| /************************************************************************************** |
| * Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * |
| * * |
| * This file and the related binary are licensed under the following license: * |
| * * |
| * ARM Object Code and Header Files License, v1.0 Redistribution. * |
| * * |
| * Redistribution and use of object code, header files, and documentation, without * |
| * modification, are permitted provided that the following conditions are met: * |
| * * |
| * 1) Redistributions must reproduce the above copyright notice and the * |
| * following disclaimer in the documentation and/or other materials * |
| * provided with the distribution. * |
| * * |
| * 2) Unless to the extent explicitly permitted by law, no reverse * |
| * engineering, decompilation, or disassembly of is permitted. * |
| * * |
| * 3) Redistribution and use is permitted solely for the purpose of * |
| * developing or executing applications that are targeted for use * |
| * on an ARM-based product. * |
| * * |
| * DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * |
| * CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * |
| * NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * |
| * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * |
| * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * |
| * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * |
| * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * |
| * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * |
| * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * |
| * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
| **************************************************************************************/ |
| |
| |
| |
| #ifndef CRYS_ECPKI_ECDSA_H |
| #define CRYS_ECPKI_ECDSA_H |
| |
| /*! |
| @file |
| @brief Defines the APIs that support the ECDSA functions. |
| @defgroup crys_ecpki_ecdsa CryptoCell ECDSA APIs |
| @{ |
| @ingroup cryptocell_ecpki |
| */ |
| |
| #include "crys_error.h" |
| #include "crys_ecpki_types.h" |
| #include "crys_hash.h" |
| #include "crys_rnd.h" |
| |
| #ifdef __cplusplus |
| extern "C" |
| { |
| #endif |
| |
| |
| |
| /************************************************************************** |
| * CRYS_ECDSA_Sign - integrated function |
| **************************************************************************/ |
| /*! |
| @brief This function performs an ECDSA sign operation in integrated form. |
| |
| \note |
| Using of HASH functions with HASH size greater than EC modulus size, is not recommended!. |
| Algorithm according [ANS X9.62] standard. |
| |
| The message data may be either a non-hashed data or a digest of a hash function. |
| For a non-hashed data, the message data will be hashed using the hash function indicated by ::CRYS_ECPKI_HASH_OpMode_t. |
| For a digest, ::CRYS_ECPKI_HASH_OpMode_t should indicate the hash function that the message data was created by, and it will not be hashed. |
| |
| @return CRYS_OK on success. |
| @return A non-zero value on failure as defined crys_ecpki_error.h, crys_hash_error.h or crys_rnd_error.h. |
| **/ |
| CIMPORT_C CRYSError_t CRYS_ECDSA_Sign( |
| void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ |
| SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ |
| CRYS_ECDSA_SignUserContext_t *pSignUserContext, /*!< [in/out] Pointer to the user buffer for signing the database. */ |
| CRYS_ECPKI_UserPrivKey_t *pSignerPrivKey, /*!< [in] A pointer to a user private key structure. */ |
| CRYS_ECPKI_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in |
| ::CRYS_ECPKI_HASH_OpMode_t. |
| \note MD5 is not supported. */ |
| uint8_t *pMessageDataIn, /*!< [in] Pointer to the input data to be signed. |
| The size of the scatter/gather list representing the data buffer |
| is limited to 128 entries, and the size of each entry is limited |
| to 64KB (fragments larger than 64KB are broken into |
| fragments <= 64KB). */ |
| uint32_t messageSizeInBytes, /*!< [in] Size of message data in bytes. */ |
| uint8_t *pSignatureOut, /*!< [in] Pointer to a buffer for output of signature. */ |
| uint32_t *pSignatureOutSize /*!< [in/out] Pointer to the signature size. Used to pass the size of |
| the SignatureOut buffer (in), which must be >= 2 |
| * OrderSizeInBytes. When the API returns, |
| it is replaced with the size of the actual signature (out). */ |
| ); |
| |
| |
| |
| /************************************************************************** |
| * CRYS_ECDSA_Verify integrated function |
| **************************************************************************/ |
| /*! |
| @brief This function performs an ECDSA verify operation in integrated form. |
| Algorithm according [ANS X9.62] standard. |
| |
| The message data may be either a non-hashed data or a digest of a hash function. |
| For a non-hashed data, the message data will be hashed using the hash function indicated by ::CRYS_ECPKI_HASH_OpMode_t. |
| For a digest, ::CRYS_ECPKI_HASH_OpMode_t should indicate the hash function that the message data was created by, and it will not be hashed. |
| |
| @return CRYS_OK on success. |
| @return A non-zero value on failure as defined crys_ecpki_error.h or crys_hash_error.h. |
| */ |
| CIMPORT_C CRYSError_t CRYS_ECDSA_Verify ( |
| CRYS_ECDSA_VerifyUserContext_t *pVerifyUserContext, /*!< [in] Pointer to the user buffer for signing the database. */ |
| CRYS_ECPKI_UserPublKey_t *pUserPublKey, /*!< [in] Pointer to a user public key structure. */ |
| CRYS_ECPKI_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in |
| ::CRYS_ECPKI_HASH_OpMode_t. |
| \note MD5 is not supported. */ |
| uint8_t *pSignatureIn, /*!< [in] Pointer to the signature to be verified. */ |
| uint32_t SignatureSizeBytes, /*!< [in] Size of the signature (in bytes). */ |
| uint8_t *pMessageDataIn, /*!< [in] Pointer to the input data that was signed (same as given to |
| the signing function). The size of the scatter/gather list representing |
| the data buffer is limited to 128 entries, and the size of each entry is |
| limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). */ |
| uint32_t messageSizeInBytes /*!< [in] Size of the input data (in bytes). */ |
| ); |
| |
| |
| /**********************************************************************************************************/ |
| |
| |
| #ifdef __cplusplus |
| } |
| #endif |
| /** |
| @} |
| */ |
| #endif |