#error ECDSA is disabled.
#endif
-#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
#ifdef __cplusplus
extern "C" {
#endif
-/* Already defined in ossl_typ.h */
-/* typedef struct ecdsa_method ECDSA_METHOD; */
-
typedef struct ECDSA_SIG_st
{
BIGNUM *r;
BIGNUM *s;
} ECDSA_SIG;
-struct ecdsa_method
- {
- const char *name;
- ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
- EC_KEY *eckey);
- int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
- BIGNUM **r);
- int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
- ECDSA_SIG *sig, EC_KEY *eckey);
-#if 0
- int (*init)(EC_KEY *eckey);
- int (*finish)(EC_KEY *eckey);
-#endif
- int flags;
- char *app_data;
- };
-
-typedef struct ecdsa_data_st {
- /* EC_KEY_METH_DATA part */
- int (*init)(EC_KEY *);
- void (*finish)(EC_KEY *);
- /* method (ECDSA) specific part */
- BIGNUM *kinv; /* signing pre-calc */
- BIGNUM *r; /* signing pre-calc */
- ENGINE *engine;
- int flags;
- const ECDSA_METHOD *meth;
- CRYPTO_EX_DATA ex_data;
-} ECDSA_DATA;
-
/** ECDSA_SIG *ECDSA_SIG_new(void)
* allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
-/** ECDSA_DATA_new
- * creates a new ECDSA_DATA object
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
- */
-ECDSA_DATA *ECDSA_DATA_new(void);
-
-/** ECDSA_DATA_new_method
- * creates a new ECDSA_DATA object using a specified ENGINE
- * \param eng pointer to a ENGINE structure
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
- */
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng);
-
-/** ECDSA_DATA_free
- * frees ECDSA_DATA structure
- * \param data pointer to a ECDSA_DATA structure
- */
-void ECDSA_DATA_free(ECDSA_DATA *data);
-
-/** ecdsa_check
- * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
- * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
- * \param eckey pointer to a EC_KEY object
- * \return pointer to a ECDSA_DATA structure
- */
-ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
-
/** ECDSA_do_sign
* computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
*/
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
+/** ECDSA_do_sign_ex
+ * computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv optional pointer to a pre-computed inverse k
+ * \param rp optional pointer to the pre-computed rp value (see
+ * ECDSA_sign_setup
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL
+ */
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+
/** ECDSA_do_verify
* verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
*/
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG
- *sig, EC_KEY* eckey);
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY* eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
int ECDSA_size(const EC_KEY *eckey);
/** ECDSA_sign_setup
- * precompute parts of the signing operation (the computed values may be
- * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
- * computation).
+ * precompute parts of the signing operation.
* \param eckey pointer to the EC_KEY object containing a private EC key
* \param ctx pointer to a BN_CTX object (may be NULL)
* \param kinv pointer to a BIGNUM pointer for the inverse of k
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+
+/** ECDSA_sign_ex
+ * computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv optional pointer to a pre-computed inverse k
+ * \param rp optional pointer to the pre-computed rp value (see
+ * ECDSA_sign_setup
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+ unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
+
/** ECDSA_verify
* verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
/* Error codes for the ECDSA functions. */
/* Function codes. */
-#define ECDSA_F_ECDSA_DATA_NEW 100
+#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
#define ECDSA_F_ECDSA_DO_SIGN 101
#define ECDSA_F_ECDSA_DO_VERIFY 102
#define ECDSA_F_ECDSA_SIGN_SETUP 103
projects / oweals / openssl.git / blobdiff