1 /* 2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef _CC_FFC_DOMAIN_H 8 #define _CC_FFC_DOMAIN_H 9 10 #include "cc_pka_defs_hw.h" 11 #include "cc_pal_types.h" 12 #include "cc_pal_compiler.h" 13 #include "cc_hash_defs.h" 14 #include "cc_rnd_common.h" 15 16 #ifdef __cplusplus 17 extern "C" 18 { 19 #endif 20 21 /*! @file 22 @brief This file defines the API that supports FFC Domain generation domain. 23 @defgroup cc_ffcdh_domain CryptoCell FFC Domain Generation APIs 24 @{ 25 @ingroup cc_ffc_domain 26 27 */ 28 29 /************************ Defines ******************************/ 30 31 /*! Maximal prime P (modulus) size .*/ 32 #define CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_BITS 2048 /* 3072 - for FFC DSA FIPS 186-4 sec. 4.2 . */ 33 #define CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_BYTES (CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_BITS / CC_BITS_IN_BYTE) 34 #define CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS (CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_BYTES/CC_32BIT_WORD_SIZE) 35 /*! Minimal valid key size in bits.*/ 36 #define CC_FFC_DOMAIN_MIN_VALID_MOD_SIZE_VALUE_IN_BITS 1024 /*!< Size limitation according the same standard */ 37 38 /*! Prime P (modulus) buffer size in words.*/ 39 #define CC_FFC_DOMAIN_MAX_MOD_BUFFER_SIZE_IN_WORDS (CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS + 2) 40 #define CC_FFC_DOMAIN_MAX_MOD_BUFFER_SIZE_IN_BYTES (CC_FFC_DOMAIN_MAX_MOD_BUFFER_SIZE_IN_WORDS * CC_32BIT_WORD_SIZE) 41 42 /*! Maximal FFC subgroup order size. */ 43 #define CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_BITS 256 44 #define CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_BYTES (CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_BITS / CC_BITS_IN_BYTE) 45 #define CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_WORDS (CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_BITS / CC_BITS_IN_32BIT_WORD) 46 /*!< Maximal size of buffer for generator order (added 2 words for internal using) */ 47 #define CC_FFC_DOMAIN_MAX_GENER_ORDER_BUFF_SIZE_IN_WORDS (CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_WORDS + 2) 48 49 /*! Minimal and maximal sizes of FFC Seed in bytes. */ 50 #define CC_FFC_DOMAIN_SEED_MIN_SIZE_IN_BYTES CC_HASH_SHA1_DIGEST_SIZE_IN_BYTES 51 #define CC_FFC_DOMAIN_SEED_MAX_SIZE_IN_BYTES CC_HASH_SHA512_DIGEST_SIZE_IN_BYTES 52 /*! Minimal size of FFC seed in bits. */ 53 #define CC_FFC_DOMAIN_SEED_MIN_SIZE_IN_BITS (CC_FFC_DOMAIN_SEED_MIN_SIZE_IN_BYTES * 8) 54 55 /*! The size of the buffer for User ID */ 56 //#define CC_FFCDH_USER_ID_SIZE_IN_BYTES 8 57 /*! Buffer for Barrett Tag - special value, used in modular multiplication */ 58 #define CC_FFC_DOMAIN_BARRETT_TAG_MAX_SIZE_IN_WORDS 5 59 #define CC_FFC_DOMAIN_BARRETT_TAG_MAX_SIZE_IN_BYTES (CC_FFC_DOMAIN_BARRETT_TAG_MAX_SIZE_IN_WORDS * CC_32BIT_WORD_SIZE) 60 61 62 /* Macros for checking and return errors */ 63 #define CHECK_ERROR(err) if((err)) goto End 64 #define CHECK_AND_SET_ERROR(expr, errMsg) if((expr)) {err = (errMsg); goto End;} 65 #define CHECK_AND_RETURN_ERROR(expr, errMsg) if((expr)) {err = (errMsg); return err;} 66 67 /* check that ptr != NULL and outSize <= buffSize */ 68 #define CHECK_PTR_AND_SIZE(pOut, outSize, buffSize) { \ 69 if((pOut == NULL) err = CC_FFCDH_INVALID_ARGUMENT_POINTER_ERROR; goto End; \ 70 if((outSize > buffSize) err = CC_FFCDH_INVALID_ARGUMENT_SIZE_ERROR; goto End; \ 71 } 72 73 /* primality testing definitions */ 74 #define CC_FFC_PRIME_TEST_MODE CC_DH_PRIME_TEST_MODE 75 #define CCFfcPrimeTestMode_t CCRsaDhPrimeTestMode_t 76 77 /*!< the DH Domain user validity TAG */ 78 #define CC_FFC_DOMAIN_VALIDATION_TAG 0xFFCD8000 79 80 #define CC_FFC_DOMAIN_TMP_BUFF_SIZE_IN_WORDS \ 81 (5*CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_WORDS + 3*CC_FFC_DOMAIN_MAX_MOD_BUFFER_SIZE_IN_WORDS + 3) 82 83 84 /************************ Enums ********************************/ 85 /*! HASH operation modes. */ 86 typedef enum 87 { 88 CC_FFC_HASH_SHA1_MODE = 0, 89 CC_FFC_HASH_SHA224_MODE = 1, 90 CC_FFC_HASH_SHA256_MODE = 2, 91 CC_FFC_HASH_SHA384_MODE = 3, 92 CC_FFC_HASH_SHA512_MODE = 4, 93 CC_FFC_HASH_NUM_OFF_MODE, 94 CC_FFC_HASH_OP_MODE_LAST = 0x7FFFFFFF 95 }CCFfcHashOpMode_t; 96 97 98 /*! FFC DH Domain validation mode definitions: 99 NIST SP 56A Rev. 2, */ 100 typedef enum { 101 CC_FFC_DOMAIN_VALIDAT_FULL_MODE, /*!< full validation */ 102 CC_FFC_DOMAIN_TRUSTED_DATA_MODE, /*!< minimal checking: sizes and pointers; 103 this mode may be used on user's responsibility and 104 only when he obtains full assurance about Domain data */ 105 CC_FFC_DOMAIN_VALIDAT_NUM_OFF_MODE, /*!< not allowed value */ 106 CC_FFC_DOMAIN_VALIDAT_MODE_LAST = 0x7FFFFFFF 107 } CCFfcDomainValidMode_t; 108 109 /*! FFC DH Domain parameters sets definition: NIST SP 56A Rev. 2, sec. 5.8.1, tab.6. */ 110 typedef enum 111 { 112 /* domain sets according to SP 800-56A rev.2. */ 113 CC_FFC_PARAMS_SET_FA, /*!< FA - min. parameters sizes and security strength */ 114 CC_FFC_PARAMS_SET_FB, /*!< FB - middle 1 */ 115 CC_FFC_PARAMS_SET_FC, /*!< FC - middle 2 (max.sizes allowed for FFC-DH) */ 116 /*!< DSA - added for FFC-DSA allowed sizes according to FIPS 186-4 sec.4.2, */ 117 CC_FFC_PARAMS_ADD_SET_DSA, /*!< max sizes (allowed for FFC-DSA, not standard for FFC-DH) */ 118 CC_FFC_PARAMS_SET_NUM_OFF_MODE, /*!< not allowed value */ 119 CC_FFC_PARAMS_SET_LAST = 0x7FFFFFFF 120 } CCFfcParamSetId_t; 121 122 /*! FFC DH Domain parameters sets definition: NIST SP 56A Rev. 2, sec. 5.8.1, tab.6. */ 123 typedef enum 124 { 125 /* domain sets according to SP 800-56A rev.2. */ 126 CC_FFC_USE_GIVEN_SEED, /*!< generate domain from given Seed */ 127 CC_FFC_GENERATE_NEW_SEED, /*!< generate new seed and Domain */ 128 CC_FFC_SEED_NOT_USED, /*!< seed not used in appropriate function. */ 129 CC_FFC_GEN_SEED_NUM_OFF_MODE, /*!< not allowed value */ 130 CC_FFC_GEN_SEED_NUM_LAST = 0x7FFFFFFF 131 } CCFfcGenerateSeed_t; 132 133 134 /************************ Typedefs ****************************/ 135 136 /* temp buffers, used in different DH KG functions */ 137 138 /*! Temporary data buffer structure for domain parameters generation in DH. */ 139 typedef struct CCFfcDomainTmpBuff_t 140 { 141 /* The aligned input and output temp buffers */ 142 /*! Temporary buffer. */ 143 uint32_t TmpBuff[CC_FFC_DOMAIN_TMP_BUFF_SIZE_IN_WORDS]; 144 }CCFfcDomainTmpBuff_t; 145 146 147 /**************************************************************/ 148 /*! FFC Domain parameters structure (p,q,g,{seed,genCounter}. 149 * NIST SP 800-56A sec.5.5.1.1. Max. size of structure: 150 * 2*(MaxModSize + MaxOrderSize) + 5w*4 + 40bytes = 636 bytes */ 151 typedef struct CCFfcDomain_t { 152 153 uint32_t prime[CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS]; /*!< prime modulus. */ 154 uint32_t modLenWords; /*!< prime modulus size in bytes */ 155 uint32_t genG[CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS]; /*!< FFC sub-group generator */ 156 uint32_t order[CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_WORDS]; /*!< order of FFC sub-group */ 157 uint32_t ordLenWords; /*!< group order size in bytes */ 158 uint8_t seed[CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_BYTES]; /*!< seed for domain generation and validation */ 159 uint32_t seedSizeBytes; /*!< seed size in bytes */ 160 uint32_t barrettTag[CC_FFC_DOMAIN_BARRETT_TAG_MAX_SIZE_IN_WORDS]; /*!< buffer for Barrett Tag - special value, used in 161 modular reduction and multiplication. */ 162 uint32_t genCounter; /*!< count of iterations, needed for successful domain generation */ 163 CCFfcParamSetId_t ffcParamSetId; /*!< enumerator, defining the set of FFC domain parameters 164 according to SP 56A rev.2 section 5.5.1.1, tab.1. */ 165 CCFfcHashOpMode_t ffcHashMode; /*!< enumerator ID of HASH mode, chosen for domain generation. 166 Note: HASH SHA1 function allowed only for SA set of domain parameters. */ 167 uint32_t hashDigestSize; /*!< size in bytes of HASH digest for chosen mode. */ 168 uint32_t hashBlockSize; /*!< size in bytes of HASH block for chosen mode. */ 169 uint32_t indexOfGenerator; /*!< index, of currently created FFC Generator (allows create different 170 Generators for existed prime P, Order Q, and Seed). */ 171 uint32_t validTag; /*!< validation tag.*/ 172 }CCFfcDomain_t; 173 174 #define FFC_DOMAIN_SIZE_BYTES ((2*CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS + 2*CC_FFC_DOMAIN_MAX_GENER_ORDER_SIZE_IN_WORDS + \ 175 CC_FFC_DOMAIN_BARRETT_TAG_MAX_SIZE_IN_WORDS + 10) * CC_32BIT_WORD_SIZE) 176 177 /***************************************************************************/ 178 /*!< Set of FFC Domain parameters size approved by NIST SP 800-56A rev.2. tab.6,8 179 * and FIPS 186-4 180 Intended for initialisation of array of structures of following type. 181 Note: Bit-size of each parameters = 8*ByteSize. 182 */ 183 typedef struct CCFfcDomainParamSizes_t 184 { 185 uint32_t maxSecurStrength; /*!< Maximum security strength supported, in bytes. */ 186 uint32_t primeSize; /*!< Field (prime P) size in bytes. */ 187 uint32_t orderSize; /*!< Subgroup order Q size in bytes. */ 188 uint32_t minHashLen; /*!< Minimum length of HASH output in bytes. */ 189 } CCFfcDomainParamSizes_t; 190 191 192 /*!< Set of DH FFC parameters sizes, approved by NIST SP 800-56A rev.2: sec. 5.8.1, 5.9.3. 193 Intended for initialization of array of structures of type CCFfcDhFfcDomainParamSizes_t. 194 All sizes are given in bytes (see CCFfcDomainParamSizes_t struct). 195 \note Index of array is given according to CCFfcDhFfcParamsSetId_t enumerator: 196 {CC_FFCDH_PARAMS_SET_FA, CC_FFCDH_PARAMS_SET_FB, CC_FFCDH_PARAMS_SET_FC} = {0,1,2}. 197 */ 198 #define CC_FFC_DOMAIN_PARAM_SIZES_SET {{80,1024,160,80},{112,2048,224,112},{112,2048,256,112}} 199 /*! Define and init parameters array */ 200 //CCFfcDomainParamSizes_t ffcDomainParamSizes[(uint32_t)CC_FFC_DOMAIN_PARAMS_SET_NUM_OFF_MODE] = CC_FFC_DOMAIN_PARAM_SIZES_SET; 201 202 /*! Array of allowed HASH SHA-x block and digest sizes for all SHA modes (size in bytes). 203 \note Index of array is according to CCFfcDhParamsSetId_t enumerator: {CC_HASH_SHA1_mode, CC_HASH_SHA224_mode, CC_HASH_SHA256_mode, 204 CC_HASH_SHA384_mode, CC_HASH_SHA512_mode} = {0,1,2,3,4}. 205 */ 206 #define CC_FFC_SHA_PARAMETERS_SIZES_IN_BYTES {{64,20},{64,28},{64,32},{128,48},{128,64}} 207 208 /*! Define and initialize HASH parameters array */ 209 //CCFfcDhHashBlockAndDigestSizes_t DhHashBlockAndDigestSizes[(uint32_t)CC_FFCDH_HASH_NUM_OFF_MODE] = 210 // CC_FFC_SHA_PARAMETERS_SIZES_IN_BYTES; 211 212 // 213 ///*! Temporary buffer structure . */ 214 //typedef struct CCFfcDhKgCheckTemp_t 215 //{ 216 // /*! Temporary buffer. */ 217 // uint32_t checkTempBuff[3*CC_FFC_DOMAIN_MAX_MOD_SIZE_IN_WORDS]; 218 // /*! Temporary buffer. */ 219 // CCFfcDomainTmpBuff_t domainBuff; 220 //}CCFfcDomainCheckTemp_t; 221 222 223 /************************ Structs ******************************/ 224 225 /************************ Public Variables **********************/ 226 227 /************************ Public Functions **********************/ 228 229 /*******************************************************************************************/ 230 /*! 231 @brief This function generates FFC domain parameters according to NIST SP 56A rev.2, referring to FIPS 184-4 standard. 232 \par<ol><li> 233 <li> The function generates FFC Domain from given Seed and iterations count and sets them into Domain structure. 234 If actual count of iterations is not equalled to given value, then the function returns an error. </li> 235 <li> The function calculates prime modulus P, subgroup generator G with order Q using Seed and given Generator 236 index, allowing to generate different FFC generators with same P and Q, according to SP 56A rev.2 sec.5.5.1.1 237 and FIPS 184-4 A.1.1.2, A.2.3. </li> 238 <li> The function allows generation domains only for approved set of parameters sizes (SP 56A rev.2 5.5.1.1), 239 given by enumerator ID of type CCFfcDhParamSetId_t. </li></ol> 240 @return CC_OK on success. 241 @return A non-zero value on failure as defined cc_ffc_domain_error.h. 242 243 */ 244 CIMPORT_C CCError_t CC_FfcGenerateDomainFromSeed( 245 CCFfcDomain_t *pDomain, /*!< [out] pointer to FFC Domain structure. */ 246 CCRndContext_t *pRndContext, /*!< [in] random generation function context. */ 247 size_t primeSizeBits, /*!< [in] size of domain's prime modulus in bits (see requirements above). */ 248 size_t orderSizeBits, /*!< [in] size of domain's sub-group order in bits (see requirements above). */ 249 uint8_t *pSeed, /*!< [in] pointer to the seed for domain generation and validation; */ 250 size_t seedSizeBytes, /*!< [in] seed size in bytes */ 251 uint32_t genCounter, /*!< [in] exact value of count of main loop iterations, required for generation 252 FFC Domain from given Seed. If actual count is not equal to given, 253 then the function returns an error. */ 254 CCFfcParamSetId_t ffcParamSetId,/*!< [in] enumerator, defining the set of FFC domain parameters 255 according to SP 56A rev.2 section 5.5.1.1, tab.1. */ 256 CCFfcHashOpMode_t ffcHashMode, /*!< [in] enumerator ID of SHAx HASH mode. Note: HASH SHA1 mode may be 257 used only with SA set of domain parameters (sec. 5.8.1, tab.6). */ 258 uint8_t generIndex, /*!< [in] an index of FFC Generator, allowing to generate different FFC generators with 259 the same FFC parameters prime P and Order Q, existed in the domain. */ 260 CCFfcDomainTmpBuff_t *pTmpBuff /*!< [in] pointer to FFC Domain temp buffer structure. */ 261 ); 262 263 /*******************************************************************************************/ 264 /*! 265 @brief This function generates FFC Domain parameters including new Seed Seed according to 266 NIST SP 56A rev.2 with referring to FIPS 184-4 standard. 267 \par<ol><li> 268 <li> The function generates a new Seed, calculates FFC Domain parameters and sets them into Domain. </li> 269 <li> The function calculates prime modulus P, subgroup generator G with order Q using Seed and given Generator 270 index, allowing to generate different FFC generators with same P and Q, according to SP 56A rev.2 sec.5.5.1.1 271 and FIPS 184-4 A.1.1.2, A.2.3. </li> 272 <li> The function allows generation Domain only for approved set of parameters sizes (SP 56A rev.2 5.5.1.1), 273 given by enumerator ID of type CCFfcDhParamSetId_t. </li></ol> 274 @return CC_OK on success. 275 @return A non-zero value on failure as defined cc_dh_error.h, cc_rnd_error.h. 276 */ 277 CIMPORT_C CCError_t CC_FfcGenerateDomainAndSeed( 278 CCFfcDomain_t *pDomain, /*!< [out] pointer to FFC Domain structure. */ 279 CCRndContext_t *pRndContext, /*!< [in] random generation function context. */ 280 size_t primeSizeBits, /*!< [in] size of domain's prime modulus in bits (see requirements above). */ 281 size_t orderSizeBits, /*!< [in] size of domain's sub-group order in bits (see requirements above). */ 282 size_t seedSizeBytes, /*!< [in] required size of the seed in bytes; it must be not less than 283 HASH security strength, defined in given ffcParamsSet. */ 284 CCFfcParamSetId_t ffcParamSetId,/*!< [in] enumerator, defining the set of FFC domain parameters 285 according to SP 56A rev.2 section 5.5.1.1, tab.1. */ 286 CCFfcHashOpMode_t ffcHashMode, /*!< [in] enumerator ID of SHAx HASH mode. Note: HASH SHA1 mode may be 287 used only with SA set of domain parameters (sec. 5.8.1, tab.6). */ 288 uint8_t generIndex, /*!< [in] an index of FFC Generator, allowing to generate different FFC generators with 289 the same FFC parameters prime P and Order Q, existed in the domain. */ 290 CCFfcDomainTmpBuff_t *pTmpBuff /*!< [in] pointer to FFC Domain temp buffer structure. */ 291 ); 292 293 294 /*******************************************************************************************/ 295 /*! 296 @brief The function validates received FFC domain parameters and sets them into Domain structure. 297 <ol><li> Validation of performed according to NIST SP 56A rev.2, sec. 5.5.2 and to FIPS 184-4 standard. </li> 298 </li> If optional parameters (Seed and pgenCounter) are given, then the function performs full validation by generation 299 primes P,Q from the given Seed and compares calculated and received parameters according to the FIPS 184-4, A.1.1.3. </li> 300 </li> Generator G is validated according to sec. A.2.3. </li> 301 </li> If optional parameters pSeed, seedSize, pgenCounter are zero, and the user explicitly sets validation mode to 302 "Trusted Data", then the function performs only checking of pointers, sizes and some relations between parameters. <li>. 303 </li> All input byte-arrays should be set with big endianness order of bytes, i.e. MS Byte is a leftmost one. </li></ol> 304 @return CC_OK on success. 305 @return A non-zero value on failure, as defined in cc_dh_error.h, cc_rnd_error.h. 306 */ 307 CIMPORT_C CCError_t CC_FfcValidateAndImportDomain( 308 CCFfcDomain_t *pDomain, /*!< [out] pointer to FFC Domain structure. */ 309 CCRndContext_t *pRndContext, /*!< [in] optional (used on Full Validation mode only), random generation 310 function context. */ 311 uint8_t *pPrime, /*!< [in] pointer to prime modulus of the finite field (P). */ 312 size_t primeSizeBits, /*!< [in] prime P size in bits. */ 313 uint8_t *pOrder, /*!< [in] pointer to the order Q of the generator. */ 314 size_t orderSizeBits, /*!< [in] order size in bits. */ 315 uint8_t *pGenerator, /*!< [in] pointer to generator G of subgroup of FFC. */ 316 size_t generSizeBytes, /*!< [in] generator G size in bytes (see note bellow). */ 317 uint8_t *pSeed, /*!< [in] optional (used on Full Validation mode only), pointer to the Seed, 318 if the Seed is not given, then should be set to NULL. */ 319 size_t seedSizeBytes, /*!< [in] optional size of Seed in bytes; if Seed not given, then 320 should be set to 0. */ 321 CCFfcParamSetId_t ffcParamSetId, /*!< [in] enumerator, defining the set of FFC domain parameters 322 according to SP 56A rev.2 section 5.5.1.1, tab.1. */ 323 CCFfcHashOpMode_t ffcHashMode, /*!< [in] enumerator ID of SHAx HASH mode. Note: HASH SHA1 mode may be 324 used only with SA set of domain parameters (sec. 5.8.1, tab.6). */ 325 uint32_t genCounter, /*!< [in] optional, counter of main iterations loop, performed during 326 domain generation with Seed. */ 327 uint8_t generIndex, /*!< [in] an index of FFC Generator, allowing to generate different FFC generators with 328 the same FFC parameters prime P and Order Q, existed in the domain. */ 329 CCFfcDomainValidMode_t validMode,/*!< [in] enumerator, defining validation mode of of domain parameters: 330 "full" (approved by FIPS standard), "partial" 331 and "trusted" (validated previously); using of both second 332 modes is not approved by standards and is fully on the user 333 responsibility. */ 334 CCFfcDomainTmpBuff_t *pTmpBuff /*!< [in] optional pointer to FFC Domain temp buffer structure. Used only 335 on Full validation mode, on Trusted mode may be set to NULL. */ 336 ); 337 338 339 /*******************************************************************************************/ 340 /*! 341 @brief This function extracts FFC domain parameters from Domain structure for external using. 342 <ol><li> Assumed, that FFC domain is properly generated by CC_FfcGenerateDomain or other function 343 according to the FIPS 184-4, A.1.1.2 standard. </li> 344 <li> The function checks input/output pointers and buffers sizes, converts the DH Domain parameters 345 to big endianness output arrays (with leading zeros if exists). </li> 346 <li> Note: Sizes of parameters are given by pointers, were [in/out] values are: in - buffer size, 347 out - actual size. </li></ol> 348 349 @return CC_OK on success. 350 @return A non-zero value on failure as defined cc_dh_error.h, cc_rnd_error.h. 351 */ 352 CIMPORT_C CCError_t CC_FfcExportDomain( 353 CCFfcDomain_t *pDomain, /*!< [in] pointer to FFC Domain to be exported. */ 354 uint8_t *pPrime, /*!< [out] pointer to prime modulus of the finite field (P). */ 355 size_t *pPrimeSize, /*!< [in/out] pointer to prime P size in bytes. */ 356 uint8_t *pGenerator, /*!< [out] pointer to generator of subgroup (G). */ 357 size_t *pGeneratorSize, /*!< [in/out] pointer to generator G size in bytes. */ 358 uint8_t *pOrder, /*!< [out] pointer to the order of the generator G. */ 359 size_t *pOrderSize, /*!< [in/out] pointer to order of generator Q size in bytes. */ 360 uint8_t *pSeed, /*!< [out] optional, pointer to the Seed, used for Domain generation; 361 if Seed is not required, then the pointer and size should be NULL. */ 362 size_t *pSeedSize, /*!< [in/out] optional, size of the Seed in bytes - if the Seed not exist, 363 in the Domain, the function sets the size = 0. */ 364 CCFfcParamSetId_t *pFfcParamSetId, /*!< [in] pointer to enumerator ID, defining the set of FFC domain parameters 365 parameters according to SP 56A rev.2 section 5.5.1.1, tab.1. */ 366 CCFfcHashOpMode_t *pFfcHashMode, /*!< [in] pointer to enumerator ID of SHAx HASH mode. Note: HASH SHA1 mode 367 may be used only with SA set of domain parameters (sec. 5.8.1, tab.6). */ 368 uint32_t *pGenCounter, /*!< [out] pointer to count of iterations, which were performed 369 during Domain generation. */ 370 uint8_t *pIndexOfGenerator /*!< pointer to index, of FFC Generator existed in the Domain. */ 371 ); 372 373 374 /*******************************************************************************************/ 375 /*! 376 @brief The function creates a new FFC subgroup Generator for existed FFC Domain. 377 <ol><li> Assumed, that FFC domain is properly generated or imported previously and meets 378 to the FIPS 184-4, sec. A.1.1.2 standard. </li> 379 <li> The function checks input/output pointers and buffers sizes and creates new Generator 380 according to sec. A.2.3. and sets it into Domain structure. </li></ol> 381 382 @return CC_OK on success. 383 @return A non-zero value on failure as defined cc_dh_error.h, cc_rnd_error.h. 384 */ 385 CIMPORT_C CCError_t CC_FfcCreateNewGenerator( 386 CCFfcDomain_t *pDomain, /*!< [in/out] pointer to FFC Domain structure. */ 387 CCRndContext_t *pRndContext, /*!< [in] random generation function context. */ 388 uint8_t index, /*!< [in] index allowing to generate some FFC generators with 389 the same FFC parameters prime P and Order Q, existed in the domain. */ 390 CCFfcDomainTmpBuff_t *pTmpBuff /*!< [in] pointer to FFC Domain temp buffer structure. */ 391 ); 392 393 #ifdef __cplusplus 394 } 395 #endif 396 /** 397 @} 398 */ 399 #endif 400
