15da36a24SJens Wiklander // SPDX-License-Identifier: BSD-2-Clause 25da36a24SJens Wiklander /* 35da36a24SJens Wiklander * Copyright (c) 2014-2019, Linaro Limited 45da36a24SJens Wiklander */ 55da36a24SJens Wiklander 65da36a24SJens Wiklander #include <assert.h> 75da36a24SJens Wiklander #include <crypto/crypto.h> 85da36a24SJens Wiklander #include <crypto/crypto_impl.h> 95da36a24SJens Wiklander #include <stdlib.h> 105da36a24SJens Wiklander #include <string.h> 115da36a24SJens Wiklander #include <tee_api_types.h> 12*5a913ee7SJerome Forissier #include <tomcrypt_private.h> 135da36a24SJens Wiklander #include <utee_defines.h> 145da36a24SJens Wiklander #include <util.h> 155da36a24SJens Wiklander 165da36a24SJens Wiklander struct ltc_hmac_ctx { 175da36a24SJens Wiklander struct crypto_mac_ctx ctx; 185da36a24SJens Wiklander int hash_idx; 195da36a24SJens Wiklander hmac_state state; 205da36a24SJens Wiklander }; 215da36a24SJens Wiklander 225da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops; 235da36a24SJens Wiklander 245da36a24SJens Wiklander static struct ltc_hmac_ctx *to_hmac_ctx(struct crypto_mac_ctx *ctx) 255da36a24SJens Wiklander { 265da36a24SJens Wiklander assert(ctx && ctx->ops == <c_hmac_ops); 275da36a24SJens Wiklander 285da36a24SJens Wiklander return container_of(ctx, struct ltc_hmac_ctx, ctx); 295da36a24SJens Wiklander } 305da36a24SJens Wiklander 315da36a24SJens Wiklander static TEE_Result ltc_hmac_init(struct crypto_mac_ctx *ctx, const uint8_t *key, 325da36a24SJens Wiklander size_t len) 335da36a24SJens Wiklander { 345da36a24SJens Wiklander struct ltc_hmac_ctx *hc = to_hmac_ctx(ctx); 355da36a24SJens Wiklander 365da36a24SJens Wiklander if (hmac_init(&hc->state, hc->hash_idx, key, len) == CRYPT_OK) 375da36a24SJens Wiklander return TEE_SUCCESS; 385da36a24SJens Wiklander else 395da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 405da36a24SJens Wiklander } 415da36a24SJens Wiklander 425da36a24SJens Wiklander static TEE_Result ltc_hmac_update(struct crypto_mac_ctx *ctx, 435da36a24SJens Wiklander const uint8_t *data, size_t len) 445da36a24SJens Wiklander { 455da36a24SJens Wiklander if (hmac_process(&to_hmac_ctx(ctx)->state, data, len) == CRYPT_OK) 465da36a24SJens Wiklander return TEE_SUCCESS; 475da36a24SJens Wiklander else 485da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 495da36a24SJens Wiklander } 505da36a24SJens Wiklander 515da36a24SJens Wiklander static TEE_Result ltc_hmac_final(struct crypto_mac_ctx *ctx, uint8_t *digest, 525da36a24SJens Wiklander size_t len) 535da36a24SJens Wiklander { 545da36a24SJens Wiklander unsigned long l = len; 555da36a24SJens Wiklander 565da36a24SJens Wiklander if (hmac_done(&to_hmac_ctx(ctx)->state, digest, &l) == CRYPT_OK) 575da36a24SJens Wiklander return TEE_SUCCESS; 585da36a24SJens Wiklander else 595da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 605da36a24SJens Wiklander } 615da36a24SJens Wiklander 625da36a24SJens Wiklander static void ltc_hmac_free_ctx(struct crypto_mac_ctx *ctx) 635da36a24SJens Wiklander { 645da36a24SJens Wiklander free(to_hmac_ctx(ctx)); 655da36a24SJens Wiklander } 665da36a24SJens Wiklander 675da36a24SJens Wiklander static void ltc_hmac_copy_state(struct crypto_mac_ctx *dst_ctx, 685da36a24SJens Wiklander struct crypto_mac_ctx *src_ctx) 695da36a24SJens Wiklander { 705da36a24SJens Wiklander struct ltc_hmac_ctx *src = to_hmac_ctx(src_ctx); 715da36a24SJens Wiklander struct ltc_hmac_ctx *dst = to_hmac_ctx(dst_ctx); 725da36a24SJens Wiklander 735da36a24SJens Wiklander assert(src->hash_idx == dst->hash_idx); 745da36a24SJens Wiklander dst->state = src->state; 755da36a24SJens Wiklander } 765da36a24SJens Wiklander 775da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops = { 785da36a24SJens Wiklander .init = ltc_hmac_init, 795da36a24SJens Wiklander .update = ltc_hmac_update, 805da36a24SJens Wiklander .final = ltc_hmac_final, 815da36a24SJens Wiklander .free_ctx = ltc_hmac_free_ctx, 825da36a24SJens Wiklander .copy_state = ltc_hmac_copy_state, 835da36a24SJens Wiklander }; 845da36a24SJens Wiklander 855da36a24SJens Wiklander static TEE_Result ltc_hmac_alloc_ctx(struct crypto_mac_ctx **ctx_ret, 865da36a24SJens Wiklander int hash_idx) 875da36a24SJens Wiklander { 885da36a24SJens Wiklander struct ltc_hmac_ctx *ctx = NULL; 895da36a24SJens Wiklander 905da36a24SJens Wiklander if (hash_idx < 0) 915da36a24SJens Wiklander return TEE_ERROR_NOT_SUPPORTED; 925da36a24SJens Wiklander 935da36a24SJens Wiklander ctx = calloc(1, sizeof(*ctx)); 945da36a24SJens Wiklander if (!ctx) 955da36a24SJens Wiklander return TEE_ERROR_OUT_OF_MEMORY; 965da36a24SJens Wiklander 975da36a24SJens Wiklander ctx->ctx.ops = <c_hmac_ops; 985da36a24SJens Wiklander ctx->hash_idx = hash_idx; 995da36a24SJens Wiklander *ctx_ret = &ctx->ctx; 1005da36a24SJens Wiklander 1015da36a24SJens Wiklander return TEE_SUCCESS; 1025da36a24SJens Wiklander } 1035da36a24SJens Wiklander 1045da36a24SJens Wiklander TEE_Result crypto_hmac_md5_alloc_ctx(struct crypto_mac_ctx **ctx) 1055da36a24SJens Wiklander { 1065da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("md5")); 1075da36a24SJens Wiklander } 1085da36a24SJens Wiklander 1095da36a24SJens Wiklander TEE_Result crypto_hmac_sha1_alloc_ctx(struct crypto_mac_ctx **ctx) 1105da36a24SJens Wiklander { 1115da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha1")); 1125da36a24SJens Wiklander } 1135da36a24SJens Wiklander 1145da36a24SJens Wiklander TEE_Result crypto_hmac_sha224_alloc_ctx(struct crypto_mac_ctx **ctx) 1155da36a24SJens Wiklander { 1165da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha224")); 1175da36a24SJens Wiklander } 1185da36a24SJens Wiklander 1195da36a24SJens Wiklander TEE_Result crypto_hmac_sha256_alloc_ctx(struct crypto_mac_ctx **ctx) 1205da36a24SJens Wiklander { 1215da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha256")); 1225da36a24SJens Wiklander } 1235da36a24SJens Wiklander 1245da36a24SJens Wiklander TEE_Result crypto_hmac_sha384_alloc_ctx(struct crypto_mac_ctx **ctx) 1255da36a24SJens Wiklander { 1265da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha384")); 1275da36a24SJens Wiklander } 1285da36a24SJens Wiklander 1295da36a24SJens Wiklander TEE_Result crypto_hmac_sha512_alloc_ctx(struct crypto_mac_ctx **ctx) 1305da36a24SJens Wiklander { 1315da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha512")); 1325da36a24SJens Wiklander } 133