xref: /freebsd/crypto/libecc/include/libecc/sig/bign_common.h (revision dd21556857e8d40f66bf5ad54754d9d52669ebf7)
1 /*
2  *  Copyright (C) 2022 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *
8  *  This software is licensed under a dual BSD and GPL v2 license.
9  *  See LICENSE file at the root folder of the project.
10  */
11 #include <libecc/lib_ecc_config.h>
12 #include <libecc/lib_ecc_types.h>
13 #if defined(WITH_SIG_BIGN) || defined(WITH_SIG_DBIGN)
14 
15 #ifndef __BIGN_COMMON_H__
16 #define __BIGN_COMMON_H__
17 
18 #include <libecc/words/words.h>
19 #include <libecc/sig/ec_key.h>
20 #include <libecc/hash/hash_algs.h>
21 #include <libecc/curves/curves.h>
22 #include <libecc/utils/utils.h>
23 
24 
25 /* NOTE: BIGN uses per its standard the BELT-HASH hash function as its "internal"
26  * hash function, as well as the BELT encryption block cipher during the deterministic
27  * computation of the nonce for the deterministic version of BIGN.
28  * Hence the sanity check below.
29  */
30 #if !defined(WITH_HASH_BELT_HASH)
31 #error "BIGN and DBIGN need BELT-HASH, please activate it!"
32 #endif
33 
34 #define BIGN_S0_LEN(q_bit_len)	(BYTECEIL(q_bit_len) / 2)
35 #define BIGN_S1_LEN(q_bit_len)  (BYTECEIL(q_bit_len))
36 #define BIGN_SIGLEN(q_bit_len) (BIGN_S0_LEN(q_bit_len) + \
37 				 BIGN_S1_LEN(q_bit_len))
38 #define BIGN_MAX_SIGLEN BIGN_SIGLEN(CURVES_MAX_Q_BIT_LEN)
39 
40 /*
41  * Compute max signature length for all the mechanisms enabled
42  * in the library (see lib_ecc_config.h). Having that done during
43  * preprocessing sadly requires some verbosity.
44  */
45 #ifndef EC_MAX_SIGLEN
46 #define EC_MAX_SIGLEN 0
47 #endif
48 #if ((EC_MAX_SIGLEN) < (BIGN_MAX_SIGLEN))
49 #undef EC_MAX_SIGLEN
50 #define EC_MAX_SIGLEN BIGN_MAX_SIGLEN
51 #endif
52 
53 
54 /* The additional data for bign are specific. We provide
55  * helpers to extract them from an adata pointer.
56  */
57 int bign_get_oid_from_adata(const u8 *adata, u16 adata_len, const u8 **oid_ptr, u16 *oid_len);
58 
59 int bign_get_t_from_adata(const u8 *adata, u16 adata_len, const u8 **t_ptr, u16 *t_len);
60 
61 int bign_set_adata(u8 *adata, u16 adata_len, const u8 *oid, u16 oid_len, const u8 *t, u16 t_len);
62 
63 
64 typedef struct {
65 	hash_context h_ctx;
66 	word_t magic;
67 } bign_sign_data;
68 
69 struct ec_sign_context;
70 
71 ATTRIBUTE_WARN_UNUSED_RET int __bign_init_pub_key(ec_pub_key *out_pub, const ec_priv_key *in_priv, ec_alg_type key_type);
72 
73 ATTRIBUTE_WARN_UNUSED_RET int __bign_siglen(u16 p_bit_len, u16 q_bit_len, u8 hsize, u8 blocksize, u8 *siglen);
74 
75 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_init(struct ec_sign_context *ctx, ec_alg_type key_type);
76 
77 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_update(struct ec_sign_context *ctx,
78 		       const u8 *chunk, u32 chunklen, ec_alg_type key_type);
79 
80 ATTRIBUTE_WARN_UNUSED_RET int __bign_sign_finalize(struct ec_sign_context *ctx, u8 *sig, u8 siglen, ec_alg_type key_type);
81 
82 typedef struct {
83 	u8 s0_sig[BIGN_S0_LEN(CURVES_MAX_Q_BIT_LEN)];
84 	nn s0;
85 	nn s1;
86 	hash_context h_ctx;
87 	word_t magic;
88 } bign_verify_data;
89 
90 struct ec_verify_context;
91 
92 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_init(struct ec_verify_context *ctx,
93 		       const u8 *sig, u8 siglen, ec_alg_type key_type);
94 
95 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_update(struct ec_verify_context *ctx,
96 			 const u8 *chunk, u32 chunklen, ec_alg_type key_type);
97 
98 ATTRIBUTE_WARN_UNUSED_RET int __bign_verify_finalize(struct ec_verify_context *ctx, ec_alg_type key_type);
99 
100 #endif /* __BIGN_COMMON_H__ */
101 #endif /* defined(WITH_SIG_BIGN) || defined(WITH_SIG_DBIGN) */
102