Mistake on this page?
Report an issue in GitHub or email us
crys_dh.h
Go to the documentation of this file.
1 /**************************************************************************************
2 * Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved *
3 * *
4 * This file and the related binary are licensed under the following license: *
5 * *
6 * ARM Object Code and Header Files License, v1.0 Redistribution. *
7 * *
8 * Redistribution and use of object code, header files, and documentation, without *
9 * modification, are permitted provided that the following conditions are met: *
10 * *
11 * 1) Redistributions must reproduce the above copyright notice and the *
12 * following disclaimer in the documentation and/or other materials *
13 * provided with the distribution. *
14 * *
15 * 2) Unless to the extent explicitly permitted by law, no reverse *
16 * engineering, decompilation, or disassembly of is permitted. *
17 * *
18 * 3) Redistribution and use is permitted solely for the purpose of *
19 * developing or executing applications that are targeted for use *
20 * on an ARM-based product. *
21 * *
22 * DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND *
23 * CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT *
24 * NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, *
25 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE *
26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, *
27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED *
28 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR *
29 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF *
30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING *
31 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS *
32 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
33 **************************************************************************************/
34 
35 
36 
37 
38 #ifndef _CRYS_DH_H
39 #define _CRYS_DH_H
40 
41 #include "crys_rsa_types.h"
42 #include "crys_kdf.h"
43 #include "crys_rnd.h"
44 
45 #ifdef __cplusplus
46 extern "C"
47 {
48 #endif
49 
50 
51 /*!
52 @file
53 @brief This module defines the API that supports Diffie-Hellman key exchange, as defined in [PKCS3] and in [X9.42] (key lengths 1024 and 2048 bits).
54 @defgroup crys_dh CryptoCell DH APIs
55 @{
56 @ingroup cryptocell_api
57 */
58 
59 
60 /************************ Defines ******************************/
61 /*! Defintion for DH public key.*/
62 #define CRYS_DHPubKey_t CRYSRSAPubKey_t
63 
64 /*! Maximal valid key size in bits.*/
65 #define CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS /*!< \internal RL restrict to 2048 */
66 /*! Minimal valid key size in bits.*/
67 #define CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 1024 /*!< Size limitation according to ANSI standard */
68 /*! Maximal modulus size in bytes.*/
69 #define CRYS_DH_MAX_MOD_SIZE_IN_BYTES (CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / SASI_BITS_IN_BYTE)
70 /*! Maximal modulus size in words.*/
71 #define CRYS_DH_MAX_MOD_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_BYTES/sizeof(uint32_t))
72 
73 /*! Modulus buffer size in words.*/
74 #define CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_WORDS + 2)
75 /*! Maximal domain generation size in bits.*/
76 #define CRYS_DH_DOMAIN_GENERATION_MAX_SIZE_BITS CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS /*!< \internal RL restrict to 2048 */
77 
78 /*! Defintion for DH primitives data.*/
79 #define CRYS_DHPrimeData_t CRYS_RSAPrimeData_t
80 /*! Defintion for DH public key.*/
81 #define CRYS_DHUserPubKey_t CRYS_RSAUserPubKey_t
82 /*! Defintion for DH other info.*/
83 #define CRYS_DH_OtherInfo_t CRYS_KDF_OtherInfo_t
84 
85 /*! Keying data size is in bytes*/
86 #define CRYS_DH_MAX_SIZE_OF_KEYING_DATA CRYS_KDF_MAX_SIZE_OF_KEYING_DATA
87 
88 /************************ Enums ********************************/
89 
90 /*! DH operations mode */
91 typedef enum
92 {
93  /*! PKCS3 operation mode. */
95  /*! ANSI X942 operation mode. */
97  /*! Total number of operation modes. */
99 
100  /*! Reserved. */
101  CRYS_DH_OpModeLast = 0x7FFFFFFF,
102 
104 
105 /*! HASH operation modes */
106 typedef enum
107 {
108  /*! SHA1 operation mode. */
110  /*! SHA224 operation mode. */
112  /*! SHA256 operation mode. */
114  /*! SHA384 operation mode. */
116  /*! SHA512 operation mode. */
118  /*! MD5 operation mode (not used in DH). */
119  CRYS_DH_HASH_MD5_mode = CRYS_HASH_MD5_mode, /*!< \internal not used in DH */
120  /*! Total number of HASH modes. */
122  /*! Reserved. */
124 
126 
127 /*! Key derivation modes. */
128 typedef enum
129 {
130  /*! ASN1 derivation mode.*/
132  /*! Concatination derivation mode.*/
134  /*! X963 derivation mode.*/
136  /*! Reserved. */
138 
140 
141 
142 /************************ Typedefs *************************************/
143 /*! Temporary buffer structure for internal usage.*/
144 typedef struct
145 {
146  /*! Temporary primitives data */
148  /*! Public key. */
150  /*! Temporary buffer for internal usage. */
153 
154 /*! Temporary buffer structure for internal usage. */
155 typedef struct
156 {
157  /*! Temporary primitives data */
159  /*! User's public key. */
161  /*! Temporary buffer for internal usage. */
164 
165 /*! Temporary buffer structure for internal usage. */
166 typedef struct
167 {
168  /*! Temporary primitives data */
170  /*! User's public key. */
172  /*! Temporary buffer for internal usage. */
175 
176 /*! Defintion of buffer used for FIPS Known Answer Tests. */
177 typedef struct
178 {
179  /*! Public key. */
181  /*! Temporary primitives data */
183  /*! Buffer for the secret value.*/
184  uint8_t secretBuff[CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS/SASI_BITS_IN_BYTE]; // KAT tests uses 1024 bit key
186 
187 
188 /************************ Structs **************************************/
189 
190 /************************ Public Variables ******************************/
191 
192 /************************ Public Functions ******************************/
193 
194 /*******************************************************************************************/
195 
196 /*!
197 @brief This function has two purposes:
198 <ol><li> Randomly generate the client private key according to the choosen version [PKCS3] or [ANSI X9.42].</li>
199 <li> Computes the client public key as follows: ClientPub = Generator^Prv mod Prime, where '^' is the symbol of exponentiation.</li></ol>
200 This function should not be called directly. Instead, use the macros ::CRYS_DH_PKCS3_GeneratePubPrv and ::CRYS_DH_ANSI_X942_GeneratePubPrv.
201 \note
202 All buffer parameters should be in Big-Endian form.
203 
204 @return CRYS_OK on success.
205 @return A non-zero value on failure as defined crys_dh_error.h, crys_rnd_error.h or crys_rsa_error.h.
206  */
208  void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */
209  SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */
210  uint8_t *Generator_ptr, /*!< [in] Pointer to the Generator octet string. */
211  uint16_t GeneratorSize, /*!< [in] The size of the Generator string (in bytes). */
212  uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string P (used as modulus in the algorithm). */
213  uint16_t PrimeSize, /*!< [in] The size of the Prime string in bytes. */
214  uint16_t L, /*!< [in] Exact size in bits of the Prime to be generated (relevant only for [PKCS3]):
215  <ul><li> If L!=0, force the private key to be [2^(L-1) ? Prv < 2^L], where '^'
216  indicates exponentiation.</li>
217  <li> If L = 0 then [0 < Prv < P-1].</li></ul> */
218  uint8_t *Q_ptr, /*!< [in] Relevant only for [ANSI X9.42] - Pointer to the Q octet string in the range:
219  1 <= Prv <= Q-1 or 1 < Prv < Q-1. */
220  uint16_t QSize, /*!< [in] Relevant only for [ANSI X9.42] - Size of the Q string (in bytes). */
221  CRYS_DH_OpMode_t DH_mode, /*!< [in] An enumerator declaring whether this is [PKCS3] or [ANSI X9.42] mode. */
222  CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to a temporary buffer for public key structure. Used for the
223  exponentiation function. */
224  CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure holding internal temporary buffers. */
225  uint8_t *ClientPrvKey_ptr, /*!< [out] Pointer to the Private key Prv. This buffer should be at least the following
226  size (in bytes):
227  <ul><li> If L is provided: (L+7)/8.</li>
228  <li> If L is NULL: \p PrimeSize. </li></ul> */
229  uint16_t *ClientPrvKeySize_ptr, /*!< [in/out] Pointer to the Private key size:
230  <ul><li> Input - size of the given buffer.</li>
231  <li> Output - actual size of the generated private key.</li></ul> */
232  uint8_t *ClientPub1_ptr, /*!< [out] Pointer to the Public key. This buffer should be at least \p PrimeSize bytes. */
233  uint16_t *ClientPubSize_ptr /*!< [in/out] Pointer to the Public key size:
234  <ul><li> Input - size of the given buffer.</li>
235  <li> Output - actual size of the generated public key.</li></ul> */
236 );
237 
238 
239 /* macro for calling the GeneratePubPrv function on PKCS#3 mode: Q is irrelevant */
240 /*--------------------------------------------------------------------------------*/
241 /*!
242 This macro is used to generate the public and private DH keys according to [PKCS3]. For a description of the parameters see ::_DX_DH_GeneratePubPrv.
243 */
244 #define CRYS_DH_PKCS3_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,\
245  Prime_ptr,PrimeSize,\
246  L,\
247  tmpPubKey_ptr,tmpPrimeData_ptr,\
248  ClientPrvKey_ptr,ClientPrvKeySize_ptr,\
249  ClientPub_ptr,ClientPubSize_ptr)\
250  _DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\
251  (Prime_ptr),(PrimeSize),\
252  (L),\
253  (uint8_t *)NULL,(uint16_t)0,\
254  CRYS_DH_PKCS3_mode,\
255  (tmpPubKey_ptr),(tmpPrimeData_ptr),\
256  (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\
257  (ClientPub_ptr),(ClientPubSize_ptr))
258 
259 /*!
260 This macro is used to generate the public and private DH keys according to [ANSI X9.42]. For a description of the parameters see ::_DX_DH_GeneratePubPrv.
261 */
262 #define CRYS_DH_ANSI_X942_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,Prime_ptr,PrimeSize,\
263  Q_ptr,QSize,\
264  tmpPubKey_ptr,tmpPrimeData_ptr,\
265  ClientPrvKey_ptr,ClientPrvKeySize_ptr,\
266  ClientPub_ptr,ClientPubSize_ptr)\
267  _DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\
268  (Prime_ptr),(PrimeSize),\
269  (uint16_t)0,\
270  (Q_ptr),(QSize),\
271  CRYS_DH_ANSI_X942_mode,\
272  (tmpPubKey_ptr),(tmpPrimeData_ptr),\
273  (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\
274  (ClientPub_ptr),(ClientPubSize_ptr))
275 
276 
277 /*******************************************************************************************/
278 /*!
279 @brief This function computes the shared secret key (value) accordng to [ANSI X9.42], 7.5.1:
280  SecretKey = ServerPubKey ^ ClientPrvKey mod Prime.
281 \note <ul id="noteb"><li> All buffer parameters should be in Big-Endian form.</li>
282 <li>The user must obtain assurance of validity of the public key, using one of methods,
283 described in [ANSI X9.42] paragraph 7.4.</li>
284 <li>The actual size of the private key (in bits) must be not less than 2 and not greater than the actual
285 size of the Prime (modulus in bits).</li></ul>
286 
287 @return CRYS_OK on success.
288 @return A non-zero value on failure as defined in crys_dh_error.h or crys_rsa_error.h.
289 */
291  uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string Prv < Prime. */
292  uint16_t ClientPrvKeySize, /*!< [in] The Private key Size (in bytes). */
293  uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */
294  uint16_t ServerPubKeySize, /*!< [in] The Server Public key Size (in bytes). */
295  uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
296  uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
297  CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to the public key structure. Used for the exponentiation
298  operation function. Need not be initialized. */
299  CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure containing internal temp buffers. */
300  uint8_t *SecretKey_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at
301  least PrimeSize bytes. */
302  uint16_t *SecretKeySize_ptr /*!< [in/out] Pointer to the secret key Buffer Size. This buffer should be at
303  least of PrimeSize bytes:
304  <ul><li> Input - size of the given buffer.</li>
305  <li> Output - actual size. </li></ul>*/
306 );
307 
308 
309 /******************************************************************************************/
310 /*!
311 @brief This function extracts the shared secret keying data from the shared secret value. It should be called by using
312 macros ::CRYS_DH_X942_GetSecretDataAsn1 and ::CRYS_DH_X942_GetSecretDataConcat.
313 
314 \note
315 <ul id="noteb"><li> The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for
316 the other derivation modes. </li>
317 <li>If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function
318 (entry size of empty fields must be set to 0).</li>
319 <li>All buffers arguments are represented in Big-Endian form.</li></ul>
320 
321 @return CRYS_OK on success.
322 @return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h, crys_kdf_error.h or crys_hash_error.h.
323 */
325  uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string. */
326  uint16_t ClientPrvKeySize, /*!< [in] The Private key size (in bytes). */
327  uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */
328  uint16_t ServerPubKeySize, /*!< [in] The Server Public key size (in bytes). */
329  uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
330  uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
331  CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing other data, shared by two entities
332  sharing the secret keying data.
333  The Maximal size of each data entry of "other info" is limited - see crys_kdf.h
334  for the defined value. */
335  CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported
336  HASH modes for the product (and MD5 is not supported). */
337  CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The enumerator ID of key derivation function mode. ASN1 or Concatenation
338  modes are supported. */
339  CRYS_DH_Temp_t *tmpBuff_ptr, /*!< [in] A pointer to the DH temp buffer structure. Not initialized. */
340  uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least
341  PrimeSize bytes. */
342  uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0,
343  and smaller than the maximal - CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */
344 );
345 
346 /****************************************************************/
347 /*!
348 This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on ASN.1. For a
349 description of the parameters see ::CRYS_DH_X942_GetSecretData.*/
350 #define CRYS_DH_X942_GetSecretDataAsn1(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
351  CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_ASN1_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
352 /*!
353 This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on concatenation of HASHed data.
354 For a description of the parameters see ::CRYS_DH_X942_GetSecretData.*/
355 #define CRYS_DH_X942_GetSecretDataConcat(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
356  CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_Concat_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
357 
358 
359 /****************************************************************/
360 /*!
361 @brief The function computes shared secret data using two pairs of public and private keys:
362 
363 <ul><li> SecretKey1 = ServerPubKey1^ClientPrvKey1 mod Prime. </li>
364 <li> SecretKey2 = ServerPubKey2^ClientPrvKey2 mod Prime. </li></ul>
365 It uses the Derivation function to derive secret keying data from the two secret keys (values).
366 This function may be called directly, or by using macros ::CRYS_DH_X942_HybridGetSecretDataAsn1 and ::CRYS_DH_X942_HybridGetSecretDataConcat
367 described above.
368 
369 \note
370 <ul id="noteb"><li> The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for the other derivation modes.</li>
371 If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function
372 (entry size of empty fields must be set to 0).
373 <li> All buffers arguments are represented in Big-Endian form. </li></ul>
374 
375 @return CRYS_OK on success.
376 @return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h or crys_hash_error.h.
377 */
379  uint8_t *ClientPrvKey_ptr1, /*!< [in] Pointer to the First Private key octet string number. */
380  uint16_t ClientPrvKeySize1, /*!< [in] The First Private key Size (in bytes). */
381  uint8_t *ClientPrvKey_ptr2, /*!< [in] Pointer to the Second Private key octet string. */
382  uint16_t ClientPrvKeySize2, /*!< [in] The Second Private key Size (in bytes). */
383  uint8_t *ServerPubKey_ptr1, /*!< [in] Pointer to the First Server public key octet string. */
384  uint16_t ServerPubKeySize1, /*!< [in] The First Server Public key Size (in bytes). */
385  uint8_t *ServerPubKey_ptr2, /*!< [in] Pointer to the Second Server public key octet string. */
386  uint16_t ServerPubKeySize2, /*!< [in] The Second Server Public key Size (in bytes). */
387  uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
388  uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
389  CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing optional other data, shared by two entities
390  sharing the secret keying data. */
391  CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported
392  HASH modes for the product (and MD5 is not supported). */
393  CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The type of function to use to derive the secret key to the key data.
394  ASN.1 or Concatenation modes are supported. */
395  CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, /*!< [in] Pointer to a CRYS_DH_Temp_t structure that contains temp buffers for
396  internal operations. */
397  uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least
398  of size PrimeSize bytes. */
399  uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0,
400  and smaller than CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */
401 );
402 
403 
404 /****************************************************************/
405 /*!
406 This macro implements the DH [X9.42] standard deriving a hybrid secret key from two public-private pair of keys using the Derivation function based on ASN.1.
407 For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData.*/
408 #define CRYS_DH_X942_HybridGetSecretDataAsn1(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
409  CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_ASN1_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
410 
411 /*!
412 This macro implements the DH [X9.42] standard, deriving a hybrid secret key from two pairs of public-private keys, using the Derivation
413 function based on concatenation using SHA-x HASH. For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData.
414 */
415 #define CRYS_DH_X942_HybridGetSecretDataConcat(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
416  CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_Concat_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
417 
418 
419 /******************************************************************************************/
420 /*!
421 @brief The function checks the obtained DH public key according to its domain parameters [ANSI X9.42-2001]
422 
423 \note
424 Assuming: The DH domain parameters are valid.
425 
426 @return CRYS_OK on success.
427 @return A non-zero value on failure as defined in crys_dh_error.h.
428 */
430  uint8_t *modP_ptr, /*!< [in] The pointer to the modulus (prime) P. */
431  uint32_t modPsizeBytes, /*!< [in] The modulus size in bytes. */
432  uint8_t *orderQ_ptr, /*!< [in] The pointer to the prime order Q of generator. */
433  uint32_t orderQsizeBytes, /*!< [in] The size of order of generator in bytes. */
434  uint8_t *pubKey_ptr, /*!< [in] The pointer to the public key to be validated. */
435  uint32_t pubKeySizeBytes, /*!< [in] The public key size in bytes. */
436  CRYS_DH_Temp_t *tempBuff_ptr /*!< [in] The temp buffer for internal calculations. */
437 );
438 
439 
440 #ifdef __cplusplus
441 }
442 #endif
443 /**
444 @}
445  */
446 #endif
CRYS_RSAUserPubKey_t UserPubKey
Definition: crys_dh.h:171
#define CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS
Definition: crys_dh.h:74
CRYS_DH_HASH_OpMode_t
Definition: crys_dh.h:106
CRYS_DH_OpMode_t
Definition: crys_dh.h:91
CRYSError_t CRYS_DH_CheckPubKey(uint8_t *modP_ptr, uint32_t modPsizeBytes, uint8_t *orderQ_ptr, uint32_t orderQsizeBytes, uint8_t *pubKey_ptr, uint32_t pubKeySizeBytes, CRYS_DH_Temp_t *tempBuff_ptr)
The function checks the obtained DH public key according to its domain parameters [ANSI X9...
#define CRYS_DH_OtherInfo_t
Definition: crys_dh.h:83
CRYSRSAPubKey_t PubKey
Definition: crys_dh.h:149
CRYS_RSAUserPubKey_t pubKey
Definition: crys_dh.h:180
CRYS_RSAPrimeData_t PrimeData
Definition: crys_dh.h:169
#define CRYS_DHPrimeData_t
Definition: crys_dh.h:79
CRYSError_t CRYS_DH_GetSecretKey(uint8_t *ClientPrvKey_ptr, uint16_t ClientPrvKeySize, uint8_t *ServerPubKey_ptr, uint16_t ServerPubKeySize, uint8_t *Prime_ptr, uint16_t PrimeSize, CRYS_RSAUserPubKey_t *tmpPubKey_ptr, CRYS_RSAPrimeData_t *tmpPrimeData_ptr, uint8_t *SecretKey_ptr, uint16_t *SecretKeySize_ptr)
This function computes the shared secret key (value) accordng to [ANSI X9.42], 7.5.1: SecretKey = ServerPubKey ^ ClientPrvKey mod Prime.
#define SASI_BITS_IN_BYTE
Definition: ssi_pal_types.h:65
CRYSError_t _DX_DH_GeneratePubPrv(void *rndState_ptr, SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, uint8_t *Generator_ptr, uint16_t GeneratorSize, uint8_t *Prime_ptr, uint16_t PrimeSize, uint16_t L, uint8_t *Q_ptr, uint16_t QSize, CRYS_DH_OpMode_t DH_mode, CRYS_RSAUserPubKey_t *tmpPubKey_ptr, CRYS_RSAPrimeData_t *tmpPrimeData_ptr, uint8_t *ClientPrvKey_ptr, uint16_t *ClientPrvKeySize_ptr, uint8_t *ClientPub1_ptr, uint16_t *ClientPubSize_ptr)
This function has two purposes:
CRYS_RSAUserPubKey_t UserPubKey
Definition: crys_dh.h:160
CRYS_RSAPrimeData_t PrimeData
Definition: crys_dh.h:147
#define CRYS_DHPubKey_t
Definition: crys_dh.h:62
CRYS_DH_DerivationFunc_Mode
Definition: crys_dh.h:128
CRYSError_t CRYS_DH_X942_GetSecretData(uint8_t *ClientPrvKey_ptr, uint16_t ClientPrvKeySize, uint8_t *ServerPubKey_ptr, uint16_t ServerPubKeySize, uint8_t *Prime_ptr, uint16_t PrimeSize, CRYS_KDF_OtherInfo_t *otherInfo_ptr, CRYS_DH_HASH_OpMode_t hashMode, CRYS_DH_DerivationFunc_Mode DerivFunc_mode, CRYS_DH_Temp_t *tmpBuff_ptr, uint8_t *SecretKeyingData_ptr, uint16_t SecretKeyingDataSize)
This function extracts the shared secret keying data from the shared secret value. It should be called by using macros CRYS_DH_X942_GetSecretDataAsn1 and CRYS_DH_X942_GetSecretDataConcat.
#define CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS
Definition: crys_dh.h:67
CRYSError_t CRYS_DH_X942_HybridGetSecretData(uint8_t *ClientPrvKey_ptr1, uint16_t ClientPrvKeySize1, uint8_t *ClientPrvKey_ptr2, uint16_t ClientPrvKeySize2, uint8_t *ServerPubKey_ptr1, uint16_t ServerPubKeySize1, uint8_t *ServerPubKey_ptr2, uint16_t ServerPubKeySize2, uint8_t *Prime_ptr, uint16_t PrimeSize, CRYS_KDF_OtherInfo_t *otherInfo_ptr, CRYS_DH_HASH_OpMode_t hashMode, CRYS_DH_DerivationFunc_Mode DerivFunc_mode, CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, uint8_t *SecretKeyingData_ptr, uint16_t SecretKeyingDataSize)
The function computes shared secret data using two pairs of public and private keys: ...
#define CRYS_DHUserPubKey_t
Definition: crys_dh.h:81
This file contains the CRYS APIs used for random number generation. The random-number generation modu...
uint32_t CRYSError_t
Definition: crys_error.h:253
CRYS_RSAPrimeData_t primeData
Definition: crys_dh.h:182
CRYS_RSAPrimeData_t PrimeData
Definition: crys_dh.h:158
This file contains all of the enums and definitions that are used for the CRYS RSA APIs...
This module defines the API that supports Key derivation function in modes as defined in PKCS#3...
uint32_t(* SaSiRndGenerateVectWorkFunc_t)(void *rndState_ptr, uint16_t outSizeBytes, uint8_t *out_ptr)
Definition: crys_rnd.h:206
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.