Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
crys_rsa_schemes.h
00001 /************************************************************************************** 00002 * Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * 00003 * * 00004 * This file and the related binary are licensed under the following license: * 00005 * * 00006 * ARM Object Code and Header Files License, v1.0 Redistribution. * 00007 * * 00008 * Redistribution and use of object code, header files, and documentation, without * 00009 * modification, are permitted provided that the following conditions are met: * 00010 * * 00011 * 1) Redistributions must reproduce the above copyright notice and the * 00012 * following disclaimer in the documentation and/or other materials * 00013 * provided with the distribution. * 00014 * * 00015 * 2) Unless to the extent explicitly permitted by law, no reverse * 00016 * engineering, decompilation, or disassembly of is permitted. * 00017 * * 00018 * 3) Redistribution and use is permitted solely for the purpose of * 00019 * developing or executing applications that are targeted for use * 00020 * on an ARM-based product. * 00021 * * 00022 * DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * 00023 * CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * 00024 * NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * 00025 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * 00026 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * 00027 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * 00028 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * 00029 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * 00030 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * 00031 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * 00032 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * 00033 **************************************************************************************/ 00034 00035 00036 00037 #ifndef CRYS_RSA_SCHEMES_H 00038 #define CRYS_RSA_SCHEMES_H 00039 00040 00041 #include "crys_error.h" 00042 #include "crys_rsa_types.h" 00043 #include "crys_rnd.h" 00044 00045 #ifdef __cplusplus 00046 extern "C" 00047 { 00048 #endif 00049 00050 /*! 00051 @file 00052 @brief This module defines APIs that support [PKCS1_1.5] and [PKCS1_2.1] encryption and signature schemes. 00053 @defgroup crys_rsa_schemes CryptoCell RSA encryption and signature schemes 00054 @{ 00055 @ingroup crys_rsa 00056 */ 00057 00058 /**********************************************************************************************************/ 00059 /*! 00060 @brief This function implements the Encrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5]. 00061 00062 It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Encrypt or ::CRYS_RSA_PKCS1v15_Encrypt. 00063 00064 @return CRYS_OK on success. 00065 @return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure. 00066 */ 00067 CIMPORT_C CRYSError_t SaSi_RsaSchemesEncrypt( 00068 void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ 00069 SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ 00070 CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] Pointer to the public key data structure. */ 00071 CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure that is internally used as workspace for the 00072 Encryption operation. */ 00073 CRYS_RSA_HASH_OpMode_t hashFunc, /*!< [in] The HASH function to be used. One of the supported SHA-x HASH modes, as defined 00074 in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported).*/ 00075 uint8_t *L, /*!< [in] The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. 00076 NULL for [PKCS1_1.5]. */ 00077 uint16_t Llen, /*!< [in] The label length. Relevant for [PKCS1_2.1] only. Zero by default. 00078 Must be <=2048. Zero for [PKCS1_1.5]. */ 00079 CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines MGF1, so the only value 00080 allowed here is CRYS_PKCS1_MGF1. */ 00081 uint8_t *DataIn_ptr, /*!< [in] Pointer to the data to encrypt. */ 00082 uint16_t DataInSize, /*!< [in] The size (in bytes) of the data to encrypt. The data size must be: 00083 - For [PKCS1_2.1], DataSize <= modulus size - 2*HashLen - 2. 00084 - For [PKCS1_1.5], DataSize <= modulus size - 11. */ 00085 uint8_t *Output_ptr, /*!< [out] Pointer to the encrypted data. The buffer must be at least modulus size bytes long. */ 00086 CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ 00087 ); 00088 00089 /*! 00090 @brief 00091 CRYS_RSA_OAEP_PSS21_Encrypt implements the RSAES-OAEP algorithm 00092 as defined in PKCS#1 v2.1 8.1. 00093 00094 \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore 00095 it is not supported. 00096 00097 This function combines the RSA encryption primitive and the 00098 EME-OAEP encoding method, to provide an RSA-based encryption 00099 method that is semantically secure against adaptive 00100 chosen-ciphertext attacks. For additional details, please refer to 00101 the PKCS#1 standard. 00102 */ 00103 #define CRYS_RSA_OAEP_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr)\ 00104 SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,CRYS_PKCS1_VER21) 00105 00106 /*! 00107 @brief 00108 CRYS_RSA_PKCS1v15_Encrypt implements the RSAES-PKCS1v15 algorithm 00109 as defined in PKCS#1 v2.1 8.2. 00110 */ 00111 #define CRYS_RSA_PKCS1v15_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr)\ 00112 SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr, \ 00113 DataInSize, Output_ptr,CRYS_PKCS1_VER15) 00114 00115 00116 /**********************************************************************************************************/ 00117 /*! 00118 @brief This function implements the Decrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5]. 00119 00120 It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Decrypt or ::CRYS_RSA_PKCS1v15_Decrypt. 00121 00122 @return CRYS_OK on success. 00123 @return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure. 00124 */ 00125 CIMPORT_C CRYSError_t SaSi_RsaSchemesDecrypt( 00126 CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to the private key data structure of the user. */ 00127 CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure that is internally used as workspace 00128 for the decryption operation. */ 00129 CRYS_RSA_HASH_OpMode_t hashFunc, /*!< [in] The HASH function to be used. One of the supported SHA-x HASH modes, 00130 as defined in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported). */ 00131 uint8_t *L, /*!< [in] The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. 00132 NULL for [PKCS1_1.5]. */ 00133 uint16_t Llen, /*!< [in] The label length. Relevant for [PKCS1_2.1] only. Zero by default. 00134 Zero for [PKCS1_1.5]. */ 00135 CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines MGF1, so the only 00136 value allowed here is CRYS_PKCS1_MGF1. */ 00137 uint8_t *DataIn_ptr, /*!< [in] Pointer to the data to decrypt. */ 00138 uint16_t DataInSize, /*!< [in] The size (in bytes) of the data to decrypt. DataSize must be ≤ 00139 the modulus size. */ 00140 uint8_t *Output_ptr, /*!< [in] Pointer to the decrypted data. The buffer must be at least 00141 PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes). */ 00142 uint16_t *OutputSize_ptr, /*!< [in] Pointer to the byte size of the buffer pointed to by Output_buffer. 00143 The size must be: 00144 <ul><li> For PKCS #1 v2.1: Modulus size > OutputSize >= 00145 (modulus size - 2*HashLen - 2).</li> 00146 <li> For PKCS #1 v1.5: Modulus size > OutputSize >= (modulus size - 11). 00147 The value pointed by OutputSize_ptr is updated after decryption with 00148 the actual number of bytes that are loaded to Output_ptr.</li></ul> */ 00149 CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ 00150 ); 00151 00152 /**********************************************************************************************************/ 00153 /** 00154 @brief 00155 CRYS_RSA_OAEP_Decrypt implements the RSAES-OAEP algorithm 00156 as defined in PKCS#1 v2.1 8.1. 00157 00158 \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore 00159 it is not supported. 00160 00161 This function combines the RSA decryption primitive and the 00162 EME-OAEP encoding method, to provide an RSA-based decryption 00163 method that is semantically secure against adaptive 00164 chosen-ciphertext attacks. For more details, please refer to 00165 the PKCS#1 standard. 00166 00167 */ 00168 #define CRYS_RSA_OAEP_Decrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr)\ 00169 SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00170 00171 00172 /** 00173 @brief 00174 CRYS_RSA_PKCS1v15_Decrypt implements the RSAES-PKCS1v15 algorithm as defined 00175 in PKCS#1 v2.1 8.2. 00176 */ 00177 #define CRYS_RSA_PKCS1v15_Decrypt(UserPrivKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ 00178 SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER15) 00179 00180 00181 /**********************************************************************************************************/ 00182 /*! 00183 @brief Implements the Signing algorithm, as defined in [PKCS1_1.5] or [PKCS1_2.1], using a single function. 00184 00185 The input data may be either a non-hashed data or a digest of a hash function. 00186 For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t. 00187 For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed. 00188 00189 @return CRYS_OK on success. 00190 @return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure. 00191 */ 00192 CIMPORT_C CRYSError_t SaSi_RsaSign( 00193 void *rndState_ptr, /*!< [in/out] Pointer to the RND state. */ 00194 SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in/out] Pointer to the RND Generate vector function pointer. */ 00195 CRYS_RSAPrivUserContext_t *UserContext_ptr, /*!< [in] Pointer to a temporary context for internal use. */ 00196 CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to the private key data structure of the user. 00197 The representation (pair or quintuple) and hence the algorithm (CRT or not CRT) 00198 is determined by the Private Key build function - 00199 ::CRYS_RSA_Build_PrivKey or ::CRYS_RSA_Build_PrivKeyCRT. */ 00200 CRYS_RSA_HASH_OpMode_t rsaHashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t. 00201 (MD5 is not supported). */ 00202 CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines only MGF1, so the only value 00203 allowed for [PKCS1_2.1] is CRYS_PKCS1_MGF1. */ 00204 uint16_t SaltLen, /*!< [in] The Length of the Salt buffer (relevant for PKCS#1 Ver 2.1 only, typically lengths is 0 or hash Len). 00205 FIPS 186-4 requires, that SaltLen <= hash len. If SaltLen > KeySize - hash Len - 2, the function 00206 returns an error. */ 00207 uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be signed. 00208 The size of the scatter/gather list representing the data buffer is limited to 128 00209 entries, and the size of each entry is limited to 64KB (fragments larger than 00210 64KB are broken into fragments <= 64KB). */ 00211 uint32_t DataInSize, /*!< [in] The size (in bytes) of the data to sign. */ 00212 uint8_t *Output_ptr, /*!< [out] Pointer to the signature. The buffer must be at least PrivKey_ptr->N.len bytes 00213 long (i.e. the modulus size in bytes). */ 00214 uint16_t *OutputSize_ptr, /*!< [in/out] Pointer to the signature size value - the input value is the signature 00215 buffer size allocated, the output value is the signature size used. 00216 he buffer must be equal to PrivKey_ptr->N.len bytes long 00217 (i.e. the modulus size in bytes). */ 00218 CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ 00219 ); 00220 00221 00222 /*! 00223 @brief CRYS_RSA_PKCS1v15_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5. 00224 00225 This function combines the RSASP1 signature primitive and the EMSA-PKCS1v15 encoding method, to provide an RSA-based signature scheme. 00226 For more details, please refer to the PKCS#1 standard. 00227 */ 00228 00229 #define CRYS_RSA_PKCS1v15_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ 00230 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(hashFunc),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),(DataInSize),(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00231 00232 00233 /*! 00234 @brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00235 it assumes that the data in has already been hashed using SHA-1. 00236 00237 \note The data_in size is already known after the Hash. 00238 */ 00239 #define CRYS_RSA_PKCS1v15_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00240 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA1_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00241 00242 /*! 00243 @brief CRYS_RSA_PKCS1v15_MD5_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00244 it assumes that the data in has already been hashed using MD5. 00245 00246 \note The data_in size is already known after the Hash. 00247 */ 00248 00249 #define CRYS_RSA_PKCS1v15_MD5_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00250 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,(DataIn_ptr),CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00251 00252 00253 /*! 00254 @brief CRYS_RSA_PKCS1v15_SHA224_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00255 it assumes that the data in has already been hashed using SHA-224. 00256 00257 \note The data_in size is already known after the Hash. 00258 */ 00259 #define CRYS_RSA_PKCS1v15_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00260 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA224_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00261 00262 00263 /*! 00264 @brief CRYS_RSA_PKCS1v15_SHA256_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00265 it assumes that the data in has already been hashed using SHA-256. 00266 00267 \note The data_in size is already known after the Hash. 00268 */ 00269 #define CRYS_RSA_PKCS1v15_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00270 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA256_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00271 00272 /*! 00273 @brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00274 it assumes that the data in has already been hashed using SHA-384. 00275 00276 \note The data_in size is already known after the Hash. 00277 */ 00278 #define CRYS_RSA_PKCS1v15_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00279 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA384_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00280 00281 00282 /*! 00283 @brief CRYS_RSA_PKCS1v15_SHA512_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - 00284 it assumes that the data in has already been hashed using SHA-512. 00285 00286 \note The data_in size is already known after the Hash. 00287 */ 00288 #define CRYS_RSA_PKCS1v15_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00289 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA512_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) 00290 00291 00292 00293 /*! 00294 @brief CRYS_RSA_PSS_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1, in a single function call. 00295 00296 \note According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, therefore it is not supported. 00297 00298 The actual macro that is used by the user is ::CRYS_RSA_PSS_Sign. 00299 */ 00300 00301 #define CRYS_RSA_PSS_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ 00302 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00303 00304 00305 /*! 00306 @brief CRYS_RSA_PSS_SHA1_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - 00307 it assumes that the data in has already been hashed using SHA-1. 00308 00309 \note The data_in size is already known after the Hash. 00310 00311 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA1_Sign. 00312 */ 00313 00314 #define CRYS_RSA_PSS_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00315 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00316 00317 00318 /*! 00319 @brief CRYS_RSA_PSS_SHA224_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - 00320 it assumes that the data in has already been hashed using SHA-224. 00321 00322 \note The data_in size is already known after the Hash. 00323 00324 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA224_Sign. 00325 */ 00326 00327 #define CRYS_RSA_PSS_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00328 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00329 00330 00331 /*! 00332 @brief CRYS_RSA_PSS_SHA256_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - 00333 it assumes that the data in has already been hashed using SHA-256. 00334 00335 \note The data_in size is already known after the Hash. 00336 00337 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA256_Sign. 00338 */ 00339 00340 #define CRYS_RSA_PSS_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00341 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00342 00343 00344 /*! 00345 @brief CRYS_RSA_PSS_SHA384_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - 00346 it assumes that the data in has already been hashed using SHA-384. 00347 00348 \note The data_in size is already known after the Hash. 00349 00350 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA384_Sign. 00351 */ 00352 00353 #define CRYS_RSA_PSS_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00354 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00355 00356 00357 /*! 00358 @brief CRYS_RSA_PSS_SHA512_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - 00359 it assumes that the data in has already been hashed using SHA-512. 00360 00361 \note The data_in size is already known after the Hash. 00362 00363 The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA512_Sign. 00364 */ 00365 00366 #define CRYS_RSA_PSS_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ 00367 SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) 00368 00369 00370 /**********************************************************************************************************/ 00371 /*! 00372 @brief Implements the RSA signature verification algorithms, in a single function call, as defined in referenced standards [PKCS1_1.5] 00373 and [PKCS1_2.1]. 00374 00375 The input data may be either a non-hashed data or a digest of a hash function. 00376 For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t. 00377 For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed. 00378 00379 @return CRYS_OK on success. 00380 @return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure. 00381 */ 00382 00383 CIMPORT_C CRYSError_t SaSi_RsaVerify( 00384 CRYS_RSAPubUserContext_t *UserContext_ptr, /*!< [in] Pointer to a temporary context for internal use. */ 00385 CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] Pointer to the public key data structure of the user. */ 00386 CRYS_RSA_HASH_OpMode_t rsaHashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t. 00387 (MD5 is not supported). */ 00388 CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines only MGF1, so the only 00389 value allowed for [PKCS_2.1] is CRYS_PKCS1_MGF1. */ 00390 uint16_t SaltLen, /*!< [in] The Length of the Salt buffer. Relevant only for [PKCS1_2.1]. 00391 Typical lengths are 0 or hash Len (20 for SHA-1). 00392 The maximum length allowed is [modulus size - hash Len - 2]. */ 00393 uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be verified. 00394 The size of the scatter/gather list representing the data buffer is 00395 limited to 128 entries, and the size of each entry is limited to 64KB 00396 (fragments larger than 64KB are broken into fragments <= 64KB). */ 00397 uint32_t DataInSize, /*!< [in] The size (in bytes) of the data whose signature is to be verified. */ 00398 uint8_t *Sig_ptr, /*!< [in] Pointer to the signature to be verified. 00399 The length of the signature is PubKey_ptr->N.len bytes 00400 (i.e. the modulus size in bytes). */ 00401 CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ 00402 ); 00403 00404 /*! 00405 @brief CRYS_RSA_PKCS1v15_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5. 00406 */ 00407 #define CRYS_RSA_PKCS1v15_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,DataIn_ptr,DataInSize,Sig_ptr)\ 00408 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER15) 00409 00410 00411 /*! 00412 @brief CRYS_RSA_PKCS1v15_MD5_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00413 it assumes the DataIn_ptr data has already been hashed using MD5. 00414 */ 00415 #define CRYS_RSA_PKCS1v15_MD5_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00416 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00417 00418 00419 /*! 00420 @brief CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00421 it assumes that the DataIn_ptr data has already been hashed using SHA1. 00422 00423 */ 00424 #define CRYS_RSA_PKCS1v15_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00425 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00426 00427 /*! 00428 @brief CRYS_RSA_PKCS1v15_SHA224_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00429 it assumes that the DataIn_ptr data has already been hashed using SHA224. 00430 00431 */ 00432 #define CRYS_RSA_PKCS1v15_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00433 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00434 00435 /*! 00436 @brief CRYS_RSA_PKCS1v15_SHA256_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00437 it assumes that the DataIn_ptr data has already been hashed using SHA256. 00438 00439 */ 00440 #define CRYS_RSA_PKCS1v15_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00441 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00442 00443 /*! 00444 @brief CRYS_RSA_PKCS1v15_SHA384_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00445 it assumes that the DataIn_ptr data has already been hashed using SHA384. 00446 00447 */ 00448 #define CRYS_RSA_PKCS1v15_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00449 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00450 00451 /*! 00452 @brief CRYS_RSA_PKCS1v15_SHA512_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - 00453 it assumes that the DataIn_ptr data has already been hashed using SHA512. 00454 00455 */ 00456 #define CRYS_RSA_PKCS1v15_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ 00457 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) 00458 00459 /*! 00460 @brief CRYS_RSA_PSS_Verify implements the RSASSA-PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1. 00461 */ 00462 00463 #define CRYS_RSA_PSS_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr)\ 00464 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER21) 00465 00466 /*! 00467 @brief CRYS_RSA_PSS_SHA1_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - 00468 it assumes the DataIn_ptr has already been hashed using SHA1. 00469 00470 */ 00471 00472 #define CRYS_RSA_PSS_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ 00473 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) 00474 00475 00476 /*! 00477 @brief CRYS_RSA_PSS_SHA224_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - 00478 it assumes the DataIn_ptr has already been hashed using SHA224. 00479 */ 00480 00481 #define CRYS_RSA_PSS_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ 00482 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) 00483 00484 /*! 00485 @brief CRYS_RSA_PSS_SHA256_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - 00486 it assumes the DataIn_ptr has already been hashed using SHA256. 00487 00488 */ 00489 00490 #define CRYS_RSA_PSS_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ 00491 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) 00492 00493 00494 /*! 00495 @brief CRYS_RSA_PSS_SHA384_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - 00496 it assumes the DataIn_ptr has already been hashed using SHA384. 00497 00498 */ 00499 00500 #define CRYS_RSA_PSS_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ 00501 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) 00502 00503 00504 /*! 00505 @brief CRYS_RSA_PSS_SHA512_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - 00506 it assumes the DataIn_ptr has already been hashed using SHA512. 00507 */ 00508 00509 #define CRYS_RSA_PSS_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ 00510 SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) 00511 00512 /**********************************************************************************************************/ 00513 00514 00515 #ifdef __cplusplus 00516 } 00517 #endif 00518 /** 00519 @} 00520 */ 00521 #endif
Generated on Tue Jul 12 2022 13:54:15 by
