/**
* This function provide HASH function to process one buffer of data.
* The function allocates an internal HASH Context , it initializes the
* HASH Context with the cryptographic attributes that are needed for
* the HASH block operation ( initialize H's value for the HASH algorithm ).
* Then the function loads the Hardware with the initializing values and after
* that process the data block using the hardware to do hash .
* At the end the function return the message digest of the data buffer .
*
* @param[in] OperationMode - The operation mode : MD5 or SHA1.
*
* @param DataIn_ptr a pointer to the buffer that stores the data to be
* hashed .
*
* @param DataInSize The size of the data to be hashed in bytes.
*
* @retval HashResultBuff a pointer to the target buffer where the
* HASE result stored in the context is loaded to.
*
* @return CRYSError_t on success the function returns CRYS_OK else non ZERO error.
*
*/
CEXPORT_C CRYSError_t CRYS_HASH ( CRYS_HASH_OperationMode_t OperationMode,
DxUint8_t* DataIn_ptr,
DxUint32_t DataSize,
CRYS_HASH_Result_t HashResultBuff )
{
CRYSError_t Error = CRYS_OK;
CRYS_HASHUserContext_t UserContext;
Error = CRYS_HASH_Init( &UserContext, OperationMode);
if (Error != CRYS_OK) {
goto end;
}
Error = CRYS_HASH_Update( &UserContext, DataIn_ptr, DataSize );
if (Error != CRYS_OK) {
goto end;
}
Error = CRYS_HASH_Finish( &UserContext, HashResultBuff );
end:
CRYS_HASH_Free( &UserContext );
return Error;
}
int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
{
CRYSError_t ret = 0;
(void)heap;
(void)devId;
if (sha256 == NULL)
return BAD_FUNC_ARG;
XMEMSET(sha256->digest, 0, sizeof(sha256->digest));
/* initializes the HASH context and machine to the supported mode.*/
ret = CRYS_HASH_Init(&sha256->ctx, CRYS_HASH_SHA256_mode);
if (ret != SA_SILIB_RET_OK){
WOLFSSL_MSG("Error CRYS_HASH_Init failed");
}
return ret;
}
/**
* @brief CRYS_KDF_KeyDerivFunc performs key derivation according to one of some modes defined in standards:
ANSI X9.42-2001, ANSI X9.63, OMA_TS_DRM_DRM_V2_0-20050712-C, ISO/IEC 18033-2.
The present implementation of the function allows the following operation modes:
- CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding;
- CRYS_KDF_ConcatDerivMode - mode based on concatenation;
- CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode;
- CRYS_KDF_OMA_DRM_DerivMode - specific mode for OMA DRM;
- CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to
ECIES-KEM algorithm (ISO/IEC 18033-2).
The purpose of this function is to derive a keying data from the shared secret value and some
other optional shared information (SharedInfo).
For calling the API on some specific modes may be used the following macros:
- CRYS_KDF_ASN1_KeyDerivFunc ;
- CRYS_KDF_ConcatKeyDerivFunc ;
- CRYS_KDF_OMADRM_DerivFunc.
\note The length in Bytes of the hash result buffer is denoted by "hashlen".
\note All buffers arguments are represented in Big-Endian format.
@param[in] ZZSecret_ptr - A pointer to shared secret value octet string.
@param[in] ZZSecretSize - The size of the shared secret value in bytes. The maximal
size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE.
@param[in] OtherInfo - The pointer to structure , containing the data,
shared by two entities of agreement and the data sizes.
This argument is optional for some modes (if it is not needed - set NULL).
On KDF OMA_DRM and two ISO/IEC 18033-2 modes - set NULL.
On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory.
@param[in] KDFhashMode - The KDF identifier of hash function to be used.
The hash function output must be at least 160 bits.
@param[in] derivation_mode - Specifies one of above described derivation modes.
@param[out] KeyingData_ptr - A pointer to the buffer for derived keying data.
@param[in] KeyingDataSizeBytes - The size in bytes of the keying data to be derived.
The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA.
@return CRYSError_t - On success the value CRYS_OK is returned,
and on failure an ERROR as defined in CRYS_KDF_error.h:
CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR
CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR
CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR
CRYS_KDF_INVALID_SIZE_OF_DATA_TO_HASHING_ERROR
CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR
CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR
CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR
*/
CEXPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc(
DxUint8_t *ZZSecret_ptr,
DxUint32_t ZZSecretSize,
CRYS_KDF_OtherInfo_t *OtherInfo_ptr,
CRYS_KDF_HASH_OpMode_t KDFhashMode,
CRYS_KDF_DerivFuncMode_t derivation_mode,
DxUint8_t *KeyingData_ptr,
DxUint32_t KeyingDataSizeBytes )
{
/* FUNCTION DECLARATIONS */
/* The return error identifier */
CRYSError_t Error;
/* HASH function context structure buffer and parameters */
CRYS_HASHUserContext_t HashContext;
CRYS_HASH_OperationMode_t hashMode;
DxUint32_t HashOutputSizeBytes;
/*The result buffer for the Hash*/
CRYS_HASH_Result_t HashResultBuff;
/* Total count of full HASH blockss for deriving the keying data */
DxUint32_t CountOfHashBlocks;
/* Loop counters */
DxUint32_t i, j;
/*counter of Hash blocks (to be hashed with ZZ and OtherInfo) */
DxUint32_t Counter;
/* Current output buffer position */
DxUint32_t CurrentOutputBuffPos = 0;
DxUint32_t *OtherInfoEntry_ptr;
DxUint8_t *temp_ptr;
DxUint32_t remBuffSize;
/*.... HASH Init function .....*/
/* FUNCTION LOGIC */
/* ............... local initializations .............................. */
/* -------------------------------------------------------------------- */
/* initializing the Error to O.K */
Error = CRYS_OK;
/* ............... if not supported exit .............................. */
/* -------------------------------------------------------------------- */
PRINT_INFO("--->NOW inter into CRYS_KDF_KeyDerivFunc\n");
RETURN_IF_KDF_UNSUPPORTED( ZZSecret_ptr , ZZSecretSize , OtherInfo_ptr , KDFhashMode ,
derivation_mode , KeyingData_ptr , KeyingDataSizeBytes , hashMode ,
HashOutputSizeBytes , HashContext.valid_tag , CountOfHashBlocks ,
i , j , Counter , CurrentOutputBuffPos , HashResultBuff[0] ,
OtherInfoEntry_ptr , temp_ptr , remBuffSize , Error , Error );
#ifndef CRYS_NO_HASH_SUPPORT
#ifndef CRYS_NO_KDF_SUPPORT
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if an argument pointer is DX_NULL return an error */
if( ZZSecret_ptr == DX_NULL || KeyingData_ptr == DX_NULL )
return CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR;
if( derivation_mode >= CRYS_KDF_DerivFunc_NumOfModes )
return CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR;
if( derivation_mode == CRYS_KDF_ASN1_DerivMode &&
(OtherInfo_ptr == DX_NULL || OtherInfo_ptr->SizeOfAlgorithmID == 0))
return CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR;
/*On KDF1 and KDF2 derivation modes set OtherInfo_ptr = DX_NULL */
if(derivation_mode == CRYS_KDF_ISO18033_KDF1_DerivMode ||
derivation_mode == CRYS_KDF_ISO18033_KDF2_DerivMode){
OtherInfo_ptr = DX_NULL;
}
/* Check sizes of the input data to be hashed according to KDF *
* limitations) */
if(ZZSecretSize == 0 || ZZSecretSize > CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE )
return CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR;
if( OtherInfo_ptr != DX_NULL )
{
if( OtherInfo_ptr->SizeOfAlgorithmID > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY )
return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR;
if( OtherInfo_ptr->SizeOfPartyUInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY )
return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR;
if( OtherInfo_ptr->SizeOfPartyVInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY )
return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR;
if( OtherInfo_ptr->SizeOfSuppPrivInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY )
return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR;
if( OtherInfo_ptr->SizeOfSuppPubInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY )
return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR;
}
/* Check the size of keying data */
if( KeyingDataSizeBytes == 0 || KeyingDataSizeBytes > CRYS_KDF_MAX_SIZE_OF_KEYING_DATA)
return CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR;
/*................ Setting parameters according to current operation modes .......... */
/*------------------------------------------------------------------------------------*/
switch( KDFhashMode )
{
case CRYS_KDF_HASH_SHA1_mode:
hashMode = CRYS_HASH_SHA1_mode;
HashOutputSizeBytes = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_KDF_HASH_SHA224_mode:
hashMode = CRYS_HASH_SHA224_mode;
HashOutputSizeBytes = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_KDF_HASH_SHA256_mode:
hashMode = CRYS_HASH_SHA256_mode;
HashOutputSizeBytes = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_KDF_HASH_SHA384_mode:
hashMode = CRYS_HASH_SHA384_mode;
HashOutputSizeBytes = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_KDF_HASH_SHA512_mode:
hashMode = CRYS_HASH_SHA512_mode;
HashOutputSizeBytes = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES;
break;
default:
return CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR;
}
/* Count of HASH blocks needed for key derivation etc. */
CountOfHashBlocks = ( KeyingDataSizeBytes + HashOutputSizeBytes - 1 )/ HashOutputSizeBytes;
temp_ptr = (DxUint8_t*)&gKdfHashTempBuff[0];
remBuffSize = CRYS_HASH_BLOCK_SIZE_IN_BYTES;
/* ********** Keying data derivation loop ************ */
for( i = 0; i < CountOfHashBlocks; i++ )
{
/*.... HASH Init function .....*/
Error = CRYS_HASH_Init(&HashContext,
hashMode);
PRINT_INFO("--->NOW after CRYS_HASH_Init\n");
if(Error != CRYS_OK)
return Error;
/*....... Hashing input data by calling HASH_Update function .......*/
/*------------------------------------------------------------------*/
/*.... Hashing of the shared secret value ....*/
Error = _DX_KDF_HASH_UnalignUpdate(&HashContext,
ZZSecret_ptr,ZZSecretSize,
temp_ptr, &remBuffSize);
PRINT_INFO("--->NOW after _DX_KDF_HASH_UnalignUpdate\n");
if(Error != CRYS_OK)
goto End;
/*.... Hashing of the AlgorithmID (on ASN1 Derivation Mode only) ....*/
if( derivation_mode == CRYS_KDF_ASN1_DerivMode )
{
Error = _DX_KDF_HASH_UnalignUpdate(&HashContext,
(DxUint8_t *)(OtherInfo_ptr->AlgorithmID),
OtherInfo_ptr->SizeOfAlgorithmID,
temp_ptr, &remBuffSize);
PRINT_INFO("--->NOW after derivation_mode == CRYS_KDF_ASN1_DerivMode , _DX_KDF_HASH_UnalignUpdate\n");
if(Error != CRYS_OK)
goto End;
}
/* Set the blocks counter in big endianness mode */
if(derivation_mode == CRYS_KDF_ISO18033_KDF1_DerivMode)
Counter = CRYS_COMMON_REVERSE32(i);
else
Counter = CRYS_COMMON_REVERSE32(i+1);
PRINT_INFO("--->NOW after CRYS_COMMON_REVERSE32()\n");
/*.... Hashing of the blocks counter ....*/
Error = _DX_KDF_HASH_UnalignUpdate(&HashContext,
(DxUint8_t *)&Counter,
sizeof(DxUint32_t),
temp_ptr, &remBuffSize);
if(Error != CRYS_OK)
goto End;
/* ..... Hashing of remaining data of the OtherInfo ..... */
if( OtherInfo_ptr != DX_NULL )
{
/* Set OtherInfoEntry_ptr to second entry pointer */
OtherInfoEntry_ptr = (DxUint32_t*)OtherInfo_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4 + 1;
/* OtherInfo data concatenating and hashing loop */
for( j = 0; j < CRYS_KDF_COUNT_OF_OTHER_INFO_ENTRIES - 1; j++ )
{
/* if entry exists hash it */
if( *(OtherInfoEntry_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4) != 0 )
{
Error = _DX_KDF_HASH_UnalignUpdate(&HashContext,
(DxUint8_t *)OtherInfoEntry_ptr/*pointer to entry*/,
*(OtherInfoEntry_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4)/*size of entry*/,
temp_ptr, &remBuffSize);
if(Error != CRYS_OK)
goto End;
}
/* Shift the pointer to the next entry */
OtherInfoEntry_ptr += CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4 + 1;
}
}
/* last Hash update on remaining data in the temp buffer */
if(remBuffSize < CRYS_HASH_BLOCK_SIZE_IN_BYTES) {
Error = CRYS_HASH_Update(&HashContext, temp_ptr,
CRYS_HASH_BLOCK_SIZE_IN_BYTES - remBuffSize);
PRINT_INFO("--->NOW after CRYS_HASH_Update()\n");
if(Error != CRYS_OK)
goto End;
}
/* .......... HASH Finish operation ............. */
Error = CRYS_HASH_Finish( &HashContext ,
HashResultBuff );
PRINT_INFO("--->NOW after CRYS_HASH_Finish()\n");
if(Error != CRYS_OK)
goto End;
/* Correction of output data size for last block ( if it is not full ) */
if( i == CountOfHashBlocks - 1 )
HashOutputSizeBytes = KeyingDataSizeBytes - i * HashOutputSizeBytes;
PRINT_INFO("--->NOW begin DX_VOS_FastMemCpy\n");
/* Copying HASH data into output buffer */
DX_VOS_FastMemCpy(&KeyingData_ptr[CurrentOutputBuffPos],(DxUint8_t *)HashResultBuff, HashOutputSizeBytes);
/* Increment the output buffer position */
CurrentOutputBuffPos += HashOutputSizeBytes;
}
End:
DX_VOS_MemSetZero(gKdfHashTempBuff, sizeof(gKdfHashTempBuff));
return Error;
#endif /*CRYS_NO_KDF_SUPPORT*/
#endif /*CRYS_NO_HASH_SUPPORT*/
}/* END OF CRYS_KDF_KeyDerivationFunc */
CEXPORT_C CRYSError_t _DX_RSA_VerifyInit(CRYS_RSAPubUserContext_t *UserContext_ptr,
CRYS_RSAUserPubKey_t *UserPubKey_ptr,
CRYS_RSA_HASH_OpMode_t hashFunc,
CRYS_PKCS1_MGF_t MGF,
DxUint16_t SaltLen,
CRYS_PKCS1_version PKCS1_ver)
{
/* FUNCTION DECLERATIONS */
/* The return error identifier */
CRYSError_t Error;
/* This pointer is allocated in order to remove compiler alias problems */
void *tempWorkingctx_ptr;
/* defining a pointer to the active context allcated by the CCM */
RSAPubContext_t *ccmWorkingContext_ptr ;
/*Pointer to the public key for lengths checking*/
CRYSRSAPubKey_t *PubKey_ptr;
/*The size of the modulus for lengths checking*/
DxUint16_t ModulusSizeBytes;
/* FUNCTION LOGIC */
/* ............... local initializations .............................. */
/* -------------------------------------------------------------------- */
/* initializing the Error to O.K */
Error = CRYS_OK;
/* initialize the module size to cancel compilers warnings */
ModulusSizeBytes = 0;
/* ............... if not supported exit .............................. */
/* -------------------------------------------------------------------- */
RETURN_IF_RSA_UNSUPPORTED(UserContext_ptr , UserPubKey_ptr , hashFunc ,
MGF , SaltLen , PKCS1_ver, ccmWorkingContext_ptr ,
PubKey_ptr , ModulusSizeBytes , Error , Error ,
Error , Error , Error , Error , Error , Error ,
Error , Error , Error , Error , Error);
#ifndef CRYS_NO_HASH_SUPPORT
#ifndef CRYS_NO_PKI_SUPPORT
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if( UserContext_ptr == DX_NULL )
return CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR;
/*if the private key object is DX_NULL return an error*/
if (UserPubKey_ptr == DX_NULL)
return CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR;
/* check if the hash operation mode is legal */
if( hashFunc >= CRYS_RSA_HASH_NumOfModes)
return CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR;
/* check if the MGF operation mode is legal */
if(MGF >= CRYS_RSA_NumOfMGFFunctions)
return CRYS_RSA_MGF_ILLEGAL_ARG_ERROR;
/* check that the PKCS1 version argument is legal*/
if(PKCS1_ver >= CRYS_RSA_NumOf_PKCS1_versions)
return CRYS_RSA_PKCS1_VER_ARG_ERROR;
/*According to the PKCS1 ver 2.1 standart it is not recommended to use MD5 hash
therefore we do not support it */
if(PKCS1_ver == CRYS_PKCS1_VER21 && hashFunc == CRYS_RSA_HASH_MD5_mode)
return CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR;
#ifndef DX_OEM_FW
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, UserContext_ptr, sizeof(CRYS_RSAPubUserContext_t)) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ, UserPubKey_ptr, sizeof(CRYS_RSAUserPubKey_t))){
return CRYS_RSA_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR;
}
#endif
/*If the validation tag is incorrect*/
if(UserPubKey_ptr->valid_tag != CRYS_RSA_PUB_KEY_VALIDATION_TAG)
return CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR;
/*Checking if a check on salt length is needed*/
if(SaltLen != CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN && PKCS1_ver == CRYS_PKCS1_VER21)
{
/*Initializing the Modulus Size in Bytes needed for SaltLength parameter check*/
PubKey_ptr = (CRYSRSAPubKey_t *)UserPubKey_ptr->PublicKeyDbBuff;
/*Note: the (-1) is due to the PKCS#1 Ver2.1 standard section 9.1.1*/
ModulusSizeBytes = (DxUint16_t)((PubKey_ptr->nSizeInBits -1) / 8);
if((PubKey_ptr->nSizeInBits -1) % 8)
ModulusSizeBytes++;
}
/* .................. initializing local variables ................... */
/* ------------------------------------------------------------------- */
/* ................. aquiring the RSA context ............................. */
/* ----------------------------------------------------------------------- */
/*Get the working context*/
Error = CRYS_CCM_GetContext( UserContext_ptr, /* the users context space - in */
&tempWorkingctx_ptr, /* the CCM context returned - out */
DX_RSA_VERIFY_CONTEXT, /* AES type - in */
AES_DONT_DECRYPT_CONTEXT); /* need to decrypt context in AES_block*/
if(Error != CRYS_OK )
return Error;
ccmWorkingContext_ptr = (RSAPubContext_t*)tempWorkingctx_ptr;
/*Reset the Context handler for improper previous values initialized*/
DX_VOS_MemSet(ccmWorkingContext_ptr,0,sizeof(RSAPubContext_t));
/* ................. loading the context .................................. */
/* ------------------------------------------------------------------------ */
/*Initializing the Hash operation mode in the RSA Context level*/
ccmWorkingContext_ptr->HashOperationMode = hashFunc;
switch(ccmWorkingContext_ptr->HashOperationMode)
{
case CRYS_RSA_HASH_MD5_mode :
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)((ccmWorkingContext_ptr->CRYSPKAHashCtxBuff))),
CRYS_HASH_MD5_mode); /*The MD5 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_HASH_SHA1_mode:
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)) ,
CRYS_HASH_SHA1_mode); /*The SHA1 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_HASH_SHA224_mode:
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)),
CRYS_HASH_SHA224_mode); /*The SHA224 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_HASH_SHA256_mode:
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)),
CRYS_HASH_SHA256_mode); /*The SHA256 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_HASH_SHA384_mode:
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init(((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)),
CRYS_HASH_SHA384_mode); /*The SHA384 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_HASH_SHA512_mode:
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS;
Error = CRYS_HASH_Init(((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)),
CRYS_HASH_SHA512_mode); /*The SHA512 mode according to the Hash level enum*/
if(Error != CRYS_OK)
goto END_WITH_ERROR;
break;
case CRYS_RSA_After_MD5_mode: /*For PKCS1 v1.5 when the data in is already hashed with MD5*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_After_SHA1_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA1*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_After_SHA224_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA224*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_After_SHA256_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA256*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_After_SHA384_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA384*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_After_SHA512_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA512*/
ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS;
break;
case CRYS_RSA_HASH_NO_HASH_mode: /*Used for PKCS1 v1.5 Encrypt and Decrypt - not relevant in Sign-Verify*/
break; /*do nothing*/
case CRYS_RSA_After_HASH_NOT_KNOWN_mode : /*used for PKCS1 v1.5 Verify only - possible to derive the hash mode from the signature*/
if( PKCS1_ver == CRYS_PKCS1_VER21)
{
Error = CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR;
goto END_WITH_ERROR;
}
break; /*do nothing*/
default:
Error = CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR;
goto END_WITH_ERROR;
}
switch(PKCS1_ver)
{
case CRYS_PKCS1_VER15:
ccmWorkingContext_ptr->PKCS1_Version=CRYS_PKCS1_VER15;
break;
case CRYS_PKCS1_VER21:
ccmWorkingContext_ptr->PKCS1_Version=CRYS_PKCS1_VER21;
/*Checking restriction of Salt Length ; Hash output size and the mosulus*/
if(SaltLen != CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN &&
ModulusSizeBytes < (DxUint32_t)(ccmWorkingContext_ptr->HASH_Result_Size*4 + SaltLen + 2))
{
Error = CRYS_RSA_PSS_ENCODING_MODULUS_HASH_SALT_LENGTHS_ERROR;
goto END_WITH_ERROR;
}
break;
default:
Error = CRYS_RSA_PKCS1_VER_ARG_ERROR;
goto END_WITH_ERROR;
}
switch(MGF)
{
case CRYS_PKCS1_MGF1:
case CRYS_PKCS1_NO_MGF:
ccmWorkingContext_ptr->MGF_2use = MGF;
break;
default:
Error = CRYS_RSA_MGF_ILLEGAL_ARG_ERROR;
goto END_WITH_ERROR;
}
/*Copying the RSA Pub key argument to the context*/
DX_VOS_FastMemCpy((DxUint8_t *)&ccmWorkingContext_ptr->PubUserKey,(DxUint8_t *)UserPubKey_ptr,sizeof(CRYS_RSAUserPubKey_t));
/*Initial the Salt random length relevant for PKCS#1 Ver2.1*/
ccmWorkingContext_ptr->SaltLen = SaltLen;
/* Initialize the size of the modulus */
ccmWorkingContext_ptr->nSizeInBytes = (((CRYSRSAPubKey_t*)UserPubKey_ptr->PublicKeyDbBuff)->nSizeInBits+7)/8;
/* set the RSA tag to the users context */
UserContext_ptr->valid_tag = CRYS_RSA_VERIFY_CONTEXT_VALIDATION_TAG;
goto END;
END:
/* ................. release the context ................................. */
/* ----------------------------------------------------------------------- */
Error = CRYS_CCM_ReleaseContext(UserContext_ptr, /* the users context space - in */
ccmWorkingContext_ptr, /* the CCM context returned - in */
DX_RSA_VERIFY_CONTEXT); /* RSA type - in */
return Error;
END_WITH_ERROR:
/* ................. release the context ................................. */
/* ----------------------------------------------------------------------- */
{
CRYSError_t Error1 = CRYS_CCM_ReleaseContext(UserContext_ptr, /* the users context space - in */
ccmWorkingContext_ptr, /* the CCM context returned - in */
DX_RSA_VERIFY_CONTEXT); /* RSA type - in */
if(Error1 != CRYS_OK)
{
PLAT_LOG_DEV_PRINT(( 10 ," \n Error1 from CRYS_CCM_ReleaseContext is %lX \n" ,Error1));
}
}
/* .............. clearing the users context in case of error.......... */
/* -------------------------------------------------------------------- */
DX_VOS_MemSet(UserContext_ptr,0,sizeof(CRYS_RSAPubUserContext_t));
return Error;
#endif /* !CRYS_NO_HASH_SUPPORT */
#endif /* !CRYS_NO_PKI_SUPPORT */
}/* END OF _DX_RSA_VerifyInit */
