• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*############################################################################
2   # Copyright 2016-2017 Intel Corporation
3   #
4   # Licensed under the Apache License, Version 2.0 (the "License");
5   # you may not use this file except in compliance with the License.
6   # You may obtain a copy of the License at
7   #
8   #     http://www.apache.org/licenses/LICENSE-2.0
9   #
10   # Unless required by applicable law or agreed to in writing, software
11   # distributed under the License is distributed on an "AS IS" BASIS,
12   # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   # See the License for the specific language governing permissions and
14   # limitations under the License.
15   ############################################################################*/
16 
17 /*!
18  * \file
19  * \brief Ecdsa interface.
20  */
21 
22 #ifndef EPID_COMMON_MATH_ECDSA_H_
23 #define EPID_COMMON_MATH_ECDSA_H_
24 
25 #include <stddef.h>
26 
27 #include "epid/common/bitsupplier.h"
28 #include "epid/common/errors.h"
29 #include "epid/common/types.h"
30 
31 /// Elliptic Curve Digital Signature Algorithm Primitives
32 /*!
33   \defgroup EcdsaPrimitives ecdsa
34   Provides APIs for computing and checking buffer signatures using the
35   Elliptic Curve Digital Signature Algorithm.
36 
37   \ingroup EpidMath
38   @{
39 */
40 
41 /// Verifies authenticity of a digital signature over a buffer
42 /*!
43 
44   Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to verify
45   that the SHA-256 hash of the input buffer was signed with the
46   private key corresponding to the provided public key.
47 
48   The operation is over the standard secp256r1 curve.
49 
50   \warning
51   It is the responsibility of the caller to verify the identity of
52   the public key.
53 
54   \param[in] buf
55   Pointer to buffer containing message to verify.
56   \param[in] buf_len
57   The size of buf in bytes.
58   \param[in] pubkey
59   The ECDSA public key on secp256r1 curve.
60   \param[in] sig
61   The ECDSA signature to be verified.
62 
63   \returns ::EpidStatus
64 
65   \retval ::kEpidSigValid
66   EcdsaSignature is valid for the given buffer.
67   \retval ::kEpidSigInvalid
68   EcdsaSignature is invalid for the given buffer.
69 
70   \see EcdsaSignBuffer
71  */
72 EpidStatus EcdsaVerifyBuffer(ConstOctStr buf, size_t buf_len,
73                              EcdsaPublicKey const* pubkey,
74                              EcdsaSignature const* sig);
75 
76 /// Creates ECDSA signature of buffer
77 /*!
78 
79   Uses Elliptic Curve Digital Signature Algorithm (ECDSA) to generate
80   a signature of the SHA-256 hash of the input buffer with the provided
81   private key.
82 
83   The operation is over the standard secp256r1 curve.
84 
85   \param[in] buf
86   Pointer to buffer containing message to sign.
87   \param[in] buf_len
88   The size of buf in bytes.
89   \param[in] privkey
90   The ECDSA private key on secp256r1 curve.
91   \param[in] rnd_func
92   Random number generator.
93   \param[in] rnd_param
94   Pass through context data for rnd_func.
95   \param[out] sig
96   The resulting ECDSA signature.
97 
98   \returns ::EpidStatus
99 
100   \retval ::kEpidRandMaxIterErr
101   Failed to sign after maximum number of iterations due to bad luck in
102   random number generation.
103 
104   \see EcdsaSignBuffer
105  */
106 EpidStatus EcdsaSignBuffer(ConstOctStr buf, size_t buf_len,
107                            EcdsaPrivateKey const* privkey, BitSupplier rnd_func,
108                            void* rnd_param, EcdsaSignature* sig);
109 
110 /*!
111   @}
112 */
113 
114 #endif  // EPID_COMMON_MATH_ECDSA_H_
115