1 /******************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * LICENSE-2.0" target="_blank">http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
20 ******************************************************************/
23 #ifndef _CRYPTO_ADAPTER_H_
24 #define _CRYPTO_ADAPTER_H_
33 /// Sizes for ECDSA prime256v1 elliptic curve
34 #define PUBLIC_KEY_SIZE (64)
35 #define SIGN_R_LEN (32)
36 #define SIGN_S_LEN (32)
37 #define SIGN_FULL_SIZE (64)
38 #define PRIVATE_KEY_SIZE (32)
40 /// Length of SHA 256 hash
41 #define SHA_256_HASH_LEN (32)
43 #define uECC_SIGN_VERIFICATION_SUCCESS (1)
46 * @def GET_SHA_256(tbs, sha256)
48 * A macro that compute sha-256 hash of tbs part.
50 * @param[in] tbs "to be signed" part
51 * @param[out] sha256 hash of tbs
54 #define GET_SHA_256(tbs, sha256) do{ \
55 DTLS_SHA256_CTX ctx256; \
56 DTLS_SHA256_Init(&ctx256); \
57 DTLS_SHA256_Update(&ctx256, tbs.data, tbs.len); \
58 DTLS_SHA256_Final(sha256, &ctx256); \
61 /**@def CHECK_SIGN(structure, caPubKey)
62 * Checks the sign of ASN.1 structure.
64 * @param structure ASN.1 stucture
65 * @param caPubKey public key of CA
68 #define CHECK_SIGN(structure, caPubKey) do{ \
70 uint8_t sha256[SHA_256_HASH_LEN]; \
71 uint8_t fullSignature[SIGN_FULL_SIZE]; \
72 GET_SHA_256((structure).tbs, sha256); \
73 memcpy(fullSignature, (structure).signR.data, SIGN_R_LEN); \
74 memcpy((fullSignature + SIGN_R_LEN), (structure).signS.data, SIGN_S_LEN);\
75 err = uECC_verify(caPubKey.data, sha256, fullSignature); \
76 CHECK_EQUAL(err, uECC_SIGN_VERIFICATION_SUCCESS, PKI_SIG_MISMATCH); \
83 #endif //_CRYPTO_ADAPTER_H_