diff options
Diffstat (limited to 'thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c')
-rw-r--r-- | thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c | 273 |
1 files changed, 273 insertions, 0 deletions
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c new file mode 100644 index 0000000..2e909f9 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c @@ -0,0 +1,273 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "sdk_common.h" +#include "nrf_log.h" +#include "nrf_crypto_hmac_shared.h" +#include "cc310_backend_hmac.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_types.h" +#include <drivers/nrfx_common.h> +#include "crys_hmac.h" +#include "crys_hmac_defs.h" +#include "crys_hmac_error.h" +#include "crys_hash.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) + +static ret_code_t result_get(CRYSError_t err_code) +{ + ret_code_t ret_val; + + switch (err_code) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + case CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case CRYS_HMAC_USER_CONTEXT_CORRUPTED_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED; + break; + + case CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR: + case CRYS_HMAC_INVALID_KEY_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + case CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_NULL; + break; + + case CRYS_HMAC_ILLEGAL_PARAMS_ERROR: + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + break; + + case CRYS_HMAC_UNVALID_KEY_SIZE_ERROR: + case CRYS_HMAC_DATA_SIZE_ILLEGAL: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + case CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR: + case CRYS_HMAC_LAST_BLOCK_ALREADY_PROCESSED_ERROR: + case CRYS_HMAC_IS_NOT_SUPPORTED: + case CRYS_HMAC_CTX_SIZES_ERROR: + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_init(void * const p_context, + uint8_t const * p_key, + size_t key_size) +{ + CRYSError_t err_code; + CRYS_HASH_OperationMode_t hash_mode; + ret_code_t ret_val; + bool mutex_locked; + + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + switch (p_ctx->header.p_info->type) + { + case NRF_CRYPTO_HMAC_SHA256_TYPE: + { + hash_mode = CRYS_HASH_SHA256_mode; + } break; + case NRF_CRYPTO_HMAC_SHA512_TYPE: + { + hash_mode = CRYS_HASH_SHA512_mode; + } break; + default: + { + NRF_LOG_ERROR("Hash algorithm not supported by CC310 backend wrapper"); + return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + } + } + + // Key in flash could lead to silently calculating wrong HMAC. + VERIFY_TRUE(nrfx_is_in_ram(p_key), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_HMAC_Init(&p_ctx->crys_context, hash_mode, (uint8_t *)p_key, key_size); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_update(void * const p_context, + uint8_t const * p_data, + size_t size) +{ + CRYSError_t err_code; + ret_code_t ret_val; + bool mutex_locked; + size_t cur_len; + size_t len_left = size; + uint8_t const * p_cur = p_data; + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + // Data in flash could lead to silently calculating wrong HMAC. + VERIFY_TRUE(nrfx_is_in_ram(p_data), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + // If the input is larger than CC310_MAX_LENGTH_DMA_OPERATIONS, split into smaller + do + { + cur_len = (len_left > CC310_MAX_LENGTH_DMA_OPERATIONS) ? + CC310_MAX_LENGTH_DMA_OPERATIONS : len_left; + + err_code = CRYS_HMAC_Update(&p_ctx->crys_context, (uint8_t *)p_cur, cur_len); + + len_left -= cur_len; + p_cur += cur_len; + + } while (err_code == CRYS_OK && len_left > 0); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_finalize(void * const p_context, + uint8_t * p_digest, + size_t * const p_size) +{ + CRYSError_t err_code; + ret_code_t ret_val; + bool mutex_locked; + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + // Set the digest length to 0 so that this is used in case of any error. + *p_size = 0; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_HMAC_Finish(&p_ctx->crys_context, p_ctx->crys_result); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + if (err_code != NRF_SUCCESS) + { + return ret_val; + } + + *p_size = p_ctx->header.p_info->digest_size; + + memcpy(p_digest, p_ctx->crys_result, *p_size); + + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) + +// Information structure for HMAC SHA256 using CC310 backend. +const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha256_info = +{ + .init_fn = cc310_backend_hmac_init, + .update_fn = cc310_backend_hmac_update, + .finalize_fn = cc310_backend_hmac_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA256, + .context_size = sizeof(nrf_crypto_backend_hmac_sha256_context_t), + .type = NRF_CRYPTO_HMAC_SHA256_TYPE, +}; + +#endif // NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256_ENABLED + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) + +// Information structure for HMAC SHA512 using CC310 backend. +const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha512_info = +{ + .init_fn = cc310_backend_hmac_init, + .update_fn = cc310_backend_hmac_update, + .finalize_fn = cc310_backend_hmac_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA512, + .context_size = sizeof(nrf_crypto_backend_hmac_sha512_context_t), + .type = NRF_CRYPTO_HMAC_SHA512_TYPE, +}; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) |