wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfcrypt/src/hmac.c@17:a5f916481144, 2020-06-05 (annotated)
- Committer:
- wolfSSL
- Date:
- Fri Jun 05 00:11:07 2020 +0000
- Revision:
- 17:a5f916481144
- Parent:
- 16:8e0d178b1d1e
wolfSSL 4.4.0
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
wolfSSL | 15:117db924cf7c | 1 | /* hmac.c |
wolfSSL | 15:117db924cf7c | 2 | * |
wolfSSL | 16:8e0d178b1d1e | 3 | * Copyright (C) 2006-2020 wolfSSL Inc. |
wolfSSL | 15:117db924cf7c | 4 | * |
wolfSSL | 15:117db924cf7c | 5 | * This file is part of wolfSSL. |
wolfSSL | 15:117db924cf7c | 6 | * |
wolfSSL | 15:117db924cf7c | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
wolfSSL | 15:117db924cf7c | 8 | * it under the terms of the GNU General Public License as published by |
wolfSSL | 15:117db924cf7c | 9 | * the Free Software Foundation; either version 2 of the License, or |
wolfSSL | 15:117db924cf7c | 10 | * (at your option) any later version. |
wolfSSL | 15:117db924cf7c | 11 | * |
wolfSSL | 15:117db924cf7c | 12 | * wolfSSL is distributed in the hope that it will be useful, |
wolfSSL | 15:117db924cf7c | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
wolfSSL | 15:117db924cf7c | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
wolfSSL | 15:117db924cf7c | 15 | * GNU General Public License for more details. |
wolfSSL | 15:117db924cf7c | 16 | * |
wolfSSL | 15:117db924cf7c | 17 | * You should have received a copy of the GNU General Public License |
wolfSSL | 15:117db924cf7c | 18 | * along with this program; if not, write to the Free Software |
wolfSSL | 15:117db924cf7c | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
wolfSSL | 15:117db924cf7c | 20 | */ |
wolfSSL | 15:117db924cf7c | 21 | |
wolfSSL | 15:117db924cf7c | 22 | |
wolfSSL | 15:117db924cf7c | 23 | #ifdef HAVE_CONFIG_H |
wolfSSL | 15:117db924cf7c | 24 | #include <config.h> |
wolfSSL | 15:117db924cf7c | 25 | #endif |
wolfSSL | 15:117db924cf7c | 26 | |
wolfSSL | 15:117db924cf7c | 27 | #include <wolfssl/wolfcrypt/settings.h> |
wolfSSL | 15:117db924cf7c | 28 | #include <wolfssl/wolfcrypt/error-crypt.h> |
wolfSSL | 15:117db924cf7c | 29 | |
wolfSSL | 15:117db924cf7c | 30 | #ifndef NO_HMAC |
wolfSSL | 15:117db924cf7c | 31 | |
wolfSSL | 15:117db924cf7c | 32 | #if defined(HAVE_FIPS) && \ |
wolfSSL | 15:117db924cf7c | 33 | defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) |
wolfSSL | 15:117db924cf7c | 34 | |
wolfSSL | 15:117db924cf7c | 35 | /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ |
wolfSSL | 15:117db924cf7c | 36 | #define FIPS_NO_WRAPPERS |
wolfSSL | 15:117db924cf7c | 37 | |
wolfSSL | 15:117db924cf7c | 38 | #ifdef USE_WINDOWS_API |
wolfSSL | 15:117db924cf7c | 39 | #pragma code_seg(".fipsA$b") |
wolfSSL | 15:117db924cf7c | 40 | #pragma const_seg(".fipsB$b") |
wolfSSL | 15:117db924cf7c | 41 | #endif |
wolfSSL | 15:117db924cf7c | 42 | #endif |
wolfSSL | 15:117db924cf7c | 43 | |
wolfSSL | 15:117db924cf7c | 44 | #include <wolfssl/wolfcrypt/hmac.h> |
wolfSSL | 15:117db924cf7c | 45 | |
wolfSSL | 16:8e0d178b1d1e | 46 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 47 | #include <wolfssl/wolfcrypt/cryptocb.h> |
wolfSSL | 16:8e0d178b1d1e | 48 | #endif |
wolfSSL | 16:8e0d178b1d1e | 49 | |
wolfSSL | 15:117db924cf7c | 50 | #ifdef NO_INLINE |
wolfSSL | 15:117db924cf7c | 51 | #include <wolfssl/wolfcrypt/misc.h> |
wolfSSL | 15:117db924cf7c | 52 | #else |
wolfSSL | 15:117db924cf7c | 53 | #define WOLFSSL_MISC_INCLUDED |
wolfSSL | 15:117db924cf7c | 54 | #include <wolfcrypt/src/misc.c> |
wolfSSL | 15:117db924cf7c | 55 | #endif |
wolfSSL | 15:117db924cf7c | 56 | |
wolfSSL | 15:117db924cf7c | 57 | |
wolfSSL | 15:117db924cf7c | 58 | /* fips wrapper calls, user can call direct */ |
wolfSSL | 15:117db924cf7c | 59 | /* If building for old FIPS. */ |
wolfSSL | 15:117db924cf7c | 60 | #if defined(HAVE_FIPS) && \ |
wolfSSL | 15:117db924cf7c | 61 | (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) |
wolfSSL | 15:117db924cf7c | 62 | |
wolfSSL | 15:117db924cf7c | 63 | /* does init */ |
wolfSSL | 15:117db924cf7c | 64 | int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz) |
wolfSSL | 15:117db924cf7c | 65 | { |
wolfSSL | 15:117db924cf7c | 66 | if (hmac == NULL || (key == NULL && keySz != 0) || |
wolfSSL | 15:117db924cf7c | 67 | !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 || |
wolfSSL | 16:8e0d178b1d1e | 68 | type == WC_SHA384 || type == WC_SHA512)) { |
wolfSSL | 15:117db924cf7c | 69 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 70 | } |
wolfSSL | 15:117db924cf7c | 71 | |
wolfSSL | 15:117db924cf7c | 72 | return HmacSetKey_fips(hmac, type, key, keySz); |
wolfSSL | 15:117db924cf7c | 73 | } |
wolfSSL | 15:117db924cf7c | 74 | int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz) |
wolfSSL | 15:117db924cf7c | 75 | { |
wolfSSL | 15:117db924cf7c | 76 | if (hmac == NULL || (in == NULL && sz > 0)) { |
wolfSSL | 15:117db924cf7c | 77 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 78 | } |
wolfSSL | 15:117db924cf7c | 79 | |
wolfSSL | 15:117db924cf7c | 80 | return HmacUpdate_fips(hmac, in, sz); |
wolfSSL | 15:117db924cf7c | 81 | } |
wolfSSL | 15:117db924cf7c | 82 | int wc_HmacFinal(Hmac* hmac, byte* out) |
wolfSSL | 15:117db924cf7c | 83 | { |
wolfSSL | 15:117db924cf7c | 84 | if (hmac == NULL) { |
wolfSSL | 15:117db924cf7c | 85 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 86 | } |
wolfSSL | 15:117db924cf7c | 87 | |
wolfSSL | 15:117db924cf7c | 88 | return HmacFinal_fips(hmac, out); |
wolfSSL | 15:117db924cf7c | 89 | } |
wolfSSL | 15:117db924cf7c | 90 | int wolfSSL_GetHmacMaxSize(void) |
wolfSSL | 15:117db924cf7c | 91 | { |
wolfSSL | 15:117db924cf7c | 92 | return CyaSSL_GetHmacMaxSize(); |
wolfSSL | 15:117db924cf7c | 93 | } |
wolfSSL | 15:117db924cf7c | 94 | |
wolfSSL | 15:117db924cf7c | 95 | int wc_HmacInit(Hmac* hmac, void* heap, int devId) |
wolfSSL | 15:117db924cf7c | 96 | { |
wolfSSL | 15:117db924cf7c | 97 | (void)hmac; |
wolfSSL | 15:117db924cf7c | 98 | (void)heap; |
wolfSSL | 15:117db924cf7c | 99 | (void)devId; |
wolfSSL | 15:117db924cf7c | 100 | /* FIPS doesn't support: |
wolfSSL | 15:117db924cf7c | 101 | return HmacInit(hmac, heap, devId); */ |
wolfSSL | 15:117db924cf7c | 102 | return 0; |
wolfSSL | 15:117db924cf7c | 103 | } |
wolfSSL | 15:117db924cf7c | 104 | void wc_HmacFree(Hmac* hmac) |
wolfSSL | 15:117db924cf7c | 105 | { |
wolfSSL | 15:117db924cf7c | 106 | (void)hmac; |
wolfSSL | 15:117db924cf7c | 107 | /* FIPS doesn't support: |
wolfSSL | 15:117db924cf7c | 108 | HmacFree(hmac); */ |
wolfSSL | 15:117db924cf7c | 109 | } |
wolfSSL | 15:117db924cf7c | 110 | |
wolfSSL | 15:117db924cf7c | 111 | #ifdef HAVE_HKDF |
wolfSSL | 15:117db924cf7c | 112 | int wc_HKDF(int type, const byte* inKey, word32 inKeySz, |
wolfSSL | 15:117db924cf7c | 113 | const byte* salt, word32 saltSz, |
wolfSSL | 15:117db924cf7c | 114 | const byte* info, word32 infoSz, |
wolfSSL | 15:117db924cf7c | 115 | byte* out, word32 outSz) |
wolfSSL | 15:117db924cf7c | 116 | { |
wolfSSL | 15:117db924cf7c | 117 | return HKDF(type, inKey, inKeySz, salt, saltSz, |
wolfSSL | 15:117db924cf7c | 118 | info, infoSz, out, outSz); |
wolfSSL | 15:117db924cf7c | 119 | } |
wolfSSL | 15:117db924cf7c | 120 | #endif /* HAVE_HKDF */ |
wolfSSL | 15:117db924cf7c | 121 | |
wolfSSL | 15:117db924cf7c | 122 | #else /* else build without fips, or for new fips */ |
wolfSSL | 15:117db924cf7c | 123 | |
wolfSSL | 15:117db924cf7c | 124 | |
wolfSSL | 15:117db924cf7c | 125 | int wc_HmacSizeByType(int type) |
wolfSSL | 15:117db924cf7c | 126 | { |
wolfSSL | 15:117db924cf7c | 127 | int ret; |
wolfSSL | 15:117db924cf7c | 128 | |
wolfSSL | 15:117db924cf7c | 129 | if (!(type == WC_MD5 || type == WC_SHA || |
wolfSSL | 15:117db924cf7c | 130 | type == WC_SHA224 || type == WC_SHA256 || |
wolfSSL | 15:117db924cf7c | 131 | type == WC_SHA384 || type == WC_SHA512 || |
wolfSSL | 15:117db924cf7c | 132 | type == WC_SHA3_224 || type == WC_SHA3_256 || |
wolfSSL | 16:8e0d178b1d1e | 133 | type == WC_SHA3_384 || type == WC_SHA3_512)) { |
wolfSSL | 15:117db924cf7c | 134 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 135 | } |
wolfSSL | 15:117db924cf7c | 136 | |
wolfSSL | 15:117db924cf7c | 137 | switch (type) { |
wolfSSL | 15:117db924cf7c | 138 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 139 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 140 | ret = WC_MD5_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 141 | break; |
wolfSSL | 15:117db924cf7c | 142 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 143 | |
wolfSSL | 15:117db924cf7c | 144 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 145 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 146 | ret = WC_SHA_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 147 | break; |
wolfSSL | 15:117db924cf7c | 148 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 149 | |
wolfSSL | 15:117db924cf7c | 150 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 151 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 152 | ret = WC_SHA224_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 153 | break; |
wolfSSL | 15:117db924cf7c | 154 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 155 | |
wolfSSL | 15:117db924cf7c | 156 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 157 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 158 | ret = WC_SHA256_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 159 | break; |
wolfSSL | 15:117db924cf7c | 160 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 161 | |
wolfSSL | 15:117db924cf7c | 162 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 163 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 164 | ret = WC_SHA384_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 165 | break; |
wolfSSL | 15:117db924cf7c | 166 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 167 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 168 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 169 | ret = WC_SHA512_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 170 | break; |
wolfSSL | 15:117db924cf7c | 171 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 172 | |
wolfSSL | 15:117db924cf7c | 173 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 15:117db924cf7c | 174 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 175 | ret = WC_SHA3_224_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 176 | break; |
wolfSSL | 15:117db924cf7c | 177 | |
wolfSSL | 15:117db924cf7c | 178 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 179 | ret = WC_SHA3_256_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 180 | break; |
wolfSSL | 15:117db924cf7c | 181 | |
wolfSSL | 15:117db924cf7c | 182 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 183 | ret = WC_SHA3_384_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 184 | break; |
wolfSSL | 15:117db924cf7c | 185 | |
wolfSSL | 15:117db924cf7c | 186 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 187 | ret = WC_SHA3_512_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 188 | break; |
wolfSSL | 15:117db924cf7c | 189 | |
wolfSSL | 15:117db924cf7c | 190 | #endif |
wolfSSL | 15:117db924cf7c | 191 | |
wolfSSL | 15:117db924cf7c | 192 | default: |
wolfSSL | 15:117db924cf7c | 193 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 194 | break; |
wolfSSL | 15:117db924cf7c | 195 | } |
wolfSSL | 15:117db924cf7c | 196 | |
wolfSSL | 15:117db924cf7c | 197 | return ret; |
wolfSSL | 15:117db924cf7c | 198 | } |
wolfSSL | 15:117db924cf7c | 199 | |
wolfSSL | 15:117db924cf7c | 200 | int _InitHmac(Hmac* hmac, int type, void* heap) |
wolfSSL | 15:117db924cf7c | 201 | { |
wolfSSL | 15:117db924cf7c | 202 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 203 | |
wolfSSL | 15:117db924cf7c | 204 | switch (type) { |
wolfSSL | 15:117db924cf7c | 205 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 206 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 207 | ret = wc_InitMd5(&hmac->hash.md5); |
wolfSSL | 15:117db924cf7c | 208 | break; |
wolfSSL | 15:117db924cf7c | 209 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 210 | |
wolfSSL | 15:117db924cf7c | 211 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 212 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 213 | ret = wc_InitSha(&hmac->hash.sha); |
wolfSSL | 15:117db924cf7c | 214 | break; |
wolfSSL | 15:117db924cf7c | 215 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 216 | |
wolfSSL | 15:117db924cf7c | 217 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 218 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 219 | ret = wc_InitSha224(&hmac->hash.sha224); |
wolfSSL | 15:117db924cf7c | 220 | break; |
wolfSSL | 15:117db924cf7c | 221 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 222 | |
wolfSSL | 15:117db924cf7c | 223 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 224 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 225 | ret = wc_InitSha256(&hmac->hash.sha256); |
wolfSSL | 15:117db924cf7c | 226 | break; |
wolfSSL | 15:117db924cf7c | 227 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 228 | |
wolfSSL | 15:117db924cf7c | 229 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 230 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 231 | ret = wc_InitSha384(&hmac->hash.sha384); |
wolfSSL | 15:117db924cf7c | 232 | break; |
wolfSSL | 15:117db924cf7c | 233 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 234 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 235 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 236 | ret = wc_InitSha512(&hmac->hash.sha512); |
wolfSSL | 15:117db924cf7c | 237 | break; |
wolfSSL | 15:117db924cf7c | 238 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 239 | |
wolfSSL | 15:117db924cf7c | 240 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 241 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 242 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 243 | ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 244 | break; |
wolfSSL | 16:8e0d178b1d1e | 245 | #endif |
wolfSSL | 16:8e0d178b1d1e | 246 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 247 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 248 | ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 249 | break; |
wolfSSL | 16:8e0d178b1d1e | 250 | #endif |
wolfSSL | 16:8e0d178b1d1e | 251 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 252 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 253 | ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 254 | break; |
wolfSSL | 16:8e0d178b1d1e | 255 | #endif |
wolfSSL | 16:8e0d178b1d1e | 256 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 257 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 258 | ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 259 | break; |
wolfSSL | 15:117db924cf7c | 260 | #endif |
wolfSSL | 16:8e0d178b1d1e | 261 | #endif |
wolfSSL | 15:117db924cf7c | 262 | |
wolfSSL | 15:117db924cf7c | 263 | default: |
wolfSSL | 15:117db924cf7c | 264 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 265 | break; |
wolfSSL | 15:117db924cf7c | 266 | } |
wolfSSL | 15:117db924cf7c | 267 | |
wolfSSL | 15:117db924cf7c | 268 | /* default to NULL heap hint or test value */ |
wolfSSL | 15:117db924cf7c | 269 | #ifdef WOLFSSL_HEAP_TEST |
wolfSSL | 15:117db924cf7c | 270 | hmac->heap = (void)WOLFSSL_HEAP_TEST; |
wolfSSL | 15:117db924cf7c | 271 | #else |
wolfSSL | 15:117db924cf7c | 272 | hmac->heap = heap; |
wolfSSL | 15:117db924cf7c | 273 | #endif /* WOLFSSL_HEAP_TEST */ |
wolfSSL | 15:117db924cf7c | 274 | |
wolfSSL | 15:117db924cf7c | 275 | return ret; |
wolfSSL | 15:117db924cf7c | 276 | } |
wolfSSL | 15:117db924cf7c | 277 | |
wolfSSL | 15:117db924cf7c | 278 | |
wolfSSL | 15:117db924cf7c | 279 | int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) |
wolfSSL | 15:117db924cf7c | 280 | { |
wolfSSL | 15:117db924cf7c | 281 | byte* ip; |
wolfSSL | 15:117db924cf7c | 282 | byte* op; |
wolfSSL | 15:117db924cf7c | 283 | word32 i, hmac_block_size = 0; |
wolfSSL | 15:117db924cf7c | 284 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 285 | void* heap = NULL; |
wolfSSL | 15:117db924cf7c | 286 | |
wolfSSL | 15:117db924cf7c | 287 | if (hmac == NULL || (key == NULL && length != 0) || |
wolfSSL | 15:117db924cf7c | 288 | !(type == WC_MD5 || type == WC_SHA || |
wolfSSL | 15:117db924cf7c | 289 | type == WC_SHA224 || type == WC_SHA256 || |
wolfSSL | 15:117db924cf7c | 290 | type == WC_SHA384 || type == WC_SHA512 || |
wolfSSL | 15:117db924cf7c | 291 | type == WC_SHA3_224 || type == WC_SHA3_256 || |
wolfSSL | 16:8e0d178b1d1e | 292 | type == WC_SHA3_384 || type == WC_SHA3_512)) { |
wolfSSL | 15:117db924cf7c | 293 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 294 | } |
wolfSSL | 15:117db924cf7c | 295 | |
wolfSSL | 16:8e0d178b1d1e | 296 | #ifndef HAVE_FIPS |
wolfSSL | 16:8e0d178b1d1e | 297 | /* if set key has already been run then make sure and free existing */ |
wolfSSL | 16:8e0d178b1d1e | 298 | /* This is for async and PIC32MZ situations, and just normally OK, |
wolfSSL | 16:8e0d178b1d1e | 299 | provided the user calls wc_HmacInit() first. That function is not |
wolfSSL | 16:8e0d178b1d1e | 300 | available in FIPS builds. In current FIPS builds, the hashes are |
wolfSSL | 16:8e0d178b1d1e | 301 | not allocating resources. */ |
wolfSSL | 16:8e0d178b1d1e | 302 | if (hmac->macType != WC_HASH_TYPE_NONE) { |
wolfSSL | 16:8e0d178b1d1e | 303 | wc_HmacFree(hmac); |
wolfSSL | 16:8e0d178b1d1e | 304 | } |
wolfSSL | 16:8e0d178b1d1e | 305 | #endif |
wolfSSL | 16:8e0d178b1d1e | 306 | |
wolfSSL | 15:117db924cf7c | 307 | hmac->innerHashKeyed = 0; |
wolfSSL | 15:117db924cf7c | 308 | hmac->macType = (byte)type; |
wolfSSL | 15:117db924cf7c | 309 | |
wolfSSL | 15:117db924cf7c | 310 | ret = _InitHmac(hmac, type, heap); |
wolfSSL | 15:117db924cf7c | 311 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 312 | return ret; |
wolfSSL | 15:117db924cf7c | 313 | |
wolfSSL | 15:117db924cf7c | 314 | #ifdef HAVE_FIPS |
wolfSSL | 15:117db924cf7c | 315 | if (length < HMAC_FIPS_MIN_KEY) |
wolfSSL | 15:117db924cf7c | 316 | return HMAC_MIN_KEYLEN_E; |
wolfSSL | 15:117db924cf7c | 317 | #endif |
wolfSSL | 15:117db924cf7c | 318 | |
wolfSSL | 16:8e0d178b1d1e | 319 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 320 | hmac->keyRaw = key; /* use buffer directly */ |
wolfSSL | 16:8e0d178b1d1e | 321 | hmac->keyLen = length; |
wolfSSL | 16:8e0d178b1d1e | 322 | #endif |
wolfSSL | 16:8e0d178b1d1e | 323 | |
wolfSSL | 15:117db924cf7c | 324 | ip = (byte*)hmac->ipad; |
wolfSSL | 15:117db924cf7c | 325 | op = (byte*)hmac->opad; |
wolfSSL | 15:117db924cf7c | 326 | |
wolfSSL | 15:117db924cf7c | 327 | switch (hmac->macType) { |
wolfSSL | 15:117db924cf7c | 328 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 329 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 330 | hmac_block_size = WC_MD5_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 331 | if (length <= WC_MD5_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 332 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 333 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 334 | } |
wolfSSL | 15:117db924cf7c | 335 | } |
wolfSSL | 15:117db924cf7c | 336 | else { |
wolfSSL | 15:117db924cf7c | 337 | ret = wc_Md5Update(&hmac->hash.md5, key, length); |
wolfSSL | 15:117db924cf7c | 338 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 339 | break; |
wolfSSL | 15:117db924cf7c | 340 | ret = wc_Md5Final(&hmac->hash.md5, ip); |
wolfSSL | 15:117db924cf7c | 341 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 342 | break; |
wolfSSL | 15:117db924cf7c | 343 | length = WC_MD5_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 344 | } |
wolfSSL | 15:117db924cf7c | 345 | break; |
wolfSSL | 15:117db924cf7c | 346 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 347 | |
wolfSSL | 15:117db924cf7c | 348 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 349 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 350 | hmac_block_size = WC_SHA_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 351 | if (length <= WC_SHA_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 352 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 353 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 354 | } |
wolfSSL | 15:117db924cf7c | 355 | } |
wolfSSL | 15:117db924cf7c | 356 | else { |
wolfSSL | 15:117db924cf7c | 357 | ret = wc_ShaUpdate(&hmac->hash.sha, key, length); |
wolfSSL | 15:117db924cf7c | 358 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 359 | break; |
wolfSSL | 15:117db924cf7c | 360 | ret = wc_ShaFinal(&hmac->hash.sha, ip); |
wolfSSL | 15:117db924cf7c | 361 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 362 | break; |
wolfSSL | 15:117db924cf7c | 363 | |
wolfSSL | 15:117db924cf7c | 364 | length = WC_SHA_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 365 | } |
wolfSSL | 15:117db924cf7c | 366 | break; |
wolfSSL | 15:117db924cf7c | 367 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 368 | |
wolfSSL | 15:117db924cf7c | 369 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 370 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 371 | hmac_block_size = WC_SHA224_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 372 | if (length <= WC_SHA224_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 373 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 374 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 375 | } |
wolfSSL | 15:117db924cf7c | 376 | } |
wolfSSL | 15:117db924cf7c | 377 | else { |
wolfSSL | 15:117db924cf7c | 378 | ret = wc_Sha224Update(&hmac->hash.sha224, key, length); |
wolfSSL | 15:117db924cf7c | 379 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 380 | break; |
wolfSSL | 15:117db924cf7c | 381 | ret = wc_Sha224Final(&hmac->hash.sha224, ip); |
wolfSSL | 15:117db924cf7c | 382 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 383 | break; |
wolfSSL | 15:117db924cf7c | 384 | |
wolfSSL | 15:117db924cf7c | 385 | length = WC_SHA224_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 386 | } |
wolfSSL | 16:8e0d178b1d1e | 387 | break; |
wolfSSL | 15:117db924cf7c | 388 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 389 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 390 | case WC_SHA256: |
wolfSSL | 16:8e0d178b1d1e | 391 | hmac_block_size = WC_SHA256_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 392 | if (length <= WC_SHA256_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 393 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 394 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 395 | } |
wolfSSL | 15:117db924cf7c | 396 | } |
wolfSSL | 15:117db924cf7c | 397 | else { |
wolfSSL | 15:117db924cf7c | 398 | ret = wc_Sha256Update(&hmac->hash.sha256, key, length); |
wolfSSL | 15:117db924cf7c | 399 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 400 | break; |
wolfSSL | 15:117db924cf7c | 401 | ret = wc_Sha256Final(&hmac->hash.sha256, ip); |
wolfSSL | 15:117db924cf7c | 402 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 403 | break; |
wolfSSL | 15:117db924cf7c | 404 | |
wolfSSL | 15:117db924cf7c | 405 | length = WC_SHA256_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 406 | } |
wolfSSL | 15:117db924cf7c | 407 | break; |
wolfSSL | 15:117db924cf7c | 408 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 409 | |
wolfSSL | 15:117db924cf7c | 410 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 411 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 412 | hmac_block_size = WC_SHA384_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 413 | if (length <= WC_SHA384_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 414 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 415 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 416 | } |
wolfSSL | 15:117db924cf7c | 417 | } |
wolfSSL | 15:117db924cf7c | 418 | else { |
wolfSSL | 15:117db924cf7c | 419 | ret = wc_Sha384Update(&hmac->hash.sha384, key, length); |
wolfSSL | 15:117db924cf7c | 420 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 421 | break; |
wolfSSL | 15:117db924cf7c | 422 | ret = wc_Sha384Final(&hmac->hash.sha384, ip); |
wolfSSL | 15:117db924cf7c | 423 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 424 | break; |
wolfSSL | 15:117db924cf7c | 425 | |
wolfSSL | 15:117db924cf7c | 426 | length = WC_SHA384_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 427 | } |
wolfSSL | 15:117db924cf7c | 428 | break; |
wolfSSL | 15:117db924cf7c | 429 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 430 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 431 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 432 | hmac_block_size = WC_SHA512_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 433 | if (length <= WC_SHA512_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 434 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 435 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 436 | } |
wolfSSL | 15:117db924cf7c | 437 | } |
wolfSSL | 15:117db924cf7c | 438 | else { |
wolfSSL | 15:117db924cf7c | 439 | ret = wc_Sha512Update(&hmac->hash.sha512, key, length); |
wolfSSL | 15:117db924cf7c | 440 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 441 | break; |
wolfSSL | 15:117db924cf7c | 442 | ret = wc_Sha512Final(&hmac->hash.sha512, ip); |
wolfSSL | 15:117db924cf7c | 443 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 444 | break; |
wolfSSL | 15:117db924cf7c | 445 | |
wolfSSL | 15:117db924cf7c | 446 | length = WC_SHA512_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 447 | } |
wolfSSL | 15:117db924cf7c | 448 | break; |
wolfSSL | 15:117db924cf7c | 449 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 450 | |
wolfSSL | 15:117db924cf7c | 451 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 452 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 453 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 454 | hmac_block_size = WC_SHA3_224_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 455 | if (length <= WC_SHA3_224_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 456 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 457 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 458 | } |
wolfSSL | 15:117db924cf7c | 459 | } |
wolfSSL | 15:117db924cf7c | 460 | else { |
wolfSSL | 15:117db924cf7c | 461 | ret = wc_Sha3_224_Update(&hmac->hash.sha3, key, length); |
wolfSSL | 15:117db924cf7c | 462 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 463 | break; |
wolfSSL | 15:117db924cf7c | 464 | ret = wc_Sha3_224_Final(&hmac->hash.sha3, ip); |
wolfSSL | 15:117db924cf7c | 465 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 466 | break; |
wolfSSL | 15:117db924cf7c | 467 | |
wolfSSL | 15:117db924cf7c | 468 | length = WC_SHA3_224_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 469 | } |
wolfSSL | 15:117db924cf7c | 470 | break; |
wolfSSL | 16:8e0d178b1d1e | 471 | #endif |
wolfSSL | 16:8e0d178b1d1e | 472 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 473 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 474 | hmac_block_size = WC_SHA3_256_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 475 | if (length <= WC_SHA3_256_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 476 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 477 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 478 | } |
wolfSSL | 15:117db924cf7c | 479 | } |
wolfSSL | 15:117db924cf7c | 480 | else { |
wolfSSL | 15:117db924cf7c | 481 | ret = wc_Sha3_256_Update(&hmac->hash.sha3, key, length); |
wolfSSL | 15:117db924cf7c | 482 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 483 | break; |
wolfSSL | 15:117db924cf7c | 484 | ret = wc_Sha3_256_Final(&hmac->hash.sha3, ip); |
wolfSSL | 15:117db924cf7c | 485 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 486 | break; |
wolfSSL | 15:117db924cf7c | 487 | |
wolfSSL | 15:117db924cf7c | 488 | length = WC_SHA3_256_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 489 | } |
wolfSSL | 15:117db924cf7c | 490 | break; |
wolfSSL | 16:8e0d178b1d1e | 491 | #endif |
wolfSSL | 16:8e0d178b1d1e | 492 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 493 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 494 | hmac_block_size = WC_SHA3_384_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 495 | if (length <= WC_SHA3_384_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 496 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 497 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 498 | } |
wolfSSL | 15:117db924cf7c | 499 | } |
wolfSSL | 15:117db924cf7c | 500 | else { |
wolfSSL | 15:117db924cf7c | 501 | ret = wc_Sha3_384_Update(&hmac->hash.sha3, key, length); |
wolfSSL | 15:117db924cf7c | 502 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 503 | break; |
wolfSSL | 15:117db924cf7c | 504 | ret = wc_Sha3_384_Final(&hmac->hash.sha3, ip); |
wolfSSL | 15:117db924cf7c | 505 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 506 | break; |
wolfSSL | 15:117db924cf7c | 507 | |
wolfSSL | 15:117db924cf7c | 508 | length = WC_SHA3_384_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 509 | } |
wolfSSL | 15:117db924cf7c | 510 | break; |
wolfSSL | 16:8e0d178b1d1e | 511 | #endif |
wolfSSL | 16:8e0d178b1d1e | 512 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 513 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 514 | hmac_block_size = WC_SHA3_512_BLOCK_SIZE; |
wolfSSL | 15:117db924cf7c | 515 | if (length <= WC_SHA3_512_BLOCK_SIZE) { |
wolfSSL | 15:117db924cf7c | 516 | if (key != NULL) { |
wolfSSL | 15:117db924cf7c | 517 | XMEMCPY(ip, key, length); |
wolfSSL | 15:117db924cf7c | 518 | } |
wolfSSL | 15:117db924cf7c | 519 | } |
wolfSSL | 15:117db924cf7c | 520 | else { |
wolfSSL | 15:117db924cf7c | 521 | ret = wc_Sha3_512_Update(&hmac->hash.sha3, key, length); |
wolfSSL | 15:117db924cf7c | 522 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 523 | break; |
wolfSSL | 15:117db924cf7c | 524 | ret = wc_Sha3_512_Final(&hmac->hash.sha3, ip); |
wolfSSL | 15:117db924cf7c | 525 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 526 | break; |
wolfSSL | 15:117db924cf7c | 527 | |
wolfSSL | 15:117db924cf7c | 528 | length = WC_SHA3_512_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 529 | } |
wolfSSL | 15:117db924cf7c | 530 | break; |
wolfSSL | 16:8e0d178b1d1e | 531 | #endif |
wolfSSL | 15:117db924cf7c | 532 | #endif /* WOLFSSL_SHA3 */ |
wolfSSL | 15:117db924cf7c | 533 | |
wolfSSL | 15:117db924cf7c | 534 | default: |
wolfSSL | 15:117db924cf7c | 535 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 536 | } |
wolfSSL | 15:117db924cf7c | 537 | |
wolfSSL | 15:117db924cf7c | 538 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) |
wolfSSL | 15:117db924cf7c | 539 | if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) { |
wolfSSL | 15:117db924cf7c | 540 | #if defined(HAVE_INTEL_QA) || defined(HAVE_CAVIUM) |
wolfSSL | 15:117db924cf7c | 541 | #ifdef HAVE_INTEL_QA |
wolfSSL | 15:117db924cf7c | 542 | if (IntelQaHmacGetType(hmac->macType, NULL) == 0) |
wolfSSL | 15:117db924cf7c | 543 | #endif |
wolfSSL | 15:117db924cf7c | 544 | { |
wolfSSL | 15:117db924cf7c | 545 | if (length > hmac_block_size) |
wolfSSL | 15:117db924cf7c | 546 | length = hmac_block_size; |
wolfSSL | 15:117db924cf7c | 547 | /* update key length */ |
wolfSSL | 15:117db924cf7c | 548 | hmac->keyLen = (word16)length; |
wolfSSL | 15:117db924cf7c | 549 | |
wolfSSL | 15:117db924cf7c | 550 | return ret; |
wolfSSL | 15:117db924cf7c | 551 | } |
wolfSSL | 15:117db924cf7c | 552 | /* no need to pad below */ |
wolfSSL | 15:117db924cf7c | 553 | #endif |
wolfSSL | 15:117db924cf7c | 554 | } |
wolfSSL | 15:117db924cf7c | 555 | #endif |
wolfSSL | 15:117db924cf7c | 556 | |
wolfSSL | 15:117db924cf7c | 557 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 558 | if (length < hmac_block_size) |
wolfSSL | 15:117db924cf7c | 559 | XMEMSET(ip + length, 0, hmac_block_size - length); |
wolfSSL | 15:117db924cf7c | 560 | |
wolfSSL | 15:117db924cf7c | 561 | for(i = 0; i < hmac_block_size; i++) { |
wolfSSL | 15:117db924cf7c | 562 | op[i] = ip[i] ^ OPAD; |
wolfSSL | 15:117db924cf7c | 563 | ip[i] ^= IPAD; |
wolfSSL | 15:117db924cf7c | 564 | } |
wolfSSL | 15:117db924cf7c | 565 | } |
wolfSSL | 15:117db924cf7c | 566 | |
wolfSSL | 15:117db924cf7c | 567 | return ret; |
wolfSSL | 15:117db924cf7c | 568 | } |
wolfSSL | 15:117db924cf7c | 569 | |
wolfSSL | 15:117db924cf7c | 570 | |
wolfSSL | 15:117db924cf7c | 571 | static int HmacKeyInnerHash(Hmac* hmac) |
wolfSSL | 15:117db924cf7c | 572 | { |
wolfSSL | 15:117db924cf7c | 573 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 574 | |
wolfSSL | 15:117db924cf7c | 575 | switch (hmac->macType) { |
wolfSSL | 15:117db924cf7c | 576 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 577 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 578 | ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 579 | WC_MD5_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 580 | break; |
wolfSSL | 15:117db924cf7c | 581 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 582 | |
wolfSSL | 15:117db924cf7c | 583 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 584 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 585 | ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->ipad, |
wolfSSL | 15:117db924cf7c | 586 | WC_SHA_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 587 | break; |
wolfSSL | 15:117db924cf7c | 588 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 589 | |
wolfSSL | 15:117db924cf7c | 590 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 591 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 592 | ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 593 | WC_SHA224_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 594 | break; |
wolfSSL | 15:117db924cf7c | 595 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 596 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 597 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 598 | ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 599 | WC_SHA256_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 600 | break; |
wolfSSL | 15:117db924cf7c | 601 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 602 | |
wolfSSL | 15:117db924cf7c | 603 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 604 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 605 | ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 606 | WC_SHA384_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 607 | break; |
wolfSSL | 15:117db924cf7c | 608 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 609 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 610 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 611 | ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 612 | WC_SHA512_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 613 | break; |
wolfSSL | 15:117db924cf7c | 614 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 615 | |
wolfSSL | 15:117db924cf7c | 616 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 617 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 618 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 619 | ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 620 | WC_SHA3_224_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 621 | break; |
wolfSSL | 16:8e0d178b1d1e | 622 | #endif |
wolfSSL | 16:8e0d178b1d1e | 623 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 624 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 625 | ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 626 | WC_SHA3_256_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 627 | break; |
wolfSSL | 16:8e0d178b1d1e | 628 | #endif |
wolfSSL | 16:8e0d178b1d1e | 629 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 630 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 631 | ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 632 | WC_SHA3_384_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 633 | break; |
wolfSSL | 16:8e0d178b1d1e | 634 | #endif |
wolfSSL | 16:8e0d178b1d1e | 635 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 636 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 637 | ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->ipad, |
wolfSSL | 16:8e0d178b1d1e | 638 | WC_SHA3_512_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 639 | break; |
wolfSSL | 16:8e0d178b1d1e | 640 | #endif |
wolfSSL | 15:117db924cf7c | 641 | #endif /* WOLFSSL_SHA3 */ |
wolfSSL | 15:117db924cf7c | 642 | |
wolfSSL | 15:117db924cf7c | 643 | default: |
wolfSSL | 15:117db924cf7c | 644 | break; |
wolfSSL | 15:117db924cf7c | 645 | } |
wolfSSL | 15:117db924cf7c | 646 | |
wolfSSL | 15:117db924cf7c | 647 | if (ret == 0) |
wolfSSL | 16:8e0d178b1d1e | 648 | hmac->innerHashKeyed = WC_HMAC_INNER_HASH_KEYED_SW; |
wolfSSL | 15:117db924cf7c | 649 | |
wolfSSL | 15:117db924cf7c | 650 | return ret; |
wolfSSL | 15:117db924cf7c | 651 | } |
wolfSSL | 15:117db924cf7c | 652 | |
wolfSSL | 15:117db924cf7c | 653 | |
wolfSSL | 15:117db924cf7c | 654 | int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length) |
wolfSSL | 15:117db924cf7c | 655 | { |
wolfSSL | 15:117db924cf7c | 656 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 657 | |
wolfSSL | 15:117db924cf7c | 658 | if (hmac == NULL || (msg == NULL && length > 0)) { |
wolfSSL | 15:117db924cf7c | 659 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 660 | } |
wolfSSL | 15:117db924cf7c | 661 | |
wolfSSL | 16:8e0d178b1d1e | 662 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 663 | if (hmac->devId != INVALID_DEVID) { |
wolfSSL | 16:8e0d178b1d1e | 664 | ret = wc_CryptoCb_Hmac(hmac, hmac->macType, msg, length, NULL); |
wolfSSL | 16:8e0d178b1d1e | 665 | if (ret != CRYPTOCB_UNAVAILABLE) |
wolfSSL | 16:8e0d178b1d1e | 666 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 667 | /* fall-through when unavailable */ |
wolfSSL | 16:8e0d178b1d1e | 668 | ret = 0; /* reset error code */ |
wolfSSL | 16:8e0d178b1d1e | 669 | } |
wolfSSL | 16:8e0d178b1d1e | 670 | #endif |
wolfSSL | 15:117db924cf7c | 671 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) |
wolfSSL | 15:117db924cf7c | 672 | if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) { |
wolfSSL | 15:117db924cf7c | 673 | #if defined(HAVE_CAVIUM) |
wolfSSL | 15:117db924cf7c | 674 | return NitroxHmacUpdate(hmac, msg, length); |
wolfSSL | 15:117db924cf7c | 675 | #elif defined(HAVE_INTEL_QA) |
wolfSSL | 15:117db924cf7c | 676 | if (IntelQaHmacGetType(hmac->macType, NULL) == 0) { |
wolfSSL | 15:117db924cf7c | 677 | return IntelQaHmac(&hmac->asyncDev, hmac->macType, |
wolfSSL | 15:117db924cf7c | 678 | (byte*)hmac->ipad, hmac->keyLen, NULL, msg, length); |
wolfSSL | 15:117db924cf7c | 679 | } |
wolfSSL | 15:117db924cf7c | 680 | #endif |
wolfSSL | 15:117db924cf7c | 681 | } |
wolfSSL | 15:117db924cf7c | 682 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 15:117db924cf7c | 683 | |
wolfSSL | 15:117db924cf7c | 684 | if (!hmac->innerHashKeyed) { |
wolfSSL | 15:117db924cf7c | 685 | ret = HmacKeyInnerHash(hmac); |
wolfSSL | 15:117db924cf7c | 686 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 687 | return ret; |
wolfSSL | 15:117db924cf7c | 688 | } |
wolfSSL | 15:117db924cf7c | 689 | |
wolfSSL | 15:117db924cf7c | 690 | switch (hmac->macType) { |
wolfSSL | 15:117db924cf7c | 691 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 692 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 693 | ret = wc_Md5Update(&hmac->hash.md5, msg, length); |
wolfSSL | 15:117db924cf7c | 694 | break; |
wolfSSL | 15:117db924cf7c | 695 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 696 | |
wolfSSL | 15:117db924cf7c | 697 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 698 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 699 | ret = wc_ShaUpdate(&hmac->hash.sha, msg, length); |
wolfSSL | 15:117db924cf7c | 700 | break; |
wolfSSL | 15:117db924cf7c | 701 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 702 | |
wolfSSL | 15:117db924cf7c | 703 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 704 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 705 | ret = wc_Sha224Update(&hmac->hash.sha224, msg, length); |
wolfSSL | 15:117db924cf7c | 706 | break; |
wolfSSL | 15:117db924cf7c | 707 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 708 | |
wolfSSL | 15:117db924cf7c | 709 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 710 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 711 | ret = wc_Sha256Update(&hmac->hash.sha256, msg, length); |
wolfSSL | 15:117db924cf7c | 712 | break; |
wolfSSL | 15:117db924cf7c | 713 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 714 | |
wolfSSL | 15:117db924cf7c | 715 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 716 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 717 | ret = wc_Sha384Update(&hmac->hash.sha384, msg, length); |
wolfSSL | 15:117db924cf7c | 718 | break; |
wolfSSL | 15:117db924cf7c | 719 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 720 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 721 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 722 | ret = wc_Sha512Update(&hmac->hash.sha512, msg, length); |
wolfSSL | 15:117db924cf7c | 723 | break; |
wolfSSL | 15:117db924cf7c | 724 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 725 | |
wolfSSL | 15:117db924cf7c | 726 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 727 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 728 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 729 | ret = wc_Sha3_224_Update(&hmac->hash.sha3, msg, length); |
wolfSSL | 15:117db924cf7c | 730 | break; |
wolfSSL | 16:8e0d178b1d1e | 731 | #endif |
wolfSSL | 16:8e0d178b1d1e | 732 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 733 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 734 | ret = wc_Sha3_256_Update(&hmac->hash.sha3, msg, length); |
wolfSSL | 15:117db924cf7c | 735 | break; |
wolfSSL | 16:8e0d178b1d1e | 736 | #endif |
wolfSSL | 16:8e0d178b1d1e | 737 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 738 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 739 | ret = wc_Sha3_384_Update(&hmac->hash.sha3, msg, length); |
wolfSSL | 15:117db924cf7c | 740 | break; |
wolfSSL | 16:8e0d178b1d1e | 741 | #endif |
wolfSSL | 16:8e0d178b1d1e | 742 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 743 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 744 | ret = wc_Sha3_512_Update(&hmac->hash.sha3, msg, length); |
wolfSSL | 15:117db924cf7c | 745 | break; |
wolfSSL | 16:8e0d178b1d1e | 746 | #endif |
wolfSSL | 15:117db924cf7c | 747 | #endif /* WOLFSSL_SHA3 */ |
wolfSSL | 15:117db924cf7c | 748 | |
wolfSSL | 15:117db924cf7c | 749 | default: |
wolfSSL | 15:117db924cf7c | 750 | break; |
wolfSSL | 15:117db924cf7c | 751 | } |
wolfSSL | 15:117db924cf7c | 752 | |
wolfSSL | 15:117db924cf7c | 753 | return ret; |
wolfSSL | 15:117db924cf7c | 754 | } |
wolfSSL | 15:117db924cf7c | 755 | |
wolfSSL | 15:117db924cf7c | 756 | |
wolfSSL | 15:117db924cf7c | 757 | int wc_HmacFinal(Hmac* hmac, byte* hash) |
wolfSSL | 15:117db924cf7c | 758 | { |
wolfSSL | 15:117db924cf7c | 759 | int ret; |
wolfSSL | 15:117db924cf7c | 760 | |
wolfSSL | 15:117db924cf7c | 761 | if (hmac == NULL || hash == NULL) { |
wolfSSL | 15:117db924cf7c | 762 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 763 | } |
wolfSSL | 15:117db924cf7c | 764 | |
wolfSSL | 16:8e0d178b1d1e | 765 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 766 | if (hmac->devId != INVALID_DEVID) { |
wolfSSL | 16:8e0d178b1d1e | 767 | ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, hash); |
wolfSSL | 16:8e0d178b1d1e | 768 | if (ret != CRYPTOCB_UNAVAILABLE) |
wolfSSL | 16:8e0d178b1d1e | 769 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 770 | /* fall-through when unavailable */ |
wolfSSL | 16:8e0d178b1d1e | 771 | } |
wolfSSL | 16:8e0d178b1d1e | 772 | #endif |
wolfSSL | 15:117db924cf7c | 773 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) |
wolfSSL | 15:117db924cf7c | 774 | if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) { |
wolfSSL | 15:117db924cf7c | 775 | int hashLen = wc_HmacSizeByType(hmac->macType); |
wolfSSL | 15:117db924cf7c | 776 | if (hashLen <= 0) |
wolfSSL | 15:117db924cf7c | 777 | return hashLen; |
wolfSSL | 15:117db924cf7c | 778 | |
wolfSSL | 15:117db924cf7c | 779 | #if defined(HAVE_CAVIUM) |
wolfSSL | 15:117db924cf7c | 780 | return NitroxHmacFinal(hmac, hash, hashLen); |
wolfSSL | 15:117db924cf7c | 781 | #elif defined(HAVE_INTEL_QA) |
wolfSSL | 15:117db924cf7c | 782 | if (IntelQaHmacGetType(hmac->macType, NULL) == 0) { |
wolfSSL | 15:117db924cf7c | 783 | return IntelQaHmac(&hmac->asyncDev, hmac->macType, |
wolfSSL | 15:117db924cf7c | 784 | (byte*)hmac->ipad, hmac->keyLen, hash, NULL, hashLen); |
wolfSSL | 15:117db924cf7c | 785 | } |
wolfSSL | 15:117db924cf7c | 786 | #endif |
wolfSSL | 15:117db924cf7c | 787 | } |
wolfSSL | 15:117db924cf7c | 788 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 15:117db924cf7c | 789 | |
wolfSSL | 15:117db924cf7c | 790 | if (!hmac->innerHashKeyed) { |
wolfSSL | 15:117db924cf7c | 791 | ret = HmacKeyInnerHash(hmac); |
wolfSSL | 15:117db924cf7c | 792 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 793 | return ret; |
wolfSSL | 15:117db924cf7c | 794 | } |
wolfSSL | 15:117db924cf7c | 795 | |
wolfSSL | 15:117db924cf7c | 796 | switch (hmac->macType) { |
wolfSSL | 15:117db924cf7c | 797 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 798 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 799 | ret = wc_Md5Final(&hmac->hash.md5, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 800 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 801 | break; |
wolfSSL | 15:117db924cf7c | 802 | ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 803 | WC_MD5_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 804 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 805 | break; |
wolfSSL | 15:117db924cf7c | 806 | ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 807 | WC_MD5_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 808 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 809 | break; |
wolfSSL | 15:117db924cf7c | 810 | ret = wc_Md5Final(&hmac->hash.md5, hash); |
wolfSSL | 15:117db924cf7c | 811 | break; |
wolfSSL | 15:117db924cf7c | 812 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 813 | |
wolfSSL | 15:117db924cf7c | 814 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 815 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 816 | ret = wc_ShaFinal(&hmac->hash.sha, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 817 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 818 | break; |
wolfSSL | 15:117db924cf7c | 819 | ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->opad, |
wolfSSL | 15:117db924cf7c | 820 | WC_SHA_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 821 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 822 | break; |
wolfSSL | 15:117db924cf7c | 823 | ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->innerHash, |
wolfSSL | 15:117db924cf7c | 824 | WC_SHA_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 825 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 826 | break; |
wolfSSL | 15:117db924cf7c | 827 | ret = wc_ShaFinal(&hmac->hash.sha, hash); |
wolfSSL | 15:117db924cf7c | 828 | break; |
wolfSSL | 15:117db924cf7c | 829 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 830 | |
wolfSSL | 15:117db924cf7c | 831 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 832 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 833 | ret = wc_Sha224Final(&hmac->hash.sha224, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 834 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 835 | break; |
wolfSSL | 15:117db924cf7c | 836 | ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 837 | WC_SHA224_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 838 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 839 | break; |
wolfSSL | 15:117db924cf7c | 840 | ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 841 | WC_SHA224_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 842 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 843 | break; |
wolfSSL | 15:117db924cf7c | 844 | ret = wc_Sha224Final(&hmac->hash.sha224, hash); |
wolfSSL | 15:117db924cf7c | 845 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 846 | break; |
wolfSSL | 16:8e0d178b1d1e | 847 | break; |
wolfSSL | 15:117db924cf7c | 848 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 849 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 850 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 851 | ret = wc_Sha256Final(&hmac->hash.sha256, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 852 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 853 | break; |
wolfSSL | 15:117db924cf7c | 854 | ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 855 | WC_SHA256_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 856 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 857 | break; |
wolfSSL | 15:117db924cf7c | 858 | ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 859 | WC_SHA256_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 860 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 861 | break; |
wolfSSL | 15:117db924cf7c | 862 | ret = wc_Sha256Final(&hmac->hash.sha256, hash); |
wolfSSL | 15:117db924cf7c | 863 | break; |
wolfSSL | 15:117db924cf7c | 864 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 865 | |
wolfSSL | 15:117db924cf7c | 866 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 867 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 868 | ret = wc_Sha384Final(&hmac->hash.sha384, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 869 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 870 | break; |
wolfSSL | 15:117db924cf7c | 871 | ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 872 | WC_SHA384_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 873 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 874 | break; |
wolfSSL | 15:117db924cf7c | 875 | ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 876 | WC_SHA384_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 877 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 878 | break; |
wolfSSL | 15:117db924cf7c | 879 | ret = wc_Sha384Final(&hmac->hash.sha384, hash); |
wolfSSL | 15:117db924cf7c | 880 | break; |
wolfSSL | 15:117db924cf7c | 881 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 882 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 883 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 884 | ret = wc_Sha512Final(&hmac->hash.sha512, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 885 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 886 | break; |
wolfSSL | 15:117db924cf7c | 887 | ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 888 | WC_SHA512_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 889 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 890 | break; |
wolfSSL | 15:117db924cf7c | 891 | ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 892 | WC_SHA512_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 893 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 894 | break; |
wolfSSL | 15:117db924cf7c | 895 | ret = wc_Sha512Final(&hmac->hash.sha512, hash); |
wolfSSL | 15:117db924cf7c | 896 | break; |
wolfSSL | 15:117db924cf7c | 897 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 898 | |
wolfSSL | 15:117db924cf7c | 899 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 900 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 901 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 902 | ret = wc_Sha3_224_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 903 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 904 | break; |
wolfSSL | 15:117db924cf7c | 905 | ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 906 | WC_SHA3_224_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 907 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 908 | break; |
wolfSSL | 15:117db924cf7c | 909 | ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 910 | WC_SHA3_224_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 911 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 912 | break; |
wolfSSL | 15:117db924cf7c | 913 | ret = wc_Sha3_224_Final(&hmac->hash.sha3, hash); |
wolfSSL | 15:117db924cf7c | 914 | break; |
wolfSSL | 16:8e0d178b1d1e | 915 | #endif |
wolfSSL | 16:8e0d178b1d1e | 916 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 917 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 918 | ret = wc_Sha3_256_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 919 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 920 | break; |
wolfSSL | 15:117db924cf7c | 921 | ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 922 | WC_SHA3_256_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 923 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 924 | break; |
wolfSSL | 15:117db924cf7c | 925 | ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 926 | WC_SHA3_256_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 927 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 928 | break; |
wolfSSL | 15:117db924cf7c | 929 | ret = wc_Sha3_256_Final(&hmac->hash.sha3, hash); |
wolfSSL | 15:117db924cf7c | 930 | break; |
wolfSSL | 16:8e0d178b1d1e | 931 | #endif |
wolfSSL | 16:8e0d178b1d1e | 932 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 933 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 934 | ret = wc_Sha3_384_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 935 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 936 | break; |
wolfSSL | 15:117db924cf7c | 937 | ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 938 | WC_SHA3_384_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 939 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 940 | break; |
wolfSSL | 15:117db924cf7c | 941 | ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 942 | WC_SHA3_384_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 943 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 944 | break; |
wolfSSL | 15:117db924cf7c | 945 | ret = wc_Sha3_384_Final(&hmac->hash.sha3, hash); |
wolfSSL | 15:117db924cf7c | 946 | break; |
wolfSSL | 16:8e0d178b1d1e | 947 | #endif |
wolfSSL | 16:8e0d178b1d1e | 948 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 949 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 950 | ret = wc_Sha3_512_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); |
wolfSSL | 15:117db924cf7c | 951 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 952 | break; |
wolfSSL | 15:117db924cf7c | 953 | ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->opad, |
wolfSSL | 16:8e0d178b1d1e | 954 | WC_SHA3_512_BLOCK_SIZE); |
wolfSSL | 15:117db924cf7c | 955 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 956 | break; |
wolfSSL | 15:117db924cf7c | 957 | ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, |
wolfSSL | 16:8e0d178b1d1e | 958 | WC_SHA3_512_DIGEST_SIZE); |
wolfSSL | 15:117db924cf7c | 959 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 960 | break; |
wolfSSL | 15:117db924cf7c | 961 | ret = wc_Sha3_512_Final(&hmac->hash.sha3, hash); |
wolfSSL | 15:117db924cf7c | 962 | break; |
wolfSSL | 16:8e0d178b1d1e | 963 | #endif |
wolfSSL | 15:117db924cf7c | 964 | #endif /* WOLFSSL_SHA3 */ |
wolfSSL | 15:117db924cf7c | 965 | |
wolfSSL | 15:117db924cf7c | 966 | default: |
wolfSSL | 15:117db924cf7c | 967 | ret = BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 968 | break; |
wolfSSL | 15:117db924cf7c | 969 | } |
wolfSSL | 15:117db924cf7c | 970 | |
wolfSSL | 15:117db924cf7c | 971 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 972 | hmac->innerHashKeyed = 0; |
wolfSSL | 15:117db924cf7c | 973 | } |
wolfSSL | 15:117db924cf7c | 974 | |
wolfSSL | 15:117db924cf7c | 975 | return ret; |
wolfSSL | 15:117db924cf7c | 976 | } |
wolfSSL | 15:117db924cf7c | 977 | |
wolfSSL | 15:117db924cf7c | 978 | |
wolfSSL | 15:117db924cf7c | 979 | /* Initialize Hmac for use with async device */ |
wolfSSL | 15:117db924cf7c | 980 | int wc_HmacInit(Hmac* hmac, void* heap, int devId) |
wolfSSL | 15:117db924cf7c | 981 | { |
wolfSSL | 15:117db924cf7c | 982 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 983 | |
wolfSSL | 15:117db924cf7c | 984 | if (hmac == NULL) |
wolfSSL | 15:117db924cf7c | 985 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 986 | |
wolfSSL | 15:117db924cf7c | 987 | XMEMSET(hmac, 0, sizeof(Hmac)); |
wolfSSL | 16:8e0d178b1d1e | 988 | hmac->macType = WC_HASH_TYPE_NONE; |
wolfSSL | 15:117db924cf7c | 989 | hmac->heap = heap; |
wolfSSL | 16:8e0d178b1d1e | 990 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 991 | hmac->devId = devId; |
wolfSSL | 16:8e0d178b1d1e | 992 | hmac->devCtx = NULL; |
wolfSSL | 16:8e0d178b1d1e | 993 | #endif |
wolfSSL | 15:117db924cf7c | 994 | |
wolfSSL | 15:117db924cf7c | 995 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) |
wolfSSL | 15:117db924cf7c | 996 | ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC, |
wolfSSL | 15:117db924cf7c | 997 | hmac->heap, devId); |
wolfSSL | 15:117db924cf7c | 998 | #else |
wolfSSL | 15:117db924cf7c | 999 | (void)devId; |
wolfSSL | 15:117db924cf7c | 1000 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 15:117db924cf7c | 1001 | |
wolfSSL | 15:117db924cf7c | 1002 | return ret; |
wolfSSL | 15:117db924cf7c | 1003 | } |
wolfSSL | 15:117db924cf7c | 1004 | |
wolfSSL | 16:8e0d178b1d1e | 1005 | #ifdef HAVE_PKCS11 |
wolfSSL | 16:8e0d178b1d1e | 1006 | int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap, |
wolfSSL | 16:8e0d178b1d1e | 1007 | int devId) |
wolfSSL | 16:8e0d178b1d1e | 1008 | { |
wolfSSL | 16:8e0d178b1d1e | 1009 | int ret = 0; |
wolfSSL | 16:8e0d178b1d1e | 1010 | |
wolfSSL | 16:8e0d178b1d1e | 1011 | if (hmac == NULL) |
wolfSSL | 16:8e0d178b1d1e | 1012 | ret = BAD_FUNC_ARG; |
wolfSSL | 16:8e0d178b1d1e | 1013 | if (ret == 0 && (len < 0 || len > HMAC_MAX_ID_LEN)) |
wolfSSL | 16:8e0d178b1d1e | 1014 | ret = BUFFER_E; |
wolfSSL | 16:8e0d178b1d1e | 1015 | |
wolfSSL | 16:8e0d178b1d1e | 1016 | if (ret == 0) |
wolfSSL | 16:8e0d178b1d1e | 1017 | ret = wc_HmacInit(hmac, heap, devId); |
wolfSSL | 16:8e0d178b1d1e | 1018 | if (ret == 0) { |
wolfSSL | 16:8e0d178b1d1e | 1019 | XMEMCPY(hmac->id, id, len); |
wolfSSL | 16:8e0d178b1d1e | 1020 | hmac->idLen = len; |
wolfSSL | 16:8e0d178b1d1e | 1021 | } |
wolfSSL | 16:8e0d178b1d1e | 1022 | |
wolfSSL | 16:8e0d178b1d1e | 1023 | return ret; |
wolfSSL | 16:8e0d178b1d1e | 1024 | } |
wolfSSL | 16:8e0d178b1d1e | 1025 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1026 | |
wolfSSL | 15:117db924cf7c | 1027 | /* Free Hmac from use with async device */ |
wolfSSL | 15:117db924cf7c | 1028 | void wc_HmacFree(Hmac* hmac) |
wolfSSL | 15:117db924cf7c | 1029 | { |
wolfSSL | 15:117db924cf7c | 1030 | if (hmac == NULL) |
wolfSSL | 15:117db924cf7c | 1031 | return; |
wolfSSL | 15:117db924cf7c | 1032 | |
wolfSSL | 16:8e0d178b1d1e | 1033 | #ifdef WOLF_CRYPTO_CB |
wolfSSL | 16:8e0d178b1d1e | 1034 | /* handle cleanup case where final is not called */ |
wolfSSL | 16:8e0d178b1d1e | 1035 | if (hmac->devId != INVALID_DEVID && hmac->devCtx != NULL) { |
wolfSSL | 16:8e0d178b1d1e | 1036 | int ret; |
wolfSSL | 16:8e0d178b1d1e | 1037 | byte finalHash[WC_HMAC_BLOCK_SIZE]; |
wolfSSL | 16:8e0d178b1d1e | 1038 | ret = wc_CryptoCb_Hmac(hmac, hmac->macType, NULL, 0, finalHash); |
wolfSSL | 16:8e0d178b1d1e | 1039 | (void)ret; /* must ignore return code here */ |
wolfSSL | 16:8e0d178b1d1e | 1040 | (void)finalHash; |
wolfSSL | 16:8e0d178b1d1e | 1041 | } |
wolfSSL | 16:8e0d178b1d1e | 1042 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1043 | |
wolfSSL | 15:117db924cf7c | 1044 | switch (hmac->macType) { |
wolfSSL | 15:117db924cf7c | 1045 | #ifndef NO_MD5 |
wolfSSL | 15:117db924cf7c | 1046 | case WC_MD5: |
wolfSSL | 15:117db924cf7c | 1047 | wc_Md5Free(&hmac->hash.md5); |
wolfSSL | 15:117db924cf7c | 1048 | break; |
wolfSSL | 15:117db924cf7c | 1049 | #endif /* !NO_MD5 */ |
wolfSSL | 15:117db924cf7c | 1050 | |
wolfSSL | 15:117db924cf7c | 1051 | #ifndef NO_SHA |
wolfSSL | 15:117db924cf7c | 1052 | case WC_SHA: |
wolfSSL | 15:117db924cf7c | 1053 | wc_ShaFree(&hmac->hash.sha); |
wolfSSL | 15:117db924cf7c | 1054 | break; |
wolfSSL | 15:117db924cf7c | 1055 | #endif /* !NO_SHA */ |
wolfSSL | 15:117db924cf7c | 1056 | |
wolfSSL | 15:117db924cf7c | 1057 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 15:117db924cf7c | 1058 | case WC_SHA224: |
wolfSSL | 15:117db924cf7c | 1059 | wc_Sha224Free(&hmac->hash.sha224); |
wolfSSL | 15:117db924cf7c | 1060 | break; |
wolfSSL | 15:117db924cf7c | 1061 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 15:117db924cf7c | 1062 | #ifndef NO_SHA256 |
wolfSSL | 15:117db924cf7c | 1063 | case WC_SHA256: |
wolfSSL | 15:117db924cf7c | 1064 | wc_Sha256Free(&hmac->hash.sha256); |
wolfSSL | 15:117db924cf7c | 1065 | break; |
wolfSSL | 15:117db924cf7c | 1066 | #endif /* !NO_SHA256 */ |
wolfSSL | 15:117db924cf7c | 1067 | |
wolfSSL | 15:117db924cf7c | 1068 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 15:117db924cf7c | 1069 | case WC_SHA384: |
wolfSSL | 15:117db924cf7c | 1070 | wc_Sha384Free(&hmac->hash.sha384); |
wolfSSL | 15:117db924cf7c | 1071 | break; |
wolfSSL | 15:117db924cf7c | 1072 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 15:117db924cf7c | 1073 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 15:117db924cf7c | 1074 | case WC_SHA512: |
wolfSSL | 15:117db924cf7c | 1075 | wc_Sha512Free(&hmac->hash.sha512); |
wolfSSL | 15:117db924cf7c | 1076 | break; |
wolfSSL | 15:117db924cf7c | 1077 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 15:117db924cf7c | 1078 | |
wolfSSL | 15:117db924cf7c | 1079 | #ifdef WOLFSSL_SHA3 |
wolfSSL | 16:8e0d178b1d1e | 1080 | #ifndef WOLFSSL_NOSHA3_224 |
wolfSSL | 15:117db924cf7c | 1081 | case WC_SHA3_224: |
wolfSSL | 15:117db924cf7c | 1082 | wc_Sha3_224_Free(&hmac->hash.sha3); |
wolfSSL | 15:117db924cf7c | 1083 | break; |
wolfSSL | 16:8e0d178b1d1e | 1084 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1085 | #ifndef WOLFSSL_NOSHA3_256 |
wolfSSL | 15:117db924cf7c | 1086 | case WC_SHA3_256: |
wolfSSL | 15:117db924cf7c | 1087 | wc_Sha3_256_Free(&hmac->hash.sha3); |
wolfSSL | 15:117db924cf7c | 1088 | break; |
wolfSSL | 16:8e0d178b1d1e | 1089 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1090 | #ifndef WOLFSSL_NOSHA3_384 |
wolfSSL | 15:117db924cf7c | 1091 | case WC_SHA3_384: |
wolfSSL | 15:117db924cf7c | 1092 | wc_Sha3_384_Free(&hmac->hash.sha3); |
wolfSSL | 15:117db924cf7c | 1093 | break; |
wolfSSL | 16:8e0d178b1d1e | 1094 | #endif |
wolfSSL | 16:8e0d178b1d1e | 1095 | #ifndef WOLFSSL_NOSHA3_512 |
wolfSSL | 15:117db924cf7c | 1096 | case WC_SHA3_512: |
wolfSSL | 15:117db924cf7c | 1097 | wc_Sha3_512_Free(&hmac->hash.sha3); |
wolfSSL | 15:117db924cf7c | 1098 | break; |
wolfSSL | 16:8e0d178b1d1e | 1099 | #endif |
wolfSSL | 15:117db924cf7c | 1100 | #endif /* WOLFSSL_SHA3 */ |
wolfSSL | 15:117db924cf7c | 1101 | |
wolfSSL | 15:117db924cf7c | 1102 | default: |
wolfSSL | 15:117db924cf7c | 1103 | break; |
wolfSSL | 15:117db924cf7c | 1104 | } |
wolfSSL | 15:117db924cf7c | 1105 | |
wolfSSL | 15:117db924cf7c | 1106 | #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) |
wolfSSL | 15:117db924cf7c | 1107 | wolfAsync_DevCtxFree(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC); |
wolfSSL | 15:117db924cf7c | 1108 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
wolfSSL | 16:8e0d178b1d1e | 1109 | |
wolfSSL | 16:8e0d178b1d1e | 1110 | switch (hmac->macType) { |
wolfSSL | 16:8e0d178b1d1e | 1111 | #ifndef NO_MD5 |
wolfSSL | 16:8e0d178b1d1e | 1112 | case WC_MD5: |
wolfSSL | 16:8e0d178b1d1e | 1113 | wc_Md5Free(&hmac->hash.md5); |
wolfSSL | 16:8e0d178b1d1e | 1114 | break; |
wolfSSL | 16:8e0d178b1d1e | 1115 | #endif /* !NO_MD5 */ |
wolfSSL | 16:8e0d178b1d1e | 1116 | |
wolfSSL | 16:8e0d178b1d1e | 1117 | #ifndef NO_SHA |
wolfSSL | 16:8e0d178b1d1e | 1118 | case WC_SHA: |
wolfSSL | 16:8e0d178b1d1e | 1119 | wc_ShaFree(&hmac->hash.sha); |
wolfSSL | 16:8e0d178b1d1e | 1120 | break; |
wolfSSL | 16:8e0d178b1d1e | 1121 | #endif /* !NO_SHA */ |
wolfSSL | 16:8e0d178b1d1e | 1122 | |
wolfSSL | 16:8e0d178b1d1e | 1123 | #ifdef WOLFSSL_SHA224 |
wolfSSL | 16:8e0d178b1d1e | 1124 | case WC_SHA224: |
wolfSSL | 16:8e0d178b1d1e | 1125 | wc_Sha224Free(&hmac->hash.sha224); |
wolfSSL | 16:8e0d178b1d1e | 1126 | break; |
wolfSSL | 16:8e0d178b1d1e | 1127 | #endif /* WOLFSSL_SHA224 */ |
wolfSSL | 16:8e0d178b1d1e | 1128 | #ifndef NO_SHA256 |
wolfSSL | 16:8e0d178b1d1e | 1129 | case WC_SHA256: |
wolfSSL | 16:8e0d178b1d1e | 1130 | wc_Sha256Free(&hmac->hash.sha256); |
wolfSSL | 16:8e0d178b1d1e | 1131 | break; |
wolfSSL | 16:8e0d178b1d1e | 1132 | #endif /* !NO_SHA256 */ |
wolfSSL | 16:8e0d178b1d1e | 1133 | |
wolfSSL | 16:8e0d178b1d1e | 1134 | #ifdef WOLFSSL_SHA512 |
wolfSSL | 16:8e0d178b1d1e | 1135 | #ifdef WOLFSSL_SHA384 |
wolfSSL | 16:8e0d178b1d1e | 1136 | case WC_SHA384: |
wolfSSL | 16:8e0d178b1d1e | 1137 | wc_Sha384Free(&hmac->hash.sha384); |
wolfSSL | 16:8e0d178b1d1e | 1138 | break; |
wolfSSL | 16:8e0d178b1d1e | 1139 | #endif /* WOLFSSL_SHA384 */ |
wolfSSL | 16:8e0d178b1d1e | 1140 | case WC_SHA512: |
wolfSSL | 16:8e0d178b1d1e | 1141 | wc_Sha512Free(&hmac->hash.sha512); |
wolfSSL | 16:8e0d178b1d1e | 1142 | break; |
wolfSSL | 16:8e0d178b1d1e | 1143 | #endif /* WOLFSSL_SHA512 */ |
wolfSSL | 16:8e0d178b1d1e | 1144 | } |
wolfSSL | 15:117db924cf7c | 1145 | } |
wolfSSL | 15:117db924cf7c | 1146 | |
wolfSSL | 15:117db924cf7c | 1147 | int wolfSSL_GetHmacMaxSize(void) |
wolfSSL | 15:117db924cf7c | 1148 | { |
wolfSSL | 15:117db924cf7c | 1149 | return WC_MAX_DIGEST_SIZE; |
wolfSSL | 15:117db924cf7c | 1150 | } |
wolfSSL | 15:117db924cf7c | 1151 | |
wolfSSL | 15:117db924cf7c | 1152 | #ifdef HAVE_HKDF |
wolfSSL | 15:117db924cf7c | 1153 | /* HMAC-KDF-Extract. |
wolfSSL | 15:117db924cf7c | 1154 | * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF). |
wolfSSL | 15:117db924cf7c | 1155 | * |
wolfSSL | 15:117db924cf7c | 1156 | * type The hash algorithm type. |
wolfSSL | 15:117db924cf7c | 1157 | * salt The optional salt value. |
wolfSSL | 15:117db924cf7c | 1158 | * saltSz The size of the salt. |
wolfSSL | 15:117db924cf7c | 1159 | * inKey The input keying material. |
wolfSSL | 15:117db924cf7c | 1160 | * inKeySz The size of the input keying material. |
wolfSSL | 15:117db924cf7c | 1161 | * out The pseudorandom key with the length that of the hash. |
wolfSSL | 15:117db924cf7c | 1162 | * returns 0 on success, otherwise failure. |
wolfSSL | 15:117db924cf7c | 1163 | */ |
wolfSSL | 15:117db924cf7c | 1164 | int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz, |
wolfSSL | 15:117db924cf7c | 1165 | const byte* inKey, word32 inKeySz, byte* out) |
wolfSSL | 15:117db924cf7c | 1166 | { |
wolfSSL | 15:117db924cf7c | 1167 | byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */ |
wolfSSL | 15:117db924cf7c | 1168 | Hmac myHmac; |
wolfSSL | 15:117db924cf7c | 1169 | int ret; |
wolfSSL | 15:117db924cf7c | 1170 | const byte* localSalt; /* either points to user input or tmp */ |
wolfSSL | 15:117db924cf7c | 1171 | int hashSz; |
wolfSSL | 15:117db924cf7c | 1172 | |
wolfSSL | 15:117db924cf7c | 1173 | ret = wc_HmacSizeByType(type); |
wolfSSL | 15:117db924cf7c | 1174 | if (ret < 0) |
wolfSSL | 15:117db924cf7c | 1175 | return ret; |
wolfSSL | 15:117db924cf7c | 1176 | |
wolfSSL | 15:117db924cf7c | 1177 | hashSz = ret; |
wolfSSL | 15:117db924cf7c | 1178 | localSalt = salt; |
wolfSSL | 15:117db924cf7c | 1179 | if (localSalt == NULL) { |
wolfSSL | 15:117db924cf7c | 1180 | XMEMSET(tmp, 0, hashSz); |
wolfSSL | 15:117db924cf7c | 1181 | localSalt = tmp; |
wolfSSL | 15:117db924cf7c | 1182 | saltSz = hashSz; |
wolfSSL | 15:117db924cf7c | 1183 | } |
wolfSSL | 15:117db924cf7c | 1184 | |
wolfSSL | 15:117db924cf7c | 1185 | ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 1186 | if (ret == 0) { |
wolfSSL | 15:117db924cf7c | 1187 | ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz); |
wolfSSL | 15:117db924cf7c | 1188 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1189 | ret = wc_HmacUpdate(&myHmac, inKey, inKeySz); |
wolfSSL | 15:117db924cf7c | 1190 | if (ret == 0) |
wolfSSL | 15:117db924cf7c | 1191 | ret = wc_HmacFinal(&myHmac, out); |
wolfSSL | 15:117db924cf7c | 1192 | wc_HmacFree(&myHmac); |
wolfSSL | 15:117db924cf7c | 1193 | } |
wolfSSL | 15:117db924cf7c | 1194 | |
wolfSSL | 15:117db924cf7c | 1195 | return ret; |
wolfSSL | 15:117db924cf7c | 1196 | } |
wolfSSL | 15:117db924cf7c | 1197 | |
wolfSSL | 15:117db924cf7c | 1198 | /* HMAC-KDF-Expand. |
wolfSSL | 15:117db924cf7c | 1199 | * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF). |
wolfSSL | 15:117db924cf7c | 1200 | * |
wolfSSL | 15:117db924cf7c | 1201 | * type The hash algorithm type. |
wolfSSL | 15:117db924cf7c | 1202 | * inKey The input key. |
wolfSSL | 15:117db924cf7c | 1203 | * inKeySz The size of the input key. |
wolfSSL | 15:117db924cf7c | 1204 | * info The application specific information. |
wolfSSL | 15:117db924cf7c | 1205 | * infoSz The size of the application specific information. |
wolfSSL | 15:117db924cf7c | 1206 | * out The output keying material. |
wolfSSL | 15:117db924cf7c | 1207 | * returns 0 on success, otherwise failure. |
wolfSSL | 15:117db924cf7c | 1208 | */ |
wolfSSL | 15:117db924cf7c | 1209 | int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz, |
wolfSSL | 15:117db924cf7c | 1210 | const byte* info, word32 infoSz, byte* out, word32 outSz) |
wolfSSL | 15:117db924cf7c | 1211 | { |
wolfSSL | 15:117db924cf7c | 1212 | byte tmp[WC_MAX_DIGEST_SIZE]; |
wolfSSL | 15:117db924cf7c | 1213 | Hmac myHmac; |
wolfSSL | 15:117db924cf7c | 1214 | int ret = 0; |
wolfSSL | 15:117db924cf7c | 1215 | word32 outIdx = 0; |
wolfSSL | 15:117db924cf7c | 1216 | word32 hashSz = wc_HmacSizeByType(type); |
wolfSSL | 15:117db924cf7c | 1217 | byte n = 0x1; |
wolfSSL | 15:117db924cf7c | 1218 | |
wolfSSL | 15:117db924cf7c | 1219 | ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID); |
wolfSSL | 15:117db924cf7c | 1220 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1221 | return ret; |
wolfSSL | 15:117db924cf7c | 1222 | |
wolfSSL | 15:117db924cf7c | 1223 | while (outIdx < outSz) { |
wolfSSL | 15:117db924cf7c | 1224 | int tmpSz = (n == 1) ? 0 : hashSz; |
wolfSSL | 15:117db924cf7c | 1225 | word32 left = outSz - outIdx; |
wolfSSL | 15:117db924cf7c | 1226 | |
wolfSSL | 15:117db924cf7c | 1227 | ret = wc_HmacSetKey(&myHmac, type, inKey, inKeySz); |
wolfSSL | 15:117db924cf7c | 1228 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1229 | break; |
wolfSSL | 15:117db924cf7c | 1230 | ret = wc_HmacUpdate(&myHmac, tmp, tmpSz); |
wolfSSL | 15:117db924cf7c | 1231 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1232 | break; |
wolfSSL | 15:117db924cf7c | 1233 | ret = wc_HmacUpdate(&myHmac, info, infoSz); |
wolfSSL | 15:117db924cf7c | 1234 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1235 | break; |
wolfSSL | 15:117db924cf7c | 1236 | ret = wc_HmacUpdate(&myHmac, &n, 1); |
wolfSSL | 15:117db924cf7c | 1237 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1238 | break; |
wolfSSL | 15:117db924cf7c | 1239 | ret = wc_HmacFinal(&myHmac, tmp); |
wolfSSL | 15:117db924cf7c | 1240 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1241 | break; |
wolfSSL | 15:117db924cf7c | 1242 | |
wolfSSL | 15:117db924cf7c | 1243 | left = min(left, hashSz); |
wolfSSL | 15:117db924cf7c | 1244 | XMEMCPY(out+outIdx, tmp, left); |
wolfSSL | 15:117db924cf7c | 1245 | |
wolfSSL | 15:117db924cf7c | 1246 | outIdx += hashSz; |
wolfSSL | 15:117db924cf7c | 1247 | n++; |
wolfSSL | 15:117db924cf7c | 1248 | } |
wolfSSL | 15:117db924cf7c | 1249 | |
wolfSSL | 15:117db924cf7c | 1250 | wc_HmacFree(&myHmac); |
wolfSSL | 15:117db924cf7c | 1251 | |
wolfSSL | 15:117db924cf7c | 1252 | return ret; |
wolfSSL | 15:117db924cf7c | 1253 | } |
wolfSSL | 15:117db924cf7c | 1254 | |
wolfSSL | 15:117db924cf7c | 1255 | /* HMAC-KDF. |
wolfSSL | 15:117db924cf7c | 1256 | * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF). |
wolfSSL | 15:117db924cf7c | 1257 | * |
wolfSSL | 15:117db924cf7c | 1258 | * type The hash algorithm type. |
wolfSSL | 15:117db924cf7c | 1259 | * inKey The input keying material. |
wolfSSL | 15:117db924cf7c | 1260 | * inKeySz The size of the input keying material. |
wolfSSL | 15:117db924cf7c | 1261 | * salt The optional salt value. |
wolfSSL | 15:117db924cf7c | 1262 | * saltSz The size of the salt. |
wolfSSL | 15:117db924cf7c | 1263 | * info The application specific information. |
wolfSSL | 15:117db924cf7c | 1264 | * infoSz The size of the application specific information. |
wolfSSL | 15:117db924cf7c | 1265 | * out The output keying material. |
wolfSSL | 15:117db924cf7c | 1266 | * returns 0 on success, otherwise failure. |
wolfSSL | 15:117db924cf7c | 1267 | */ |
wolfSSL | 15:117db924cf7c | 1268 | int wc_HKDF(int type, const byte* inKey, word32 inKeySz, |
wolfSSL | 15:117db924cf7c | 1269 | const byte* salt, word32 saltSz, |
wolfSSL | 15:117db924cf7c | 1270 | const byte* info, word32 infoSz, |
wolfSSL | 15:117db924cf7c | 1271 | byte* out, word32 outSz) |
wolfSSL | 15:117db924cf7c | 1272 | { |
wolfSSL | 15:117db924cf7c | 1273 | byte prk[WC_MAX_DIGEST_SIZE]; |
wolfSSL | 15:117db924cf7c | 1274 | int hashSz = wc_HmacSizeByType(type); |
wolfSSL | 15:117db924cf7c | 1275 | int ret; |
wolfSSL | 15:117db924cf7c | 1276 | |
wolfSSL | 15:117db924cf7c | 1277 | if (hashSz < 0) |
wolfSSL | 15:117db924cf7c | 1278 | return BAD_FUNC_ARG; |
wolfSSL | 15:117db924cf7c | 1279 | |
wolfSSL | 15:117db924cf7c | 1280 | ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk); |
wolfSSL | 15:117db924cf7c | 1281 | if (ret != 0) |
wolfSSL | 15:117db924cf7c | 1282 | return ret; |
wolfSSL | 15:117db924cf7c | 1283 | |
wolfSSL | 15:117db924cf7c | 1284 | return wc_HKDF_Expand(type, prk, hashSz, info, infoSz, out, outSz); |
wolfSSL | 15:117db924cf7c | 1285 | } |
wolfSSL | 15:117db924cf7c | 1286 | |
wolfSSL | 15:117db924cf7c | 1287 | #endif /* HAVE_HKDF */ |
wolfSSL | 15:117db924cf7c | 1288 | |
wolfSSL | 15:117db924cf7c | 1289 | #endif /* HAVE_FIPS */ |
wolfSSL | 15:117db924cf7c | 1290 | #endif /* NO_HMAC */ |
wolfSSL | 15:117db924cf7c | 1291 |