/** * This function provide HASH function to process one buffer of data. * The function allocates an internal HASH Context , it initializes the * HASH Context with the cryptographic attributes that are needed for * the HASH block operation ( initialize H's value for the HASH algorithm ). * Then the function loads the Hardware with the initializing values and after * that process the data block using the hardware to do hash . * At the end the function return the message digest of the data buffer . * * @param[in] OperationMode - The operation mode : MD5 or SHA1. * * @param DataIn_ptr a pointer to the buffer that stores the data to be * hashed . * * @param DataInSize The size of the data to be hashed in bytes. * * @retval HashResultBuff a pointer to the target buffer where the * HASE result stored in the context is loaded to. * * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. * */ CEXPORT_C CRYSError_t CRYS_HASH ( CRYS_HASH_OperationMode_t OperationMode, DxUint8_t* DataIn_ptr, DxUint32_t DataSize, CRYS_HASH_Result_t HashResultBuff ) { CRYSError_t Error = CRYS_OK; CRYS_HASHUserContext_t UserContext; Error = CRYS_HASH_Init( &UserContext, OperationMode); if (Error != CRYS_OK) { goto end; } Error = CRYS_HASH_Update( &UserContext, DataIn_ptr, DataSize ); if (Error != CRYS_OK) { goto end; } Error = CRYS_HASH_Finish( &UserContext, HashResultBuff ); end: CRYS_HASH_Free( &UserContext ); return Error; }
int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId) { CRYSError_t ret = 0; (void)heap; (void)devId; if (sha256 == NULL) return BAD_FUNC_ARG; XMEMSET(sha256->digest, 0, sizeof(sha256->digest)); /* initializes the HASH context and machine to the supported mode.*/ ret = CRYS_HASH_Init(&sha256->ctx, CRYS_HASH_SHA256_mode); if (ret != SA_SILIB_RET_OK){ WOLFSSL_MSG("Error CRYS_HASH_Init failed"); } return ret; }
/** * @brief CRYS_KDF_KeyDerivFunc performs key derivation according to one of some modes defined in standards: ANSI X9.42-2001, ANSI X9.63, OMA_TS_DRM_DRM_V2_0-20050712-C, ISO/IEC 18033-2. The present implementation of the function allows the following operation modes: - CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding; - CRYS_KDF_ConcatDerivMode - mode based on concatenation; - CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode; - CRYS_KDF_OMA_DRM_DerivMode - specific mode for OMA DRM; - CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to ECIES-KEM algorithm (ISO/IEC 18033-2). The purpose of this function is to derive a keying data from the shared secret value and some other optional shared information (SharedInfo). For calling the API on some specific modes may be used the following macros: - CRYS_KDF_ASN1_KeyDerivFunc ; - CRYS_KDF_ConcatKeyDerivFunc ; - CRYS_KDF_OMADRM_DerivFunc. \note The length in Bytes of the hash result buffer is denoted by "hashlen". \note All buffers arguments are represented in Big-Endian format. @param[in] ZZSecret_ptr - A pointer to shared secret value octet string. @param[in] ZZSecretSize - The size of the shared secret value in bytes. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE. @param[in] OtherInfo - The pointer to structure , containing the data, shared by two entities of agreement and the data sizes. This argument is optional for some modes (if it is not needed - set NULL). On KDF OMA_DRM and two ISO/IEC 18033-2 modes - set NULL. On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory. @param[in] KDFhashMode - The KDF identifier of hash function to be used. The hash function output must be at least 160 bits. @param[in] derivation_mode - Specifies one of above described derivation modes. @param[out] KeyingData_ptr - A pointer to the buffer for derived keying data. @param[in] KeyingDataSizeBytes - The size in bytes of the keying data to be derived. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA. @return CRYSError_t - On success the value CRYS_OK is returned, and on failure an ERROR as defined in CRYS_KDF_error.h: CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR CRYS_KDF_INVALID_SIZE_OF_DATA_TO_HASHING_ERROR CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR */ CEXPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc( DxUint8_t *ZZSecret_ptr, DxUint32_t ZZSecretSize, CRYS_KDF_OtherInfo_t *OtherInfo_ptr, CRYS_KDF_HASH_OpMode_t KDFhashMode, CRYS_KDF_DerivFuncMode_t derivation_mode, DxUint8_t *KeyingData_ptr, DxUint32_t KeyingDataSizeBytes ) { /* FUNCTION DECLARATIONS */ /* The return error identifier */ CRYSError_t Error; /* HASH function context structure buffer and parameters */ CRYS_HASHUserContext_t HashContext; CRYS_HASH_OperationMode_t hashMode; DxUint32_t HashOutputSizeBytes; /*The result buffer for the Hash*/ CRYS_HASH_Result_t HashResultBuff; /* Total count of full HASH blockss for deriving the keying data */ DxUint32_t CountOfHashBlocks; /* Loop counters */ DxUint32_t i, j; /*counter of Hash blocks (to be hashed with ZZ and OtherInfo) */ DxUint32_t Counter; /* Current output buffer position */ DxUint32_t CurrentOutputBuffPos = 0; DxUint32_t *OtherInfoEntry_ptr; DxUint8_t *temp_ptr; DxUint32_t remBuffSize; /*.... HASH Init function .....*/ /* FUNCTION LOGIC */ /* ............... local initializations .............................. */ /* -------------------------------------------------------------------- */ /* initializing the Error to O.K */ Error = CRYS_OK; /* ............... if not supported exit .............................. */ /* -------------------------------------------------------------------- */ PRINT_INFO("--->NOW inter into CRYS_KDF_KeyDerivFunc\n"); RETURN_IF_KDF_UNSUPPORTED( ZZSecret_ptr , ZZSecretSize , OtherInfo_ptr , KDFhashMode , derivation_mode , KeyingData_ptr , KeyingDataSizeBytes , hashMode , HashOutputSizeBytes , HashContext.valid_tag , CountOfHashBlocks , i , j , Counter , CurrentOutputBuffPos , HashResultBuff[0] , OtherInfoEntry_ptr , temp_ptr , remBuffSize , Error , Error ); #ifndef CRYS_NO_HASH_SUPPORT #ifndef CRYS_NO_KDF_SUPPORT /* ............... checking the parameters validity ................... */ /* -------------------------------------------------------------------- */ /* if an argument pointer is DX_NULL return an error */ if( ZZSecret_ptr == DX_NULL || KeyingData_ptr == DX_NULL ) return CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR; if( derivation_mode >= CRYS_KDF_DerivFunc_NumOfModes ) return CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR; if( derivation_mode == CRYS_KDF_ASN1_DerivMode && (OtherInfo_ptr == DX_NULL || OtherInfo_ptr->SizeOfAlgorithmID == 0)) return CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR; /*On KDF1 and KDF2 derivation modes set OtherInfo_ptr = DX_NULL */ if(derivation_mode == CRYS_KDF_ISO18033_KDF1_DerivMode || derivation_mode == CRYS_KDF_ISO18033_KDF2_DerivMode){ OtherInfo_ptr = DX_NULL; } /* Check sizes of the input data to be hashed according to KDF * * limitations) */ if(ZZSecretSize == 0 || ZZSecretSize > CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE ) return CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR; if( OtherInfo_ptr != DX_NULL ) { if( OtherInfo_ptr->SizeOfAlgorithmID > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY ) return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR; if( OtherInfo_ptr->SizeOfPartyUInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY ) return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR; if( OtherInfo_ptr->SizeOfPartyVInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY ) return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR; if( OtherInfo_ptr->SizeOfSuppPrivInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY ) return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR; if( OtherInfo_ptr->SizeOfSuppPubInfo > CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY ) return CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR; } /* Check the size of keying data */ if( KeyingDataSizeBytes == 0 || KeyingDataSizeBytes > CRYS_KDF_MAX_SIZE_OF_KEYING_DATA) return CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR; /*................ Setting parameters according to current operation modes .......... */ /*------------------------------------------------------------------------------------*/ switch( KDFhashMode ) { case CRYS_KDF_HASH_SHA1_mode: hashMode = CRYS_HASH_SHA1_mode; HashOutputSizeBytes = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES; break; case CRYS_KDF_HASH_SHA224_mode: hashMode = CRYS_HASH_SHA224_mode; HashOutputSizeBytes = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES; break; case CRYS_KDF_HASH_SHA256_mode: hashMode = CRYS_HASH_SHA256_mode; HashOutputSizeBytes = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES; break; case CRYS_KDF_HASH_SHA384_mode: hashMode = CRYS_HASH_SHA384_mode; HashOutputSizeBytes = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES; break; case CRYS_KDF_HASH_SHA512_mode: hashMode = CRYS_HASH_SHA512_mode; HashOutputSizeBytes = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES; break; default: return CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR; } /* Count of HASH blocks needed for key derivation etc. */ CountOfHashBlocks = ( KeyingDataSizeBytes + HashOutputSizeBytes - 1 )/ HashOutputSizeBytes; temp_ptr = (DxUint8_t*)&gKdfHashTempBuff[0]; remBuffSize = CRYS_HASH_BLOCK_SIZE_IN_BYTES; /* ********** Keying data derivation loop ************ */ for( i = 0; i < CountOfHashBlocks; i++ ) { /*.... HASH Init function .....*/ Error = CRYS_HASH_Init(&HashContext, hashMode); PRINT_INFO("--->NOW after CRYS_HASH_Init\n"); if(Error != CRYS_OK) return Error; /*....... Hashing input data by calling HASH_Update function .......*/ /*------------------------------------------------------------------*/ /*.... Hashing of the shared secret value ....*/ Error = _DX_KDF_HASH_UnalignUpdate(&HashContext, ZZSecret_ptr,ZZSecretSize, temp_ptr, &remBuffSize); PRINT_INFO("--->NOW after _DX_KDF_HASH_UnalignUpdate\n"); if(Error != CRYS_OK) goto End; /*.... Hashing of the AlgorithmID (on ASN1 Derivation Mode only) ....*/ if( derivation_mode == CRYS_KDF_ASN1_DerivMode ) { Error = _DX_KDF_HASH_UnalignUpdate(&HashContext, (DxUint8_t *)(OtherInfo_ptr->AlgorithmID), OtherInfo_ptr->SizeOfAlgorithmID, temp_ptr, &remBuffSize); PRINT_INFO("--->NOW after derivation_mode == CRYS_KDF_ASN1_DerivMode , _DX_KDF_HASH_UnalignUpdate\n"); if(Error != CRYS_OK) goto End; } /* Set the blocks counter in big endianness mode */ if(derivation_mode == CRYS_KDF_ISO18033_KDF1_DerivMode) Counter = CRYS_COMMON_REVERSE32(i); else Counter = CRYS_COMMON_REVERSE32(i+1); PRINT_INFO("--->NOW after CRYS_COMMON_REVERSE32()\n"); /*.... Hashing of the blocks counter ....*/ Error = _DX_KDF_HASH_UnalignUpdate(&HashContext, (DxUint8_t *)&Counter, sizeof(DxUint32_t), temp_ptr, &remBuffSize); if(Error != CRYS_OK) goto End; /* ..... Hashing of remaining data of the OtherInfo ..... */ if( OtherInfo_ptr != DX_NULL ) { /* Set OtherInfoEntry_ptr to second entry pointer */ OtherInfoEntry_ptr = (DxUint32_t*)OtherInfo_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4 + 1; /* OtherInfo data concatenating and hashing loop */ for( j = 0; j < CRYS_KDF_COUNT_OF_OTHER_INFO_ENTRIES - 1; j++ ) { /* if entry exists hash it */ if( *(OtherInfoEntry_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4) != 0 ) { Error = _DX_KDF_HASH_UnalignUpdate(&HashContext, (DxUint8_t *)OtherInfoEntry_ptr/*pointer to entry*/, *(OtherInfoEntry_ptr + CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4)/*size of entry*/, temp_ptr, &remBuffSize); if(Error != CRYS_OK) goto End; } /* Shift the pointer to the next entry */ OtherInfoEntry_ptr += CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY/4 + 1; } } /* last Hash update on remaining data in the temp buffer */ if(remBuffSize < CRYS_HASH_BLOCK_SIZE_IN_BYTES) { Error = CRYS_HASH_Update(&HashContext, temp_ptr, CRYS_HASH_BLOCK_SIZE_IN_BYTES - remBuffSize); PRINT_INFO("--->NOW after CRYS_HASH_Update()\n"); if(Error != CRYS_OK) goto End; } /* .......... HASH Finish operation ............. */ Error = CRYS_HASH_Finish( &HashContext , HashResultBuff ); PRINT_INFO("--->NOW after CRYS_HASH_Finish()\n"); if(Error != CRYS_OK) goto End; /* Correction of output data size for last block ( if it is not full ) */ if( i == CountOfHashBlocks - 1 ) HashOutputSizeBytes = KeyingDataSizeBytes - i * HashOutputSizeBytes; PRINT_INFO("--->NOW begin DX_VOS_FastMemCpy\n"); /* Copying HASH data into output buffer */ DX_VOS_FastMemCpy(&KeyingData_ptr[CurrentOutputBuffPos],(DxUint8_t *)HashResultBuff, HashOutputSizeBytes); /* Increment the output buffer position */ CurrentOutputBuffPos += HashOutputSizeBytes; } End: DX_VOS_MemSetZero(gKdfHashTempBuff, sizeof(gKdfHashTempBuff)); return Error; #endif /*CRYS_NO_KDF_SUPPORT*/ #endif /*CRYS_NO_HASH_SUPPORT*/ }/* END OF CRYS_KDF_KeyDerivationFunc */
CEXPORT_C CRYSError_t _DX_RSA_VerifyInit(CRYS_RSAPubUserContext_t *UserContext_ptr, CRYS_RSAUserPubKey_t *UserPubKey_ptr, CRYS_RSA_HASH_OpMode_t hashFunc, CRYS_PKCS1_MGF_t MGF, DxUint16_t SaltLen, CRYS_PKCS1_version PKCS1_ver) { /* FUNCTION DECLERATIONS */ /* The return error identifier */ CRYSError_t Error; /* This pointer is allocated in order to remove compiler alias problems */ void *tempWorkingctx_ptr; /* defining a pointer to the active context allcated by the CCM */ RSAPubContext_t *ccmWorkingContext_ptr ; /*Pointer to the public key for lengths checking*/ CRYSRSAPubKey_t *PubKey_ptr; /*The size of the modulus for lengths checking*/ DxUint16_t ModulusSizeBytes; /* FUNCTION LOGIC */ /* ............... local initializations .............................. */ /* -------------------------------------------------------------------- */ /* initializing the Error to O.K */ Error = CRYS_OK; /* initialize the module size to cancel compilers warnings */ ModulusSizeBytes = 0; /* ............... if not supported exit .............................. */ /* -------------------------------------------------------------------- */ RETURN_IF_RSA_UNSUPPORTED(UserContext_ptr , UserPubKey_ptr , hashFunc , MGF , SaltLen , PKCS1_ver, ccmWorkingContext_ptr , PubKey_ptr , ModulusSizeBytes , Error , Error , Error , Error , Error , Error , Error , Error , Error , Error , Error , Error , Error); #ifndef CRYS_NO_HASH_SUPPORT #ifndef CRYS_NO_PKI_SUPPORT /* ............... checking the parameters validity ................... */ /* -------------------------------------------------------------------- */ /* if the users context ID pointer is DX_NULL return an error */ if( UserContext_ptr == DX_NULL ) return CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR; /*if the private key object is DX_NULL return an error*/ if (UserPubKey_ptr == DX_NULL) return CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR; /* check if the hash operation mode is legal */ if( hashFunc >= CRYS_RSA_HASH_NumOfModes) return CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR; /* check if the MGF operation mode is legal */ if(MGF >= CRYS_RSA_NumOfMGFFunctions) return CRYS_RSA_MGF_ILLEGAL_ARG_ERROR; /* check that the PKCS1 version argument is legal*/ if(PKCS1_ver >= CRYS_RSA_NumOf_PKCS1_versions) return CRYS_RSA_PKCS1_VER_ARG_ERROR; /*According to the PKCS1 ver 2.1 standart it is not recommended to use MD5 hash therefore we do not support it */ if(PKCS1_ver == CRYS_PKCS1_VER21 && hashFunc == CRYS_RSA_HASH_MD5_mode) return CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR; #ifndef DX_OEM_FW if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, UserContext_ptr, sizeof(CRYS_RSAPubUserContext_t)) || DxCcAcl_IsBuffAccessOk(ACCESS_READ, UserPubKey_ptr, sizeof(CRYS_RSAUserPubKey_t))){ return CRYS_RSA_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR; } #endif /*If the validation tag is incorrect*/ if(UserPubKey_ptr->valid_tag != CRYS_RSA_PUB_KEY_VALIDATION_TAG) return CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR; /*Checking if a check on salt length is needed*/ if(SaltLen != CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN && PKCS1_ver == CRYS_PKCS1_VER21) { /*Initializing the Modulus Size in Bytes needed for SaltLength parameter check*/ PubKey_ptr = (CRYSRSAPubKey_t *)UserPubKey_ptr->PublicKeyDbBuff; /*Note: the (-1) is due to the PKCS#1 Ver2.1 standard section 9.1.1*/ ModulusSizeBytes = (DxUint16_t)((PubKey_ptr->nSizeInBits -1) / 8); if((PubKey_ptr->nSizeInBits -1) % 8) ModulusSizeBytes++; } /* .................. initializing local variables ................... */ /* ------------------------------------------------------------------- */ /* ................. aquiring the RSA context ............................. */ /* ----------------------------------------------------------------------- */ /*Get the working context*/ Error = CRYS_CCM_GetContext( UserContext_ptr, /* the users context space - in */ &tempWorkingctx_ptr, /* the CCM context returned - out */ DX_RSA_VERIFY_CONTEXT, /* AES type - in */ AES_DONT_DECRYPT_CONTEXT); /* need to decrypt context in AES_block*/ if(Error != CRYS_OK ) return Error; ccmWorkingContext_ptr = (RSAPubContext_t*)tempWorkingctx_ptr; /*Reset the Context handler for improper previous values initialized*/ DX_VOS_MemSet(ccmWorkingContext_ptr,0,sizeof(RSAPubContext_t)); /* ................. loading the context .................................. */ /* ------------------------------------------------------------------------ */ /*Initializing the Hash operation mode in the RSA Context level*/ ccmWorkingContext_ptr->HashOperationMode = hashFunc; switch(ccmWorkingContext_ptr->HashOperationMode) { case CRYS_RSA_HASH_MD5_mode : ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)((ccmWorkingContext_ptr->CRYSPKAHashCtxBuff))), CRYS_HASH_MD5_mode); /*The MD5 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_HASH_SHA1_mode: ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)) , CRYS_HASH_SHA1_mode); /*The SHA1 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_HASH_SHA224_mode: ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)), CRYS_HASH_SHA224_mode); /*The SHA224 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_HASH_SHA256_mode: ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init( ((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)), CRYS_HASH_SHA256_mode); /*The SHA256 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_HASH_SHA384_mode: ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init(((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)), CRYS_HASH_SHA384_mode); /*The SHA384 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_HASH_SHA512_mode: ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS; Error = CRYS_HASH_Init(((CRYS_HASHUserContext_t *)(ccmWorkingContext_ptr->CRYSPKAHashCtxBuff)), CRYS_HASH_SHA512_mode); /*The SHA512 mode according to the Hash level enum*/ if(Error != CRYS_OK) goto END_WITH_ERROR; break; case CRYS_RSA_After_MD5_mode: /*For PKCS1 v1.5 when the data in is already hashed with MD5*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_After_SHA1_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA1*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_After_SHA224_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA224*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_After_SHA256_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA256*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_After_SHA384_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA384*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_After_SHA512_mode: /*For PKCS1 v1.5 when the data in is already hashed with SHA512*/ ccmWorkingContext_ptr->HASH_Result_Size = CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS; break; case CRYS_RSA_HASH_NO_HASH_mode: /*Used for PKCS1 v1.5 Encrypt and Decrypt - not relevant in Sign-Verify*/ break; /*do nothing*/ case CRYS_RSA_After_HASH_NOT_KNOWN_mode : /*used for PKCS1 v1.5 Verify only - possible to derive the hash mode from the signature*/ if( PKCS1_ver == CRYS_PKCS1_VER21) { Error = CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR; goto END_WITH_ERROR; } break; /*do nothing*/ default: Error = CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR; goto END_WITH_ERROR; } switch(PKCS1_ver) { case CRYS_PKCS1_VER15: ccmWorkingContext_ptr->PKCS1_Version=CRYS_PKCS1_VER15; break; case CRYS_PKCS1_VER21: ccmWorkingContext_ptr->PKCS1_Version=CRYS_PKCS1_VER21; /*Checking restriction of Salt Length ; Hash output size and the mosulus*/ if(SaltLen != CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN && ModulusSizeBytes < (DxUint32_t)(ccmWorkingContext_ptr->HASH_Result_Size*4 + SaltLen + 2)) { Error = CRYS_RSA_PSS_ENCODING_MODULUS_HASH_SALT_LENGTHS_ERROR; goto END_WITH_ERROR; } break; default: Error = CRYS_RSA_PKCS1_VER_ARG_ERROR; goto END_WITH_ERROR; } switch(MGF) { case CRYS_PKCS1_MGF1: case CRYS_PKCS1_NO_MGF: ccmWorkingContext_ptr->MGF_2use = MGF; break; default: Error = CRYS_RSA_MGF_ILLEGAL_ARG_ERROR; goto END_WITH_ERROR; } /*Copying the RSA Pub key argument to the context*/ DX_VOS_FastMemCpy((DxUint8_t *)&ccmWorkingContext_ptr->PubUserKey,(DxUint8_t *)UserPubKey_ptr,sizeof(CRYS_RSAUserPubKey_t)); /*Initial the Salt random length relevant for PKCS#1 Ver2.1*/ ccmWorkingContext_ptr->SaltLen = SaltLen; /* Initialize the size of the modulus */ ccmWorkingContext_ptr->nSizeInBytes = (((CRYSRSAPubKey_t*)UserPubKey_ptr->PublicKeyDbBuff)->nSizeInBits+7)/8; /* set the RSA tag to the users context */ UserContext_ptr->valid_tag = CRYS_RSA_VERIFY_CONTEXT_VALIDATION_TAG; goto END; END: /* ................. release the context ................................. */ /* ----------------------------------------------------------------------- */ Error = CRYS_CCM_ReleaseContext(UserContext_ptr, /* the users context space - in */ ccmWorkingContext_ptr, /* the CCM context returned - in */ DX_RSA_VERIFY_CONTEXT); /* RSA type - in */ return Error; END_WITH_ERROR: /* ................. release the context ................................. */ /* ----------------------------------------------------------------------- */ { CRYSError_t Error1 = CRYS_CCM_ReleaseContext(UserContext_ptr, /* the users context space - in */ ccmWorkingContext_ptr, /* the CCM context returned - in */ DX_RSA_VERIFY_CONTEXT); /* RSA type - in */ if(Error1 != CRYS_OK) { PLAT_LOG_DEV_PRINT(( 10 ," \n Error1 from CRYS_CCM_ReleaseContext is %lX \n" ,Error1)); } } /* .............. clearing the users context in case of error.......... */ /* -------------------------------------------------------------------- */ DX_VOS_MemSet(UserContext_ptr,0,sizeof(CRYS_RSAPubUserContext_t)); return Error; #endif /* !CRYS_NO_HASH_SUPPORT */ #endif /* !CRYS_NO_PKI_SUPPORT */ }/* END OF _DX_RSA_VerifyInit */