IppStatus InitSHA512(const DigestSHA512 IV, IppsSHA512State* pState)
{
/* test state pointer */
IPP_BAD_PTR1_RET(pState);
/* use aligned context */
pState = (IppsSHA512State*)( IPP_ALIGNED_PTR(pState, SHA512_ALIGNMENT) );
/* set state ID */
SHS_ID(pState) = idCtxSHA512;
/* zeros message length */
SHS_LENL(pState) = 0;
SHS_LENH(pState) = 0;
/* message buffer is free */
SHS_INDX(pState) = 0;
/* setup initial digest */
SHS_HASH(pState)[0] = IV[0];
SHS_HASH(pState)[1] = IV[1];
SHS_HASH(pState)[2] = IV[2];
SHS_HASH(pState)[3] = IV[3];
SHS_HASH(pState)[4] = IV[4];
SHS_HASH(pState)[5] = IV[5];
SHS_HASH(pState)[6] = IV[6];
SHS_HASH(pState)[7] = IV[7];
return ippStsNoErr;
}
static int GenerateSing(const Ipp8u* pMsg, int msgLen, /* message representation */
const Ipp8u* pSalt, int saltLen, /* fied string */
Ipp8u* pSign,
const IppsRSAPrivateKeyState* pPrvKey,
const IppsRSAPublicKeyState* pPubKey,
Ipp8u* pBuffer)
{
/* size of RSA modulus in bytes and chunks */
cpSize rsaBits = RSA_PRV_KEY_BITSIZE_N(pPrvKey);
cpSize k = BITS2WORD8_SIZE(rsaBits);
cpSize nsN = BITS_BNU_CHUNK(rsaBits);
/* EMSA-PKCS-v1_5 encoding */
int result = EMSA_PKCSv15(pMsg,msgLen, pSalt,saltLen, pSign, k);
if(result) {
/* align buffer */
BNU_CHUNK_T* pScratchBuffer = (BNU_CHUNK_T*)(IPP_ALIGNED_PTR(pBuffer, (int)sizeof(BNU_CHUNK_T)) );
/* temporary BNs */
__ALIGN8 IppsBigNumState bnC;
__ALIGN8 IppsBigNumState bnP;
/* make BNs */
BN_Make(pScratchBuffer, pScratchBuffer+nsN+1, nsN, &bnC);
pScratchBuffer += (nsN+1)*2;
BN_Make(pScratchBuffer, pScratchBuffer+nsN+1, nsN, &bnP);
pScratchBuffer += (nsN+1)*2;
/*
// private-key operation
*/
ippsSetOctString_BN(pSign, k, &bnC);
if(RSA_PRV_KEY1_VALID_ID(pPrvKey))
gsRSAprv_cipher(&bnP, &bnC, pPrvKey, pScratchBuffer);
else
gsRSAprv_cipher_crt(&bnP, &bnC, pPrvKey, pScratchBuffer);
ippsGetOctString_BN(pSign, k, &bnP);
/* check the result before send it out (fault attack mitigatioin) */
if(pPubKey) {
gsRSApub_cipher(&bnP, &bnP, pPubKey, pScratchBuffer);
/* check signature before send it out (fault attack mitigatioin) */
if(0!=cpBN_cmp(&bnP, &bnC)) {
PaddBlock(0, pSign, k);
result = 0;
}
}
}
return result;
}
// ippStsNoErr no errors
//
// Parameters:
// pPrivate pointer to the private key
// pPublic pointer to the resultant public key
// pECC pointer to the ECCP context
//
*F*/
IPPFUN(IppStatus, ippsECCPPublicKey, (const IppsBigNumState* pPrivate,
IppsECCPPointState* pPublic,
IppsECCPState* pECC))
{
/* test pECC */
IPP_BAD_PTR1_RET(pECC);
/* use aligned EC context */
pECC = (IppsECCPState*)( IPP_ALIGNED_PTR(pECC, ALIGN_VAL) );
/* test ID */
IPP_BADARG_RET(!ECP_VALID_ID(pECC), ippStsContextMatchErr);
/* test public key */
IPP_BAD_PTR1_RET(pPublic);
pPublic = (IppsECCPPointState*)( IPP_ALIGNED_PTR(pPublic, ALIGN_VAL) );
IPP_BADARG_RET(!ECP_POINT_VALID_ID(pPublic), ippStsContextMatchErr);
/* test private keys */
IPP_BAD_PTR1_RET(pPrivate);
pPrivate = (IppsBigNumState*)( IPP_ALIGNED_PTR(pPrivate, ALIGN_VAL) );
IPP_BADARG_RET(!BN_VALID_ID(pPrivate), ippStsContextMatchErr);
IPP_BADARG_RET(!((0<cpBN_tst(pPrivate)) && (0>cpBN_cmp(pPrivate, ECP_ORDER(pECC))) ), ippStsIvalidPrivateKey);
/* calculates public key */
//
// Parameters:
// pPrivate pointer to the private key
// pPublic pointer to the public key
// regular flag regular/ephemeral keys
// pECC pointer to the ECCP context
//
*F*/
IPPFUN(IppStatus, ippsECCPSetKeyPair, (const IppsBigNumState* pPrivate, const IppsECCPPointState* pPublic,
IppBool regular,
IppsECCPState* pECC))
{
/* test pECC */
IPP_BAD_PTR1_RET(pECC);
/* use aligned EC context */
pECC = (IppsECCPState*)( IPP_ALIGNED_PTR(pECC, ALIGN_VAL) );
/* test ID */
IPP_BADARG_RET(!ECP_VALID_ID(pECC), ippStsContextMatchErr);
{
IppsBigNumState* targetPrivate;
IppsECCPPointState* targetPublic;
if( regular ) {
targetPrivate = ECP_PRIVATE(pECC);
targetPublic = ECP_PUBLIC(pECC);
}
else {
targetPrivate = ECP_PRIVATE_E(pECC);
targetPublic = ECP_PUBLIC_E(pECC);
}
}
}
return result;
}
IPPFUN(IppStatus, ippsRSASign_PKCS1v15,(const Ipp8u* pMsg, int msgLen,
Ipp8u* pSign,
const IppsRSAPrivateKeyState* pPrvKey,
const IppsRSAPublicKeyState* pPubKey,
IppHashAlgId hashAlg,
Ipp8u* pBuffer))
{
/* test private key context */
IPP_BAD_PTR2_RET(pPrvKey, pBuffer);
pPrvKey = (IppsRSAPrivateKeyState*)( IPP_ALIGNED_PTR(pPrvKey, RSA_PRIVATE_KEY_ALIGNMENT) );
IPP_BADARG_RET(!RSA_PRV_KEY_VALID_ID(pPrvKey), ippStsContextMatchErr);
IPP_BADARG_RET(!RSA_PRV_KEY_IS_SET(pPrvKey), ippStsIncompleteContextErr);
/* test hash algorith ID */
hashAlg = cpValidHashAlg(hashAlg);
IPP_BADARG_RET(ippHashAlg_Unknown==hashAlg, ippStsNotSupportedModeErr);
/* use aligned public key context if defined */
if(pPubKey) {
pPubKey = (IppsRSAPublicKeyState*)( IPP_ALIGNED_PTR(pPubKey, RSA_PUBLIC_KEY_ALIGNMENT) );
IPP_BADARG_RET(!RSA_PUB_KEY_VALID_ID(pPubKey), ippStsContextMatchErr);
IPP_BADARG_RET(!RSA_PUB_KEY_IS_SET(pPubKey), ippStsIncompleteContextErr);
}
/* test data pointer */
// ippStsSizeErr BN_ROOM() is enough for keep actual strLen
//
// ippStsNoErr no errors
//
// Parameters:
// pOctStr pointer to the source octet string
// strLen octet string length
// pBN pointer to the target BN
//
*F*/
IPPFUN(IppStatus, ippsSetOctString_BN,(const Ipp8u* pOctStr, cpSize strLen,
IppsBigNumState* pBN))
{
IPP_BAD_PTR2_RET(pOctStr, pBN);
pBN = (IppsBigNumState*)( IPP_ALIGNED_PTR(pBN, BN_ALIGNMENT) );
IPP_BADARG_RET(!BN_VALID_ID(pBN), ippStsContextMatchErr);
IPP_BADARG_RET((0>strLen), ippStsLengthErr);
/* remove leading zeros */
while(strLen && (0==pOctStr[0])) {
strLen--;
pOctStr++;
}
/* test BN size */
IPP_BADARG_RET((int)(sizeof(BNU_CHUNK_T)*BN_ROOM(pBN))<strLen, ippStsSizeErr);
if(strLen)
BN_SIZE(pBN) = cpFromOctStr_BNU(BN_NUMBER(pBN), pOctStr, strLen);
else {