/*
* ZeroTier One - Global Peer to Peer Ethernet
* Copyright (C) 2012-2013 ZeroTier Networks LLC
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*
* --
*
* ZeroTier may be used and distributed under the terms of the GPLv3, which
* are available at: http://www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form, please contact ZeroTier Networks
* LLC. Start here: http://www.zerotier.com/
*/
#ifndef _ZT_ELLIPTICCURVEKEYPAIR_HPP
#define _ZT_ELLIPTICCURVEKEYPAIR_HPP
#include
#include "EllipticCurveKey.hpp"
namespace ZeroTier {
/**
* An elliptic curve key pair supporting generation and key agreement
*
* This is basically OpenSSL libcrypto glue.
*/
class EllipticCurveKeyPair
{
public:
EllipticCurveKeyPair();
EllipticCurveKeyPair(const EllipticCurveKeyPair &pair);
EllipticCurveKeyPair(const EllipticCurveKey &pubk,const EllipticCurveKey &privk);
~EllipticCurveKeyPair();
const EllipticCurveKeyPair &operator=(const EllipticCurveKeyPair &pair);
/**
* Fill this structure with a newly generated public/private key pair
*
* @return True if key generation is successful
*/
bool generate();
/**
* Perform elliptic curve key agreement
*
* @param theirPublicKey Remote side's public key
* @param agreedUponKey Buffer to fill with agreed-upon symmetric key
* @param agreedUponKeyLength Number of bytes to generate
* @return True if key agreement is successful
*/
bool agree(const EllipticCurveKey &theirPublicKey,unsigned char *agreedUponKey,unsigned int agreedUponKeyLength) const;
/**
* Sign a SHA256 hash
*
* @param sha256 Pointer to 256-bit / 32-byte SHA hash to sign
* @return ECDSA signature (r and s in binary format, each prefixed by an 8-bit size)
*/
std::string sign(const void *sha256) const;
/**
* Sign something with this pair's private key, computing its hash first
*
* @param data Data to hash and sign
* @param len Length of data
* @return Signature bytes
*/
std::string sign(const void *data,unsigned int len) const;
/**
* Verify a signature
*
* @param sha256 Pointer to 256-bit / 32-byte SHA hash to verify
* @param pk Public key to verify against
* @param sigbytes Signature bytes
* @param siglen Length of signature
*/
static bool verify(const void *sha256,const EllipticCurveKey &pk,const void *sigbytes,unsigned int siglen);
/**
* Verify a signature
*
* @param data Data to verify
* @param len Length of data
* @param pk Public key to verify against
* @param sigbytes Signature bytes
* @param siglen Length of signature
*/
static bool verify(const void *data,unsigned int len,const EllipticCurveKey &pk,const void *sigbytes,unsigned int siglen);
inline bool operator==(const EllipticCurveKeyPair &kp) const
throw()
{
return ((_pub == kp._pub)&&(_priv == kp._priv));
}
inline bool operator!=(const EllipticCurveKeyPair &kp) const
throw()
{
return ((_pub != kp._pub)||(_priv != kp._priv));
}
inline const EllipticCurveKey &pub() const throw() { return _pub; }
inline const EllipticCurveKey &priv() const throw() { return _priv; }
private:
bool initInternalKey();
EllipticCurveKey _pub;
EllipticCurveKey _priv;
void *_internal_key;
};
} // namespace ZeroTier
#endif