From f2dfa96fda52c870ad0604a9da9a002fca241329 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Sun, 6 May 2018 07:10:38 +0000 Subject: HMAC templates added. git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@12004 110e8d01-0319-4d1e-a829-52ad28d1bb01 --- os/hal/include/hal_crypto.h | 27 ++- os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 152 +++++++++++++++++ os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 36 ++++ os/hal/src/hal_crypto.c | 224 ++++++++++++++++++++++++- os/hal/templates/hal_can_lld.h | 4 +- os/hal/templates/hal_crypto_lld.c | 152 +++++++++++++++++ os/hal/templates/hal_crypto_lld.h | 36 ++++ 7 files changed, 622 insertions(+), 9 deletions(-) (limited to 'os/hal') diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h index f9a643f9a..060480d0c 100644 --- a/os/hal/include/hal_crypto.h +++ b/os/hal/include/hal_crypto.h @@ -33,6 +33,8 @@ /** * @brief Maximum size of a key for all supported algorithms. + * @note It could be redefined by the LLD or the crypto fallback + * implementations. */ #define HAL_CRY_MAX_KEY_SIZE 32 @@ -106,7 +108,8 @@ typedef enum { typedef enum { cry_algo_none = 0, cry_algo_aes, /**< AES 128, 192, 256 bits. */ - cry_algo_des /**< DES 56, TDES 112, 168 bits.*/ + cry_algo_des, /**< DES 56, TDES 112, 168 bits.*/ + cry_algo_hmac /**< HMAC variable size. */ } cryalgorithm_t; #if HAL_CRY_ENFORCE_FALLBACK == FALSE @@ -125,6 +128,8 @@ typedef enum { !defined(CRY_LLD_SUPPORTS_SHA1) || \ !defined(CRY_LLD_SUPPORTS_SHA256) || \ !defined(CRY_LLD_SUPPORTS_SHA512) || \ + !defined(CRY_LLD_SUPPORTS_HMAC_SHA256) || \ + !defined(CRY_LLD_SUPPORTS_HMAC_SHA512) || \ !defined(CRY_LLD_SUPPORTS_TRNG) #error "CRYPTO LLD does not export the required switches" #endif @@ -144,6 +149,8 @@ typedef enum { #define CRY_LLD_SUPPORTS_SHA1 FALSE #define CRY_LLD_SUPPORTS_SHA256 FALSE #define CRY_LLD_SUPPORTS_SHA512 FALSE +#define CRY_LLD_SUPPORTS_HMAC_SHA256 FALSE +#define CRY_LLD_SUPPORTS_HMAC_SHA512 FALSE #define CRY_LLD_SUPPORTS_TRNG FALSE typedef uint_fast8_t crykey_t; @@ -334,6 +341,24 @@ extern "C" { size_t size, const uint8_t *in); cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out); + cryerror_t cryHMACSHA256Init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp); + cryerror_t cryHMACSHA256Update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, + const uint8_t *in); + cryerror_t cryHMACSHA256Final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out); + cryerror_t cryHMACSHA512Init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp); + cryerror_t cryHMACSHA512Update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, + const uint8_t *in); + cryerror_t cryHMACSHA512Final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out); cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index bdbebe47d..2aa55fdd1 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -1063,6 +1063,158 @@ cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, return CRY_ERR_INV_ALGO; } +/** + * @brief Hash initialization using HMAC_SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha256ctxp pointer to a HMAC_SHA256 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp) { + + (void)cryp; + (void)hmacsha256ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, + const uint8_t *in) { + + (void)cryp; + (void)hmacsha256ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out) { + + (void)cryp; + (void)hmacsha256ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash initialization using HMAC_SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha512ctxp pointer to a HMAC_SHA512 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp) { + + (void)cryp; + (void)hmacsha512ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, + const uint8_t *in) { + + (void)cryp; + (void)hmacsha512ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out) { + + (void)cryp; + (void)hmacsha512ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + /** * @brief True random numbers generator. * diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index e2ba05f01..3df88be47 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -47,6 +47,8 @@ #define CRY_LLD_SUPPORTS_SHA1 TRUE #define CRY_LLD_SUPPORTS_SHA256 TRUE #define CRY_LLD_SUPPORTS_SHA512 TRUE +#define CRY_LLD_SUPPORTS_HMAC_SHA256 TRUE +#define CRY_LLD_SUPPORTS_HMAC_SHA512 TRUE #define CRY_LLD_SUPPORTS_TRNG TRUE /** @{ */ @@ -153,6 +155,24 @@ typedef struct { } SHA512Context; #endif +#if (CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a HMAC_SHA256 context. + */ +typedef struct { + uint32_t dummy; +} HMACSHA256Context; +#endif + +#if (CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a HMAC_SHA512 context. + */ +typedef struct { + uint32_t dummy; +} HMACSHA512Context; +#endif + /*===========================================================================*/ /* Driver macros. */ /*===========================================================================*/ @@ -292,6 +312,22 @@ extern "C" { size_t size, const uint8_t *in); cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out); + cryerror_t cry_lld_HMACSHA256_init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp); + cryerror_t cry_lld_HMACSHA256_update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_HMACSHA256_final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out); + cryerror_t cry_lld_HMACSHA512_init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp); + cryerror_t cry_lld_HMACSHA512_update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_HMACSHA512_final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out); cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 3fb665098..e0ffc2f16 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -1237,7 +1237,7 @@ cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp) { osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA256 == TRUE return cry_lld_SHA256_init(cryp, sha256ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA256_init(cryp, sha256ctxp); @@ -1271,7 +1271,7 @@ cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA256 == TRUE return cry_lld_SHA256_update(cryp, sha256ctxp, size, in); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA256_update(cryp, sha256ctxp, size, in); @@ -1306,7 +1306,7 @@ cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA256 == TRUE return cry_lld_SHA256_final(cryp, sha256ctxp, out); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA256_final(cryp, sha256ctxp, out); @@ -1338,7 +1338,7 @@ cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp) { osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA512 == TRUE return cry_lld_SHA512_init(cryp, sha512ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA512_init(cryp, sha512ctxp); @@ -1372,7 +1372,7 @@ cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA512 == TRUE return cry_lld_SHA512_update(cryp, sha512ctxp, size, in); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA512_update(cryp, sha512ctxp, size, in); @@ -1407,7 +1407,7 @@ cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA1 == TRUE +#if CRY_LLD_SUPPORTS_SHA512 == TRUE return cry_lld_SHA512_final(cryp, sha512ctxp, out); #elif HAL_CRY_USE_FALLBACK == TRUE return cry_fallback_SHA512_final(cryp, sha512ctxp, out); @@ -1420,6 +1420,218 @@ cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, #endif } +/** + * @brief Hash initialization using HMAC_SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha256ctxp pointer to a HMAC_SHA256 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA256Init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_init(cryp, hmacsha256ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_init(cryp, hmacsha256ctxp); +#else + (void)cryp; + (void)hmacsha256ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA256Update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, + const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_update(cryp, hmacsha256ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_update(cryp, hmacsha256ctxp, size, in); +#else + (void)cryp; + (void)hmacsha256ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA256Final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_final(cryp, hmacsha256ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_final(cryp, hmacsha256ctxp, out); +#else + (void)cryp; + (void)hmacsha256ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using HMAC_SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha512ctxp pointer to a HMAC_SHA512 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA512Init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_init(cryp, hmacsha512ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_init(cryp, hmacsha512ctxp); +#else + (void)cryp; + (void)hmacsha512ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA512Update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, + const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_update(cryp, hmacsha512ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_update(cryp, hmacsha512ctxp, size, in); +#else + (void)cryp; + (void)hmacsha512ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryHMACSHA512Final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_final(cryp, hmacsha512ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_final(cryp, hmacsha512ctxp, out); +#else + (void)cryp; + (void)hmacsha512ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + /** * @brief True random numbers generator. * diff --git a/os/hal/templates/hal_can_lld.h b/os/hal/templates/hal_can_lld.h index e6a24478a..ae468e979 100644 --- a/os/hal/templates/hal_can_lld.h +++ b/os/hal/templates/hal_can_lld.h @@ -164,7 +164,7 @@ struct CANDriver { * @brief Receive threads queue. */ threads_queue_t rxqueue; -#if !defined(CAN_ENFORCE_USE_CALLBACKS) +#if (CAN_ENFORCE_USE_CALLBACKS == FALSE) || defined (__DOXYGEN__) /** * @brief One or more frames become available. * @note After broadcasting this event it will not be broadcasted again @@ -200,7 +200,7 @@ struct CANDriver { */ event_source_t wakeup_event; #endif -#else /* defined(CAN_ENFORCE_USE_CALLBACKS) */ +#else /* CAN_ENFORCE_USE_CALLBACKS == TRUE */ /** * @brief One or more frames become available. * @note After calling this function it will not be called again diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index e2f8af18a..5aea1aa7e 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -1063,6 +1063,158 @@ cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, return CRY_ERR_INV_ALGO; } +/** + * @brief Hash initialization using HMAC_SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha256ctxp pointer to a HMAC_SHA256 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp) { + + (void)cryp; + (void)hmacsha256ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, + const uint8_t *in) { + + (void)cryp; + (void)hmacsha256ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA256_final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out) { + + (void)cryp; + (void)hmacsha256ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash initialization using HMAC_SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha512ctxp pointer to a HMAC_SHA512 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp) { + + (void)cryp; + (void)hmacsha512ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, + const uint8_t *in) { + + (void)cryp; + (void)hmacsha512ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using HMAC. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_HMACSHA512_final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out) { + + (void)cryp; + (void)hmacsha512ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + /** * @brief True random numbers generator. * diff --git a/os/hal/templates/hal_crypto_lld.h b/os/hal/templates/hal_crypto_lld.h index 23cc18ee5..9c788808b 100644 --- a/os/hal/templates/hal_crypto_lld.h +++ b/os/hal/templates/hal_crypto_lld.h @@ -47,6 +47,8 @@ #define CRY_LLD_SUPPORTS_SHA1 TRUE #define CRY_LLD_SUPPORTS_SHA256 TRUE #define CRY_LLD_SUPPORTS_SHA512 TRUE +#define CRY_LLD_SUPPORTS_HMAC_SHA256 TRUE +#define CRY_LLD_SUPPORTS_HMAC_SHA512 TRUE #define CRY_LLD_SUPPORTS_TRNG TRUE /** @{ */ @@ -153,6 +155,24 @@ typedef struct { } SHA512Context; #endif +#if (CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a HMAC_SHA256 context. + */ +typedef struct { + uint32_t dummy; +} HMACSHA256Context; +#endif + +#if (CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a HMAC_SHA512 context. + */ +typedef struct { + uint32_t dummy; +} HMACSHA512Context; +#endif + /*===========================================================================*/ /* Driver macros. */ /*===========================================================================*/ @@ -292,6 +312,22 @@ extern "C" { size_t size, const uint8_t *in); cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out); + cryerror_t cry_lld_HMACSHA256_init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp); + cryerror_t cry_lld_HMACSHA256_update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_HMACSHA256_final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out); + cryerror_t cry_lld_HMACSHA512_init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp); + cryerror_t cry_lld_HMACSHA512_update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_HMACSHA512_final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out); cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } -- cgit v1.2.3