1 /* eccsi.h
2  *
3  * Copyright (C) 2006-2021 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
22 /*!
23     \file wolfssl/wolfcrypt/eccsi.h
24 */
25 
26 
27 #ifndef WOLF_CRYPT_ECCSI_H
28 #define WOLF_CRYPT_ECCSI_H
29 
30 #include <wolfssl/wolfcrypt/types.h>
31 
32 #ifdef WOLFCRYPT_HAVE_ECCSI
33 
34 #include <wolfssl/wolfcrypt/integer.h>
35 #include <wolfssl/wolfcrypt/ecc.h>
36 #include <wolfssl/wolfcrypt/hash.h>
37 #include <wolfssl/wolfcrypt/hmac.h>
38 
39 #define WOLFCRYPT_ECCSI_KMS
40 #define WOLFCRYPT_ECCSI_CLIENT
41 
42 #define MAX_ECCSI_BYTES  (256 / 8)
43 
44 /* Maximum number of loops of attempting to generate key pairs and signatures.
45  */
46 #ifndef ECCSI_MAX_GEN_COUNT
47     #define ECCSI_MAX_GEN_COUNT     10
48 #endif
49 
50 typedef struct EccsiKeyParams {
51     /** Order (q) of elliptic curve as an MP integer. */
52     mp_int order;
53 #ifdef WOLFCRYPT_ECCSI_CLIENT
54     /** A parameter of elliptic curve as an MP integer. */
55     mp_int a;
56     /** P parameter of elliptic curve as an MP integer. */
57     mp_int b;
58     /** Prime of elliptic curve as an MP integer. */
59     mp_int prime;
60 #endif
61     /** Base point for elliptic curve operations as an ECC point. */
62     ecc_point* base;
63 
64     /** Bit indicates order (q) is set as an MP integer in ECCSI key. */
65     byte haveOrder:1;
66     /** Bit indicates A is set as an MP integer in ECCSI key. */
67     byte haveA:1;
68     /** Bit indicates B is set as an MP integer in ECCSI key. */
69     byte haveB:1;
70     /** Bit indicates prime is set as an MP integer in ECCSI key. */
71     byte havePrime:1;
72     /** Bit indicates base point is set as an MP integer in ECCSI key. */
73     byte haveBase:1;
74 } EccsiKeyParams;
75 
76 /**
77  * ECCSI key.
78  */
79 typedef struct EccsiKey {
80     /** ECC key to perform elliptic curve operations with. */
81     ecc_key ecc;
82     /** ECC key to perform public key elliptic curve operations with. */
83     ecc_key pubkey;
84     /** ECC parameter in forms that can be used in computation. */
85     EccsiKeyParams params;
86 #ifdef WOLFCRYPT_ECCSI_CLIENT
87     /** Temporary MP integer used during operations.. */
88     mp_int tmp;
89     /** Secret Signing Key */
90     mp_int ssk;
91     /** Public Validation Token (PVT) */
92     ecc_point* pvt;
93 #endif
94     /** Generic hash algorithm object. */
95     wc_HashAlg hash;
96     /** Temporary buffer for use in operations. */
97     byte data[(MAX_ECCSI_BYTES * 2) + 1];
98 #ifdef WOLFCRYPT_ECCSI_CLIENT
99     /** Hash of identity - used in signing/verification. */
100     byte idHash[WC_MAX_DIGEST_SIZE];
101     /** Size of hash of identity in bytes. */
102     byte idHashSz;
103 #endif
104     /** Heap hint for dynamic memory allocation. */
105     void* heap;
106     /** Bit indicates KPAK (public key) is in montgomery form. */
107     word16 kpakMont:1;
108 } EccsiKey;
109 
110 #ifdef __cplusplus
111     extern "C" {
112 #endif
113 
114 WOLFSSL_API int wc_InitEccsiKey(EccsiKey* key, void* heap, int devId);
115 WOLFSSL_API int wc_InitEccsiKey_ex(EccsiKey* key, int keySz, int curveId,
116         void* heap, int devId);
117 WOLFSSL_API void wc_FreeEccsiKey(EccsiKey* key);
118 
119 WOLFSSL_API int wc_MakeEccsiKey(EccsiKey* key, WC_RNG* rng);
120 
121 WOLFSSL_API int wc_MakeEccsiPair(EccsiKey* key, WC_RNG* rng,
122         enum wc_HashType hashType, const byte* id, word32 idSz, mp_int* ssk,
123         ecc_point* pvt);
124 WOLFSSL_API int wc_ValidateEccsiPair(EccsiKey* key, enum wc_HashType hashType,
125         const byte* id, word32 idSz, const mp_int* ssk, ecc_point* pvt,
126         int* valid);
127 WOLFSSL_API int wc_ValidateEccsiPvt(EccsiKey* key, const ecc_point* pvt,
128         int* valid);
129 WOLFSSL_API int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk,
130         ecc_point* pvt, byte* data, word32* sz);
131 WOLFSSL_API int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data,
132         word32* sz);
133 WOLFSSL_API int wc_EncodeEccsiPvt(const EccsiKey* key, ecc_point* pvt,
134         byte* data, word32* sz, int raw);
135 WOLFSSL_API int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data,
136         word32 sz, mp_int* ssk, ecc_point* pvt);
137 WOLFSSL_API int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data,
138         word32 sz, mp_int* ssk);
139 WOLFSSL_API int wc_DecodeEccsiPvt(const EccsiKey* key, const byte* data,
140         word32 sz, ecc_point* pvt);
141 WOLFSSL_API int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig,
142         word32 sz, ecc_point* pvt);
143 
144 WOLFSSL_API int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz);
145 WOLFSSL_API int wc_ImportEccsiKey(EccsiKey* key, const byte* data, word32 sz);
146 
147 WOLFSSL_API int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz);
148 WOLFSSL_API int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data,
149         word32 sz);
150 
151 WOLFSSL_API int wc_ExportEccsiPublicKey(EccsiKey* key, byte* data, word32* sz,
152         int raw);
153 WOLFSSL_API int wc_ImportEccsiPublicKey(EccsiKey* key, const byte* data,
154         word32 sz, int trusted);
155 
156 WOLFSSL_API int wc_HashEccsiId(EccsiKey* key, enum wc_HashType hashType,
157         const byte* id, word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz);
158 WOLFSSL_API int wc_SetEccsiHash(EccsiKey* key, const byte* hash, byte hashSz);
159 WOLFSSL_API int wc_SetEccsiPair(EccsiKey* key, const mp_int* ssk,
160         const ecc_point* pvt);
161 
162 WOLFSSL_API int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng,
163         enum wc_HashType hashType, const byte* msg, word32 msgSz, byte* sig,
164         word32* sigSz);
165 WOLFSSL_API int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
166         const byte* msg, word32 msgSz, const byte* sig, word32 sigSz,
167         int* verified);
168 
169 #ifdef __cplusplus
170     } /* extern "C" */
171 #endif
172 
173 #endif /* WOLFCRYPT_HAVE_ECCSI */
174 
175 #endif /* WOLF_CRYPT_ECCSI_H */
176 
177