Functions

Functions
cy_en_cryptolite_status_t	Cy_Cryptolite_Rsa_Verify (CRYPTOLITE_Type *base, uint16_t digestLength, uint8_t *digest, uint8_t *rsaSignature, uint16_t rsaLength, cy_stc_cryptolite_rsa_pub_key_t *key, uint8_t *processedDigest)
	RSA verification with checks for content, padding and signature format. More...
void	Cy_Cryptolite_Rsa_Coeff (CRYPTOLITE_Type *base, cy_stc_cryptolite_rsa_pub_key_t *key)
	This function calculates the RSA related coefficients. More...
cy_en_cryptolite_status_t	Cy_Cryptolite_Rsa_PssVerifyExt (CRYPTOLITE_Type *base, uint16_t digestLength, uint8_t *digest, uint16_t rsaLength, cy_stc_cryptolite_rsa_pub_key_t *key, uint8_t *processedDigest)
	This function is an extension to do RSA signature verification using EMSA-PSS Encoding method (RSASSA-PSS). More...

Detailed Description

Function Documentation

Cy_Cryptolite_Rsa_Verify()

cy_en_cryptolite_status_t Cy_Cryptolite_Rsa_Verify	(	CRYPTOLITE_Type *	base,
		uint16_t	digestLength,
		uint8_t *	digest,
		uint8_t *	rsaSignature,
		uint16_t	rsaLength,
		cy_stc_cryptolite_rsa_pub_key_t *	key,
		uint8_t *	processedDigest
	)

RSA verification with checks for content, padding and signature format.

SHA digest of the message and decrypted message should be calculated before. Supports only PKCS1-v1_5 format, inside of this format supported padding using only SHA, cases with MD2 and MD5 are not supported.

The digest and decryptedSignature buffers must be 4 byte aligned

Returns the verification result

Parameters

base	The pointer to the CRYPTOLITE instance.
digestLength	SHA digest length (in bytes).
digest	The pointer to the hash of the message or the message whose signature is to be verified.
rsaSignature	The pointer to the encrypted RSA signature which is required to be decrypted.
rsaLength	The length of the RSA signature (in bytes).
key	Pointer to RSA Public key and additional coefficients information.
processedDigest	Pointer to hold processed digest from RSA signature.

Returns

cy_en_cryptolite_status_t

Function Usage

    /* Define variable to store the address and information related to 
     * public key and relevant coefficients */
    cy_stc_cryptolite_rsa_pub_key_t keyInfo;
    
    /* Define a boolean status variable */
    cy_en_cryptolite_status_t rsaStatus = CY_CRYPTOLITE_UNKNOWN;
    
    /* SHA related variables */
    cy_stc_cryptolite_sha_context_t context;
    cy_en_cryptolite_status_t cryptoStatus;
    /* Input data (size can be user defined) */
    uint8_t dataInput[1024];
    
    /* Define data structures required */
    CY_ALIGN(4) uint8_t inputDigest[CY_CRYPTOLITE_SHA256_DIGEST_SIZE];
    CY_ALIGN(4) uint8_t publicKey[384];
    CY_ALIGN(4) uint8_t rsaSignature[384];
    CY_ALIGN(4) uint8_t barrettCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072+1)];
    CY_ALIGN(4) uint8_t montInvCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072+1)];
    CY_ALIGN(4) uint8_t rBarCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072)];
    CY_ALIGN(4) uint8_t processedDigest[VU_BITS_TO_BYTES_WORD_ALIGN(3072)];
    CY_ALIGN(4) uint8_t publicKeyExp[3] = {0x01, 0x00, 0x01};      /* 65537 */
    CY_ALIGN(4) uint8_t buffer[  4*VU_BITS_TO_WORDS(2*3072+1)
                 + 4*VU_BITS_TO_WORDS(2*3072+1)
                 + 4*VU_BITS_TO_WORDS(3072)];
    
    /* Initialize the Key Information with proper addresses */
    keyInfo.moduloPtr = publicKey;
    keyInfo.moduloLength = 3072;
    keyInfo.barretCoefPtr = barrettCoeff;
    keyInfo.inverseModuloPtr = montInvCoeff;
    keyInfo.rBarPtr = rBarCoeff;
    keyInfo.privateBuffer = buffer;
    keyInfo.pubExpPtr = publicKeyExp;
    keyInfo.pubExpLength = 17;
    /* This flag must be set to "true" if RSA coefficients are not pre-calculated. */
    keyInfo.calculateCoeff = true;
    /* Select the RSA signature encoding method. If not defined, default shall be taken as PKCS1_V15 scheme. */
    keyInfo.rsaSigScheme = (uint8_t)CY_CRYPTOLITE_RSA_SSA_PKCS1_V15;

    /* Set SHA Mode */
    cryptoStatus = Cy_Cryptolite_Sha_SetMode(
                        CY_CRYPTOLITE_SHA_MODE_SHA256,        /* Cryptolite SHA Mode */
                        &context);                            /* Pointer to SHA context structure */

    /* Calculate SHA digest */
    if (CY_CRYPTOLITE_SUCCESS == cryptoStatus)
    {
        /* Hash the message by using the Cryptolite SHA operation with SHA-256 mode */
        cryptoStatus = Cy_Cryptolite_Sha(
                             CRYPTOLITE,                      /* Base address of the Crypto block registers */
                             (const uint8_t *)dataInput,      /* Pointer to message */
                             sizeof(dataInput),         /* Message size (in bytes) */
                             inputDigest,                    /* Pointer to digest buffer */
                             &context);                       /* Pointer to SHA context structure */
    }

    /* Verify RSA signature */
    if (CY_CRYPTOLITE_SUCCESS == cryptoStatus)
    {
        rsaStatus = Cy_Cryptolite_Rsa_Verify(CRYPTOLITE,
                                    CY_CRYPTOLITE_SHA256_DIGEST_SIZE,
                                    inputDigest,
                                    rsaSignature,
                                    384,
                                    &keyInfo,
                                    publicKey);
    }

    

Cy_Cryptolite_Rsa_Coeff()

void Cy_Cryptolite_Rsa_Coeff	(	CRYPTOLITE_Type *	base,
		cy_stc_cryptolite_rsa_pub_key_t *	key
	)

This function calculates the RSA related coefficients.

Parameters

base	The pointer to the CRYPTOLITE instance.
key	Pointer to RSA Public key and additional coefficients information.

Returns

None

Function Usage

    /* Define variable to store the address and information related to 
     * public key and relevant coefficients */
    cy_stc_cryptolite_rsa_pub_key_t keyInfo;
    
    /* Define data structures required */
    CY_ALIGN(4) uint8_t publicKey[384];
    CY_ALIGN(4) uint8_t barrettCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072+1)];
    CY_ALIGN(4) uint8_t montInvCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072+1)];
    CY_ALIGN(4) uint8_t rBarCoeff[VU_BITS_TO_BYTES_WORD_ALIGN(3072)];
    CY_ALIGN(4) uint8_t publicKeyExp[3] = {0x01, 0x00, 0x01};      /* 65537 */
    CY_ALIGN(4) uint8_t buffer[  4*VU_BITS_TO_WORDS(2*3072+1)
                 + 4*VU_BITS_TO_WORDS(2*3072+1)
                 + 4*VU_BITS_TO_WORDS(3072)];
    
    /* Initialize the Key Information with proper addresses */
    keyInfo.moduloPtr = publicKey;
    keyInfo.moduloLength = 3072;
    keyInfo.barretCoefPtr = barrettCoeff;
    keyInfo.inverseModuloPtr = montInvCoeff;
    keyInfo.rBarPtr = rBarCoeff;
    keyInfo.privateBuffer = buffer;
    keyInfo.pubExpPtr = publicKeyExp;
    keyInfo.pubExpLength = 17;

    Cy_Cryptolite_Rsa_Coeff(CRYPTOLITE, &keyInfo);
        
    /* This flag must be set to "true" as RSA coefficients are calculated previously. */
    keyInfo.calculateCoeff = false;

Cy_Cryptolite_Rsa_PssVerifyExt()

cy_en_cryptolite_status_t Cy_Cryptolite_Rsa_PssVerifyExt	(	CRYPTOLITE_Type *	base,
		uint16_t	digestLength,
		uint8_t *	digest,
		uint16_t	rsaLength,
		cy_stc_cryptolite_rsa_pub_key_t *	key,
		uint8_t *	processedDigest
	)

This function is an extension to do RSA signature verification using EMSA-PSS Encoding method (RSASSA-PSS).

This function requires the processed RSA signature using public key.

Reference: RFC 8017 (https://www.rfc-editor.org/rfc/rfc8017)

Parameters

base	cryptolite base address.
digestLength	SHA digest length (in bytes).
digest	digest buffer pointer.
rsaLength	RSA Signature length (in bytes).
key	Pointer to Public key and RSA coefficients.
processedDigest	Processed RSA signature using public key.

Returns

cy_en_cryptolite_status_t Cryptolite operation status

Function Usage

    /* Define a boolean status variable */
    cy_en_cryptolite_status_t rsaStatus = CY_CRYPTOLITE_UNKNOWN;
    
    /* Note: As of now, this function is applicable only for CCGx_CFP. 
     * This function call is part of \ref Cy_Cryptolite_Rsa_Verify function. */