xref: /optee_os/core/lib/libtomcrypt/shake.c (revision 7dfcefda2cd455765172b4b300155797a42dee38) 
1*7dfcefdaSJens Wiklander // SPDX-License-Identifier: BSD-2-Clause
2*7dfcefdaSJens Wiklander /*
3*7dfcefdaSJens Wiklander  * Copyright (c) 2022, Linaro Limited
4*7dfcefdaSJens Wiklander  */
5*7dfcefdaSJens Wiklander 
6*7dfcefdaSJens Wiklander #include <crypto/crypto.h>
7*7dfcefdaSJens Wiklander #include <crypto/crypto_impl.h>
8*7dfcefdaSJens Wiklander #include <stdlib.h>
9*7dfcefdaSJens Wiklander #include <string.h>
10*7dfcefdaSJens Wiklander #include <tomcrypt_private.h>
11*7dfcefdaSJens Wiklander #include <utee_defines.h>
12*7dfcefdaSJens Wiklander 
13*7dfcefdaSJens Wiklander struct shake_ctx {
14*7dfcefdaSJens Wiklander 	struct crypto_hash_ctx ctx;
15*7dfcefdaSJens Wiklander 	struct sha3_state sha3;
16*7dfcefdaSJens Wiklander };
17*7dfcefdaSJens Wiklander 
to_shake_ctx(struct crypto_hash_ctx * ctx)18*7dfcefdaSJens Wiklander static struct shake_ctx *to_shake_ctx(struct crypto_hash_ctx *ctx)
19*7dfcefdaSJens Wiklander {
20*7dfcefdaSJens Wiklander 	return container_of(ctx, struct shake_ctx, ctx);
21*7dfcefdaSJens Wiklander }
22*7dfcefdaSJens Wiklander 
do_shake_init(struct crypto_hash_ctx * ctx,unsigned int num)23*7dfcefdaSJens Wiklander static TEE_Result do_shake_init(struct crypto_hash_ctx *ctx, unsigned int num)
24*7dfcefdaSJens Wiklander {
25*7dfcefdaSJens Wiklander 	struct shake_ctx *c = to_shake_ctx(ctx);
26*7dfcefdaSJens Wiklander 
27*7dfcefdaSJens Wiklander 	if (sha3_shake_init((void *)&c->sha3, num) == CRYPT_OK)
28*7dfcefdaSJens Wiklander 		return TEE_SUCCESS;
29*7dfcefdaSJens Wiklander 	else
30*7dfcefdaSJens Wiklander 		return TEE_ERROR_BAD_STATE;
31*7dfcefdaSJens Wiklander }
32*7dfcefdaSJens Wiklander 
do_sha3_update(struct crypto_hash_ctx * ctx,const uint8_t * data,size_t len)33*7dfcefdaSJens Wiklander static TEE_Result do_sha3_update(struct crypto_hash_ctx *ctx,
34*7dfcefdaSJens Wiklander 				 const uint8_t *data, size_t len)
35*7dfcefdaSJens Wiklander {
36*7dfcefdaSJens Wiklander 	struct shake_ctx *c = to_shake_ctx(ctx);
37*7dfcefdaSJens Wiklander 
38*7dfcefdaSJens Wiklander 	if (sha3_process((void *)&c->sha3, data, len) == CRYPT_OK)
39*7dfcefdaSJens Wiklander 		return TEE_SUCCESS;
40*7dfcefdaSJens Wiklander 	else
41*7dfcefdaSJens Wiklander 		return TEE_ERROR_BAD_STATE;
42*7dfcefdaSJens Wiklander }
43*7dfcefdaSJens Wiklander 
do_shake_final(struct crypto_hash_ctx * ctx,uint8_t * digest,size_t len)44*7dfcefdaSJens Wiklander static TEE_Result do_shake_final(struct crypto_hash_ctx *ctx,
45*7dfcefdaSJens Wiklander 				 uint8_t *digest, size_t len)
46*7dfcefdaSJens Wiklander {
47*7dfcefdaSJens Wiklander 	struct shake_ctx *c = to_shake_ctx(ctx);
48*7dfcefdaSJens Wiklander 
49*7dfcefdaSJens Wiklander 	if (sha3_shake_done((void *)&c->sha3, digest, len) == CRYPT_OK)
50*7dfcefdaSJens Wiklander 		return TEE_SUCCESS;
51*7dfcefdaSJens Wiklander 	else
52*7dfcefdaSJens Wiklander 		return TEE_ERROR_BAD_STATE;
53*7dfcefdaSJens Wiklander }
54*7dfcefdaSJens Wiklander 
do_shake_alloc_ctx(struct crypto_hash_ctx ** ctx_ret,const struct crypto_hash_ops * ops)55*7dfcefdaSJens Wiklander static TEE_Result do_shake_alloc_ctx(struct crypto_hash_ctx **ctx_ret,
56*7dfcefdaSJens Wiklander 				    const struct crypto_hash_ops *ops)
57*7dfcefdaSJens Wiklander {
58*7dfcefdaSJens Wiklander 	struct shake_ctx *ctx = calloc(1, sizeof(*ctx));
59*7dfcefdaSJens Wiklander 
60*7dfcefdaSJens Wiklander 	if (!ctx)
61*7dfcefdaSJens Wiklander 		return TEE_ERROR_OUT_OF_MEMORY;
62*7dfcefdaSJens Wiklander 
63*7dfcefdaSJens Wiklander 	ctx->ctx.ops = ops;
64*7dfcefdaSJens Wiklander 	*ctx_ret = &ctx->ctx;
65*7dfcefdaSJens Wiklander 
66*7dfcefdaSJens Wiklander 	return TEE_SUCCESS;
67*7dfcefdaSJens Wiklander }
68*7dfcefdaSJens Wiklander 
do_sha3_free_ctx(struct crypto_hash_ctx * ctx)69*7dfcefdaSJens Wiklander static void do_sha3_free_ctx(struct crypto_hash_ctx *ctx)
70*7dfcefdaSJens Wiklander {
71*7dfcefdaSJens Wiklander 	struct shake_ctx *c = to_shake_ctx(ctx);
72*7dfcefdaSJens Wiklander 
73*7dfcefdaSJens Wiklander 	free(c);
74*7dfcefdaSJens Wiklander }
do_sha3_copy_state(struct crypto_hash_ctx * dst_ctx,struct crypto_hash_ctx * src_ctx)75*7dfcefdaSJens Wiklander static void do_sha3_copy_state(struct crypto_hash_ctx *dst_ctx,
76*7dfcefdaSJens Wiklander 			       struct crypto_hash_ctx *src_ctx)
77*7dfcefdaSJens Wiklander {
78*7dfcefdaSJens Wiklander 	struct shake_ctx *dc = to_shake_ctx(dst_ctx);
79*7dfcefdaSJens Wiklander 	struct shake_ctx *sc = to_shake_ctx(src_ctx);
80*7dfcefdaSJens Wiklander 
81*7dfcefdaSJens Wiklander 	assert(sc->ctx.ops == dc->ctx.ops);
82*7dfcefdaSJens Wiklander 	dc->sha3 = sc->sha3;
83*7dfcefdaSJens Wiklander }
84*7dfcefdaSJens Wiklander 
85*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHAKE128)
do_shake128_init(struct crypto_hash_ctx * ctx)86*7dfcefdaSJens Wiklander static TEE_Result do_shake128_init(struct crypto_hash_ctx *ctx)
87*7dfcefdaSJens Wiklander {
88*7dfcefdaSJens Wiklander 	return do_shake_init(ctx, 128);
89*7dfcefdaSJens Wiklander }
90*7dfcefdaSJens Wiklander 
91*7dfcefdaSJens Wiklander static const struct crypto_hash_ops shake128_ops = {
92*7dfcefdaSJens Wiklander 	.init = do_shake128_init,
93*7dfcefdaSJens Wiklander 	.update = do_sha3_update,
94*7dfcefdaSJens Wiklander 	.final = do_shake_final,
95*7dfcefdaSJens Wiklander 	.free_ctx = do_sha3_free_ctx,
96*7dfcefdaSJens Wiklander 	.copy_state = do_sha3_copy_state,
97*7dfcefdaSJens Wiklander };
98*7dfcefdaSJens Wiklander 
crypto_shake128_alloc_ctx(struct crypto_hash_ctx ** ctx)99*7dfcefdaSJens Wiklander TEE_Result crypto_shake128_alloc_ctx(struct crypto_hash_ctx **ctx)
100*7dfcefdaSJens Wiklander {
101*7dfcefdaSJens Wiklander 	return do_shake_alloc_ctx(ctx, &shake128_ops);
102*7dfcefdaSJens Wiklander }
103*7dfcefdaSJens Wiklander #endif
104*7dfcefdaSJens Wiklander 
105*7dfcefdaSJens Wiklander #if defined(_CFG_CORE_LTC_SHAKE256)
do_shake256_init(struct crypto_hash_ctx * ctx)106*7dfcefdaSJens Wiklander static TEE_Result do_shake256_init(struct crypto_hash_ctx *ctx)
107*7dfcefdaSJens Wiklander {
108*7dfcefdaSJens Wiklander 	return do_shake_init(ctx, 256);
109*7dfcefdaSJens Wiklander }
110*7dfcefdaSJens Wiklander 
111*7dfcefdaSJens Wiklander static const struct crypto_hash_ops shake256_ops = {
112*7dfcefdaSJens Wiklander 	.init = do_shake256_init,
113*7dfcefdaSJens Wiklander 	.update = do_sha3_update,
114*7dfcefdaSJens Wiklander 	.final = do_shake_final,
115*7dfcefdaSJens Wiklander 	.free_ctx = do_sha3_free_ctx,
116*7dfcefdaSJens Wiklander 	.copy_state = do_sha3_copy_state,
117*7dfcefdaSJens Wiklander };
118*7dfcefdaSJens Wiklander 
crypto_shake256_alloc_ctx(struct crypto_hash_ctx ** ctx)119*7dfcefdaSJens Wiklander TEE_Result crypto_shake256_alloc_ctx(struct crypto_hash_ctx **ctx)
120*7dfcefdaSJens Wiklander {
121*7dfcefdaSJens Wiklander 	return do_shake_alloc_ctx(ctx, &shake256_ops);
122*7dfcefdaSJens Wiklander }
123*7dfcefdaSJens Wiklander #endif
124