diff options
| author | tb <> | 2023-06-19 09:12:41 +0000 |
|---|---|---|
| committer | tb <> | 2023-06-19 09:12:41 +0000 |
| commit | 0c32882e3a5317945f39d8af150b8744696bb403 (patch) | |
| tree | b16e030da69208bc3c8034cc90da9ad3db763435 /src/lib/libcrypto | |
| parent | 7354479eaccb0ea5e9160abc1b2cf94f33e75adb (diff) | |
| download | openbsd-0c32882e3a5317945f39d8af150b8744696bb403.tar.gz openbsd-0c32882e3a5317945f39d8af150b8744696bb403.tar.bz2 openbsd-0c32882e3a5317945f39d8af150b8744696bb403.zip | |
Dedoxigenize ecdsa.h
These functions are properly documented and upcoming surgery in here is
going to be tricky enough without having to navigate around this noise.
No code change.
Diffstat (limited to 'src/lib/libcrypto')
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecdsa.h | 138 |
1 files changed, 5 insertions, 133 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h index 6139dbac1a..2e6b672627 100644 --- a/src/lib/libcrypto/ecdsa/ecdsa.h +++ b/src/lib/libcrypto/ecdsa/ecdsa.h | |||
| @@ -1,7 +1,6 @@ | |||
| 1 | /* $OpenBSD: ecdsa.h,v 1.15 2023/04/18 08:47:28 tb Exp $ */ | 1 | /* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */ |
| 2 | /** | 2 | /* |
| 3 | * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions | 3 | * Written by Nils Larsch for the OpenSSL project |
| 4 | * \author Written by Nils Larsch for the OpenSSL project | ||
| 5 | */ | 4 | */ |
| 6 | /* ==================================================================== | 5 | /* ==================================================================== |
| 7 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
| @@ -88,7 +87,8 @@ struct ecdsa_method { | |||
| 88 | char *app_data; | 87 | char *app_data; |
| 89 | }; | 88 | }; |
| 90 | 89 | ||
| 91 | /* If this flag is set the ECDSA method is FIPS compliant and can be used | 90 | /* |
| 91 | * If this flag is set, the ECDSA method is FIPS compliant and can be used | ||
| 92 | * in FIPS mode. This is set in the validated module method. If an | 92 | * in FIPS mode. This is set in the validated module method. If an |
| 93 | * application sets this flag in its own methods it is its responsibility | 93 | * application sets this flag in its own methods it is its responsibility |
| 94 | * to ensure the result is compliant. | 94 | * to ensure the result is compliant. |
| @@ -96,172 +96,44 @@ struct ecdsa_method { | |||
| 96 | 96 | ||
| 97 | #define ECDSA_FLAG_FIPS_METHOD 0x1 | 97 | #define ECDSA_FLAG_FIPS_METHOD 0x1 |
| 98 | 98 | ||
| 99 | /** Allocates and initialize a ECDSA_SIG structure | ||
| 100 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | ||
| 101 | */ | ||
| 102 | ECDSA_SIG *ECDSA_SIG_new(void); | 99 | ECDSA_SIG *ECDSA_SIG_new(void); |
| 103 | |||
| 104 | /** frees a ECDSA_SIG structure | ||
| 105 | * \param sig pointer to the ECDSA_SIG structure | ||
| 106 | */ | ||
| 107 | void ECDSA_SIG_free(ECDSA_SIG *sig); | 100 | void ECDSA_SIG_free(ECDSA_SIG *sig); |
| 108 | |||
| 109 | /** DER encode content of ECDSA_SIG object (note: this function modifies *pp | ||
| 110 | * (*pp += length of the DER encoded signature)). | ||
| 111 | * \param sig pointer to the ECDSA_SIG object | ||
| 112 | * \param pp pointer to a unsigned char pointer for the output or NULL | ||
| 113 | * \return the length of the DER encoded ECDSA_SIG object or 0 | ||
| 114 | */ | ||
| 115 | int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); | 101 | int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); |
| 116 | |||
| 117 | /** Decodes a DER encoded ECDSA signature (note: this function changes *pp | ||
| 118 | * (*pp += len)). | ||
| 119 | * \param sig pointer to ECDSA_SIG pointer (may be NULL) | ||
| 120 | * \param pp memory buffer with the DER encoded signature | ||
| 121 | * \param len length of the buffer | ||
| 122 | * \return pointer to the decoded ECDSA_SIG structure (or NULL) | ||
| 123 | */ | ||
| 124 | ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); | 102 | ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); |
| 125 | |||
| 126 | /** Accessor for r and s fields of ECDSA_SIG | ||
| 127 | * \param sig pointer to ECDSA_SIG pointer | ||
| 128 | * \param pr pointer to BIGNUM pointer for r (may be NULL) | ||
| 129 | * \param ps pointer to BIGNUM pointer for s (may be NULL) | ||
| 130 | */ | ||
| 131 | void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); | 103 | void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); |
| 132 | 104 | ||
| 133 | const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig); | 105 | const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig); |
| 134 | const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); | 106 | const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); |
| 135 | |||
| 136 | /** Setter for r and s fields of ECDSA_SIG | ||
| 137 | * \param sig pointer to ECDSA_SIG pointer | ||
| 138 | * \param r pointer to BIGNUM for r (may be NULL) | ||
| 139 | * \param s pointer to BIGNUM for s (may be NULL) | ||
| 140 | */ | ||
| 141 | int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); | 107 | int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); |
| 142 | 108 | ||
| 143 | /** Computes the ECDSA signature of the given hash value using | ||
| 144 | * the supplied private key and returns the created signature. | ||
| 145 | * \param dgst pointer to the hash value | ||
| 146 | * \param dgst_len length of the hash value | ||
| 147 | * \param eckey EC_KEY object containing a private EC key | ||
| 148 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | ||
| 149 | */ | ||
| 150 | ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, | 109 | ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, |
| 151 | EC_KEY *eckey); | 110 | EC_KEY *eckey); |
| 152 | |||
| 153 | /** Computes ECDSA signature of a given hash value using the supplied | ||
| 154 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | ||
| 155 | * \param dgst pointer to the hash value to sign | ||
| 156 | * \param dgstlen length of the hash value | ||
| 157 | * \param kinv BIGNUM with a pre-computed inverse k (optional) | ||
| 158 | * \param rp BIGNUM with a pre-computed rp value (optional), | ||
| 159 | * see ECDSA_sign_setup | ||
| 160 | * \param eckey EC_KEY object containing a private EC key | ||
| 161 | * \return pointer to a ECDSA_SIG structure or NULL if an error occurred | ||
| 162 | */ | ||
| 163 | ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, | 111 | ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, |
| 164 | const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); | 112 | const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); |
| 165 | |||
| 166 | /** Verifies that the supplied signature is a valid ECDSA | ||
| 167 | * signature of the supplied hash value using the supplied public key. | ||
| 168 | * \param dgst pointer to the hash value | ||
| 169 | * \param dgst_len length of the hash value | ||
| 170 | * \param sig ECDSA_SIG structure | ||
| 171 | * \param eckey EC_KEY object containing a public EC key | ||
| 172 | * \return 1 if the signature is valid, 0 if the signature is invalid | ||
| 173 | * and -1 on error | ||
| 174 | */ | ||
| 175 | int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, | 113 | int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, |
| 176 | const ECDSA_SIG *sig, EC_KEY* eckey); | 114 | const ECDSA_SIG *sig, EC_KEY* eckey); |
| 177 | 115 | ||
| 178 | const ECDSA_METHOD *ECDSA_OpenSSL(void); | 116 | const ECDSA_METHOD *ECDSA_OpenSSL(void); |
| 179 | |||
| 180 | /** Sets the default ECDSA method | ||
| 181 | * \param meth new default ECDSA_METHOD | ||
| 182 | */ | ||
| 183 | void ECDSA_set_default_method(const ECDSA_METHOD *meth); | 117 | void ECDSA_set_default_method(const ECDSA_METHOD *meth); |
| 184 | |||
| 185 | /** Returns the default ECDSA method | ||
| 186 | * \return pointer to ECDSA_METHOD structure containing the default method | ||
| 187 | */ | ||
| 188 | const ECDSA_METHOD *ECDSA_get_default_method(void); | 118 | const ECDSA_METHOD *ECDSA_get_default_method(void); |
| 189 | |||
| 190 | /** Sets method to be used for the ECDSA operations | ||
| 191 | * \param eckey EC_KEY object | ||
| 192 | * \param meth new method | ||
| 193 | * \return 1 on success and 0 otherwise | ||
| 194 | */ | ||
| 195 | int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); | 119 | int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); |
| 196 | |||
| 197 | /** Returns the maximum length of the DER encoded signature | ||
| 198 | * \param eckey EC_KEY object | ||
| 199 | * \return numbers of bytes required for the DER encoded signature | ||
| 200 | */ | ||
| 201 | int ECDSA_size(const EC_KEY *eckey); | 120 | int ECDSA_size(const EC_KEY *eckey); |
| 202 | 121 | ||
| 203 | /** Precompute parts of the signing operation | ||
| 204 | * \param eckey EC_KEY object containing a private EC key | ||
| 205 | * \param ctx BN_CTX object (optional) | ||
| 206 | * \param kinv BIGNUM pointer for the inverse of k | ||
| 207 | * \param rp BIGNUM pointer for x coordinate of k * generator | ||
| 208 | * \return 1 on success and 0 otherwise | ||
| 209 | */ | ||
| 210 | int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, | 122 | int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, |
| 211 | BIGNUM **rp); | 123 | BIGNUM **rp); |
| 212 | |||
| 213 | /** Computes ECDSA signature of a given hash value using the supplied | ||
| 214 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | ||
| 215 | * \param type this parameter is ignored | ||
| 216 | * \param dgst pointer to the hash value to sign | ||
| 217 | * \param dgstlen length of the hash value | ||
| 218 | * \param sig memory for the DER encoded created signature | ||
| 219 | * \param siglen pointer to the length of the returned signature | ||
| 220 | * \param eckey EC_KEY object containing a private EC key | ||
| 221 | * \return 1 on success and 0 otherwise | ||
| 222 | */ | ||
| 223 | int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, | 124 | int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, |
| 224 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); | 125 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); |
| 225 | |||
| 226 | |||
| 227 | /** Computes ECDSA signature of a given hash value using the supplied | ||
| 228 | * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). | ||
| 229 | * \param type this parameter is ignored | ||
| 230 | * \param dgst pointer to the hash value to sign | ||
| 231 | * \param dgstlen length of the hash value | ||
| 232 | * \param sig buffer to hold the DER encoded signature | ||
| 233 | * \param siglen pointer to the length of the returned signature | ||
| 234 | * \param kinv BIGNUM with a pre-computed inverse k (optional) | ||
| 235 | * \param rp BIGNUM with a pre-computed rp value (optional), | ||
| 236 | * see ECDSA_sign_setup | ||
| 237 | * \param eckey EC_KEY object containing a private EC key | ||
| 238 | * \return 1 on success and 0 otherwise | ||
| 239 | */ | ||
| 240 | int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, | 126 | int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, |
| 241 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, | 127 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, |
| 242 | const BIGNUM *rp, EC_KEY *eckey); | 128 | const BIGNUM *rp, EC_KEY *eckey); |
| 243 | |||
| 244 | /** Verifies that the given signature is valid ECDSA signature | ||
| 245 | * of the supplied hash value using the specified public key. | ||
| 246 | * \param type this parameter is ignored | ||
| 247 | * \param dgst pointer to the hash value | ||
| 248 | * \param dgstlen length of the hash value | ||
| 249 | * \param sig pointer to the DER encoded signature | ||
| 250 | * \param siglen length of the DER encoded signature | ||
| 251 | * \param eckey EC_KEY object containing a public EC key | ||
| 252 | * \return 1 if the signature is valid, 0 if the signature is invalid | ||
| 253 | * and -1 on error | ||
| 254 | */ | ||
| 255 | int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, | 129 | int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, |
| 256 | const unsigned char *sig, int siglen, EC_KEY *eckey); | 130 | const unsigned char *sig, int siglen, EC_KEY *eckey); |
| 257 | 131 | ||
| 258 | /* the standard ex_data functions */ | ||
| 259 | int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 132 | int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 260 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); | 133 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); |
| 261 | int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); | 134 | int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); |
| 262 | void *ECDSA_get_ex_data(EC_KEY *d, int idx); | 135 | void *ECDSA_get_ex_data(EC_KEY *d, int idx); |
| 263 | 136 | ||
| 264 | |||
| 265 | /* XXX should be in ec.h, but needs ECDSA_SIG */ | 137 | /* XXX should be in ec.h, but needs ECDSA_SIG */ |
| 266 | void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, | 138 | void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, |
| 267 | int (*sign)(int type, const unsigned char *dgst, | 139 | int (*sign)(int type, const unsigned char *dgst, |