}
}
+tz_prf toTzPrf(CKM::KdfPrf prf)
+{
+ switch(prf) {
+ case CKM::KdfPrf::HMAC_SHA256: return PRF_HMAC_SHA256;
+ case CKM::KdfPrf::HMAC_SHA384: return PRF_HMAC_SHA384;
+ case CKM::KdfPrf::HMAC_SHA512: return PRF_HMAC_SHA512;
+ default: ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported, "PRF not supported by tz-backend");
+ }
+}
+
+tz_kbkdf_mode toTzKbkdfMode(CKM::KbkdfMode mode)
+{
+ switch(mode) {
+ case CKM::KbkdfMode::COUNTER: return KBKDF_MODE_COUNTER;
+ default:
+ ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported, "KBKDF mode not supported by tz-backend");
+ }
+}
+
+tz_kbkdf_ctr_loc toTzCtrLoc(CKM::KbkdfCounterLocation loc)
+{
+ switch(loc) {
+ case CKM::KbkdfCounterLocation::BEFORE_FIXED: return KBKDF_LOC_BEFORE_FIXED;
+ case CKM::KbkdfCounterLocation::AFTER_FIXED: return KBKDF_LOC_AFTER_FIXED;
+ case CKM::KbkdfCounterLocation::MIDDLE_FIXED: return KBKDF_LOC_MIDDLE_FIXED;
+ default:
+ ThrowErr(CKM::Exc::Crypto::DataTypeNotSupported,
+ "KBKDF counter location not supported by tz-backend");
+ }
+}
+
} // namespace
namespace CKM {
RawBuffer keyPwdBuf(keyPwd.begin(), keyPwd.end());
TrustZoneContext::Instance().executeKbkdf(secret,
- prf,
- mode,
- location,
+ toTzPrf(prf),
+ toTzKbkdfMode(mode),
+ toTzCtrLoc(location),
rlen,
llen,
noSeparator,
}
void TrustZoneContext::executeKbkdf(const RawBuffer& secret,
- KdfPrf prf,
- KbkdfMode mode,
- KbkdfCounterLocation location,
+ tz_prf prf,
+ tz_kbkdf_mode mode,
+ tz_kbkdf_ctr_loc location,
size_t rlen,
size_t llen,
bool noSeparator,
const RawBuffer &secretHash);
void executeKbkdf(const RawBuffer& secret,
- KdfPrf prf,
- KbkdfMode mode,
- KbkdfCounterLocation location,
+ tz_prf prf,
+ tz_kbkdf_mode mode,
+ tz_kbkdf_ctr_loc location,
size_t rlen,
size_t llen,
bool noSeparator,
projects / platform / core / security / key-manager.git / commitdiff