BSP_S32 BSP_KDF_KeyMake(KEY_CONFIG_INFO_S *pstKeyCfgInfo, S_CONFIG_INFO_S *pstSCfgInfo, BSP_U32 u32DestIndex, KEY_MAKE_S *pstKeyMake) { return (BSP_S32)bsp_kdf_key_make(pstKeyCfgInfo, pstSCfgInfo, (u32)u32DestIndex, pstKeyMake); }
s32 kdf_sha256(const u8* pucInBuf, u32 ulInLen, u8* pucOutBuf) { s32 iRet = SEC_OK; KEY_CONFIG_INFO_S key_cfg = {SHA_KEY_SOURCE_MAX, 0, NULL}; S_CONFIG_INFO_S s_cfg = {SHA_S_SOURCE_MAX, 0, 0, NULL}; KEY_MAKE_S k_make = {CIPHER_KEY_OUTPUT_BUTTOM, {0, 0, 0}}; KEY_GET_S k_g_s = {0, 0, 0}; u8 * temp_hash = NULL; u32 out_hash_len; if ((NULL == pucInBuf) || (0 == ulInLen) || (NULL == pucOutBuf)) { bsp_trace(BSP_LOG_LEVEL_ERROR, BSP_MODU_SECURITY, "secDataSha: Input Parameter Error!\n"); return -1; } { #ifdef CONFIG_CIPHER /*这里应该是使用SHA256,cipher实现的,因为onchiprom换成这样的*/ temp_hash = (u8*)osl_malloc(SHA256_HASH_SIZE * sizeof(u32)); if(NULL == temp_hash) { bsp_trace(BSP_LOG_LEVEL_ERROR, BSP_MODU_SECURITY, "secDataSha: Error! NO MEM TO MALLOC\n"); goto end; } memset(temp_hash, 0, SHA256_HASH_SIZE * sizeof(u32));/*onchiprom里使用的初始key也是256bit全零*/ k_g_s.enKeyLen = CIPHER_KEY_L256; k_g_s.penOutKeyLen = &out_hash_len; k_g_s.pKeyAddr = temp_hash; k_make.enKeyOutput = CIPHER_KEY_OUTPUT; k_make.stKeyGet = k_g_s; key_cfg.enShaKeySource = SHA_KEY_SOURCE_DDR; key_cfg.pKeySourceAddr = temp_hash; key_cfg.u32ShaKeyIndex = 0; s_cfg.enShaSSource = SHA_S_SOURCE_DDR; s_cfg.pSAddr = (void*)pucInBuf; s_cfg.u32ShaSIndex = 0; s_cfg.u32ShaSLength = ulInLen > 512 ? 512 : ulInLen;/*kdf 一次最大只能处理512字节*/ do { iRet = bsp_kdf_key_make(&key_cfg, &s_cfg, 0/*不使用,所以无所谓*/, &k_make); if(iRet) { bsp_trace(BSP_LOG_LEVEL_ERROR, BSP_MODU_SECURITY, "secDataSha: run sha error : %X!\n", iRet); break; } pucInBuf += s_cfg.u32ShaSLength; s_cfg.pSAddr = (void*)pucInBuf; ulInLen -= s_cfg.u32ShaSLength; s_cfg.u32ShaSLength = ulInLen > 512 ? 512 : ulInLen; /*memcpy(key_cfg.pKeySourceAddr, k_make.stKeyGet.pKeyAddr, 256 >> 3);*//*没必要,两个指针是同一块地址空间*/ }while(ulInLen > 0); memcpy(pucOutBuf, temp_hash, 256 >> 3);/*key的最大长度256bits*/ #else bsp_trace(BSP_LOG_LEVEL_ERROR, BSP_MODU_SECURITY, "cipher is not compiled and the onchiprom SHA algorithm is not used\n"); #endif } end: free(temp_hash); return iRet; }