1*5da36a24SJens Wiklander // SPDX-License-Identifier: BSD-2-Clause 2*5da36a24SJens Wiklander /* 3*5da36a24SJens Wiklander * Copyright (c) 2014-2019, Linaro Limited 4*5da36a24SJens Wiklander */ 5*5da36a24SJens Wiklander 6*5da36a24SJens Wiklander #include <assert.h> 7*5da36a24SJens Wiklander #include <crypto/crypto.h> 8*5da36a24SJens Wiklander #include <crypto/crypto_impl.h> 9*5da36a24SJens Wiklander #include <stdlib.h> 10*5da36a24SJens Wiklander #include <string.h> 11*5da36a24SJens Wiklander #include <tee_api_types.h> 12*5da36a24SJens Wiklander #include <tomcrypt.h> 13*5da36a24SJens Wiklander #include <utee_defines.h> 14*5da36a24SJens Wiklander #include <util.h> 15*5da36a24SJens Wiklander 16*5da36a24SJens Wiklander struct ltc_hmac_ctx { 17*5da36a24SJens Wiklander struct crypto_mac_ctx ctx; 18*5da36a24SJens Wiklander int hash_idx; 19*5da36a24SJens Wiklander hmac_state state; 20*5da36a24SJens Wiklander }; 21*5da36a24SJens Wiklander 22*5da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops; 23*5da36a24SJens Wiklander 24*5da36a24SJens Wiklander static struct ltc_hmac_ctx *to_hmac_ctx(struct crypto_mac_ctx *ctx) 25*5da36a24SJens Wiklander { 26*5da36a24SJens Wiklander assert(ctx && ctx->ops == <c_hmac_ops); 27*5da36a24SJens Wiklander 28*5da36a24SJens Wiklander return container_of(ctx, struct ltc_hmac_ctx, ctx); 29*5da36a24SJens Wiklander } 30*5da36a24SJens Wiklander 31*5da36a24SJens Wiklander static TEE_Result ltc_hmac_init(struct crypto_mac_ctx *ctx, const uint8_t *key, 32*5da36a24SJens Wiklander size_t len) 33*5da36a24SJens Wiklander { 34*5da36a24SJens Wiklander struct ltc_hmac_ctx *hc = to_hmac_ctx(ctx); 35*5da36a24SJens Wiklander 36*5da36a24SJens Wiklander if (hmac_init(&hc->state, hc->hash_idx, key, len) == CRYPT_OK) 37*5da36a24SJens Wiklander return TEE_SUCCESS; 38*5da36a24SJens Wiklander else 39*5da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 40*5da36a24SJens Wiklander } 41*5da36a24SJens Wiklander 42*5da36a24SJens Wiklander static TEE_Result ltc_hmac_update(struct crypto_mac_ctx *ctx, 43*5da36a24SJens Wiklander const uint8_t *data, size_t len) 44*5da36a24SJens Wiklander { 45*5da36a24SJens Wiklander if (hmac_process(&to_hmac_ctx(ctx)->state, data, len) == CRYPT_OK) 46*5da36a24SJens Wiklander return TEE_SUCCESS; 47*5da36a24SJens Wiklander else 48*5da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 49*5da36a24SJens Wiklander } 50*5da36a24SJens Wiklander 51*5da36a24SJens Wiklander static TEE_Result ltc_hmac_final(struct crypto_mac_ctx *ctx, uint8_t *digest, 52*5da36a24SJens Wiklander size_t len) 53*5da36a24SJens Wiklander { 54*5da36a24SJens Wiklander unsigned long l = len; 55*5da36a24SJens Wiklander 56*5da36a24SJens Wiklander if (hmac_done(&to_hmac_ctx(ctx)->state, digest, &l) == CRYPT_OK) 57*5da36a24SJens Wiklander return TEE_SUCCESS; 58*5da36a24SJens Wiklander else 59*5da36a24SJens Wiklander return TEE_ERROR_BAD_STATE; 60*5da36a24SJens Wiklander } 61*5da36a24SJens Wiklander 62*5da36a24SJens Wiklander static void ltc_hmac_free_ctx(struct crypto_mac_ctx *ctx) 63*5da36a24SJens Wiklander { 64*5da36a24SJens Wiklander free(to_hmac_ctx(ctx)); 65*5da36a24SJens Wiklander } 66*5da36a24SJens Wiklander 67*5da36a24SJens Wiklander static void ltc_hmac_copy_state(struct crypto_mac_ctx *dst_ctx, 68*5da36a24SJens Wiklander struct crypto_mac_ctx *src_ctx) 69*5da36a24SJens Wiklander { 70*5da36a24SJens Wiklander struct ltc_hmac_ctx *src = to_hmac_ctx(src_ctx); 71*5da36a24SJens Wiklander struct ltc_hmac_ctx *dst = to_hmac_ctx(dst_ctx); 72*5da36a24SJens Wiklander 73*5da36a24SJens Wiklander assert(src->hash_idx == dst->hash_idx); 74*5da36a24SJens Wiklander dst->state = src->state; 75*5da36a24SJens Wiklander } 76*5da36a24SJens Wiklander 77*5da36a24SJens Wiklander static const struct crypto_mac_ops ltc_hmac_ops = { 78*5da36a24SJens Wiklander .init = ltc_hmac_init, 79*5da36a24SJens Wiklander .update = ltc_hmac_update, 80*5da36a24SJens Wiklander .final = ltc_hmac_final, 81*5da36a24SJens Wiklander .free_ctx = ltc_hmac_free_ctx, 82*5da36a24SJens Wiklander .copy_state = ltc_hmac_copy_state, 83*5da36a24SJens Wiklander }; 84*5da36a24SJens Wiklander 85*5da36a24SJens Wiklander static TEE_Result ltc_hmac_alloc_ctx(struct crypto_mac_ctx **ctx_ret, 86*5da36a24SJens Wiklander int hash_idx) 87*5da36a24SJens Wiklander { 88*5da36a24SJens Wiklander struct ltc_hmac_ctx *ctx = NULL; 89*5da36a24SJens Wiklander 90*5da36a24SJens Wiklander if (hash_idx < 0) 91*5da36a24SJens Wiklander return TEE_ERROR_NOT_SUPPORTED; 92*5da36a24SJens Wiklander 93*5da36a24SJens Wiklander ctx = calloc(1, sizeof(*ctx)); 94*5da36a24SJens Wiklander if (!ctx) 95*5da36a24SJens Wiklander return TEE_ERROR_OUT_OF_MEMORY; 96*5da36a24SJens Wiklander 97*5da36a24SJens Wiklander ctx->ctx.ops = <c_hmac_ops; 98*5da36a24SJens Wiklander ctx->hash_idx = hash_idx; 99*5da36a24SJens Wiklander *ctx_ret = &ctx->ctx; 100*5da36a24SJens Wiklander 101*5da36a24SJens Wiklander return TEE_SUCCESS; 102*5da36a24SJens Wiklander } 103*5da36a24SJens Wiklander 104*5da36a24SJens Wiklander TEE_Result crypto_hmac_md5_alloc_ctx(struct crypto_mac_ctx **ctx) 105*5da36a24SJens Wiklander { 106*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("md5")); 107*5da36a24SJens Wiklander } 108*5da36a24SJens Wiklander 109*5da36a24SJens Wiklander TEE_Result crypto_hmac_sha1_alloc_ctx(struct crypto_mac_ctx **ctx) 110*5da36a24SJens Wiklander { 111*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha1")); 112*5da36a24SJens Wiklander } 113*5da36a24SJens Wiklander 114*5da36a24SJens Wiklander TEE_Result crypto_hmac_sha224_alloc_ctx(struct crypto_mac_ctx **ctx) 115*5da36a24SJens Wiklander { 116*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha224")); 117*5da36a24SJens Wiklander } 118*5da36a24SJens Wiklander 119*5da36a24SJens Wiklander TEE_Result crypto_hmac_sha256_alloc_ctx(struct crypto_mac_ctx **ctx) 120*5da36a24SJens Wiklander { 121*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha256")); 122*5da36a24SJens Wiklander } 123*5da36a24SJens Wiklander 124*5da36a24SJens Wiklander TEE_Result crypto_hmac_sha384_alloc_ctx(struct crypto_mac_ctx **ctx) 125*5da36a24SJens Wiklander { 126*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha384")); 127*5da36a24SJens Wiklander } 128*5da36a24SJens Wiklander 129*5da36a24SJens Wiklander TEE_Result crypto_hmac_sha512_alloc_ctx(struct crypto_mac_ctx **ctx) 130*5da36a24SJens Wiklander { 131*5da36a24SJens Wiklander return ltc_hmac_alloc_ctx(ctx, find_hash("sha512")); 132*5da36a24SJens Wiklander } 133