wolf SSL / wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents:   CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfcrypt/src/hmac.c@17:a5f916481144, 2020-06-05 (annotated)

Committer:
wolfSSL
Date:
Fri Jun 05 00:11:07 2020 +0000
Revision:
17:a5f916481144
Parent:
16:8e0d178b1d1e 
wolfSSL 4.4.0

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 15:117db924cf7c 1 /* hmac.c
wolfSSL 15:117db924cf7c 2 *
wolfSSL 16:8e0d178b1d1e 3 * Copyright (C) 2006-2020 wolfSSL Inc.
wolfSSL 15:117db924cf7c 4 *
wolfSSL 15:117db924cf7c 5 * This file is part of wolfSSL.
wolfSSL 15:117db924cf7c 6 *
wolfSSL 15:117db924cf7c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 15:117db924cf7c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 15:117db924cf7c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 15:117db924cf7c 10 * (at your option) any later version.
wolfSSL 15:117db924cf7c 11 *
wolfSSL 15:117db924cf7c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 15:117db924cf7c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 15:117db924cf7c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 15:117db924cf7c 15 * GNU General Public License for more details.
wolfSSL 15:117db924cf7c 16 *
wolfSSL 15:117db924cf7c 17 * You should have received a copy of the GNU General Public License
wolfSSL 15:117db924cf7c 18 * along with this program; if not, write to the Free Software
wolfSSL 15:117db924cf7c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 15:117db924cf7c 20 */
wolfSSL 15:117db924cf7c 21
wolfSSL 15:117db924cf7c 22
wolfSSL 15:117db924cf7c 23 #ifdef HAVE_CONFIG_H
wolfSSL 15:117db924cf7c 24 #include <config.h>
wolfSSL 15:117db924cf7c 25 #endif
wolfSSL 15:117db924cf7c 26
wolfSSL 15:117db924cf7c 27 #include <wolfssl/wolfcrypt/settings.h>
wolfSSL 15:117db924cf7c 28 #include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL 15:117db924cf7c 29
wolfSSL 15:117db924cf7c 30 #ifndef NO_HMAC
wolfSSL 15:117db924cf7c 31
wolfSSL 15:117db924cf7c 32 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 33 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
wolfSSL 15:117db924cf7c 34
wolfSSL 15:117db924cf7c 35 /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
wolfSSL 15:117db924cf7c 36 #define FIPS_NO_WRAPPERS
wolfSSL 15:117db924cf7c 37
wolfSSL 15:117db924cf7c 38 #ifdef USE_WINDOWS_API
wolfSSL 15:117db924cf7c 39 #pragma code_seg(".fipsA$b")
wolfSSL 15:117db924cf7c 40 #pragma const_seg(".fipsB$b")
wolfSSL 15:117db924cf7c 41 #endif
wolfSSL 15:117db924cf7c 42 #endif
wolfSSL 15:117db924cf7c 43
wolfSSL 15:117db924cf7c 44 #include <wolfssl/wolfcrypt/hmac.h>
wolfSSL 15:117db924cf7c 45
wolfSSL 16:8e0d178b1d1e 46 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 47 #include <wolfssl/wolfcrypt/cryptocb.h>
wolfSSL 16:8e0d178b1d1e 48 #endif
wolfSSL 16:8e0d178b1d1e 49
wolfSSL 15:117db924cf7c 50 #ifdef NO_INLINE
wolfSSL 15:117db924cf7c 51 #include <wolfssl/wolfcrypt/misc.h>
wolfSSL 15:117db924cf7c 52 #else
wolfSSL 15:117db924cf7c 53 #define WOLFSSL_MISC_INCLUDED
wolfSSL 15:117db924cf7c 54 #include <wolfcrypt/src/misc.c>
wolfSSL 15:117db924cf7c 55 #endif
wolfSSL 15:117db924cf7c 56
wolfSSL 15:117db924cf7c 57
wolfSSL 15:117db924cf7c 58 /* fips wrapper calls, user can call direct */
wolfSSL 15:117db924cf7c 59 /* If building for old FIPS. */
wolfSSL 15:117db924cf7c 60 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 61 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
wolfSSL 15:117db924cf7c 62
wolfSSL 15:117db924cf7c 63 /* does init */
wolfSSL 15:117db924cf7c 64 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
wolfSSL 15:117db924cf7c 65 {
wolfSSL 15:117db924cf7c 66 if (hmac == NULL || (key == NULL && keySz != 0) ||
wolfSSL 15:117db924cf7c 67 !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 ||
wolfSSL 16:8e0d178b1d1e 68 type == WC_SHA384 || type == WC_SHA512)) {
wolfSSL 15:117db924cf7c 69 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 70 }
wolfSSL 15:117db924cf7c 71
wolfSSL 15:117db924cf7c 72 return HmacSetKey_fips(hmac, type, key, keySz);
wolfSSL 15:117db924cf7c 73 }
wolfSSL 15:117db924cf7c 74 int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
wolfSSL 15:117db924cf7c 75 {
wolfSSL 15:117db924cf7c 76 if (hmac == NULL || (in == NULL && sz > 0)) {
wolfSSL 15:117db924cf7c 77 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 78 }
wolfSSL 15:117db924cf7c 79
wolfSSL 15:117db924cf7c 80 return HmacUpdate_fips(hmac, in, sz);
wolfSSL 15:117db924cf7c 81 }
wolfSSL 15:117db924cf7c 82 int wc_HmacFinal(Hmac* hmac, byte* out)
wolfSSL 15:117db924cf7c 83 {
wolfSSL 15:117db924cf7c 84 if (hmac == NULL) {
wolfSSL 15:117db924cf7c 85 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 86 }
wolfSSL 15:117db924cf7c 87
wolfSSL 15:117db924cf7c 88 return HmacFinal_fips(hmac, out);
wolfSSL 15:117db924cf7c 89 }
wolfSSL 15:117db924cf7c 90 int wolfSSL_GetHmacMaxSize(void)
wolfSSL 15:117db924cf7c 91 {
wolfSSL 15:117db924cf7c 92 return CyaSSL_GetHmacMaxSize();
wolfSSL 15:117db924cf7c 93 }
wolfSSL 15:117db924cf7c 94
wolfSSL 15:117db924cf7c 95 int wc_HmacInit(Hmac* hmac, void* heap, int devId)
wolfSSL 15:117db924cf7c 96 {
wolfSSL 15:117db924cf7c 97 (void)hmac;
wolfSSL 15:117db924cf7c 98 (void)heap;
wolfSSL 15:117db924cf7c 99 (void)devId;
wolfSSL 15:117db924cf7c 100 /* FIPS doesn't support:
wolfSSL 15:117db924cf7c 101 return HmacInit(hmac, heap, devId); */
wolfSSL 15:117db924cf7c 102 return 0;
wolfSSL 15:117db924cf7c 103 }
wolfSSL 15:117db924cf7c 104 void wc_HmacFree(Hmac* hmac)
wolfSSL 15:117db924cf7c 105 {
wolfSSL 15:117db924cf7c 106 (void)hmac;
wolfSSL 15:117db924cf7c 107 /* FIPS doesn't support:
wolfSSL 15:117db924cf7c 108 HmacFree(hmac); */
wolfSSL 15:117db924cf7c 109 }
wolfSSL 15:117db924cf7c 110
wolfSSL 15:117db924cf7c 111 #ifdef HAVE_HKDF
wolfSSL 15:117db924cf7c 112 int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 113 const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 114 const byte* info, word32 infoSz,
wolfSSL 15:117db924cf7c 115 byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 116 {
wolfSSL 15:117db924cf7c 117 return HKDF(type, inKey, inKeySz, salt, saltSz,
wolfSSL 15:117db924cf7c 118 info, infoSz, out, outSz);
wolfSSL 15:117db924cf7c 119 }
wolfSSL 15:117db924cf7c 120 #endif /* HAVE_HKDF */
wolfSSL 15:117db924cf7c 121
wolfSSL 15:117db924cf7c 122 #else /* else build without fips, or for new fips */
wolfSSL 15:117db924cf7c 123
wolfSSL 15:117db924cf7c 124
wolfSSL 15:117db924cf7c 125 int wc_HmacSizeByType(int type)
wolfSSL 15:117db924cf7c 126 {
wolfSSL 15:117db924cf7c 127 int ret;
wolfSSL 15:117db924cf7c 128
wolfSSL 15:117db924cf7c 129 if (!(type == WC_MD5 || type == WC_SHA ||
wolfSSL 15:117db924cf7c 130 type == WC_SHA224 || type == WC_SHA256 ||
wolfSSL 15:117db924cf7c 131 type == WC_SHA384 || type == WC_SHA512 ||
wolfSSL 15:117db924cf7c 132 type == WC_SHA3_224 || type == WC_SHA3_256 ||
wolfSSL 16:8e0d178b1d1e 133 type == WC_SHA3_384 || type == WC_SHA3_512)) {
wolfSSL 15:117db924cf7c 134 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 135 }
wolfSSL 15:117db924cf7c 136
wolfSSL 15:117db924cf7c 137 switch (type) {
wolfSSL 15:117db924cf7c 138 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 139 case WC_MD5:
wolfSSL 15:117db924cf7c 140 ret = WC_MD5_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 141 break;
wolfSSL 15:117db924cf7c 142 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 143
wolfSSL 15:117db924cf7c 144 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 145 case WC_SHA:
wolfSSL 15:117db924cf7c 146 ret = WC_SHA_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 147 break;
wolfSSL 15:117db924cf7c 148 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 149
wolfSSL 15:117db924cf7c 150 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 151 case WC_SHA224:
wolfSSL 15:117db924cf7c 152 ret = WC_SHA224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 153 break;
wolfSSL 15:117db924cf7c 154 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 155
wolfSSL 15:117db924cf7c 156 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 157 case WC_SHA256:
wolfSSL 15:117db924cf7c 158 ret = WC_SHA256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 159 break;
wolfSSL 15:117db924cf7c 160 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 161
wolfSSL 15:117db924cf7c 162 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 163 case WC_SHA384:
wolfSSL 15:117db924cf7c 164 ret = WC_SHA384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 165 break;
wolfSSL 15:117db924cf7c 166 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 167 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 168 case WC_SHA512:
wolfSSL 15:117db924cf7c 169 ret = WC_SHA512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 170 break;
wolfSSL 15:117db924cf7c 171 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 172
wolfSSL 15:117db924cf7c 173 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 174 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 175 ret = WC_SHA3_224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 176 break;
wolfSSL 15:117db924cf7c 177
wolfSSL 15:117db924cf7c 178 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 179 ret = WC_SHA3_256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 180 break;
wolfSSL 15:117db924cf7c 181
wolfSSL 15:117db924cf7c 182 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 183 ret = WC_SHA3_384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 184 break;
wolfSSL 15:117db924cf7c 185
wolfSSL 15:117db924cf7c 186 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 187 ret = WC_SHA3_512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 188 break;
wolfSSL 15:117db924cf7c 189
wolfSSL 15:117db924cf7c 190 #endif
wolfSSL 15:117db924cf7c 191
wolfSSL 15:117db924cf7c 192 default:
wolfSSL 15:117db924cf7c 193 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 194 break;
wolfSSL 15:117db924cf7c 195 }
wolfSSL 15:117db924cf7c 196
wolfSSL 15:117db924cf7c 197 return ret;
wolfSSL 15:117db924cf7c 198 }
wolfSSL 15:117db924cf7c 199
wolfSSL 15:117db924cf7c 200 int _InitHmac(Hmac* hmac, int type, void* heap)
wolfSSL 15:117db924cf7c 201 {
wolfSSL 15:117db924cf7c 202 int ret = 0;
wolfSSL 15:117db924cf7c 203
wolfSSL 15:117db924cf7c 204 switch (type) {
wolfSSL 15:117db924cf7c 205 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 206 case WC_MD5:
wolfSSL 15:117db924cf7c 207 ret = wc_InitMd5(&hmac->hash.md5);
wolfSSL 15:117db924cf7c 208 break;
wolfSSL 15:117db924cf7c 209 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 210
wolfSSL 15:117db924cf7c 211 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 212 case WC_SHA:
wolfSSL 15:117db924cf7c 213 ret = wc_InitSha(&hmac->hash.sha);
wolfSSL 15:117db924cf7c 214 break;
wolfSSL 15:117db924cf7c 215 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 216
wolfSSL 15:117db924cf7c 217 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 218 case WC_SHA224:
wolfSSL 15:117db924cf7c 219 ret = wc_InitSha224(&hmac->hash.sha224);
wolfSSL 15:117db924cf7c 220 break;
wolfSSL 15:117db924cf7c 221 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 222
wolfSSL 15:117db924cf7c 223 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 224 case WC_SHA256:
wolfSSL 15:117db924cf7c 225 ret = wc_InitSha256(&hmac->hash.sha256);
wolfSSL 15:117db924cf7c 226 break;
wolfSSL 15:117db924cf7c 227 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 228
wolfSSL 15:117db924cf7c 229 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 230 case WC_SHA384:
wolfSSL 15:117db924cf7c 231 ret = wc_InitSha384(&hmac->hash.sha384);
wolfSSL 15:117db924cf7c 232 break;
wolfSSL 15:117db924cf7c 233 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 234 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 235 case WC_SHA512:
wolfSSL 15:117db924cf7c 236 ret = wc_InitSha512(&hmac->hash.sha512);
wolfSSL 15:117db924cf7c 237 break;
wolfSSL 15:117db924cf7c 238 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 239
wolfSSL 15:117db924cf7c 240 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 241 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 242 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 243 ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 244 break;
wolfSSL 16:8e0d178b1d1e 245 #endif
wolfSSL 16:8e0d178b1d1e 246 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 247 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 248 ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 249 break;
wolfSSL 16:8e0d178b1d1e 250 #endif
wolfSSL 16:8e0d178b1d1e 251 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 252 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 253 ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 254 break;
wolfSSL 16:8e0d178b1d1e 255 #endif
wolfSSL 16:8e0d178b1d1e 256 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 257 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 258 ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 259 break;
wolfSSL 15:117db924cf7c 260 #endif
wolfSSL 16:8e0d178b1d1e 261 #endif
wolfSSL 15:117db924cf7c 262
wolfSSL 15:117db924cf7c 263 default:
wolfSSL 15:117db924cf7c 264 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 265 break;
wolfSSL 15:117db924cf7c 266 }
wolfSSL 15:117db924cf7c 267
wolfSSL 15:117db924cf7c 268 /* default to NULL heap hint or test value */
wolfSSL 15:117db924cf7c 269 #ifdef WOLFSSL_HEAP_TEST
wolfSSL 15:117db924cf7c 270 hmac->heap = (void)WOLFSSL_HEAP_TEST;
wolfSSL 15:117db924cf7c 271 #else
wolfSSL 15:117db924cf7c 272 hmac->heap = heap;
wolfSSL 15:117db924cf7c 273 #endif /* WOLFSSL_HEAP_TEST */
wolfSSL 15:117db924cf7c 274
wolfSSL 15:117db924cf7c 275 return ret;
wolfSSL 15:117db924cf7c 276 }
wolfSSL 15:117db924cf7c 277
wolfSSL 15:117db924cf7c 278
wolfSSL 15:117db924cf7c 279 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
wolfSSL 15:117db924cf7c 280 {
wolfSSL 15:117db924cf7c 281 byte* ip;
wolfSSL 15:117db924cf7c 282 byte* op;
wolfSSL 15:117db924cf7c 283 word32 i, hmac_block_size = 0;
wolfSSL 15:117db924cf7c 284 int ret = 0;
wolfSSL 15:117db924cf7c 285 void* heap = NULL;
wolfSSL 15:117db924cf7c 286
wolfSSL 15:117db924cf7c 287 if (hmac == NULL || (key == NULL && length != 0) ||
wolfSSL 15:117db924cf7c 288 !(type == WC_MD5 || type == WC_SHA ||
wolfSSL 15:117db924cf7c 289 type == WC_SHA224 || type == WC_SHA256 ||
wolfSSL 15:117db924cf7c 290 type == WC_SHA384 || type == WC_SHA512 ||
wolfSSL 15:117db924cf7c 291 type == WC_SHA3_224 || type == WC_SHA3_256 ||
wolfSSL 16:8e0d178b1d1e 292 type == WC_SHA3_384 || type == WC_SHA3_512)) {
wolfSSL 15:117db924cf7c 293 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 294 }
wolfSSL 15:117db924cf7c 295
wolfSSL 16:8e0d178b1d1e 296 #ifndef HAVE_FIPS
wolfSSL 16:8e0d178b1d1e 297 /* if set key has already been run then make sure and free existing */
wolfSSL 16:8e0d178b1d1e 298 /* This is for async and PIC32MZ situations, and just normally OK,
wolfSSL 16:8e0d178b1d1e 299 provided the user calls wc_HmacInit() first. That function is not
wolfSSL 16:8e0d178b1d1e 300 available in FIPS builds. In current FIPS builds, the hashes are
wolfSSL 16:8e0d178b1d1e 301 not allocating resources. */
wolfSSL 16:8e0d178b1d1e 302 if (hmac->macType != WC_HASH_TYPE_NONE) {
wolfSSL 16:8e0d178b1d1e 303 wc_HmacFree(hmac);
wolfSSL 16:8e0d178b1d1e 304 }
wolfSSL 16:8e0d178b1d1e 305 #endif
wolfSSL 16:8e0d178b1d1e 306
wolfSSL 15:117db924cf7c 307 hmac->innerHashKeyed = 0;
wolfSSL 15:117db924cf7c 308 hmac->macType = (byte)type;
wolfSSL 15:117db924cf7c 309
wolfSSL 15:117db924cf7c 310 ret = _InitHmac(hmac, type, heap);
wolfSSL 15:117db924cf7c 311 if (ret != 0)
wolfSSL 15:117db924cf7c 312 return ret;
wolfSSL 15:117db924cf7c 313
wolfSSL 15:117db924cf7c 314 #ifdef HAVE_FIPS
wolfSSL 15:117db924cf7c 315 if (length < HMAC_FIPS_MIN_KEY)
wolfSSL 15:117db924cf7c 316 return HMAC_MIN_KEYLEN_E;
wolfSSL 15:117db924cf7c 317 #endif
wolfSSL 15:117db924cf7c 318
wolfSSL 16:8e0d178b1d1e 319 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 320 hmac->keyRaw = key; /* use buffer directly */
wolfSSL 16:8e0d178b1d1e 321 hmac->keyLen = length;
wolfSSL 16:8e0d178b1d1e 322 #endif
wolfSSL 16:8e0d178b1d1e 323
wolfSSL 15:117db924cf7c 324 ip = (byte*)hmac->ipad;
wolfSSL 15:117db924cf7c 325 op = (byte*)hmac->opad;
wolfSSL 15:117db924cf7c 326
wolfSSL 15:117db924cf7c 327 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 328 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 329 case WC_MD5:
wolfSSL 15:117db924cf7c 330 hmac_block_size = WC_MD5_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 331 if (length <= WC_MD5_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 332 if (key != NULL) {
wolfSSL 15:117db924cf7c 333 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 334 }
wolfSSL 15:117db924cf7c 335 }
wolfSSL 15:117db924cf7c 336 else {
wolfSSL 15:117db924cf7c 337 ret = wc_Md5Update(&hmac->hash.md5, key, length);
wolfSSL 15:117db924cf7c 338 if (ret != 0)
wolfSSL 15:117db924cf7c 339 break;
wolfSSL 15:117db924cf7c 340 ret = wc_Md5Final(&hmac->hash.md5, ip);
wolfSSL 15:117db924cf7c 341 if (ret != 0)
wolfSSL 15:117db924cf7c 342 break;
wolfSSL 15:117db924cf7c 343 length = WC_MD5_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 344 }
wolfSSL 15:117db924cf7c 345 break;
wolfSSL 15:117db924cf7c 346 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 347
wolfSSL 15:117db924cf7c 348 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 349 case WC_SHA:
wolfSSL 15:117db924cf7c 350 hmac_block_size = WC_SHA_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 351 if (length <= WC_SHA_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 352 if (key != NULL) {
wolfSSL 15:117db924cf7c 353 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 354 }
wolfSSL 15:117db924cf7c 355 }
wolfSSL 15:117db924cf7c 356 else {
wolfSSL 15:117db924cf7c 357 ret = wc_ShaUpdate(&hmac->hash.sha, key, length);
wolfSSL 15:117db924cf7c 358 if (ret != 0)
wolfSSL 15:117db924cf7c 359 break;
wolfSSL 15:117db924cf7c 360 ret = wc_ShaFinal(&hmac->hash.sha, ip);
wolfSSL 15:117db924cf7c 361 if (ret != 0)
wolfSSL 15:117db924cf7c 362 break;
wolfSSL 15:117db924cf7c 363
wolfSSL 15:117db924cf7c 364 length = WC_SHA_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 365 }
wolfSSL 15:117db924cf7c 366 break;
wolfSSL 15:117db924cf7c 367 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 368
wolfSSL 15:117db924cf7c 369 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 370 case WC_SHA224:
wolfSSL 15:117db924cf7c 371 hmac_block_size = WC_SHA224_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 372 if (length <= WC_SHA224_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 373 if (key != NULL) {
wolfSSL 15:117db924cf7c 374 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 375 }
wolfSSL 15:117db924cf7c 376 }
wolfSSL 15:117db924cf7c 377 else {
wolfSSL 15:117db924cf7c 378 ret = wc_Sha224Update(&hmac->hash.sha224, key, length);
wolfSSL 15:117db924cf7c 379 if (ret != 0)
wolfSSL 15:117db924cf7c 380 break;
wolfSSL 15:117db924cf7c 381 ret = wc_Sha224Final(&hmac->hash.sha224, ip);
wolfSSL 15:117db924cf7c 382 if (ret != 0)
wolfSSL 15:117db924cf7c 383 break;
wolfSSL 15:117db924cf7c 384
wolfSSL 15:117db924cf7c 385 length = WC_SHA224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 386 }
wolfSSL 16:8e0d178b1d1e 387 break;
wolfSSL 15:117db924cf7c 388 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 389 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 390 case WC_SHA256:
wolfSSL 16:8e0d178b1d1e 391 hmac_block_size = WC_SHA256_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 392 if (length <= WC_SHA256_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 393 if (key != NULL) {
wolfSSL 15:117db924cf7c 394 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 395 }
wolfSSL 15:117db924cf7c 396 }
wolfSSL 15:117db924cf7c 397 else {
wolfSSL 15:117db924cf7c 398 ret = wc_Sha256Update(&hmac->hash.sha256, key, length);
wolfSSL 15:117db924cf7c 399 if (ret != 0)
wolfSSL 15:117db924cf7c 400 break;
wolfSSL 15:117db924cf7c 401 ret = wc_Sha256Final(&hmac->hash.sha256, ip);
wolfSSL 15:117db924cf7c 402 if (ret != 0)
wolfSSL 15:117db924cf7c 403 break;
wolfSSL 15:117db924cf7c 404
wolfSSL 15:117db924cf7c 405 length = WC_SHA256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 406 }
wolfSSL 15:117db924cf7c 407 break;
wolfSSL 15:117db924cf7c 408 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 409
wolfSSL 15:117db924cf7c 410 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 411 case WC_SHA384:
wolfSSL 15:117db924cf7c 412 hmac_block_size = WC_SHA384_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 413 if (length <= WC_SHA384_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 414 if (key != NULL) {
wolfSSL 15:117db924cf7c 415 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 416 }
wolfSSL 15:117db924cf7c 417 }
wolfSSL 15:117db924cf7c 418 else {
wolfSSL 15:117db924cf7c 419 ret = wc_Sha384Update(&hmac->hash.sha384, key, length);
wolfSSL 15:117db924cf7c 420 if (ret != 0)
wolfSSL 15:117db924cf7c 421 break;
wolfSSL 15:117db924cf7c 422 ret = wc_Sha384Final(&hmac->hash.sha384, ip);
wolfSSL 15:117db924cf7c 423 if (ret != 0)
wolfSSL 15:117db924cf7c 424 break;
wolfSSL 15:117db924cf7c 425
wolfSSL 15:117db924cf7c 426 length = WC_SHA384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 427 }
wolfSSL 15:117db924cf7c 428 break;
wolfSSL 15:117db924cf7c 429 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 430 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 431 case WC_SHA512:
wolfSSL 15:117db924cf7c 432 hmac_block_size = WC_SHA512_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 433 if (length <= WC_SHA512_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 434 if (key != NULL) {
wolfSSL 15:117db924cf7c 435 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 436 }
wolfSSL 15:117db924cf7c 437 }
wolfSSL 15:117db924cf7c 438 else {
wolfSSL 15:117db924cf7c 439 ret = wc_Sha512Update(&hmac->hash.sha512, key, length);
wolfSSL 15:117db924cf7c 440 if (ret != 0)
wolfSSL 15:117db924cf7c 441 break;
wolfSSL 15:117db924cf7c 442 ret = wc_Sha512Final(&hmac->hash.sha512, ip);
wolfSSL 15:117db924cf7c 443 if (ret != 0)
wolfSSL 15:117db924cf7c 444 break;
wolfSSL 15:117db924cf7c 445
wolfSSL 15:117db924cf7c 446 length = WC_SHA512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 447 }
wolfSSL 15:117db924cf7c 448 break;
wolfSSL 15:117db924cf7c 449 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 450
wolfSSL 15:117db924cf7c 451 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 452 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 453 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 454 hmac_block_size = WC_SHA3_224_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 455 if (length <= WC_SHA3_224_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 456 if (key != NULL) {
wolfSSL 15:117db924cf7c 457 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 458 }
wolfSSL 15:117db924cf7c 459 }
wolfSSL 15:117db924cf7c 460 else {
wolfSSL 15:117db924cf7c 461 ret = wc_Sha3_224_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 462 if (ret != 0)
wolfSSL 15:117db924cf7c 463 break;
wolfSSL 15:117db924cf7c 464 ret = wc_Sha3_224_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 465 if (ret != 0)
wolfSSL 15:117db924cf7c 466 break;
wolfSSL 15:117db924cf7c 467
wolfSSL 15:117db924cf7c 468 length = WC_SHA3_224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 469 }
wolfSSL 15:117db924cf7c 470 break;
wolfSSL 16:8e0d178b1d1e 471 #endif
wolfSSL 16:8e0d178b1d1e 472 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 473 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 474 hmac_block_size = WC_SHA3_256_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 475 if (length <= WC_SHA3_256_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 476 if (key != NULL) {
wolfSSL 15:117db924cf7c 477 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 478 }
wolfSSL 15:117db924cf7c 479 }
wolfSSL 15:117db924cf7c 480 else {
wolfSSL 15:117db924cf7c 481 ret = wc_Sha3_256_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 482 if (ret != 0)
wolfSSL 15:117db924cf7c 483 break;
wolfSSL 15:117db924cf7c 484 ret = wc_Sha3_256_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 485 if (ret != 0)
wolfSSL 15:117db924cf7c 486 break;
wolfSSL 15:117db924cf7c 487
wolfSSL 15:117db924cf7c 488 length = WC_SHA3_256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 489 }
wolfSSL 15:117db924cf7c 490 break;
wolfSSL 16:8e0d178b1d1e 491 #endif
wolfSSL 16:8e0d178b1d1e 492 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 493 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 494 hmac_block_size = WC_SHA3_384_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 495 if (length <= WC_SHA3_384_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 496 if (key != NULL) {
wolfSSL 15:117db924cf7c 497 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 498 }
wolfSSL 15:117db924cf7c 499 }
wolfSSL 15:117db924cf7c 500 else {
wolfSSL 15:117db924cf7c 501 ret = wc_Sha3_384_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 502 if (ret != 0)
wolfSSL 15:117db924cf7c 503 break;
wolfSSL 15:117db924cf7c 504 ret = wc_Sha3_384_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 505 if (ret != 0)
wolfSSL 15:117db924cf7c 506 break;
wolfSSL 15:117db924cf7c 507
wolfSSL 15:117db924cf7c 508 length = WC_SHA3_384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 509 }
wolfSSL 15:117db924cf7c 510 break;
wolfSSL 16:8e0d178b1d1e 511 #endif
wolfSSL 16:8e0d178b1d1e 512 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 513 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 514 hmac_block_size = WC_SHA3_512_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 515 if (length <= WC_SHA3_512_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 516 if (key != NULL) {
wolfSSL 15:117db924cf7c 517 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 518 }
wolfSSL 15:117db924cf7c 519 }
wolfSSL 15:117db924cf7c 520 else {
wolfSSL 15:117db924cf7c 521 ret = wc_Sha3_512_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 522 if (ret != 0)
wolfSSL 15:117db924cf7c 523 break;
wolfSSL 15:117db924cf7c 524 ret = wc_Sha3_512_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 525 if (ret != 0)
wolfSSL 15:117db924cf7c 526 break;
wolfSSL 15:117db924cf7c 527
wolfSSL 15:117db924cf7c 528 length = WC_SHA3_512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 529 }
wolfSSL 15:117db924cf7c 530 break;
wolfSSL 16:8e0d178b1d1e 531 #endif
wolfSSL 15:117db924cf7c 532 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 533
wolfSSL 15:117db924cf7c 534 default:
wolfSSL 15:117db924cf7c 535 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 536 }
wolfSSL 15:117db924cf7c 537
wolfSSL 15:117db924cf7c 538 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 539 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 540 #if defined(HAVE_INTEL_QA) || defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 541 #ifdef HAVE_INTEL_QA
wolfSSL 15:117db924cf7c 542 if (IntelQaHmacGetType(hmac->macType, NULL) == 0)
wolfSSL 15:117db924cf7c 543 #endif
wolfSSL 15:117db924cf7c 544 {
wolfSSL 15:117db924cf7c 545 if (length > hmac_block_size)
wolfSSL 15:117db924cf7c 546 length = hmac_block_size;
wolfSSL 15:117db924cf7c 547 /* update key length */
wolfSSL 15:117db924cf7c 548 hmac->keyLen = (word16)length;
wolfSSL 15:117db924cf7c 549
wolfSSL 15:117db924cf7c 550 return ret;
wolfSSL 15:117db924cf7c 551 }
wolfSSL 15:117db924cf7c 552 /* no need to pad below */
wolfSSL 15:117db924cf7c 553 #endif
wolfSSL 15:117db924cf7c 554 }
wolfSSL 15:117db924cf7c 555 #endif
wolfSSL 15:117db924cf7c 556
wolfSSL 15:117db924cf7c 557 if (ret == 0) {
wolfSSL 15:117db924cf7c 558 if (length < hmac_block_size)
wolfSSL 15:117db924cf7c 559 XMEMSET(ip + length, 0, hmac_block_size - length);
wolfSSL 15:117db924cf7c 560
wolfSSL 15:117db924cf7c 561 for(i = 0; i < hmac_block_size; i++) {
wolfSSL 15:117db924cf7c 562 op[i] = ip[i] ^ OPAD;
wolfSSL 15:117db924cf7c 563 ip[i] ^= IPAD;
wolfSSL 15:117db924cf7c 564 }
wolfSSL 15:117db924cf7c 565 }
wolfSSL 15:117db924cf7c 566
wolfSSL 15:117db924cf7c 567 return ret;
wolfSSL 15:117db924cf7c 568 }
wolfSSL 15:117db924cf7c 569
wolfSSL 15:117db924cf7c 570
wolfSSL 15:117db924cf7c 571 static int HmacKeyInnerHash(Hmac* hmac)
wolfSSL 15:117db924cf7c 572 {
wolfSSL 15:117db924cf7c 573 int ret = 0;
wolfSSL 15:117db924cf7c 574
wolfSSL 15:117db924cf7c 575 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 576 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 577 case WC_MD5:
wolfSSL 15:117db924cf7c 578 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 579 WC_MD5_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 580 break;
wolfSSL 15:117db924cf7c 581 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 582
wolfSSL 15:117db924cf7c 583 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 584 case WC_SHA:
wolfSSL 15:117db924cf7c 585 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 586 WC_SHA_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 587 break;
wolfSSL 15:117db924cf7c 588 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 589
wolfSSL 15:117db924cf7c 590 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 591 case WC_SHA224:
wolfSSL 15:117db924cf7c 592 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 593 WC_SHA224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 594 break;
wolfSSL 15:117db924cf7c 595 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 596 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 597 case WC_SHA256:
wolfSSL 15:117db924cf7c 598 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 599 WC_SHA256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 600 break;
wolfSSL 15:117db924cf7c 601 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 602
wolfSSL 15:117db924cf7c 603 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 604 case WC_SHA384:
wolfSSL 15:117db924cf7c 605 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 606 WC_SHA384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 607 break;
wolfSSL 15:117db924cf7c 608 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 609 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 610 case WC_SHA512:
wolfSSL 15:117db924cf7c 611 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 612 WC_SHA512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 613 break;
wolfSSL 15:117db924cf7c 614 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 615
wolfSSL 15:117db924cf7c 616 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 617 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 618 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 619 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 620 WC_SHA3_224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 621 break;
wolfSSL 16:8e0d178b1d1e 622 #endif
wolfSSL 16:8e0d178b1d1e 623 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 624 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 625 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 626 WC_SHA3_256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 627 break;
wolfSSL 16:8e0d178b1d1e 628 #endif
wolfSSL 16:8e0d178b1d1e 629 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 630 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 631 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 632 WC_SHA3_384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 633 break;
wolfSSL 16:8e0d178b1d1e 634 #endif
wolfSSL 16:8e0d178b1d1e 635 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 636 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 637 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 16:8e0d178b1d1e 638 WC_SHA3_512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 639 break;
wolfSSL 16:8e0d178b1d1e 640 #endif
wolfSSL 15:117db924cf7c 641 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 642
wolfSSL 15:117db924cf7c 643 default:
wolfSSL 15:117db924cf7c 644 break;
wolfSSL 15:117db924cf7c 645 }
wolfSSL 15:117db924cf7c 646
wolfSSL 15:117db924cf7c 647 if (ret == 0)
wolfSSL 16:8e0d178b1d1e 648 hmac->innerHashKeyed = WC_HMAC_INNER_HASH_KEYED_SW;
wolfSSL 15:117db924cf7c 649
wolfSSL 15:117db924cf7c 650 return ret;
wolfSSL 15:117db924cf7c 651 }
wolfSSL 15:117db924cf7c 652
wolfSSL 15:117db924cf7c 653
wolfSSL 15:117db924cf7c 654 int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
wolfSSL 15:117db924cf7c 655 {
wolfSSL 15:117db924cf7c 656 int ret = 0;
wolfSSL 15:117db924cf7c 657
wolfSSL 15:117db924cf7c 658 if (hmac == NULL || (msg == NULL && length > 0)) {
wolfSSL 15:117db924cf7c 659 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 660 }
wolfSSL 15:117db924cf7c 661
wolfSSL 16:8e0d178b1d1e 662 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 663 if (hmac->devId != INVALID_DEVID) {
wolfSSL 16:8e0d178b1d1e 664 ret = wc_CryptoCb_Hmac(hmac, hmac->macType, msg, length, NULL);
wolfSSL 16:8e0d178b1d1e 665 if (ret != CRYPTOCB_UNAVAILABLE)
wolfSSL 16:8e0d178b1d1e 666 return ret;
wolfSSL 16:8e0d178b1d1e 667 /* fall-through when unavailable */
wolfSSL 16:8e0d178b1d1e 668 ret = 0; /* reset error code */
wolfSSL 16:8e0d178b1d1e 669 }
wolfSSL 16:8e0d178b1d1e 670 #endif
wolfSSL 15:117db924cf7c 671 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 672 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 673 #if defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 674 return NitroxHmacUpdate(hmac, msg, length);
wolfSSL 15:117db924cf7c 675 #elif defined(HAVE_INTEL_QA)
wolfSSL 15:117db924cf7c 676 if (IntelQaHmacGetType(hmac->macType, NULL) == 0) {
wolfSSL 15:117db924cf7c 677 return IntelQaHmac(&hmac->asyncDev, hmac->macType,
wolfSSL 15:117db924cf7c 678 (byte*)hmac->ipad, hmac->keyLen, NULL, msg, length);
wolfSSL 15:117db924cf7c 679 }
wolfSSL 15:117db924cf7c 680 #endif
wolfSSL 15:117db924cf7c 681 }
wolfSSL 15:117db924cf7c 682 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 683
wolfSSL 15:117db924cf7c 684 if (!hmac->innerHashKeyed) {
wolfSSL 15:117db924cf7c 685 ret = HmacKeyInnerHash(hmac);
wolfSSL 15:117db924cf7c 686 if (ret != 0)
wolfSSL 15:117db924cf7c 687 return ret;
wolfSSL 15:117db924cf7c 688 }
wolfSSL 15:117db924cf7c 689
wolfSSL 15:117db924cf7c 690 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 691 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 692 case WC_MD5:
wolfSSL 15:117db924cf7c 693 ret = wc_Md5Update(&hmac->hash.md5, msg, length);
wolfSSL 15:117db924cf7c 694 break;
wolfSSL 15:117db924cf7c 695 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 696
wolfSSL 15:117db924cf7c 697 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 698 case WC_SHA:
wolfSSL 15:117db924cf7c 699 ret = wc_ShaUpdate(&hmac->hash.sha, msg, length);
wolfSSL 15:117db924cf7c 700 break;
wolfSSL 15:117db924cf7c 701 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 702
wolfSSL 15:117db924cf7c 703 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 704 case WC_SHA224:
wolfSSL 15:117db924cf7c 705 ret = wc_Sha224Update(&hmac->hash.sha224, msg, length);
wolfSSL 15:117db924cf7c 706 break;
wolfSSL 15:117db924cf7c 707 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 708
wolfSSL 15:117db924cf7c 709 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 710 case WC_SHA256:
wolfSSL 15:117db924cf7c 711 ret = wc_Sha256Update(&hmac->hash.sha256, msg, length);
wolfSSL 15:117db924cf7c 712 break;
wolfSSL 15:117db924cf7c 713 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 714
wolfSSL 15:117db924cf7c 715 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 716 case WC_SHA384:
wolfSSL 15:117db924cf7c 717 ret = wc_Sha384Update(&hmac->hash.sha384, msg, length);
wolfSSL 15:117db924cf7c 718 break;
wolfSSL 15:117db924cf7c 719 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 720 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 721 case WC_SHA512:
wolfSSL 15:117db924cf7c 722 ret = wc_Sha512Update(&hmac->hash.sha512, msg, length);
wolfSSL 15:117db924cf7c 723 break;
wolfSSL 15:117db924cf7c 724 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 725
wolfSSL 15:117db924cf7c 726 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 727 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 728 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 729 ret = wc_Sha3_224_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 730 break;
wolfSSL 16:8e0d178b1d1e 731 #endif
wolfSSL 16:8e0d178b1d1e 732 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 733 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 734 ret = wc_Sha3_256_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 735 break;
wolfSSL 16:8e0d178b1d1e 736 #endif
wolfSSL 16:8e0d178b1d1e 737 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 738 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 739 ret = wc_Sha3_384_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 740 break;
wolfSSL 16:8e0d178b1d1e 741 #endif
wolfSSL 16:8e0d178b1d1e 742 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 743 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 744 ret = wc_Sha3_512_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 745 break;
wolfSSL 16:8e0d178b1d1e 746 #endif
wolfSSL 15:117db924cf7c 747 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 748
wolfSSL 15:117db924cf7c 749 default:
wolfSSL 15:117db924cf7c 750 break;
wolfSSL 15:117db924cf7c 751 }
wolfSSL 15:117db924cf7c 752
wolfSSL 15:117db924cf7c 753 return ret;
wolfSSL 15:117db924cf7c 754 }
wolfSSL 15:117db924cf7c 755
wolfSSL 15:117db924cf7c 756
wolfSSL 15:117db924cf7c 757 int wc_HmacFinal(Hmac* hmac, byte* hash)
wolfSSL 15:117db924cf7c 758 {
wolfSSL 15:117db924cf7c 759 int ret;
wolfSSL 15:117db924cf7c 760
wolfSSL 15:117db924cf7c 761 if (hmac == NULL || hash == NULL) {
wolfSSL 15:117db924cf7c 762 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 763 }
wolfSSL 15:117db924cf7c 764
wolfSSL 16:8e0d178b1d1e 765 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 766 if (hmac->devId != INVALID_DEVID) {
wolfSSL 16:8e0d178b1d1e 767 ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, hash);
wolfSSL 16:8e0d178b1d1e 768 if (ret != CRYPTOCB_UNAVAILABLE)
wolfSSL 16:8e0d178b1d1e 769 return ret;
wolfSSL 16:8e0d178b1d1e 770 /* fall-through when unavailable */
wolfSSL 16:8e0d178b1d1e 771 }
wolfSSL 16:8e0d178b1d1e 772 #endif
wolfSSL 15:117db924cf7c 773 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 774 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 775 int hashLen = wc_HmacSizeByType(hmac->macType);
wolfSSL 15:117db924cf7c 776 if (hashLen <= 0)
wolfSSL 15:117db924cf7c 777 return hashLen;
wolfSSL 15:117db924cf7c 778
wolfSSL 15:117db924cf7c 779 #if defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 780 return NitroxHmacFinal(hmac, hash, hashLen);
wolfSSL 15:117db924cf7c 781 #elif defined(HAVE_INTEL_QA)
wolfSSL 15:117db924cf7c 782 if (IntelQaHmacGetType(hmac->macType, NULL) == 0) {
wolfSSL 15:117db924cf7c 783 return IntelQaHmac(&hmac->asyncDev, hmac->macType,
wolfSSL 15:117db924cf7c 784 (byte*)hmac->ipad, hmac->keyLen, hash, NULL, hashLen);
wolfSSL 15:117db924cf7c 785 }
wolfSSL 15:117db924cf7c 786 #endif
wolfSSL 15:117db924cf7c 787 }
wolfSSL 15:117db924cf7c 788 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 789
wolfSSL 15:117db924cf7c 790 if (!hmac->innerHashKeyed) {
wolfSSL 15:117db924cf7c 791 ret = HmacKeyInnerHash(hmac);
wolfSSL 15:117db924cf7c 792 if (ret != 0)
wolfSSL 15:117db924cf7c 793 return ret;
wolfSSL 15:117db924cf7c 794 }
wolfSSL 15:117db924cf7c 795
wolfSSL 15:117db924cf7c 796 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 797 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 798 case WC_MD5:
wolfSSL 15:117db924cf7c 799 ret = wc_Md5Final(&hmac->hash.md5, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 800 if (ret != 0)
wolfSSL 15:117db924cf7c 801 break;
wolfSSL 15:117db924cf7c 802 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 803 WC_MD5_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 804 if (ret != 0)
wolfSSL 15:117db924cf7c 805 break;
wolfSSL 15:117db924cf7c 806 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 807 WC_MD5_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 808 if (ret != 0)
wolfSSL 15:117db924cf7c 809 break;
wolfSSL 15:117db924cf7c 810 ret = wc_Md5Final(&hmac->hash.md5, hash);
wolfSSL 15:117db924cf7c 811 break;
wolfSSL 15:117db924cf7c 812 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 813
wolfSSL 15:117db924cf7c 814 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 815 case WC_SHA:
wolfSSL 15:117db924cf7c 816 ret = wc_ShaFinal(&hmac->hash.sha, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 817 if (ret != 0)
wolfSSL 15:117db924cf7c 818 break;
wolfSSL 15:117db924cf7c 819 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 820 WC_SHA_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 821 if (ret != 0)
wolfSSL 15:117db924cf7c 822 break;
wolfSSL 15:117db924cf7c 823 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 824 WC_SHA_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 825 if (ret != 0)
wolfSSL 15:117db924cf7c 826 break;
wolfSSL 15:117db924cf7c 827 ret = wc_ShaFinal(&hmac->hash.sha, hash);
wolfSSL 15:117db924cf7c 828 break;
wolfSSL 15:117db924cf7c 829 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 830
wolfSSL 15:117db924cf7c 831 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 832 case WC_SHA224:
wolfSSL 15:117db924cf7c 833 ret = wc_Sha224Final(&hmac->hash.sha224, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 834 if (ret != 0)
wolfSSL 15:117db924cf7c 835 break;
wolfSSL 15:117db924cf7c 836 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 837 WC_SHA224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 838 if (ret != 0)
wolfSSL 15:117db924cf7c 839 break;
wolfSSL 15:117db924cf7c 840 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 841 WC_SHA224_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 842 if (ret != 0)
wolfSSL 15:117db924cf7c 843 break;
wolfSSL 15:117db924cf7c 844 ret = wc_Sha224Final(&hmac->hash.sha224, hash);
wolfSSL 15:117db924cf7c 845 if (ret != 0)
wolfSSL 15:117db924cf7c 846 break;
wolfSSL 16:8e0d178b1d1e 847 break;
wolfSSL 15:117db924cf7c 848 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 849 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 850 case WC_SHA256:
wolfSSL 15:117db924cf7c 851 ret = wc_Sha256Final(&hmac->hash.sha256, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 852 if (ret != 0)
wolfSSL 15:117db924cf7c 853 break;
wolfSSL 15:117db924cf7c 854 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 855 WC_SHA256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 856 if (ret != 0)
wolfSSL 15:117db924cf7c 857 break;
wolfSSL 15:117db924cf7c 858 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 859 WC_SHA256_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 860 if (ret != 0)
wolfSSL 15:117db924cf7c 861 break;
wolfSSL 15:117db924cf7c 862 ret = wc_Sha256Final(&hmac->hash.sha256, hash);
wolfSSL 15:117db924cf7c 863 break;
wolfSSL 15:117db924cf7c 864 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 865
wolfSSL 15:117db924cf7c 866 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 867 case WC_SHA384:
wolfSSL 15:117db924cf7c 868 ret = wc_Sha384Final(&hmac->hash.sha384, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 869 if (ret != 0)
wolfSSL 15:117db924cf7c 870 break;
wolfSSL 15:117db924cf7c 871 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 872 WC_SHA384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 873 if (ret != 0)
wolfSSL 15:117db924cf7c 874 break;
wolfSSL 15:117db924cf7c 875 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 876 WC_SHA384_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 877 if (ret != 0)
wolfSSL 15:117db924cf7c 878 break;
wolfSSL 15:117db924cf7c 879 ret = wc_Sha384Final(&hmac->hash.sha384, hash);
wolfSSL 15:117db924cf7c 880 break;
wolfSSL 15:117db924cf7c 881 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 882 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 883 case WC_SHA512:
wolfSSL 15:117db924cf7c 884 ret = wc_Sha512Final(&hmac->hash.sha512, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 885 if (ret != 0)
wolfSSL 15:117db924cf7c 886 break;
wolfSSL 15:117db924cf7c 887 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 888 WC_SHA512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 889 if (ret != 0)
wolfSSL 15:117db924cf7c 890 break;
wolfSSL 15:117db924cf7c 891 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 892 WC_SHA512_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 893 if (ret != 0)
wolfSSL 15:117db924cf7c 894 break;
wolfSSL 15:117db924cf7c 895 ret = wc_Sha512Final(&hmac->hash.sha512, hash);
wolfSSL 15:117db924cf7c 896 break;
wolfSSL 15:117db924cf7c 897 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 898
wolfSSL 15:117db924cf7c 899 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 900 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 901 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 902 ret = wc_Sha3_224_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 903 if (ret != 0)
wolfSSL 15:117db924cf7c 904 break;
wolfSSL 15:117db924cf7c 905 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 906 WC_SHA3_224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 907 if (ret != 0)
wolfSSL 15:117db924cf7c 908 break;
wolfSSL 15:117db924cf7c 909 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 910 WC_SHA3_224_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 911 if (ret != 0)
wolfSSL 15:117db924cf7c 912 break;
wolfSSL 15:117db924cf7c 913 ret = wc_Sha3_224_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 914 break;
wolfSSL 16:8e0d178b1d1e 915 #endif
wolfSSL 16:8e0d178b1d1e 916 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 917 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 918 ret = wc_Sha3_256_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 919 if (ret != 0)
wolfSSL 15:117db924cf7c 920 break;
wolfSSL 15:117db924cf7c 921 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 922 WC_SHA3_256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 923 if (ret != 0)
wolfSSL 15:117db924cf7c 924 break;
wolfSSL 15:117db924cf7c 925 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 926 WC_SHA3_256_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 927 if (ret != 0)
wolfSSL 15:117db924cf7c 928 break;
wolfSSL 15:117db924cf7c 929 ret = wc_Sha3_256_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 930 break;
wolfSSL 16:8e0d178b1d1e 931 #endif
wolfSSL 16:8e0d178b1d1e 932 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 933 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 934 ret = wc_Sha3_384_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 935 if (ret != 0)
wolfSSL 15:117db924cf7c 936 break;
wolfSSL 15:117db924cf7c 937 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 938 WC_SHA3_384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 939 if (ret != 0)
wolfSSL 15:117db924cf7c 940 break;
wolfSSL 15:117db924cf7c 941 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 942 WC_SHA3_384_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 943 if (ret != 0)
wolfSSL 15:117db924cf7c 944 break;
wolfSSL 15:117db924cf7c 945 ret = wc_Sha3_384_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 946 break;
wolfSSL 16:8e0d178b1d1e 947 #endif
wolfSSL 16:8e0d178b1d1e 948 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 949 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 950 ret = wc_Sha3_512_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 951 if (ret != 0)
wolfSSL 15:117db924cf7c 952 break;
wolfSSL 15:117db924cf7c 953 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 16:8e0d178b1d1e 954 WC_SHA3_512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 955 if (ret != 0)
wolfSSL 15:117db924cf7c 956 break;
wolfSSL 15:117db924cf7c 957 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 16:8e0d178b1d1e 958 WC_SHA3_512_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 959 if (ret != 0)
wolfSSL 15:117db924cf7c 960 break;
wolfSSL 15:117db924cf7c 961 ret = wc_Sha3_512_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 962 break;
wolfSSL 16:8e0d178b1d1e 963 #endif
wolfSSL 15:117db924cf7c 964 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 965
wolfSSL 15:117db924cf7c 966 default:
wolfSSL 15:117db924cf7c 967 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 968 break;
wolfSSL 15:117db924cf7c 969 }
wolfSSL 15:117db924cf7c 970
wolfSSL 15:117db924cf7c 971 if (ret == 0) {
wolfSSL 15:117db924cf7c 972 hmac->innerHashKeyed = 0;
wolfSSL 15:117db924cf7c 973 }
wolfSSL 15:117db924cf7c 974
wolfSSL 15:117db924cf7c 975 return ret;
wolfSSL 15:117db924cf7c 976 }
wolfSSL 15:117db924cf7c 977
wolfSSL 15:117db924cf7c 978
wolfSSL 15:117db924cf7c 979 /* Initialize Hmac for use with async device */
wolfSSL 15:117db924cf7c 980 int wc_HmacInit(Hmac* hmac, void* heap, int devId)
wolfSSL 15:117db924cf7c 981 {
wolfSSL 15:117db924cf7c 982 int ret = 0;
wolfSSL 15:117db924cf7c 983
wolfSSL 15:117db924cf7c 984 if (hmac == NULL)
wolfSSL 15:117db924cf7c 985 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 986
wolfSSL 15:117db924cf7c 987 XMEMSET(hmac, 0, sizeof(Hmac));
wolfSSL 16:8e0d178b1d1e 988 hmac->macType = WC_HASH_TYPE_NONE;
wolfSSL 15:117db924cf7c 989 hmac->heap = heap;
wolfSSL 16:8e0d178b1d1e 990 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 991 hmac->devId = devId;
wolfSSL 16:8e0d178b1d1e 992 hmac->devCtx = NULL;
wolfSSL 16:8e0d178b1d1e 993 #endif
wolfSSL 15:117db924cf7c 994
wolfSSL 15:117db924cf7c 995 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 996 ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC,
wolfSSL 15:117db924cf7c 997 hmac->heap, devId);
wolfSSL 15:117db924cf7c 998 #else
wolfSSL 15:117db924cf7c 999 (void)devId;
wolfSSL 15:117db924cf7c 1000 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 1001
wolfSSL 15:117db924cf7c 1002 return ret;
wolfSSL 15:117db924cf7c 1003 }
wolfSSL 15:117db924cf7c 1004
wolfSSL 16:8e0d178b1d1e 1005 #ifdef HAVE_PKCS11
wolfSSL 16:8e0d178b1d1e 1006 int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,
wolfSSL 16:8e0d178b1d1e 1007 int devId)
wolfSSL 16:8e0d178b1d1e 1008 {
wolfSSL 16:8e0d178b1d1e 1009 int ret = 0;
wolfSSL 16:8e0d178b1d1e 1010
wolfSSL 16:8e0d178b1d1e 1011 if (hmac == NULL)
wolfSSL 16:8e0d178b1d1e 1012 ret = BAD_FUNC_ARG;
wolfSSL 16:8e0d178b1d1e 1013 if (ret == 0 && (len < 0 || len > HMAC_MAX_ID_LEN))
wolfSSL 16:8e0d178b1d1e 1014 ret = BUFFER_E;
wolfSSL 16:8e0d178b1d1e 1015
wolfSSL 16:8e0d178b1d1e 1016 if (ret == 0)
wolfSSL 16:8e0d178b1d1e 1017 ret = wc_HmacInit(hmac, heap, devId);
wolfSSL 16:8e0d178b1d1e 1018 if (ret == 0) {
wolfSSL 16:8e0d178b1d1e 1019 XMEMCPY(hmac->id, id, len);
wolfSSL 16:8e0d178b1d1e 1020 hmac->idLen = len;
wolfSSL 16:8e0d178b1d1e 1021 }
wolfSSL 16:8e0d178b1d1e 1022
wolfSSL 16:8e0d178b1d1e 1023 return ret;
wolfSSL 16:8e0d178b1d1e 1024 }
wolfSSL 16:8e0d178b1d1e 1025 #endif
wolfSSL 16:8e0d178b1d1e 1026
wolfSSL 15:117db924cf7c 1027 /* Free Hmac from use with async device */
wolfSSL 15:117db924cf7c 1028 void wc_HmacFree(Hmac* hmac)
wolfSSL 15:117db924cf7c 1029 {
wolfSSL 15:117db924cf7c 1030 if (hmac == NULL)
wolfSSL 15:117db924cf7c 1031 return;
wolfSSL 15:117db924cf7c 1032
wolfSSL 16:8e0d178b1d1e 1033 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 1034 /* handle cleanup case where final is not called */
wolfSSL 16:8e0d178b1d1e 1035 if (hmac->devId != INVALID_DEVID && hmac->devCtx != NULL) {
wolfSSL 16:8e0d178b1d1e 1036 int ret;
wolfSSL 16:8e0d178b1d1e 1037 byte finalHash[WC_HMAC_BLOCK_SIZE];
wolfSSL 16:8e0d178b1d1e 1038 ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, finalHash);
wolfSSL 16:8e0d178b1d1e 1039 (void)ret; /* must ignore return code here */
wolfSSL 16:8e0d178b1d1e 1040 (void)finalHash;
wolfSSL 16:8e0d178b1d1e 1041 }
wolfSSL 16:8e0d178b1d1e 1042 #endif
wolfSSL 16:8e0d178b1d1e 1043
wolfSSL 15:117db924cf7c 1044 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 1045 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 1046 case WC_MD5:
wolfSSL 15:117db924cf7c 1047 wc_Md5Free(&hmac->hash.md5);
wolfSSL 15:117db924cf7c 1048 break;
wolfSSL 15:117db924cf7c 1049 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 1050
wolfSSL 15:117db924cf7c 1051 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 1052 case WC_SHA:
wolfSSL 15:117db924cf7c 1053 wc_ShaFree(&hmac->hash.sha);
wolfSSL 15:117db924cf7c 1054 break;
wolfSSL 15:117db924cf7c 1055 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 1056
wolfSSL 15:117db924cf7c 1057 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 1058 case WC_SHA224:
wolfSSL 15:117db924cf7c 1059 wc_Sha224Free(&hmac->hash.sha224);
wolfSSL 15:117db924cf7c 1060 break;
wolfSSL 15:117db924cf7c 1061 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 1062 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 1063 case WC_SHA256:
wolfSSL 15:117db924cf7c 1064 wc_Sha256Free(&hmac->hash.sha256);
wolfSSL 15:117db924cf7c 1065 break;
wolfSSL 15:117db924cf7c 1066 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 1067
wolfSSL 15:117db924cf7c 1068 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 1069 case WC_SHA384:
wolfSSL 15:117db924cf7c 1070 wc_Sha384Free(&hmac->hash.sha384);
wolfSSL 15:117db924cf7c 1071 break;
wolfSSL 15:117db924cf7c 1072 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 1073 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 1074 case WC_SHA512:
wolfSSL 15:117db924cf7c 1075 wc_Sha512Free(&hmac->hash.sha512);
wolfSSL 15:117db924cf7c 1076 break;
wolfSSL 15:117db924cf7c 1077 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 1078
wolfSSL 15:117db924cf7c 1079 #ifdef WOLFSSL_SHA3
wolfSSL 16:8e0d178b1d1e 1080 #ifndef WOLFSSL_NOSHA3_224
wolfSSL 15:117db924cf7c 1081 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 1082 wc_Sha3_224_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1083 break;
wolfSSL 16:8e0d178b1d1e 1084 #endif
wolfSSL 16:8e0d178b1d1e 1085 #ifndef WOLFSSL_NOSHA3_256
wolfSSL 15:117db924cf7c 1086 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 1087 wc_Sha3_256_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1088 break;
wolfSSL 16:8e0d178b1d1e 1089 #endif
wolfSSL 16:8e0d178b1d1e 1090 #ifndef WOLFSSL_NOSHA3_384
wolfSSL 15:117db924cf7c 1091 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 1092 wc_Sha3_384_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1093 break;
wolfSSL 16:8e0d178b1d1e 1094 #endif
wolfSSL 16:8e0d178b1d1e 1095 #ifndef WOLFSSL_NOSHA3_512
wolfSSL 15:117db924cf7c 1096 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 1097 wc_Sha3_512_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1098 break;
wolfSSL 16:8e0d178b1d1e 1099 #endif
wolfSSL 15:117db924cf7c 1100 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 1101
wolfSSL 15:117db924cf7c 1102 default:
wolfSSL 15:117db924cf7c 1103 break;
wolfSSL 15:117db924cf7c 1104 }
wolfSSL 15:117db924cf7c 1105
wolfSSL 15:117db924cf7c 1106 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 1107 wolfAsync_DevCtxFree(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC);
wolfSSL 15:117db924cf7c 1108 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 16:8e0d178b1d1e 1109
wolfSSL 16:8e0d178b1d1e 1110 switch (hmac->macType) {
wolfSSL 16:8e0d178b1d1e 1111 #ifndef NO_MD5
wolfSSL 16:8e0d178b1d1e 1112 case WC_MD5:
wolfSSL 16:8e0d178b1d1e 1113 wc_Md5Free(&hmac->hash.md5);
wolfSSL 16:8e0d178b1d1e 1114 break;
wolfSSL 16:8e0d178b1d1e 1115 #endif /* !NO_MD5 */
wolfSSL 16:8e0d178b1d1e 1116
wolfSSL 16:8e0d178b1d1e 1117 #ifndef NO_SHA
wolfSSL 16:8e0d178b1d1e 1118 case WC_SHA:
wolfSSL 16:8e0d178b1d1e 1119 wc_ShaFree(&hmac->hash.sha);
wolfSSL 16:8e0d178b1d1e 1120 break;
wolfSSL 16:8e0d178b1d1e 1121 #endif /* !NO_SHA */
wolfSSL 16:8e0d178b1d1e 1122
wolfSSL 16:8e0d178b1d1e 1123 #ifdef WOLFSSL_SHA224
wolfSSL 16:8e0d178b1d1e 1124 case WC_SHA224:
wolfSSL 16:8e0d178b1d1e 1125 wc_Sha224Free(&hmac->hash.sha224);
wolfSSL 16:8e0d178b1d1e 1126 break;
wolfSSL 16:8e0d178b1d1e 1127 #endif /* WOLFSSL_SHA224 */
wolfSSL 16:8e0d178b1d1e 1128 #ifndef NO_SHA256
wolfSSL 16:8e0d178b1d1e 1129 case WC_SHA256:
wolfSSL 16:8e0d178b1d1e 1130 wc_Sha256Free(&hmac->hash.sha256);
wolfSSL 16:8e0d178b1d1e 1131 break;
wolfSSL 16:8e0d178b1d1e 1132 #endif /* !NO_SHA256 */
wolfSSL 16:8e0d178b1d1e 1133
wolfSSL 16:8e0d178b1d1e 1134 #ifdef WOLFSSL_SHA512
wolfSSL 16:8e0d178b1d1e 1135 #ifdef WOLFSSL_SHA384
wolfSSL 16:8e0d178b1d1e 1136 case WC_SHA384:
wolfSSL 16:8e0d178b1d1e 1137 wc_Sha384Free(&hmac->hash.sha384);
wolfSSL 16:8e0d178b1d1e 1138 break;
wolfSSL 16:8e0d178b1d1e 1139 #endif /* WOLFSSL_SHA384 */
wolfSSL 16:8e0d178b1d1e 1140 case WC_SHA512:
wolfSSL 16:8e0d178b1d1e 1141 wc_Sha512Free(&hmac->hash.sha512);
wolfSSL 16:8e0d178b1d1e 1142 break;
wolfSSL 16:8e0d178b1d1e 1143 #endif /* WOLFSSL_SHA512 */
wolfSSL 16:8e0d178b1d1e 1144 }
wolfSSL 15:117db924cf7c 1145 }
wolfSSL 15:117db924cf7c 1146
wolfSSL 15:117db924cf7c 1147 int wolfSSL_GetHmacMaxSize(void)
wolfSSL 15:117db924cf7c 1148 {
wolfSSL 15:117db924cf7c 1149 return WC_MAX_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1150 }
wolfSSL 15:117db924cf7c 1151
wolfSSL 15:117db924cf7c 1152 #ifdef HAVE_HKDF
wolfSSL 15:117db924cf7c 1153 /* HMAC-KDF-Extract.
wolfSSL 15:117db924cf7c 1154 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1155 *
wolfSSL 15:117db924cf7c 1156 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1157 * salt The optional salt value.
wolfSSL 15:117db924cf7c 1158 * saltSz The size of the salt.
wolfSSL 15:117db924cf7c 1159 * inKey The input keying material.
wolfSSL 15:117db924cf7c 1160 * inKeySz The size of the input keying material.
wolfSSL 15:117db924cf7c 1161 * out The pseudorandom key with the length that of the hash.
wolfSSL 15:117db924cf7c 1162 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1163 */
wolfSSL 15:117db924cf7c 1164 int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 1165 const byte* inKey, word32 inKeySz, byte* out)
wolfSSL 15:117db924cf7c 1166 {
wolfSSL 15:117db924cf7c 1167 byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */
wolfSSL 15:117db924cf7c 1168 Hmac myHmac;
wolfSSL 15:117db924cf7c 1169 int ret;
wolfSSL 15:117db924cf7c 1170 const byte* localSalt; /* either points to user input or tmp */
wolfSSL 15:117db924cf7c 1171 int hashSz;
wolfSSL 15:117db924cf7c 1172
wolfSSL 15:117db924cf7c 1173 ret = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1174 if (ret < 0)
wolfSSL 15:117db924cf7c 1175 return ret;
wolfSSL 15:117db924cf7c 1176
wolfSSL 15:117db924cf7c 1177 hashSz = ret;
wolfSSL 15:117db924cf7c 1178 localSalt = salt;
wolfSSL 15:117db924cf7c 1179 if (localSalt == NULL) {
wolfSSL 15:117db924cf7c 1180 XMEMSET(tmp, 0, hashSz);
wolfSSL 15:117db924cf7c 1181 localSalt = tmp;
wolfSSL 15:117db924cf7c 1182 saltSz = hashSz;
wolfSSL 15:117db924cf7c 1183 }
wolfSSL 15:117db924cf7c 1184
wolfSSL 15:117db924cf7c 1185 ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID);
wolfSSL 15:117db924cf7c 1186 if (ret == 0) {
wolfSSL 15:117db924cf7c 1187 ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz);
wolfSSL 15:117db924cf7c 1188 if (ret == 0)
wolfSSL 15:117db924cf7c 1189 ret = wc_HmacUpdate(&myHmac, inKey, inKeySz);
wolfSSL 15:117db924cf7c 1190 if (ret == 0)
wolfSSL 15:117db924cf7c 1191 ret = wc_HmacFinal(&myHmac, out);
wolfSSL 15:117db924cf7c 1192 wc_HmacFree(&myHmac);
wolfSSL 15:117db924cf7c 1193 }
wolfSSL 15:117db924cf7c 1194
wolfSSL 15:117db924cf7c 1195 return ret;
wolfSSL 15:117db924cf7c 1196 }
wolfSSL 15:117db924cf7c 1197
wolfSSL 15:117db924cf7c 1198 /* HMAC-KDF-Expand.
wolfSSL 15:117db924cf7c 1199 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1200 *
wolfSSL 15:117db924cf7c 1201 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1202 * inKey The input key.
wolfSSL 15:117db924cf7c 1203 * inKeySz The size of the input key.
wolfSSL 15:117db924cf7c 1204 * info The application specific information.
wolfSSL 15:117db924cf7c 1205 * infoSz The size of the application specific information.
wolfSSL 15:117db924cf7c 1206 * out The output keying material.
wolfSSL 15:117db924cf7c 1207 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1208 */
wolfSSL 15:117db924cf7c 1209 int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 1210 const byte* info, word32 infoSz, byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 1211 {
wolfSSL 15:117db924cf7c 1212 byte tmp[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1213 Hmac myHmac;
wolfSSL 15:117db924cf7c 1214 int ret = 0;
wolfSSL 15:117db924cf7c 1215 word32 outIdx = 0;
wolfSSL 15:117db924cf7c 1216 word32 hashSz = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1217 byte n = 0x1;
wolfSSL 15:117db924cf7c 1218
wolfSSL 15:117db924cf7c 1219 ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID);
wolfSSL 15:117db924cf7c 1220 if (ret != 0)
wolfSSL 15:117db924cf7c 1221 return ret;
wolfSSL 15:117db924cf7c 1222
wolfSSL 15:117db924cf7c 1223 while (outIdx < outSz) {
wolfSSL 15:117db924cf7c 1224 int tmpSz = (n == 1) ? 0 : hashSz;
wolfSSL 15:117db924cf7c 1225 word32 left = outSz - outIdx;
wolfSSL 15:117db924cf7c 1226
wolfSSL 15:117db924cf7c 1227 ret = wc_HmacSetKey(&myHmac, type, inKey, inKeySz);
wolfSSL 15:117db924cf7c 1228 if (ret != 0)
wolfSSL 15:117db924cf7c 1229 break;
wolfSSL 15:117db924cf7c 1230 ret = wc_HmacUpdate(&myHmac, tmp, tmpSz);
wolfSSL 15:117db924cf7c 1231 if (ret != 0)
wolfSSL 15:117db924cf7c 1232 break;
wolfSSL 15:117db924cf7c 1233 ret = wc_HmacUpdate(&myHmac, info, infoSz);
wolfSSL 15:117db924cf7c 1234 if (ret != 0)
wolfSSL 15:117db924cf7c 1235 break;
wolfSSL 15:117db924cf7c 1236 ret = wc_HmacUpdate(&myHmac, &n, 1);
wolfSSL 15:117db924cf7c 1237 if (ret != 0)
wolfSSL 15:117db924cf7c 1238 break;
wolfSSL 15:117db924cf7c 1239 ret = wc_HmacFinal(&myHmac, tmp);
wolfSSL 15:117db924cf7c 1240 if (ret != 0)
wolfSSL 15:117db924cf7c 1241 break;
wolfSSL 15:117db924cf7c 1242
wolfSSL 15:117db924cf7c 1243 left = min(left, hashSz);
wolfSSL 15:117db924cf7c 1244 XMEMCPY(out+outIdx, tmp, left);
wolfSSL 15:117db924cf7c 1245
wolfSSL 15:117db924cf7c 1246 outIdx += hashSz;
wolfSSL 15:117db924cf7c 1247 n++;
wolfSSL 15:117db924cf7c 1248 }
wolfSSL 15:117db924cf7c 1249
wolfSSL 15:117db924cf7c 1250 wc_HmacFree(&myHmac);
wolfSSL 15:117db924cf7c 1251
wolfSSL 15:117db924cf7c 1252 return ret;
wolfSSL 15:117db924cf7c 1253 }
wolfSSL 15:117db924cf7c 1254
wolfSSL 15:117db924cf7c 1255 /* HMAC-KDF.
wolfSSL 15:117db924cf7c 1256 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1257 *
wolfSSL 15:117db924cf7c 1258 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1259 * inKey The input keying material.
wolfSSL 15:117db924cf7c 1260 * inKeySz The size of the input keying material.
wolfSSL 15:117db924cf7c 1261 * salt The optional salt value.
wolfSSL 15:117db924cf7c 1262 * saltSz The size of the salt.
wolfSSL 15:117db924cf7c 1263 * info The application specific information.
wolfSSL 15:117db924cf7c 1264 * infoSz The size of the application specific information.
wolfSSL 15:117db924cf7c 1265 * out The output keying material.
wolfSSL 15:117db924cf7c 1266 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1267 */
wolfSSL 15:117db924cf7c 1268 int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 1269 const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 1270 const byte* info, word32 infoSz,
wolfSSL 15:117db924cf7c 1271 byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 1272 {
wolfSSL 15:117db924cf7c 1273 byte prk[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1274 int hashSz = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1275 int ret;
wolfSSL 15:117db924cf7c 1276
wolfSSL 15:117db924cf7c 1277 if (hashSz < 0)
wolfSSL 15:117db924cf7c 1278 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 1279
wolfSSL 15:117db924cf7c 1280 ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk);
wolfSSL 15:117db924cf7c 1281 if (ret != 0)
wolfSSL 15:117db924cf7c 1282 return ret;
wolfSSL 15:117db924cf7c 1283
wolfSSL 15:117db924cf7c 1284 return wc_HKDF_Expand(type, prk, hashSz, info, infoSz, out, outSz);
wolfSSL 15:117db924cf7c 1285 }
wolfSSL 15:117db924cf7c 1286
wolfSSL 15:117db924cf7c 1287 #endif /* HAVE_HKDF */
wolfSSL 15:117db924cf7c 1288
wolfSSL 15:117db924cf7c 1289 #endif /* HAVE_FIPS */
wolfSSL 15:117db924cf7c 1290 #endif /* NO_HMAC */
wolfSSL 15:117db924cf7c 1291