1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include "hitls_build.h"
17 #if defined(HITLS_CRYPTO_EAL) && defined(HITLS_CRYPTO_MAC)
18
19 #include <stdint.h>
20 #include "securec.h"
21 #include "crypt_local_types.h"
22 #include "crypt_algid.h"
23 #include "crypt_errno.h"
24 #include "bsl_sal.h"
25 #include "eal_mac_local.h"
26 #include "eal_cipher_local.h"
27 #include "eal_md_local.h"
28 #ifdef HITLS_CRYPTO_HMAC
29 #include "crypt_hmac.h"
30 #endif
31 #ifdef HITLS_CRYPTO_CMAC
32 #include "crypt_cmac.h"
33 #endif
34 #ifdef HITLS_CRYPTO_CBC_MAC
35 #include "crypt_cbc_mac.h"
36 #endif
37 #ifdef HITLS_CRYPTO_GMAC
38 #include "crypt_gmac.h"
39 #endif
40 #ifdef HITLS_CRYPTO_SIPHASH
41 #include "crypt_siphash.h"
42 #endif
43 #include "bsl_err_internal.h"
44 #include "eal_common.h"
45
46 #define CRYPT_MAC_IMPL_METHOD_DECLARE(name) \
47 EAL_MacMethod g_macMethod_##name = { \
48 (MacNewCtx)CRYPT_##name##_NewCtx, \
49 (MacInit)CRYPT_##name##_Init, \
50 (MacUpdate)CRYPT_##name##_Update, \
51 (MacFinal)CRYPT_##name##_Final, \
52 (MacDeinit)CRYPT_##name##_Deinit, \
53 (MacReinit)CRYPT_##name##_Reinit, \
54 (MacCtrl)CRYPT_##name##_Ctrl, \
55 (MacFreeCtx)CRYPT_##name##_FreeCtx \
56 }
57
58 #ifdef HITLS_CRYPTO_HMAC
59 CRYPT_MAC_IMPL_METHOD_DECLARE(HMAC);
60 #endif
61 #ifdef HITLS_CRYPTO_CMAC
62 CRYPT_MAC_IMPL_METHOD_DECLARE(CMAC);
63 #endif
64
65 #ifdef HITLS_CRYPTO_CBC_MAC
66 CRYPT_MAC_IMPL_METHOD_DECLARE(CBC_MAC);
67 #endif
68
69 #ifdef HITLS_CRYPTO_GMAC
70
71 EAL_MacMethod g_macMethod_GMAC = {
72 (MacNewCtx)CRYPT_GMAC_NewCtx,
73 (MacInit)CRYPT_GMAC_Init,
74 (MacUpdate)CRYPT_GMAC_Update,
75 (MacFinal)CRYPT_GMAC_Final,
76 (MacDeinit)CRYPT_GMAC_Deinit,
77 // (MacReinit)
78 NULL,
79 (MacCtrl)CRYPT_GMAC_Ctrl,
80 (MacFreeCtx)CRYPT_GMAC_FreeCtx
81 };
82 #endif
83
84 #ifdef HITLS_CRYPTO_SIPHASH
85 CRYPT_MAC_IMPL_METHOD_DECLARE(SIPHASH);
86 EAL_SiphashMethod g_siphash64Meth = {.hashSize = SIPHASH_MIN_DIGEST_SIZE,
87 .compressionRounds = DEFAULT_COMPRESSION_ROUND,
88 .finalizationRounds = DEFAULT_FINALIZATION_ROUND};
89
90 EAL_SiphashMethod g_siphash128Meth = {.hashSize = SIPHASH_MAX_DIGEST_SIZE,
91 .compressionRounds = DEFAULT_COMPRESSION_ROUND,
92 .finalizationRounds = DEFAULT_FINALIZATION_ROUND};
93 #endif
94
95 static const EAL_MacMethod *g_macMethods[] = {
96 #ifdef HITLS_CRYPTO_HMAC
97 &g_macMethod_HMAC, // HMAC
98 #else
99 NULL,
100 #endif
101 #ifdef HITLS_CRYPTO_CMAC
102 &g_macMethod_CMAC, // CMAC
103 #else
104 NULL,
105 #endif
106 #ifdef HITLS_CRYPTO_CBC_MAC
107 &g_macMethod_CBC_MAC, // CBC-MAC
108 #else
109 NULL,
110 #endif
111 #ifdef HITLS_CRYPTO_SIPHASH
112 &g_macMethod_SIPHASH, // SIPHASH
113 #else
114 NULL,
115 #endif
116 #ifdef HITLS_CRYPTO_GMAC
117 &g_macMethod_GMAC, // GMAC
118 #else
119 NULL,
120 #endif
121 };
122
123 static const EAL_MacAlgMap CID_MAC_ALG_MAP[] = {
124 #ifdef HITLS_CRYPTO_HMAC
125 #ifdef HITLS_CRYPTO_MD5
126 {.id = CRYPT_MAC_HMAC_MD5, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_MD5},
127 #endif
128 #ifdef HITLS_CRYPTO_SHA1
129 {.id = CRYPT_MAC_HMAC_SHA1, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA1},
130 #endif
131 #ifdef HITLS_CRYPTO_SHA224
132 {.id = CRYPT_MAC_HMAC_SHA224, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA224},
133 #endif
134 #ifdef HITLS_CRYPTO_SHA256
135 {.id = CRYPT_MAC_HMAC_SHA256, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA256},
136 #endif
137 #ifdef HITLS_CRYPTO_SHA384
138 {.id = CRYPT_MAC_HMAC_SHA384, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA384},
139 #endif
140 #ifdef HITLS_CRYPTO_SHA512
141 {.id = CRYPT_MAC_HMAC_SHA512, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA512},
142 #endif
143 #ifdef HITLS_CRYPTO_SHA3
144 {.id = CRYPT_MAC_HMAC_SHA3_224, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA3_224},
145 {.id = CRYPT_MAC_HMAC_SHA3_256, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA3_256},
146 {.id = CRYPT_MAC_HMAC_SHA3_384, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA3_384},
147 {.id = CRYPT_MAC_HMAC_SHA3_512, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SHA3_512},
148 #endif
149 #ifdef HITLS_CRYPTO_SM3
150 {.id = CRYPT_MAC_HMAC_SM3, .macId = CRYPT_MAC_HMAC, .mdId = CRYPT_MD_SM3},
151 #endif
152 #endif // HITLS_CRYPTO_HMAC
153 #ifdef HITLS_CRYPTO_CMAC_AES
154 {.id = CRYPT_MAC_CMAC_AES128, .macId = CRYPT_MAC_CMAC, .symId = CRYPT_SYM_AES128}, // CRYPT_MAC_CMAC_AES128
155 {.id = CRYPT_MAC_CMAC_AES192, .macId = CRYPT_MAC_CMAC, .symId = CRYPT_SYM_AES192}, // CRYPT_MAC_CMAC_AES192
156 {.id = CRYPT_MAC_CMAC_AES256, .macId = CRYPT_MAC_CMAC, .symId = CRYPT_SYM_AES256}, // CRYPT_MAC_CMAC_AES256
157 #endif
158 #ifdef HITLS_CRYPTO_CMAC_SM4
159 {.id = CRYPT_MAC_CMAC_SM4, .macId = CRYPT_MAC_CMAC, .symId = CRYPT_SYM_SM4}, // CRYPT_MAC_CMAC_SM4
160 #endif
161 #ifdef HITLS_CRYPTO_CBC_MAC
162 {.id = CRYPT_MAC_CBC_MAC_SM4, .macId = CRYPT_MAC_CBC_MAC, .symId = CRYPT_SYM_SM4}, // CRYPT_MAC_CBC_MAC_SM4
163 #endif
164 #ifdef HITLS_CRYPTO_GMAC
165 {.id = CRYPT_MAC_GMAC_AES128, .macId = CRYPT_MAC_GMAC, .symId = CRYPT_SYM_AES128}, // CRYPT_MAC_GMAC_AES128
166 {.id = CRYPT_MAC_GMAC_AES192, .macId = CRYPT_MAC_GMAC, .symId = CRYPT_SYM_AES192}, // CRYPT_MAC_GMAC_AES192
167 {.id = CRYPT_MAC_GMAC_AES256, .macId = CRYPT_MAC_GMAC, .symId = CRYPT_SYM_AES256} // CRYPT_MAC_GMAC_AES256
168 #endif
169 };
170
EAL_FindMacAlgMap(CRYPT_MAC_AlgId id)171 static const EAL_MacAlgMap *EAL_FindMacAlgMap(CRYPT_MAC_AlgId id)
172 {
173 uint32_t num = sizeof(CID_MAC_ALG_MAP) / sizeof(CID_MAC_ALG_MAP[0]);
174 const EAL_MacAlgMap *macAlgMap = NULL;
175
176 for (uint32_t i = 0; i < num; i++) {
177 if (CID_MAC_ALG_MAP[i].id == id) {
178 macAlgMap = &CID_MAC_ALG_MAP[i];
179 break;
180 }
181 }
182 return macAlgMap;
183 }
184
185 #ifdef HITLS_CRYPTO_CIPHER
ConvertSymId2CipherId(CRYPT_SYM_AlgId algId)186 static int32_t ConvertSymId2CipherId(CRYPT_SYM_AlgId algId)
187 {
188 switch (algId) {
189 case CRYPT_SYM_AES128:
190 return CRYPT_CIPHER_AES128_ECB;
191 case CRYPT_SYM_AES192:
192 return CRYPT_CIPHER_AES192_ECB;
193 case CRYPT_SYM_AES256:
194 return CRYPT_CIPHER_AES256_ECB;
195 case CRYPT_SYM_SM4:
196 return CRYPT_CIPHER_SM4_XTS;
197 default:
198 return CRYPT_CIPHER_MAX;
199 }
200 }
201 #endif
202
EAL_MacFindMethod(CRYPT_MAC_AlgId id,EAL_MacMethLookup * lu)203 int32_t EAL_MacFindMethod(CRYPT_MAC_AlgId id, EAL_MacMethLookup *lu)
204 {
205 if (lu == NULL) {
206 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
207 return CRYPT_NULL_INPUT;
208 }
209
210 if (id == CRYPT_MAC_SIPHASH64 || id == CRYPT_MAC_SIPHASH128) {
211 #ifdef HITLS_CRYPTO_SIPHASH
212 // @see g_macMethod_SIPHASH
213 lu->macMethod = g_macMethods[CRYPT_MAC_SIPHASH];
214 lu->sip = (id == CRYPT_MAC_SIPHASH64) ? &g_siphash64Meth : &g_siphash128Meth;
215 return CRYPT_SUCCESS;
216 #else
217 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ERR_ALGID);
218 return CRYPT_EAL_ERR_ALGID;
219 #endif
220 }
221
222 const EAL_MacAlgMap *macAlgMap = EAL_FindMacAlgMap(id);
223 if (macAlgMap == NULL) {
224 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ERR_ALGID);
225 return CRYPT_EAL_ERR_ALGID;
226 }
227
228 CRYPT_MAC_ID macId = macAlgMap->macId;
229 switch (macId) {
230 #ifdef HITLS_CRYPTO_MD
231 case CRYPT_MAC_HMAC:
232 lu->macMethod = g_macMethods[macId];
233 // Obtain the ID of the combined algorithm from the map and search for the method based on the ID.
234 lu->md = EAL_MdFindMethod(macAlgMap->mdId);
235 break;
236 #endif
237 #ifdef HITLS_CRYPTO_CIPHER
238 case CRYPT_MAC_CBC_MAC:
239 case CRYPT_MAC_CMAC:
240 case CRYPT_MAC_GMAC: // GMAC algorithm is a special example of the GCM algorithm. So search the method of GCM.
241 lu->macMethod = g_macMethods[macId];
242 // Obtain the ID of the combined algorithm from the map and search for the method based on the ID.
243 lu->ciph = EAL_GetSymMethod(ConvertSymId2CipherId(macAlgMap->symId));
244 break;
245 #endif
246 default:
247 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ERR_ALGID);
248 return CRYPT_EAL_ERR_ALGID;
249 }
250
251 if (lu->macMethod == NULL || lu->depMeth == NULL) {
252 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ERR_ALGID);
253 return CRYPT_EAL_ERR_ALGID;
254 }
255
256 return CRYPT_SUCCESS;
257 }
258 #endif
259