1 /*
2 * Copyright (c) 2001-2020, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #define CC_PAL_LOG_CUR_COMPONENT CC_LOG_MASK_ASYM_ECC
8
9 /************* Include Files ****************/
10
11
12 #include "cc_pal_mem.h"
13 #include "cc_ecpki_error.h"
14 #include "cc_ecpki_local.h"
15 #include "cc_ecpki_ecdsa.h"
16 #include "cc_common.h"
17 #include "cc_common_math.h"
18 #include "cc_hash_defs.h"
19 #include "cc_rnd_common.h"
20 #include "cc_rsa_types.h"
21 #include "cc_fips_defs.h"
22 #include "ec_wrst.h"
23 #ifdef USE_MBEDTLS_CRYPTOCELL
24 #include "cc_general_defs.h"
25 #include "mbedtls/md.h"
26 #endif
27
28 /************************ Defines *****************************************/
29 #if ( CC_HASH_USER_CTX_SIZE_IN_WORDS > CC_PKA_RSA_HASH_CTX_SIZE_IN_WORDS )
30 #error CC_PKA_RSA_HASH_CTX_SIZE_IN_WORDS or CC_HASH_USER_CTX_SIZE_IN_WORDS defined not correctly.
31 #endif
32
33 /************************ Enums *******************************************/
34
35 /************************ Typedefs ****************************************/
36
37 /************************ Global Data *************************************/
38
39 extern const CCEcpkiHash_t ecpki_hash_info[CC_ECPKI_HASH_NumOfModes];
40 extern const uint8_t ecpki_supported_hash_modes[CC_ECPKI_HASH_NumOfModes];
41 /************* Private function prototype *********************************/
42
43 /************************ Public Functions ********************************/
44
45
46 /**************************************************************************
47 * EcdsaSignInit function
48 **************************************************************************/
49 /**
50 \brief
51 The EcdsaSignInit functions user shall call first to perform the
52 EC DSA Signing operation.
53
54 The function performs the following steps:
55 -# Validates all the inputs of the function. If one of the received
56 parameters is not valid, the function returns an error.
57 -# Initializes the working context and other variables and structures.
58 -# Calls the CC_HashInit() function.
59 -# Exits the handler with the OK code.
60
61 This function does not do ECDSA cryptographic processing. Rather, it
62 prepares a context that is used by the Update() and Finish() functions.
63
64 NOTE: Using of HASH functions with HASH size great, than EC modulus size, is not recommended!
65
66
67 @param[in,out] pSignUserContext A pointer to the user buffer for signing data.
68 @param[in] pSignerPrivKey A pointer to the private key that will be used to
69 sign the data.
70 @param[in] hashMode Defines the hash mode used for DSA.
71
72 @return <b>CCError_t</b>: <br>
73 CC_OK<br>
74 CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR
75 CC_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR
76 CC_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR
77 CC_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR
78 CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR
79 */
EcdsaSignInit(CCEcdsaSignUserContext_t * pSignUserContext,CCEcpkiUserPrivKey_t * pSignerPrivKey,CCEcpkiHashOpMode_t hashMode)80 CEXPORT_C CCError_t EcdsaSignInit(CCEcdsaSignUserContext_t *pSignUserContext, /*in/out*/
81 CCEcpkiUserPrivKey_t *pSignerPrivKey, /*in*/
82 CCEcpkiHashOpMode_t hashMode /*in*/ )
83 {
84
85 /* FUNCTION DECLARATIONS */
86
87 /* The return error identifier */
88 CCError_t err = CC_OK;
89 /* defining a pointer to the active context allcated by the CCM */
90 EcdsaSignContext_t *pWorkingContext;
91 #ifdef USE_MBEDTLS_CRYPTOCELL
92 const mbedtls_md_info_t *md_info=NULL;
93 #endif
94
95 /* FUNCTION LOGIC */
96 pWorkingContext = (EcdsaSignContext_t*)&pSignUserContext->context_buff;
97
98 /* ............... checking the parameters validity ................... */
99 /* -------------------------------------------------------------------- */
100
101 /* if the users context ID pointer is NULL return an error */
102 if (pSignUserContext == NULL){
103 return CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR;
104 }
105
106 /*if the private key object is NULL return an error*/
107 if (pSignerPrivKey == NULL){
108 err = CC_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR;
109 goto End;
110 }
111
112 /* check if the hash operation mode is legal */
113 if (hashMode >= CC_ECPKI_HASH_NumOfModes){
114 err = CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR;
115 goto End;
116 }
117
118 if (pSignerPrivKey->valid_tag != CC_ECPKI_PRIV_KEY_VALIDATION_TAG){
119 err = CC_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR;
120 goto End;
121 }
122
123 /* reset the Context handler for improper previous values initialized */
124 CC_PalMemSetZero(pWorkingContext, sizeof(EcdsaSignContext_t));
125
126 /* ................. loading the context .................................. */
127 /* ------------------------------------------------------------------------ */
128
129 /*Initializing the Hash operation mode in the ECDSA Context */
130
131 if (ecpki_supported_hash_modes[hashMode] == CC_FALSE) {
132 err = CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR;
133 goto End;
134 }
135
136 pWorkingContext->hashMode = hashMode;
137 pWorkingContext->hashResultSizeWords = ecpki_hash_info[pWorkingContext->hashMode].hashResultSize;
138
139 if (ecpki_hash_info[pWorkingContext->hashMode].hashMode < CC_HASH_NumOfModes) {
140 #ifdef USE_MBEDTLS_CRYPTOCELL
141 md_info = mbedtls_md_info_from_string( HashAlgMode2mbedtlsString[ecpki_hash_info[pWorkingContext->hashMode].hashMode] );
142 if (NULL == md_info) {
143 err = CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR;
144 goto End;
145 }
146 mbedtls_md_init(&(pWorkingContext->hash_ctx));
147 err = mbedtls_md_setup(&(pWorkingContext->hash_ctx), md_info, 0); // 0 = HASH, not HMAC
148 if (err != 0) {
149 goto End;
150 }
151 err = mbedtls_md_starts(&(pWorkingContext->hash_ctx));
152 #else
153 err = CC_HashInit(&(pWorkingContext->hashUserCtxBuff),
154 ecpki_hash_info[pWorkingContext->hashMode].hashMode);
155 #endif
156 if (err != CC_OK)
157 goto End;
158 }
159
160 /* copy the ECPKI Private key to the context*/
161 CC_PalMemCopy(&pWorkingContext->ECDSA_SignerPrivKey, pSignerPrivKey, sizeof(CCEcpkiUserPrivKey_t));
162
163 /* set the ECDSA validation tag */
164 pSignUserContext->valid_tag = CC_ECDSA_SIGN_CONTEXT_VALIDATION_TAG;
165
166 End:
167 /* clear the users context in case of error */
168 if (err != CC_OK) {
169 #ifdef USE_MBEDTLS_CRYPTOCELL
170 if(md_info!=NULL){
171 mbedtls_md_free(&(pWorkingContext->hash_ctx));
172 }
173 #endif
174 CC_PalMemSetZero(pSignUserContext, sizeof(CCEcdsaSignUserContext_t));
175 }
176
177 return err;
178
179 }/* _DX_ECDSA_SignInit */
180
181
182
183 /**************************************************************************
184 * EcdsaSignUpdate function
185 **************************************************************************/
186 /**
187 @brief Performs a hash operation on data allocated by the user
188 before finally signing it.
189
190 In case user divides signing data by block, he must call the Update function
191 continuously a number of times until processing of the entire data block is complete.
192
193 NOTE: Using of HASH functions with HASH size great, than EC modulus size,
194 is not recommended!
195
196 @param [in,out] pSignUserContext - The pointer to the user buffer for signing the database.
197 @param [in] pMessageDataIn - The pointer to the message data block for calculating the HASH.
198 @param [in] dataInSize - The size of the message data block, in bytes. The data size,
199 passed on each call of the function, besides the last call, must be a multiple of
200 the HASH block size according to used HASH mode.
201
202 @return <b>CCError_t</b>: <br>
203 CC_OK<br>
204 CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR
205 CC_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR
206 CC_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR
207 CC_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR
208 CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR
209 */
EcdsaSignUpdate(CCEcdsaSignUserContext_t * pSignUserContext,uint8_t * pMessageDataIn,size_t dataInSize)210 CEXPORT_C CCError_t EcdsaSignUpdate(
211 CCEcdsaSignUserContext_t *pSignUserContext, /*in/out*/
212 uint8_t *pMessageDataIn, /* in */
213 size_t dataInSize /* in */ )
214 {
215 /* FUNCTION DECLERATIONS */
216
217 /* The return error identifier */
218 CCError_t err = CC_OK;
219
220 /* pointers to the inner contexts */
221 EcdsaSignContext_t *pWorkingContext;
222
223 /* FUNCTION LOGIC */
224
225 /* sign working context */
226 pWorkingContext = (EcdsaSignContext_t*)&pSignUserContext->context_buff;
227
228 /* ....... checking the parameters validity ......... */
229 /* -------------------------------------------------------------------- */
230
231 /* if the users context pointer is NULL return an error */
232 if (pSignUserContext == NULL){
233 return CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR;
234 }
235
236 /* if the users context TAG is illegal return an error - the context is invalid */
237 if (pSignUserContext->valid_tag != CC_ECDSA_SIGN_CONTEXT_VALIDATION_TAG) {
238 err = CC_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR;
239 goto End;
240 }
241
242 /* if the users MessageDataIn pointer is illegal return an error */
243 if (pMessageDataIn == NULL && dataInSize) {
244 err = CC_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR;
245 goto End;
246 }
247
248 /* check that the data size < 2^29 (to prevent an overflow on the
249 transition to bits ) */
250 if (dataInSize >= (1UL << 29)) {
251 err = CC_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR;
252 goto End;
253 }
254
255 /* HASH update operations */
256 if (ecpki_hash_info[pWorkingContext->hashMode].hashMode < CC_HASH_NumOfModes) {
257 /*Operate the Hash update function for relevant version */
258 #ifdef USE_MBEDTLS_CRYPTOCELL
259 err = mbedtls_md_update(&(pWorkingContext->hash_ctx), pMessageDataIn, dataInSize);
260 #else
261 err = CC_HashUpdate( &(pWorkingContext->hashUserCtxBuff), pMessageDataIn, dataInSize );
262 #endif
263 if (err != CC_OK) {
264 goto End;
265 }
266 } else {
267 if (dataInSize != pWorkingContext->hashResultSizeWords*sizeof(uint32_t)) {
268 /* DataInSize must fit exactly to the size of Hash output that we support */
269 err = CC_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR;
270 goto End;
271 }
272 /* Copy the DataIn_ptr to the HASH_Result */
273 CC_PalMemCopy((uint8_t*)pWorkingContext->hashResult, pMessageDataIn, dataInSize);
274 }
275
276
277 End:
278 /* clear the users context in case of error */
279 if (err != CC_OK) {
280 #ifdef USE_MBEDTLS_CRYPTOCELL
281 mbedtls_md_free(&(pWorkingContext->hash_ctx));
282 #endif
283 CC_PalMemSetZero(pSignUserContext, sizeof(CCEcdsaSignUserContext_t));
284 }
285
286 return err;
287
288 }/* EcdsaSignUpdate */
289
290
291
292
293 /**************************************************************************
294 * EcdsaSignFinishInt function
295 **************************************************************************/
296 /**
297 @brief Performs initialization of variables and structures, calls the hash function
298 for the last block of data (if necessary) and then calculates digital signature.
299
300 NOTE: Using of HASH functions with HASH size great, than EC modulus size,
301 is not recommended!
302 Algorithm according ANS X9.62 standard
303
304 @param[in] pSignUserContext - A pointer to the user buffer for signing database.
305 @param[in,out] pRndContext - A pointer to the random generation function context.
306 @param[in] pSignatureOut - A pointer to a buffer for output of signature.
307 @param[in,out] pSignatureOutSize- A pointer to the size of a user passed buffer
308 for signature (in), be not less than 2*orderSizeInBytes.
309 @param[out] isEphemerKeyInternal - A parameter defining whether the ephemeral key
310 is internal or external (1 or 0).
311 @param[out] pEphemerKeyData - A pointer to external ephemeral key data. If it is given
312 (in case isEphemerKeyInternal=0), then the buffer must containing the
313 ephemeral private key of size equal to EC generator order size, where
314 LS-word is left most and MS-word is right most one.
315
316 @return <b>CCError_t</b>: <br>
317 CC_OK<br>
318 CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR <br>
319 CC_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR <br>
320 CC_ECDSA_SIGN_INVALID_RND_CONTEXT_PTR_ERROR <br>
321 CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR <br>
322 CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR <br>
323 CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR <br>
324 CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR <br>
325 CC_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR <br>
326 CC_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR <br>
327 **/
EcdsaSignFinishInt(CCEcdsaSignUserContext_t * pSignUserContext,CCRndContext_t * pRndContext,uint8_t * pSignOut,size_t * pSignOutSize,uint32_t isEphemerKeyInternal,uint32_t * pEphemerKeyData)328 CEXPORT_C CCError_t EcdsaSignFinishInt(
329 CCEcdsaSignUserContext_t *pSignUserContext, /*in*/
330 CCRndContext_t *pRndContext, /*in/out*/
331 uint8_t *pSignOut, /*out*/
332 size_t *pSignOutSize, /*in/out*/
333 uint32_t isEphemerKeyInternal,/*in*/
334 uint32_t *pEphemerKeyData /*in*/)
335 {
336 /* FUNCTION DECLARATIONS */
337
338 /* The return error identifier */
339 CCError_t err = CC_OK;
340
341 /* pointer to the active context */
342 EcdsaSignContext_t *pWorkingContext;
343
344 /* pointer to private key structure in ccmWorkingContext */
345 CCEcpkiPrivKey_t *pPrivKey;
346 /* pointer to the current domain */
347 CCEcpkiDomain_t *pDomain;
348
349 uint32_t orderSizeInBytes = 0, orderSizeInWords = 0;
350 uint32_t *pSignC, *pSignD;
351 uint32_t *pMessRepres;
352 uint32_t hashSizeWords;
353 uint32_t *pTempBuff;
354
355 /* FUNCTION LOGIC */
356
357 /* the pointer to the internal Sign context */
358 pWorkingContext = (EcdsaSignContext_t*)&pSignUserContext->context_buff;
359
360 /* ............... checking the parameters validity ................... */
361 /* -------------------------------------------------------------------- */
362
363 /* check the user context and RND context pointers */
364 if (pSignUserContext == NULL){
365 return CC_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR;
366 }
367
368 if (pRndContext == NULL){
369 err = CC_ECDSA_SIGN_INVALID_RND_CONTEXT_PTR_ERROR;
370 goto End;
371 }
372
373 /* check the user's context tag */
374 if (pSignUserContext->valid_tag != CC_ECDSA_SIGN_CONTEXT_VALIDATION_TAG){
375 err = CC_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR;
376 goto End;
377 }
378
379 /* check the user's SignatureOut and SignatureOutSize pointers */
380 if (pSignOut == NULL){
381 err = CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR;
382 goto End;
383 }
384
385 if (pSignOutSize == NULL){
386 err = CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR;
387 goto End;
388 }
389
390 /* check isEphemerKeyInternal value and ephemeral key data pointer */
391 if (isEphemerKeyInternal > 1){
392 err = CC_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR;
393 goto End;
394 }
395
396 if (isEphemerKeyInternal == 0 && pEphemerKeyData == NULL){
397 err = CC_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR;
398 goto End;
399 }
400
401 /* ............. checking the validity of context ........ */
402 /* ------------------------------------------------------- */
403
404 /* check Hash mode */
405 if (pWorkingContext->hashMode >= CC_ECPKI_HASH_NumOfModes){
406 err = CC_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR;
407 goto End;
408 }
409
410 pPrivKey = (CCEcpkiPrivKey_t *)&pWorkingContext->ECDSA_SignerPrivKey.PrivKeyDbBuff;
411 /* Initializing domain parameters */
412 pDomain = &pPrivKey->domain;
413 orderSizeInBytes = CALC_FULL_BYTES(pDomain->ordSizeInBits);
414 orderSizeInWords = CALC_FULL_32BIT_WORDS(pDomain->ordSizeInBits);
415 hashSizeWords = pWorkingContext->hashResultSizeWords;
416
417 /* Temp buffers */
418 pMessRepres = ((EcWrstDsaSignDb_t*)&pWorkingContext->ecdsaSignIntBuff)->tempBuff;
419 pSignC = pMessRepres + orderSizeInWords;
420 pSignD = pSignC + orderSizeInWords;
421 pTempBuff = pSignD + orderSizeInWords;
422
423 /* If the received output buffer is small than 2*orderSizeInBytes then return an error */
424 if (*pSignOutSize < 2*orderSizeInBytes){
425 err = CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR;
426 goto End;
427 }
428
429 /* Operating the HASH Finish function; only if it is needed */
430 if (pWorkingContext->hashMode <= CC_ECPKI_HASH_SHA512_mode) {
431 #ifdef USE_MBEDTLS_CRYPTOCELL
432 err = mbedtls_md_finish(&(pWorkingContext->hash_ctx), (unsigned char *)pWorkingContext->hashResult);
433 #else
434 err = CC_HashFinish(&(pWorkingContext->hashUserCtxBuff), pWorkingContext->hashResult);
435 #endif
436 if (err != CC_OK)
437 goto End;
438 }
439
440 /* Derive message representative from HASH_Result: MessageRepresent =
441 leftmost OrderSizeInBits bits of HASH_Result */
442
443 /* Set 0 to MessageRepresent buffer of length OrdSizeInWords */
444 CC_PalMemSetZero(pMessRepres, sizeof(uint32_t)*orderSizeInWords);
445
446 /* Derive message representative = leftmost OrderSizeInBits bits of HASH_Result */
447 /* Add change Endianness for BE CPU */
448 if (pDomain->ordSizeInBits >= 32*hashSizeWords) {
449 CC_CommonReverseMemcpy((uint8_t*)pMessRepres, (uint8_t*)(pWorkingContext->hashResult),
450 sizeof(uint32_t)*hashSizeWords);
451 } else {
452 EcWrstDsaTruncateMsg(pMessRepres,
453 (uint8_t*)(pWorkingContext->hashResult), pDomain->ordSizeInBits);
454 }
455
456
457 /* ******** Call LLF ECDSA Sinature function ************ */
458 err = EcWrstDsaSign(
459 pRndContext, pPrivKey,
460 pMessRepres,
461 isEphemerKeyInternal, pEphemerKeyData,
462 pSignC, pSignD, pTempBuff);
463
464 if (err != CC_OK) {
465 err = CC_ECDSA_SIGN_SIGNING_ERROR;
466 goto End;
467 }
468
469 /* Output the reversed C,D strings of length orderSizeInBytes */
470 err = CC_CommonConvertLswMswWordsToMsbLsbBytes(
471 pSignOut, orderSizeInBytes,
472 pSignC, orderSizeInBytes);
473 if (err != CC_OK) {
474 err = CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR;
475 goto End;
476 }
477
478 err = CC_CommonConvertLswMswWordsToMsbLsbBytes(
479 pSignOut + orderSizeInBytes, orderSizeInBytes,
480 pSignD, orderSizeInBytes);
481 if (err != CC_OK) {
482 err = CC_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR;
483 goto End;
484 }
485
486 *pSignOutSize = 2*orderSizeInBytes;
487
488
489 End:
490 if (err != CC_OK) {
491 CC_PalMemSetZero(pSignOut, (2*orderSizeInBytes));
492 }
493 #ifdef USE_MBEDTLS_CRYPTOCELL
494 mbedtls_md_free(&(pWorkingContext->hash_ctx));
495 #endif
496 /* clear the users context */
497 CC_PalMemSetZero(pSignUserContext, sizeof(CCEcdsaSignUserContext_t));
498
499 return err;
500
501 }/* EcdsaSignFinish */
502
503
504
505 /**************************************************************************
506 * CC_EcdsaSign - integrated function
507 **************************************************************************/
508 /**
509 @brief Performs all of the ECDSA signing operations simultaneously.
510
511 This function simply calls the Init, Update and Finish functions continuously.
512 This function's prototype is similar to the prototypes of the called functions
513 and includes all of their input and output arguments.
514
515 NOTE: Signature lgorithm according ANS X9.62 standard
516 Using of HASH functions with HASH size great, than EC modulus size, is not recommended!
517
518 @param[in,out] pRndContext - A pointer to the random generation function context.
519 @param[in,out] pSignUserContext - A pointer to the user buffer for signing database.
520 @param[in] pSignerPrivKey - A pointer to a user private key structure.
521 @param[in] hashMode - The enumerator variable defines hash function to be used.
522 @param[in] pMessageDataIn - A message data for calculation of hash.
523 @param[in] messageSizeInBytes - A size of block of message data in bytes.
524 @param[in] SignOut_ptr - A pointer to a buffer for output of signature.
525 @param[in,out] SignOutSize_ptr - A pointer to the size of user passed buffer for signature (in)
526 and size of actual signature (out). The size of buffer
527 must be not less than 2*OrderSizeInBytes.
528
529 @return <b>CCError_t
530 **/
CC_EcdsaSign(CCRndContext_t * pRndContext,CCEcdsaSignUserContext_t * pSignUserContext,CCEcpkiUserPrivKey_t * pSignerPrivKey,CCEcpkiHashOpMode_t hashMode,uint8_t * pMessageDataIn,size_t messageSizeInBytes,uint8_t * pSignOut,size_t * pSignOutSize)531 CEXPORT_C CCError_t CC_EcdsaSign(
532 CCRndContext_t *pRndContext, /*in/out*/
533 CCEcdsaSignUserContext_t *pSignUserContext, /*in/out*/
534 CCEcpkiUserPrivKey_t *pSignerPrivKey, /*in*/
535 CCEcpkiHashOpMode_t hashMode, /*in*/
536 uint8_t *pMessageDataIn, /*in*/
537 size_t messageSizeInBytes, /*in*/
538 uint8_t *pSignOut, /*out*/
539 size_t *pSignOutSize /*in*/)
540 {
541 /* FUNCTION DECLARATIONS */
542
543 /* The return error identifier */
544 CCError_t err = CC_OK;
545
546 /* FUNCTION LOGIC */
547 CHECK_AND_RETURN_ERR_UPON_FIPS_ERROR();
548
549 /***** EcdsaSignInit ********/
550 err = EcdsaSignInit( pSignUserContext, pSignerPrivKey, hashMode );
551
552 if (err!=CC_OK)
553 return err;
554
555 /***** EcdsaSignUpdate ********/
556 err = EcdsaSignUpdate(pSignUserContext, pMessageDataIn,
557 messageSizeInBytes);
558 if (err!=CC_OK)
559 return err;
560
561 /***** EcdsaSignFinish ********/
562 err = EcdsaSignFinish(pSignUserContext, pRndContext,
563 pSignOut, pSignOutSize);
564 return err;
565
566 }/* END OF CC_EcdsaSign */
567
568
569
570
571
