IP*Works! Encrypt V9 - Online Help
IP*Works! Encrypt V9
Questions / Feedback?

ECC Class

Properties   Methods   Events   Configuration Settings   Errors  

The ECC (Elliptic Curve Cryptography) component implements ECDSA (Elliptic Curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie Hellman) operations.

Class Name

IPWorksEncrypt_ECC

Procedural Interface

 ipworksencrypt_ecc_open();
 ipworksencrypt_ecc_close($res);
 ipworksencrypt_ecc_register_callback($res, $id, $function);
 ipworksencrypt_ecc_get_last_error($res);
 ipworksencrypt_ecc_get_last_error_code($res);
 ipworksencrypt_ecc_set($res, $id, $index, $value);
 ipworksencrypt_ecc_get($res, $id, $index);
 ipworksencrypt_ecc_do_computesecret($res);
 ipworksencrypt_ecc_do_config($res, $configurationstring);
 ipworksencrypt_ecc_do_createkey($res);
 ipworksencrypt_ecc_do_reset($res);
 ipworksencrypt_ecc_do_sign($res);
 ipworksencrypt_ecc_do_verifysignature($res);

Remarks

The ECC (Elliptic Curve Cryptography) class implements ECDSA (Elliptic Curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie Hellman) operations.

To begin, first call CreateKey to create a new ECC key if necessary.

An ECC key is made up of a number of individual parameters. When calling CreateKey the Key* properties are populated with a new private and public key.

After calling Sign the public key must be sent to the recipient along with HashSignature so they may perform signature verification. Likewise you must obtain the public key along with HashSignature in order to perform signature verification.

The public key consists of the following parameters:

The class also includes the KeyPublicKey property which holds the PEM formatted public key for ease of use. This is helpful if you are in control of both sides of the encryption/signing and decryption/signature verification process. When sending the public key to a recipient note that not all implementations will support using the PEM formatted value in KeyPublicKey in which case the individual parameters must be sent.

The private key consists of one value:

The class also include the KeyPrivateKey property which holds the PEM formatted private key for ease of use. This is helpful for storing the private key more easily.

ECDH Operations

The class supports computing a shared secret using ECDH. To computing a shared secret first set the RecipientKey* properties to the other party's public key. Then optionally set KeyDerivationFunction to the desired key derivation function. Finally, call ComputeSecret to compute the shared secret. The SharedSecret property will be populated with the computed secret.

ECDSA Operations

The class supports creating and verifying hash signatures using ECDSA.

To begin set the Key* properties to a valid private key. To create a new private key simply call CreateKey.

Select the input file by setting InputFile or InputMessage. Next call Sign. The Sign method will automatically compute the hash, and then sign the hash with the specified key.

Send the public key (see CreateKey for details), file, and HashSignature to the recipient.

When verifying a hash signature specify an input file by setting InputFile or InputMessage. Set HashSignature to the received hash signature. Then set Key to the public key and call VerifySignature.

To sign a hash or verify a hash signature without recomputing the hash simply set HashValue to the pre-computed hash value before calling Sign or VerifySignature.

Hash Notes

The class will determine whether or not to recompute the hash based on the properties that are set. If a file is specified by InputFile or InputMessage the hash will be recomputed when calling Sign or VerifySignature. If the HashValue property is set the class will only sign the hash or verify the hash signature. Setting InputFile or InputMessage clears the HashValue property. Setting the HashValue property clears the input file selection.

NOTE: This functionality is only available in Windows.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

HashAlgorithmThe hash algorithm used for hash computation.
HashSignatureThe hash signature.
HashValueThe hash value of the data.
InputFileThe file to process.
InputMessageThe message to process.
KeyCurveSpecifies the curve being used.
KeyKRepresent the private key (K) parameter.
KeyPrivateKeyThis property is a PEM formatted private key.
KeyPublicKeyThis property is a PEM formatted public key.
KeyRxRepresents the public key's Rx parameter.
KeyRyRepresents the public key's Ry parameter.
KeyDerivationFunctionThe key derivation function.
RecipientKeyCurveSpecifies the curve being used.
RecipientKeyPublicKeyThis property is a PEM formatted public key.
RecipientKeyRxRepresents the public key's Rx parameter.
RecipientKeyRyRepresents the public key's Ry parameter.
SharedSecretThe computed shared secret.
SignerKeyCurveSpecifies the curve being used.
SignerKeyPublicKeyThis property is a PEM formatted public key.
SignerKeyRxRepresents the public key's Rx parameter.
SignerKeyRyRepresents the public key's Ry parameter.
UseHexWhether HashValue and HashSignature are hex encoded.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

ComputeSecretComputes a shared secret.
ConfigSets or retrieves a configuration setting .
CreateKeyCreates a new key.
ResetResets the component.
SignCreates a hash signature.
VerifySignatureVerifies the signature for the specified data.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ErrorInformation about errors during data delivery.
ProgressFired as progress is made.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

KeySizeThe size, in bits, of the secret key.
CurveThe elliptic curve.
CNGECDSAKeyThe CNG ECDSA key.
CNGECDHKeyThe CNG ECDH key.
PrependSecretAn optional string to prepend to the secret agreement.
AppendSecretAn optional string to append to the secret agreement.
HMACKeyA key to use when generating a Hash-based Message Authentication Code (HMAC).
TLSSeedThe TLS PRF Seed.
TLSLabelThe TLS PRF label.
CodePageThe system code page used for Unicode to Multibyte translations.

 
 
Copyright (c) 2017 /n software inc. - All rights reserved.
Build 9.0.6240.0