1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24
25 /* Include necessary system files. */
26
27 #include "nx_secure_tls.h"
28
29 #define NX_SECURE_SOURCE_CODE
30 #include "nx_secure_tls_api.h"
31 /**************************************************************************/
32 /* */
33 /* FUNCTION RELEASE */
34 /* */
35 /* nx_secure_module_hash_compute PORTABLE C */
36 /* 6.1 */
37 /* AUTHOR */
38 /* */
39 /* Timothy Stapko, Microsoft Corporation */
40 /* */
41 /* DESCRIPTION */
42 /* */
43 /* This function uses user-supplied HMAC-SHA256 function (in the */
44 /* proper NX_CRYPTO_METHOD structure) to compute the hash value of */
45 /* the program memory marked by the symbols EL_SECURE_PROGRAM_BEGIN */
46 /* and EL_SECURE_PROGRAM_END. */
47 /* */
48 /* INPUT */
49 /* */
50 /* hmac_sha2_ptr Pointer to NX_CRYPTO_METHOD */
51 /* structure that contains */
52 /* HMAC-SHA256 */
53 /* key User-specified key for */
54 /* computing the hash */
55 /* key_length Size of the key, in bytes */
56 /* output_buffer Output buffer space for */
57 /* storing the computed HMAC */
58 /* output_buffer_size Size of the output buffer */
59 /* actual_size Size of the HMAC message, in */
60 /* bytes */
61 /* */
62 /* OUTPUT */
63 /* */
64 /* status Completion status */
65 /* */
66 /* CALLS */
67 /* */
68 /* None */
69 /* */
70 /* CALLED BY */
71 /* */
72 /* Application Code */
73 /* */
74 /* RELEASE HISTORY */
75 /* */
76 /* DATE NAME DESCRIPTION */
77 /* */
78 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
79 /* 09-30-2020 Timothy Stapko Modified comment(s), */
80 /* resulting in version 6.1 */
81 /* */
82 /**************************************************************************/
nx_secure_module_hash_compute(NX_CRYPTO_METHOD * hmac_ptr,UINT start_address,UINT end_address,UCHAR * key,UINT key_length,VOID * metadata,UINT metadata_size,UCHAR * output_buffer,UINT output_buffer_size,UINT * actual_size)83 UINT nx_secure_module_hash_compute(NX_CRYPTO_METHOD *hmac_ptr,
84 UINT start_address,
85 UINT end_address,
86 UCHAR *key, UINT key_length,
87 VOID *metadata, UINT metadata_size,
88 UCHAR *output_buffer, UINT output_buffer_size, UINT *actual_size)
89 {
90 #ifdef NX_SECURE_POWER_ON_SELF_TEST_MODULE_INTEGRITY_CHECK
91 VOID *handler = NX_NULL;
92 UINT status;
93
94 if(output_buffer_size < 32)
95 return(1);
96
97 /* Validate the crypto table. */
98 if(hmac_ptr == NX_NULL)
99 return(1);
100
101 if(hmac_ptr -> nx_crypto_algorithm != NX_CRYPTO_AUTHENTICATION_HMAC_SHA2_256)
102 return(1);
103
104 if (hmac_ptr -> nx_crypto_init)
105 {
106 status = hmac_ptr -> nx_crypto_init(hmac_ptr,
107 key,
108 (key_length << 3),
109 &handler,
110 metadata,
111 metadata_size);
112
113 if (status != NX_CRYPTO_SUCCESS)
114 {
115 return(1);
116 }
117 }
118
119 if (hmac_ptr -> nx_crypto_operation == NX_NULL)
120 {
121 return(1);
122 }
123
124 /* Now compute the hash */
125 status = hmac_ptr -> nx_crypto_operation(NX_CRYPTO_AUTHENTICATE,
126 handler, /* handle, not used */
127 hmac_ptr, /* Method, not used */
128 key,
129 (key_length << 3),
130 (UCHAR*)start_address, /* Data start */
131 end_address - start_address, /* Data Length */
132 NX_NULL, /* iv_ptr, not used */
133 output_buffer,
134 output_buffer_size,
135 metadata,
136 metadata_size,
137 NX_NULL, /* packet_ptr, not used. */
138 NX_NULL);/* HW process callback, not used. */
139
140 if (status)
141 {
142 return(1);
143 }
144
145 if (hmac_ptr -> nx_crypto_cleanup)
146 {
147 status = hmac_ptr -> nx_crypto_cleanup(metadata);
148
149 if (status)
150 {
151 return(1);
152 }
153 }
154
155 *actual_size = (hmac_ptr -> nx_crypto_ICV_size_in_bits >> 3);
156
157 return(0);
158 #else
159 NX_PARAMETER_NOT_USED(hmac_ptr);
160 NX_PARAMETER_NOT_USED(start_address);
161 NX_PARAMETER_NOT_USED(end_address);
162 NX_PARAMETER_NOT_USED(key);
163 NX_PARAMETER_NOT_USED(key_length);
164 NX_PARAMETER_NOT_USED(metadata);
165 NX_PARAMETER_NOT_USED(metadata_size);
166 NX_PARAMETER_NOT_USED(output_buffer);
167 NX_PARAMETER_NOT_USED(output_buffer_size);
168 NX_PARAMETER_NOT_USED(actual_size);
169 return(0);
170 #endif
171 }
172
173
