xref: /freebsd/crypto/libecc/src/examples/sss/sss.h (revision b2d2a78ad80ec68d4a17f5aef97d21686cb1e29b)
1 /*
2  *  Copyright (C) 2021 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *
8  *  This software is licensed under a dual BSD and GPL v2 license.
9  *  See LICENSE file at the root folder of the project.
10  */
11 #ifndef __SSS_H__
12 #define __SSS_H__
13 
14 /* NOTE: we redefine some attributes if they are not already defined */
15 #ifndef ATTRIBUTE_PACKED
16   #ifdef __GNUC__
17     #define ATTRIBUTE_PACKED __attribute__((packed))
18   #else
19     #define ATTRIBUTE_PACKED
20   #endif
21 #endif
22 #ifndef ATTRIBUTE_WARN_UNUSED_RET
23   #ifdef __GNUC__
24     #ifdef USE_WARN_UNUSED_RET
25       #define ATTRIBUTE_WARN_UNUSED_RET __attribute__((warn_unused_result))
26     #else
27       #define ATTRIBUTE_WARN_UNUSED_RET
28     #endif
29   #else
30     #define ATTRIBUTE_WARN_UNUSED_RET
31   #endif
32 #endif
33 
34 
35 typedef enum { SSS_FALSE = 0, SSS_TRUE = 1 } boolean;
36 
37 /* The final secret size in bytes, corresponding to the
38  * size of an element in Fp with ~256 bit prime.
39  */
40 #define SSS_SECRET_SIZE	32
41 
42 /* Secrets and shares typedefs for "raw" SSS */
43 typedef struct ATTRIBUTE_PACKED {
44 	unsigned char secret[SSS_SECRET_SIZE];
45 } sss_secret;
46 typedef struct ATTRIBUTE_PACKED {
47 	/* Index x of the share on two byts (a short) */
48 	unsigned char index[2];
49 	/* Value of the share */
50 	unsigned char share[SSS_SECRET_SIZE];
51 } _sss_raw_share;
52 
53 #define SSS_SESSION_ID_SIZE 16
54 /* We use SHA-256 for HMAC, so the size is 32 bytes */
55 #define SSS_HMAC_SIZE 32
56 
57 /* Security wrapper for the secret for "secured" SSS */
58 typedef struct ATTRIBUTE_PACKED {
59 	_sss_raw_share raw_share;
60 	/* 128 bits session id */
61 	unsigned char session_id[SSS_SESSION_ID_SIZE];
62 	unsigned char raw_share_hmac[SSS_HMAC_SIZE];
63 } sss_share;
64 
65 /* SSS shares and secret generation:
66  *     Inputs:
67  *         - n: is the number of shares to generate
68  *         - k: the quorum of shares to regenerate the secret (of course k <= n)
69  *         - secret: the secret value when input_secret is set to 'true'
70  *     Output:
71  *         - shares: a pointer to the generated n shares
72  *         - secret: the secret value when input_secret is set to 'false', this
73  *           value being randomly generated
74  */
75 ATTRIBUTE_WARN_UNUSED_RET int sss_generate(sss_share *shares, unsigned short k, unsigned short n, sss_secret *secret, boolean input_secret);
76 
77 /* SSS shares and secret combination
78  *     Inputs:
79  *         - k: the quorum of shares to regenerate the secret
80  *         - shares: a pointer to the k shares
81  *     Output:
82  *         - secret: the secret value computed from the k shares
83  */
84 ATTRIBUTE_WARN_UNUSED_RET int sss_combine(const sss_share *shares, unsigned short k, sss_secret *secret);
85 
86 /* SSS shares regeneration from existing shares
87  *     Inputs:
88  *         - shares: a pointer to the input k shares allowing the regeneration
89  *         - n: is the number of shares to regenerate
90  *         - k: the input shares (of course k <= n)
91  *     Output:
92  *         - shares: a pointer to the generated n shares (among which the k first are
93  *           the ones provided as inputs)
94  *         - secret: the recomputed secret value
95  */
96 ATTRIBUTE_WARN_UNUSED_RET int sss_regenerate(sss_share *shares, unsigned short k, unsigned short n, sss_secret *secret);
97 
98 #endif /* __SSS_H__ */
99