1 // Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. 2 // Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved. 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // https://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 16 #ifndef OPENSSL_HEADER_ECDH_H 17 #define OPENSSL_HEADER_ECDH_H 18 19 #include <openssl/base.h> // IWYU pragma: export 20 21 #include <openssl/ec_key.h> 22 23 #if defined(__cplusplus) 24 extern "C" { 25 #endif 26 27 28 // Elliptic curve Diffie-Hellman. 29 30 31 // ECDH_compute_key calculates the shared key between |pub_key| and |priv_key|. 32 // If |kdf| is not NULL, then it is called with the bytes of the shared key and 33 // the parameter |out|. When |kdf| returns, the value of |*outlen| becomes the 34 // return value. Otherwise, as many bytes of the shared key as will fit are 35 // copied directly to, at most, |outlen| bytes at |out|. It returns the number 36 // of bytes written to |out|, or -1 on error. 37 OPENSSL_EXPORT int ECDH_compute_key( 38 void *out, size_t outlen, const EC_POINT *pub_key, const EC_KEY *priv_key, 39 void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen)); 40 41 // ECDH_compute_key_fips calculates the shared key between |pub_key| and 42 // |priv_key| and hashes it with the appropriate SHA function for |out_len|. The 43 // only value values for |out_len| are thus 24 (SHA-224), 32 (SHA-256), 48 44 // (SHA-384), and 64 (SHA-512). It returns one on success and zero on error. 45 // 46 // Note that the return value is different to |ECDH_compute_key|: it returns an 47 // error flag (as is common for BoringSSL) rather than the number of bytes 48 // written. 49 // 50 // This function allows the FIPS module to compute an ECDH and KDF within the 51 // module boundary without taking an arbitrary function pointer for the KDF, 52 // which isn't very FIPSy. 53 OPENSSL_EXPORT int ECDH_compute_key_fips(uint8_t *out, size_t out_len, 54 const EC_POINT *pub_key, 55 const EC_KEY *priv_key); 56 57 58 #if defined(__cplusplus) 59 } // extern C 60 #endif 61 62 #define ECDH_R_KDF_FAILED 100 63 #define ECDH_R_NO_PRIVATE_VALUE 101 64 #define ECDH_R_POINT_ARITHMETIC_FAILURE 102 65 #define ECDH_R_UNKNOWN_DIGEST_LENGTH 103 66 67 #endif // OPENSSL_HEADER_ECDH_H 68