embedded
/
owner-nrf52sdk


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226
							/**
 * Copyright (c) 2018 - 2019, Nordic Semiconductor ASA
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modification,
 * are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice, this
 *    list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form, except as embedded into a Nordic
 *    Semiconductor ASA integrated circuit in a product or a software update for
 *    such product, must reproduce the above copyright notice, this list of
 *    conditions and the following disclaimer in the documentation and/or other
 *    materials provided with the distribution.
 *
 * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
 *    contributors may be used to endorse or promote products derived from this
 *    software without specific prior written permission.
 *
 * 4. This software, with or without modification, must only be used with a
 *    Nordic Semiconductor ASA integrated circuit.
 *
 * 5. Any software provided in binary form under this license must not be reverse
 *    engineered, decompiled, modified and/or disassembled.
 *
 * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#ifndef NRF_CRYPTO_HMAC_H__
#define NRF_CRYPTO_HMAC_H__

/** @file
 *
 * @defgroup nrf_crypto_hmac Hash-based message authentication code (HMAC) related functions
 * @{
 * @ingroup nrf_crypto
 *
 * @brief Provides functions to generate Hash-based message authentication code (HMAC).
 *
 * @details Provides functions to generate Hash-based message authentication code (HMAC) using
 * one of the supported hash algorithms. This layer is independent of backend crypto library.
 */

#include <stdint.h>
#include "sdk_common.h"
#include "nrf_crypto_types.h"
#include "nrf_crypto_hmac_backend.h"
#include "nrf_crypto_hmac_shared.h"

#ifdef __cplusplus
extern "C" {
#endif


/**
 * @brief Information structures used to select the specific algorithm (SHA-256)
 *
 * @details The information structure is used in a generic way but is populated by the backend,
 * and contains backend specific data. */
extern const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha256_info;


/**
 * @brief Information structures used to select the specific algorithm (SHA-512)
 *
 * @details The information structure is used in a generic way but is populated by the backend,
 * and contains backend specific data.
 */
extern const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha512_info;


/**
 * @brief Context type for HMAC.
 *
 * @note The size of this type is scaled for the largest HMAC backend context that is
 *       enabled in @ref sdk_config.
 */
typedef nrf_crypto_backend_hmac_context_t nrf_crypto_hmac_context_t;

/**
 * @brief Initialize context object for HMAC
 *
 * @details Use to initialize a context once it has been allocated.
 *
 * @note Must be called before @ref nrf_crypto_hmac_update. Can also be called after
 *       @ref nrf_crypto_hmac_finalize order to start a new HMAC calculation re-using an
 *       existing context object.
 *
 * @param[in,out]   p_context       Pointer to context structure.
 * @param[in]       p_info          Pointer to static info structure. This defines the algorithm.
 *                                  This should be either @ref g_nrf_crypto_hmac_sha256_info or
 *                                  @ref g_nrf_crypto_hmac_sha512_info.
 * @param[in]       p_key           HMAC key.
 * @param[in]       key_size        Length of the HMAC key in bytes.
 *
 * @retval  NRF_SUCCESS                     Data successfully consumed.
 * @retval  NRF_ERROR_CRYPTO_CONTEXT_NULL   If p_context has not been initialized.
 * @retval  NRF_ERROR_CRYPTO_INPUT_NULL     If p_info or p_key was NULL.
 * @retval  NRF_ERROR_CRYPTO_INPUT_LENGTH   If key_size was invalid.
 * @retval  NRF_ERROR_CRYPTO_INPUT_LOCATION Input data not in RAM (CC310 only).
 * @retval  NRF_ERROR_CRYPTO_INTERNAL       An error occurred in the crypto backend.
 * @retval  NRF_ERROR_CRYPTO_BUSY           The function could not be called because the
 *                                          nrf_crypto backend was busy. Please rerun
 *                                          the cryptographic routine at a later time.
 *                                          CC310 only.
 */
ret_code_t nrf_crypto_hmac_init(nrf_crypto_hmac_context_t   * const p_context,
                                nrf_crypto_hmac_info_t      const * p_info,
                                uint8_t                     const * p_key,
                                size_t                              key_size);


/**
 * @brief Feed data to HMAC algorithm.
 *
 * @note Must be called after @ref nrf_crypto_hmac_init and before @ref nrf_crypto_hmac_finalize.
 *       Can be called repeatedly to consume data as it arrives.
 *
 * @param[in,out]   p_context   Context pointer.
 * @param[in]       p_data      Pointer to input data buffer.
 * @param[in]       data_size   Length of input data.
 *
 * @retval  NRF_SUCCESS                                 Data successfully consumed.
 * @retval  NRF_ERROR_CRYPTO_CONTEXT_NULL               If p_context has not been initialized.
 * @retval  NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED    If p_data was NULL.
 * @retval  NRF_ERROR_CRYPTO_INPUT_NULL                 If p_data was NULL.
 * @retval  NRF_ERROR_CRYPTO_INPUT_LENGTH               If size was invalid.
 * @retval  NRF_ERROR_CRYPTO_INPUT_LOCATION             Input data not in RAM (CC310 only).
 * @retval  NRF_ERROR_CRYPTO_INTERNAL                   An error occurred in the crypto backend.
 * @retval  NRF_ERROR_CRYPTO_BUSY                       The function could not be called because the
 *                                                      nrf_crypto backend was busy. Please rerun
 *                                                      the cryptographic routine at a later time.
 *                                                      CC310 only.
 */
ret_code_t nrf_crypto_hmac_update(nrf_crypto_hmac_context_t * const p_context,
                                  uint8_t                   const * p_data,
                                  size_t                            data_size);


/**
 * @brief Calculate HMAC
 *
 * @note @ref nrf_crypto_hmac_update must be called at least once before calling this.
 *
 * @param[in,out]  p_context     Context pointer.
 * @param[out]     p_digest      Pointer to HMAC digest (result) buffer. Must be large enough to
 *                               hold the digest (32 byte for SHA-256 and 64 byte for SHA-512).
 * @param[in,out]  p_digest_size Length of buffer as input. Length of digest as output.
 *
 * @retval  NRF_SUCCESS                                 HMAC hash was successfully calculated.
 * @retval  NRF_ERROR_CRYPTO_CONTEXT_NULL               If p_context was NULL.
 * @retval  NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED    If p_context has not been initialized.
 * @retval  NRF_ERROR_CRYPTO_OUTPUT_NULL                If p_digest was NULL.
 * @retval  NRF_ERROR_CRYPTO_OUTPUT_LENGTH              If p_size is not enough to hold the digest.
 * @retval  NRF_ERROR_CRYPTO_INTERNAL                   An error occurred in the crypto backend.
 * @retval  NRF_ERROR_CRYPTO_BUSY                       The function could not be called because the
 *                                                      nrf_crypto backend was busy. Please rerun
 *                                                      the cryptographic routine at a later time.
 *                                                      CC310 only.
 */
ret_code_t nrf_crypto_hmac_finalize(nrf_crypto_hmac_context_t   * const p_context,
                                    uint8_t                           * p_digest,
                                    size_t                      * const p_digest_size);


/**
 * @brief Integrated HMAC wrapper function
 *
 * @note This is an integrated wrapper functions that can be used instead of calling other HMAC
 *       functions individually.
 *
 * @param[in,out]  p_context     Optional pointer to context structure.
 *                               Context memory will be allocated internally if the pointer is NULL.
 * @param[in]      p_info        Pointer to static info structure. This defines the algorithm.
 *                               This should be either @ref g_nrf_crypto_hmac_sha256_info or
 *                               @ref g_nrf_crypto_hmac_sha512_info.
 * @param[out]     p_digest      Pointer to HMAC digest.
 *                               Buffer must be large enough to hold the digest.
 * @param[in,out]  p_digest_size Length of digest (result) buffer as input.
 *                               Length of digest as output.
 * @param[in]      p_key         Pointer to HMAC key.
 * @param[in]      key_size      Lenth of the HMAC key in bytes.
 * @param[in]      p_data        Pointer to input data.
 * @param[in]      data_size     Length of input data.
 *
 * @retval  NRF_SUCCESS                     HMAC hash was successfully calculated.
 * @retval  NRF_ERROR_CRYPTO_INPUT_NULL     If p_key or p_data was NULL.
 * @retval  NRF_ERROR_CRYPTO_INPUT_LOCATION Input data not in RAM (CC310 only).
 * @retval  NRF_ERROR_CRYPTO_INPUT_LENGTH   If key_size or data_size was invalid.
 * @retval  NRF_ERROR_CRYPTO_OUTPUT_NULL    If data_size was NULL.
 * @retval  NRF_ERROR_CRYPTO_OUTPUT_LENGTH  If data_size is not enough to hold the digest.
 * @retval  NRF_ERROR_CRYPTO_ALLOC_FAILED   Unable to allocate memory for the context.
 * @retval  NRF_ERROR_CRYPTO_INTERNAL       An error occurred in the crypto backend.
 * @retval  NRF_ERROR_CRYPTO_BUSY           The function could not be called because the
 *                                          nrf_crypto backend was busy. Please rerun the
 *                                          cryptographic routine at a later time. CC310 only.
 */
ret_code_t nrf_crypto_hmac_calculate(nrf_crypto_hmac_context_t  * const p_context,
                                     nrf_crypto_hmac_info_t     const * p_info,
                                     uint8_t                          * p_digest,
                                     size_t                     * const p_digest_size,
                                     uint8_t                    const * p_key,
                                     size_t                             key_size,
                                     uint8_t                    const * p_data,
                                     size_t                             data_size);


#ifdef __cplusplus
}
#endif

/**@} */

#endif // #ifndef NRF_CRYPTO_HMAC_H__