QSC Post Quantum Cryptographic Library 1.1.0.2 (B2)
A post quantum secure library written in Ansi C
Loading...
Searching...
No Matches
ecdsap384base.h File Reference

Internal API for NIST P-384 (secp384r1) ECDSA operations. More...

#include "qsccommon.h"

Go to the source code of this file.

Macros

#define EC_NISTP384_SEED_SIZE   48U
 Seed and derived scalar byte length.
#define EC_NISTP384_PUBLICKEY_SIZE   96U
 Public key byte length (X || Y, each 48 bytes big-endian)
#define EC_NISTP384_PRIVATEKEY_SIZE   144U
 Private key byte length (seed[48] || pubkey[96])
#define EC_NISTP384_SIGNATURE_SIZE   96U
 Signature byte length (r[48] || s[48], big-endian)

Functions

int32_t qsc_p384_publickey_from_privatekey (uint8_t *publickey, const uint8_t *privatekey)
 Derive a P-384 public key from a raw private scalar.
int32_t qsc_p384_keypair (uint8_t *publickey, uint8_t *privatekey, const uint8_t *seed)
 Generate a P-384 public/private key pair from a 48-byte seed.
int32_t qsc_p384_sign (uint8_t *signedmsg, size_t *smsglen, const uint8_t *message, size_t msglen, const uint8_t *privatekey)
 Sign a message using a P-384 private key.
int32_t qsc_p384_sign_scalar (uint8_t *signedmsg, size_t *smsglen, const uint8_t *message, size_t msglen, const uint8_t *privatekey)
 Sign a message using a P-384 private key scalar.
bool qsc_p384_verify (uint8_t *message, size_t *msglen, const uint8_t *signedmsg, size_t smsglen, const uint8_t *publickey)
 Verify a P-384 signed message and recover the message bytes.

Detailed Description

Internal API for NIST P-384 (secp384r1) ECDSA operations.

cond

This header defines the internal functions for NIST P-384 (secp384r1) ECDSA operations, including key pair generation from a seed, deterministic message signing using RFC 6979, and signature verification. The implementation uses Jacobian projective coordinates for elliptic curve point arithmetic and generic reduction for both the prime field and group order arithmetic.

Key and signature encoding is big-endian and compatible with X9.62/SEC 1 conventions:

  • Public key: 96 bytes (48-byte X || 48-byte Y, uncompressed, no 0x04 prefix)
  • Private key: 48-byte seed || 96-byte public key = 144 bytes
  • Signature: 48-byte r || 48-byte s

Function Documentation

◆ qsc_p384_keypair()

int32_t qsc_p384_keypair ( uint8_t * publickey,
uint8_t * privatekey,
const uint8_t * seed )

Generate a P-384 public/private key pair from a 48-byte seed.

Derives a private scalar from the seed via SHA-384, reduces it into [1, n-1], computes Q = d*G using the P-384 base point, and stores both keys. The private key layout is seed[48] || Qx[48] || Qy[48].

Parameters
publickey[uint8_t*] Output public key (96 bytes: Qx || Qy, big-endian).
privatekey[uint8_t*] Output private key (144 bytes: seed || Qx || Qy).
seed[const uint8_t*] 48-byte random seed.
Returns
[int32_t] Returns 0 on success, or a negative error code on failure.

◆ qsc_p384_publickey_from_privatekey()

int32_t qsc_p384_publickey_from_privatekey ( uint8_t * publickey,
const uint8_t * privatekey )

Derive a P-384 public key from a raw private scalar.

This function derives the affine public point Q = dG from a 48-byte big-endian private scalar and serializes the result as the raw public-key form Qx || Qy.

The private scalar must be in the range [1, n - 1], where n is the order of the P-384 base point.

Parameters
publickey[uint8_t*] Output buffer receiving the 96-byte public key.
privatekey[const uint8_t*] Input 48-byte private scalar.
Returns
[int32_t] Returns 0 on success, or a negative error code on failure.

◆ qsc_p384_sign()

int32_t qsc_p384_sign ( uint8_t * signedmsg,
size_t * smsglen,
const uint8_t * message,
size_t msglen,
const uint8_t * privatekey )

Sign a message using a P-384 private key.

Produces a 96-byte signature (r || s) prepended to the message in the signedmsg buffer. The nonce k is derived deterministically from the private key and message hash per RFC 6979 using HMAC-SHA384, eliminating the need for a random number generator at signing time.

Parameters
signedmsg[uint8_t*] Output signed-message buffer (msglen + 96 bytes).
smsglen[size_t*] Set to msglen + EC_NISTP384_SIGNATURE_SIZE on success, 0 on failure.
message[const uint8_t*] Message to sign.
msglen[size_t] Message length in bytes.
privatekey:[constuint8_t*] 144-byte private key (seed || pubkey).
Returns
[int32_t] 0 on success, -1 on failure.

◆ qsc_p384_sign_scalar()

int32_t qsc_p384_sign_scalar ( uint8_t * signedmsg,
size_t * smsglen,
const uint8_t * message,
size_t msglen,
const uint8_t * privatekey )

Sign a message using a P-384 private key scalar.

Produces a 96-byte signature (r || s) prepended to the message in the signedmsg buffer. The nonce k is derived deterministically from the private key scalar and message hash per RFC 6979 using HMAC-SHA384.

Parameters
signedmsg[uint8_t*] Output signed-message buffer (msglen + 96 bytes).
smsglen[size_t*] Set to msglen + EC_NISTP384_SIGNATURE_SIZE on success, 0 on failure.
message[const uint8_t*] Message to sign.
msglen[size_t] Message length in bytes.
privatekey:[constuint8_t*] 48-byte private scalar.
Returns
[int32_t] 0 on success, -1 on failure.

◆ qsc_p384_verify()

bool qsc_p384_verify ( uint8_t * message,
size_t * msglen,
const uint8_t * signedmsg,
size_t smsglen,
const uint8_t * publickey )

Verify a P-384 signed message and recover the message bytes.

Verifies the 96-byte (r || s) signature prepended to signedmsg against the 96-byte public key. On success the message bytes are copied into message and msglen is set. On failure message is zeroed and msglen is set to 0.

Parameters
message[uint8_t*] Output message buffer (at least smsglen - 96 bytes).
msglen[size_t*] Set to the recovered message length on success.
signedmsg[const uint8_t*] Signed-message buffer (signature || message).
smsglen[size_t] Total signed-message length.
publickey[const uint8_t*] 96-byte public key (Qx || Qy, big-endian).
Returns
[bool] Returns true on success, false on failure.