TH EC 2
SH NAME
secp256r1,
secp256k1,
secp384r1,
ecdominit,
ecdomfree,
ecassign,
ecadd,
ecmul,
strtoec,
ecgen,
ecverify,
ecpubverify,
ecdsasign,
ecdsaverify,
ecencodepub,
ecdecodepub,
ecpubfree,
X509toECpub,
X509ecdsaverify,
X509ecdsaverifydigest \- elliptic curve cryptography
SH SYNOPSIS
B #include <u.h>
br
B #include <libc.h>
br
B #include <mp.h>
br
B #include <libsec.h>
PP
B
void    secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h)
PP
B
void    secp256k1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h)
PP
B
void    secp384r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h)
PP
B
void    ecdominit(ECdomain *dom, void (*init)(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h))
PP
B
void    ecdomfree(ECdomain *dom)
PP
B
void    ecassign(ECdomain *dom, ECpoint *old, ECpoint *new)
PP
B
void    ecadd(ECdomain *dom, ECpoint *a, ECpoint *b, ECpoint *s)
PP
B
void    ecmul(ECdomain *dom, ECpoint *a, mpint *k, ECpoint *s)
PP
B
ECpoint*        strtoec(ECdomain *dom, char *s, char **rptr, ECpoint *p)
PP
B
ECpriv* ecgen(ECdomain *dom, ECpriv *p)
PP
B
int     ecverify(ECdomain *dom, ECpoint *p)
PP
B
int     ecpubverify(ECdomain *dom, ECpub *p)
PP
B
void    ecdsasign(ECdomain *dom, ECpriv *priv, uchar *dig, int dlen, mpint *r, mpint *s)
PP
B
int     ecdsaverify(ECdomain *dom, ECpub *pub, uchar *dig, int dlen, mpint *r, mpint *s)
PP
B
int     ecencodepub(ECdomain *dom, ECpub *pub, uchar *data, int len)
PP
B
ECpub*  ecdecodepub(ECdomain *dom, uchar *data, int len)
PP
B
void    ecpubfree(ECpub *p);
PP
B
ECpub*  X509toECpub(uchar *cert, int ncert, char *name, int nname, ECdomain *dom)
PP
B
char*   X509ecdsaverify(uchar *cert, int ncert, ECdomain *dom, ECpub *pub)
PP
B
char*   X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub)
DT
SH DESCRIPTION
These functions implement elliptic curve cryptography.
An elliptic curve together with cryptographic parameters are specified using an
B ECdomain
struct.
Points on the curve are represented by
B ECpoint
structs.
PP
B ecdominit
initializes a
B ECdomain
struct and calls the
B init
function such as
B secp256r1
which fills in the parameters of the curve.
PP
B ecdomfree
frees the parameters of the curve and zeros the struct. It does
not free the memory of the struct itself.
PP
BR ecassign ", " ecadd " and " ecmul
are analogous to their counterparts in
IR mp (2).
PP
B strtoec
converts a hex string representing an octet string as specified in
I Standards for Efficient Cryptography (SEC) 1
to an
B ECpoint
struct. Both uncompressed and compressed formats are supported.
If
B rptr
is not
BR nil ,
it is used to return the position in the string where the parser stopped.
If
BR p " is " nil
space is allocated automatically, else the given struct is used.
PP
B ecverify
and
B ecpubverify
verify that the given point or public key, respectively, is valid.
PP
B ecgen
generates a keypair and returns a pointer to it.
If
BR p " is " nil
space is allocated automatically, else the given struct is used.
PP
B ecdsasign
and
B ecdsaverify
create or verify, respectively, a signature using the ECDSA scheme specified in
I SEC 1.
It is absolutely vital that
B dig
is a cryptographic hash to the message.
B ecdsasign
writes the signature to
BR r " and " s
which are assumed to be allocated properly.
PP
B ecencodepub
and
B ecdecodepub
handle encoding and decoding of public keys in uncompressed format.
Note that
B ecdecodepub
also verifies that the public key is valid in the specified domain.
PP
B ecpubfree
frees a
B ECpub
structure and its associated members.
PP
Given a binary X.509 cert, the function
B X509toECpub
initializes domain parameters and returns the ECDSA public key. if
I name
is not
BR nil ,
the CN part of the Distinguished Name of the certificate's Subject is returned.
B X509ecdsaverify
and
B X509ecdsaverifydigest
are analogs to the routines described by
IR rsa (2).
SH RETURN VALUE
B *verify
functions return
B 1
for a positive result.
Functions returning pointers may return
B nil
in case of error
I (e.g.
failing
IR malloc (2)).
SH SOURCE
B /sys/src/libsec/port/ecc.c
SH SEE ALSO
IR rsa (2)
br
I
Standards for Efficient Cryptography (SEC) 1: Elliptic Curve Cryptography
- Certicom Research, 2009
SH HISTORY
This implementation of elliptic curve cryptography first appeared in 9front (June, 2012).

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.