This module defines the API that supports Diffie-Hellman domain.
More...
|
#define | CRYS_DH_SEED_MIN_SIZE_IN_BYTES CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES |
|
#define | CRYS_DH_SEED_MIN_SIZE_IN_BITS (CRYS_DH_SEED_MIN_SIZE_IN_BYTES * 8) |
|
#define | DH_X942_PRIME_MOD_MIN_VAL 1024 |
|
#define | DH_X942_PRIME_MOD_MAX_VAL 2048 |
|
#define | DH_X942_PGEN_COUNTER_CONST 4096 |
|
#define | DH_X942_HASH_SIZE_BITS 160 |
|
#define | DH_SEED_MAX_ADDING_VAL 0xFFFFFFFF |
|
|
CRYSError_t | CRYS_DH_CreateDomainParams (CRYS_RND_Context_t *rndContext_ptr, uint32_t modPsizeBits, uint32_t orderQsizeBits, uint32_t seedSizeBits, uint8_t *modP_ptr, uint8_t *orderQ_ptr, uint8_t *generatorG_ptr, uint32_t *generGsizeBytes_ptr, uint8_t *factorJ_ptr, uint32_t *JsizeBytes_ptr, uint8_t *seedS_ptr, int8_t generateSeed, uint32_t *pgenCounter_ptr, CRYS_DHKGData_t *DHKGbuff_ptr) |
| This function generates DH domain parameters in Galois prime field according to standard [ANS X9.42]. It receives the required sizes (in bits) of the modulus, the generator's order, and the seed, and then generates the prime modulus and the generator according to these parameters. If generateSeed argument is set to 1, the function generates and outputs the random seed. Otherwise (if set to 0), the seed has to be passed as an input argument. According to implementation value of the user passed seed should be not greate, than (2^seedSizeBits - 2^32). The Seed and some additional parameters, generated by the function (factorJ, pgenCounter), are used for checking that all domain parameters are generated according to the standard and not forged. More...
|
|
CRYSError_t | CRYS_DH_CheckDomainParams (CRYS_RND_Context_t *rndContext_ptr, uint8_t *modP_ptr, uint32_t modPsizeBytes, uint8_t *orderQ_ptr, uint32_t orderQsizeBytes, uint8_t *generatorG_ptr, uint32_t generatorSizeBytes, uint8_t *seedS_ptr, uint32_t seedSizeBits, uint32_t pgenCounter, CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr) |
| This function receives DH domain parameters, seed and prime generation counter and then verifies that the domain was created according to the standard [ANS X9.42]. According to implementation value of the user passed seed should be not greate, than (2^seedSizeBits - 2^32). Otherwise an error is returned. More...
|
|
This module defines the API that supports Diffie-Hellman domain.
CRYSError_t CRYS_DH_CheckDomainParams |
( |
CRYS_RND_Context_t * |
rndContext_ptr, |
|
|
uint8_t * |
modP_ptr, |
|
|
uint32_t |
modPsizeBytes, |
|
|
uint8_t * |
orderQ_ptr, |
|
|
uint32_t |
orderQsizeBytes, |
|
|
uint8_t * |
generatorG_ptr, |
|
|
uint32_t |
generatorSizeBytes, |
|
|
uint8_t * |
seedS_ptr, |
|
|
uint32_t |
seedSizeBits, |
|
|
uint32_t |
pgenCounter, |
|
|
CRYS_DHKG_CheckTemp_t * |
checkTempBuff_ptr |
|
) |
| |
This function receives DH domain parameters, seed and prime generation counter and then verifies that the domain was created according to the standard [ANS X9.42]. According to implementation value of the user passed seed should be not greate, than (2^seedSizeBits - 2^32). Otherwise an error is returned.
- Note
- All buffer parameters should be in Big-Endian form. For a description of the parameters see _DX_ECPKI_BuildPublKey.
- Returns
- CRYS_OK on success.
-
A non-zero value on failure as defined crys_dh_error.h.
- Parameters
-
[in,out] | rndContext_ptr | Pointer to the RND context buffer. |
[in] | modP_ptr | Pointer to the modulus (Prime). |
[in] | modPsizeBytes | Size of the modulus (Prime) in bytes. |
[in] | orderQ_ptr | Pointer to the order Q of generator. The size of the buffer for output generated value must be no less than the order size. |
[in] | orderQsizeBytes | Size of the Generator's order in bytes. |
[in] | generatorG_ptr | Pointer to the generator of the multiplicative subgroup in GF(P). |
[in] | generatorSizeBytes | Size of the generator in bytes. |
[in] | seedS_ptr | Random seed used for prime generation. |
[in] | seedSizeBits | Seed size in bits. |
[in] | pgenCounter | Counter of prime generation attempts. |
[in] | checkTempBuff_ptr | Temporary buffer for internal calculations. |
CRYSError_t CRYS_DH_CreateDomainParams |
( |
CRYS_RND_Context_t * |
rndContext_ptr, |
|
|
uint32_t |
modPsizeBits, |
|
|
uint32_t |
orderQsizeBits, |
|
|
uint32_t |
seedSizeBits, |
|
|
uint8_t * |
modP_ptr, |
|
|
uint8_t * |
orderQ_ptr, |
|
|
uint8_t * |
generatorG_ptr, |
|
|
uint32_t * |
generGsizeBytes_ptr, |
|
|
uint8_t * |
factorJ_ptr, |
|
|
uint32_t * |
JsizeBytes_ptr, |
|
|
uint8_t * |
seedS_ptr, |
|
|
int8_t |
generateSeed, |
|
|
uint32_t * |
pgenCounter_ptr, |
|
|
CRYS_DHKGData_t * |
DHKGbuff_ptr |
|
) |
| |
This function generates DH domain parameters in Galois prime field according to standard [ANS X9.42]. It receives the required sizes (in bits) of the modulus, the generator's order, and the seed, and then generates the prime modulus and the generator according to these parameters. If generateSeed argument is set to 1, the function generates and outputs the random seed. Otherwise (if set to 0), the seed has to be passed as an input argument. According to implementation value of the user passed seed should be not greate, than (2^seedSizeBits - 2^32). The Seed and some additional parameters, generated by the function (factorJ, pgenCounter), are used for checking that all domain parameters are generated according to the standard and not forged.
- Note
- All buffer parameters should be in Big-Endian form.
- Returns
- CRYS_OK on success.
-
A non-zero value on failure as defined crys_dh_error.h.
- Parameters
-
[in,out] | rndContext_ptr | Pointer to the RND context buffer. |
[in] | modPsizeBits | Size of the modulus (Prime) in bits equal 256*n, where n >= 4. FIPS 186-4 defines sizes 1024 and 2048 bit. |
[in] | orderQsizeBits | Size of the Generator's order in bits. FIPS 186-4 defines orderQSizeBits = 160 for modulus 1024 bit and 224 or 256 bit for modPSizeBits = 2048. We not recommend sizes > 256 and returns an error if orderQSizeBits > modPSizeBits/4 |
[in] | seedSizeBits | Seed size in bits. Requirements: modPSizeBits >= seedSizeBits >= orderQSizeBits (the first is required by our implementation). |
[out] | modP_ptr | Pointer to the modulus (Prime) buffer of defined structure. The size of the buffer for output generated value must be no less than modulus size. |
[out] | orderQ_ptr | Pointer to the order Q of generator. The size of the buffer for output generated value must be no less than the order size. |
[out] | generatorG_ptr | Pointer to the generator of multiplicative subgroup in GF(P). If the user does not need this output, then both the pointer and the buffer size must be set to 0. |
[in,out] | generGsizeBytes_ptr | Pointer to the one word buffer for outputting the generator's size. The passed size (if needed) must be no less than modulus size. The function returns the actual size of the generator. |
[out] | factorJ_ptr | Pointer to the buffer for integer factor J. If NULL, the function does not output this parameter. |
[in,out] | JsizeBytes_ptr | Pointer to the size of integer factor J. If NULL, the function does not output this parameter. |
[in,out] | seedS_ptr | Random seed used for prime generation. The size of the buffer for output generated value must be at least the seed size. |
[in] | generateSeed | Flag defining whether the seed should be generated randomly by the function (1) or passed by the user (0). |
[out] | pgenCounter_ptr | Pointer to counter of tries to generate the primes. If NULL, the function does not output this parameter. |
[out] | DHKGbuff_ptr | The temp buffer of defined structure for internal calculations. |