1 /* 2 * Copyright (c) 2021-2022, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 */ 7 8 #ifndef BL1_1_CRYPTO_H 9 #define BL1_1_CRYPTO_H 10 11 #include <stddef.h> 12 #include <stdint.h> 13 14 #define CTR_IV_LEN 16 15 16 #include "crypto_key_defs.h" 17 #include "fih.h" 18 19 #ifdef __cplusplus 20 extern "C" { 21 #endif 22 23 /* Calculates a hash in stages. Note, there is no context here so only one hash 24 * operation can be run at once. 25 */ 26 fih_int bl1_sha256_init(void); 27 fih_int bl1_sha256_update(uint8_t *data, size_t data_length); 28 fih_int bl1_sha256_finish(uint8_t *hash); 29 30 /* Calculates a SHA-256 hash of the input data */ 31 fih_int bl1_sha256_compute(const uint8_t *data, 32 size_t data_length, 33 uint8_t *hash); 34 35 /* Performs AES-256-CTR decryption */ 36 int32_t bl1_aes_256_ctr_decrypt(enum tfm_bl1_key_id_t key_id, 37 const uint8_t *key_material, 38 uint8_t *counter, 39 const uint8_t *ciphertext, 40 size_t ciphertext_length, 41 uint8_t *plaintext); 42 43 /* Derives key material from a BL1 key and some label and context. Any 44 * cryptographically secure key derivation algorithm is acceptable. 45 */ 46 int32_t bl1_derive_key(enum tfm_bl1_key_id_t input_key, const uint8_t *label, 47 size_t label_length, const uint8_t *context, 48 size_t context_length, uint8_t *output_key, 49 size_t output_length); 50 51 #ifdef __cplusplus 52 } 53 #endif 54 55 #endif /* BL1_1_CRYPTO_H */ 56
