/* check mcapi sha384 against internal */
static int check_sha384(void)
{
CRYPT_SHA384_CTX mcSha384;
Sha384 defSha384;
int ret;
byte mcDigest[CRYPT_SHA384_DIGEST_SIZE];
byte defDigest[SHA384_DIGEST_SIZE];
CRYPT_SHA384_Initialize(&mcSha384);
ret = InitSha384(&defSha384);
if (ret != 0) {
printf("sha384 init default failed\n");
return -1;
}
CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE);
Sha384Update(&defSha384, ourData, OUR_DATA_SIZE);
CRYPT_SHA384_Finalize(&mcSha384, mcDigest);
Sha384Final(&defSha384, defDigest);
if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
printf("sha384 final memcmp fialed\n");
return -1;
}
printf("sha384 mcapi test passed\n");
return 0;
}
int Sha384Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha384* sha384;
#else
Sha384 sha384[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha384(sha384)) != 0) {
CYASSL_MSG("InitSha384 failed");
}
else if ((ret = Sha384Update(sha384, data, len)) != 0) {
CYASSL_MSG("Sha384Update failed");
}
else if ((ret = Sha384Final(sha384, hash)) != 0) {
CYASSL_MSG("Sha384Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
/* Add data to SHA-384 */
int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input,
unsigned int sz)
{
if (sha384 == NULL || input == NULL)
return BAD_FUNC_ARG;
return Sha384Update((Sha384*)sha384, input, sz);
}
int sha384_test()
{
Sha384 sha;
byte hash[SHA384_DIGEST_SIZE];
testVector a, b;
testVector test_sha[2];
int times = sizeof(test_sha) / sizeof(struct testVector), i;
int ret;
a.input = "abc";
a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
"\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
"\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
"\xc8\x25\xa7";
a.inLen = strlen(a.input);
a.outLen = strlen(a.output);
b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
"\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
"\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
"\x74\x60\x39";
b.inLen = strlen(b.input);
b.outLen = strlen(b.output);
test_sha[0] = a;
test_sha[1] = b;
ret = InitSha384(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) {
ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
if (ret != 0)
return ret;
ret = Sha384Final(&sha, hash);
if (ret != 0)
return ret;
if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
return -10 - i;
}
return 0;
}
void HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#endif
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, msg, length);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, msg, length);
break;
#endif
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256, msg, length);
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384, msg, length);
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
Sha512Update(&hmac->hash.sha512, msg, length);
break;
#endif
default:
break;
}
}
static void HmacKeyInnerHash(Hmac* hmac)
{
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE);
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 1;
}
void bench_sha384(void)
{
Sha384 hash;
byte digest[SHA384_DIGEST_SIZE];
double start, total, persec;
int i, ret;
ret = InitSha384(&hash);
if (ret != 0) {
printf("InitSha384 failed, ret = %d\n", ret);
return;
}
start = current_time(1);
for(i = 0; i < numBlocks; i++) {
ret = Sha384Update(&hash, plain, sizeof(plain));
if (ret != 0) {
printf("Sha384Update failed, ret = %d\n", ret);
return;
}
}
ret = Sha384Final(&hash, digest);
if (ret != 0) {
printf("Sha384Final failed, ret = %d\n", ret);
return;
}
total = current_time(0) - start;
persec = 1 / total * numBlocks;
#ifdef BENCH_EMBEDDED
/* since using kB, convert to MB/s */
persec = persec / 1024;
#endif
printf("SHA-384 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks,
blockType, total, persec);
}
/**
Calculates the hash of the given data based on the specified hash GUID.
@param[in] Data Pointer to the data buffer to be hashed.
@param[in] DataSize The size of data buffer in bytes.
@param[in] CertGuid The GUID to identify the hash algorithm to be used.
@param[out] HashValue Pointer to a buffer that receives the hash result.
@retval TRUE Data hash calculation succeeded.
@retval FALSE Data hash calculation failed.
**/
BOOLEAN
CalculateDataHash (
IN VOID *Data,
IN UINTN DataSize,
IN EFI_GUID *CertGuid,
OUT UINT8 *HashValue
)
{
BOOLEAN Status;
VOID *HashCtx;
UINTN CtxSize;
Status = FALSE;
HashCtx = NULL;
if (CompareGuid (CertGuid, &gEfiCertSha1Guid)) {
//
// SHA-1 Hash
//
CtxSize = Sha1GetContextSize ();
HashCtx = AllocatePool (CtxSize);
if (HashCtx == NULL) {
goto _Exit;
}
Status = Sha1Init (HashCtx);
Status = Sha1Update (HashCtx, Data, DataSize);
Status = Sha1Final (HashCtx, HashValue);
} else if (CompareGuid (CertGuid, &gEfiCertSha256Guid)) {
//
// SHA256 Hash
//
CtxSize = Sha256GetContextSize ();
HashCtx = AllocatePool (CtxSize);
if (HashCtx == NULL) {
goto _Exit;
}
Status = Sha256Init (HashCtx);
Status = Sha256Update (HashCtx, Data, DataSize);
Status = Sha256Final (HashCtx, HashValue);
} else if (CompareGuid (CertGuid, &gEfiCertSha384Guid)) {
//
// SHA384 Hash
//
CtxSize = Sha384GetContextSize ();
HashCtx = AllocatePool (CtxSize);
if (HashCtx == NULL) {
goto _Exit;
}
Status = Sha384Init (HashCtx);
Status = Sha384Update (HashCtx, Data, DataSize);
Status = Sha384Final (HashCtx, HashValue);
} else if (CompareGuid (CertGuid, &gEfiCertSha512Guid)) {
//
// SHA512 Hash
//
CtxSize = Sha512GetContextSize ();
HashCtx = AllocatePool (CtxSize);
if (HashCtx == NULL) {
goto _Exit;
}
Status = Sha512Init (HashCtx);
Status = Sha512Update (HashCtx, Data, DataSize);
Status = Sha512Final (HashCtx, HashValue);
}
_Exit:
if (HashCtx != NULL) {
FreePool (HashCtx);
}
return Status;
}
int HmacFinal(Hmac* hmac, byte* hash)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#endif
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
Md5Update(&hmac->hash.md5,
(byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Final(&hmac->hash.md5, hash);
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
ShaUpdate(&hmac->hash.sha,
(byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaFinal(&hmac->hash.sha, hash);
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
ret = Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
ret = Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
{
ret = Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
ret = Blake2bFinal(&hmac->hash.blake2b, (byte*) hmac->innerHash,
BLAKE2B_256);
if (ret != 0)
return ret;
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->opad, BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->innerHash, BLAKE2B_256);
if (ret != 0)
return ret;
ret = Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256);
if (ret != 0)
return ret;
}
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 0;
return 0;
}
int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#endif
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, msg, length);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, msg, length);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = Sha256Update(&hmac->hash.sha256, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
ret = Sha384Update(&hmac->hash.sha384, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
ret = Sha512Update(&hmac->hash.sha512, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = Blake2bUpdate(&hmac->hash.blake2b, msg, length);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
return 0;
}
static int HmacKeyInnerHash(Hmac* hmac)
{
int ret = 0;
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->ipad,BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 1;
return ret;
}
int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
{
byte* ip = (byte*) hmac->ipad;
byte* op = (byte*) hmac->opad;
word32 i, hmac_block_size = 0;
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumSetKey(hmac, type, key, length);
#endif
ret = InitHmac(hmac, type);
if (ret != 0)
return ret;
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
hmac_block_size = MD5_BLOCK_SIZE;
if (length <= MD5_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
Md5Update(&hmac->hash.md5, key, length);
Md5Final(&hmac->hash.md5, ip);
length = MD5_DIGEST_SIZE;
}
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
hmac_block_size = SHA_BLOCK_SIZE;
if (length <= SHA_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ShaUpdate(&hmac->hash.sha, key, length);
ShaFinal(&hmac->hash.sha, ip);
length = SHA_DIGEST_SIZE;
}
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
hmac_block_size = SHA256_BLOCK_SIZE;
if (length <= SHA256_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha256Update(&hmac->hash.sha256, key, length);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, ip);
if (ret != 0)
return ret;
length = SHA256_DIGEST_SIZE;
}
}
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
hmac_block_size = SHA384_BLOCK_SIZE;
if (length <= SHA384_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha384Update(&hmac->hash.sha384, key, length);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, ip);
if (ret != 0)
return ret;
length = SHA384_DIGEST_SIZE;
}
}
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
{
hmac_block_size = SHA512_BLOCK_SIZE;
if (length <= SHA512_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha512Update(&hmac->hash.sha512, key, length);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, ip);
if (ret != 0)
return ret;
length = SHA512_DIGEST_SIZE;
}
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
hmac_block_size = BLAKE2B_BLOCKBYTES;
if (length <= BLAKE2B_BLOCKBYTES) {
XMEMCPY(ip, key, length);
}
else {
ret = Blake2bUpdate(&hmac->hash.blake2b, key, length);
if (ret != 0)
return ret;
ret = Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256);
if (ret != 0)
return ret;
length = BLAKE2B_256;
}
}
break;
#endif
default:
return BAD_FUNC_ARG;
}
if (length < hmac_block_size)
XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) {
op[i] = ip[i] ^ OPAD;
ip[i] ^= IPAD;
}
return 0;
}
void HmacFinal(Hmac* hmac, byte* hash)
{
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#endif
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
Md5Update(&hmac->hash.md5,
(byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Final(&hmac->hash.md5, hash);
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
ShaUpdate(&hmac->hash.sha,
(byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaFinal(&hmac->hash.sha, hash);
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
Sha256Final(&hmac->hash.sha256, hash);
}
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
Sha384Final(&hmac->hash.sha384, hash);
}
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
{
Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE);
Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
Sha512Final(&hmac->hash.sha512, hash);
}
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 0;
}