@@ -5809,91 +5809,97 @@ \subsection{Signature Generation}
58095809
58105810\index {ecc\_ sign\_ hash()}
58115811\begin {verbatim }
5812- int ecc_sign_hash(const unsigned char *in,
5813- unsigned long inlen,
5814- unsigned char *out,
5815- unsigned long *outlen,
5816- prng_state *prng,
5817- int wprng,
5818- ecc_key *key);
5812+ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
5813+ unsigned char *out, unsigned long *outlen,
5814+ prng_state *prng, int wprng, const ecc_key *key);
58195815\end {verbatim }
58205816
5821- This function will ECDSA sign the message digest stored in the array pointed to by \textit {in } of length \textit {inlen } octets. The signature
5822- will be stored in the array pointed to by \textit {out } of length \textit {outlen } octets. The function requires a properly seeded PRNG, and
5823- the ECC \textit {key } provided must be a private key.
5817+ This function will ECDSA sign the message digest stored in the array pointed to by \texttt {in } of length \texttt {inlen } octets. The signature
5818+ will be stored in the array pointed to by \texttt {out } of length \texttt {outlen } octets. The function requires a properly seeded PRNG, and
5819+ the ECC \texttt {key } provided must be a private key.
58245820
58255821\index {ecc\_ sign\_ hash\_ rfc7518()}
58265822\begin {verbatim }
5827- int ecc_sign_hash_rfc7518(const unsigned char *in,
5828- unsigned long inlen,
5829- unsigned char *out,
5830- unsigned long *outlen,
5831- prng_state *prng,
5832- int wprng,
5833- ecc_key *key);
5823+ int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen,
5824+ unsigned char *out, unsigned long *outlen,
5825+ prng_state *prng, int wprng, const ecc_key *key);
58345826\end {verbatim }
58355827
5836- This function creates the same ECDSA signature as \textit {ecc\_ sign\_ hash } only the output format is different.
5828+ This function creates the same ECDSA signature as \texttt {ecc\_ sign\_ hash() } only the output format is different.
58375829The format follows \url {https://tools.ietf.org/html/rfc7518#section-3.4}, sometimes it is also called plain signature.
58385830
5839- \index {ecc\_ sign\_ hash\_ ex()}
5831+ \index {ecc\_ sign\_ hash\_ rfc7518 \ _
58405832\begin {verbatim }
5841- int ecc_sign_hash_ex(const unsigned char *in,
5842- unsigned long inlen,
5843- unsigned char *out,
5844- unsigned long *outlen,
5845- prng_state *prng,
5846- int wprng,
5847- ecc_signature_type sigformat,
5848- int *recid,
5849- ecc_key *key);
5833+ int ecc_sign_hash_rfc7518_ex(const unsigned char *in, unsigned long inlen,
5834+ unsigned char *out, unsigned long *outlen,
5835+ prng_state *prng, int wprng,
5836+ int *recid, const ecc_key *key);
5837+ \end {verbatim }
5838+
5839+ This function is an extended version of the ECDSA signature in \texttt {ecc\_ sign\_ hash\_ rfc7518() }, but with an additional output of the recovery ID
5840+ for use with \texttt {ecc\_ recover\_ key() }.
5841+
5842+ \index {ecc\_ sign\_ hash\_ rfc5656()}
5843+ \begin {verbatim }
5844+ int ecc_sign_hash_rfc5656(const unsigned char *in, unsigned long inlen,
5845+ unsigned char *out, unsigned long *outlen,
5846+ prng_state *prng, int wprng, const ecc_key *key);
58505847\end {verbatim }
58515848
5852- This function is an extended version of the ECDSA signature in \textit {ecc\_ sign\_ hash }, but with a choice of output formats
5853- and an optional output of the recovery ID for use with \textit {ecc\_ recover\_ key }.
5849+ This function creates an ECDSA signature and the output format is according to RFC5656, i.e. SSH compatible.
5850+
5851+ \index {ecc\_ sign\_ hash\_ eth27()}
5852+ \begin {verbatim }
5853+ int ecc_sign_hash_eth27(const unsigned char *in, unsigned long inlen,
5854+ unsigned char *out, unsigned long *outlen,
5855+ prng_state *prng, int wprng, const ecc_key *key);
5856+ \end {verbatim }
5857+
5858+ This function creates an ECDSA signature and the output format is according to the Ethereum format.
5859+ With this API the curve is limited to secp256k1.
58545860
58555861\subsection {Signature Verification }
58565862\index {ecc\_ verify\_ hash()}
58575863\begin {verbatim }
5858- int ecc_verify_hash(const unsigned char *sig,
5859- unsigned long siglen,
5860- const unsigned char *hash,
5861- unsigned long hashlen,
5862- int *stat,
5863- ecc_key *key);
5864+ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
5865+ const unsigned char *hash, unsigned long hashlen,
5866+ int *stat, const ecc_key *key);
58645867\end {verbatim }
58655868
5866- This function will verify the ECDSA signature in the array pointed to by \textit {sig } of length \textit {siglen } octets, against the message digest
5867- pointed to by the array \textit {hash } of length \textit {hashlen }. It will store a non--zero value in \textit {stat } if the signature is valid. Note:
5869+ This function will verify the ECDSA signature in the array pointed to by \texttt {sig } of length \texttt {siglen } octets, against the message digest
5870+ pointed to by the array \texttt {hash } of length \texttt {hashlen }. It will store a non--zero value in \texttt {stat } if the signature is valid. Note:
58685871the function will not return an error if the signature is invalid. It will return an error, if the actual signature payload is an invalid format.
5869- The ECC \textit {key } must be the public (or private) ECC key corresponding to the key that performed the signature.
5870- The function \textit {ecc\_ verify\_ hash } implements signature format according to X9.62 ECDSA, and the output is compliant for GF(p) curves.
5872+ The ECC \texttt {key } must be the public (or private) ECC key corresponding to the key that performed the signature.
5873+ The function \texttt {ecc\_ verify\_ hash() } implements signature format according to X9.62 ECDSA, and the output is compliant for GF(p) curves.
58715874
58725875\index {ecc\_ verify\_ hash\_ rfc7518()}
58735876\begin {verbatim }
5874- int ecc_verify_hash_rfc7518(const unsigned char *sig,
5875- unsigned long siglen,
5876- const unsigned char *hash,
5877- unsigned long hashlen,
5878- int *stat,
5879- ecc_key *key);
5877+ int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen,
5878+ const unsigned char *hash, unsigned long hashlen,
5879+ int *stat, const ecc_key *key);
58805880\end {verbatim }
58815881
5882- This function validate the ECDSA signature as \textit {ecc\_ verify\_ hash } only the signature input format
5882+ This function validate the ECDSA signature as \texttt {ecc\_ verify\_ hash() } only the signature input format
58835883follows \url {https://tools.ietf.org/html/rfc7518#section-3.4}.
58845884
5885- \index {ecc\_ verify\_ hash\_ ex ()}
5885+ \index {ecc\_ verify\_ hash\_ rfc5656 ()}
58865886\begin {verbatim }
5887- int ecc_verify_hash_ex(const unsigned char *sig,
5888- unsigned long siglen,
5889- const unsigned char *hash,
5890- unsigned long hashlen,
5891- ecc_signature_type sigformat,
5892- int *stat,
5893- ecc_key *key);
5887+ int ecc_verify_hash_rfc5656(const unsigned char *sig, unsigned long siglen,
5888+ const unsigned char *hash, unsigned long hashlen,
5889+ int *stat, const ecc_key *key);
5890+ \end {verbatim }
5891+
5892+ This function validates the ECDSA signature according to the format defined in RFC5656, i.e. SSH compatible.
5893+
5894+
5895+ \index {ecc\_ verify\_ hash\_ eth27()}
5896+ \begin {verbatim }
5897+ int ecc_verify_hash_eth27(const unsigned char *sig, unsigned long siglen,
5898+ const unsigned char *hash, unsigned long hashlen,
5899+ int *stat, const ecc_key *key);
58945900\end {verbatim }
58955901
5896- This function validates an ECDSA signature as \textit { ecc \_ verify \_ hash } but with a choice of signature formats .
5902+ This function validates the ECDSA signature according to the Ethereum format .
58975903
58985904{\bf BEWARE:} With ECC if you try to sign a hash that is bigger than your ECC key you can run into problems. The math
58995905will still work, and in effect the signature will still work. With ECC keys the strength of the signature is limited
0 commit comments