Arduino Cryptography Library

Elliptic curve operations with the NIST P521 curve. More...
#include <P521.h>
Static Public Member Functions  
static bool  eval (uint8_t result[132], const uint8_t f[66], const uint8_t point[132]) 
Evaluates the curve function. More...  
static void  dh1 (uint8_t k[132], uint8_t f[66]) 
Performs phase 1 of an ECDH key exchange using P521. More...  
static bool  dh2 (const uint8_t k[132], uint8_t f[66]) 
Performs phase 2 of an ECDH key exchange using P521. More...  
static void  sign (uint8_t signature[132], const uint8_t privateKey[66], const void *message, size_t len, Hash *hash=0) 
Signs a message using a specific P521 private key. More...  
static bool  verify (const uint8_t signature[132], const uint8_t publicKey[132], const void *message, size_t len, Hash *hash=0) 
Verifies a signature using a specific P521 public key. More...  
static void  generatePrivateKey (uint8_t privateKey[66]) 
Generates a private key for P521 signing operations. More...  
static void  derivePublicKey (uint8_t publicKey[132], const uint8_t privateKey[66]) 
Derives the public key from a private key for P521 signing operations. More...  
static bool  isValidPrivateKey (const uint8_t privateKey[66]) 
Validates a private key value to ensure that it is between 1 and q  1. More...  
static bool  isValidPublicKey (const uint8_t publicKey[132]) 
Validates a public key to ensure that it is a valid curve point. More...  
static bool  isValidCurvePoint (const uint8_t point[132]) 
Validates a point to ensure that it is on the curve. More...  
Elliptic curve operations with the NIST P521 curve.
This class supports both ECDH key exchange and ECDSA signatures.
References: NIST FIPS 1864, RFC 6090, RFC 6979, RFC 5903

static 
Derives the public key from a private key for P521 signing operations.
publicKey  The public key. 
privateKey  The private key, which is assumed to have been created by generatePrivateKey(). 

static 
Performs phase 1 of an ECDH key exchange using P521.
k  The key value to send to the other party as part of the exchange. 
f  The generated secret value for this party. This must not be transmitted to any party or stored in permanent storage. It only needs to be kept in memory until dh2() is called. 
The f value is generated with RNG.rand(). It is the caller's responsibility to ensure that the global random number pool has sufficient entropy to generate the 66 bytes of f safely before calling this function.
The following example demonstrates how to perform a full ECDH key exchange using dh1() and dh2():
Reference: RFC 6090

static 
Performs phase 2 of an ECDH key exchange using P521.
k  The public key value that was received from the other party as part of the exchange. 
f  On entry, this is the secret value for this party that was generated by dh1(). On exit, this will be the shared secret. 
Reference: RFC 6090

static 
Evaluates the curve function.
result  The result of applying the curve function, which consists of the x and y values of the result point encoded in bigendian order. 
f  The scalar value to multiply by point to create the result. This is assumed to be be a 521bit number in bigendian order. 
point  The curve point to multiply consisting of the x and y values encoded in bigendian order. If point is NULL, then the generator Gx and Gy values for the curve will be used instead. 
This function provides access to the raw curve operation for testing purposes. Normally an application would use a higherlevel function like dh1(), dh2(), sign(), or verify().

static 
Generates a private key for P521 signing operations.
privateKey  The resulting private key. 
The private key is generated with RNG.rand(). It is the caller's responsibility to ensure that the global random number pool has sufficient entropy to generate the 521 bits of the key safely before calling this function.

inlinestatic 
Validates a point to ensure that it is on the curve.
point  The point to validate. 
This is a convenience function that calls isValidPublicKey() as the two operations are equivalent.

static 
Validates a private key value to ensure that it is between 1 and q  1.
privateKey  The private key value to validate. 

static 
Validates a public key to ensure that it is a valid curve point.
publicKey  The public key value to validate. 

static 
Signs a message using a specific P521 private key.
signature  The signature value. 
privateKey  The private key to use to sign the message. 
message  Points to the message to be signed. 
len  The length of the message to be signed. 
hash  The hash algorithm to use to hash the message before signing. If hash is NULL, then the message is assumed to already be a hash value from some previous process. 
This function generates deterministic ECDSA signatures according to RFC 6979. The hash function is used to generate the k value for the signature. If hash is NULL, then SHA512 is used. The hash object must be capable of HMAC mode.
The length of the hashed message must be less than or equal to 64 bytes in size. Longer messages will be truncated to 64 bytes.
References: RFC 6090, RFC 6979

static 
Verifies a signature using a specific P521 public key.
signature  The signature value to be verified. 
publicKey  The public key to use to verify the signature. 
message  The message whose signature is to be verified. 
len  The length of the message to be verified. 
hash  The hash algorithm to use to hash the message before verification. If hash is NULL, then the message is assumed to already be a hash value from some previous process. 
The length of the hashed message must be less than or equal to 64 bytes in size. Longer messages will be truncated to 64 bytes.