diff options
Diffstat (limited to 'util/broadcom/secimage/crypto.c')
| -rw-r--r-- | util/broadcom/secimage/crypto.c | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/util/broadcom/secimage/crypto.c b/util/broadcom/secimage/crypto.c new file mode 100644 index 0000000000..c1afbc898d --- /dev/null +++ b/util/broadcom/secimage/crypto.c @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2015 Broadcom Corporation + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation version 2. + * + * This program is distributed "as is" WITHOUT ANY WARRANTY of any + * kind, whether express or implied; without even the implied warranty + * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + + +#include <stdio.h> +#include <string.h> +#include <stdint.h> +#include "secimage.h" +#include <openssl/hmac.h> + + +/*---------------------------------------------------------------------- + * Name : HmacSha256Hash + * Purpose : + * Input : none + * Output : none + *---------------------------------------------------------------------*/ +int HmacSha256Hash(uint8_t *data, uint32_t len, uint8_t *hash, uint8_t *key) +{ + HMAC_CTX hctx; + + HMAC_CTX_init(&hctx); + HMAC_Init_ex(&hctx, key, 32, EVP_sha256(), NULL); + + /* + * FIXME: why we need this? NULL means to use whatever there is? + * if removed, result is different + */ + HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL); + HMAC_Update(&hctx, data, len); + HMAC_Final(&hctx, hash, NULL); + + HMAC_CTX_cleanup(&hctx); + return 0; +} + + +/*---------------------------------------------------------------------- + * Name : AppendHMACSignature + * Purpose : Appends HMAC signature at the end of the data + *---------------------------------------------------------------------*/ +int AppendHMACSignature(uint8_t *data, uint32_t length, char *filename, + uint32_t offset) +{ + uint8_t hmackey[32]; + uint32_t len; + uint32_t status; + uint8_t *digest = data + length; + + len = ReadBinaryFile(filename, hmackey, 32); + if (len != 32) { + printf("Error reading hmac key file\n"); + return 0; + } + + status = HmacSha256Hash(&data[offset], length - offset, digest, + hmackey); + + if (status) { + printf("HMAC-SHA256 hash error\n"); + return 0; + } + + return 32; +} |