Module ec
ec module to create EC keys and do EC key processes.
Usage:
ec = require('openssl').ec
Functions
| affine_coordinates (group, point[, x[, y]]) | get or set affine coordinates of an elliptic curve point |
| group (curve) | create EC group and generator point from curve specification |
| parse () | parse elliptic curve group to extract detailed parameters |
| asn1_flag (group[, flag]) | get or set ASN1 flag for elliptic curve group |
| point_conversion_form (group[, form]) | get or set point conversion form for elliptic curve group |
| point_new (group) | create new elliptic curve point for group |
| point_dup (group, point) | duplicate an EC point |
| point_equal (group, a, b) | compare two EC points for equality |
| oct2point (group, oct) | convert octet string to EC point |
| point2oct (group[, form]) | convert EC point to octet string |
| bn2point (group, bn) | convert bignum to EC point |
| point2bn (group[, form]) | convert EC point to bignum |
| hex2point (group, hex) | convert hexadecimal string to EC point |
| point2hex (group[, form]) | convert EC point to hexadecimal string |
| generate_key () | generate EC key pair from group |
| equal (other) | check if two EC groups are equal |
| sign (eckey, digest, md) | do EC sign |
| verify (eckey, digest, signature, md) | do EC verify, input msg is digest result |
| copy (from) | copy EC point |
| parse ([basic=false]) | parse EC key components and parameters |
| compute_key (peer[, kdf]) | compute ECDH shared key |
| set_method (engine) | set ECDSA signing method for EC key |
| check () | check if EC key is valid |
| export () | export EC key to DER format |
| group ([group]) | get or set EC group for EC key |
| read (der) | read EC key from DER encoded data |
| conv_form ([form]) | get or set point conversion form for EC key |
| enc_flags ([flags]) | get or set encoding flags for EC key |
| list () | list all available elliptic curve names |
Functions
- affine_coordinates (group, point[, x[, y]])
-
get or set affine coordinates of an elliptic curve point
Parameters:
- group ec_group elliptic curve group
- point ec_point elliptic curve point
- x bn x coordinate (for setting) (optional)
- y bn y coordinate (for setting) (optional)
Returns:
- bn x coordinate (when getting)
- bn y coordinate (when getting)
- group (curve)
-
create EC group and generator point from curve specification
Parameters:
Returns:
- ec_group the elliptic curve group
- ec_point the generator point
- parse ()
-
parse elliptic curve group to extract detailed parameters
Returns:
-
table
containing curve parameters (generator, order, cofactor, etc.)
- asn1_flag (group[, flag])
-
get or set ASN1 flag for elliptic curve group
Parameters:
- group ec_group elliptic curve group
- flag number or string ASN1 flag to set (optional)
Returns:
-
string or number
current ASN1 flag (string name and number value)
- point_conversion_form (group[, form])
-
get or set point conversion form for elliptic curve group
Parameters:
- group ec_group elliptic curve group
- form number or string point conversion form to set (optional)
Returns:
-
string or number
current point conversion form (string name and number value)
- point_new (group)
-
create new elliptic curve point for group
Parameters:
- group ec_group elliptic curve group
Returns:
-
ec_point
new elliptic curve point
- point_dup (group, point)
-
duplicate an EC point
Parameters:
- group ec_group the EC group
- point ec_point the EC point to duplicate
Returns:
-
ec_point
new EC point that is a copy of the input point
- point_equal (group, a, b)
-
compare two EC points for equality
Parameters:
- group ec_group the EC group
- a ec_point first EC point to compare
- b ec_point second EC point to compare
Returns:
-
boolean
true if points are equal, false otherwise
- oct2point (group, oct)
-
convert octet string to EC point
Parameters:
- group ec_group the EC group
- oct string octet string representation
Returns:
-
ec_point or nil
the resulting EC point or nil on failure
- point2oct (group[, form])
-
convert EC point to octet string
Parameters:
- group ec_group the EC group
- form string point conversion form (“compressed”, “uncompressed”, or “hybrid”) (optional)
Returns:
-
string
octet string representation of the point
- bn2point (group, bn)
-
convert bignum to EC point
Parameters:
- group ec_group the EC group
- bn bignum the bignum to convert to point
Returns:
-
ec_point or nil
the resulting EC point or nil on failure
- point2bn (group[, form])
-
convert EC point to bignum
Parameters:
- group ec_group the EC group
- form string point conversion form (“compressed”, “uncompressed”, or “hybrid”) (optional)
Returns:
-
bn or nil
the resulting bignum representation or nil on failure
- hex2point (group, hex)
-
convert hexadecimal string to EC point
Parameters:
- group ec_group the EC group
- hex string hexadecimal string representation
Returns:
-
ec_point or nil
the resulting EC point or nil on failure
- point2hex (group[, form])
-
convert EC point to hexadecimal string
Parameters:
- group ec_group the EC group
- form string point conversion form (“compressed”, “uncompressed”, or “hybrid”) (optional)
Returns:
-
string or nil
hexadecimal string representation or nil on failure
- generate_key ()
-
generate EC key pair from group
Returns:
-
ec_key
generated EC key object or nil if failed
- equal (other)
-
check if two EC groups are equal
Parameters:
- other ec_group EC group to compare with
Returns:
-
boolean
true if groups are equal, false otherwise
- sign (eckey, digest, md)
-
do EC sign
Parameters:
- eckey ec_key
- digest string result of digest to be signed
- md evp_md, string or nid digest alg identity, default is sm3
Returns:
-
string
signature
- verify (eckey, digest, signature, md)
-
do EC verify, input msg is digest result
Parameters:
- eckey ec_key
- digest string result of digest to be signed
- signature string
- md evp_md, string or nid digest alg identity
Returns:
- boolean true for verified, false for invalid signature
- nil for error, and followed by error message
- copy (from)
-
copy EC point
Parameters:
- from ec_point source EC point to copy from
Returns:
-
boolean
true on success, false on failure
- parse ([basic=false])
-
parse EC key components and parameters
Parameters:
- basic boolean true for basic information only (default false)
Returns:
-
table
EC key information including encoding flags, conversion form, group, and key components
- compute_key (peer[, kdf])
-
compute ECDH shared key
Parameters:
- peer ec_key peer EC key for key exchange
- kdf function key derivation function (optional)
Returns:
-
string
shared secret or nil if failed
- set_method (engine)
-
set ECDSA signing method for EC key
Parameters:
- engine engine engine providing the ECDSA method
Returns:
-
boolean
result true for success
- check ()
-
check if EC key is valid
Returns:
-
boolean
true if key is valid, false otherwise
- export ()
-
export EC key to DER format
Returns:
-
string
DER encoded EC private key
- group ([group])
-
get or set EC group for EC key
Parameters:
- group ec_group optional EC group to set (optional)
Returns:
- ec_group current EC group when called without parameters
- boolean true when setting group successfully
- read (der)
-
read EC key from DER encoded data
Parameters:
- der string DER encoded EC private key data
Returns:
-
ec_key or nil
parsed EC key or nil on failure
- conv_form ([form])
-
get or set point conversion form for EC key
Parameters:
- form string or number point conversion form to set (optional)
Returns:
- string point conversion form name if getting
- number point conversion form value if getting
Or
-
boolean
result true for success if setting
- enc_flags ([flags])
-
get or set encoding flags for EC key
Parameters:
- flags string or number encoding flags to set (optional)
Returns:
- string encoding flags name if getting
- number encoding flags value if getting
Or
-
boolean
result true for success if setting
- list ()
-
list all available elliptic curve names
Returns:
-
table
array of curve names and descriptions