ica_ecdh_derive_secret
Purpose
Calculates the Diffie-Hellman shared secret (z value) of a first given private
ICA_EC_KEY data structure (with given D value) and a second given public ICA_EC_KEY
data structure (with given X and Y values).
Format
int ica_ecdh_derive_secret(ica_adapter_handle_t adapter_handle,
const ICA_EC_KEY *privkey_A,
const ICA_EC_KEY *pubkey_B,
unsigned char *z,
unsigned int z_length);
Required hardware support
- At least, a Crypto Express4S CCA coprocessor is required (CEX4C or later).
- MSA9 (IBM z15® or later) for ECDH and ECDSA support via CPACF for these elliptic curves: p256, p384, p521.
Parameters
- ica_adapter_handle_t adapter_handle
- Pointer to a previously opened device handle.
- const ICA_EC_KEY *privkey_A
- A pointer to a private
ICA_EC_KEYobject, initialized via ica_ec_key_init or ica_ec_key_generate. - const ICA_EC_KEY *pubkey_B
- A pointer to a public
ICA_EC_KEYobject, initialized via ica_ec_key_init or ica_ec_key_generate. - unsigned char *z
- Pointer to a writable buffer where the shared secret (
z) is returned. - unsigned int z_length
- The length in bytes of the
zbuffer. This length must be greater or equal to privlen, as returned when creating theICA_EC_KEYobjects. Both keys are supposed to be based on the same elliptic curve, so both keys have the same length ofD, and the same (X,Y).
Return codes
- 0
- Success
- EINVAL
- If at least one invalid parameter is given.
- EFAULT
- If an internal processing error occurred.
- EPERM
- If the EC curve is not supported in this environment.
For return codes indicating exceptions, see Return codes.