/* Allocates and initializes ecc context
* Parameters:
* Return: sgx_status_t - SGX_SUCCESS or failure as defined sgx_error.h
* Output: sgx_ecc_state_handle_t *p_ecc_handle - Pointer to the handle of ECC crypto system */
sgx_status_t sgx_ecc256_open_context(sgx_ecc_state_handle_t* p_ecc_handle)
{
IppStatus ipp_ret = ippStsNoErr;
IppsECCPState* p_ecc_state = NULL;
// default use 256r1 parameter
int ctx_size = 0;
if (p_ecc_handle == NULL)
return SGX_ERROR_INVALID_PARAMETER;
ipp_ret = ippsECCPGetSize(256, &ctx_size);
if (ipp_ret != ippStsNoErr)
return SGX_ERROR_UNEXPECTED;
p_ecc_state = (IppsECCPState*)(malloc(ctx_size));
if (p_ecc_state == NULL)
return SGX_ERROR_OUT_OF_MEMORY;
ipp_ret = ippsECCPInit(256, p_ecc_state);
if (ipp_ret != ippStsNoErr)
{
CLEAR_FREE_MEM(p_ecc_state, ctx_size);
*p_ecc_handle = NULL;
return SGX_ERROR_UNEXPECTED;
}
ipp_ret = ippsECCPSetStd256r1(p_ecc_state);
if (ipp_ret != ippStsNoErr)
{
CLEAR_FREE_MEM(p_ecc_state, ctx_size);
*p_ecc_handle = NULL;
return SGX_ERROR_UNEXPECTED;
}
*p_ecc_handle = p_ecc_state;
return SGX_SUCCESS;
}
/* Cleans up ecc context
* Parameters:
* Return: sgx_status_t - SGX_SUCCESS or failure as defined sgx_error.h
* Output: sgx_ecc_state_handle_t ecc_handle - Handle to ECC crypto system */
sgx_status_t sgx_ecc256_close_context(sgx_ecc_state_handle_t ecc_handle)
{
if (ecc_handle == NULL)
{
return SGX_ERROR_INVALID_PARAMETER;
}
IppsECCPState* p_ecc_state = (IppsECCPState*)ecc_handle;
int ctx_size = 0;
IppStatus ipp_ret = ippsECCPGetSize(256, &ctx_size);
if (ipp_ret != ippStsNoErr)
{
free(p_ecc_state);
return SGX_SUCCESS;
}
CLEAR_FREE_MEM(p_ecc_state, ctx_size);
return SGX_SUCCESS;
}
/** Create an ECC public key based on a given ECC private key.
*
* Parameters:
* Return: sgx_status_t - SGX_SUCCESS or failure as defined in sgx_error.h
* Input: p_att_priv_key - Input private key
* Output: p_att_pub_key - Output public key - LITTLE ENDIAN
*
*/
sgx_status_t sgx_ecc256_calculate_pub_from_priv(const sgx_ec256_private_t *p_att_priv_key, sgx_ec256_public_t *p_att_pub_key)
{
if ((p_att_priv_key == NULL) || (p_att_pub_key == NULL)) {
return SGX_ERROR_INVALID_PARAMETER;
}
IppsECCPState* p_ecc_state = NULL;
sgx_status_t ret = SGX_ERROR_UNEXPECTED;
int ctx_size = 0;
int point_size = 0;
IppsECCPPointState* public_key = NULL;
IppsBigNumState* bn_o = NULL;
IppsBigNumState* bn_x = NULL;
IppsBigNumState* bn_y = NULL;
sgx_ec256_private_t att_priv_key_be;
uint8_t* p_temp;
int size = 0;
IppsBigNumSGN sgn;
do {
//get the size of the IppsECCPState context
//
if (ippsECCPGetSize(ECC_FIELD_SIZE, &ctx_size) != ippStsNoErr) {
break;
}
//allocate ecc ctx
//
p_ecc_state = (IppsECCPState*)(malloc(ctx_size));
if (NULL == p_ecc_state) {
ret = SGX_ERROR_OUT_OF_MEMORY;
break;
}
//init ecc ctx
//
if (ippsECCPInit(ECC_FIELD_SIZE, p_ecc_state) != ippStsNoErr) {
break;
}
//set up elliptic curve domain parameters over GF(p)
//
if (ippsECCPSetStd(IppECCPStd256r1, p_ecc_state) != ippStsNoErr) {
break;
}
//get point (public key) size
//
if (ippsECCPPointGetSize(ECC_FIELD_SIZE, &point_size) != ippStsNoErr) {
break;
}
//allocate point of point_size size
//
public_key = (IppsECCPPointState*)(malloc(point_size));
if (NULL == public_key) {
ret = SGX_ERROR_OUT_OF_MEMORY;
break;
}
//init point
//
if (ippsECCPPointInit(ECC_FIELD_SIZE, public_key) != ippStsNoErr) {
break;
}
//allocate bn_o, will be used for private key
//
if (sgx_ipp_newBN(NULL, sizeof(sgx_ec256_private_t), &bn_o) != ippStsNoErr) {
break;
}
//convert private key into big endian
//
p_temp = (uint8_t*)p_att_priv_key;
for (uint32_t i = 0; i<sizeof(att_priv_key_be); i++) {
att_priv_key_be.r[i] = *(p_temp + sizeof(att_priv_key_be) - 1 - i);
}
//assign private key into bn_o
//
if (ippsSetOctString_BN(reinterpret_cast<Ipp8u *>(&att_priv_key_be), sizeof(sgx_ec256_private_t), bn_o) != ippStsNoErr) {
break;
}
//compute public key from the given private key (bn_o) of the elliptic cryptosystem (p_ecc_state) over GF(p).
//
if (ippsECCPPublicKey(bn_o, public_key, p_ecc_state) != ippStsNoErr) {
break;
}
//allocate BNs
//
if (sgx_ipp_newBN(NULL, sizeof(sgx_ec256_private_t), &bn_x) != ippStsNoErr) {
break;
}
if (sgx_ipp_newBN(NULL, sizeof(sgx_ec256_private_t), &bn_y) != ippStsNoErr) {
break;
}
//assign public key into BNs
//
if (ippsECCPGetPoint(bn_x, bn_y, public_key, p_ecc_state) != ippStsNoErr) {
break;
}
//output key in little endian order
//
//gx value
if (ippsGetSize_BN(bn_x, &size) != ippStsNoErr) {
break;
}
if (ippsGet_BN(&sgn, &size, reinterpret_cast<Ipp32u *>(p_att_pub_key->gx), bn_x) != ippStsNoErr) {
break;
}
//gy value
//
if (ippsGetSize_BN(bn_y, &size) != ippStsNoErr) {
break;
}
if (ippsGet_BN(&sgn, &size, reinterpret_cast<Ipp32u *>(p_att_pub_key->gy), bn_y) != ippStsNoErr) {
break;
}
ret = SGX_SUCCESS;
} while (0);
//in case of failure clear public key
//
if (ret != SGX_SUCCESS) {
(void)memset_s(p_att_pub_key, sizeof(sgx_ec256_public_t), 0, sizeof(sgx_ec256_public_t));
}
CLEAR_FREE_MEM(p_ecc_state, ctx_size);
CLEAR_FREE_MEM(public_key, point_size);
sgx_ipp_secure_free_BN(bn_o, sizeof(sgx_ec256_private_t));
sgx_ipp_secure_free_BN(bn_x, sizeof(sgx_ec256_private_t));
sgx_ipp_secure_free_BN(bn_y, sizeof(sgx_ec256_private_t));
return ret;
}
