Kenji Arai / mbed-os_TYBLE16

Dependents:   TYBLE16_simple_data_logger TYBLE16_MP3_Air

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers crys_rsa_schemes.h Source File

crys_rsa_schemes.h

Go to the documentation of this file.
00001 /**************************************************************************************
00002 * Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved         *
00003 *                                                                                     *
00004 * This file and the related binary are licensed under the following license:          *
00005 *                                                                                     *
00006 * ARM Object Code and Header Files License, v1.0 Redistribution.                      *
00007 *                                                                                     *
00008 * Redistribution and use of object code, header files, and documentation, without     *
00009 * modification, are permitted provided that the following conditions are met:         *
00010 *                                                                                     *
00011 * 1) Redistributions must reproduce the above copyright notice and the                *
00012 *    following disclaimer in the documentation and/or other materials                 *
00013 *    provided with the distribution.                                                  *
00014 *                                                                                     *
00015 * 2) Unless to the extent explicitly permitted by law, no reverse                     *
00016 *    engineering, decompilation, or disassembly of is permitted.                      *
00017 *                                                                                     *
00018 * 3) Redistribution and use is permitted solely for the purpose of                    *
00019 *    developing or executing applications that are targeted for use                   *
00020 *    on an ARM-based product.                                                         *
00021 *                                                                                     *
00022 * DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND                  *
00023 * CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT             *
00024 * NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT,        *
00025 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE          *
00026 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,   *
00027 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED            *
00028 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR              *
00029 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF              *
00030 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING                *
00031 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS                  *
00032 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.                        *
00033 **************************************************************************************/
00034 
00035 
00036 
00037 #ifndef CRYS_RSA_SCHEMES_H
00038 #define CRYS_RSA_SCHEMES_H
00039 
00040 
00041 #include "crys_error.h"
00042 #include "crys_rsa_types.h"
00043 #include "crys_rnd.h"
00044 
00045 #ifdef __cplusplus
00046 extern "C"
00047 {
00048 #endif
00049 
00050 /*!
00051 @file
00052 @brief This module defines APIs that support [PKCS1_1.5] and [PKCS1_2.1] encryption and signature schemes.
00053 @defgroup crys_rsa_schemes CryptoCell RSA encryption and signature schemes
00054 @{
00055 @ingroup crys_rsa
00056 */
00057 
00058 /**********************************************************************************************************/
00059 /*!
00060 @brief This function implements the Encrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5].
00061 
00062 It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Encrypt or ::CRYS_RSA_PKCS1v15_Encrypt.
00063 
00064 @return CRYS_OK on success.
00065 @return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure.
00066 */
00067 CIMPORT_C CRYSError_t  SaSi_RsaSchemesEncrypt(
00068                         void   *rndState_ptr,           /*!< [in/out] Pointer to the RND state structure. */
00069                         SaSiRndGenerateVectWorkFunc_t  rndGenerateVectFunc,   /*!< [in] Pointer to the random vector generation function. */
00070                         CRYS_RSAUserPubKey_t   *UserPubKey_ptr,      /*!< [in]  Pointer to the public key data structure. */
00071                         CRYS_RSAPrimeData_t    *PrimeData_ptr,       /*!< [in]  Pointer to a temporary structure that is internally used as workspace for the
00072                                            Encryption operation. */
00073                         CRYS_RSA_HASH_OpMode_t  hashFunc,            /*!< [in]  The HASH function to be used. One of the supported SHA-x HASH modes, as defined
00074                                            in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported).*/
00075                         uint8_t  *L,                                /*!< [in]  The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default.
00076                                            NULL for [PKCS1_1.5]. */
00077                         uint16_t  Llen,                             /*!< [in]  The label length. Relevant for [PKCS1_2.1] only. Zero by default.
00078                                            Must be <=2048. Zero for [PKCS1_1.5]. */
00079                         CRYS_PKCS1_MGF_t  MGF,                       /*!< [in]  The mask generation function. [PKCS1_2.1] defines MGF1, so the only value
00080                                            allowed here is CRYS_PKCS1_MGF1. */
00081                         uint8_t   *DataIn_ptr,                      /*!< [in]  Pointer to the data to encrypt. */
00082                         uint16_t   DataInSize,                      /*!< [in]  The size (in bytes) of the data to encrypt. The data size must be:
00083                                                                                 - For [PKCS1_2.1], DataSize <= modulus size - 2*HashLen - 2.
00084                                                                                 - For [PKCS1_1.5], DataSize <= modulus size - 11. */
00085                         uint8_t   *Output_ptr,                      /*!< [out] Pointer to the encrypted data. The buffer must be at least modulus size bytes long. */
00086                         CRYS_PKCS1_version   PKCS1_ver               /*!< [in]  [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */
00087 );
00088 
00089 /*!
00090    @brief
00091    CRYS_RSA_OAEP_PSS21_Encrypt implements the RSAES-OAEP algorithm
00092    as defined in PKCS#1 v2.1 8.1.
00093 
00094    \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore
00095     it is not supported.
00096 
00097    This function combines the RSA encryption primitive and the
00098    EME-OAEP encoding method, to provide an RSA-based encryption
00099    method that is semantically secure against adaptive
00100    chosen-ciphertext attacks. For additional details, please refer to
00101    the PKCS#1 standard.
00102 */
00103 #define CRYS_RSA_OAEP_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr)\
00104         SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,CRYS_PKCS1_VER21)
00105 
00106 /*!
00107    @brief
00108    CRYS_RSA_PKCS1v15_Encrypt implements the RSAES-PKCS1v15 algorithm
00109    as defined in PKCS#1 v2.1 8.2.
00110 */
00111 #define CRYS_RSA_PKCS1v15_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr)\
00112         SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr, \
00113         DataInSize, Output_ptr,CRYS_PKCS1_VER15)
00114 
00115 
00116 /**********************************************************************************************************/
00117 /*!
00118 @brief This function implements the Decrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5].
00119 
00120 It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Decrypt or ::CRYS_RSA_PKCS1v15_Decrypt.
00121 
00122 @return CRYS_OK on success.
00123 @return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure.
00124 */
00125 CIMPORT_C CRYSError_t  SaSi_RsaSchemesDecrypt(
00126                                 CRYS_RSAUserPrivKey_t   *UserPrivKey_ptr,    /*!< [in]  Pointer to the private key data structure of the user. */
00127                                 CRYS_RSAPrimeData_t     *PrimeData_ptr,      /*!< [in]  Pointer to a temporary structure that is internally used as workspace
00128                                                for the decryption operation. */
00129                                 CRYS_RSA_HASH_OpMode_t   hashFunc,           /*!< [in]  The HASH function to be used. One of the supported SHA-x HASH modes,
00130                                                as defined in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported). */
00131                                 uint8_t                 *L,                 /*!< [in]  The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default.
00132                                                NULL for [PKCS1_1.5]. */
00133                                 uint16_t              Llen,                 /*!< [in]  The label length. Relevant for [PKCS1_2.1] only. Zero by default.
00134                                                Zero for [PKCS1_1.5]. */
00135                                 CRYS_PKCS1_MGF_t         MGF,                /*!< [in]  The mask generation function. [PKCS1_2.1] defines MGF1, so the only
00136                                                value allowed here is CRYS_PKCS1_MGF1. */
00137                                 uint8_t              *DataIn_ptr,           /*!< [in]  Pointer to the data to decrypt. */
00138                                 uint16_t              DataInSize,           /*!< [in]  The size (in bytes) of the data to decrypt. DataSize must be &le;
00139                                                the modulus size. */
00140                                 uint8_t              *Output_ptr,           /*!< [in]  Pointer to the decrypted data. The buffer must be at least
00141                                                PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes). */
00142                                 uint16_t             *OutputSize_ptr,       /*!< [in]  Pointer to the byte size of the buffer pointed to by Output_buffer.
00143                                                The size must be:
00144                                                                                        <ul><li> For PKCS #1 v2.1: Modulus size > OutputSize >=
00145                                                 (modulus size - 2*HashLen - 2).</li>
00146                                                                                        <li> For PKCS #1 v1.5: Modulus size > OutputSize >= (modulus size - 11).
00147                                                                                         The value pointed by OutputSize_ptr is updated after decryption with
00148                                             the actual number of bytes that are loaded to Output_ptr.</li></ul> */
00149                                 CRYS_PKCS1_version       PKCS1_ver           /*!< [in]  [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */
00150 );
00151 
00152 /**********************************************************************************************************/
00153 /**
00154    @brief
00155    CRYS_RSA_OAEP_Decrypt implements the RSAES-OAEP algorithm
00156    as defined in PKCS#1 v2.1 8.1.
00157 
00158    \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore
00159    it is not supported.
00160 
00161    This function combines the RSA decryption primitive and the
00162    EME-OAEP encoding method, to provide an RSA-based decryption
00163    method that is semantically secure against adaptive
00164    chosen-ciphertext attacks. For more details, please refer to
00165    the PKCS#1 standard.
00166 
00167 */
00168 #define CRYS_RSA_OAEP_Decrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr)\
00169         SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00170 
00171 
00172 /**
00173    @brief
00174    CRYS_RSA_PKCS1v15_Decrypt implements the RSAES-PKCS1v15 algorithm as defined
00175    in PKCS#1 v2.1 8.2.
00176 */
00177 #define CRYS_RSA_PKCS1v15_Decrypt(UserPrivKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\
00178         SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER15)
00179 
00180 
00181 /**********************************************************************************************************/
00182 /*!
00183 @brief Implements the Signing algorithm, as defined in [PKCS1_1.5] or [PKCS1_2.1], using a single function.
00184 
00185 The input data may be either a non-hashed data or a digest of a hash function.
00186 For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t.
00187 For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed.
00188 
00189 @return CRYS_OK on success.
00190 @return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure.
00191 */
00192 CIMPORT_C CRYSError_t  SaSi_RsaSign(
00193                    void   *rndState_ptr,                /*!< [in/out] Pointer to the RND state. */
00194                    SaSiRndGenerateVectWorkFunc_t  rndGenerateVectFunc,   /*!< [in/out] Pointer to the RND Generate vector function pointer. */
00195                    CRYS_RSAPrivUserContext_t  *UserContext_ptr,      /*!< [in]  Pointer to a temporary context for internal use. */
00196                    CRYS_RSAUserPrivKey_t  *UserPrivKey_ptr,          /*!< [in]  Pointer to the private key data structure of the user.
00197                                                                                The representation (pair or quintuple) and hence the algorithm (CRT or not CRT)
00198                                            is determined by the Private Key build function -
00199                                                                                ::CRYS_RSA_Build_PrivKey or ::CRYS_RSA_Build_PrivKeyCRT. */
00200                    CRYS_RSA_HASH_OpMode_t  rsaHashMode,              /*!< [in]  One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t.
00201                                            (MD5 is not supported). */
00202                    CRYS_PKCS1_MGF_t  MGF,                            /*!< [in]  The mask generation function. [PKCS1_2.1] defines only MGF1, so the only value
00203                                            allowed for [PKCS1_2.1] is CRYS_PKCS1_MGF1. */
00204                    uint16_t     SaltLen,                            /*!< [in]  The Length of the Salt buffer (relevant for PKCS#1 Ver 2.1 only, typically lengths is 0 or hash Len).
00205                                                                                FIPS 186-4 requires, that SaltLen <= hash len. If SaltLen > KeySize - hash Len - 2, the function
00206                                                                                returns an error.  */
00207                    uint8_t     *DataIn_ptr,                         /*!< [in]  Pointer to the input data to be signed.
00208                                                                                The size of the scatter/gather list representing the data buffer is limited to 128
00209                                            entries, and the size of each entry is limited to 64KB (fragments larger than
00210                                            64KB are broken into fragments <= 64KB). */
00211                    uint32_t     DataInSize,                         /*!< [in]  The size (in bytes) of the data to sign. */
00212                    uint8_t     *Output_ptr,                         /*!< [out] Pointer to the signature. The buffer must be at least PrivKey_ptr->N.len bytes
00213                                            long (i.e. the modulus size in bytes). */
00214                    uint16_t    *OutputSize_ptr,                     /*!< [in/out] Pointer to the signature size value - the input value is the signature
00215                                           buffer size allocated, the output value is the signature size used.
00216                                                                                   he buffer must be equal to PrivKey_ptr->N.len bytes long
00217                                           (i.e. the modulus size in bytes). */
00218                    CRYS_PKCS1_version  PKCS1_ver                     /*!< [in]  [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */
00219 );
00220 
00221 
00222 /*!
00223 @brief CRYS_RSA_PKCS1v15_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5.
00224 
00225 This function combines the RSASP1 signature primitive and the EMSA-PKCS1v15 encoding method, to provide an RSA-based signature scheme.
00226 For more details, please refer to the PKCS#1 standard.
00227  */
00228 
00229 #define CRYS_RSA_PKCS1v15_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\
00230         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(hashFunc),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),(DataInSize),(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00231 
00232 
00233 /*!
00234 @brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function -
00235 it assumes that the data in has already been hashed using SHA-1.
00236 
00237 \note The data_in size is already known after the Hash.
00238 */
00239 #define CRYS_RSA_PKCS1v15_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00240         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA1_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00241 
00242 /*!
00243 @brief CRYS_RSA_PKCS1v15_MD5_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function -
00244 it assumes that the data in has already been hashed using MD5.
00245 
00246 \note The data_in size is already known after the Hash.
00247 */
00248 
00249 #define CRYS_RSA_PKCS1v15_MD5_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00250         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,(DataIn_ptr),CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00251 
00252 
00253 /*!
00254 @brief CRYS_RSA_PKCS1v15_SHA224_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function -
00255 it assumes that the data in has already been hashed using SHA-224.
00256 
00257 \note The data_in size is already known after the Hash.
00258 */
00259 #define CRYS_RSA_PKCS1v15_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00260         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA224_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00261 
00262 
00263 /*!
00264 @brief CRYS_RSA_PKCS1v15_SHA256_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function -
00265 it assumes that the data in has already been hashed using SHA-256.
00266 
00267 \note The data_in size is already known after the Hash.
00268 */
00269 #define CRYS_RSA_PKCS1v15_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00270         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA256_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00271 
00272 /*!
00273 @brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function -
00274 it assumes that the data in has already been hashed using SHA-384.
00275 
00276 \note The data_in size is already known after the Hash.
00277 */
00278 #define CRYS_RSA_PKCS1v15_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00279         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA384_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00280 
00281 
00282 /*!
00283 @brief CRYS_RSA_PKCS1v15_SHA512_Sign implements the RSASSA-PKCS1v15 algorithm  as defined in PKCS#1 v1.5, but without performing a HASH function -
00284 it assumes that the data in has already been hashed using SHA-512.
00285 
00286 \note The data_in size is already known after the Hash.
00287 */
00288 #define CRYS_RSA_PKCS1v15_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00289         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA512_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15)
00290 
00291 
00292 
00293 /*!
00294 @brief CRYS_RSA_PSS_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1, in a single function call.
00295 
00296 \note According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, therefore it is not supported.
00297 
00298 The actual macro that is used by the user is ::CRYS_RSA_PSS_Sign.
00299 */
00300 
00301 #define CRYS_RSA_PSS_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\
00302         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00303 
00304 
00305 /*!
00306 @brief CRYS_RSA_PSS_SHA1_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function -
00307 it assumes that the data in has already been hashed using SHA-1.
00308 
00309 \note The data_in size is already known after the Hash.
00310 
00311 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA1_Sign.
00312 */
00313 
00314 #define CRYS_RSA_PSS_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00315         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00316 
00317 
00318 /*!
00319 @brief CRYS_RSA_PSS_SHA224_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function -
00320 it assumes that the data in has already been hashed using SHA-224.
00321 
00322 \note The data_in size is already known after the Hash.
00323 
00324 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA224_Sign.
00325 */
00326 
00327 #define CRYS_RSA_PSS_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00328         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00329 
00330 
00331 /*!
00332 @brief CRYS_RSA_PSS_SHA256_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function -
00333 it assumes that the data in has already been hashed using SHA-256.
00334 
00335 \note The data_in size is already known after the Hash.
00336 
00337 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA256_Sign.
00338 */
00339 
00340 #define CRYS_RSA_PSS_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00341         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00342 
00343 
00344 /*!
00345 @brief CRYS_RSA_PSS_SHA384_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function -
00346 it assumes that the data in has already been hashed using SHA-384.
00347 
00348 \note The data_in size is already known after the Hash.
00349 
00350 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA384_Sign.
00351 */
00352 
00353 #define CRYS_RSA_PSS_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00354         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00355 
00356 
00357 /*!
00358 @brief CRYS_RSA_PSS_SHA512_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function -
00359 it assumes that the data in has already been hashed using SHA-512.
00360 
00361 \note The data_in size is already known after the Hash.
00362 
00363 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA512_Sign.
00364 */
00365 
00366 #define CRYS_RSA_PSS_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\
00367         SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21)
00368 
00369 
00370 /**********************************************************************************************************/
00371 /*!
00372 @brief Implements the RSA signature verification algorithms, in a single function call, as defined in referenced standards [PKCS1_1.5]
00373 and [PKCS1_2.1].
00374 
00375 The input data may be either a non-hashed data or a digest of a hash function.
00376 For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t.
00377 For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed.
00378 
00379 @return CRYS_OK on success.
00380 @return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure.
00381 */
00382 
00383 CIMPORT_C CRYSError_t  SaSi_RsaVerify(
00384                             CRYS_RSAPubUserContext_t  *UserContext_ptr,      /*!< [in]  Pointer to a temporary context for internal use. */
00385                             CRYS_RSAUserPubKey_t  *UserPubKey_ptr,           /*!< [in]  Pointer to the public key data structure of the user. */
00386                             CRYS_RSA_HASH_OpMode_t  rsaHashMode,             /*!< [in]  One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t.
00387                                                (MD5 is not supported). */
00388                             CRYS_PKCS1_MGF_t  MGF,                           /*!< [in]  The mask generation function. [PKCS1_2.1] defines only MGF1, so the only
00389                                                value allowed for [PKCS_2.1] is CRYS_PKCS1_MGF1. */
00390                             uint16_t SaltLen,                               /*!< [in]  The Length of the Salt buffer. Relevant only for [PKCS1_2.1].
00391                                                Typical lengths are 0 or hash Len (20 for SHA-1).
00392                                                                                        The maximum length allowed is [modulus size - hash Len - 2]. */
00393                             uint8_t     *DataIn_ptr,                        /*!< [in]  Pointer to the input data to be verified.
00394                                                                                         The size of the scatter/gather list representing the data buffer is
00395                                             limited to 128 entries, and the size of each entry is limited to 64KB
00396                                             (fragments larger than 64KB are broken into fragments <= 64KB). */
00397                             uint32_t     DataInSize,                        /*!< [in]  The size (in bytes) of the data whose signature is to be verified. */
00398                             uint8_t     *Sig_ptr,                           /*!< [in]  Pointer to the signature to be verified.
00399                                                                                        The length of the signature is PubKey_ptr->N.len bytes
00400                                                (i.e. the modulus size in bytes). */
00401                             CRYS_PKCS1_version  PKCS1_ver                    /*!< [in]  [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */
00402 );
00403 
00404 /*!
00405 @brief CRYS_RSA_PKCS1v15_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5.
00406 */
00407 #define CRYS_RSA_PKCS1v15_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,DataIn_ptr,DataInSize,Sig_ptr)\
00408         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER15)
00409 
00410 
00411 /*!
00412 @brief CRYS_RSA_PKCS1v15_MD5_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00413 it assumes the DataIn_ptr data has already been hashed using MD5.
00414 */
00415 #define CRYS_RSA_PKCS1v15_MD5_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00416         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00417 
00418 
00419 /*!
00420 @brief CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00421 it assumes that the DataIn_ptr data has already been hashed using SHA1.
00422 
00423 */
00424 #define CRYS_RSA_PKCS1v15_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00425         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00426 
00427 /*!
00428 @brief CRYS_RSA_PKCS1v15_SHA224_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00429 it assumes that the DataIn_ptr data has already been hashed using SHA224.
00430 
00431 */
00432 #define CRYS_RSA_PKCS1v15_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00433         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00434 
00435 /*!
00436 @brief CRYS_RSA_PKCS1v15_SHA256_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00437 it assumes that the DataIn_ptr data has already been hashed using SHA256.
00438 
00439 */
00440 #define CRYS_RSA_PKCS1v15_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00441         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00442 
00443 /*!
00444 @brief CRYS_RSA_PKCS1v15_SHA384_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00445 it assumes that the DataIn_ptr data has already been hashed using SHA384.
00446 
00447 */
00448 #define CRYS_RSA_PKCS1v15_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00449         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00450 
00451 /*!
00452 @brief CRYS_RSA_PKCS1v15_SHA512_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function -
00453 it assumes that the DataIn_ptr data has already been hashed using SHA512.
00454 
00455 */
00456 #define CRYS_RSA_PKCS1v15_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\
00457         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15)
00458 
00459 /*!
00460 @brief CRYS_RSA_PSS_Verify implements the RSASSA-PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1.
00461 */
00462 
00463 #define CRYS_RSA_PSS_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr)\
00464         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER21)
00465 
00466                   /*!
00467 @brief CRYS_RSA_PSS_SHA1_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function -
00468 it assumes the DataIn_ptr has already been hashed using SHA1.
00469 
00470 */
00471 
00472 #define CRYS_RSA_PSS_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\
00473         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21)
00474 
00475 
00476 /*!
00477 @brief CRYS_RSA_PSS_SHA224_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function -
00478 it assumes the DataIn_ptr has already been hashed using SHA224.
00479 */
00480 
00481 #define CRYS_RSA_PSS_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\
00482         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21)
00483 
00484 /*!
00485 @brief CRYS_RSA_PSS_SHA256_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function -
00486 it assumes the DataIn_ptr has already been hashed using SHA256.
00487 
00488 */
00489 
00490 #define CRYS_RSA_PSS_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\
00491         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21)
00492 
00493 
00494 /*!
00495 @brief CRYS_RSA_PSS_SHA384_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function -
00496 it assumes the DataIn_ptr has already been hashed using SHA384.
00497 
00498 */
00499 
00500 #define CRYS_RSA_PSS_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\
00501         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21)
00502 
00503 
00504 /*!
00505 @brief CRYS_RSA_PSS_SHA512_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function -
00506 it assumes the DataIn_ptr has already been hashed using SHA512.
00507 */
00508 
00509 #define CRYS_RSA_PSS_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\
00510         SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21)
00511 
00512 /**********************************************************************************************************/
00513 
00514 
00515 #ifdef __cplusplus
00516 }
00517 #endif
00518 /**
00519 @}
00520  */
00521 #endif