15da36a24SJens Wiklander // SPDX-License-Identifier: BSD-2-Clause
25da36a24SJens Wiklander /*
35da36a24SJens Wiklander * Copyright (c) 2014-2019, Linaro Limited
45da36a24SJens Wiklander */
55da36a24SJens Wiklander
65da36a24SJens Wiklander #include <assert.h>
75da36a24SJens Wiklander #include <crypto/crypto.h>
85da36a24SJens Wiklander #include <crypto/crypto_impl.h>
95da36a24SJens Wiklander #include <stdlib.h>
105da36a24SJens Wiklander #include <string.h>
115da36a24SJens Wiklander #include <tee_api_types.h>
125a913ee7SJerome Forissier #include <tomcrypt_private.h>
135da36a24SJens Wiklander #include <utee_defines.h>
145da36a24SJens Wiklander #include <util.h>
155da36a24SJens Wiklander
165da36a24SJens Wiklander struct ltc_hmac_ctx {
175da36a24SJens Wiklander struct crypto_mac_ctx ctx;
185da36a24SJens Wiklander int hash_idx;
195da36a24SJens Wiklander hmac_state state;
205da36a24SJens Wiklander };
215da36a24SJens Wiklander
225da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops;
235da36a24SJens Wiklander
to_hmac_ctx(struct crypto_mac_ctx * ctx)245da36a24SJens Wiklander static struct ltc_hmac_ctx *to_hmac_ctx(struct crypto_mac_ctx *ctx)
255da36a24SJens Wiklander {
265da36a24SJens Wiklander assert(ctx && ctx->ops == <c_hmac_ops);
275da36a24SJens Wiklander
285da36a24SJens Wiklander return container_of(ctx, struct ltc_hmac_ctx, ctx);
295da36a24SJens Wiklander }
305da36a24SJens Wiklander
ltc_hmac_init(struct crypto_mac_ctx * ctx,const uint8_t * key,size_t len)315da36a24SJens Wiklander static TEE_Result ltc_hmac_init(struct crypto_mac_ctx *ctx, const uint8_t *key,
325da36a24SJens Wiklander size_t len)
335da36a24SJens Wiklander {
345da36a24SJens Wiklander struct ltc_hmac_ctx *hc = to_hmac_ctx(ctx);
355da36a24SJens Wiklander
365da36a24SJens Wiklander if (hmac_init(&hc->state, hc->hash_idx, key, len) == CRYPT_OK)
375da36a24SJens Wiklander return TEE_SUCCESS;
385da36a24SJens Wiklander else
395da36a24SJens Wiklander return TEE_ERROR_BAD_STATE;
405da36a24SJens Wiklander }
415da36a24SJens Wiklander
ltc_hmac_update(struct crypto_mac_ctx * ctx,const uint8_t * data,size_t len)425da36a24SJens Wiklander static TEE_Result ltc_hmac_update(struct crypto_mac_ctx *ctx,
435da36a24SJens Wiklander const uint8_t *data, size_t len)
445da36a24SJens Wiklander {
455da36a24SJens Wiklander if (hmac_process(&to_hmac_ctx(ctx)->state, data, len) == CRYPT_OK)
465da36a24SJens Wiklander return TEE_SUCCESS;
475da36a24SJens Wiklander else
485da36a24SJens Wiklander return TEE_ERROR_BAD_STATE;
495da36a24SJens Wiklander }
505da36a24SJens Wiklander
ltc_hmac_final(struct crypto_mac_ctx * ctx,uint8_t * digest,size_t len)515da36a24SJens Wiklander static TEE_Result ltc_hmac_final(struct crypto_mac_ctx *ctx, uint8_t *digest,
525da36a24SJens Wiklander size_t len)
535da36a24SJens Wiklander {
545da36a24SJens Wiklander unsigned long l = len;
555da36a24SJens Wiklander
565da36a24SJens Wiklander if (hmac_done(&to_hmac_ctx(ctx)->state, digest, &l) == CRYPT_OK)
575da36a24SJens Wiklander return TEE_SUCCESS;
585da36a24SJens Wiklander else
595da36a24SJens Wiklander return TEE_ERROR_BAD_STATE;
605da36a24SJens Wiklander }
615da36a24SJens Wiklander
ltc_hmac_free_ctx(struct crypto_mac_ctx * ctx)625da36a24SJens Wiklander static void ltc_hmac_free_ctx(struct crypto_mac_ctx *ctx)
635da36a24SJens Wiklander {
645da36a24SJens Wiklander free(to_hmac_ctx(ctx));
655da36a24SJens Wiklander }
665da36a24SJens Wiklander
ltc_hmac_copy_state(struct crypto_mac_ctx * dst_ctx,struct crypto_mac_ctx * src_ctx)675da36a24SJens Wiklander static void ltc_hmac_copy_state(struct crypto_mac_ctx *dst_ctx,
685da36a24SJens Wiklander struct crypto_mac_ctx *src_ctx)
695da36a24SJens Wiklander {
705da36a24SJens Wiklander struct ltc_hmac_ctx *src = to_hmac_ctx(src_ctx);
715da36a24SJens Wiklander struct ltc_hmac_ctx *dst = to_hmac_ctx(dst_ctx);
725da36a24SJens Wiklander
735da36a24SJens Wiklander assert(src->hash_idx == dst->hash_idx);
745da36a24SJens Wiklander dst->state = src->state;
755da36a24SJens Wiklander }
765da36a24SJens Wiklander
775da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops = {
785da36a24SJens Wiklander .init = ltc_hmac_init,
795da36a24SJens Wiklander .update = ltc_hmac_update,
805da36a24SJens Wiklander .final = ltc_hmac_final,
815da36a24SJens Wiklander .free_ctx = ltc_hmac_free_ctx,
825da36a24SJens Wiklander .copy_state = ltc_hmac_copy_state,
835da36a24SJens Wiklander };
845da36a24SJens Wiklander
ltc_hmac_alloc_ctx(struct crypto_mac_ctx ** ctx_ret,int hash_idx)855da36a24SJens Wiklander static TEE_Result ltc_hmac_alloc_ctx(struct crypto_mac_ctx **ctx_ret,
865da36a24SJens Wiklander int hash_idx)
875da36a24SJens Wiklander {
885da36a24SJens Wiklander struct ltc_hmac_ctx *ctx = NULL;
895da36a24SJens Wiklander
905da36a24SJens Wiklander if (hash_idx < 0)
915da36a24SJens Wiklander return TEE_ERROR_NOT_SUPPORTED;
925da36a24SJens Wiklander
935da36a24SJens Wiklander ctx = calloc(1, sizeof(*ctx));
945da36a24SJens Wiklander if (!ctx)
955da36a24SJens Wiklander return TEE_ERROR_OUT_OF_MEMORY;
965da36a24SJens Wiklander
975da36a24SJens Wiklander ctx->ctx.ops = <c_hmac_ops;
985da36a24SJens Wiklander ctx->hash_idx = hash_idx;
995da36a24SJens Wiklander *ctx_ret = &ctx->ctx;
1005da36a24SJens Wiklander
1015da36a24SJens Wiklander return TEE_SUCCESS;
1025da36a24SJens Wiklander }
1035da36a24SJens Wiklander
104*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_MD5)
crypto_hmac_md5_alloc_ctx(struct crypto_mac_ctx ** ctx)1055da36a24SJens Wiklander TEE_Result crypto_hmac_md5_alloc_ctx(struct crypto_mac_ctx **ctx)
1065da36a24SJens Wiklander {
1075da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("md5"));
1085da36a24SJens Wiklander }
109*7dfcefdaSJens Wiklander #endif
1105da36a24SJens Wiklander
111*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA1)
crypto_hmac_sha1_alloc_ctx(struct crypto_mac_ctx ** ctx)1125da36a24SJens Wiklander TEE_Result crypto_hmac_sha1_alloc_ctx(struct crypto_mac_ctx **ctx)
1135da36a24SJens Wiklander {
1145da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha1"));
1155da36a24SJens Wiklander }
116*7dfcefdaSJens Wiklander #endif
1175da36a24SJens Wiklander
118*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA224)
crypto_hmac_sha224_alloc_ctx(struct crypto_mac_ctx ** ctx)1195da36a24SJens Wiklander TEE_Result crypto_hmac_sha224_alloc_ctx(struct crypto_mac_ctx **ctx)
1205da36a24SJens Wiklander {
1215da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha224"));
1225da36a24SJens Wiklander }
123*7dfcefdaSJens Wiklander #endif
1245da36a24SJens Wiklander
125*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA256)
crypto_hmac_sha256_alloc_ctx(struct crypto_mac_ctx ** ctx)1265da36a24SJens Wiklander TEE_Result crypto_hmac_sha256_alloc_ctx(struct crypto_mac_ctx **ctx)
1275da36a24SJens Wiklander {
1285da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha256"));
1295da36a24SJens Wiklander }
130*7dfcefdaSJens Wiklander #endif
1315da36a24SJens Wiklander
132*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA384)
crypto_hmac_sha384_alloc_ctx(struct crypto_mac_ctx ** ctx)1335da36a24SJens Wiklander TEE_Result crypto_hmac_sha384_alloc_ctx(struct crypto_mac_ctx **ctx)
1345da36a24SJens Wiklander {
1355da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha384"));
1365da36a24SJens Wiklander }
137*7dfcefdaSJens Wiklander #endif
1385da36a24SJens Wiklander
139*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA512)
crypto_hmac_sha512_alloc_ctx(struct crypto_mac_ctx ** ctx)1405da36a24SJens Wiklander TEE_Result crypto_hmac_sha512_alloc_ctx(struct crypto_mac_ctx **ctx)
1415da36a24SJens Wiklander {
1425da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha512"));
1435da36a24SJens Wiklander }
144*7dfcefdaSJens Wiklander #endif
145*7dfcefdaSJens Wiklander
146*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA3_224)
crypto_hmac_sha3_224_alloc_ctx(struct crypto_mac_ctx ** ctx)147*7dfcefdaSJens Wiklander TEE_Result crypto_hmac_sha3_224_alloc_ctx(struct crypto_mac_ctx **ctx)
148*7dfcefdaSJens Wiklander {
149*7dfcefdaSJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha3-224"));
150*7dfcefdaSJens Wiklander }
151*7dfcefdaSJens Wiklander #endif
152*7dfcefdaSJens Wiklander
153*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA3_256)
crypto_hmac_sha3_256_alloc_ctx(struct crypto_mac_ctx ** ctx)154*7dfcefdaSJens Wiklander TEE_Result crypto_hmac_sha3_256_alloc_ctx(struct crypto_mac_ctx **ctx)
155*7dfcefdaSJens Wiklander {
156*7dfcefdaSJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha3-256"));
157*7dfcefdaSJens Wiklander }
158*7dfcefdaSJens Wiklander #endif
159*7dfcefdaSJens Wiklander
160*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA3_384)
crypto_hmac_sha3_384_alloc_ctx(struct crypto_mac_ctx ** ctx)161*7dfcefdaSJens Wiklander TEE_Result crypto_hmac_sha3_384_alloc_ctx(struct crypto_mac_ctx **ctx)
162*7dfcefdaSJens Wiklander {
163*7dfcefdaSJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha3-384"));
164*7dfcefdaSJens Wiklander }
165*7dfcefdaSJens Wiklander #endif
166*7dfcefdaSJens Wiklander
167*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHA3_512)
crypto_hmac_sha3_512_alloc_ctx(struct crypto_mac_ctx ** ctx)168*7dfcefdaSJens Wiklander TEE_Result crypto_hmac_sha3_512_alloc_ctx(struct crypto_mac_ctx **ctx)
169*7dfcefdaSJens Wiklander {
170*7dfcefdaSJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha3-512"));
171*7dfcefdaSJens Wiklander }
172*7dfcefdaSJens Wiklander #endif
173