1 /* $OpenBSD: ec.h,v 1.41 2023/04/27 07:10:05 tb Exp $ */ 2 /* 3 * Originally written by Bodo Moeller for the OpenSSL project. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * openssl-core@openssl.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 /* ==================================================================== 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60 * 61 * Portions of the attached software ("Contribution") are developed by 62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 63 * 64 * The Contribution is licensed pursuant to the OpenSSL open source 65 * license provided above. 66 * 67 * The elliptic curve binary polynomial software is originally written by 68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. 69 */ 70 71 #ifndef HEADER_EC_H 72 #define HEADER_EC_H 73 74 #include <openssl/opensslconf.h> 75 76 #ifdef OPENSSL_NO_EC 77 #error EC is disabled. 78 #endif 79 80 #include <openssl/asn1.h> 81 #include <openssl/bn.h> 82 83 #ifdef __cplusplus 84 extern "C" { 85 #elif defined(__SUNPRO_C) 86 # if __SUNPRO_C >= 0x520 87 # pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) 88 # endif 89 #endif 90 91 #ifndef OPENSSL_ECC_MAX_FIELD_BITS 92 #define OPENSSL_ECC_MAX_FIELD_BITS 661 93 #endif 94 95 /* Elliptic point conversion form as per X9.62, page 4 and section 4.4.2. */ 96 typedef enum { 97 POINT_CONVERSION_COMPRESSED = 2, 98 POINT_CONVERSION_UNCOMPRESSED = 4, 99 POINT_CONVERSION_HYBRID = 6 100 } point_conversion_form_t; 101 102 typedef struct ec_method_st EC_METHOD; 103 typedef struct ec_group_st EC_GROUP; 104 typedef struct ec_point_st EC_POINT; 105 106 const EC_METHOD *EC_GFp_simple_method(void); 107 const EC_METHOD *EC_GFp_mont_method(void); 108 109 EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); 110 void EC_GROUP_free(EC_GROUP *group); 111 #ifndef LIBRESSL_INTERNAL 112 void EC_GROUP_clear_free(EC_GROUP *group); 113 #endif 114 115 int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src); 116 EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); 117 118 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); 119 int EC_METHOD_get_field_type(const EC_METHOD *meth); 120 121 int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, 122 const BIGNUM *order, const BIGNUM *cofactor); 123 const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); 124 125 int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); 126 int EC_GROUP_order_bits(const EC_GROUP *group); 127 int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); 128 129 void EC_GROUP_set_curve_name(EC_GROUP *group, int nid); 130 int EC_GROUP_get_curve_name(const EC_GROUP *group); 131 132 void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); 133 int EC_GROUP_get_asn1_flag(const EC_GROUP *group); 134 135 void EC_GROUP_set_point_conversion_form(EC_GROUP *group, 136 point_conversion_form_t form); 137 point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); 138 139 unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x); 140 size_t EC_GROUP_get_seed_len(const EC_GROUP *); 141 size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); 142 143 int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, 144 const BIGNUM *b, BN_CTX *ctx); 145 int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, 146 BN_CTX *ctx); 147 148 #if !defined(LIBRESSL_INTERNAL) 149 int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, 150 const BIGNUM *b, BN_CTX *ctx); 151 int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, 152 BIGNUM *b, BN_CTX *ctx); 153 #endif 154 155 int EC_GROUP_get_degree(const EC_GROUP *group); 156 157 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); 158 int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx); 159 160 /* Compare two EC_GROUPs. Returns 0 if both groups are equal, 1 otherwise. */ 161 int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx); 162 163 EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, 164 const BIGNUM *b, BN_CTX *ctx); 165 EC_GROUP *EC_GROUP_new_by_curve_name(int nid); 166 167 typedef struct { 168 int nid; 169 const char *comment; 170 } EC_builtin_curve; 171 172 size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); 173 174 const char *EC_curve_nid2nist(int nid); 175 int EC_curve_nist2nid(const char *name); 176 177 EC_POINT *EC_POINT_new(const EC_GROUP *group); 178 void EC_POINT_free(EC_POINT *point); 179 #ifndef LIBRESSL_INTERNAL 180 void EC_POINT_clear_free(EC_POINT *point); 181 #endif 182 int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); 183 EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); 184 185 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); 186 187 int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); 188 189 int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p, 190 const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); 191 int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p, 192 BIGNUM *x, BIGNUM *y, BN_CTX *ctx); 193 int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p, 194 const BIGNUM *x, int y_bit, BN_CTX *ctx); 195 196 #ifndef LIBRESSL_INTERNAL 197 int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, 198 const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); 199 int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, 200 const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx); 201 int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, 202 const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); 203 int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, 204 const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); 205 int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, 206 const BIGNUM *x, int y_bit, BN_CTX *ctx); 207 #endif /* !LIBRESSL_INTERNAL */ 208 size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, 209 point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *ctx); 210 int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, 211 const unsigned char *buf, size_t len, BN_CTX *ctx); 212 213 BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, 214 point_conversion_form_t form, BIGNUM *, BN_CTX *); 215 EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *, EC_POINT *, 216 BN_CTX *); 217 char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, 218 point_conversion_form_t form, BN_CTX *); 219 EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, EC_POINT *, 220 BN_CTX *); 221 222 int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, 223 const EC_POINT *b, BN_CTX *ctx); 224 int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, 225 BN_CTX *ctx); 226 int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); 227 int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p); 228 int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, 229 BN_CTX *ctx); 230 int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, 231 BN_CTX *ctx); 232 233 int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); 234 int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], 235 BN_CTX *ctx); 236 int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, 237 size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx); 238 int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, 239 const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); 240 int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); 241 int EC_GROUP_have_precompute_mult(const EC_GROUP *group); 242 243 int EC_GROUP_get_basis_type(const EC_GROUP *); 244 245 #define OPENSSL_EC_EXPLICIT_CURVE 0x000 246 #define OPENSSL_EC_NAMED_CURVE 0x001 247 248 typedef struct ecpk_parameters_st ECPKPARAMETERS; 249 250 EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); 251 int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); 252 253 #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) 254 #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) 255 #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ 256 (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) 257 #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ 258 (unsigned char *)(x)) 259 260 #ifndef OPENSSL_NO_BIO 261 int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); 262 #endif 263 int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); 264 265 typedef struct ec_key_st EC_KEY; 266 typedef struct ec_key_method_st EC_KEY_METHOD; 267 268 #define EC_PKEY_NO_PARAMETERS 0x001 269 #define EC_PKEY_NO_PUBKEY 0x002 270 271 #define EC_FLAG_NON_FIPS_ALLOW 0x1 272 #define EC_FLAG_FIPS_CHECKED 0x2 273 #define EC_FLAG_COFACTOR_ECDH 0x1000 274 275 EC_KEY *EC_KEY_new(void); 276 int EC_KEY_get_flags(const EC_KEY *key); 277 void EC_KEY_set_flags(EC_KEY *key, int flags); 278 void EC_KEY_clear_flags(EC_KEY *key, int flags); 279 EC_KEY *EC_KEY_new_by_curve_name(int nid); 280 void EC_KEY_free(EC_KEY *key); 281 EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); 282 EC_KEY *EC_KEY_dup(const EC_KEY *src); 283 int EC_KEY_up_ref(EC_KEY *key); 284 285 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); 286 int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); 287 const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); 288 int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); 289 const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); 290 int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); 291 292 unsigned EC_KEY_get_enc_flags(const EC_KEY *key); 293 void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags); 294 point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); 295 void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform); 296 297 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag); 298 int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); 299 int EC_KEY_generate_key(EC_KEY *key); 300 int EC_KEY_check_key(const EC_KEY *key); 301 int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y); 302 303 EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len); 304 int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); 305 EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); 306 int i2d_ECParameters(EC_KEY *key, unsigned char **out); 307 308 EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len); 309 int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out); 310 311 #ifndef OPENSSL_NO_BIO 312 int ECParameters_print(BIO *bp, const EC_KEY *key); 313 int EC_KEY_print(BIO *bp, const EC_KEY *key, int off); 314 #endif 315 int ECParameters_print_fp(FILE *fp, const EC_KEY *key); 316 int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off); 317 318 #define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \ 319 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef) 320 int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg); 321 void *EC_KEY_get_ex_data(const EC_KEY *key, int idx); 322 323 const EC_KEY_METHOD *EC_KEY_OpenSSL(void); 324 const EC_KEY_METHOD *EC_KEY_get_default_method(void); 325 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth); 326 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key); 327 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth); 328 EC_KEY *EC_KEY_new_method(ENGINE *engine); 329 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth); 330 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth); 331 void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, 332 int (*init)(EC_KEY *key), 333 void (*finish)(EC_KEY *key), 334 int (*copy)(EC_KEY *dest, const EC_KEY *src), 335 int (*set_group)(EC_KEY *key, const EC_GROUP *grp), 336 int (*set_private)(EC_KEY *key, const BIGNUM *priv_key), 337 int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)); 338 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, 339 int (*keygen)(EC_KEY *key)); 340 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, 341 int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 342 void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); 343 void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, 344 int (**pinit)(EC_KEY *key), 345 void (**pfinish)(EC_KEY *key), 346 int (**pcopy)(EC_KEY *dest, const EC_KEY *src), 347 int (**pset_group)(EC_KEY *key, const EC_GROUP *grp), 348 int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key), 349 int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)); 350 void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, 351 int (**pkeygen)(EC_KEY *key)); 352 void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, 353 int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 354 void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); 355 356 EC_KEY *ECParameters_dup(EC_KEY *key); 357 358 #ifndef __cplusplus 359 #if defined(__SUNPRO_C) 360 # if __SUNPRO_C >= 0x520 361 # pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) 362 # endif 363 # endif 364 #endif 365 366 #define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ 367 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 368 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ 369 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL) 370 371 #define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ 372 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 373 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ 374 EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL) 375 376 #define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \ 377 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 378 EVP_PKEY_OP_DERIVE, \ 379 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL) 380 381 #define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \ 382 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 383 EVP_PKEY_OP_DERIVE, \ 384 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL) 385 386 #define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \ 387 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 388 EVP_PKEY_OP_DERIVE, \ 389 EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL) 390 391 #define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \ 392 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 393 EVP_PKEY_OP_DERIVE, \ 394 EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL) 395 396 #define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \ 397 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 398 EVP_PKEY_OP_DERIVE, \ 399 EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md)) 400 401 #define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \ 402 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 403 EVP_PKEY_OP_DERIVE, \ 404 EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd)) 405 406 #define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \ 407 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 408 EVP_PKEY_OP_DERIVE, \ 409 EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL) 410 411 #define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \ 412 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 413 EVP_PKEY_OP_DERIVE, \ 414 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, \ 415 (void *)(plen)) 416 417 #define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \ 418 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 419 EVP_PKEY_OP_DERIVE, \ 420 EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)(p)) 421 422 #define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \ 423 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ 424 EVP_PKEY_OP_DERIVE, \ 425 EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)(p)) 426 427 /* SM2 will skip the operation check so no need to pass operation here */ 428 #define EVP_PKEY_CTX_set1_id(ctx, id, id_len) \ 429 EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ 430 EVP_PKEY_CTRL_SET1_ID, (int)id_len, (void*)(id)) 431 432 #define EVP_PKEY_CTX_get1_id(ctx, id) \ 433 EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ 434 EVP_PKEY_CTRL_GET1_ID, 0, (void*)(id)) 435 436 #define EVP_PKEY_CTX_get1_id_len(ctx, id_len) \ 437 EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ 438 EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(id_len)) 439 440 #define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) 441 #define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2) 442 #define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3) 443 #define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4) 444 #define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5) 445 #define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6) 446 #define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7) 447 #define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8) 448 #define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9) 449 #define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10) 450 #define EVP_PKEY_CTRL_SET1_ID (EVP_PKEY_ALG_CTRL + 11) 451 #define EVP_PKEY_CTRL_GET1_ID (EVP_PKEY_ALG_CTRL + 12) 452 #define EVP_PKEY_CTRL_GET1_ID_LEN (EVP_PKEY_ALG_CTRL + 13) 453 454 /* KDF types */ 455 #define EVP_PKEY_ECDH_KDF_NONE 1 456 #define EVP_PKEY_ECDH_KDF_X9_63 2 457 458 void ERR_load_EC_strings(void); 459 460 /* Error codes for the EC functions. */ 461 462 /* Function codes. */ 463 #define EC_F_BN_TO_FELEM 224 464 #define EC_F_COMPUTE_WNAF 143 465 #define EC_F_D2I_ECPARAMETERS 144 466 #define EC_F_D2I_ECPKPARAMETERS 145 467 #define EC_F_D2I_ECPRIVATEKEY 146 468 #define EC_F_DO_EC_KEY_PRINT 221 469 #define EC_F_ECKEY_PARAM2TYPE 223 470 #define EC_F_ECKEY_PARAM_DECODE 212 471 #define EC_F_ECKEY_PRIV_DECODE 213 472 #define EC_F_ECKEY_PRIV_ENCODE 214 473 #define EC_F_ECKEY_PUB_DECODE 215 474 #define EC_F_ECKEY_PUB_ENCODE 216 475 #define EC_F_ECKEY_TYPE2PARAM 220 476 #define EC_F_ECPARAMETERS_PRINT 147 477 #define EC_F_ECPARAMETERS_PRINT_FP 148 478 #define EC_F_ECPKPARAMETERS_PRINT 149 479 #define EC_F_ECPKPARAMETERS_PRINT_FP 150 480 #define EC_F_ECP_NIST_MOD_192 203 481 #define EC_F_ECP_NIST_MOD_224 204 482 #define EC_F_ECP_NIST_MOD_256 205 483 #define EC_F_ECP_NIST_MOD_521 206 484 #define EC_F_ECP_NISTZ256_GET_AFFINE 240 485 #define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 486 #define EC_F_ECP_NISTZ256_POINTS_MUL 241 487 #define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 488 #define EC_F_ECP_NISTZ256_SET_WORDS 245 489 #define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 490 #define EC_F_EC_ASN1_GROUP2CURVE 153 491 #define EC_F_EC_ASN1_GROUP2FIELDID 154 492 #define EC_F_EC_ASN1_GROUP2PARAMETERS 155 493 #define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 494 #define EC_F_EC_ASN1_PARAMETERS2GROUP 157 495 #define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 496 #define EC_F_EC_EX_DATA_SET_DATA 211 497 #define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 498 #define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 499 #define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 500 #define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 501 #define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 502 #define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 503 #define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 504 #define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 505 #define EC_F_EC_GFP_MONT_FIELD_DECODE 133 506 #define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 507 #define EC_F_EC_GFP_MONT_FIELD_MUL 131 508 #define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 509 #define EC_F_EC_GFP_MONT_FIELD_SQR 132 510 #define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 511 #define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135 512 #define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225 513 #define EC_F_EC_GFP_NISTP224_POINTS_MUL 228 514 #define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226 515 #define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230 516 #define EC_F_EC_GFP_NISTP256_POINTS_MUL 231 517 #define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232 518 #define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233 519 #define EC_F_EC_GFP_NISTP521_POINTS_MUL 234 520 #define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235 521 #define EC_F_EC_GFP_NIST_FIELD_MUL 200 522 #define EC_F_EC_GFP_NIST_FIELD_SQR 201 523 #define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 524 #define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 525 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 526 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 527 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 528 #define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 529 #define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 530 #define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 531 #define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 532 #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 533 #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 534 #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 535 #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 536 #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 537 #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 538 #define EC_F_EC_GROUP_CHECK 170 539 #define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 540 #define EC_F_EC_GROUP_COPY 106 541 #define EC_F_EC_GROUP_GET0_GENERATOR 139 542 #define EC_F_EC_GROUP_GET_COFACTOR 140 543 #define EC_F_EC_GROUP_GET_CURVE_GF2M 172 544 #define EC_F_EC_GROUP_GET_CURVE_GFP 130 545 #define EC_F_EC_GROUP_GET_DEGREE 173 546 #define EC_F_EC_GROUP_GET_ORDER 141 547 #define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 548 #define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 549 #define EC_F_EC_GROUP_NEW 108 550 #define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 551 #define EC_F_EC_GROUP_NEW_FROM_DATA 175 552 #define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 553 #define EC_F_EC_GROUP_SET_CURVE_GF2M 176 554 #define EC_F_EC_GROUP_SET_CURVE_GFP 109 555 #define EC_F_EC_GROUP_SET_EXTRA_DATA 110 556 #define EC_F_EC_GROUP_SET_GENERATOR 111 557 #define EC_F_EC_KEY_CHECK_KEY 177 558 #define EC_F_EC_KEY_COPY 178 559 #define EC_F_EC_KEY_GENERATE_KEY 179 560 #define EC_F_EC_KEY_NEW 182 561 #define EC_F_EC_KEY_PRINT 180 562 #define EC_F_EC_KEY_PRINT_FP 181 563 #define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229 564 #define EC_F_EC_POINTS_MAKE_AFFINE 136 565 #define EC_F_EC_POINT_ADD 112 566 #define EC_F_EC_POINT_CMP 113 567 #define EC_F_EC_POINT_COPY 114 568 #define EC_F_EC_POINT_DBL 115 569 #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 570 #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 571 #define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 572 #define EC_F_EC_POINT_INVERT 210 573 #define EC_F_EC_POINT_IS_AT_INFINITY 118 574 #define EC_F_EC_POINT_IS_ON_CURVE 119 575 #define EC_F_EC_POINT_MAKE_AFFINE 120 576 #define EC_F_EC_POINT_MUL 184 577 #define EC_F_EC_POINT_NEW 121 578 #define EC_F_EC_POINT_OCT2POINT 122 579 #define EC_F_EC_POINT_POINT2OCT 123 580 #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 581 #define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 582 #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 583 #define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 584 #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 585 #define EC_F_EC_POINT_SET_TO_INFINITY 127 586 #define EC_F_EC_PRE_COMP_DUP 207 587 #define EC_F_EC_PRE_COMP_NEW 196 588 #define EC_F_EC_WNAF_MUL 187 589 #define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 590 #define EC_F_I2D_ECPARAMETERS 190 591 #define EC_F_I2D_ECPKPARAMETERS 191 592 #define EC_F_I2D_ECPRIVATEKEY 192 593 #define EC_F_I2O_ECPUBLICKEY 151 594 #define EC_F_NISTP224_PRE_COMP_NEW 227 595 #define EC_F_NISTP256_PRE_COMP_NEW 236 596 #define EC_F_NISTP521_PRE_COMP_NEW 237 597 #define EC_F_O2I_ECPUBLICKEY 152 598 #define EC_F_OLD_EC_PRIV_DECODE 222 599 #define EC_F_PKEY_EC_CTRL 197 600 #define EC_F_PKEY_EC_CTRL_STR 198 601 #define EC_F_PKEY_EC_DERIVE 217 602 #define EC_F_PKEY_EC_KEYGEN 199 603 #define EC_F_PKEY_EC_PARAMGEN 219 604 #define EC_F_PKEY_EC_SIGN 218 605 606 /* Reason codes. */ 607 #define EC_R_ASN1_ERROR 115 608 #define EC_R_ASN1_UNKNOWN_FIELD 116 609 #define EC_R_BIGNUM_OUT_OF_RANGE 144 610 #define EC_R_BUFFER_TOO_SMALL 100 611 #define EC_R_COORDINATES_OUT_OF_RANGE 146 612 #define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 613 #define EC_R_DECODE_ERROR 142 614 #define EC_R_DISCRIMINANT_IS_ZERO 118 615 #define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 616 #define EC_R_FIELD_TOO_LARGE 143 617 #define EC_R_GF2M_NOT_SUPPORTED 147 618 #define EC_R_GROUP2PKPARAMETERS_FAILURE 120 619 #define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 620 #define EC_R_INCOMPATIBLE_OBJECTS 101 621 #define EC_R_INVALID_ARGUMENT 112 622 #define EC_R_INVALID_COMPRESSED_POINT 110 623 #define EC_R_INVALID_COMPRESSION_BIT 109 624 #define EC_R_INVALID_CURVE 141 625 #define EC_R_INVALID_DIGEST 151 626 #define EC_R_INVALID_DIGEST_TYPE 138 627 #define EC_R_INVALID_ENCODING 102 628 #define EC_R_INVALID_FIELD 103 629 #define EC_R_INVALID_FORM 104 630 #define EC_R_INVALID_GROUP_ORDER 122 631 #define EC_R_INVALID_KEY 165 632 #define EC_R_INVALID_PEER_KEY 152 633 #define EC_R_INVALID_PENTANOMIAL_BASIS 132 634 #define EC_R_INVALID_PRIVATE_KEY 123 635 #define EC_R_INVALID_TRINOMIAL_BASIS 137 636 #define EC_R_KDF_PARAMETER_ERROR 148 637 #define EC_R_KEYS_NOT_SET 140 638 #define EC_R_MISSING_PARAMETERS 124 639 #define EC_R_MISSING_PRIVATE_KEY 125 640 #define EC_R_NOT_A_NIST_PRIME 135 641 #define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136 642 #define EC_R_NOT_IMPLEMENTED 126 643 #define EC_R_NOT_INITIALIZED 111 644 #define EC_R_NO_FIELD_MOD 133 645 #define EC_R_NO_PARAMETERS_SET 139 646 #define EC_R_PASSED_NULL_PARAMETER 134 647 #define EC_R_PEER_KEY_ERROR 149 648 #define EC_R_PKPARAMETERS2GROUP_FAILURE 127 649 #define EC_R_POINT_AT_INFINITY 106 650 #define EC_R_POINT_IS_NOT_ON_CURVE 107 651 #define EC_R_SHARED_INFO_ERROR 150 652 #define EC_R_SLOT_FULL 108 653 #define EC_R_UNDEFINED_GENERATOR 113 654 #define EC_R_UNDEFINED_ORDER 128 655 #define EC_R_UNKNOWN_COFACTOR 164 656 #define EC_R_UNKNOWN_GROUP 129 657 #define EC_R_UNKNOWN_ORDER 114 658 #define EC_R_UNSUPPORTED_FIELD 131 659 #define EC_R_WRONG_CURVE_PARAMETERS 145 660 #define EC_R_WRONG_ORDER 130 661 662 #ifdef __cplusplus 663 } 664 #endif 665 #endif 666