TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4fdf060a81e230871af95499402ba3946faeb403 / . / library / psa_crypto_mac.c
blob: 5a7bc2c86ab40abbbe4ad96ed135b9086a63c390 [file] [log] [blame]
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]1/*
2 * PSA MAC layer on top of Mbed TLS software crypto
3 */
4/*
5 * Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21#include "common.h"
22
23#if defined(MBEDTLS_PSA_CRYPTO_C)
24
25#include <psa/crypto.h>
26#include "psa_crypto_core.h"
27#include "psa_crypto_mac.h"
Steven Cooreman82c66b62021-03-19 17:39:17 +0100[diff] [blame]28#include <mbedtls/md.h>
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]29
30#include <mbedtls/error.h>
31#include <string.h>
32
33/* Use builtin defines specific to this compilation unit, since the test driver
34 * relies on the software driver. */
35#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
36 ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) )
37#define BUILTIN_ALG_CMAC 1
38#endif
39#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
40 ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) )
41#define BUILTIN_ALG_HMAC 1
42#endif
43
Steven Cooreman82c66b62021-03-19 17:39:17 +0100[diff] [blame]44#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
45static size_t psa_get_hash_block_size( psa_algorithm_t alg )
46{
47 switch( alg )
48 {
49 case PSA_ALG_MD2:
50 return( 16 );
51 case PSA_ALG_MD4:
52 return( 64 );
53 case PSA_ALG_MD5:
54 return( 64 );
55 case PSA_ALG_RIPEMD160:
56 return( 64 );
57 case PSA_ALG_SHA_1:
58 return( 64 );
59 case PSA_ALG_SHA_224:
60 return( 64 );
61 case PSA_ALG_SHA_256:
62 return( 64 );
63 case PSA_ALG_SHA_384:
64 return( 128 );
65 case PSA_ALG_SHA_512:
66 return( 128 );
67 default:
68 return( 0 );
69 }
70}
71
72psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
73{
74 mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
75 return( psa_hash_abort( &hmac->hash_ctx ) );
76}
77
78psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
79 const uint8_t *key,
80 size_t key_length,
81 psa_algorithm_t hash_alg )
82{
83 uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
84 size_t i;
85 size_t hash_size = PSA_HASH_LENGTH( hash_alg );
86 size_t block_size = psa_get_hash_block_size( hash_alg );
87 psa_status_t status;
88
89 hmac->alg = hash_alg;
90
91 /* Sanity checks on block_size, to guarantee that there won't be a buffer
92 * overflow below. This should never trigger if the hash algorithm
93 * is implemented correctly. */
94 /* The size checks against the ipad and opad buffers cannot be written
95 * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
96 * because that triggers -Wlogical-op on GCC 7.3. */
97 if( block_size > sizeof( ipad ) )
98 return( PSA_ERROR_NOT_SUPPORTED );
99 if( block_size > sizeof( hmac->opad ) )
100 return( PSA_ERROR_NOT_SUPPORTED );
101 if( block_size < hash_size )
102 return( PSA_ERROR_NOT_SUPPORTED );
103
104 if( key_length > block_size )
105 {
106 status = psa_hash_compute( hash_alg, key, key_length,
107 ipad, sizeof( ipad ), &key_length );
108 if( status != PSA_SUCCESS )
109 goto cleanup;
110 }
111 /* A 0-length key is not commonly used in HMAC when used as a MAC,
112 * but it is permitted. It is common when HMAC is used in HKDF, for
113 * example. Don't call `memcpy` in the 0-length because `key` could be
114 * an invalid pointer which would make the behavior undefined. */
115 else if( key_length != 0 )
116 memcpy( ipad, key, key_length );
117
118 /* ipad contains the key followed by garbage. Xor and fill with 0x36
119 * to create the ipad value. */
120 for( i = 0; i < key_length; i++ )
121 ipad[i] ^= 0x36;
122 memset( ipad + key_length, 0x36, block_size - key_length );
123
124 /* Copy the key material from ipad to opad, flipping the requisite bits,
125 * and filling the rest of opad with the requisite constant. */
126 for( i = 0; i < key_length; i++ )
127 hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
128 memset( hmac->opad + key_length, 0x5C, block_size - key_length );
129
130 status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
131 if( status != PSA_SUCCESS )
132 goto cleanup;
133
134 status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
135
136cleanup:
137 mbedtls_platform_zeroize( ipad, sizeof( ipad ) );
138
139 return( status );
140}
141
Steven Cooreman4fdf0602021-03-22 12:21:10 +0100[diff] [blame^]142psa_status_t psa_hmac_update_internal( psa_hmac_internal_data *hmac,
143 const uint8_t *data,
144 size_t data_length )
145{
146 return( psa_hash_update( &hmac->hash_ctx, data, data_length ) );
147}
148
Steven Cooreman82c66b62021-03-19 17:39:17 +0100[diff] [blame]149psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
150 uint8_t *mac,
151 size_t mac_size )
152{
153 uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
154 psa_algorithm_t hash_alg = hmac->alg;
155 size_t hash_size = 0;
156 size_t block_size = psa_get_hash_block_size( hash_alg );
157 psa_status_t status;
158
159 status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
160 if( status != PSA_SUCCESS )
161 return( status );
162 /* From here on, tmp needs to be wiped. */
163
164 status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
165 if( status != PSA_SUCCESS )
166 goto exit;
167
168 status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
169 if( status != PSA_SUCCESS )
170 goto exit;
171
172 status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
173 if( status != PSA_SUCCESS )
174 goto exit;
175
176 status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
177 if( status != PSA_SUCCESS )
178 goto exit;
179
180 memcpy( mac, tmp, mac_size );
181
182exit:
183 mbedtls_platform_zeroize( tmp, hash_size );
184 return( status );
185}
Steven Cooreman4fdf0602021-03-22 12:21:10 +0100[diff] [blame^]186
187psa_status_t psa_hmac_clone_internal( const psa_hmac_internal_data *source,
188 psa_hmac_internal_data *destination )
189{
190 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
191
192 destination->alg = source->alg;
193 destination->hash_ctx = psa_hash_operation_init();
194 status = psa_hash_clone( &source->hash_ctx, &destination->hash_ctx );
195 memcpy( destination->opad, source->opad, sizeof( destination->opad ) );
196
197 if( status != PSA_SUCCESS )
198 memset( destination, 0, sizeof( *destination ) );
199
200 return( status );
201}
Steven Cooreman82c66b62021-03-19 17:39:17 +0100[diff] [blame]202#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || PSA_CRYPTO_DRIVER_TEST */
203
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]204/* Implement the PSA driver MAC interface on top of mbed TLS if either the
205 * software driver or the test driver requires it. */
206#if defined(MBEDTLS_PSA_BUILTIN_MAC) || defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooremane6804192021-03-19 18:28:56 +0100[diff] [blame]207
208#if defined(BUILTIN_ALG_CMAC)
209static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
210 const psa_key_attributes_t *attributes,
211 const uint8_t *key_buffer,
212 size_t key_buffer_size )
213{
214 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
215 const mbedtls_cipher_info_t * cipher_info_tmp =
216 mbedtls_cipher_info_from_psa(
217 PSA_ALG_CMAC,
218 psa_get_key_type( attributes ),
219 psa_get_key_bits( attributes ),
220 NULL );
221
222 if( cipher_info_tmp == NULL )
223 return( PSA_ERROR_NOT_SUPPORTED );
224
225 if( key_buffer_size < PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) )
226 return( PSA_ERROR_INVALID_ARGUMENT );
227
228 ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info_tmp );
229 if( ret != 0 )
230 goto exit;
231
232 ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
233 key_buffer,
234 psa_get_key_bits( attributes ) );
235exit:
236 return( mbedtls_to_psa_error( ret ) );
237}
238#endif /* BUILTIN_ALG_CMAC */
239
240/* Initialize this driver's MAC operation structure. Once this function has been
241 * called, mbedtls_psa_mac_abort can run and will do the right thing. */
242static psa_status_t mac_init(
243 mbedtls_psa_mac_operation_t *operation,
244 psa_algorithm_t alg )
245{
246 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
247
248 operation->alg = PSA_ALG_FULL_LENGTH_MAC( alg );
249 operation->key_set = 0;
250 operation->iv_set = 0;
251 operation->iv_required = 0;
252 operation->has_input = 0;
253 operation->is_sign = 0;
254
255#if defined(BUILTIN_ALG_CMAC)
256 if( operation->alg == PSA_ALG_CMAC )
257 {
258 operation->iv_required = 0;
259 mbedtls_cipher_init( &operation->ctx.cmac );
260 status = PSA_SUCCESS;
261 }
262 else
263#endif /* BUILTIN_ALG_CMAC */
264#if defined(BUILTIN_ALG_HMAC)
265 if( PSA_ALG_IS_HMAC( operation->alg ) )
266 {
267 /* We'll set up the hash operation later in psa_hmac_setup_internal. */
268 operation->ctx.hmac.alg = 0;
269 status = PSA_SUCCESS;
270 }
271 else
272#endif /* BUILTIN_ALG_HMAC */
273 {
274 if( ! PSA_ALG_IS_MAC( alg ) )
275 status = PSA_ERROR_INVALID_ARGUMENT;
276 }
277
278 if( status != PSA_SUCCESS )
279 memset( operation, 0, sizeof( *operation ) );
280 return( status );
281}
282
283static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation )
284{
285 if( operation->alg == 0 )
286 {
287 /* The object has (apparently) been initialized but it is not
288 * in use. It's ok to call abort on such an object, and there's
289 * nothing to do. */
290 return( PSA_SUCCESS );
291 }
292 else
293#if defined(BUILTIN_ALG_CMAC)
294 if( operation->alg == PSA_ALG_CMAC )
295 {
296 mbedtls_cipher_free( &operation->ctx.cmac );
297 }
298 else
299#endif /* BUILTIN_ALG_CMAC */
300#if defined(BUILTIN_ALG_HMAC)
301 if( PSA_ALG_IS_HMAC( operation->alg ) )
302 {
303 psa_hmac_abort_internal( &operation->ctx.hmac );
304 }
305 else
306#endif /* BUILTIN_ALG_HMAC */
307 {
308 /* Sanity check (shouldn't happen: operation->alg should
309 * always have been initialized to a valid value). */
310 goto bad_state;
311 }
312
313 operation->alg = 0;
314 operation->key_set = 0;
315 operation->iv_set = 0;
316 operation->iv_required = 0;
317 operation->has_input = 0;
318 operation->is_sign = 0;
319
320 return( PSA_SUCCESS );
321
322bad_state:
323 /* If abort is called on an uninitialized object, we can't trust
324 * anything. Wipe the object in case it contains confidential data.
325 * This may result in a memory leak if a pointer gets overwritten,
326 * but it's too late to do anything about this. */
327 memset( operation, 0, sizeof( *operation ) );
328 return( PSA_ERROR_BAD_STATE );
329}
330
331static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
332 const psa_key_attributes_t *attributes,
333 const uint8_t *key_buffer,
334 size_t key_buffer_size,
335 psa_algorithm_t alg,
336 int is_sign )
337{
338 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
339
340 /* A context must be freshly initialized before it can be set up. */
341 if( operation->alg != 0 )
342 {
343 return( PSA_ERROR_BAD_STATE );
344 }
345
346 status = mac_init( operation, alg );
347 if( status != PSA_SUCCESS )
348 return( status );
349 if( is_sign )
350 operation->is_sign = 1;
351
352 /* Get the output length for the algorithm and key combination. None of the
353 * currently supported algorithms have an output length dependent on actual
354 * key size, so setting it to a bogus value is currently OK. */
355 operation->mac_size =
356 PSA_MAC_LENGTH( psa_get_key_type( attributes ), 0, alg );
357
358#if defined(BUILTIN_ALG_CMAC)
359 if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
360 {
361 status = cmac_setup( operation, attributes,
362 key_buffer, key_buffer_size );
363 }
364 else
365#endif /* BUILTIN_ALG_CMAC */
366#if defined(BUILTIN_ALG_HMAC)
367 if( PSA_ALG_IS_HMAC( alg ) )
368 {
369 /* Sanity check. This shouldn't fail on a valid configuration. */
370 if( operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
371 {
372 status = PSA_ERROR_NOT_SUPPORTED;
373 goto exit;
374 }
375
376 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_HMAC )
377 {
378 status = PSA_ERROR_INVALID_ARGUMENT;
379 goto exit;
380 }
381
382 status = psa_hmac_setup_internal( &operation->ctx.hmac,
383 key_buffer,
384 key_buffer_size,
385 PSA_ALG_HMAC_GET_HASH( alg ) );
386 }
387 else
388#endif /* BUILTIN_ALG_HMAC */
389 {
390 status = PSA_ERROR_NOT_SUPPORTED;
391 }
392
393exit:
394 if( status == PSA_SUCCESS )
395 operation->key_set = 1;
396 else
397 mac_abort( operation );
398
399 return( status );
400}
401
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]402static psa_status_t mac_compute(
403 const psa_key_attributes_t *attributes,
404 const uint8_t *key_buffer,
405 size_t key_buffer_size,
406 psa_algorithm_t alg,
407 const uint8_t *input,
408 size_t input_length,
409 uint8_t *mac,
410 size_t mac_size,
411 size_t *mac_length )
412{
Steven Cooreman82c66b62021-03-19 17:39:17 +0100[diff] [blame]413 /* One-shot MAC has not been implemented in this PSA implementation yet. */
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]414 (void) attributes;
415 (void) key_buffer;
416 (void) key_buffer_size;
417 (void) alg;
418 (void) input;
419 (void) input_length;
420 (void) mac;
421 (void) mac_size;
422 (void) mac_length;
423 return( PSA_ERROR_NOT_SUPPORTED );
424}
425
426static psa_status_t mac_sign_setup(
427 mbedtls_psa_mac_operation_t *operation,
428 const psa_key_attributes_t *attributes,
429 const uint8_t *key_buffer,
430 size_t key_buffer_size,
431 psa_algorithm_t alg )
432{
Steven Cooremane6804192021-03-19 18:28:56 +0100[diff] [blame]433 return( mac_setup( operation, attributes, key_buffer, key_buffer_size, alg,
434 1 ) );
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]435}
436
437static psa_status_t mac_verify_setup(
438 mbedtls_psa_mac_operation_t *operation,
439 const psa_key_attributes_t *attributes,
440 const uint8_t *key_buffer,
441 size_t key_buffer_size,
442 psa_algorithm_t alg )
443{
Steven Cooremane6804192021-03-19 18:28:56 +0100[diff] [blame]444 return( mac_setup( operation, attributes, key_buffer, key_buffer_size, alg,
445 0 ) );
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]446}
447
448static psa_status_t mac_update(
449 mbedtls_psa_mac_operation_t *operation,
450 const uint8_t *input,
451 size_t input_length )
452{
Steven Cooreman6e7f2912021-03-19 18:38:46 +0100[diff] [blame]453 if( ! operation->key_set )
454 return( PSA_ERROR_BAD_STATE );
455 if( operation->iv_required && ! operation->iv_set )
456 return( PSA_ERROR_BAD_STATE );
457 operation->has_input = 1;
458
459#if defined(BUILTIN_ALG_CMAC)
460 if( operation->alg == PSA_ALG_CMAC )
461 {
462 return( mbedtls_to_psa_error(
463 mbedtls_cipher_cmac_update( &operation->ctx.cmac,
464 input, input_length ) ) );
465 }
466 else
467#endif /* BUILTIN_ALG_CMAC */
468#if defined(BUILTIN_ALG_HMAC)
469 if( PSA_ALG_IS_HMAC( operation->alg ) )
470 {
471 return( psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
472 input_length ) );
473 }
474 else
475#endif /* BUILTIN_ALG_HMAC */
476 {
477 /* This shouldn't happen if `operation` was initialized by
478 * a setup function. */
479 return( PSA_ERROR_BAD_STATE );
480 }
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]481}
482
Steven Cooremana5b860a2021-03-19 19:04:39 +0100[diff] [blame]483static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation,
484 uint8_t *mac,
485 size_t mac_size )
486{
487 if( ! operation->key_set )
488 return( PSA_ERROR_BAD_STATE );
489 if( operation->iv_required && ! operation->iv_set )
490 return( PSA_ERROR_BAD_STATE );
491
492 if( mac_size < operation->mac_size )
493 return( PSA_ERROR_BUFFER_TOO_SMALL );
494
495#if defined(BUILTIN_ALG_CMAC)
496 if( operation->alg == PSA_ALG_CMAC )
497 {
498 uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
499 int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
500 if( ret == 0 )
501 memcpy( mac, tmp, operation->mac_size );
502 mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
503 return( mbedtls_to_psa_error( ret ) );
504 }
505 else
506#endif /* BUILTIN_ALG_CMAC */
507#if defined(BUILTIN_ALG_HMAC)
508 if( PSA_ALG_IS_HMAC( operation->alg ) )
509 {
510 return( psa_hmac_finish_internal( &operation->ctx.hmac,
511 mac, operation->mac_size ) );
512 }
513 else
514#endif /* BUILTIN_ALG_HMAC */
515 {
516 /* This shouldn't happen if `operation` was initialized by
517 * a setup function. */
518 return( PSA_ERROR_BAD_STATE );
519 }
520}
521
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]522static psa_status_t mac_sign_finish(
523 mbedtls_psa_mac_operation_t *operation,
524 uint8_t *mac,
525 size_t mac_size,
526 size_t *mac_length )
527{
Steven Cooremana5b860a2021-03-19 19:04:39 +0100[diff] [blame]528 psa_status_t status;
529
530 if( operation->alg == 0 )
531 return( PSA_ERROR_BAD_STATE );
532
533 if( ! operation->is_sign )
534 return( PSA_ERROR_BAD_STATE );
535
536 status = mac_finish_internal( operation, mac, mac_size );
537
538 if( status == PSA_SUCCESS )
539 *mac_length = operation->mac_size;
540
541 return( status );
542}
543
544/* constant-time buffer comparison */
545static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
546{
547 size_t i;
548 unsigned char diff = 0;
549
550 for( i = 0; i < n; i++ )
551 diff |= a[i] ^ b[i];
552
553 return( diff );
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]554}
555
556static psa_status_t mac_verify_finish(
557 mbedtls_psa_mac_operation_t *operation,
558 const uint8_t *mac,
559 size_t mac_length )
560{
Steven Cooremana5b860a2021-03-19 19:04:39 +0100[diff] [blame]561 uint8_t actual_mac[PSA_MAC_MAX_SIZE];
562 psa_status_t status;
563
564 if( operation->alg == 0 )
565 return( PSA_ERROR_BAD_STATE );
566
567 if( operation->is_sign )
568 return( PSA_ERROR_BAD_STATE );
569
570 if( operation->mac_size != mac_length )
571 {
572 status = PSA_ERROR_INVALID_SIGNATURE;
573 goto cleanup;
574 }
575
576 status = mac_finish_internal( operation, actual_mac, sizeof( actual_mac ) );
577 if( status != PSA_SUCCESS )
578 goto cleanup;
579
580 if( safer_memcmp( mac, actual_mac, mac_length ) != 0 )
581 status = PSA_ERROR_INVALID_SIGNATURE;
582
583cleanup:
584 mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
585
586 return( status );
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]587}
Steven Cooremand13a70f2021-03-19 15:24:23 +0100[diff] [blame]588#endif /* MBEDTLS_PSA_BUILTIN_MAC || PSA_CRYPTO_DRIVER_TEST */
589
590#if defined(MBEDTLS_PSA_BUILTIN_MAC)
591psa_status_t mbedtls_psa_mac_compute(
592 const psa_key_attributes_t *attributes,
593 const uint8_t *key_buffer,
594 size_t key_buffer_size,
595 psa_algorithm_t alg,
596 const uint8_t *input,
597 size_t input_length,
598 uint8_t *mac,
599 size_t mac_size,
600 size_t *mac_length )
601{
602 return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
603 input, input_length,
604 mac, mac_size, mac_length ) );
605}
606
607psa_status_t mbedtls_psa_mac_sign_setup(
608 mbedtls_psa_mac_operation_t *operation,
609 const psa_key_attributes_t *attributes,
610 const uint8_t *key_buffer,
611 size_t key_buffer_size,
612 psa_algorithm_t alg )
613{
614 return( mac_sign_setup( operation, attributes,
615 key_buffer, key_buffer_size, alg ) );
616}
617
618psa_status_t mbedtls_psa_mac_verify_setup(
619 mbedtls_psa_mac_operation_t *operation,
620 const psa_key_attributes_t *attributes,
621 const uint8_t *key_buffer,
622 size_t key_buffer_size,
623 psa_algorithm_t alg )
624{
625 return( mac_verify_setup( operation, attributes,
626 key_buffer, key_buffer_size, alg ) );
627}
628
629psa_status_t mbedtls_psa_mac_update(
630 mbedtls_psa_mac_operation_t *operation,
631 const uint8_t *input,
632 size_t input_length )
633{
634 return( mac_update( operation, input, input_length ) );
635}
636
637psa_status_t mbedtls_psa_mac_sign_finish(
638 mbedtls_psa_mac_operation_t *operation,
639 uint8_t *mac,
640 size_t mac_size,
641 size_t *mac_length )
642{
643 return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
644}
645
646psa_status_t mbedtls_psa_mac_verify_finish(
647 mbedtls_psa_mac_operation_t *operation,
648 const uint8_t *mac,
649 size_t mac_length )
650{
651 return( mac_verify_finish( operation, mac, mac_length ) );
652}
653
654psa_status_t mbedtls_psa_mac_abort(
655 mbedtls_psa_mac_operation_t *operation )
656{
657 return( mac_abort( operation ) );
658}
659#endif /* MBEDTLS_PSA_BUILTIN_MAC */
660
661 /*
662 * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
663 */
664#if defined(PSA_CRYPTO_DRIVER_TEST)
665
666static int is_mac_accelerated( psa_algorithm_t alg )
667{
668#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
669 if( PSA_ALG_IS_HMAC( alg ) )
670 return( 1 );
671#endif
672
673 switch( PSA_ALG_FULL_LENGTH_MAC( alg ) )
674 {
675#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
676 case PSA_ALG_CMAC:
677 return( 1 );
678#endif
679 default:
680 return( 0 );
681 }
682}
683
684psa_status_t mbedtls_transparent_test_driver_mac_compute(
685 const psa_key_attributes_t *attributes,
686 const uint8_t *key_buffer,
687 size_t key_buffer_size,
688 psa_algorithm_t alg,
689 const uint8_t *input,
690 size_t input_length,
691 uint8_t *mac,
692 size_t mac_size,
693 size_t *mac_length )
694{
695 if( is_mac_accelerated( alg ) )
696 return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
697 input, input_length,
698 mac, mac_size, mac_length ) );
699 else
700 return( PSA_ERROR_NOT_SUPPORTED );
701}
702
703psa_status_t mbedtls_transparent_test_driver_mac_sign_setup(
704 mbedtls_transparent_test_driver_mac_operation_t *operation,
705 const psa_key_attributes_t *attributes,
706 const uint8_t *key_buffer,
707 size_t key_buffer_size,
708 psa_algorithm_t alg )
709{
710 if( is_mac_accelerated( alg ) )
711 return( mac_sign_setup( operation, attributes,
712 key_buffer, key_buffer_size, alg ) );
713 else
714 return( PSA_ERROR_NOT_SUPPORTED );
715}
716
717psa_status_t mbedtls_transparent_test_driver_mac_verify_setup(
718 mbedtls_transparent_test_driver_mac_operation_t *operation,
719 const psa_key_attributes_t *attributes,
720 const uint8_t *key_buffer,
721 size_t key_buffer_size,
722 psa_algorithm_t alg )
723{
724 if( is_mac_accelerated( alg ) )
725 return( mac_verify_setup( operation, attributes,
726 key_buffer, key_buffer_size, alg ) );
727 else
728 return( PSA_ERROR_NOT_SUPPORTED );
729}
730
731psa_status_t mbedtls_transparent_test_driver_mac_update(
732 mbedtls_transparent_test_driver_mac_operation_t *operation,
733 const uint8_t *input,
734 size_t input_length )
735{
736 if( is_mac_accelerated( operation->alg ) )
737 return( mac_update( operation, input, input_length ) );
738 else
739 return( PSA_ERROR_BAD_STATE );
740}
741
742psa_status_t mbedtls_transparent_test_driver_mac_sign_finish(
743 mbedtls_transparent_test_driver_mac_operation_t *operation,
744 uint8_t *mac,
745 size_t mac_size,
746 size_t *mac_length )
747{
748 if( is_mac_accelerated( operation->alg ) )
749 return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
750 else
751 return( PSA_ERROR_BAD_STATE );
752}
753
754psa_status_t mbedtls_transparent_test_driver_mac_verify_finish(
755 mbedtls_transparent_test_driver_mac_operation_t *operation,
756 const uint8_t *mac,
757 size_t mac_length )
758{
759 if( is_mac_accelerated( operation->alg ) )
760 return( mac_verify_finish( operation, mac, mac_length ) );
761 else
762 return( PSA_ERROR_BAD_STATE );
763}
764
765psa_status_t mbedtls_transparent_test_driver_mac_abort(
766 mbedtls_transparent_test_driver_mac_operation_t *operation )
767{
768 return( mac_abort( operation ) );
769}
770
771psa_status_t mbedtls_opaque_test_driver_mac_compute(
772 const psa_key_attributes_t *attributes,
773 const uint8_t *key_buffer,
774 size_t key_buffer_size,
775 psa_algorithm_t alg,
776 const uint8_t *input,
777 size_t input_length,
778 uint8_t *mac,
779 size_t mac_size,
780 size_t *mac_length )
781{
782 /* Opaque driver testing is not implemented yet through this mechanism. */
783 (void) attributes;
784 (void) key_buffer;
785 (void) key_buffer_size;
786 (void) alg;
787 (void) input;
788 (void) input_length;
789 (void) mac;
790 (void) mac_size;
791 (void) mac_length;
792 return( PSA_ERROR_NOT_SUPPORTED );
793}
794
795psa_status_t mbedtls_opaque_test_driver_mac_sign_setup(
796 mbedtls_opaque_test_driver_mac_operation_t *operation,
797 const psa_key_attributes_t *attributes,
798 const uint8_t *key_buffer,
799 size_t key_buffer_size,
800 psa_algorithm_t alg )
801{
802 /* Opaque driver testing is not implemented yet through this mechanism. */
803 (void) operation;
804 (void) attributes;
805 (void) key_buffer;
806 (void) key_buffer_size;
807 (void) alg;
808 return( PSA_ERROR_NOT_SUPPORTED );
809}
810
811psa_status_t mbedtls_opaque_test_driver_mac_verify_setup(
812 mbedtls_opaque_test_driver_mac_operation_t *operation,
813 const psa_key_attributes_t *attributes,
814 const uint8_t *key_buffer,
815 size_t key_buffer_size,
816 psa_algorithm_t alg )
817{
818 /* Opaque driver testing is not implemented yet through this mechanism. */
819 (void) operation;
820 (void) attributes;
821 (void) key_buffer;
822 (void) key_buffer_size;
823 (void) alg;
824 return( PSA_ERROR_NOT_SUPPORTED );
825}
826
827psa_status_t mbedtls_opaque_test_driver_mac_update(
828 mbedtls_opaque_test_driver_mac_operation_t *operation,
829 const uint8_t *input,
830 size_t input_length )
831{
832 /* Opaque driver testing is not implemented yet through this mechanism. */
833 (void) operation;
834 (void) input;
835 (void) input_length;
836 return( PSA_ERROR_NOT_SUPPORTED );
837}
838
839psa_status_t mbedtls_opaque_test_driver_mac_sign_finish(
840 mbedtls_opaque_test_driver_mac_operation_t *operation,
841 uint8_t *mac,
842 size_t mac_size,
843 size_t *mac_length )
844{
845 /* Opaque driver testing is not implemented yet through this mechanism. */
846 (void) operation;
847 (void) mac;
848 (void) mac_size;
849 (void) mac_length;
850 return( PSA_ERROR_NOT_SUPPORTED );
851}
852
853psa_status_t mbedtls_opaque_test_driver_mac_verify_finish(
854 mbedtls_opaque_test_driver_mac_operation_t *operation,
855 const uint8_t *mac,
856 size_t mac_length )
857{
858 /* Opaque driver testing is not implemented yet through this mechanism. */
859 (void) operation;
860 (void) mac;
861 (void) mac_length;
862 return( PSA_ERROR_NOT_SUPPORTED );
863}
864
865psa_status_t mbedtls_opaque_test_driver_mac_abort(
866 mbedtls_opaque_test_driver_mac_operation_t *operation )
867{
868 /* Opaque driver testing is not implemented yet through this mechanism. */
869 (void) operation;
870 return( PSA_ERROR_NOT_SUPPORTED );
871}
872
873#endif /* PSA_CRYPTO_DRIVER_TEST */
874
875#endif /* MBEDTLS_PSA_CRYPTO_C */