gnunet-android

GNUnet for Android
Log | Files | Refs | README

ecdh.h (2664B)

      1 // Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
      2 // Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
      3 //
      4 // Licensed under the Apache License, Version 2.0 (the "License");
      5 // you may not use this file except in compliance with the License.
      6 // You may obtain a copy of the License at
      7 //
      8 //     https://www.apache.org/licenses/LICENSE-2.0
      9 //
     10 // Unless required by applicable law or agreed to in writing, software
     11 // distributed under the License is distributed on an "AS IS" BASIS,
     12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 // See the License for the specific language governing permissions and
     14 // limitations under the License.
     15 
     16 #ifndef OPENSSL_HEADER_ECDH_H
     17 #define OPENSSL_HEADER_ECDH_H
     18 
     19 #include <openssl/base.h>   // IWYU pragma: export
     20 
     21 #include <openssl/ec_key.h>
     22 
     23 #if defined(__cplusplus)
     24 extern "C" {
     25 #endif
     26 
     27 
     28 // Elliptic curve Diffie-Hellman.
     29 
     30 
     31 // ECDH_compute_key calculates the shared key between |pub_key| and |priv_key|.
     32 // If |kdf| is not NULL, then it is called with the bytes of the shared key and
     33 // the parameter |out|. When |kdf| returns, the value of |*outlen| becomes the
     34 // return value. Otherwise, as many bytes of the shared key as will fit are
     35 // copied directly to, at most, |outlen| bytes at |out|. It returns the number
     36 // of bytes written to |out|, or -1 on error.
     37 OPENSSL_EXPORT int ECDH_compute_key(
     38     void *out, size_t outlen, const EC_POINT *pub_key, const EC_KEY *priv_key,
     39     void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen));
     40 
     41 // ECDH_compute_key_fips calculates the shared key between |pub_key| and
     42 // |priv_key| and hashes it with the appropriate SHA function for |out_len|. The
     43 // only value values for |out_len| are thus 24 (SHA-224), 32 (SHA-256), 48
     44 // (SHA-384), and 64 (SHA-512). It returns one on success and zero on error.
     45 //
     46 // Note that the return value is different to |ECDH_compute_key|: it returns an
     47 // error flag (as is common for BoringSSL) rather than the number of bytes
     48 // written.
     49 //
     50 // This function allows the FIPS module to compute an ECDH and KDF within the
     51 // module boundary without taking an arbitrary function pointer for the KDF,
     52 // which isn't very FIPSy.
     53 OPENSSL_EXPORT int ECDH_compute_key_fips(uint8_t *out, size_t out_len,
     54                                          const EC_POINT *pub_key,
     55                                          const EC_KEY *priv_key);
     56 
     57 
     58 #if defined(__cplusplus)
     59 }  // extern C
     60 #endif
     61 
     62 #define ECDH_R_KDF_FAILED 100
     63 #define ECDH_R_NO_PRIVATE_VALUE 101
     64 #define ECDH_R_POINT_ARITHMETIC_FAILURE 102
     65 #define ECDH_R_UNKNOWN_DIGEST_LENGTH 103
     66 
     67 #endif  // OPENSSL_HEADER_ECDH_H