- Generated by
1.14.0
Internal API for NIST P-256 (secp256r1) ECDSA key exchange operations. More...
#include "qsccommon.h"Go to the source code of this file.
Functions | |
| int32_t | qsc_p256_publickey_from_privatekey (uint8_t *publickey, const uint8_t *privatekey) |
| Derive a P-256 public key from a raw private scalar. | |
| int32_t | qsc_p256_keypair (uint8_t *publickey, uint8_t *privatekey, const uint8_t *seed) |
| Generate a P-256 public/private key pair from a 32-byte seed. | |
| int32_t | qsc_p256_sign (uint8_t *signedmsg, size_t *smsglen, const uint8_t *message, size_t msglen, const uint8_t *privatekey) |
| Sign a message using a P-256 private key. | |
| int32_t | qsc_p256_sign_scalar (uint8_t *signedmsg, size_t *smsglen, const uint8_t *message, size_t msglen, const uint8_t *privatekey) |
| Sign a message using a P-256 private key (RFC 6979 deterministic k using scalar d). | |
| bool | qsc_p256_verify (uint8_t *message, size_t *msglen, const uint8_t *signedmsg, size_t smsglen, const uint8_t *publickey) |
| Verify a P-256 signed message and recover the message bytes. | |
Internal API for NIST P-256 (secp256r1) ECDSA key exchange operations.
cond
This header defines the internal functions for NIST P-256 (secp256r1) ECDSA operations, including key pair generation from a seed, deterministic message signing using RFC 6979, and signature verification. The implementation uses Jacobian projective coordinates for elliptic curve point arithmetic, Solinas reduction for the field prime p, and Barrett reduction for the group order n.
Key and signature encoding is big-endian and compatible with X9.62/SEC 1 conventions:
| int32_t qsc_p256_keypair | ( | uint8_t * | publickey, |
| uint8_t * | privatekey, | ||
| const uint8_t * | seed ) |
Generate a P-256 public/private key pair from a 32-byte seed.
Derives a private scalar from the seed via SHA-256, clamps it into [1, n-1], computes Q = d*G using the P-256 base point, and stores both keys. The private key layout is seed[32] || Qx[32] || Qy[32].
| publickey | [uint8_t*] Output public key (64 bytes: Qx || Qy, big-endian). |
| privatekey | [uint8_t*] Output private key (96 bytes: seed || Qx || Qy). |
| seed | [const uint8_t*] 32-byte random seed. |
| int32_t qsc_p256_publickey_from_privatekey | ( | uint8_t * | publickey, |
| const uint8_t * | privatekey ) |
Derive a P-256 public key from a raw private scalar.
This function derives the affine public point Q = dG from a 32-byte big-endian private scalar and serializes the result as the raw public-key form Qx || Qy.
The private scalar must be in the range [1, n - 1], where n is the order of the P-256 base point.
| publickey | [uint8_t*] Output buffer receiving the 64-byte public key. |
| privatekey | [const uint8_t*] Input 32-byte private scalar. |
| int32_t qsc_p256_sign | ( | uint8_t * | signedmsg, |
| size_t * | smsglen, | ||
| const uint8_t * | message, | ||
| size_t | msglen, | ||
| const uint8_t * | privatekey ) |
Sign a message using a P-256 private key.
Produces a 64-byte signature (r || s) prepended to the message in the signedmsg buffer. The nonce k is derived deterministically from the private key and message hash per RFC 6979 using HMAC-SHA256, eliminating the need for a random number generator at signing time.
| signedmsg | [uint8_t*] Output signed-message buffer (msglen + 64 bytes). |
| smsglen | [size_t*] Set to msglen + EC_NISTP256_SIGNATURE_SIZE on success, 0 on failure. |
| message | [const uint8_t*] Message to sign. |
| msglen | [size_t] Message length in bytes. |
| privatekey | [const uint8_t*] 96-byte private key (seed || pubkey). |
| int32_t qsc_p256_sign_scalar | ( | uint8_t * | signedmsg, |
| size_t * | smsglen, | ||
| const uint8_t * | message, | ||
| size_t | msglen, | ||
| const uint8_t * | privatekey ) |
Sign a message using a P-256 private key (RFC 6979 deterministic k using scalar d).
Produces a 64-byte signature (r || s) prepended to the message in the signedmsg buffer. The nonce k is derived deterministically from the private key and message hash per RFC 6979 using HMAC-SHA256, eliminating the need for a random number generator at signing time.
| signedmsg | [uint8_t*] Output signed-message buffer (msglen + 64 bytes). |
| smsglen | [size_t*] Set to msglen + EC_NISTP256_SIGNATURE_SIZE on success, 0 on failure. |
| message | [const uint8_t*] Message to sign. |
| msglen | [size_t] Message length in bytes. |
| privatekey | [const uint8_t*] 96-byte private key (seed || pubkey). |
| bool qsc_p256_verify | ( | uint8_t * | message, |
| size_t * | msglen, | ||
| const uint8_t * | signedmsg, | ||
| size_t | smsglen, | ||
| const uint8_t * | publickey ) |
Verify a P-256 signed message and recover the message bytes.
Verifies the 64-byte (r || s) signature prepended to signedmsg against the 64-byte public key. On success the message bytes are copied into message and msglen is set. On failure message is zeroed and msglen is set to 0.
| message | [uint8_t*] Output message buffer (at least smsglen - 64 bytes). |
| msglen | [size_t*] Set to the recovered message length on success. |
| signedmsg | [const uint8_t*] Signed-message buffer (signature || message). |
| smsglen | [size_t] Total signed-message length. |
| publickey | [const uint8_t*] 64-byte public key (Qx || Qy, big-endian). |
1.14.0