5.13.0.0R1
Software Development Kit
platform_tiny_crypto.c File Reference

Functions

void hw_aes_crypt (hw_aes_context_t *ctx, uint32_t length, unsigned char iv[AES_IV_LEN], const unsigned char *input, unsigned char *output)
 
void hw_aes_crypt_cbc (hw_aes_context_t *ctx, hw_aes_mode_type_t mode, uint32_t length, unsigned char iv[AES_IV_LEN], const unsigned char *input, unsigned char *output)
 
void hw_aes_crypt_cfb (hw_aes_context_t *ctx, hw_aes_mode_type_t mode, uint32_t length, uint32_t *iv_off, unsigned char iv[AES_IV_LEN], const unsigned char *input, unsigned char *output)
 
void hw_aes_crypt_ctr (hw_aes_context_t *ctx, hw_aes_mode_type_t mode, uint32_t length, unsigned char iv[AES_IV_LEN], const unsigned char *input, unsigned char *output)
 
void hw_aes_crypt_ecb (hw_aes_context_t *ctx, hw_aes_mode_type_t mode, const unsigned char input[AES_BLOCK_SZ], unsigned char output[AES_BLOCK_SZ])
 
void hw_aes_setkey_dec (hw_aes_context_t *ctx, unsigned char *key, uint32_t keysize_bits)
 
void hw_aes_setkey_enc (hw_aes_context_t *ctx, unsigned char *key, uint32_t keysize_bits)
 
void hw_des3_set2key (hw_des_context_t *ctx, unsigned char *key)
 
void hw_des3_set3key (hw_des_context_t *ctx, unsigned char *key)
 
void hw_des_setkey (hw_des_context_t *ctx, unsigned char *key)
 
WEAK platform_result_t platform_hwcrypto_aescbc_decrypt_sha256_hmac (uint8_t *crypt_key, uint8_t *crypt_iv, uint32_t crypt_size, uint32_t auth_size, uint8_t *hmac_key, uint32_t hmac_key_len, uint8_t *src, uint8_t *crypt_dest, uint8_t *hash_dest)
 
platform_result_t platform_hwcrypto_aescbc_encrypt (uint8_t *crypt_key, uint8_t *crypt_iv, uint32_t crypt_size, uint8_t *src, uint8_t *crypt_dest)
 
WEAK platform_result_t platform_hwcrypto_execute (crypto_cmd_t cmd)
 
platform_result_t platform_hwcrypto_md5 (const unsigned char *input, uint32_t ilen, unsigned char output[MD5_HASH_SIZE], unsigned char *payload_buffer)
 
platform_result_t platform_hwcrypto_md5_finish (md5_context_t *ctx, const unsigned char *input, uint32_t ilen, unsigned char output[MD5_HASH_SIZE])
 
platform_result_t platform_hwcrypto_md5_hmac (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[MD5_HASH_SIZE], unsigned char *payload_buffer)
 
platform_result_t platform_hwcrypto_md5_hmac_finish (md5_context_t *ctx, uint8_t *input, int32_t ilen, unsigned char output[MD5_HASH_SIZE])
 
platform_result_t platform_hwcrypto_md5_hmac_incremental (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[MD5_HASH_SIZE])
 
platform_result_t platform_hwcrypto_md5_hmac_starts (md5_context_t *ctx, const unsigned char *key, uint32_t keylen)
 
platform_result_t platform_hwcrypto_md5_hmac_update (md5_context_t *ctx, const unsigned char *input, int32_t ilen)
 
platform_result_t platform_hwcrypto_md5_incremental (const unsigned char *input, uint32_t ilen, unsigned char output[MD5_HASH_SIZE])
 
platform_result_t platform_hwcrypto_md5_starts (md5_context_t *ctx, const unsigned char *input, uint32_t ilen)
 
platform_result_t platform_hwcrypto_md5_update (md5_context_t *ctx, const unsigned char *input, uint32_t ilen)
 
platform_result_t platform_hwcrypto_sha1 (const unsigned char *input, uint32_t ilen, unsigned char output[SHA1_HASH_SIZE], unsigned char *payload_buffer)
 
platform_result_t platform_hwcrypto_sha1_finish (sha1_context_t *ctx, const unsigned char *input, uint32_t ilen, unsigned char output[SHA1_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha1_hmac (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[SHA1_HASH_SIZE], unsigned char *payload_buffer)
 
platform_result_t platform_hwcrypto_sha1_hmac_finish (sha1_context_t *ctx, uint8_t *input, int32_t ilen, unsigned char output[SHA1_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha1_hmac_incremental (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[SHA1_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha1_hmac_starts (sha1_context_t *ctx, const unsigned char *key, uint32_t keylen)
 
platform_result_t platform_hwcrypto_sha1_hmac_update (sha1_context_t *ctx, const unsigned char *input, int32_t ilen)
 
platform_result_t platform_hwcrypto_sha1_incremental (const unsigned char *input, uint32_t ilen, unsigned char output[SHA1_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha1_starts (sha1_context_t *ctx, const unsigned char *input, uint32_t ilen)
 
platform_result_t platform_hwcrypto_sha1_update (sha1_context_t *ctx, const unsigned char *input, uint32_t ilen)
 
platform_result_t platform_hwcrypto_sha2 (const unsigned char *input, uint32_t ilen, unsigned char output[SHA256_HASH_SIZE], unsigned char *payload_buffer, int32_t is224)
 
WEAK platform_result_t platform_hwcrypto_sha256_hash (uint8_t *source, uint32_t size, uint8_t *output_payload_buffer, uint8_t *hash_output)
 
WEAK platform_result_t platform_hwcrypto_sha256_hmac (uint8_t *hmac_key, uint32_t keysize, uint8_t *source, uint32_t size, uint8_t *payload_buffer, uint8_t *hash_output)
 
platform_result_t platform_hwcrypto_sha256_hmac_aescbc_encrypt (uint8_t *crypt_key, uint8_t *crypt_iv, uint32_t crypt_size, uint32_t auth_size, uint8_t *hmac_key, uint32_t hmac_key_len, uint8_t *src, uint8_t *crypt_dest, uint8_t *hash_dest)
 
platform_result_t platform_hwcrypto_sha2_finish (sha256_context_t *ctx, const unsigned char *input, uint32_t ilen, unsigned char output[SHA256_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha2_hmac (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[SHA256_HASH_SIZE], unsigned char *payload_buffer, int32_t is224)
 
platform_result_t platform_hwcrypto_sha2_hmac_finish (sha256_context_t *ctx, uint8_t *input, int32_t ilen, unsigned char output[SHA256_HASH_SIZE])
 
platform_result_t platform_hwcrypto_sha2_hmac_incremental (const unsigned char *key, uint32_t keylen, const unsigned char *input, uint32_t ilen, unsigned char output[SHA256_HASH_SIZE], int32_t is224)
 
platform_result_t platform_hwcrypto_sha2_hmac_starts (sha256_context_t *ctx, const unsigned char *key, uint32_t keylen, int32_t is224)
 
platform_result_t platform_hwcrypto_sha2_hmac_update (sha256_context_t *ctx, const unsigned char *input, int32_t ilen)
 
platform_result_t platform_hwcrypto_sha2_incremental (const unsigned char *input, uint32_t ilen, unsigned char output[SHA256_HASH_SIZE], int32_t is224)
 
platform_result_t platform_hwcrypto_sha2_starts (sha256_context_t *ctx, const unsigned char *input, uint32_t ilen, int32_t is224)
 
platform_result_t platform_hwcrypto_sha2_update (sha256_context_t *ctx, const unsigned char *input, uint32_t ilen)
 

Detailed Description

Broadcom SPU-M Interface

Function Documentation

void hw_aes_crypt ( hw_aes_context_t *  ctx,
uint32_t  length,
unsigned char  iv[AES_IV_LEN],
const unsigned char *  input,
unsigned char *  output 
)

AES CBC Encryption/Decryption

Parameters
[in]ctxhw_aes_context
[in]lengthlength of input data
[in]ivaes_iv used for AES
[in]inputinput data
[out]outputoutput of the AES encryption/decryption
void hw_aes_crypt_cbc ( hw_aes_context_t *  ctx,
hw_aes_mode_type_t  mode,
uint32_t  length,
unsigned char  iv[AES_IV_LEN],
const unsigned char *  input,
unsigned char *  output 
)

AES CBC Encryption/Decryption

Parameters
[in]ctxhw_aes_context
[in]modemode HW_AES_ENCRYPT/HW_AES_DECRYPT
[in]lengthlength of input data
[in]ivaes_iv used for AES
[in]inputinput data
[out]outputoutput of the AES encryption/decryption
void hw_aes_crypt_cfb ( hw_aes_context_t *  ctx,
hw_aes_mode_type_t  mode,
uint32_t  length,
uint32_t *  iv_off,
unsigned char  iv[AES_IV_LEN],
const unsigned char *  input,
unsigned char *  output 
)

AES CFB Encryption/Decryption

Parameters
[in]ctxhw_aes_context
[in]modemode HW_AES_ENCRYPT/HW_AES_DECRYPT
[in]lengthlength of input data
[in]ivaes_iv used for AES
[in]inputinput data
[out]outputoutput of the AES encryption/decryption
void hw_aes_crypt_ctr ( hw_aes_context_t *  ctx,
hw_aes_mode_type_t  mode,
uint32_t  length,
unsigned char  iv[AES_IV_LEN],
const unsigned char *  input,
unsigned char *  output 
)

AES CTR Encryption/Decryption

Parameters
[in]ctxhw_aes_context
[in]modemode HW_AES_ENCRYPT/HW_AES_DECRYPT
[in]lengthlength of input data
[in]ivaes_iv used for AES
[in]inputinput data
[out]outputoutput of the AES encryption/decryption
void hw_aes_crypt_ecb ( hw_aes_context_t *  ctx,
hw_aes_mode_type_t  mode,
const unsigned char  input[AES_BLOCK_SZ],
unsigned char  output[AES_BLOCK_SZ] 
)

AES ECB Encryption/Decryption

Parameters
[in]ctxhw_aes_context
[in]modemode HW_AES_ENCRYPT/HW_AES_DECRYPT
[in]lengthlength of input data
[in]ivaes_iv used for AES
[in]inputinput data of size AES_BLOCK_SIZE
[out]outputoutput of the AES encryption/decryption
void hw_aes_setkey_dec ( hw_aes_context_t *  ctx,
unsigned char *  key,
uint32_t  keysize_bits 
)

Populate the hw_aes_context_t with key and keysize

Parameters
[in]ctx
[in]key
[in]keysize_bits
void hw_aes_setkey_enc ( hw_aes_context_t *  ctx,
unsigned char *  key,
uint32_t  keysize_bits 
)

Populate the hw_aes_context_t with key and keysize

Parameters
[in]ctx
[in]key
[in]keysize_bits
void hw_des3_set2key ( hw_des_context_t *  ctx,
unsigned char *  key 
)

DES3 112 bit Key encryption/decryption K3 = K1

Parameters
[in]ctx
[in]key
void hw_des3_set3key ( hw_des_context_t *  ctx,
unsigned char *  key 
)

DES3 168 bit Key encryption/decryption

Parameters
[in]ctx
[in]key
void hw_des_setkey ( hw_des_context_t *  ctx,
unsigned char *  key 
)

DES/DES3 56 bit Key encryption/decryption K1=K2=K3

Parameters
[in]ctx
[in]key
WEAK platform_result_t platform_hwcrypto_aescbc_decrypt_sha256_hmac ( uint8_t *  crypt_key,
uint8_t *  crypt_iv,
uint32_t  crypt_size,
uint32_t  auth_size,
uint8_t *  hmac_key,
uint32_t  hmac_key_len,
uint8_t *  src,
uint8_t *  crypt_dest,
uint8_t *  hash_dest 
)

Combo AES128 CBC decryption + SHA256HMAC Authentication For data size < ( HWCRYPTO_MAX_PAYLOAD_SIZE )

Parameters
[in]crypt_keyAES key
[in]crypt_ivAES IV
[in]crypt_sizeSize of data to be decrypted
[in]auth_sizeSize of data to be authenticated
[in]hmac_keyHMAC key
[in]hmac_key_lenHMAC key length
[in]srcinput data
[out]crypt_destResult of decryption
[out]hash_destResult of authentication
platform_result_t platform_hwcrypto_aescbc_encrypt ( uint8_t *  crypt_key,
uint8_t *  crypt_iv,
uint32_t  crypt_size,
uint8_t *  src,
uint8_t *  crypt_dest 
)

AES128 CBC encryption Deprecated, use hw_aes_crypt_cbc() instead For data size < ( HWCRYPTO_MAX_PAYLOAD_SIZE )

Parameters
[in]crypt_keyAES key
[in]crypt_ivAES IV
[in]crypt_sizeSize of data to be encrypted
[in]srcinput data
[out]crypt_destResult of encryption
WEAK platform_result_t platform_hwcrypto_execute ( crypto_cmd_t  cmd)

Creates a SPU-M (HWCrypto) Message and Transfers it to SPU-M using M2MDma. Results of the HWCrypto Operation are stored in the buffers specified in cmd.output

Parameters
[in]cmd: HWCrypto command
Returns
platform_result_t
platform_result_t platform_hwcrypto_md5 ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  hash_output[MD5_HASH_SIZE],
unsigned char *  payload_buffer 
)

MD5

Parameters
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_md5_finish ( md5_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[MD5_HASH_SIZE] 
)

MD5 FINISH

Parameters
[in]ctxmd5_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_md5_hmac ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[MD5_HASH_SIZE],
unsigned char *  payload_buffer 
)

MD5HMAC Authentication

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_md5_hmac_finish ( md5_context_t *  ctx,
uint8_t *  input,
int32_t  ilen,
unsigned char  output[MD5_HASH_SIZE] 
)

MD5 HMAC FINISH

Parameters
[in]ctxmd5_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_md5_hmac_incremental ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[MD5_HASH_SIZE] 
)

MD5HMAC Authentication For lengths > HWCRYPTO_MAX_PAYLOAD_SIZE

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication

SPU-M does not support MD5 HMAC of > 64K , but it supports MD5 Hash for > 64K data So HMAC is computed by using Hash as described below. HMAC = Hash(key XOR opad || HASH(key XOR ipad || data)) (|| -> append, ipad -> 64 byte array of 0x3C, opad -> 64 byte array of 0x5c ) InnexHashContext -> key XOR ipad OuterHashContext -> key XOR opad

For Details Refer to : APPENDIX B: Summary of Hash Modes and 3.4.1 : Code authentication Using Incremental Hash operation

HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer has the output payload output has the HASH result in case of init/updt/final

platform_result_t platform_hwcrypto_md5_hmac_starts ( md5_context_t *  ctx,
const unsigned char *  key,
uint32_t  keylen 
)

MD5 HMAC INIT Calculates HASH(key XOR ipad) HASH(key XOR ipad || data)

Parameters
[in]ctxmd5_context containing the previous sha result HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]keyHMAC key
[in]keylenHMAC key length

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_md5_hmac_update ( md5_context_t *  ctx,
const unsigned char *  input,
int32_t  ilen 
)

MD5 HMAC UPDATE HASH(key XOR ipad || data) : input_len is multiple of 64

platform_result_t platform_hwcrypto_md5_incremental ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[MD5_HASH_SIZE] 
)

SPU-M (HWCrypto Engine) can only hash HWCRYPTO_MAX_PAYLOAD_SIZE payload at a time. for larger payloads, divide the hash into HASH_INIT, HASH_UPDT, HASH_FINISH. SPU-M User guide Rev0.31 Page 41 Section 3.4.1

Parameters
[in]inputpointer to input data/payload
[in]ilenlength of input data/payload
[out]outputbuffer to store output data
platform_result_t platform_hwcrypto_md5_starts ( md5_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen 
)

MD5 INIT : input_len is multiple of 64

Parameters
[in]ctxmd5_context HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]inputinput data
[in]ilensize of data to be authenticated

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_md5_update ( md5_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen 
)

MD5 UPDATE : input_len is multiple of 64

Parameters
[in]ctxmd5_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha1 ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  hash_output[SHA1_HASH_SIZE],
unsigned char *  payload_buffer 
)

SHA1

Parameters
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha1_finish ( sha1_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA1_HASH_SIZE] 
)

SHA1 FINISH

Parameters
[in]ctxsha1_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha1_hmac ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA1_HASH_SIZE],
unsigned char *  payload_buffer 
)

SHA1HMAC Authentication

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha1_hmac_finish ( sha1_context_t *  ctx,
uint8_t *  input,
int32_t  ilen,
unsigned char  output[SHA1_HASH_SIZE] 
)

SHA1 HMAC FINISH

Parameters
[in]ctxsha1_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha1_hmac_incremental ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA1_HASH_SIZE] 
)

SHA1HMAC Authentication For lengths > HWCRYPTO_MAX_PAYLOAD_SIZE

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication

SPU-M does not support SHA-1 HMAC of > 64K , but it supports SHA-1 Hash for > 64K data So HMAC is computed by using Hash as described below. HMAC = Hash(key XOR opad || HASH(key XOR ipad || data)) (|| -> append, ipad -> 64 byte array of 0x3C, opad -> 64 byte array of 0x5c ) InnexHashContext -> key XOR ipad OuterHashContext -> key XOR opad

For Details Refer to : APPENDIX B: Summary of Hash Modes and 3.4.1 : Code authentication Using Incremental Hash operation

HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer has the output payload output has the HASH result in case of init/updt/final

platform_result_t platform_hwcrypto_sha1_hmac_starts ( sha1_context_t *  ctx,
const unsigned char *  key,
uint32_t  keylen 
)

SHA1 HMAC INIT Calculates HASH(key XOR ipad) HASH(key XOR ipad || data)

Parameters
[in]ctxsha1_context containing the previous sha result HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]keyHMAC key
[in]keylenHMAC key length

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha1_hmac_update ( sha1_context_t *  ctx,
const unsigned char *  input,
int32_t  ilen 
)

SHA1 HMAC UPDATE HASH(key XOR ipad || data) : input_len is multiple of 64

platform_result_t platform_hwcrypto_sha1_incremental ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA1_HASH_SIZE] 
)

SPU-M (HWCrypto Engine) can only hash HWCRYPTO_MAX_PAYLOAD_SIZE payload at a time. for larger payloads, divide the hash into HASH_INIT, HASH_UPDT, HASH_FINISH. SPU-M User guide Rev0.31 Page 41 Section 3.4.1

Parameters
[in]inputpointer to input data/payload
[in]ilenlength of input data/payload
[out]outputbuffer to store output data
platform_result_t platform_hwcrypto_sha1_starts ( sha1_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen 
)

SHA1 INIT : input_len is multiple of 64

Parameters
[in]ctxsha1_context HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]inputinput data
[in]ilensize of data to be authenticated

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha1_update ( sha1_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen 
)

SHA1 UPDATE : input_len is multiple of 64

Parameters
[in]ctxsha1_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha2 ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  hash_output[SHA256_HASH_SIZE],
unsigned char *  payload_buffer,
int32_t  is224 
)

SHA256

Parameters
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
[in]is2240 : SHA256 1: SHA224
WEAK platform_result_t platform_hwcrypto_sha256_hash ( uint8_t *  source,
uint32_t  size,
uint8_t *  output_payload_buffer,
uint8_t *  hash_output 
)

SHA256 HASH on data size < HWCRYPTO_MAX_PAYLOAD_SIZE , use platform_hwcrypto_sha2() instead Size is < HWCRYPTO_MAX_PAYLOAD_SIZE output is aligned to CRYPTO_OPTIMIZED_DESCRIPTOR_ALIGNMENT

WEAK platform_result_t platform_hwcrypto_sha256_hmac ( uint8_t *  hmac_key,
uint32_t  keysize,
uint8_t *  source,
uint32_t  size,
uint8_t *  payload_buffer,
uint8_t *  hash_output 
)

SHA256 HMAC on data size < HWCRYPTO_MAX_PAYLOAD_SIZE , use platform_hwcrypto_sha2_hmac() instead Size is < HWCRYPTO_MAX_PAYLOAD_SIZE output is aligned to CRYPTO_OPTIMIZED_DESCRIPTOR_ALIGNMENT

platform_result_t platform_hwcrypto_sha256_hmac_aescbc_encrypt ( uint8_t *  crypt_key,
uint8_t *  crypt_iv,
uint32_t  crypt_size,
uint32_t  auth_size,
uint8_t *  hmac_key,
uint32_t  hmac_key_len,
uint8_t *  src,
uint8_t *  crypt_dest,
uint8_t *  hash_dest 
)

Combo SHA256HMAC Authentication + AES128 CBC encryption For data size < ( HWCRYPTO_MAX_PAYLOAD_SIZE )

Parameters
[in]crypt_keyAES key
[in]crypt_ivAES IV
[in]crypt_sizeSize of data to be encrypted
[in]auth_sizeSize of data to be authenticated
[in]hmac_keyHMAC key
[in]hmac_key_lenHMAC key length
[in]srcinput data
[out]crypt_destResult of encryption
[out]hash_destResult of authentication
platform_result_t platform_hwcrypto_sha2_finish ( sha256_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA256_HASH_SIZE] 
)

SHA256 FINISH

Parameters
[in]ctxsha256_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha2_hmac ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA256_HASH_SIZE],
unsigned char *  payload_buffer,
int32_t  is224 
)

SHA256HMAC Authentication

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
[in]is2240 : SHA256 1: SHA224
platform_result_t platform_hwcrypto_sha2_hmac_finish ( sha256_context_t *  ctx,
uint8_t *  input,
int32_t  ilen,
unsigned char  output[SHA256_HASH_SIZE] 
)

SHA256 HMAC FINISH

Parameters
[in]ctxsha256_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
platform_result_t platform_hwcrypto_sha2_hmac_incremental ( const unsigned char *  key,
uint32_t  keylen,
const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA256_HASH_SIZE],
int32_t  is224 
)

SHA256HMAC Authentication For lengths > HWCRYPTO_MAX_PAYLOAD_SIZE

Parameters
[in]keyHMAC key
[in]keylenHMAC key length
[in]inputinput data
[in]ilensize of data to be authenticated
[out]outputbuffer to hold result of authentication
[in]is2240 : SHA256 1: SHA224

SPU-M does not support SHA-256 HMAC of > 64K , but it supports SHA-256 Hash for > 64K data So HMAC is computed by using Hash as described below. HMAC = Hash(key XOR opad || HASH(key XOR ipad || data)) (|| -> append, ipad -> 64 byte array of 0x3C, opad -> 64 byte array of 0x5c ) InnexHashContext -> key XOR ipad OuterHashContext -> key XOR opad

For Details Refer to : APPENDIX B: Summary of Hash Modes and 3.4.1 : Code authentication Using Incremental Hash operation

HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer has the output payload output has the HASH result in case of init/updt/final

platform_result_t platform_hwcrypto_sha2_hmac_starts ( sha256_context_t *  ctx,
const unsigned char *  key,
uint32_t  keylen,
int32_t  is224 
)

SHA256 HMAC INIT Calculates HASH(key XOR ipad) HASH(key XOR ipad || data)

Parameters
[in]ctxsha256_context containing the previous sha result HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]keyHMAC key
[in]keylenHMAC key length
[in]is2241: SHA224 0: SHA256

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha2_hmac_update ( sha256_context_t *  ctx,
const unsigned char *  input,
int32_t  ilen 
)

SHA256 HMAC UPDATE HASH(key XOR ipad || data) : input_len is multiple of 64

platform_result_t platform_hwcrypto_sha2_incremental ( const unsigned char *  input,
uint32_t  ilen,
unsigned char  output[SHA256_HASH_SIZE],
int32_t  is224 
)

SPU-M (HWCrypto Engine) can only hash HWCRYPTO_MAX_PAYLOAD_SIZE payload at a time. for larger payloads, divide the hash into HASH_INIT, HASH_UPDT, HASH_FINISH. SPU-M User guide Rev0.31 Page 41 Section 3.4.1

Parameters
[in]inputpointer to input data/payload
[in]ilenlength of input data/payload
[out]outputbuffer to store output data
[in]is2241: SHA224 0: SHA256
platform_result_t platform_hwcrypto_sha2_starts ( sha256_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen,
int32_t  is224 
)

SHA256 INIT : input_len is multiple of 64

Parameters
[in]ctxsha256_context HWcrypto Outputs the PAYLOAD + HASH RESULT ctx->payload_buffer should be initialized to point to a buffer big enough to contain the input payload
[in]inputinput data
[in]ilensize of data to be authenticated
[in]is2241: SHA224 0: SHA256

The result of hash is stored in ctx->state

platform_result_t platform_hwcrypto_sha2_update ( sha256_context_t *  ctx,
const unsigned char *  input,
uint32_t  ilen 
)

SHA256 UPDATE : input_len is multiple of 64

Parameters
[in]ctxsha256_context containing the previous sha result
[in]inputinput data
[in]ilensize of data to be authenticated

The result of hash is stored in ctx->state