Knight KE / Mbed OS Game_Master

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers shalib.c Source File

shalib.c

00001 /*
00002  * Copyright (c) 2014-2017, Arm Limited and affiliates.
00003  * SPDX-License-Identifier: Apache-2.0
00004  *
00005  * Licensed under the Apache License, Version 2.0 (the "License");
00006  * you may not use this file except in compliance with the License.
00007  * You may obtain a copy of the License at
00008  *
00009  *     http://www.apache.org/licenses/LICENSE-2.0
00010  *
00011  * Unless required by applicable law or agreed to in writing, software
00012  * distributed under the License is distributed on an "AS IS" BASIS,
00013  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00014  * See the License for the specific language governing permissions and
00015  * limitations under the License.
00016  */
00017 
00018 #include "nsconfig.h"
00019 #include "common_functions.h"
00020 #include <stdint.h>
00021 #include <string.h>
00022 #include "shalib.h"
00023 #include "ns_sha256.h"
00024 
00025 #define SHALIB_OPAD 0x5c
00026 #define SHALIB_IPAD 0x36
00027 
00028 static void SHALIB_presecret_set(uint8_t *buffer, uint8_t operation);
00029 static void SHALIB_HMAC_inpad(void);
00030 
00031 static prf_sec_param_t prf_sec;
00032 
00033 static ns_sha256_context hmac_sha_ctx;
00034 
00035 
00036 static void SHALIB_presecret_set(uint8_t *buffer, uint8_t operation)
00037 {
00038     uint8_t i;
00039     memset(buffer, 0, 64);
00040     memcpy(buffer, prf_sec.secret, prf_sec.sec_len);
00041 
00042     for (i = 0; i < 64; i++) {
00043         buffer[i] ^= operation;
00044     }
00045 }
00046 
00047 
00048 void SHALIB_init_HMAC(const uint8_t *secret, uint8_t sec_len)
00049 {
00050     prf_sec.sec_len  = sec_len;
00051     prf_sec.secret = secret;
00052     SHALIB_HMAC_inpad();
00053 }
00054 
00055 static void SHALIB_HMAC_inpad(void)
00056 {
00057     uint8_t Kipad[64];
00058     SHALIB_presecret_set(Kipad, SHALIB_IPAD);
00059     ns_sha256_init(&hmac_sha_ctx);
00060     ns_sha256_starts(&hmac_sha_ctx);
00061     ns_sha256_update(&hmac_sha_ctx, Kipad, 64);
00062 }
00063 
00064 void SHALIB_push_data_HMAC(const void *data, uint16_t len)
00065 {
00066     ns_sha256_update(&hmac_sha_ctx, data, len);
00067 }
00068 
00069 void SHALIB_finish_HMAC(void *buffer, uint8_t len)
00070 {
00071     {
00072         uint8_t hash[32];
00073 
00074         ns_sha256_finish(&hmac_sha_ctx, hash);
00075         ns_sha256_starts(&hmac_sha_ctx);
00076         {
00077             uint8_t Kopad[64];
00078             SHALIB_presecret_set(Kopad, SHALIB_OPAD);
00079             ns_sha256_update(&hmac_sha_ctx, Kopad, 64);
00080         }
00081         ns_sha256_update(&hmac_sha_ctx, hash, 32);
00082     }
00083     ns_sha256_finish_nbits(&hmac_sha_ctx, buffer, len * 32);
00084     ns_sha256_free(&hmac_sha_ctx);
00085 }
00086 
00087 
00088 prf_sec_param_t *shalib_prf_param_get(void)
00089 {
00090     return &prf_sec;
00091 }
00092 
00093 void shalib_prf_calc(void *output, uint_fast16_t nwords)
00094 {
00095     uint8_t *outptr = output;
00096     uint8_t A[32];
00097 
00098     if (nwords == 0) {
00099         return;
00100     }
00101 
00102     /* Compute initial A(1) = HMAC(secret, label + seed) */
00103     SHALIB_HMAC_inpad();
00104     SHALIB_push_data_HMAC(prf_sec.label, strlen(prf_sec.label));
00105     SHALIB_push_data_HMAC(prf_sec.seed, prf_sec.seedlen);
00106     SHALIB_finish_HMAC(A, 8);
00107 
00108     for (;;) {
00109         /* Output PRF(i) = HMAC(secret, A(i) + label + seed) */
00110         SHALIB_HMAC_inpad();
00111         SHALIB_push_data_HMAC(A, 32);
00112         SHALIB_push_data_HMAC(prf_sec.label, strlen(prf_sec.label));
00113         SHALIB_push_data_HMAC(prf_sec.seed, prf_sec.seedlen);
00114         unsigned words_this_time = nwords > 8 ? 8 : nwords;
00115         SHALIB_finish_HMAC(outptr, words_this_time);
00116         outptr += words_this_time * 4;
00117         nwords -= words_this_time;
00118         if (nwords == 0) {
00119             break;
00120         }
00121 
00122         /* Compute A(i+1) = HMAC(secret, A(i)) */
00123         SHALIB_HMAC_inpad();
00124         SHALIB_push_data_HMAC(A, 32);
00125         SHALIB_finish_HMAC(A, 8);
00126     }
00127 }