Recovers the encrypted part of the message from the signature using ECPVS.
#include "huecpvs.h"
int hu_ECPVSRecoverV2(sb_Params eccParams, sb_PublicKey publicKey, int hashId, int kdf, int encoding, int mode, size_t ivLen, const unsigned char *iv, size_t padLen, size_t addInfoLen, const unsigned char *addInfo, size_t sLen, const unsigned char *sValue, size_t rLen, const unsigned char *rValue, size_t visibleMessageLen, const unsigned char *visibleMessage, size_t *recoverableMessageLen, unsigned char *recoverableMessage, sb_GlobalCtx sbCtx)
An ECC parameters object.
An ECC public key object.
The hash algorithm to use. This is one of: HU_DIGEST_SHA1, HU_DIGEST_SHA224, HU_DIGEST_SHA256, HU_DIGEST_SHA384, or HU_DIGEST_SHA512.
The KDF algorithm to use. This is one of: HU_KDF_ANSI_SHA1, HU_KDF_ANSI_SHA224, HU_KDF_ANSI_SHA256, HU_KDF_ANSI_SHA384, or HU_KDF_ANSI_SHA512.
The symmetric encryption to use. Currently, the only valid value is HU_ECPVS_ENCRYPTION_STREAM.
The encryption mode for block symmetric ciphers. Ignored for the stream cipher HU_ECPVS_ENCRYPTION_STREAM.
The length (in bytes) of iv. Ignored for the stream cipher HU_ECPVS_ENCRYPTION_STREAM.
The initialization vector for block symmetric ciphers. Ignored for the stream cipher HU_ECPVS_ENCRYPTION_STREAM.
The number of bytes for additional redundancy. It should be in the range 1..255 if the exact length is known. 0 means that the redundancy level is unknown. (Optional)
The length (in bytes) of addInfo.
Additional information to be used by the KDF.
The length (in bytes) of sValue.
The s component from the signature computation.
The length (in bytes) of rValue.
The r component from the signature computation.
The length (in bytes) of visibleMessage.
The visible part of the message.
The length (in bytes) of recoverableMessage.
The recoverable part of the message.
A global context.
Note: This function is identical in functionality to hu_ECPVSRecover(), while allowing you to specify the additional information to be used by the KDF. This additional information is passed using the addInfoLen and addInfo fields.
The ANSI X9.92-conformant usage of this API function should include only security primitives with the security level set at more than 80 bits.
Provide output buffer in recoverableMessage, and indicate the amount in recoverableMessageLen. If sufficient amount of buffer is supplied, this function will place the recovered message into recoverableMessage and set the actual length in recoverableMessageLen.
If recoverableMessage is NULL, this function will set the correct length of s in recoverableMessageLen.
If there is no recoverable data - or you just want to check the padding - set both recoverableMessage and recoverableMessageLen to NULL.
Currently only the KDF-based symmetric stream cipher is supported (i.e. HU_ECPVS_ENCRYPTION_STREAM).
The eccParams object is NULL.
The eccParams object is invalid.
The publicKey object is NULL.
The publicKey object is invalid.
The hash algorithm is not supported.
The KDF algorithm or encryption is not supported.
The padLen is out of range or the ivLen is too large.
The signature component is NULL.
The signature component length is invalid.
The signature component is NULL.
The visible part of the message is NULL, or iv is NULL and ivLen is greater than 0.
Redundancy check failed. The padding value did not match the expected result.
The recoverable message length is NULL.
The recoverable message length is invalid.
The recoverable message buffer is NULL.
Memory allocation failure.
Success.