MFC: r359060, r359061, r359066

[FreeBSD/FreeBSD.git] / secure / lib / libcrypto / man / man3 / EC_POINT_new.3

.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EC_POINT_NEW 3"
.TH EC_POINT_NEW 3 "2020-03-17" "1.1.1e" "OpenSSL"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point \&\- Functions for creating, destroying and manipulating EC_POINT objects
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/ec.h>
\&
\& EC_POINT *EC_POINT_new(const EC_GROUP *group);
\& void EC_POINT_free(EC_POINT *point);
\& void EC_POINT_clear_free(EC_POINT *point);
\& int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
\& EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
\& const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
\& int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
\& int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
\&                                              EC_POINT *p,
\&                                              const BIGNUM *x, const BIGNUM *y,
\&                                              const BIGNUM *z, BN_CTX *ctx);
\& int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
\&                                              const EC_POINT *p,
\&                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
\&                                              BN_CTX *ctx);
\& int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
\&                                     const BIGNUM *x, const BIGNUM *y,
\&                                     BN_CTX *ctx);
\& int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
\&                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
\& int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
\&                                         const BIGNUM *x, int y_bit,
\&                                         BN_CTX *ctx);
\& int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
\&                                         const BIGNUM *x, const BIGNUM *y,
\&                                         BN_CTX *ctx);
\& int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
\&                                         const EC_POINT *p,
\&                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
\& int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
\&                                             EC_POINT *p,
\&                                             const BIGNUM *x, int y_bit,
\&                                             BN_CTX *ctx);
\& int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
\&                                          const BIGNUM *x, const BIGNUM *y,
\&                                          BN_CTX *ctx);
\& int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
\&                                          const EC_POINT *p,
\&                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
\& int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
\&                                              EC_POINT *p,
\&                                              const BIGNUM *x, int y_bit,
\&                                              BN_CTX *ctx);
\& size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
\&                           point_conversion_form_t form,
\&                           unsigned char *buf, size_t len, BN_CTX *ctx);
\& size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
\&                           point_conversion_form_t form,
\&                           unsigned char **pbuf, BN_CTX *ctx);
\& int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
\&                        const unsigned char *buf, size_t len, BN_CTX *ctx);
\& BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
\&                           point_conversion_form_t form, BIGNUM *bn,
\&                           BN_CTX *ctx);
\& EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
\&                             EC_POINT *p, BN_CTX *ctx);
\& char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
\&                          point_conversion_form_t form, BN_CTX *ctx);
\& EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
\&                              EC_POINT *p, BN_CTX *ctx);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
An \fB\s-1EC_POINT\s0\fR structure represents a point on a curve. A new point is
constructed by calling the function \fBEC_POINT_new()\fR and providing the
\&\fBgroup\fR object that the point relates to.
.PP
\&\fBEC_POINT_free()\fR frees the memory associated with the \fB\s-1EC_POINT\s0\fR.
if \fBpoint\fR is \s-1NULL\s0 nothing is done.
.PP
\&\fBEC_POINT_clear_free()\fR destroys any sensitive data held within the \s-1EC_POINT\s0 and
then frees its memory. If \fBpoint\fR is \s-1NULL\s0 nothing is done.
.PP
\&\fBEC_POINT_copy()\fR copies the point \fBsrc\fR into \fBdst\fR. Both \fBsrc\fR and \fBdst\fR
must use the same \fB\s-1EC_METHOD\s0\fR.
.PP
\&\fBEC_POINT_dup()\fR creates a new \fB\s-1EC_POINT\s0\fR object and copies the content from
\&\fBsrc\fR to the newly created \fB\s-1EC_POINT\s0\fR object.
.PP
\&\fBEC_POINT_method_of()\fR obtains the \fB\s-1EC_METHOD\s0\fR associated with \fBpoint\fR.
.PP
A valid point on a curve is the special point at infinity. A point is set to
be at infinity by calling \fBEC_POINT_set_to_infinity()\fR.
.PP
The affine co-ordinates for a point describe a point in terms of its x and y
position. The function \fBEC_POINT_set_affine_coordinates()\fR sets the \fBx\fR and \fBy\fR
co-ordinates for the point \fBp\fR defined over the curve given in \fBgroup\fR. The
function \fBEC_POINT_get_affine_coordinates()\fR sets \fBx\fR and \fBy\fR, either of which
may be \s-1NULL,\s0 to the corresponding coordinates of \fBp\fR.
.PP
The functions \fBEC_POINT_set_affine_coordinates_GFp()\fR and
\&\fBEC_POINT_set_affine_coordinates_GF2m()\fR are synonyms for
\&\fBEC_POINT_set_affine_coordinates()\fR. They are defined for backwards compatibility
only and should not be used.
.PP
The functions \fBEC_POINT_get_affine_coordinates_GFp()\fR and
\&\fBEC_POINT_get_affine_coordinates_GF2m()\fR are synonyms for
\&\fBEC_POINT_get_affine_coordinates()\fR. They are defined for backwards compatibility
only and should not be used.
.PP
As well as the affine co-ordinates, a point can alternatively be described in
terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian
projective co-ordinates are expressed as three values x, y and z. Working in
this co-ordinate system provides more efficient point multiplication
operations.  A mapping exists between Jacobian projective co-ordinates and
affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written
as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian
projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped
to (x, y, 1). To set or get the projective co-ordinates use
\&\fBEC_POINT_set_Jprojective_coordinates_GFp()\fR and
\&\fBEC_POINT_get_Jprojective_coordinates_GFp()\fR respectively.
.PP
Points can also be described in terms of their compressed co-ordinates. For a
point (x, y), for any given value for x such that the point is on the curve
there will only ever be two possible values for y. Therefore a point can be set
using the \fBEC_POINT_set_compressed_coordinates()\fR function where \fBx\fR is the x
co-ordinate and \fBy_bit\fR is a value 0 or 1 to identify which of the two
possible values for y should be used.
.PP
The functions \fBEC_POINT_set_compressed_coordinates_GFp()\fR and
\&\fBEC_POINT_set_compressed_coordinates_GF2m()\fR are synonyms for
\&\fBEC_POINT_set_compressed_coordinates()\fR. They are defined for backwards
compatibility only and should not be used.
.PP
In addition \fB\s-1EC_POINT\s0\fR can be converted to and from various external
representations. The octet form is the binary encoding of the \fBECPoint\fR
structure (as defined in \s-1RFC5480\s0 and used in certificates and \s-1TLS\s0 records):
only the content octets are present, the \fB\s-1OCTET STRING\s0\fR tag and length are
not included. \fB\s-1BIGNUM\s0\fR form is the octet form interpreted as a big endian
integer converted to a \fB\s-1BIGNUM\s0\fR structure. Hexadecimal form is the octet
form converted to a \s-1NULL\s0 terminated character string where each character
is one of the printable values 0\-9 or A\-F (or a\-f).
.PP
The functions \fBEC_POINT_point2oct()\fR, \fBEC_POINT_oct2point()\fR, \fBEC_POINT_point2bn()\fR,
\&\fBEC_POINT_bn2point()\fR, \fBEC_POINT_point2hex()\fR and \fBEC_POINT_hex2point()\fR convert from
and to EC_POINTs for the formats: octet, \s-1BIGNUM\s0 and hexadecimal respectively.
.PP
The function \fBEC_POINT_point2oct()\fR encodes the given curve point \fBp\fR as an
octet string into the buffer \fBbuf\fR of size \fBlen\fR, using the specified
conversion form \fBform\fR.
The encoding conforms with Sec. 2.3.3 of the \s-1SECG SEC 1\s0 (\*(L"Elliptic Curve
Cryptography\*(R") standard.
Similarly the function \fBEC_POINT_oct2point()\fR decodes a curve point into \fBp\fR from
the octet string contained in the given buffer \fBbuf\fR of size \fBlen\fR, conforming
to Sec. 2.3.4 of the \s-1SECG SEC 1\s0 (\*(L"Elliptic Curve Cryptography\*(R") standard.
.PP
The functions \fBEC_POINT_point2hex()\fR and \fBEC_POINT_point2bn()\fR convert a point \fBp\fR,
respectively, to the hexadecimal or \s-1BIGNUM\s0 representation of the same
encoding of the function \fBEC_POINT_point2oct()\fR.
Vice versa, similarly to the function \fBEC_POINT_oct2point()\fR, the functions
\&\fBEC_POINT_hex2point()\fR and \fBEC_POINT_point2bn()\fR decode the hexadecimal or
\&\s-1BIGNUM\s0 representation into the \s-1EC_POINT\s0 \fBp\fR.
.PP
Notice that, according to the standard, the octet string encoding of the point
at infinity for a given curve is fixed to a single octet of value zero and that,
vice versa, a single octet of size zero is decoded as the point at infinity.
.PP
The function \fBEC_POINT_point2oct()\fR must be supplied with a buffer long enough to
store the octet form. The return value provides the number of octets stored.
Calling the function with a \s-1NULL\s0 buffer will not perform the conversion but
will still return the required buffer length.
.PP
The function \fBEC_POINT_point2buf()\fR allocates a buffer of suitable length and
writes an \s-1EC_POINT\s0 to it in octet format. The allocated buffer is written to
\&\fB*pbuf\fR and its length is returned. The caller must free up the allocated
buffer with a call to \fBOPENSSL_free()\fR. Since the allocated buffer value is
written to \fB*pbuf\fR the \fBpbuf\fR parameter \fB\s-1MUST NOT\s0\fR be \fB\s-1NULL\s0\fR.
.PP
The function \fBEC_POINT_point2hex()\fR will allocate sufficient memory to store the
hexadecimal string. It is the caller's responsibility to free this memory with
a subsequent call to \fBOPENSSL_free()\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBEC_POINT_new()\fR and \fBEC_POINT_dup()\fR return the newly allocated \s-1EC_POINT\s0 or \s-1NULL\s0
on error.
.PP
The following functions return 1 on success or 0 on error: \fBEC_POINT_copy()\fR,
\&\fBEC_POINT_set_to_infinity()\fR, \fBEC_POINT_set_Jprojective_coordinates_GFp()\fR,
\&\fBEC_POINT_get_Jprojective_coordinates_GFp()\fR,
\&\fBEC_POINT_set_affine_coordinates_GFp()\fR, \fBEC_POINT_get_affine_coordinates_GFp()\fR,
\&\fBEC_POINT_set_compressed_coordinates_GFp()\fR,
\&\fBEC_POINT_set_affine_coordinates_GF2m()\fR, \fBEC_POINT_get_affine_coordinates_GF2m()\fR,
\&\fBEC_POINT_set_compressed_coordinates_GF2m()\fR and \fBEC_POINT_oct2point()\fR.
.PP
EC_POINT_method_of returns the \s-1EC_METHOD\s0 associated with the supplied \s-1EC_POINT.\s0
.PP
\&\fBEC_POINT_point2oct()\fR and \fBEC_POINT_point2buf()\fR return the length of the required
buffer or 0 on error.
.PP
\&\fBEC_POINT_point2bn()\fR returns the pointer to the \s-1BIGNUM\s0 supplied, or \s-1NULL\s0 on
error.
.PP
\&\fBEC_POINT_bn2point()\fR returns the pointer to the \s-1EC_POINT\s0 supplied, or \s-1NULL\s0 on
error.
.PP
\&\fBEC_POINT_point2hex()\fR returns a pointer to the hex string, or \s-1NULL\s0 on error.
.PP
\&\fBEC_POINT_hex2point()\fR returns the pointer to the \s-1EC_POINT\s0 supplied, or \s-1NULL\s0 on
error.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBcrypto\fR\|(7), \fBEC_GROUP_new\fR\|(3), \fBEC_GROUP_copy\fR\|(3),
\&\fBEC_POINT_add\fR\|(3), \fBEC_KEY_new\fR\|(3),
\&\fBEC_GFp_simple_method\fR\|(3), \fBd2i_ECPKParameters\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2013\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the OpenSSL license (the \*(L"License\*(R").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.