Software APIs
sw
device
lib
crypto
include
hmac.h
Go to the documentation of this file.
1
// Copyright lowRISC contributors (OpenTitan project).
2
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3
// SPDX-License-Identifier: Apache-2.0
4
5
#ifndef OPENTITAN_SW_DEVICE_LIB_CRYPTO_INCLUDE_HMAC_H_
6
#define OPENTITAN_SW_DEVICE_LIB_CRYPTO_INCLUDE_HMAC_H_
7
8
#include "datatypes.h"
9
#include "hash.h"
10
11
/**
12
* @file
13
* @brief Message authentication codes for the OpenTitan cryptography library.
14
*
15
* Supports message authentication based on either HMAC or KMAC.
16
*/
17
18
#ifdef __cplusplus
19
extern
"C"
{
20
#endif
// __cplusplus
21
22
/**
23
* Generic hmac context.
24
*
25
* Representation is internal to the hmac implementation; initialize
26
* with #otcrypto_hmac_init.
27
*/
28
typedef
struct
otcrypto_hmac_context
{
29
uint32_t data[
kOtcryptoHashCtxStructWords
];
30
}
otcrypto_hmac_context_t
;
31
32
/**
33
* Performs the HMAC function on the input data.
34
*
35
* This function computes the HMAC function on the `input_message` using the
36
* `key` and returns a `tag`. The key should be at least as long as the digest
37
* for the chosen hash function. The hash function is determined by the key
38
* mode. Only SHA-2 hash functions are supported. Other modes (e.g. SHA-3) are
39
* not supported and will result in errors.
40
*
41
* The caller should allocate the following amount of space for the `tag`
42
* buffer, depending on which hash algorithm is used:
43
*
44
* SHA-256: 32 bytes
45
* SHA-384: 48 bytes
46
* SHA-512: 64 bytes
47
*
48
* The caller should also set the `len` field of `tag` to the equivalent number
49
* of 32-bit words (e.g. 8 for SHA-256).
50
*
51
* @param key Pointer to the blinded key struct with key shares.
52
* @param input_message Input message to be hashed.
53
* @param[out] tag Output authentication tag.
54
* @return The result of the HMAC operation.
55
*/
56
OT_WARN_UNUSED_RESULT
57
otcrypto_status_t
otcrypto_hmac
(
const
otcrypto_blinded_key_t
*key,
58
otcrypto_const_byte_buf_t
input_message,
59
otcrypto_word32_buf_t
tag);
60
61
/**
62
* Performs the INIT operation for HMAC.
63
*
64
* Initializes the HMAC context. The key should be at least as long as the
65
* digest for the chosen hash function. The hash function is determined by the
66
* key mode. Only SHA-2 hash functions are are supported. Other modes (e.g.
67
* SHA-3) are not supported and will result in errors.
68
*
69
* @param[out] ctx Pointer to the generic HMAC context struct.
70
* @param key Pointer to the blinded HMAC key struct.
71
* @param hash_mode Hash function to use.
72
* @return Result of the HMAC init operation.
73
*/
74
OT_WARN_UNUSED_RESULT
75
otcrypto_status_t
otcrypto_hmac_init
(
otcrypto_hmac_context_t
*ctx,
76
const
otcrypto_blinded_key_t
*key);
77
78
/**
79
* Performs the UPDATE operation for HMAC.
80
*
81
* The update operation processes the `input_message` using the selected
82
* compression function. The intermediate state is stored in the HMAC context
83
* `ctx`. Any partial data is stored back in the context and combined with the
84
* subsequent bytes.
85
*
86
* #otcrypto_hmac_init should be called before calling this function.
87
*
88
* @param ctx Pointer to the generic HMAC context struct.
89
* @param input_message Input message to be hashed.
90
* @return Result of the HMAC update operation.
91
*/
92
OT_WARN_UNUSED_RESULT
93
otcrypto_status_t
otcrypto_hmac_update
(
otcrypto_hmac_context_t
*
const
ctx,
94
otcrypto_const_byte_buf_t
input_message);
95
96
/**
97
* Performs the FINAL operation for HMAC.
98
*
99
* The final operation processes the remaining partial blocks, computes the
100
* final authentication code and copies it to the `tag` parameter.
101
*
102
* #otcrypto_hmac_update should be called before calling this function.
103
*
104
* The caller should allocate space for the `tag` buffer, (the length should
105
* match the hash function digest size), and set the length of expected output
106
* in the `len` field of `tag`. If the user-set length and the output length
107
* does not match, an error message will be returned.
108
*
109
* @param ctx Pointer to the generic HMAC context struct.
110
* @param[out] tag Output authentication tag.
111
* @return Result of the HMAC final operation.
112
*/
113
OT_WARN_UNUSED_RESULT
114
otcrypto_status_t
otcrypto_hmac_final
(
otcrypto_hmac_context_t
*
const
ctx,
115
otcrypto_word32_buf_t
tag);
116
117
#ifdef __cplusplus
118
}
// extern "C"
119
#endif
// __cplusplus
120
121
#endif
// OPENTITAN_SW_DEVICE_LIB_CRYPTO_INCLUDE_HMAC_H_
Return to
OpenTitan Documentation