be verified. 62 63 \returns ::EpidStatus 64 65 \retval ::kEpidSigValid 66 EcdsaSignature is valid for the given buffer. 67 \retval ::kEpidSigInvalid 68 EcdsaSignature is invalid for the given buffer. 69 70 \see EcdsaSignBuffer 71 */ 72 EpidStatus EcdsaVerifyBuffer(ConstOctStr buf, size_t buf_len, 73 EcdsaPublicKey const* pubkey, 74 EcdsaSignature const* sig); 75 76 /// Creates ECDSA signature of buffer 77 /*! 78 79 Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to generate 80 a signature of the SHA-256 hash of the input buffer with the provided 81 private key. 82 83 The operation is over the standard secp256r1 curve. 84 85 \param[in] buf 86 Pointer to buffer containing message to sign. 87 \param[in] buf_len 88 The size of buf in bytes. 89 \param[in] privkey 90 The ECDSA private key on secp256r1 curve. 91 \param[in] rnd_func 92 Random number generator. 93 \param[in] rnd_param 94 Pass through context data for rnd_func. 95 \param[out] sig 96 The resulting ECDSA signature. 97 98 \returns ::EpidStatus 99 100 \retval ::kEpidRandMaxIterErr 101 Failed to sign after maximum number of iterations due to bad luck in 102 random number generation. 103 104 \see EcdsaSignBuffer 105 */ 106 EpidStatus EcdsaSignBuffer(ConstOctStr buf, size_t buf_len, 107 EcdsaPrivateKey const* privkey, BitSupplier rnd_func, 108 void* rnd_param, EcdsaSignature* sig); 109 110 /*! 111 @} 112 */ 113 114 #endif // EPID_COMMON_MATH_ECDSA_H_ 115
