xref: /freebsd/crypto/libecc/include/libecc/sig/bip0340.h (revision f0865ec9906d5a18fa2a3b61381f22ce16e606ad) 
1 /*
2  *  Copyright (C) 2022 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *
8  *  This software is licensed under a dual BSD and GPL v2 license.
9  *  See LICENSE file at the root folder of the project.
10  */
11 #include <libecc/lib_ecc_config.h>
12 #include <libecc/lib_ecc_types.h>
13 #ifdef WITH_SIG_BIP0340
14 
15 #ifndef __BIP0340_H__
16 #define __BIP0340_H__
17 
18 #include <libecc/sig/ec_key.h>
19 #include <libecc/utils/utils.h>
20 #include <libecc/hash/hash_algs.h>
21 #include <libecc/curves/curves.h>
22 
23 #define BIP0340_R_LEN(p_bit_len) (BYTECEIL(p_bit_len))
24 #define BIP0340_S_LEN(q_bit_len) (BYTECEIL(q_bit_len))
25 #define BIP0340_SIGLEN(p_bit_len, q_bit_len) (BIP0340_R_LEN(p_bit_len) + \
26 					      BIP0340_S_LEN(q_bit_len))
27 #define BIP0340_MAX_SIGLEN BIP0340_SIGLEN(CURVES_MAX_P_BIT_LEN, CURVES_MAX_Q_BIT_LEN)
28 
29 /*
30  * Compute max signature length for all the mechanisms enabled
31  * in the library (see lib_ecc_config.h). Having that done during
32  * preprocessing sadly requires some verbosity.
33  */
34 #ifndef EC_MAX_SIGLEN
35 #define EC_MAX_SIGLEN 0
36 #endif
37 #if ((EC_MAX_SIGLEN) < (BIP0340_MAX_SIGLEN))
38 #undef EC_MAX_SIGLEN
39 #define EC_MAX_SIGLEN BIP0340_MAX_SIGLEN
40 #endif
41 
42 ATTRIBUTE_WARN_UNUSED_RET int bip0340_init_pub_key(ec_pub_key *out_pub, const ec_priv_key *in_priv);
43 
44 ATTRIBUTE_WARN_UNUSED_RET int bip0340_siglen(u16 p_bit_len, u16 q_bit_len, u8 hsize, u8 blocksize,
45 		  u8 *siglen);
46 
47 ATTRIBUTE_WARN_UNUSED_RET int _bip0340_sign(u8 *sig, u8 siglen, const ec_key_pair *key_pair,
48 				            const u8 *m, u32 mlen, int (*rand) (nn_t out, nn_src_t q),
49 					    ec_alg_type sig_type, hash_alg_type hash_type,
50 				            const u8 *adata, u16 adata_len);
51 
52 typedef struct {
53 	hash_context h_ctx;
54 	fp r;
55 	nn s;
56 	word_t magic;
57 } bip0340_verify_data;
58 
59 ATTRIBUTE_WARN_UNUSED_RET int _bip0340_verify_init(struct ec_verify_context *ctx,
60 			const u8 *sig, u8 siglen);
61 
62 ATTRIBUTE_WARN_UNUSED_RET int _bip0340_verify_update(struct ec_verify_context *ctx,
63 			  const u8 *chunk, u32 chunklen);
64 
65 ATTRIBUTE_WARN_UNUSED_RET int _bip0340_verify_finalize(struct ec_verify_context *ctx);
66 
67 ATTRIBUTE_WARN_UNUSED_RET int bip0340_verify_batch(const u8 **s, const u8 *s_len, const ec_pub_key **pub_keys,
68 						   const u8 **m, const u32 *m_len, u32 num, ec_alg_type sig_type,
69 						   hash_alg_type hash_type, const u8 **adata, const u16 *adata_len,
70 						   verify_batch_scratch_pad *scratch_pad_area, u32 *scratch_pad_area_len);
71 
72 #endif /* __BIP0340_H__ */
73 #endif /* WITH_SIG_BIP0340 */
74