diff options
Diffstat (limited to 'core/lib/libtomcrypt')
| -rw-r--r-- | core/lib/libtomcrypt/cmac.c | 102 | ||||
| -rw-r--r-- | core/lib/libtomcrypt/hmac.c | 132 | ||||
| -rw-r--r-- | core/lib/libtomcrypt/src/tee_ltc_provider.c | 360 | ||||
| -rw-r--r-- | core/lib/libtomcrypt/sub.mk | 2 |
4 files changed, 238 insertions, 358 deletions
diff --git a/core/lib/libtomcrypt/cmac.c b/core/lib/libtomcrypt/cmac.c new file mode 100644 index 00000000..3062e2b5 --- /dev/null +++ b/core/lib/libtomcrypt/cmac.c @@ -0,0 +1,102 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2014-2019, Linaro Limited + */ + +#include <assert.h> +#include <crypto/crypto.h> +#include <crypto/crypto_impl.h> +#include <stdlib.h> +#include <string.h> +#include <tee_api_types.h> +#include <tomcrypt.h> +#include <utee_defines.h> +#include <util.h> + +struct ltc_omac_ctx { + struct crypto_mac_ctx ctx; + int cipher_idx; + omac_state state; +}; + +static const struct crypto_mac_ops ltc_omac_ops; + +static struct ltc_omac_ctx *to_omac_ctx(struct crypto_mac_ctx *ctx) +{ + assert(ctx && ctx->ops == <c_omac_ops); + + return container_of(ctx, struct ltc_omac_ctx, ctx); +} + +static TEE_Result ltc_omac_init(struct crypto_mac_ctx *ctx, const uint8_t *key, + size_t len) +{ + struct ltc_omac_ctx *hc = to_omac_ctx(ctx); + + if (omac_init(&hc->state, hc->cipher_idx, key, len) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static TEE_Result ltc_omac_update(struct crypto_mac_ctx *ctx, + const uint8_t *data, size_t len) +{ + if (omac_process(&to_omac_ctx(ctx)->state, data, len) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static TEE_Result ltc_omac_final(struct crypto_mac_ctx *ctx, uint8_t *digest, + size_t len) +{ + unsigned long l = len; + + if (omac_done(&to_omac_ctx(ctx)->state, digest, &l) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static void ltc_omac_free_ctx(struct crypto_mac_ctx *ctx) +{ + free(to_omac_ctx(ctx)); +} + +static void ltc_omac_copy_state(struct crypto_mac_ctx *dst_ctx, + struct crypto_mac_ctx *src_ctx) +{ + struct ltc_omac_ctx *src = to_omac_ctx(src_ctx); + struct ltc_omac_ctx *dst = to_omac_ctx(dst_ctx); + + assert(src->cipher_idx == dst->cipher_idx); + dst->state = src->state; +} + +static const struct crypto_mac_ops ltc_omac_ops = { + .init = ltc_omac_init, + .update = ltc_omac_update, + .final = ltc_omac_final, + .free_ctx = ltc_omac_free_ctx, + .copy_state = ltc_omac_copy_state, +}; + +TEE_Result crypto_aes_cmac_alloc_ctx(struct crypto_mac_ctx **ctx_ret) +{ + struct ltc_omac_ctx *ctx = NULL; + int cipher_idx = find_cipher("aes"); + + if (cipher_idx < 0) + return TEE_ERROR_NOT_SUPPORTED; + + ctx = calloc(1, sizeof(*ctx)); + if (!ctx) + return TEE_ERROR_OUT_OF_MEMORY; + + ctx->ctx.ops = <c_omac_ops; + ctx->cipher_idx = cipher_idx; + *ctx_ret = &ctx->ctx; + + return TEE_SUCCESS; +} diff --git a/core/lib/libtomcrypt/hmac.c b/core/lib/libtomcrypt/hmac.c new file mode 100644 index 00000000..6bcf74c8 --- /dev/null +++ b/core/lib/libtomcrypt/hmac.c @@ -0,0 +1,132 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright (c) 2014-2019, Linaro Limited + */ + +#include <assert.h> +#include <crypto/crypto.h> +#include <crypto/crypto_impl.h> +#include <stdlib.h> +#include <string.h> +#include <tee_api_types.h> +#include <tomcrypt.h> +#include <utee_defines.h> +#include <util.h> + +struct ltc_hmac_ctx { + struct crypto_mac_ctx ctx; + int hash_idx; + hmac_state state; +}; + +static const struct crypto_mac_ops ltc_hmac_ops; + +static struct ltc_hmac_ctx *to_hmac_ctx(struct crypto_mac_ctx *ctx) +{ + assert(ctx && ctx->ops == <c_hmac_ops); + + return container_of(ctx, struct ltc_hmac_ctx, ctx); +} + +static TEE_Result ltc_hmac_init(struct crypto_mac_ctx *ctx, const uint8_t *key, + size_t len) +{ + struct ltc_hmac_ctx *hc = to_hmac_ctx(ctx); + + if (hmac_init(&hc->state, hc->hash_idx, key, len) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static TEE_Result ltc_hmac_update(struct crypto_mac_ctx *ctx, + const uint8_t *data, size_t len) +{ + if (hmac_process(&to_hmac_ctx(ctx)->state, data, len) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static TEE_Result ltc_hmac_final(struct crypto_mac_ctx *ctx, uint8_t *digest, + size_t len) +{ + unsigned long l = len; + + if (hmac_done(&to_hmac_ctx(ctx)->state, digest, &l) == CRYPT_OK) + return TEE_SUCCESS; + else + return TEE_ERROR_BAD_STATE; +} + +static void ltc_hmac_free_ctx(struct crypto_mac_ctx *ctx) +{ + free(to_hmac_ctx(ctx)); +} + +static void ltc_hmac_copy_state(struct crypto_mac_ctx *dst_ctx, + struct crypto_mac_ctx *src_ctx) +{ + struct ltc_hmac_ctx *src = to_hmac_ctx(src_ctx); + struct ltc_hmac_ctx *dst = to_hmac_ctx(dst_ctx); + + assert(src->hash_idx == dst->hash_idx); + dst->state = src->state; +} + +static const struct crypto_mac_ops ltc_hmac_ops = { + .init = ltc_hmac_init, + .update = ltc_hmac_update, + .final = ltc_hmac_final, + .free_ctx = ltc_hmac_free_ctx, + .copy_state = ltc_hmac_copy_state, +}; + +static TEE_Result ltc_hmac_alloc_ctx(struct crypto_mac_ctx **ctx_ret, + int hash_idx) +{ + struct ltc_hmac_ctx *ctx = NULL; + + if (hash_idx < 0) + return TEE_ERROR_NOT_SUPPORTED; + + ctx = calloc(1, sizeof(*ctx)); + if (!ctx) + return TEE_ERROR_OUT_OF_MEMORY; + + ctx->ctx.ops = <c_hmac_ops; + ctx->hash_idx = hash_idx; + *ctx_ret = &ctx->ctx; + + return TEE_SUCCESS; +} + +TEE_Result crypto_hmac_md5_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("md5")); +} + +TEE_Result crypto_hmac_sha1_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("sha1")); +} + +TEE_Result crypto_hmac_sha224_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("sha224")); +} + +TEE_Result crypto_hmac_sha256_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("sha256")); +} + +TEE_Result crypto_hmac_sha384_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("sha384")); +} + +TEE_Result crypto_hmac_sha512_alloc_ctx(struct crypto_mac_ctx **ctx) +{ + return ltc_hmac_alloc_ctx(ctx, find_hash("sha512")); +} diff --git a/core/lib/libtomcrypt/src/tee_ltc_provider.c b/core/lib/libtomcrypt/src/tee_ltc_provider.c index 5609d278..580386b2 100644 --- a/core/lib/libtomcrypt/src/tee_ltc_provider.c +++ b/core/lib/libtomcrypt/src/tee_ltc_provider.c @@ -128,8 +128,7 @@ static void tee_ltc_reg_algs(void) } -#if defined(_CFG_CRYPTO_WITH_HASH) || defined(CFG_CRYPTO_RSA) || \ - defined(CFG_CRYPTO_HMAC) +#if defined(CFG_CRYPTO_RSA) /* * Compute the LibTomCrypt "hashindex" given a TEE Algorithm "algo" @@ -146,16 +145,11 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1: - case TEE_ALG_SHA1: - case TEE_ALG_DSA_SHA1: - case TEE_ALG_HMAC_SHA1: *ltc_hashindex = find_hash("sha1"); break; #endif #if defined(CFG_CRYPTO_MD5) case TEE_ALG_RSASSA_PKCS1_V1_5_MD5: - case TEE_ALG_MD5: - case TEE_ALG_HMAC_MD5: *ltc_hashindex = find_hash("md5"); break; #endif @@ -163,9 +157,6 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224: - case TEE_ALG_SHA224: - case TEE_ALG_DSA_SHA224: - case TEE_ALG_HMAC_SHA224: *ltc_hashindex = find_hash("sha224"); break; #endif @@ -173,9 +164,6 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256: - case TEE_ALG_SHA256: - case TEE_ALG_DSA_SHA256: - case TEE_ALG_HMAC_SHA256: *ltc_hashindex = find_hash("sha256"); break; #endif @@ -183,8 +171,6 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384: - case TEE_ALG_SHA384: - case TEE_ALG_HMAC_SHA384: *ltc_hashindex = find_hash("sha384"); break; #endif @@ -192,8 +178,6 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512: - case TEE_ALG_SHA512: - case TEE_ALG_HMAC_SHA512: *ltc_hashindex = find_hash("sha512"); break; #endif @@ -212,8 +196,7 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) else return TEE_SUCCESS; } -#endif /* defined(_CFG_CRYPTO_WITH_HASH) || - defined(_CFG_CRYPTO_WITH_ACIPHER) || defined(_CFG_CRYPTO_WITH_MAC) */ +#endif /* defined(CFG_CRYPTO_RSA) */ #if defined(_CFG_CRYPTO_WITH_CIPHER) || defined(_CFG_CRYPTO_WITH_MAC) || \ defined(_CFG_CRYPTO_WITH_AUTHENC) @@ -1844,345 +1827,6 @@ void crypto_cipher_final(void *ctx, uint32_t algo) } #endif /* _CFG_CRYPTO_WITH_CIPHER */ -/***************************************************************************** - * Message Authentication Code functions - *****************************************************************************/ - -#if defined(_CFG_CRYPTO_WITH_MAC) - -#if defined(CFG_CRYPTO_CBC_MAC) -/* - * CBC-MAC is not implemented in Libtomcrypt - * This is implemented here as being the plain text which is encoded with IV=0. - * Result of the CBC-MAC is the last 16-bytes cipher. - */ - -#define CBCMAC_MAX_BLOCK_LEN 16 -struct cbc_state { - symmetric_CBC cbc; - uint8_t block[CBCMAC_MAX_BLOCK_LEN]; - uint8_t digest[CBCMAC_MAX_BLOCK_LEN]; - size_t current_block_len, block_len; - int is_computed; -}; -#endif - -static TEE_Result mac_get_ctx_size(uint32_t algo, size_t *size) -{ - switch (algo) { -#if defined(CFG_CRYPTO_HMAC) - case TEE_ALG_HMAC_MD5: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - *size = sizeof(hmac_state); - break; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) - case TEE_ALG_AES_CBC_MAC_NOPAD: - case TEE_ALG_AES_CBC_MAC_PKCS5: - case TEE_ALG_DES_CBC_MAC_NOPAD: - case TEE_ALG_DES_CBC_MAC_PKCS5: - case TEE_ALG_DES3_CBC_MAC_NOPAD: - case TEE_ALG_DES3_CBC_MAC_PKCS5: - *size = sizeof(struct cbc_state); - break; -#endif -#if defined(CFG_CRYPTO_CMAC) - case TEE_ALG_AES_CMAC: - *size = sizeof(omac_state); - break; -#endif - default: - return TEE_ERROR_NOT_SUPPORTED; - } - - return TEE_SUCCESS; -} - -TEE_Result crypto_mac_alloc_ctx(void **ctx_ret, uint32_t algo) -{ - TEE_Result res; - size_t ctx_size; - void *ctx; - - res = mac_get_ctx_size(algo, &ctx_size); - if (res) - return res; - - ctx = calloc(1, ctx_size); - if (!ctx) - return TEE_ERROR_OUT_OF_MEMORY; - - *ctx_ret = ctx; - return TEE_SUCCESS; -} - -void crypto_mac_free_ctx(void *ctx, uint32_t algo __maybe_unused) -{ - size_t ctx_size __maybe_unused; - - /* - * Check that it's a supported algo, or crypto_mac_alloc_ctx() - * could never have succeded above. - */ - if (ctx) - assert(!mac_get_ctx_size(algo, &ctx_size)); - free(ctx); -} - -void crypto_mac_copy_state(void *dst_ctx, void *src_ctx, uint32_t algo) -{ - TEE_Result res __maybe_unused; - size_t ctx_size = 0; - - res = mac_get_ctx_size(algo, &ctx_size); - assert(!res); - memcpy(dst_ctx, src_ctx, ctx_size); -} - -TEE_Result crypto_mac_init(void *ctx, uint32_t algo, const uint8_t *key, - size_t len) -{ - TEE_Result res; -#if defined(CFG_CRYPTO_HMAC) - int ltc_hashindex; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) || defined(CFG_CRYPTO_CMAC) - int ltc_cipherindex; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) - uint8_t *real_key; - uint8_t key_array[24]; - size_t real_key_len; - uint8_t iv[CBCMAC_MAX_BLOCK_LEN]; - struct cbc_state *cbc; -#endif - - switch (algo) { -#if defined(CFG_CRYPTO_HMAC) - case TEE_ALG_HMAC_MD5: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - res = tee_algo_to_ltc_hashindex(algo, <c_hashindex); - if (res != TEE_SUCCESS) - return res; - if (CRYPT_OK != - hmac_init((hmac_state *)ctx, ltc_hashindex, key, len)) - return TEE_ERROR_BAD_STATE; - break; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) - case TEE_ALG_AES_CBC_MAC_NOPAD: - case TEE_ALG_AES_CBC_MAC_PKCS5: - case TEE_ALG_DES_CBC_MAC_NOPAD: - case TEE_ALG_DES_CBC_MAC_PKCS5: - case TEE_ALG_DES3_CBC_MAC_NOPAD: - case TEE_ALG_DES3_CBC_MAC_PKCS5: - cbc = (struct cbc_state *)ctx; - - res = tee_algo_to_ltc_cipherindex(algo, <c_cipherindex); - if (res != TEE_SUCCESS) - return res; - - cbc->block_len = - cipher_descriptor[ltc_cipherindex]->block_length; - if (CBCMAC_MAX_BLOCK_LEN < cbc->block_len) - return TEE_ERROR_BAD_PARAMETERS; - memset(iv, 0, cbc->block_len); - - if (algo == TEE_ALG_DES3_CBC_MAC_NOPAD || - algo == TEE_ALG_DES3_CBC_MAC_PKCS5) { - get_des2_key(key, len, key_array, - &real_key, &real_key_len); - key = real_key; - len = real_key_len; - } - if (CRYPT_OK != cbc_start( - ltc_cipherindex, iv, key, len, 0, &cbc->cbc)) - return TEE_ERROR_BAD_STATE; - cbc->is_computed = 0; - cbc->current_block_len = 0; - break; -#endif -#if defined(CFG_CRYPTO_CMAC) - case TEE_ALG_AES_CMAC: - res = tee_algo_to_ltc_cipherindex(algo, <c_cipherindex); - if (res != TEE_SUCCESS) - return res; - if (CRYPT_OK != omac_init((omac_state *)ctx, ltc_cipherindex, - key, len)) - return TEE_ERROR_BAD_STATE; - break; -#endif - default: - return TEE_ERROR_NOT_SUPPORTED; - } - - return TEE_SUCCESS; -} - -TEE_Result crypto_mac_update(void *ctx, uint32_t algo, const uint8_t *data, - size_t len) -{ -#if defined(CFG_CRYPTO_CBC_MAC) - int ltc_res; - struct cbc_state *cbc; - size_t pad_len; -#endif - - if (!data || !len) - return TEE_SUCCESS; - - switch (algo) { -#if defined(CFG_CRYPTO_HMAC) - case TEE_ALG_HMAC_MD5: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - if (CRYPT_OK != hmac_process((hmac_state *)ctx, data, len)) - return TEE_ERROR_BAD_STATE; - break; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) - case TEE_ALG_AES_CBC_MAC_NOPAD: - case TEE_ALG_AES_CBC_MAC_PKCS5: - case TEE_ALG_DES_CBC_MAC_NOPAD: - case TEE_ALG_DES_CBC_MAC_PKCS5: - case TEE_ALG_DES3_CBC_MAC_NOPAD: - case TEE_ALG_DES3_CBC_MAC_PKCS5: - cbc = ctx; - - if ((cbc->current_block_len > 0) && - (len + cbc->current_block_len >= cbc->block_len)) { - pad_len = cbc->block_len - cbc->current_block_len; - memcpy(cbc->block + cbc->current_block_len, - data, pad_len); - data += pad_len; - len -= pad_len; - ltc_res = cbc_encrypt(cbc->block, cbc->digest, - cbc->block_len, &cbc->cbc); - if (CRYPT_OK != ltc_res) - return TEE_ERROR_BAD_STATE; - cbc->is_computed = 1; - cbc->current_block_len = 0; - } - - while (len >= cbc->block_len) { - ltc_res = cbc_encrypt(data, cbc->digest, - cbc->block_len, &cbc->cbc); - if (CRYPT_OK != ltc_res) - return TEE_ERROR_BAD_STATE; - cbc->is_computed = 1; - data += cbc->block_len; - len -= cbc->block_len; - } - - if (len > 0) { - assert(cbc->current_block_len + len < cbc->block_len); - memcpy(cbc->block + cbc->current_block_len, data, len); - cbc->current_block_len += len; - } - break; -#endif -#if defined(CFG_CRYPTO_CMAC) - case TEE_ALG_AES_CMAC: - if (CRYPT_OK != omac_process((omac_state *)ctx, data, len)) - return TEE_ERROR_BAD_STATE; - break; -#endif - default: - return TEE_ERROR_NOT_SUPPORTED; - } - - return TEE_SUCCESS; -} - -TEE_Result crypto_mac_final(void *ctx, uint32_t algo, uint8_t *digest, - size_t digest_len) -{ -#if defined(CFG_CRYPTO_CBC_MAC) - struct cbc_state *cbc; - size_t pad_len; -#endif - unsigned long ltc_digest_len = digest_len; - - switch (algo) { -#if defined(CFG_CRYPTO_HMAC) - case TEE_ALG_HMAC_MD5: - case TEE_ALG_HMAC_SHA224: - case TEE_ALG_HMAC_SHA1: - case TEE_ALG_HMAC_SHA256: - case TEE_ALG_HMAC_SHA384: - case TEE_ALG_HMAC_SHA512: - if (CRYPT_OK != hmac_done((hmac_state *)ctx, digest, - <c_digest_len)) - return TEE_ERROR_BAD_STATE; - break; -#endif -#if defined(CFG_CRYPTO_CBC_MAC) - case TEE_ALG_AES_CBC_MAC_NOPAD: - case TEE_ALG_AES_CBC_MAC_PKCS5: - case TEE_ALG_DES_CBC_MAC_NOPAD: - case TEE_ALG_DES_CBC_MAC_PKCS5: - case TEE_ALG_DES3_CBC_MAC_NOPAD: - case TEE_ALG_DES3_CBC_MAC_PKCS5: - cbc = (struct cbc_state *)ctx; - - /* Padding is required */ - switch (algo) { - case TEE_ALG_AES_CBC_MAC_PKCS5: - case TEE_ALG_DES_CBC_MAC_PKCS5: - case TEE_ALG_DES3_CBC_MAC_PKCS5: - /* - * Padding is in whole bytes. The value of each added - * byte is the number of bytes that are added, i.e. N - * bytes, each of value N are added - */ - pad_len = cbc->block_len - cbc->current_block_len; - memset(cbc->block+cbc->current_block_len, - pad_len, pad_len); - cbc->current_block_len = 0; - if (TEE_SUCCESS != crypto_mac_update(ctx, algo, - cbc->block, - cbc->block_len)) - return TEE_ERROR_BAD_STATE; - break; - default: - /* nothing to do */ - break; - } - - if ((!cbc->is_computed) || (cbc->current_block_len != 0)) - return TEE_ERROR_BAD_STATE; - - memcpy(digest, cbc->digest, MIN(ltc_digest_len, - cbc->block_len)); - crypto_cipher_final(&cbc->cbc, algo); - break; -#endif -#if defined(CFG_CRYPTO_CMAC) - case TEE_ALG_AES_CMAC: - if (CRYPT_OK != omac_done((omac_state *)ctx, digest, - <c_digest_len)) - return TEE_ERROR_BAD_STATE; - break; -#endif - default: - return TEE_ERROR_NOT_SUPPORTED; - } - - return TEE_SUCCESS; -} -#endif /* _CFG_CRYPTO_WITH_MAC */ - /****************************************************************************** * Authenticated encryption ******************************************************************************/ diff --git a/core/lib/libtomcrypt/sub.mk b/core/lib/libtomcrypt/sub.mk index 3e338995..7bc2a73e 100644 --- a/core/lib/libtomcrypt/sub.mk +++ b/core/lib/libtomcrypt/sub.mk @@ -7,3 +7,5 @@ global-incdirs-y += include subdirs-y += src srcs-$(_CFG_CRYPTO_WITH_HASH) += hash.c +srcs-$(CFG_CRYPTO_HMAC) += hmac.c +srcs-$(CFG_CRYPTO_CMAC) += cmac.c |