Elliptic Curves
Module Functionality
Provides elliptic curve cryptography—generation of public/private keypairs, the diffie-hellman key exchange protocol, and digital signature algorithm. The behavior of an elliptic curve over a finite field lends to a cryptosystem that is harder to crack than traditional public key encryption methods such as RSA.
Macros
-
CRYPTX_KEYLEN_EC_PRIVKEY
Defines the byte length of a private key used by this module.
-
CRYPTX_KEYLEN_EC_PUBKEY
Defines the byte length of a public key used by this module.
-
CRYPTX_KEYLEN_EC_SECRET
Defines the byte length of a secret generated by this module.
Response Codes
Functions
-
ec_error_t cryptx_ec_keygen(uint8_t *privkey, uint8_t *pubkey)
Generates a pair of public/private keys over SECT233k1.
These keys are valid for ECDH and ECDSA.
- Parameters
privkey – Pointer to EC private key buffer.
pubkey – Pointer to EC public key buffer.
- Returns
A random 29-byte EC private key and associated public key.
- Returns
A response code indicating the return status of this function.
-
ec_error_t cryptx_ec_secret(const uint8_t *privkey, const uint8_t *rpubkey, uint8_t *secret)
Computes a secret given a private key and remote public key using the elliptic curve variant of the diffie-hellman key exchange algorithm (ECDH).
- Parameters
privkey – Pointer to local private key.
rpubkey – Pointer to remote public key.
secret – Pointer to buffer to write shared secret to.
- Returns
An ECDH secret for use with a symmetric encryption algorithm.
- Returns
A response code indicating the return status of this function.
struct _ec_keys {
uint8_t privkey[CRYPTX_KEYLEN_EC_PRIVKEY];
uint8_t pubkey[CRYPTX_KEYLEN_EC_PUBKEY];
};
struct _ec_keys ec_keys;
uint8_t secret[CRYPTX_KEYLEN_EC_SECRET],
rpubkey[CRYPTX_KEYLEN_EC_PUBKEY];
if(cryptx_ec_keygen(ec_keys.privkey, ec_keys.pubkey) != EC_OK) return;
network_send(ec_keys.pubkey, sizeof(ec_keys.pubkey));
// await remote public key
network_recv(rpubkey, NULL);
if(cryptx_ec_secret(ec_keys.privkey, rpubkey, secret) != EC_OK) return;
// secret should now be the same for both parties