Xuyi Wang / wolfSSL

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

wolfcrypt/src/hmac.c@15:117db924cf7c, 2018-08-18 (annotated)

Committer:
wolfSSL
Date:
Sat Aug 18 22:20:43 2018 +0000
Revision:
15:117db924cf7c
wolfSSL 3.15.3

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 15:117db924cf7c 1 /* hmac.c
wolfSSL 15:117db924cf7c 2 *
wolfSSL 15:117db924cf7c 3 * Copyright (C) 2006-2017 wolfSSL Inc.
wolfSSL 15:117db924cf7c 4 *
wolfSSL 15:117db924cf7c 5 * This file is part of wolfSSL.
wolfSSL 15:117db924cf7c 6 *
wolfSSL 15:117db924cf7c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 15:117db924cf7c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 15:117db924cf7c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 15:117db924cf7c 10 * (at your option) any later version.
wolfSSL 15:117db924cf7c 11 *
wolfSSL 15:117db924cf7c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 15:117db924cf7c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 15:117db924cf7c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 15:117db924cf7c 15 * GNU General Public License for more details.
wolfSSL 15:117db924cf7c 16 *
wolfSSL 15:117db924cf7c 17 * You should have received a copy of the GNU General Public License
wolfSSL 15:117db924cf7c 18 * along with this program; if not, write to the Free Software
wolfSSL 15:117db924cf7c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 15:117db924cf7c 20 */
wolfSSL 15:117db924cf7c 21
wolfSSL 15:117db924cf7c 22
wolfSSL 15:117db924cf7c 23 #ifdef HAVE_CONFIG_H
wolfSSL 15:117db924cf7c 24 #include <config.h>
wolfSSL 15:117db924cf7c 25 #endif
wolfSSL 15:117db924cf7c 26
wolfSSL 15:117db924cf7c 27 #include <wolfssl/wolfcrypt/settings.h>
wolfSSL 15:117db924cf7c 28 #include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL 15:117db924cf7c 29
wolfSSL 15:117db924cf7c 30 #ifndef NO_HMAC
wolfSSL 15:117db924cf7c 31
wolfSSL 15:117db924cf7c 32 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 33 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
wolfSSL 15:117db924cf7c 34
wolfSSL 15:117db924cf7c 35 /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
wolfSSL 15:117db924cf7c 36 #define FIPS_NO_WRAPPERS
wolfSSL 15:117db924cf7c 37
wolfSSL 15:117db924cf7c 38 #ifdef USE_WINDOWS_API
wolfSSL 15:117db924cf7c 39 #pragma code_seg(".fipsA$b")
wolfSSL 15:117db924cf7c 40 #pragma const_seg(".fipsB$b")
wolfSSL 15:117db924cf7c 41 #endif
wolfSSL 15:117db924cf7c 42 #endif
wolfSSL 15:117db924cf7c 43
wolfSSL 15:117db924cf7c 44 #include <wolfssl/wolfcrypt/hmac.h>
wolfSSL 15:117db924cf7c 45
wolfSSL 15:117db924cf7c 46 #ifdef NO_INLINE
wolfSSL 15:117db924cf7c 47 #include <wolfssl/wolfcrypt/misc.h>
wolfSSL 15:117db924cf7c 48 #else
wolfSSL 15:117db924cf7c 49 #define WOLFSSL_MISC_INCLUDED
wolfSSL 15:117db924cf7c 50 #include <wolfcrypt/src/misc.c>
wolfSSL 15:117db924cf7c 51 #endif
wolfSSL 15:117db924cf7c 52
wolfSSL 15:117db924cf7c 53
wolfSSL 15:117db924cf7c 54 /* fips wrapper calls, user can call direct */
wolfSSL 15:117db924cf7c 55 /* If building for old FIPS. */
wolfSSL 15:117db924cf7c 56 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 57 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
wolfSSL 15:117db924cf7c 58
wolfSSL 15:117db924cf7c 59 /* does init */
wolfSSL 15:117db924cf7c 60 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
wolfSSL 15:117db924cf7c 61 {
wolfSSL 15:117db924cf7c 62 if (hmac == NULL || (key == NULL && keySz != 0) ||
wolfSSL 15:117db924cf7c 63 !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 ||
wolfSSL 15:117db924cf7c 64 type == WC_SHA384 || type == WC_SHA512 ||
wolfSSL 15:117db924cf7c 65 type == BLAKE2B_ID)) {
wolfSSL 15:117db924cf7c 66 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 67 }
wolfSSL 15:117db924cf7c 68
wolfSSL 15:117db924cf7c 69 return HmacSetKey_fips(hmac, type, key, keySz);
wolfSSL 15:117db924cf7c 70 }
wolfSSL 15:117db924cf7c 71 int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
wolfSSL 15:117db924cf7c 72 {
wolfSSL 15:117db924cf7c 73 if (hmac == NULL || (in == NULL && sz > 0)) {
wolfSSL 15:117db924cf7c 74 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 75 }
wolfSSL 15:117db924cf7c 76
wolfSSL 15:117db924cf7c 77 return HmacUpdate_fips(hmac, in, sz);
wolfSSL 15:117db924cf7c 78 }
wolfSSL 15:117db924cf7c 79 int wc_HmacFinal(Hmac* hmac, byte* out)
wolfSSL 15:117db924cf7c 80 {
wolfSSL 15:117db924cf7c 81 if (hmac == NULL) {
wolfSSL 15:117db924cf7c 82 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 83 }
wolfSSL 15:117db924cf7c 84
wolfSSL 15:117db924cf7c 85 return HmacFinal_fips(hmac, out);
wolfSSL 15:117db924cf7c 86 }
wolfSSL 15:117db924cf7c 87 int wolfSSL_GetHmacMaxSize(void)
wolfSSL 15:117db924cf7c 88 {
wolfSSL 15:117db924cf7c 89 return CyaSSL_GetHmacMaxSize();
wolfSSL 15:117db924cf7c 90 }
wolfSSL 15:117db924cf7c 91
wolfSSL 15:117db924cf7c 92 int wc_HmacInit(Hmac* hmac, void* heap, int devId)
wolfSSL 15:117db924cf7c 93 {
wolfSSL 15:117db924cf7c 94 (void)hmac;
wolfSSL 15:117db924cf7c 95 (void)heap;
wolfSSL 15:117db924cf7c 96 (void)devId;
wolfSSL 15:117db924cf7c 97 /* FIPS doesn't support:
wolfSSL 15:117db924cf7c 98 return HmacInit(hmac, heap, devId); */
wolfSSL 15:117db924cf7c 99 return 0;
wolfSSL 15:117db924cf7c 100 }
wolfSSL 15:117db924cf7c 101 void wc_HmacFree(Hmac* hmac)
wolfSSL 15:117db924cf7c 102 {
wolfSSL 15:117db924cf7c 103 (void)hmac;
wolfSSL 15:117db924cf7c 104 /* FIPS doesn't support:
wolfSSL 15:117db924cf7c 105 HmacFree(hmac); */
wolfSSL 15:117db924cf7c 106 }
wolfSSL 15:117db924cf7c 107
wolfSSL 15:117db924cf7c 108 #ifdef HAVE_HKDF
wolfSSL 15:117db924cf7c 109 int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 110 const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 111 const byte* info, word32 infoSz,
wolfSSL 15:117db924cf7c 112 byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 113 {
wolfSSL 15:117db924cf7c 114 return HKDF(type, inKey, inKeySz, salt, saltSz,
wolfSSL 15:117db924cf7c 115 info, infoSz, out, outSz);
wolfSSL 15:117db924cf7c 116 }
wolfSSL 15:117db924cf7c 117 #endif /* HAVE_HKDF */
wolfSSL 15:117db924cf7c 118
wolfSSL 15:117db924cf7c 119 #else /* else build without fips, or for new fips */
wolfSSL 15:117db924cf7c 120
wolfSSL 15:117db924cf7c 121
wolfSSL 15:117db924cf7c 122 int wc_HmacSizeByType(int type)
wolfSSL 15:117db924cf7c 123 {
wolfSSL 15:117db924cf7c 124 int ret;
wolfSSL 15:117db924cf7c 125
wolfSSL 15:117db924cf7c 126 if (!(type == WC_MD5 || type == WC_SHA ||
wolfSSL 15:117db924cf7c 127 type == WC_SHA224 || type == WC_SHA256 ||
wolfSSL 15:117db924cf7c 128 type == WC_SHA384 || type == WC_SHA512 ||
wolfSSL 15:117db924cf7c 129 type == WC_SHA3_224 || type == WC_SHA3_256 ||
wolfSSL 15:117db924cf7c 130 type == WC_SHA3_384 || type == WC_SHA3_512 ||
wolfSSL 15:117db924cf7c 131 type == BLAKE2B_ID)) {
wolfSSL 15:117db924cf7c 132 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 133 }
wolfSSL 15:117db924cf7c 134
wolfSSL 15:117db924cf7c 135 switch (type) {
wolfSSL 15:117db924cf7c 136 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 137 case WC_MD5:
wolfSSL 15:117db924cf7c 138 ret = WC_MD5_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 139 break;
wolfSSL 15:117db924cf7c 140 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 141
wolfSSL 15:117db924cf7c 142 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 143 case WC_SHA:
wolfSSL 15:117db924cf7c 144 ret = WC_SHA_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 145 break;
wolfSSL 15:117db924cf7c 146 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 147
wolfSSL 15:117db924cf7c 148 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 149 case WC_SHA224:
wolfSSL 15:117db924cf7c 150 ret = WC_SHA224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 151 break;
wolfSSL 15:117db924cf7c 152 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 153
wolfSSL 15:117db924cf7c 154 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 155 case WC_SHA256:
wolfSSL 15:117db924cf7c 156 ret = WC_SHA256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 157 break;
wolfSSL 15:117db924cf7c 158 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 159
wolfSSL 15:117db924cf7c 160 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 161 case WC_SHA384:
wolfSSL 15:117db924cf7c 162 ret = WC_SHA384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 163 break;
wolfSSL 15:117db924cf7c 164 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 165 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 166 case WC_SHA512:
wolfSSL 15:117db924cf7c 167 ret = WC_SHA512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 168 break;
wolfSSL 15:117db924cf7c 169 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 170
wolfSSL 15:117db924cf7c 171 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 172 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 173 ret = BLAKE2B_OUTBYTES;
wolfSSL 15:117db924cf7c 174 break;
wolfSSL 15:117db924cf7c 175 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 176
wolfSSL 15:117db924cf7c 177 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 178 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 179 ret = WC_SHA3_224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 180 break;
wolfSSL 15:117db924cf7c 181
wolfSSL 15:117db924cf7c 182 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 183 ret = WC_SHA3_256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 184 break;
wolfSSL 15:117db924cf7c 185
wolfSSL 15:117db924cf7c 186 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 187 ret = WC_SHA3_384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 188 break;
wolfSSL 15:117db924cf7c 189
wolfSSL 15:117db924cf7c 190 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 191 ret = WC_SHA3_512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 192 break;
wolfSSL 15:117db924cf7c 193
wolfSSL 15:117db924cf7c 194 #endif
wolfSSL 15:117db924cf7c 195
wolfSSL 15:117db924cf7c 196 default:
wolfSSL 15:117db924cf7c 197 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 198 break;
wolfSSL 15:117db924cf7c 199 }
wolfSSL 15:117db924cf7c 200
wolfSSL 15:117db924cf7c 201 return ret;
wolfSSL 15:117db924cf7c 202 }
wolfSSL 15:117db924cf7c 203
wolfSSL 15:117db924cf7c 204 int _InitHmac(Hmac* hmac, int type, void* heap)
wolfSSL 15:117db924cf7c 205 {
wolfSSL 15:117db924cf7c 206 int ret = 0;
wolfSSL 15:117db924cf7c 207
wolfSSL 15:117db924cf7c 208 switch (type) {
wolfSSL 15:117db924cf7c 209 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 210 case WC_MD5:
wolfSSL 15:117db924cf7c 211 ret = wc_InitMd5(&hmac->hash.md5);
wolfSSL 15:117db924cf7c 212 break;
wolfSSL 15:117db924cf7c 213 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 214
wolfSSL 15:117db924cf7c 215 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 216 case WC_SHA:
wolfSSL 15:117db924cf7c 217 ret = wc_InitSha(&hmac->hash.sha);
wolfSSL 15:117db924cf7c 218 break;
wolfSSL 15:117db924cf7c 219 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 220
wolfSSL 15:117db924cf7c 221 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 222 case WC_SHA224:
wolfSSL 15:117db924cf7c 223 ret = wc_InitSha224(&hmac->hash.sha224);
wolfSSL 15:117db924cf7c 224 break;
wolfSSL 15:117db924cf7c 225 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 226
wolfSSL 15:117db924cf7c 227 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 228 case WC_SHA256:
wolfSSL 15:117db924cf7c 229 ret = wc_InitSha256(&hmac->hash.sha256);
wolfSSL 15:117db924cf7c 230 break;
wolfSSL 15:117db924cf7c 231 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 232
wolfSSL 15:117db924cf7c 233 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 234 case WC_SHA384:
wolfSSL 15:117db924cf7c 235 ret = wc_InitSha384(&hmac->hash.sha384);
wolfSSL 15:117db924cf7c 236 break;
wolfSSL 15:117db924cf7c 237 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 238 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 239 case WC_SHA512:
wolfSSL 15:117db924cf7c 240 ret = wc_InitSha512(&hmac->hash.sha512);
wolfSSL 15:117db924cf7c 241 break;
wolfSSL 15:117db924cf7c 242 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 243
wolfSSL 15:117db924cf7c 244 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 245 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 246 ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
wolfSSL 15:117db924cf7c 247 break;
wolfSSL 15:117db924cf7c 248 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 249
wolfSSL 15:117db924cf7c 250 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 251 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 252 ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 253 break;
wolfSSL 15:117db924cf7c 254 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 255 ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 256 break;
wolfSSL 15:117db924cf7c 257 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 258 ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 259 break;
wolfSSL 15:117db924cf7c 260 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 261 ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID);
wolfSSL 15:117db924cf7c 262 break;
wolfSSL 15:117db924cf7c 263 #endif
wolfSSL 15:117db924cf7c 264
wolfSSL 15:117db924cf7c 265 default:
wolfSSL 15:117db924cf7c 266 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 267 break;
wolfSSL 15:117db924cf7c 268 }
wolfSSL 15:117db924cf7c 269
wolfSSL 15:117db924cf7c 270 /* default to NULL heap hint or test value */
wolfSSL 15:117db924cf7c 271 #ifdef WOLFSSL_HEAP_TEST
wolfSSL 15:117db924cf7c 272 hmac->heap = (void)WOLFSSL_HEAP_TEST;
wolfSSL 15:117db924cf7c 273 #else
wolfSSL 15:117db924cf7c 274 hmac->heap = heap;
wolfSSL 15:117db924cf7c 275 #endif /* WOLFSSL_HEAP_TEST */
wolfSSL 15:117db924cf7c 276
wolfSSL 15:117db924cf7c 277 return ret;
wolfSSL 15:117db924cf7c 278 }
wolfSSL 15:117db924cf7c 279
wolfSSL 15:117db924cf7c 280
wolfSSL 15:117db924cf7c 281 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
wolfSSL 15:117db924cf7c 282 {
wolfSSL 15:117db924cf7c 283 byte* ip;
wolfSSL 15:117db924cf7c 284 byte* op;
wolfSSL 15:117db924cf7c 285 word32 i, hmac_block_size = 0;
wolfSSL 15:117db924cf7c 286 int ret = 0;
wolfSSL 15:117db924cf7c 287 void* heap = NULL;
wolfSSL 15:117db924cf7c 288
wolfSSL 15:117db924cf7c 289 if (hmac == NULL || (key == NULL && length != 0) ||
wolfSSL 15:117db924cf7c 290 !(type == WC_MD5 || type == WC_SHA ||
wolfSSL 15:117db924cf7c 291 type == WC_SHA224 || type == WC_SHA256 ||
wolfSSL 15:117db924cf7c 292 type == WC_SHA384 || type == WC_SHA512 ||
wolfSSL 15:117db924cf7c 293 type == WC_SHA3_224 || type == WC_SHA3_256 ||
wolfSSL 15:117db924cf7c 294 type == WC_SHA3_384 || type == WC_SHA3_512 ||
wolfSSL 15:117db924cf7c 295 type == BLAKE2B_ID)) {
wolfSSL 15:117db924cf7c 296 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 297 }
wolfSSL 15:117db924cf7c 298
wolfSSL 15:117db924cf7c 299 hmac->innerHashKeyed = 0;
wolfSSL 15:117db924cf7c 300 hmac->macType = (byte)type;
wolfSSL 15:117db924cf7c 301
wolfSSL 15:117db924cf7c 302 ret = _InitHmac(hmac, type, heap);
wolfSSL 15:117db924cf7c 303 if (ret != 0)
wolfSSL 15:117db924cf7c 304 return ret;
wolfSSL 15:117db924cf7c 305
wolfSSL 15:117db924cf7c 306 #ifdef HAVE_FIPS
wolfSSL 15:117db924cf7c 307 if (length < HMAC_FIPS_MIN_KEY)
wolfSSL 15:117db924cf7c 308 return HMAC_MIN_KEYLEN_E;
wolfSSL 15:117db924cf7c 309 #endif
wolfSSL 15:117db924cf7c 310
wolfSSL 15:117db924cf7c 311 ip = (byte*)hmac->ipad;
wolfSSL 15:117db924cf7c 312 op = (byte*)hmac->opad;
wolfSSL 15:117db924cf7c 313
wolfSSL 15:117db924cf7c 314 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 315 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 316 case WC_MD5:
wolfSSL 15:117db924cf7c 317 hmac_block_size = WC_MD5_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 318 if (length <= WC_MD5_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 319 if (key != NULL) {
wolfSSL 15:117db924cf7c 320 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 321 }
wolfSSL 15:117db924cf7c 322 }
wolfSSL 15:117db924cf7c 323 else {
wolfSSL 15:117db924cf7c 324 ret = wc_Md5Update(&hmac->hash.md5, key, length);
wolfSSL 15:117db924cf7c 325 if (ret != 0)
wolfSSL 15:117db924cf7c 326 break;
wolfSSL 15:117db924cf7c 327 ret = wc_Md5Final(&hmac->hash.md5, ip);
wolfSSL 15:117db924cf7c 328 if (ret != 0)
wolfSSL 15:117db924cf7c 329 break;
wolfSSL 15:117db924cf7c 330 length = WC_MD5_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 331 }
wolfSSL 15:117db924cf7c 332 break;
wolfSSL 15:117db924cf7c 333 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 334
wolfSSL 15:117db924cf7c 335 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 336 case WC_SHA:
wolfSSL 15:117db924cf7c 337 hmac_block_size = WC_SHA_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 338 if (length <= WC_SHA_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 339 if (key != NULL) {
wolfSSL 15:117db924cf7c 340 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 341 }
wolfSSL 15:117db924cf7c 342 }
wolfSSL 15:117db924cf7c 343 else {
wolfSSL 15:117db924cf7c 344 ret = wc_ShaUpdate(&hmac->hash.sha, key, length);
wolfSSL 15:117db924cf7c 345 if (ret != 0)
wolfSSL 15:117db924cf7c 346 break;
wolfSSL 15:117db924cf7c 347 ret = wc_ShaFinal(&hmac->hash.sha, ip);
wolfSSL 15:117db924cf7c 348 if (ret != 0)
wolfSSL 15:117db924cf7c 349 break;
wolfSSL 15:117db924cf7c 350
wolfSSL 15:117db924cf7c 351 length = WC_SHA_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 352 }
wolfSSL 15:117db924cf7c 353 break;
wolfSSL 15:117db924cf7c 354 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 355
wolfSSL 15:117db924cf7c 356 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 357 case WC_SHA224:
wolfSSL 15:117db924cf7c 358 {
wolfSSL 15:117db924cf7c 359 hmac_block_size = WC_SHA224_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 360 if (length <= WC_SHA224_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 361 if (key != NULL) {
wolfSSL 15:117db924cf7c 362 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 363 }
wolfSSL 15:117db924cf7c 364 }
wolfSSL 15:117db924cf7c 365 else {
wolfSSL 15:117db924cf7c 366 ret = wc_Sha224Update(&hmac->hash.sha224, key, length);
wolfSSL 15:117db924cf7c 367 if (ret != 0)
wolfSSL 15:117db924cf7c 368 break;
wolfSSL 15:117db924cf7c 369 ret = wc_Sha224Final(&hmac->hash.sha224, ip);
wolfSSL 15:117db924cf7c 370 if (ret != 0)
wolfSSL 15:117db924cf7c 371 break;
wolfSSL 15:117db924cf7c 372
wolfSSL 15:117db924cf7c 373 length = WC_SHA224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 374 }
wolfSSL 15:117db924cf7c 375 }
wolfSSL 15:117db924cf7c 376 break;
wolfSSL 15:117db924cf7c 377 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 378
wolfSSL 15:117db924cf7c 379 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 380 case WC_SHA256:
wolfSSL 15:117db924cf7c 381 hmac_block_size = WC_SHA256_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 382 if (length <= WC_SHA256_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 383 if (key != NULL) {
wolfSSL 15:117db924cf7c 384 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 385 }
wolfSSL 15:117db924cf7c 386 }
wolfSSL 15:117db924cf7c 387 else {
wolfSSL 15:117db924cf7c 388 ret = wc_Sha256Update(&hmac->hash.sha256, key, length);
wolfSSL 15:117db924cf7c 389 if (ret != 0)
wolfSSL 15:117db924cf7c 390 break;
wolfSSL 15:117db924cf7c 391 ret = wc_Sha256Final(&hmac->hash.sha256, ip);
wolfSSL 15:117db924cf7c 392 if (ret != 0)
wolfSSL 15:117db924cf7c 393 break;
wolfSSL 15:117db924cf7c 394
wolfSSL 15:117db924cf7c 395 length = WC_SHA256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 396 }
wolfSSL 15:117db924cf7c 397 break;
wolfSSL 15:117db924cf7c 398 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 399
wolfSSL 15:117db924cf7c 400 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 401 case WC_SHA384:
wolfSSL 15:117db924cf7c 402 hmac_block_size = WC_SHA384_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 403 if (length <= WC_SHA384_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 404 if (key != NULL) {
wolfSSL 15:117db924cf7c 405 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 406 }
wolfSSL 15:117db924cf7c 407 }
wolfSSL 15:117db924cf7c 408 else {
wolfSSL 15:117db924cf7c 409 ret = wc_Sha384Update(&hmac->hash.sha384, key, length);
wolfSSL 15:117db924cf7c 410 if (ret != 0)
wolfSSL 15:117db924cf7c 411 break;
wolfSSL 15:117db924cf7c 412 ret = wc_Sha384Final(&hmac->hash.sha384, ip);
wolfSSL 15:117db924cf7c 413 if (ret != 0)
wolfSSL 15:117db924cf7c 414 break;
wolfSSL 15:117db924cf7c 415
wolfSSL 15:117db924cf7c 416 length = WC_SHA384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 417 }
wolfSSL 15:117db924cf7c 418 break;
wolfSSL 15:117db924cf7c 419 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 420 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 421 case WC_SHA512:
wolfSSL 15:117db924cf7c 422 hmac_block_size = WC_SHA512_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 423 if (length <= WC_SHA512_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 424 if (key != NULL) {
wolfSSL 15:117db924cf7c 425 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 426 }
wolfSSL 15:117db924cf7c 427 }
wolfSSL 15:117db924cf7c 428 else {
wolfSSL 15:117db924cf7c 429 ret = wc_Sha512Update(&hmac->hash.sha512, key, length);
wolfSSL 15:117db924cf7c 430 if (ret != 0)
wolfSSL 15:117db924cf7c 431 break;
wolfSSL 15:117db924cf7c 432 ret = wc_Sha512Final(&hmac->hash.sha512, ip);
wolfSSL 15:117db924cf7c 433 if (ret != 0)
wolfSSL 15:117db924cf7c 434 break;
wolfSSL 15:117db924cf7c 435
wolfSSL 15:117db924cf7c 436 length = WC_SHA512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 437 }
wolfSSL 15:117db924cf7c 438 break;
wolfSSL 15:117db924cf7c 439 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 440
wolfSSL 15:117db924cf7c 441 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 442 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 443 hmac_block_size = BLAKE2B_BLOCKBYTES;
wolfSSL 15:117db924cf7c 444 if (length <= BLAKE2B_BLOCKBYTES) {
wolfSSL 15:117db924cf7c 445 if (key != NULL) {
wolfSSL 15:117db924cf7c 446 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 447 }
wolfSSL 15:117db924cf7c 448 }
wolfSSL 15:117db924cf7c 449 else {
wolfSSL 15:117db924cf7c 450 ret = wc_Blake2bUpdate(&hmac->hash.blake2b, key, length);
wolfSSL 15:117db924cf7c 451 if (ret != 0)
wolfSSL 15:117db924cf7c 452 break;
wolfSSL 15:117db924cf7c 453 ret = wc_Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256);
wolfSSL 15:117db924cf7c 454 if (ret != 0)
wolfSSL 15:117db924cf7c 455 break;
wolfSSL 15:117db924cf7c 456
wolfSSL 15:117db924cf7c 457 length = BLAKE2B_256;
wolfSSL 15:117db924cf7c 458 }
wolfSSL 15:117db924cf7c 459 break;
wolfSSL 15:117db924cf7c 460 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 461
wolfSSL 15:117db924cf7c 462 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 463 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 464 hmac_block_size = WC_SHA3_224_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 465 if (length <= WC_SHA3_224_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 466 if (key != NULL) {
wolfSSL 15:117db924cf7c 467 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 468 }
wolfSSL 15:117db924cf7c 469 }
wolfSSL 15:117db924cf7c 470 else {
wolfSSL 15:117db924cf7c 471 ret = wc_Sha3_224_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 472 if (ret != 0)
wolfSSL 15:117db924cf7c 473 break;
wolfSSL 15:117db924cf7c 474 ret = wc_Sha3_224_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 475 if (ret != 0)
wolfSSL 15:117db924cf7c 476 break;
wolfSSL 15:117db924cf7c 477
wolfSSL 15:117db924cf7c 478 length = WC_SHA3_224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 479 }
wolfSSL 15:117db924cf7c 480 break;
wolfSSL 15:117db924cf7c 481 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 482 hmac_block_size = WC_SHA3_256_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 483 if (length <= WC_SHA3_256_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 484 if (key != NULL) {
wolfSSL 15:117db924cf7c 485 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 486 }
wolfSSL 15:117db924cf7c 487 }
wolfSSL 15:117db924cf7c 488 else {
wolfSSL 15:117db924cf7c 489 ret = wc_Sha3_256_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 490 if (ret != 0)
wolfSSL 15:117db924cf7c 491 break;
wolfSSL 15:117db924cf7c 492 ret = wc_Sha3_256_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 493 if (ret != 0)
wolfSSL 15:117db924cf7c 494 break;
wolfSSL 15:117db924cf7c 495
wolfSSL 15:117db924cf7c 496 length = WC_SHA3_256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 497 }
wolfSSL 15:117db924cf7c 498 break;
wolfSSL 15:117db924cf7c 499 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 500 hmac_block_size = WC_SHA3_384_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 501 if (length <= WC_SHA3_384_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 502 if (key != NULL) {
wolfSSL 15:117db924cf7c 503 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 504 }
wolfSSL 15:117db924cf7c 505 }
wolfSSL 15:117db924cf7c 506 else {
wolfSSL 15:117db924cf7c 507 ret = wc_Sha3_384_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 508 if (ret != 0)
wolfSSL 15:117db924cf7c 509 break;
wolfSSL 15:117db924cf7c 510 ret = wc_Sha3_384_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 511 if (ret != 0)
wolfSSL 15:117db924cf7c 512 break;
wolfSSL 15:117db924cf7c 513
wolfSSL 15:117db924cf7c 514 length = WC_SHA3_384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 515 }
wolfSSL 15:117db924cf7c 516 break;
wolfSSL 15:117db924cf7c 517 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 518 hmac_block_size = WC_SHA3_512_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 519 if (length <= WC_SHA3_512_BLOCK_SIZE) {
wolfSSL 15:117db924cf7c 520 if (key != NULL) {
wolfSSL 15:117db924cf7c 521 XMEMCPY(ip, key, length);
wolfSSL 15:117db924cf7c 522 }
wolfSSL 15:117db924cf7c 523 }
wolfSSL 15:117db924cf7c 524 else {
wolfSSL 15:117db924cf7c 525 ret = wc_Sha3_512_Update(&hmac->hash.sha3, key, length);
wolfSSL 15:117db924cf7c 526 if (ret != 0)
wolfSSL 15:117db924cf7c 527 break;
wolfSSL 15:117db924cf7c 528 ret = wc_Sha3_512_Final(&hmac->hash.sha3, ip);
wolfSSL 15:117db924cf7c 529 if (ret != 0)
wolfSSL 15:117db924cf7c 530 break;
wolfSSL 15:117db924cf7c 531
wolfSSL 15:117db924cf7c 532 length = WC_SHA3_512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 533 }
wolfSSL 15:117db924cf7c 534 break;
wolfSSL 15:117db924cf7c 535 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 536
wolfSSL 15:117db924cf7c 537 default:
wolfSSL 15:117db924cf7c 538 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 539 }
wolfSSL 15:117db924cf7c 540
wolfSSL 15:117db924cf7c 541 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 542 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 543 #if defined(HAVE_INTEL_QA) || defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 544 #ifdef HAVE_INTEL_QA
wolfSSL 15:117db924cf7c 545 if (IntelQaHmacGetType(hmac->macType, NULL) == 0)
wolfSSL 15:117db924cf7c 546 #endif
wolfSSL 15:117db924cf7c 547 {
wolfSSL 15:117db924cf7c 548 if (length > hmac_block_size)
wolfSSL 15:117db924cf7c 549 length = hmac_block_size;
wolfSSL 15:117db924cf7c 550 /* update key length */
wolfSSL 15:117db924cf7c 551 hmac->keyLen = (word16)length;
wolfSSL 15:117db924cf7c 552
wolfSSL 15:117db924cf7c 553 return ret;
wolfSSL 15:117db924cf7c 554 }
wolfSSL 15:117db924cf7c 555 /* no need to pad below */
wolfSSL 15:117db924cf7c 556 #endif
wolfSSL 15:117db924cf7c 557 }
wolfSSL 15:117db924cf7c 558 #endif
wolfSSL 15:117db924cf7c 559
wolfSSL 15:117db924cf7c 560 if (ret == 0) {
wolfSSL 15:117db924cf7c 561 if (length < hmac_block_size)
wolfSSL 15:117db924cf7c 562 XMEMSET(ip + length, 0, hmac_block_size - length);
wolfSSL 15:117db924cf7c 563
wolfSSL 15:117db924cf7c 564 for(i = 0; i < hmac_block_size; i++) {
wolfSSL 15:117db924cf7c 565 op[i] = ip[i] ^ OPAD;
wolfSSL 15:117db924cf7c 566 ip[i] ^= IPAD;
wolfSSL 15:117db924cf7c 567 }
wolfSSL 15:117db924cf7c 568 }
wolfSSL 15:117db924cf7c 569
wolfSSL 15:117db924cf7c 570 return ret;
wolfSSL 15:117db924cf7c 571 }
wolfSSL 15:117db924cf7c 572
wolfSSL 15:117db924cf7c 573
wolfSSL 15:117db924cf7c 574 static int HmacKeyInnerHash(Hmac* hmac)
wolfSSL 15:117db924cf7c 575 {
wolfSSL 15:117db924cf7c 576 int ret = 0;
wolfSSL 15:117db924cf7c 577
wolfSSL 15:117db924cf7c 578 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 579 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 580 case WC_MD5:
wolfSSL 15:117db924cf7c 581 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 582 WC_MD5_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 583 break;
wolfSSL 15:117db924cf7c 584 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 585
wolfSSL 15:117db924cf7c 586 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 587 case WC_SHA:
wolfSSL 15:117db924cf7c 588 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 589 WC_SHA_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 590 break;
wolfSSL 15:117db924cf7c 591 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 592
wolfSSL 15:117db924cf7c 593 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 594 case WC_SHA224:
wolfSSL 15:117db924cf7c 595 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 596 WC_SHA224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 597 break;
wolfSSL 15:117db924cf7c 598 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 599
wolfSSL 15:117db924cf7c 600 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 601 case WC_SHA256:
wolfSSL 15:117db924cf7c 602 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 603 WC_SHA256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 604 break;
wolfSSL 15:117db924cf7c 605 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 606
wolfSSL 15:117db924cf7c 607 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 608 case WC_SHA384:
wolfSSL 15:117db924cf7c 609 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 610 WC_SHA384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 611 break;
wolfSSL 15:117db924cf7c 612 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 613 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 614 case WC_SHA512:
wolfSSL 15:117db924cf7c 615 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 616 WC_SHA512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 617 break;
wolfSSL 15:117db924cf7c 618 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 619
wolfSSL 15:117db924cf7c 620 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 621 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 622 ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 623 BLAKE2B_BLOCKBYTES);
wolfSSL 15:117db924cf7c 624 break;
wolfSSL 15:117db924cf7c 625 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 626
wolfSSL 15:117db924cf7c 627 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 628 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 629 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 630 WC_SHA3_224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 631 break;
wolfSSL 15:117db924cf7c 632 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 633 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 634 WC_SHA3_256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 635 break;
wolfSSL 15:117db924cf7c 636 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 637 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 638 WC_SHA3_384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 639 break;
wolfSSL 15:117db924cf7c 640 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 641 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->ipad,
wolfSSL 15:117db924cf7c 642 WC_SHA3_512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 643 break;
wolfSSL 15:117db924cf7c 644 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 645
wolfSSL 15:117db924cf7c 646 default:
wolfSSL 15:117db924cf7c 647 break;
wolfSSL 15:117db924cf7c 648 }
wolfSSL 15:117db924cf7c 649
wolfSSL 15:117db924cf7c 650 if (ret == 0)
wolfSSL 15:117db924cf7c 651 hmac->innerHashKeyed = 1;
wolfSSL 15:117db924cf7c 652
wolfSSL 15:117db924cf7c 653 return ret;
wolfSSL 15:117db924cf7c 654 }
wolfSSL 15:117db924cf7c 655
wolfSSL 15:117db924cf7c 656
wolfSSL 15:117db924cf7c 657 int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
wolfSSL 15:117db924cf7c 658 {
wolfSSL 15:117db924cf7c 659 int ret = 0;
wolfSSL 15:117db924cf7c 660
wolfSSL 15:117db924cf7c 661 if (hmac == NULL || (msg == NULL && length > 0)) {
wolfSSL 15:117db924cf7c 662 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 663 }
wolfSSL 15:117db924cf7c 664
wolfSSL 15:117db924cf7c 665 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 666 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 667 #if defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 668 return NitroxHmacUpdate(hmac, msg, length);
wolfSSL 15:117db924cf7c 669 #elif defined(HAVE_INTEL_QA)
wolfSSL 15:117db924cf7c 670 if (IntelQaHmacGetType(hmac->macType, NULL) == 0) {
wolfSSL 15:117db924cf7c 671 return IntelQaHmac(&hmac->asyncDev, hmac->macType,
wolfSSL 15:117db924cf7c 672 (byte*)hmac->ipad, hmac->keyLen, NULL, msg, length);
wolfSSL 15:117db924cf7c 673 }
wolfSSL 15:117db924cf7c 674 #endif
wolfSSL 15:117db924cf7c 675 }
wolfSSL 15:117db924cf7c 676 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 677
wolfSSL 15:117db924cf7c 678 if (!hmac->innerHashKeyed) {
wolfSSL 15:117db924cf7c 679 ret = HmacKeyInnerHash(hmac);
wolfSSL 15:117db924cf7c 680 if (ret != 0)
wolfSSL 15:117db924cf7c 681 return ret;
wolfSSL 15:117db924cf7c 682 }
wolfSSL 15:117db924cf7c 683
wolfSSL 15:117db924cf7c 684 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 685 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 686 case WC_MD5:
wolfSSL 15:117db924cf7c 687 ret = wc_Md5Update(&hmac->hash.md5, msg, length);
wolfSSL 15:117db924cf7c 688 break;
wolfSSL 15:117db924cf7c 689 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 690
wolfSSL 15:117db924cf7c 691 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 692 case WC_SHA:
wolfSSL 15:117db924cf7c 693 ret = wc_ShaUpdate(&hmac->hash.sha, msg, length);
wolfSSL 15:117db924cf7c 694 break;
wolfSSL 15:117db924cf7c 695 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 696
wolfSSL 15:117db924cf7c 697 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 698 case WC_SHA224:
wolfSSL 15:117db924cf7c 699 ret = wc_Sha224Update(&hmac->hash.sha224, msg, length);
wolfSSL 15:117db924cf7c 700 break;
wolfSSL 15:117db924cf7c 701 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 702
wolfSSL 15:117db924cf7c 703 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 704 case WC_SHA256:
wolfSSL 15:117db924cf7c 705 ret = wc_Sha256Update(&hmac->hash.sha256, msg, length);
wolfSSL 15:117db924cf7c 706 break;
wolfSSL 15:117db924cf7c 707 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 708
wolfSSL 15:117db924cf7c 709 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 710 case WC_SHA384:
wolfSSL 15:117db924cf7c 711 ret = wc_Sha384Update(&hmac->hash.sha384, msg, length);
wolfSSL 15:117db924cf7c 712 break;
wolfSSL 15:117db924cf7c 713 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 714 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 715 case WC_SHA512:
wolfSSL 15:117db924cf7c 716 ret = wc_Sha512Update(&hmac->hash.sha512, msg, length);
wolfSSL 15:117db924cf7c 717 break;
wolfSSL 15:117db924cf7c 718 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 719
wolfSSL 15:117db924cf7c 720 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 721 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 722 ret = wc_Blake2bUpdate(&hmac->hash.blake2b, msg, length);
wolfSSL 15:117db924cf7c 723 break;
wolfSSL 15:117db924cf7c 724 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 725
wolfSSL 15:117db924cf7c 726 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 727 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 728 ret = wc_Sha3_224_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 729 break;
wolfSSL 15:117db924cf7c 730 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 731 ret = wc_Sha3_256_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 732 break;
wolfSSL 15:117db924cf7c 733 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 734 ret = wc_Sha3_384_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 735 break;
wolfSSL 15:117db924cf7c 736 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 737 ret = wc_Sha3_512_Update(&hmac->hash.sha3, msg, length);
wolfSSL 15:117db924cf7c 738 break;
wolfSSL 15:117db924cf7c 739 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 740
wolfSSL 15:117db924cf7c 741 default:
wolfSSL 15:117db924cf7c 742 break;
wolfSSL 15:117db924cf7c 743 }
wolfSSL 15:117db924cf7c 744
wolfSSL 15:117db924cf7c 745 return ret;
wolfSSL 15:117db924cf7c 746 }
wolfSSL 15:117db924cf7c 747
wolfSSL 15:117db924cf7c 748
wolfSSL 15:117db924cf7c 749 int wc_HmacFinal(Hmac* hmac, byte* hash)
wolfSSL 15:117db924cf7c 750 {
wolfSSL 15:117db924cf7c 751 int ret;
wolfSSL 15:117db924cf7c 752
wolfSSL 15:117db924cf7c 753 if (hmac == NULL || hash == NULL) {
wolfSSL 15:117db924cf7c 754 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 755 }
wolfSSL 15:117db924cf7c 756
wolfSSL 15:117db924cf7c 757 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 758 if (hmac->asyncDev.marker == WOLFSSL_ASYNC_MARKER_HMAC) {
wolfSSL 15:117db924cf7c 759 int hashLen = wc_HmacSizeByType(hmac->macType);
wolfSSL 15:117db924cf7c 760 if (hashLen <= 0)
wolfSSL 15:117db924cf7c 761 return hashLen;
wolfSSL 15:117db924cf7c 762
wolfSSL 15:117db924cf7c 763 #if defined(HAVE_CAVIUM)
wolfSSL 15:117db924cf7c 764 return NitroxHmacFinal(hmac, hash, hashLen);
wolfSSL 15:117db924cf7c 765 #elif defined(HAVE_INTEL_QA)
wolfSSL 15:117db924cf7c 766 if (IntelQaHmacGetType(hmac->macType, NULL) == 0) {
wolfSSL 15:117db924cf7c 767 return IntelQaHmac(&hmac->asyncDev, hmac->macType,
wolfSSL 15:117db924cf7c 768 (byte*)hmac->ipad, hmac->keyLen, hash, NULL, hashLen);
wolfSSL 15:117db924cf7c 769 }
wolfSSL 15:117db924cf7c 770 #endif
wolfSSL 15:117db924cf7c 771 }
wolfSSL 15:117db924cf7c 772 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 773
wolfSSL 15:117db924cf7c 774 if (!hmac->innerHashKeyed) {
wolfSSL 15:117db924cf7c 775 ret = HmacKeyInnerHash(hmac);
wolfSSL 15:117db924cf7c 776 if (ret != 0)
wolfSSL 15:117db924cf7c 777 return ret;
wolfSSL 15:117db924cf7c 778 }
wolfSSL 15:117db924cf7c 779
wolfSSL 15:117db924cf7c 780 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 781 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 782 case WC_MD5:
wolfSSL 15:117db924cf7c 783 ret = wc_Md5Final(&hmac->hash.md5, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 784 if (ret != 0)
wolfSSL 15:117db924cf7c 785 break;
wolfSSL 15:117db924cf7c 786 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 787 WC_MD5_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 788 if (ret != 0)
wolfSSL 15:117db924cf7c 789 break;
wolfSSL 15:117db924cf7c 790 ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 791 WC_MD5_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 792 if (ret != 0)
wolfSSL 15:117db924cf7c 793 break;
wolfSSL 15:117db924cf7c 794 ret = wc_Md5Final(&hmac->hash.md5, hash);
wolfSSL 15:117db924cf7c 795 break;
wolfSSL 15:117db924cf7c 796 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 797
wolfSSL 15:117db924cf7c 798 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 799 case WC_SHA:
wolfSSL 15:117db924cf7c 800 ret = wc_ShaFinal(&hmac->hash.sha, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 801 if (ret != 0)
wolfSSL 15:117db924cf7c 802 break;
wolfSSL 15:117db924cf7c 803 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 804 WC_SHA_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 805 if (ret != 0)
wolfSSL 15:117db924cf7c 806 break;
wolfSSL 15:117db924cf7c 807 ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 808 WC_SHA_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 809 if (ret != 0)
wolfSSL 15:117db924cf7c 810 break;
wolfSSL 15:117db924cf7c 811 ret = wc_ShaFinal(&hmac->hash.sha, hash);
wolfSSL 15:117db924cf7c 812 break;
wolfSSL 15:117db924cf7c 813 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 814
wolfSSL 15:117db924cf7c 815 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 816 case WC_SHA224:
wolfSSL 15:117db924cf7c 817 {
wolfSSL 15:117db924cf7c 818 ret = wc_Sha224Final(&hmac->hash.sha224, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 819 if (ret != 0)
wolfSSL 15:117db924cf7c 820 break;
wolfSSL 15:117db924cf7c 821 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 822 WC_SHA224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 823 if (ret != 0)
wolfSSL 15:117db924cf7c 824 break;
wolfSSL 15:117db924cf7c 825 ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 826 WC_SHA224_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 827 if (ret != 0)
wolfSSL 15:117db924cf7c 828 break;
wolfSSL 15:117db924cf7c 829 ret = wc_Sha224Final(&hmac->hash.sha224, hash);
wolfSSL 15:117db924cf7c 830 if (ret != 0)
wolfSSL 15:117db924cf7c 831 break;
wolfSSL 15:117db924cf7c 832 }
wolfSSL 15:117db924cf7c 833 break;
wolfSSL 15:117db924cf7c 834 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 835
wolfSSL 15:117db924cf7c 836 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 837 case WC_SHA256:
wolfSSL 15:117db924cf7c 838 ret = wc_Sha256Final(&hmac->hash.sha256, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 839 if (ret != 0)
wolfSSL 15:117db924cf7c 840 break;
wolfSSL 15:117db924cf7c 841 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 842 WC_SHA256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 843 if (ret != 0)
wolfSSL 15:117db924cf7c 844 break;
wolfSSL 15:117db924cf7c 845 ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 846 WC_SHA256_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 847 if (ret != 0)
wolfSSL 15:117db924cf7c 848 break;
wolfSSL 15:117db924cf7c 849 ret = wc_Sha256Final(&hmac->hash.sha256, hash);
wolfSSL 15:117db924cf7c 850 break;
wolfSSL 15:117db924cf7c 851 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 852
wolfSSL 15:117db924cf7c 853 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 854 case WC_SHA384:
wolfSSL 15:117db924cf7c 855 ret = wc_Sha384Final(&hmac->hash.sha384, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 856 if (ret != 0)
wolfSSL 15:117db924cf7c 857 break;
wolfSSL 15:117db924cf7c 858 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 859 WC_SHA384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 860 if (ret != 0)
wolfSSL 15:117db924cf7c 861 break;
wolfSSL 15:117db924cf7c 862 ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 863 WC_SHA384_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 864 if (ret != 0)
wolfSSL 15:117db924cf7c 865 break;
wolfSSL 15:117db924cf7c 866 ret = wc_Sha384Final(&hmac->hash.sha384, hash);
wolfSSL 15:117db924cf7c 867 break;
wolfSSL 15:117db924cf7c 868 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 869 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 870 case WC_SHA512:
wolfSSL 15:117db924cf7c 871 ret = wc_Sha512Final(&hmac->hash.sha512, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 872 if (ret != 0)
wolfSSL 15:117db924cf7c 873 break;
wolfSSL 15:117db924cf7c 874 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 875 WC_SHA512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 876 if (ret != 0)
wolfSSL 15:117db924cf7c 877 break;
wolfSSL 15:117db924cf7c 878 ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 879 WC_SHA512_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 880 if (ret != 0)
wolfSSL 15:117db924cf7c 881 break;
wolfSSL 15:117db924cf7c 882 ret = wc_Sha512Final(&hmac->hash.sha512, hash);
wolfSSL 15:117db924cf7c 883 break;
wolfSSL 15:117db924cf7c 884 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 885
wolfSSL 15:117db924cf7c 886 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 887 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 888 ret = wc_Blake2bFinal(&hmac->hash.blake2b, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 889 BLAKE2B_256);
wolfSSL 15:117db924cf7c 890 if (ret != 0)
wolfSSL 15:117db924cf7c 891 break;
wolfSSL 15:117db924cf7c 892 ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 893 BLAKE2B_BLOCKBYTES);
wolfSSL 15:117db924cf7c 894 if (ret != 0)
wolfSSL 15:117db924cf7c 895 break;
wolfSSL 15:117db924cf7c 896 ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 897 BLAKE2B_256);
wolfSSL 15:117db924cf7c 898 if (ret != 0)
wolfSSL 15:117db924cf7c 899 break;
wolfSSL 15:117db924cf7c 900 ret = wc_Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256);
wolfSSL 15:117db924cf7c 901 break;
wolfSSL 15:117db924cf7c 902 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 903
wolfSSL 15:117db924cf7c 904 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 905 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 906 ret = wc_Sha3_224_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 907 if (ret != 0)
wolfSSL 15:117db924cf7c 908 break;
wolfSSL 15:117db924cf7c 909 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 910 WC_SHA3_224_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 911 if (ret != 0)
wolfSSL 15:117db924cf7c 912 break;
wolfSSL 15:117db924cf7c 913 ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 914 WC_SHA3_224_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 915 if (ret != 0)
wolfSSL 15:117db924cf7c 916 break;
wolfSSL 15:117db924cf7c 917 ret = wc_Sha3_224_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 918 break;
wolfSSL 15:117db924cf7c 919 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 920 ret = wc_Sha3_256_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 921 if (ret != 0)
wolfSSL 15:117db924cf7c 922 break;
wolfSSL 15:117db924cf7c 923 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 924 WC_SHA3_256_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 925 if (ret != 0)
wolfSSL 15:117db924cf7c 926 break;
wolfSSL 15:117db924cf7c 927 ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 928 WC_SHA3_256_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 929 if (ret != 0)
wolfSSL 15:117db924cf7c 930 break;
wolfSSL 15:117db924cf7c 931 ret = wc_Sha3_256_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 932 break;
wolfSSL 15:117db924cf7c 933 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 934 ret = wc_Sha3_384_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 935 if (ret != 0)
wolfSSL 15:117db924cf7c 936 break;
wolfSSL 15:117db924cf7c 937 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 938 WC_SHA3_384_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 939 if (ret != 0)
wolfSSL 15:117db924cf7c 940 break;
wolfSSL 15:117db924cf7c 941 ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 942 WC_SHA3_384_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 943 if (ret != 0)
wolfSSL 15:117db924cf7c 944 break;
wolfSSL 15:117db924cf7c 945 ret = wc_Sha3_384_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 946 break;
wolfSSL 15:117db924cf7c 947 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 948 ret = wc_Sha3_512_Final(&hmac->hash.sha3, (byte*)hmac->innerHash);
wolfSSL 15:117db924cf7c 949 if (ret != 0)
wolfSSL 15:117db924cf7c 950 break;
wolfSSL 15:117db924cf7c 951 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->opad,
wolfSSL 15:117db924cf7c 952 WC_SHA3_512_BLOCK_SIZE);
wolfSSL 15:117db924cf7c 953 if (ret != 0)
wolfSSL 15:117db924cf7c 954 break;
wolfSSL 15:117db924cf7c 955 ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->innerHash,
wolfSSL 15:117db924cf7c 956 WC_SHA3_512_DIGEST_SIZE);
wolfSSL 15:117db924cf7c 957 if (ret != 0)
wolfSSL 15:117db924cf7c 958 break;
wolfSSL 15:117db924cf7c 959 ret = wc_Sha3_512_Final(&hmac->hash.sha3, hash);
wolfSSL 15:117db924cf7c 960 break;
wolfSSL 15:117db924cf7c 961 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 962
wolfSSL 15:117db924cf7c 963 default:
wolfSSL 15:117db924cf7c 964 ret = BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 965 break;
wolfSSL 15:117db924cf7c 966 }
wolfSSL 15:117db924cf7c 967
wolfSSL 15:117db924cf7c 968 if (ret == 0) {
wolfSSL 15:117db924cf7c 969 hmac->innerHashKeyed = 0;
wolfSSL 15:117db924cf7c 970 }
wolfSSL 15:117db924cf7c 971
wolfSSL 15:117db924cf7c 972 return ret;
wolfSSL 15:117db924cf7c 973 }
wolfSSL 15:117db924cf7c 974
wolfSSL 15:117db924cf7c 975
wolfSSL 15:117db924cf7c 976 /* Initialize Hmac for use with async device */
wolfSSL 15:117db924cf7c 977 int wc_HmacInit(Hmac* hmac, void* heap, int devId)
wolfSSL 15:117db924cf7c 978 {
wolfSSL 15:117db924cf7c 979 int ret = 0;
wolfSSL 15:117db924cf7c 980
wolfSSL 15:117db924cf7c 981 if (hmac == NULL)
wolfSSL 15:117db924cf7c 982 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 983
wolfSSL 15:117db924cf7c 984 XMEMSET(hmac, 0, sizeof(Hmac));
wolfSSL 15:117db924cf7c 985 hmac->heap = heap;
wolfSSL 15:117db924cf7c 986
wolfSSL 15:117db924cf7c 987 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 988 hmac->keyLen = 0;
wolfSSL 15:117db924cf7c 989
wolfSSL 15:117db924cf7c 990 ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC,
wolfSSL 15:117db924cf7c 991 hmac->heap, devId);
wolfSSL 15:117db924cf7c 992 #else
wolfSSL 15:117db924cf7c 993 (void)devId;
wolfSSL 15:117db924cf7c 994 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 995
wolfSSL 15:117db924cf7c 996 return ret;
wolfSSL 15:117db924cf7c 997 }
wolfSSL 15:117db924cf7c 998
wolfSSL 15:117db924cf7c 999 /* Free Hmac from use with async device */
wolfSSL 15:117db924cf7c 1000 void wc_HmacFree(Hmac* hmac)
wolfSSL 15:117db924cf7c 1001 {
wolfSSL 15:117db924cf7c 1002 if (hmac == NULL)
wolfSSL 15:117db924cf7c 1003 return;
wolfSSL 15:117db924cf7c 1004
wolfSSL 15:117db924cf7c 1005 switch (hmac->macType) {
wolfSSL 15:117db924cf7c 1006 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 1007 case WC_MD5:
wolfSSL 15:117db924cf7c 1008 wc_Md5Free(&hmac->hash.md5);
wolfSSL 15:117db924cf7c 1009 break;
wolfSSL 15:117db924cf7c 1010 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 1011
wolfSSL 15:117db924cf7c 1012 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 1013 case WC_SHA:
wolfSSL 15:117db924cf7c 1014 wc_ShaFree(&hmac->hash.sha);
wolfSSL 15:117db924cf7c 1015 break;
wolfSSL 15:117db924cf7c 1016 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 1017
wolfSSL 15:117db924cf7c 1018 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 1019 case WC_SHA224:
wolfSSL 15:117db924cf7c 1020 wc_Sha224Free(&hmac->hash.sha224);
wolfSSL 15:117db924cf7c 1021 break;
wolfSSL 15:117db924cf7c 1022 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 1023
wolfSSL 15:117db924cf7c 1024 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 1025 case WC_SHA256:
wolfSSL 15:117db924cf7c 1026 wc_Sha256Free(&hmac->hash.sha256);
wolfSSL 15:117db924cf7c 1027 break;
wolfSSL 15:117db924cf7c 1028 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 1029
wolfSSL 15:117db924cf7c 1030 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 1031 case WC_SHA384:
wolfSSL 15:117db924cf7c 1032 wc_Sha384Free(&hmac->hash.sha384);
wolfSSL 15:117db924cf7c 1033 break;
wolfSSL 15:117db924cf7c 1034 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 1035 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 1036 case WC_SHA512:
wolfSSL 15:117db924cf7c 1037 wc_Sha512Free(&hmac->hash.sha512);
wolfSSL 15:117db924cf7c 1038 break;
wolfSSL 15:117db924cf7c 1039 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 1040
wolfSSL 15:117db924cf7c 1041 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 1042 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 1043 break;
wolfSSL 15:117db924cf7c 1044 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 1045
wolfSSL 15:117db924cf7c 1046 #ifdef WOLFSSL_SHA3
wolfSSL 15:117db924cf7c 1047 case WC_SHA3_224:
wolfSSL 15:117db924cf7c 1048 wc_Sha3_224_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1049 break;
wolfSSL 15:117db924cf7c 1050 case WC_SHA3_256:
wolfSSL 15:117db924cf7c 1051 wc_Sha3_256_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1052 break;
wolfSSL 15:117db924cf7c 1053 case WC_SHA3_384:
wolfSSL 15:117db924cf7c 1054 wc_Sha3_384_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1055 break;
wolfSSL 15:117db924cf7c 1056 case WC_SHA3_512:
wolfSSL 15:117db924cf7c 1057 wc_Sha3_512_Free(&hmac->hash.sha3);
wolfSSL 15:117db924cf7c 1058 break;
wolfSSL 15:117db924cf7c 1059 #endif /* WOLFSSL_SHA3 */
wolfSSL 15:117db924cf7c 1060
wolfSSL 15:117db924cf7c 1061 default:
wolfSSL 15:117db924cf7c 1062 break;
wolfSSL 15:117db924cf7c 1063 }
wolfSSL 15:117db924cf7c 1064
wolfSSL 15:117db924cf7c 1065 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfSSL 15:117db924cf7c 1066 wolfAsync_DevCtxFree(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC);
wolfSSL 15:117db924cf7c 1067 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 15:117db924cf7c 1068 }
wolfSSL 15:117db924cf7c 1069
wolfSSL 15:117db924cf7c 1070 int wolfSSL_GetHmacMaxSize(void)
wolfSSL 15:117db924cf7c 1071 {
wolfSSL 15:117db924cf7c 1072 return WC_MAX_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1073 }
wolfSSL 15:117db924cf7c 1074
wolfSSL 15:117db924cf7c 1075 #ifdef HAVE_HKDF
wolfSSL 15:117db924cf7c 1076 /* HMAC-KDF-Extract.
wolfSSL 15:117db924cf7c 1077 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1078 *
wolfSSL 15:117db924cf7c 1079 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1080 * salt The optional salt value.
wolfSSL 15:117db924cf7c 1081 * saltSz The size of the salt.
wolfSSL 15:117db924cf7c 1082 * inKey The input keying material.
wolfSSL 15:117db924cf7c 1083 * inKeySz The size of the input keying material.
wolfSSL 15:117db924cf7c 1084 * out The pseudorandom key with the length that of the hash.
wolfSSL 15:117db924cf7c 1085 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1086 */
wolfSSL 15:117db924cf7c 1087 int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 1088 const byte* inKey, word32 inKeySz, byte* out)
wolfSSL 15:117db924cf7c 1089 {
wolfSSL 15:117db924cf7c 1090 byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */
wolfSSL 15:117db924cf7c 1091 Hmac myHmac;
wolfSSL 15:117db924cf7c 1092 int ret;
wolfSSL 15:117db924cf7c 1093 const byte* localSalt; /* either points to user input or tmp */
wolfSSL 15:117db924cf7c 1094 int hashSz;
wolfSSL 15:117db924cf7c 1095
wolfSSL 15:117db924cf7c 1096 ret = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1097 if (ret < 0)
wolfSSL 15:117db924cf7c 1098 return ret;
wolfSSL 15:117db924cf7c 1099
wolfSSL 15:117db924cf7c 1100 hashSz = ret;
wolfSSL 15:117db924cf7c 1101 localSalt = salt;
wolfSSL 15:117db924cf7c 1102 if (localSalt == NULL) {
wolfSSL 15:117db924cf7c 1103 XMEMSET(tmp, 0, hashSz);
wolfSSL 15:117db924cf7c 1104 localSalt = tmp;
wolfSSL 15:117db924cf7c 1105 saltSz = hashSz;
wolfSSL 15:117db924cf7c 1106 }
wolfSSL 15:117db924cf7c 1107
wolfSSL 15:117db924cf7c 1108 ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID);
wolfSSL 15:117db924cf7c 1109 if (ret == 0) {
wolfSSL 15:117db924cf7c 1110 ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz);
wolfSSL 15:117db924cf7c 1111 if (ret == 0)
wolfSSL 15:117db924cf7c 1112 ret = wc_HmacUpdate(&myHmac, inKey, inKeySz);
wolfSSL 15:117db924cf7c 1113 if (ret == 0)
wolfSSL 15:117db924cf7c 1114 ret = wc_HmacFinal(&myHmac, out);
wolfSSL 15:117db924cf7c 1115 wc_HmacFree(&myHmac);
wolfSSL 15:117db924cf7c 1116 }
wolfSSL 15:117db924cf7c 1117
wolfSSL 15:117db924cf7c 1118 return ret;
wolfSSL 15:117db924cf7c 1119 }
wolfSSL 15:117db924cf7c 1120
wolfSSL 15:117db924cf7c 1121 /* HMAC-KDF-Expand.
wolfSSL 15:117db924cf7c 1122 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1123 *
wolfSSL 15:117db924cf7c 1124 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1125 * inKey The input key.
wolfSSL 15:117db924cf7c 1126 * inKeySz The size of the input key.
wolfSSL 15:117db924cf7c 1127 * info The application specific information.
wolfSSL 15:117db924cf7c 1128 * infoSz The size of the application specific information.
wolfSSL 15:117db924cf7c 1129 * out The output keying material.
wolfSSL 15:117db924cf7c 1130 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1131 */
wolfSSL 15:117db924cf7c 1132 int wc_HKDF_Expand(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 1133 const byte* info, word32 infoSz, byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 1134 {
wolfSSL 15:117db924cf7c 1135 byte tmp[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1136 Hmac myHmac;
wolfSSL 15:117db924cf7c 1137 int ret = 0;
wolfSSL 15:117db924cf7c 1138 word32 outIdx = 0;
wolfSSL 15:117db924cf7c 1139 word32 hashSz = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1140 byte n = 0x1;
wolfSSL 15:117db924cf7c 1141
wolfSSL 15:117db924cf7c 1142 ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID);
wolfSSL 15:117db924cf7c 1143 if (ret != 0)
wolfSSL 15:117db924cf7c 1144 return ret;
wolfSSL 15:117db924cf7c 1145
wolfSSL 15:117db924cf7c 1146 while (outIdx < outSz) {
wolfSSL 15:117db924cf7c 1147 int tmpSz = (n == 1) ? 0 : hashSz;
wolfSSL 15:117db924cf7c 1148 word32 left = outSz - outIdx;
wolfSSL 15:117db924cf7c 1149
wolfSSL 15:117db924cf7c 1150 ret = wc_HmacSetKey(&myHmac, type, inKey, inKeySz);
wolfSSL 15:117db924cf7c 1151 if (ret != 0)
wolfSSL 15:117db924cf7c 1152 break;
wolfSSL 15:117db924cf7c 1153 ret = wc_HmacUpdate(&myHmac, tmp, tmpSz);
wolfSSL 15:117db924cf7c 1154 if (ret != 0)
wolfSSL 15:117db924cf7c 1155 break;
wolfSSL 15:117db924cf7c 1156 ret = wc_HmacUpdate(&myHmac, info, infoSz);
wolfSSL 15:117db924cf7c 1157 if (ret != 0)
wolfSSL 15:117db924cf7c 1158 break;
wolfSSL 15:117db924cf7c 1159 ret = wc_HmacUpdate(&myHmac, &n, 1);
wolfSSL 15:117db924cf7c 1160 if (ret != 0)
wolfSSL 15:117db924cf7c 1161 break;
wolfSSL 15:117db924cf7c 1162 ret = wc_HmacFinal(&myHmac, tmp);
wolfSSL 15:117db924cf7c 1163 if (ret != 0)
wolfSSL 15:117db924cf7c 1164 break;
wolfSSL 15:117db924cf7c 1165
wolfSSL 15:117db924cf7c 1166 left = min(left, hashSz);
wolfSSL 15:117db924cf7c 1167 XMEMCPY(out+outIdx, tmp, left);
wolfSSL 15:117db924cf7c 1168
wolfSSL 15:117db924cf7c 1169 outIdx += hashSz;
wolfSSL 15:117db924cf7c 1170 n++;
wolfSSL 15:117db924cf7c 1171 }
wolfSSL 15:117db924cf7c 1172
wolfSSL 15:117db924cf7c 1173 wc_HmacFree(&myHmac);
wolfSSL 15:117db924cf7c 1174
wolfSSL 15:117db924cf7c 1175 return ret;
wolfSSL 15:117db924cf7c 1176 }
wolfSSL 15:117db924cf7c 1177
wolfSSL 15:117db924cf7c 1178 /* HMAC-KDF.
wolfSSL 15:117db924cf7c 1179 * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
wolfSSL 15:117db924cf7c 1180 *
wolfSSL 15:117db924cf7c 1181 * type The hash algorithm type.
wolfSSL 15:117db924cf7c 1182 * inKey The input keying material.
wolfSSL 15:117db924cf7c 1183 * inKeySz The size of the input keying material.
wolfSSL 15:117db924cf7c 1184 * salt The optional salt value.
wolfSSL 15:117db924cf7c 1185 * saltSz The size of the salt.
wolfSSL 15:117db924cf7c 1186 * info The application specific information.
wolfSSL 15:117db924cf7c 1187 * infoSz The size of the application specific information.
wolfSSL 15:117db924cf7c 1188 * out The output keying material.
wolfSSL 15:117db924cf7c 1189 * returns 0 on success, otherwise failure.
wolfSSL 15:117db924cf7c 1190 */
wolfSSL 15:117db924cf7c 1191 int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
wolfSSL 15:117db924cf7c 1192 const byte* salt, word32 saltSz,
wolfSSL 15:117db924cf7c 1193 const byte* info, word32 infoSz,
wolfSSL 15:117db924cf7c 1194 byte* out, word32 outSz)
wolfSSL 15:117db924cf7c 1195 {
wolfSSL 15:117db924cf7c 1196 byte prk[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1197 int hashSz = wc_HmacSizeByType(type);
wolfSSL 15:117db924cf7c 1198 int ret;
wolfSSL 15:117db924cf7c 1199
wolfSSL 15:117db924cf7c 1200 if (hashSz < 0)
wolfSSL 15:117db924cf7c 1201 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 1202
wolfSSL 15:117db924cf7c 1203 ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk);
wolfSSL 15:117db924cf7c 1204 if (ret != 0)
wolfSSL 15:117db924cf7c 1205 return ret;
wolfSSL 15:117db924cf7c 1206
wolfSSL 15:117db924cf7c 1207 return wc_HKDF_Expand(type, prk, hashSz, info, infoSz, out, outSz);
wolfSSL 15:117db924cf7c 1208 }
wolfSSL 15:117db924cf7c 1209
wolfSSL 15:117db924cf7c 1210 #endif /* HAVE_HKDF */
wolfSSL 15:117db924cf7c 1211
wolfSSL 15:117db924cf7c 1212 #endif /* HAVE_FIPS */
wolfSSL 15:117db924cf7c 1213 #endif /* NO_HMAC */
wolfSSL 15:117db924cf7c 1214