1 #ifndef CURVE_H
2 #define CURVE_H
3 
4 #include <stdint.h>
5 #include <stddef.h>
6 #include "signal_protocol_types.h"
7 
8 #ifdef __cplusplus
9 extern "C" {
10 #endif
11 
12 #define CURVE_SIGNATURE_LEN 64
13 #define VRF_SIGNATURE_LEN 96
14 
15 int curve_internal_fast_tests(int silent);
16 
17 int curve_decode_point(ec_public_key **public_key, const uint8_t *key_data, size_t key_len, signal_context *global_context);
18 int ec_public_key_compare(const ec_public_key *key1, const ec_public_key *key2);
19 int ec_public_key_memcmp(const ec_public_key *key1, const ec_public_key *key2);
20 
21 /**
22  * Serialize the public key into a buffer that can be stored.
23  * The format of this data is compatible with the input format of
24  * curve_decode_point().
25  *
26  * @param buffer Pointer to a buffer that will be allocated by this function
27  *     and filled with the contents of the key. The caller is responsible for
28  *     freeing this buffer with signal_buffer_free().
29  * @param key Key to serialize
30  * @return 0 on success, negative on failure
31  */
32 int ec_public_key_serialize(signal_buffer **buffer, const ec_public_key *key);
33 
34 void ec_public_key_destroy(signal_type_base *type);
35 
36 int curve_decode_private_point(ec_private_key **private_key, const uint8_t *key_data, size_t key_len, signal_context *global_context);
37 int ec_private_key_compare(const ec_private_key *key1, const ec_private_key *key2);
38 
39 /**
40  * Serialize the private key into a buffer that can be stored.
41  * The format of this data is compatible with the input format of
42  * curve_decode_private_point().
43  *
44  * @param buffer Pointer to a buffer that will be allocated by this function
45  *     and filled with the contents of the key. The caller is responsible for
46  *     freeing this buffer with signal_buffer_free().
47  * @param key Key to serialize
48  * @return 0 on success, negative on failure
49  */
50 int ec_private_key_serialize(signal_buffer **buffer, const ec_private_key *key);
51 
52 void ec_private_key_destroy(signal_type_base *type);
53 
54 int ec_key_pair_create(ec_key_pair **key_pair, ec_public_key *public_key, ec_private_key *private_key);
55 ec_public_key *ec_key_pair_get_public(const ec_key_pair *key_pair);
56 ec_private_key *ec_key_pair_get_private(const ec_key_pair *key_pair);
57 void ec_key_pair_destroy(signal_type_base *type);
58 
59 int curve_generate_private_key(signal_context *context, ec_private_key **private_key);
60 int curve_generate_public_key(ec_public_key **public_key, const ec_private_key *private_key);
61 
62 /**
63  * Generates a Curve25519 keypair.
64  *
65  * @param key_pair Set to a randomly generated Curve25519 keypair on success.
66  * @return 0 on success, negative on failure
67  */
68 int curve_generate_key_pair(signal_context *context, ec_key_pair **key_pair);
69 
70 /**
71  * Allocate a new ec_public_key list
72  *
73  * @return pointer to the allocated list, or 0 on failure
74  */
75 ec_public_key_list *ec_public_key_list_alloc(void);
76 
77 /**
78  * Copy an ec_public_key list
79  *
80  * @return pointer to the copy of the list, or 0 on failure
81  */
82 ec_public_key_list *ec_public_key_list_copy(const ec_public_key_list *list);
83 
84 /**
85  * Push a new value onto the end of the list
86  *
87  * @param list the list
88  * @param value the value to push
89  * @return 0 on success, negative on failure
90  */
91 int ec_public_key_list_push_back(ec_public_key_list *list, ec_public_key *value);
92 
93 /**
94  * Gets the size of the list.
95  *
96  * @param list the list
97  * @return the size of the list
98  */
99 unsigned int ec_public_key_list_size(const ec_public_key_list *list);
100 
101 /**
102  * Gets the value of the element at a particular index in the list
103  *
104  * @param list the list
105  * @param index the index within the list
106  * @return the value
107  */
108 ec_public_key *ec_public_key_list_at(const ec_public_key_list *list, unsigned int index);
109 
110 /**
111  * Sorts the list based on a comparison of the key data.
112  *
113  * @param list the list
114  */
115 void ec_public_key_list_sort(ec_public_key_list *list);
116 
117 /**
118  * Free the ec_public_key list
119  * @param list the list to free
120  */
121 void ec_public_key_list_free(ec_public_key_list *list);
122 
123 /**
124  * Calculates an ECDH agreement.
125  *
126  * @param shared_key_data Set to a 32-byte shared secret on success.
127  * @param public_key The Curve25519 (typically remote party's) public key.
128  * @param private_key The Curve25519 (typically yours) private key.
129  * @return length of the shared secret on success, negative on failure
130  */
131 int curve_calculate_agreement(uint8_t **shared_key_data, const ec_public_key *public_key, const ec_private_key *private_key);
132 
133 /**
134  * Verify a Curve25519 signature.
135  *
136  * @param signing_key The Curve25519 public key the signature belongs to.
137  * @param message_data The message that was signed.
138  * @param message_len The length of the message that was signed.
139  * @param signature_data The signature to verify.
140  * @param signature_len The length of the signature to verify.
141  * @return 1 if valid, 0 if invalid, negative on failure
142  */
143 int curve_verify_signature(const ec_public_key *signing_key,
144         const uint8_t *message_data, size_t message_len,
145         const uint8_t *signature_data, size_t signature_len);
146 
147 /**
148  * Calculates a Curve25519 signature.
149  *
150  * @param signature Set to a 64-byte signature on success.
151  * @param signing_key The private Curve25519 key to create the signature with.
152  * @param message_data The message to sign.
153  * @param message_len The length of the message to sign.
154  * @return 0 on success, negative on failure
155  */
156 int curve_calculate_signature(signal_context *context,
157         signal_buffer **signature,
158         const ec_private_key *signing_key,
159         const uint8_t *message_data, size_t message_len);
160 
161 /**
162  * Verify a Unique Curve25519 signature.
163  *
164  * @param vrf_output Set to VRF output on success
165  * @param signing_key The Curve25519 public key the unique signature belongs to.
166  * @param message_data The message that was signed.
167  * @param message_len The length of the message that was signed.
168  * @param signature_data The signature to verify.
169  * @param signature_len The length of the signature to verify.
170  * @return 1 if valid, 0 if invalid, negative on failure
171  */
172 int curve_verify_vrf_signature(signal_context *context,
173         signal_buffer **vrf_output,
174         const ec_public_key *signing_key,
175         const uint8_t *message_data, size_t message_len,
176         const uint8_t *signature_data, size_t signature_len);
177 
178 /**
179  * Calculates a Unique Curve25519 signature.
180  *
181  * @param signature Set to a 96-byte signature on success.
182  * @param signing_key The private Curve25519 key to create the signature with.
183  * @param message_data The message to sign.
184  * @param message_len The length of the message to sign.
185  * @return 0 on success, negative on failure
186  */
187 int curve_calculate_vrf_signature(signal_context *context,
188         signal_buffer **signature,
189         const ec_private_key *signing_key,
190         const uint8_t *message_data, size_t message_len);
191 
192 #ifdef __cplusplus
193 }
194 #endif
195 
196 #endif /* CURVE_H */
197