1*f540a430SEd Maste.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved. 20afa8e06SEd Maste.\" Use of this source code is governed by a BSD-style 30afa8e06SEd Maste.\" license that can be found in the LICENSE file. 40afa8e06SEd Maste.\" 50afa8e06SEd Maste.Dd $Mdocdate: May 24 2018 $ 60afa8e06SEd Maste.Dt ES256_PK_NEW 3 70afa8e06SEd Maste.Os 80afa8e06SEd Maste.Sh NAME 90afa8e06SEd Maste.Nm es256_pk_new , 100afa8e06SEd Maste.Nm es256_pk_free , 110afa8e06SEd Maste.Nm es256_pk_from_EC_KEY , 12*f540a430SEd Maste.Nm es256_pk_from_EVP_KEY , 130afa8e06SEd Maste.Nm es256_pk_from_ptr , 140afa8e06SEd Maste.Nm es256_pk_to_EVP_PKEY 150afa8e06SEd Maste.Nd FIDO 2 COSE ES256 API 160afa8e06SEd Maste.Sh SYNOPSIS 170afa8e06SEd Maste.In openssl/ec.h 180afa8e06SEd Maste.In fido/es256.h 190afa8e06SEd Maste.Ft es256_pk_t * 200afa8e06SEd Maste.Fn es256_pk_new "void" 210afa8e06SEd Maste.Ft void 220afa8e06SEd Maste.Fn es256_pk_free "es256_pk_t **pkp" 230afa8e06SEd Maste.Ft int 240afa8e06SEd Maste.Fn es256_pk_from_EC_KEY "es256_pk_t *pk" "const EC_KEY *ec" 250afa8e06SEd Maste.Ft int 26*f540a430SEd Maste.Fn es256_pk_from_EVP_PKEY "es256_pk_t *pk" "const EVP_PKEY *pkey" 27*f540a430SEd Maste.Ft int 280afa8e06SEd Maste.Fn es256_pk_from_ptr "es256_pk_t *pk" "const void *ptr" "size_t len" 290afa8e06SEd Maste.Ft EVP_PKEY * 300afa8e06SEd Maste.Fn es256_pk_to_EVP_PKEY "const es256_pk_t *pk" 310afa8e06SEd Maste.Sh DESCRIPTION 320afa8e06SEd MasteES256 is the name given in the CBOR Object Signing and Encryption 330afa8e06SEd Maste(COSE) RFC to ECDSA over P-256 with SHA-256. 340afa8e06SEd MasteThe COSE ES256 API of 350afa8e06SEd Maste.Em libfido2 360afa8e06SEd Masteis an auxiliary API with routines to convert between the different 370afa8e06SEd MasteECDSA public key types used in 380afa8e06SEd Maste.Em libfido2 390afa8e06SEd Masteand 400afa8e06SEd Maste.Em OpenSSL . 410afa8e06SEd Maste.Pp 420afa8e06SEd MasteIn 430afa8e06SEd Maste.Em libfido2 , 440afa8e06SEd MasteES256 public keys are abstracted by the 450afa8e06SEd Maste.Vt es256_pk_t 460afa8e06SEd Mastetype. 470afa8e06SEd Maste.Pp 480afa8e06SEd MasteThe 490afa8e06SEd Maste.Fn es256_pk_new 500afa8e06SEd Mastefunction returns a pointer to a newly allocated, empty 510afa8e06SEd Maste.Vt es256_pk_t 520afa8e06SEd Mastetype. 530afa8e06SEd MasteIf memory cannot be allocated, NULL is returned. 540afa8e06SEd Maste.Pp 550afa8e06SEd MasteThe 560afa8e06SEd Maste.Fn es256_pk_free 570afa8e06SEd Mastefunction releases the memory backing 580afa8e06SEd Maste.Fa *pkp , 590afa8e06SEd Mastewhere 600afa8e06SEd Maste.Fa *pkp 610afa8e06SEd Mastemust have been previously allocated by 620afa8e06SEd Maste.Fn es256_pk_new . 630afa8e06SEd MasteOn return, 640afa8e06SEd Maste.Fa *pkp 650afa8e06SEd Masteis set to NULL. 660afa8e06SEd MasteEither 670afa8e06SEd Maste.Fa pkp 680afa8e06SEd Masteor 690afa8e06SEd Maste.Fa *pkp 700afa8e06SEd Mastemay be NULL, in which case 710afa8e06SEd Maste.Fn es256_pk_free 720afa8e06SEd Masteis a NOP. 730afa8e06SEd Maste.Pp 740afa8e06SEd MasteThe 750afa8e06SEd Maste.Fn es256_pk_from_EC_KEY 760afa8e06SEd Mastefunction fills 770afa8e06SEd Maste.Fa pk 780afa8e06SEd Mastewith the contents of 790afa8e06SEd Maste.Fa ec . 800afa8e06SEd MasteNo references to 810afa8e06SEd Maste.Fa ec 820afa8e06SEd Masteare kept. 830afa8e06SEd Maste.Pp 840afa8e06SEd MasteThe 85*f540a430SEd Maste.Fn es256_pk_from_EVP_KEY 86*f540a430SEd Mastefunction fills 87*f540a430SEd Maste.Fa pk 88*f540a430SEd Mastewith the contents of 89*f540a430SEd Maste.Fa pkey . 90*f540a430SEd MasteNo references to 91*f540a430SEd Maste.Fa pkey 92*f540a430SEd Masteare kept. 93*f540a430SEd Maste.Pp 94*f540a430SEd MasteThe 950afa8e06SEd Maste.Fn es256_pk_from_ptr 960afa8e06SEd Mastefunction fills 970afa8e06SEd Maste.Fa pk 980afa8e06SEd Mastewith the contents of 990afa8e06SEd Maste.Fa ptr , 1000afa8e06SEd Mastewhere 1010afa8e06SEd Maste.Fa ptr 1020afa8e06SEd Mastepoints to 1030afa8e06SEd Maste.Fa len 1040afa8e06SEd Mastebytes. 1050afa8e06SEd MasteThe 1060afa8e06SEd Maste.Fa ptr 1070afa8e06SEd Mastepointer may point to an uncompressed point, or to the 1080afa8e06SEd Masteconcatenation of the x and y coordinates. 1090afa8e06SEd MasteNo references to 1100afa8e06SEd Maste.Fa ptr 1110afa8e06SEd Masteare kept. 1120afa8e06SEd Maste.Pp 1130afa8e06SEd MasteThe 1140afa8e06SEd Maste.Fn es256_pk_to_EVP_PKEY 1150afa8e06SEd Mastefunction converts 1160afa8e06SEd Maste.Fa pk 1170afa8e06SEd Masteto a newly allocated 1180afa8e06SEd Maste.Fa EVP_PKEY 1190afa8e06SEd Mastetype with a reference count of 1. 1200afa8e06SEd MasteNo internal references to the returned pointer are kept. 1210afa8e06SEd MasteIf an error occurs, 1220afa8e06SEd Maste.Fn es256_pk_to_EVP_PKEY 1230afa8e06SEd Mastereturns NULL. 1240afa8e06SEd Maste.Sh RETURN VALUES 1250afa8e06SEd MasteThe 126*f540a430SEd Maste.Fn es256_pk_from_EC_KEY , 127*f540a430SEd Maste.Fn es256_pk_from_EVP_KEY , 1280afa8e06SEd Masteand 1290afa8e06SEd Maste.Fn es256_pk_from_ptr 1300afa8e06SEd Mastefunctions return 1310afa8e06SEd Maste.Dv FIDO_OK 1320afa8e06SEd Masteon success. 1330afa8e06SEd MasteOn error, a different error code defined in 1340afa8e06SEd Maste.In fido/err.h 1350afa8e06SEd Masteis returned. 1360afa8e06SEd Maste.Sh SEE ALSO 1370afa8e06SEd Maste.Xr eddsa_pk_new 3 , 1380afa8e06SEd Maste.Xr fido_assert_verify 3 , 1390afa8e06SEd Maste.Xr fido_cred_pubkey_ptr 3 , 1400afa8e06SEd Maste.Xr rs256_pk_new 3 141