/**************************************************************************************
* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved *
* *
* This file and the related binary are licensed under the following license: *
* *
* ARM Object Code and Header Files License, v1.0 Redistribution. *
* *
* Redistribution and use of object code, header files, and documentation, without *
* modification, are permitted provided that the following conditions are met: *
* *
* 1) Redistributions must reproduce the above copyright notice and the *
* following disclaimer in the documentation and/or other materials *
* provided with the distribution. *
* *
* 2) Unless to the extent explicitly permitted by law, no reverse *
* engineering, decompilation, or disassembly of is permitted. *
* *
* 3) Redistribution and use is permitted solely for the purpose of *
* developing or executing applications that are targeted for use *
* on an ARM-based product. *
* *
* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND *
* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT *
* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, *
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE *
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, *
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED *
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR *
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF *
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING *
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS *
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
**************************************************************************************/
#ifndef _CRYS_DH_H
#define _CRYS_DH_H
#include "crys_rsa_types.h"
#include "crys_kdf.h"
#include "crys_rnd.h"
#ifdef __cplusplus
extern "C"
{
#endif
/*!
@file
@brief This module defines the API that supports Diffie-Hellman key exchange, as defined in [PKCS3] and in [X9.42] (key lengths 1024 and 2048 bits).
@defgroup crys_dh CryptoCell DH APIs
@{
@ingroup cryptocell_api
*/
/************************ Defines ******************************/
/*! Defintion for DH public key.*/
#define CRYS_DHPubKey_t CRYSRSAPubKey_t
/*! Maximal valid key size in bits.*/
#define CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS /*!< \internal RL restrict to 2048 */
/*! Minimal valid key size in bits.*/
#define CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 1024 /*!< Size limitation according to ANSI standard */
/*! Maximal modulus size in bytes.*/
#define CRYS_DH_MAX_MOD_SIZE_IN_BYTES (CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / SASI_BITS_IN_BYTE)
/*! Maximal modulus size in words.*/
#define CRYS_DH_MAX_MOD_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_BYTES/sizeof(uint32_t))
/*! Modulus buffer size in words.*/
#define CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_WORDS + 2)
/*! Maximal domain generation size in bits.*/
#define CRYS_DH_DOMAIN_GENERATION_MAX_SIZE_BITS CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS /*!< \internal RL restrict to 2048 */
/*! Defintion for DH primitives data.*/
#define CRYS_DHPrimeData_t CRYS_RSAPrimeData_t
/*! Defintion for DH public key.*/
#define CRYS_DHUserPubKey_t CRYS_RSAUserPubKey_t
/*! Defintion for DH other info.*/
#define CRYS_DH_OtherInfo_t CRYS_KDF_OtherInfo_t
/*! Keying data size is in bytes*/
#define CRYS_DH_MAX_SIZE_OF_KEYING_DATA CRYS_KDF_MAX_SIZE_OF_KEYING_DATA
/************************ Enums ********************************/
/*! DH operations mode */
typedef enum
{
/*! PKCS3 operation mode. */
CRYS_DH_PKCS3_mode = 0,
/*! ANSI X942 operation mode. */
CRYS_DH_ANSI_X942_mode = 1,
/*! Total number of operation modes. */
CRYS_DH_NumOfModes,
/*! Reserved. */
CRYS_DH_OpModeLast = 0x7FFFFFFF,
}CRYS_DH_OpMode_t;
/*! HASH operation modes */
typedef enum
{
/*! SHA1 operation mode. */
CRYS_DH_HASH_SHA1_mode = CRYS_HASH_SHA1_mode,
/*! SHA224 operation mode. */
CRYS_DH_HASH_SHA224_mode = CRYS_HASH_SHA224_mode,
/*! SHA256 operation mode. */
CRYS_DH_HASH_SHA256_mode = CRYS_HASH_SHA256_mode,
/*! SHA384 operation mode. */
CRYS_DH_HASH_SHA384_mode = CRYS_HASH_SHA384_mode,
/*! SHA512 operation mode. */
CRYS_DH_HASH_SHA512_mode = CRYS_HASH_SHA512_mode,
/*! MD5 operation mode (not used in DH). */
CRYS_DH_HASH_MD5_mode = CRYS_HASH_MD5_mode, /*!< \internal not used in DH */
/*! Total number of HASH modes. */
CRYS_DH_HASH_NumOfModes = CRYS_HASH_MD5_mode,
/*! Reserved. */
CRYS_DH_HASH_OperationModeLast = 0x7FFFFFFF,
}CRYS_DH_HASH_OpMode_t;
/*! Key derivation modes. */
typedef enum
{
/*! ASN1 derivation mode.*/
CRYS_DH_ASN1_Der_mode = CRYS_KDF_ASN1_DerivMode,
/*! Concatination derivation mode.*/
CRYS_DH_Concat_Der_mode = CRYS_KDF_ConcatDerivMode,
/*! X963 derivation mode.*/
CRYS_DH_X963_DerMode = CRYS_KDF_ConcatDerivMode,
/*! Reserved. */
CRYS_DH_DerivationFunc_ModeLast= 0x7FFFFFFF,
}CRYS_DH_DerivationFunc_Mode;
/************************ Typedefs *************************************/
/*! Temporary buffer structure for internal usage.*/
typedef struct
{
/*! Temporary primitives data */
CRYS_DHPrimeData_t PrimeData;
/*! Public key. */
CRYS_DHPubKey_t PubKey;
/*! Temporary buffer for internal usage. */
uint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS];
} CRYS_DH_ExpTemp_t;
/*! Temporary buffer structure for internal usage. */
typedef struct
{
/*! Temporary primitives data */
CRYS_DHPrimeData_t PrimeData;
/*! User's public key. */
CRYS_DHUserPubKey_t UserPubKey;
/*! Temporary buffer for internal usage. */
uint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS];
} CRYS_DH_Temp_t;
/*! Temporary buffer structure for internal usage. */
typedef struct
{
/*! Temporary primitives data */
CRYS_DHPrimeData_t PrimeData;
/*! User's public key. */
CRYS_DHUserPubKey_t UserPubKey;
/*! Temporary buffer for internal usage. */
uint32_t TempBuff[2*CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS];
} CRYS_DH_HybrTemp_t;
/*! Defintion of buffer used for FIPS Known Answer Tests. */
typedef struct
{
/*! Public key. */
CRYS_DHUserPubKey_t pubKey;
/*! Temporary primitives data */
CRYS_DHPrimeData_t primeData;
/*! Buffer for the secret value.*/
uint8_t secretBuff[CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS/SASI_BITS_IN_BYTE]; // KAT tests uses 1024 bit key
} CRYS_DH_FipsKat_t;
/************************ Structs **************************************/
/************************ Public Variables ******************************/
/************************ Public Functions ******************************/
/*******************************************************************************************/
/*!
@brief This function has two purposes:
- Randomly generate the client private key according to the choosen version [PKCS3] or [ANSI X9.42].
- Computes the client public key as follows: ClientPub = Generator^Prv mod Prime, where '^' is the symbol of exponentiation.
This function should not be called directly. Instead, use the macros ::CRYS_DH_PKCS3_GeneratePubPrv and ::CRYS_DH_ANSI_X942_GeneratePubPrv.
\note
All buffer parameters should be in Big-Endian form.
@return CRYS_OK on success.
@return A non-zero value on failure as defined crys_dh_error.h, crys_rnd_error.h or crys_rsa_error.h.
*/
CIMPORT_C CRYSError_t _DX_DH_GeneratePubPrv(
void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */
SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */
uint8_t *Generator_ptr, /*!< [in] Pointer to the Generator octet string. */
uint16_t GeneratorSize, /*!< [in] The size of the Generator string (in bytes). */
uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string P (used as modulus in the algorithm). */
uint16_t PrimeSize, /*!< [in] The size of the Prime string in bytes. */
uint16_t L, /*!< [in] Exact size in bits of the Prime to be generated (relevant only for [PKCS3]):
- If L!=0, force the private key to be [2^(L-1) ? Prv < 2^L], where '^'
indicates exponentiation.
- If L = 0 then [0 < Prv < P-1].
*/
uint8_t *Q_ptr, /*!< [in] Relevant only for [ANSI X9.42] - Pointer to the Q octet string in the range:
1 <= Prv <= Q-1 or 1 < Prv < Q-1. */
uint16_t QSize, /*!< [in] Relevant only for [ANSI X9.42] - Size of the Q string (in bytes). */
CRYS_DH_OpMode_t DH_mode, /*!< [in] An enumerator declaring whether this is [PKCS3] or [ANSI X9.42] mode. */
CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to a temporary buffer for public key structure. Used for the
exponentiation function. */
CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure holding internal temporary buffers. */
uint8_t *ClientPrvKey_ptr, /*!< [out] Pointer to the Private key Prv. This buffer should be at least the following
size (in bytes):
- If L is provided: (L+7)/8.
- If L is NULL: \p PrimeSize.
*/
uint16_t *ClientPrvKeySize_ptr, /*!< [in/out] Pointer to the Private key size:
- Input - size of the given buffer.
- Output - actual size of the generated private key.
*/
uint8_t *ClientPub1_ptr, /*!< [out] Pointer to the Public key. This buffer should be at least \p PrimeSize bytes. */
uint16_t *ClientPubSize_ptr /*!< [in/out] Pointer to the Public key size:
- Input - size of the given buffer.
- Output - actual size of the generated public key.
*/
);
/* macro for calling the GeneratePubPrv function on PKCS#3 mode: Q is irrelevant */
/*--------------------------------------------------------------------------------*/
/*!
This macro is used to generate the public and private DH keys according to [PKCS3]. For a description of the parameters see ::_DX_DH_GeneratePubPrv.
*/
#define CRYS_DH_PKCS3_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,\
Prime_ptr,PrimeSize,\
L,\
tmpPubKey_ptr,tmpPrimeData_ptr,\
ClientPrvKey_ptr,ClientPrvKeySize_ptr,\
ClientPub_ptr,ClientPubSize_ptr)\
_DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\
(Prime_ptr),(PrimeSize),\
(L),\
(uint8_t *)NULL,(uint16_t)0,\
CRYS_DH_PKCS3_mode,\
(tmpPubKey_ptr),(tmpPrimeData_ptr),\
(ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\
(ClientPub_ptr),(ClientPubSize_ptr))
/*!
This macro is used to generate the public and private DH keys according to [ANSI X9.42]. For a description of the parameters see ::_DX_DH_GeneratePubPrv.
*/
#define CRYS_DH_ANSI_X942_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,Prime_ptr,PrimeSize,\
Q_ptr,QSize,\
tmpPubKey_ptr,tmpPrimeData_ptr,\
ClientPrvKey_ptr,ClientPrvKeySize_ptr,\
ClientPub_ptr,ClientPubSize_ptr)\
_DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\
(Prime_ptr),(PrimeSize),\
(uint16_t)0,\
(Q_ptr),(QSize),\
CRYS_DH_ANSI_X942_mode,\
(tmpPubKey_ptr),(tmpPrimeData_ptr),\
(ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\
(ClientPub_ptr),(ClientPubSize_ptr))
/*******************************************************************************************/
/*!
@brief This function computes the shared secret key (value) accordng to [ANSI X9.42], 7.5.1:
SecretKey = ServerPubKey ^ ClientPrvKey mod Prime.
\note - All buffer parameters should be in Big-Endian form.
- The user must obtain assurance of validity of the public key, using one of methods,
described in [ANSI X9.42] paragraph 7.4.
- The actual size of the private key (in bits) must be not less than 2 and not greater than the actual
size of the Prime (modulus in bits).
@return CRYS_OK on success.
@return A non-zero value on failure as defined in crys_dh_error.h or crys_rsa_error.h.
*/
CIMPORT_C CRYSError_t CRYS_DH_GetSecretKey(
uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string Prv < Prime. */
uint16_t ClientPrvKeySize, /*!< [in] The Private key Size (in bytes). */
uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */
uint16_t ServerPubKeySize, /*!< [in] The Server Public key Size (in bytes). */
uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to the public key structure. Used for the exponentiation
operation function. Need not be initialized. */
CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure containing internal temp buffers. */
uint8_t *SecretKey_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at
least PrimeSize bytes. */
uint16_t *SecretKeySize_ptr /*!< [in/out] Pointer to the secret key Buffer Size. This buffer should be at
least of PrimeSize bytes:
- Input - size of the given buffer.
- Output - actual size.
*/
);
/******************************************************************************************/
/*!
@brief This function extracts the shared secret keying data from the shared secret value. It should be called by using
macros ::CRYS_DH_X942_GetSecretDataAsn1 and ::CRYS_DH_X942_GetSecretDataConcat.
\note
- The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for
the other derivation modes.
- If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function
(entry size of empty fields must be set to 0).
- All buffers arguments are represented in Big-Endian form.
@return CRYS_OK on success.
@return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h, crys_kdf_error.h or crys_hash_error.h.
*/
CIMPORT_C CRYSError_t CRYS_DH_X942_GetSecretData(
uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string. */
uint16_t ClientPrvKeySize, /*!< [in] The Private key size (in bytes). */
uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */
uint16_t ServerPubKeySize, /*!< [in] The Server Public key size (in bytes). */
uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing other data, shared by two entities
sharing the secret keying data.
The Maximal size of each data entry of "other info" is limited - see crys_kdf.h
for the defined value. */
CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported
HASH modes for the product (and MD5 is not supported). */
CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The enumerator ID of key derivation function mode. ASN1 or Concatenation
modes are supported. */
CRYS_DH_Temp_t *tmpBuff_ptr, /*!< [in] A pointer to the DH temp buffer structure. Not initialized. */
uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least
PrimeSize bytes. */
uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0,
and smaller than the maximal - CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */
);
/****************************************************************/
/*!
This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on ASN.1. For a
description of the parameters see ::CRYS_DH_X942_GetSecretData.*/
#define CRYS_DH_X942_GetSecretDataAsn1(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_ASN1_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
/*!
This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on concatenation of HASHed data.
For a description of the parameters see ::CRYS_DH_X942_GetSecretData.*/
#define CRYS_DH_X942_GetSecretDataConcat(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_Concat_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
/****************************************************************/
/*!
@brief The function computes shared secret data using two pairs of public and private keys:
- SecretKey1 = ServerPubKey1^ClientPrvKey1 mod Prime.
- SecretKey2 = ServerPubKey2^ClientPrvKey2 mod Prime.
It uses the Derivation function to derive secret keying data from the two secret keys (values).
This function may be called directly, or by using macros ::CRYS_DH_X942_HybridGetSecretDataAsn1 and ::CRYS_DH_X942_HybridGetSecretDataConcat
described above.
\note
- The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for the other derivation modes.
If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function
(entry size of empty fields must be set to 0).
- All buffers arguments are represented in Big-Endian form.
@return CRYS_OK on success.
@return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h or crys_hash_error.h.
*/
CIMPORT_C CRYSError_t CRYS_DH_X942_HybridGetSecretData(
uint8_t *ClientPrvKey_ptr1, /*!< [in] Pointer to the First Private key octet string number. */
uint16_t ClientPrvKeySize1, /*!< [in] The First Private key Size (in bytes). */
uint8_t *ClientPrvKey_ptr2, /*!< [in] Pointer to the Second Private key octet string. */
uint16_t ClientPrvKeySize2, /*!< [in] The Second Private key Size (in bytes). */
uint8_t *ServerPubKey_ptr1, /*!< [in] Pointer to the First Server public key octet string. */
uint16_t ServerPubKeySize1, /*!< [in] The First Server Public key Size (in bytes). */
uint8_t *ServerPubKey_ptr2, /*!< [in] Pointer to the Second Server public key octet string. */
uint16_t ServerPubKeySize2, /*!< [in] The Second Server Public key Size (in bytes). */
uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */
uint16_t PrimeSize, /*!< [in] The size of the Prime string. */
CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing optional other data, shared by two entities
sharing the secret keying data. */
CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported
HASH modes for the product (and MD5 is not supported). */
CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The type of function to use to derive the secret key to the key data.
ASN.1 or Concatenation modes are supported. */
CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, /*!< [in] Pointer to a CRYS_DH_Temp_t structure that contains temp buffers for
internal operations. */
uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least
of size PrimeSize bytes. */
uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0,
and smaller than CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */
);
/****************************************************************/
/*!
This macro implements the DH [X9.42] standard deriving a hybrid secret key from two public-private pair of keys using the Derivation function based on ASN.1.
For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData.*/
#define CRYS_DH_X942_HybridGetSecretDataAsn1(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_ASN1_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
/*!
This macro implements the DH [X9.42] standard, deriving a hybrid secret key from two pairs of public-private keys, using the Derivation
function based on concatenation using SHA-x HASH. For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData.
*/
#define CRYS_DH_X942_HybridGetSecretDataConcat(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\
CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_Concat_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize))
/******************************************************************************************/
/*!
@brief The function checks the obtained DH public key according to its domain parameters [ANSI X9.42-2001]
\note
Assuming: The DH domain parameters are valid.
@return CRYS_OK on success.
@return A non-zero value on failure as defined in crys_dh_error.h.
*/
CIMPORT_C CRYSError_t CRYS_DH_CheckPubKey(
uint8_t *modP_ptr, /*!< [in] The pointer to the modulus (prime) P. */
uint32_t modPsizeBytes, /*!< [in] The modulus size in bytes. */
uint8_t *orderQ_ptr, /*!< [in] The pointer to the prime order Q of generator. */
uint32_t orderQsizeBytes, /*!< [in] The size of order of generator in bytes. */
uint8_t *pubKey_ptr, /*!< [in] The pointer to the public key to be validated. */
uint32_t pubKeySizeBytes, /*!< [in] The public key size in bytes. */
CRYS_DH_Temp_t *tempBuff_ptr /*!< [in] The temp buffer for internal calculations. */
);
#ifdef __cplusplus
}
#endif
/**
@}
*/
#endif