1 /*
2  * Copyright (c) 2023, The TrustedFirmware-M Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef __CC3XX_DRBG_HMAC_H__
9 #define __CC3XX_DRBG_HMAC_H__
10 
11 #include <stdint.h>
12 #include "cc3xx_error.h"
13 
14 #include "cc3xx_hmac.h"
15 
16 #ifdef __cplusplus
17 extern "C" {
18 #endif
19 
20 /**
21  * @brief The assumption is that it will be a multiple of 4. It depends on the
22  *        underlying hash function being used, which for the cc3xx driver is
23  *        retricted to SHA-256
24  */
25 #define CC3XX_DRBG_HMAC_OUTLEN SHA256_OUTPUT_SIZE
26 
27 /**
28  * @brief Contains the state of the HMAC_DRBG
29  *
30  */
31 struct cc3xx_drbg_hmac_state_t {
32     struct cc3xx_hmac_state_t h;
33     uint32_t block_v[CC3XX_DRBG_HMAC_OUTLEN / sizeof(uint32_t)];
34     uint32_t key_k[CC3XX_DRBG_HMAC_OUTLEN / sizeof(uint32_t)];
35     uint32_t reseed_counter;
36 };
37 
38 /**
39  * @brief Instantiate the HMAC_DRBG
40  *
41  * @param[out] state              A pointer to a state structure
42  * @param[in] entropy             Buffer containing the entropy for the instantiation
43  * @param[in] entropy_len         Size in bytes of the entropy buffer \param entropy
44  * @param[in] nonce               Buffer containing the nonce
45  * @param[in] nonce_len           Size in bytes of the nonce buffer \param nonce
46  * @param[in] personalization     Buffer containing the personalization string
47  * @param[in] personalization_len Size in bytes of the personalization buffer \param personalization
48  * @return cc3xx_err_t
49  */
50 cc3xx_err_t cc3xx_lowlevel_drbg_hmac_instantiate(
51     struct cc3xx_drbg_hmac_state_t *state,
52     const uint8_t *entropy, size_t entropy_len,
53     const uint8_t *nonce, size_t nonce_len,
54     const uint8_t *personalization, size_t personalization_len);
55 
56 /**
57  * @brief Generate random bits of data using HMAC_DRBG
58  *
59  * @param[in,out] state            A pointer to a state structure
60  * @param[in] len_bits             Size in bits to be generated. Note that this does not need to be byte aligned.
61  * @param[out] returned_bits       Buffer to hold returned bits, must be of size ceil(len_bits/8) bytes
62  * @param[in] additional_input     Optional pointer containing the additional input to be added
63  * @param[in] additional_input_len Size in bytes of the additional input \param additional_input
64  * @return cc3xx_err_t
65  */
66 cc3xx_err_t cc3xx_lowlevel_drbg_hmac_generate(
67     struct cc3xx_drbg_hmac_state_t *state,
68     size_t len_bits, uint8_t *returned_bits,
69     const uint8_t *additional_input, size_t additional_input_len);
70 
71 /**
72  * @brief Reseeds the HMAC_DRBG
73  *
74  * @param[in,out] state            A pointer to a state structure
75  * @param[in] entropy              Entropy to be used for reseeding
76  * @param[in] entropy_len          Size in bytes of the entropy pointed by \param entropy
77  * @param[in] additional_input     Optional pointer containing additional input for reseeding
78  * @param[in] additional_input_len Size in bytes of the buffer pointed by \param additional_input
79  * @return cc3xx_err_t
80  */
81 cc3xx_err_t cc3xx_lowlevel_drbg_hmac_reseed(
82     struct cc3xx_drbg_hmac_state_t *state,
83     const uint8_t *entropy, size_t entropy_len,
84     const uint8_t *additional_input, size_t additional_input_len);
85 
86 /**
87  * @brief Un-initializes the state structure associated to the HMAC_DRBG
88  *
89  * @param[out] state Pointer to the state structure
90  * @return cc3xx_err_t
91  */
92 cc3xx_err_t cc3xx_lowlevel_drbg_hmac_uninit(struct cc3xx_drbg_hmac_state_t *state);
93 
94 #ifdef __cplusplus
95 }
96 #endif
97 
98 #endif /* __CC3XX_DRBG_HMAC_H__ */
99