TEE_Result ta_entry_mac_final_compute(uint32_t param_type, TEE_Param params[4]) { ASSERT_PARAM_TYPE(TEE_PARAM_TYPES (TEE_PARAM_TYPE_VALUE_INPUT, TEE_PARAM_TYPE_MEMREF_INPUT, TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE)); return TEE_MACComputeFinal((TEE_OperationHandle) params[0].value.a, params[1].memref.buffer, params[1].memref.size, params[2].memref.buffer, ¶ms[2].memref.size); }
TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, void *message, uint32_t messageLen, void *mac, uint32_t macLen) { TEE_Result res; uint8_t computed_mac[TEE_MAX_HASH_SIZE]; uint32_t computed_mac_size = TEE_MAX_HASH_SIZE; if (operation->info.operationClass != TEE_OPERATION_MAC) { res = TEE_ERROR_BAD_PARAMETERS; goto out; } if ((operation->info.handleState & TEE_HANDLE_FLAG_INITIALIZED) == 0) { res = TEE_ERROR_BAD_PARAMETERS; goto out; } if (operation->operationState != TEE_OPERATION_STATE_ACTIVE) { res = TEE_ERROR_BAD_PARAMETERS; goto out; } res = TEE_MACComputeFinal(operation, message, messageLen, computed_mac, &computed_mac_size); if (res != TEE_SUCCESS) goto out; if (computed_mac_size != macLen) { res = TEE_ERROR_MAC_INVALID; goto out; } if (buf_compare_ct(mac, computed_mac, computed_mac_size) != 0) { res = TEE_ERROR_MAC_INVALID; goto out; } operation->operationState = TEE_OPERATION_STATE_INITIAL; out: if (res != TEE_SUCCESS && res != TEE_ERROR_MAC_INVALID) TEE_Panic(res); return res; }
TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, const void *message, size_t messageLen, const void *mac, size_t macLen) { TEE_Result res; uint8_t computed_mac[TEE_MAX_HASH_SIZE]; size_t computed_mac_size = TEE_MAX_HASH_SIZE; res = TEE_MACComputeFinal(operation, message, messageLen, computed_mac, &computed_mac_size); if (res != TEE_SUCCESS) return res; if (computed_mac_size != macLen) return TEE_ERROR_MAC_INVALID; if (memcmp(mac, computed_mac, computed_mac_size) != 0) return TEE_ERROR_MAC_INVALID; /* don't leave this on stack */ memset(computed_mac, 0, computed_mac_size); return TEE_SUCCESS; }