1 /* 2 * Copyright (C) 2022 - This file is part of libecc project 3 * 4 * Authors: 5 * Ryad BENADJILA <ryadbenadjila@gmail.com> 6 * Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr> 7 * 8 * This software is licensed under a dual BSD and GPL v2 license. 9 * See LICENSE file at the root folder of the project. 10 */ 11 #include <libecc/lib_ecc_config.h> 12 #include <libecc/lib_ecc_types.h> 13 #if defined(WITH_SIG_BIGN) || defined(WITH_SIG_DBIGN) 14 15 #ifndef __BIGN_COMMON_H__ 16 #define __BIGN_COMMON_H__ 17 18 #include <libecc/words/words.h> 19 #include <libecc/sig/ec_key.h> 20 #include <libecc/hash/hash_algs.h> 21 #include <libecc/curves/curves.h> 22 #include <libecc/utils/utils.h> 23 24 25 /* NOTE: BIGN uses per its standard the BELT-HASH hash function as its "internal" 26 * hash function, as well as the BELT encryption block cipher during the deterministic 27 * computation of the nonce for the deterministic version of BIGN. 28 * Hence the sanity check below. 29 */ 30 #if !defined(WITH_HASH_BELT_HASH) 31 #error "BIGN and DBIGN need BELT-HASH, please activate it!" 32 #endif 33 34 #define BIGN_S0_LEN(q_bit_len) (BYTECEIL(q_bit_len) / 2) 35 #define BIGN_S1_LEN(q_bit_len) (BYTECEIL(q_bit_len)) 36 #define BIGN_SIGLEN(q_bit_len) (BIGN_S0_LEN(q_bit_len) + \ 37 BIGN_S1_LEN(q_bit_len)) 38 #define BIGN_MAX_SIGLEN BIGN_SIGLEN(CURVES_MAX_Q_BIT_LEN) 39 40 /* 41 * Compute max signature length for all the mechanisms enabled 42 * in the library (see lib_ecc_config.h). Having that done during 43 * preprocessing sadly requires some verbosity. 44 */ 45 #ifndef EC_MAX_SIGLEN 46 #define EC_MAX_SIGLEN 0 47 #endif 48 #if ((EC_MAX_SIGLEN) < (BIGN_MAX_SIGLEN)) 49 #undef EC_MAX_SIGLEN 50 #define EC_MAX_SIGLEN BIGN_MAX_SIGLEN 51 #endif 52 53 54 /* The additional data for bign are specific. We provide 55 * helpers to extract them from an adata pointer. 56 */ 57 int bign_get_oid_from_adata(const u8 *adata, u16 adata_len, const u8 **oid_ptr, u16 *oid_len); 58 59 int bign_get_t_from_adata(const u8 *adata, u16 adata_len, const u8 **t_ptr, u16 *t_len); 60 61 int bign_set_adata(u8 *adata, u16 adata_len, const u8 *oid, u16 oid_len, const u8 *t, u16 t_len); 62 63 64 typedef struct { 65 hash_context h_ctx; 66 word_t magic; 67 } bign_sign_data; 68 69 struct ec_sign_context; 70 71 ATTRIBUTE_WARN_UNUSED_RET int __bign_init_pub_key(ec_pub_key *out_pub, const ec_priv_key *in_priv, ec_alg_type key_type); 72 73 ATTRIBUTE_WARN_UNUSED_RET int __bign_siglen(u16 p_bit_len, u16 q_bit_len, u8 hsize, u8 blocksize, u8 *siglen); 74 75 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_init(struct ec_sign_context *ctx, ec_alg_type key_type); 76 77 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_update(struct ec_sign_context *ctx, 78 const u8 *chunk, u32 chunklen, ec_alg_type key_type); 79 80 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_finalize(struct ec_sign_context *ctx, u8 *sig, u8 siglen, ec_alg_type key_type); 81 82 typedef struct { 83 u8 s0_sig[BIGN_S0_LEN(CURVES_MAX_Q_BIT_LEN)]; 84 nn s0; 85 nn s1; 86 hash_context h_ctx; 87 word_t magic; 88 } bign_verify_data; 89 90 struct ec_verify_context; 91 92 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_init(struct ec_verify_context *ctx, 93 const u8 *sig, u8 siglen, ec_alg_type key_type); 94 95 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_update(struct ec_verify_context *ctx, 96 const u8 *chunk, u32 chunklen, ec_alg_type key_type); 97 98 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_finalize(struct ec_verify_context *ctx, ec_alg_type key_type); 99 100 #endif /* __BIGN_COMMON_H__ */ 101 #endif /* defined(WITH_SIG_BIGN) || defined(WITH_SIG_DBIGN) */ 102