Gilad Ben-Yossef | 033327a | 2019-05-15 09:24:04 +0300 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | |
| 7 | #ifndef _BSV_CRYPTO_ASYM_API_H |
| 8 | #define _BSV_CRYPTO_ASYM_API_H |
| 9 | |
| 10 | #ifdef __cplusplus |
| 11 | extern "C" |
| 12 | { |
| 13 | #endif |
| 14 | |
| 15 | /*! |
| 16 | @file |
| 17 | @brief This file contains the cryptographic Asymmetric ROM APIs of the Boot Services. |
| 18 | |
| 19 | @defgroup cc_bsv_crypto_asym_api CryptoCell Boot Services cryptographic Asymmetric ROM APIs |
| 20 | @{ |
| 21 | @ingroup cc_bsv |
| 22 | */ |
| 23 | |
| 24 | #include "cc_pal_types.h" |
| 25 | #include "cc_pka_hw_plat_defs.h" |
| 26 | #include "cc_sec_defs.h" |
| 27 | #include "bsv_crypto_api.h" |
| 28 | |
| 29 | /*! Defines the workspace size in bytes needed for internal Asymmetric operations. */ |
| 30 | #define BSV_RSA_WORKSPACE_MIN_SIZE (4*BSV_CERT_RSA_KEY_SIZE_IN_BYTES +\ |
| 31 | 2*RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES) |
| 32 | |
| 33 | /*! Definition for the RSA public modulus array. */ |
| 34 | typedef uint32_t CCBsvNBuff_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS]; |
| 35 | |
| 36 | /*! Definition for the RSA Barrett mod tag array. */ |
| 37 | typedef uint32_t CCBsvNpBuff_t[RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES]; |
| 38 | |
| 39 | /*! Definition for the RSA signature array. */ |
| 40 | typedef uint32_t CCBsvSignature_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS]; |
| 41 | |
| 42 | |
| 43 | /*---------------------------- |
| 44 | PUBLIC FUNCTIONS |
| 45 | -----------------------------------*/ |
| 46 | |
| 47 | /*! |
| 48 | @brief This function performs the primitive operation of RSA, meaning exponent and modulus. |
| 49 | outBuff = (pInBuff ^ Exp) mod NBuff. ( Exp = 0x10001 ) |
| 50 | |
| 51 | The function supports 2k and 3K bit size of modulus, based on compile time define. |
| 52 | There are no restriction on pInBuff location, however its size must be equal to BSV_RSA_KEY_SIZE_IN_BYTES and its |
| 53 | value must be smaller than the modulus. |
| 54 | |
| 55 | |
| 56 | @return \c CC_OK on success. |
| 57 | @return A non-zero value from bsv_error.h on failure. |
| 58 | */ |
| 59 | CCError_t CC_BsvRsaPrimVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ |
| 60 | CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */ |
| 61 | CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */ |
| 62 | uint32_t *pInBuff, /*!< [in] The DataIn buffer to be encrypted. */ |
| 63 | size_t inBuffSize, /*!< [in] The DataIn buffer size in bytes, must be BSV_RSA_KEY_SIZE_IN_BYTES. */ |
| 64 | CCBsvSignature_t pOutBuff, /*!< [out] The encrypted buffer in big endian format. */ |
| 65 | uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */ |
| 66 | size_t workBufferSize /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */ |
| 67 | ); |
| 68 | |
| 69 | |
| 70 | /*! |
| 71 | @brief This function performs RSA PSS verify. |
| 72 | |
| 73 | The function should support 2k and 3K bit size of modulus, based on compile time define. |
| 74 | |
| 75 | @return \c CC_OK on success. |
| 76 | @return A non-zero value from bsv_error.h on failure. |
| 77 | */ |
| 78 | CCError_t CC_BsvRsaPssVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ |
| 79 | CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */ |
| 80 | CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */ |
| 81 | CCBsvSignature_t signature, /*!< [in] The signature buffer to verify - big endian format. */ |
| 82 | CCHashResult_t hashedData, /*!< [in] The data-in buffer to be verified as sha256 digest. */ |
| 83 | uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */ |
| 84 | size_t workBufferSize, /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */ |
| 85 | CCBool_t *pIsVerified /*!< [out] The flag indicates whether the signature is verified or not. |
| 86 | If verified value will be CC_TRUE, otherwise CC_FALSE */ |
| 87 | ); |
| 88 | |
| 89 | |
| 90 | |
| 91 | #ifdef __cplusplus |
| 92 | } |
| 93 | #endif |
| 94 | |
| 95 | #endif |
| 96 | |
| 97 | /** |
| 98 | @} |
| 99 | */ |
| 100 | |