Extend crypto:mac support to CMAC too

Signed-off-by: Davide Bettio <davide@uninstall.it>

Author: bettio

src/libAtomVM/otp_crypto.c

@@ -895,11 +895,38 @@ static term nif_crypto_compute_key(Context *ctx, int argc, term argv[])
     return result;
 }
 
-#define INVALID_HMAC_ALGO 0
-
 static const AtomStringIntPair hmac_algorithm_table[] = {
+    { ATOM_STR("\x3", "sha"), PSA_ALG_SHA_1 },
+    { ATOM_STR("\x6", "sha224"), PSA_ALG_SHA_224 },
     { ATOM_STR("\x6", "sha256"), PSA_ALG_SHA_256 },
-    SELECT_INT_DEFAULT(INVALID_HMAC_ALGO)
+    { ATOM_STR("\x6", "sha384"), PSA_ALG_SHA_384 },
+    { ATOM_STR("\x6", "sha512"), PSA_ALG_SHA_512 },
+    { ATOM_STR("\x6", "sha3_224"), PSA_ALG_SHA_224 },
+    { ATOM_STR("\x6", "sha3_256"), PSA_ALG_SHA_256 },
+    { ATOM_STR("\x6", "sha3_384"), PSA_ALG_SHA_384 },
+    { ATOM_STR("\x6", "sha3_512"), PSA_ALG_SHA_512 },
+    { ATOM_STR("\x3", "md5"), PSA_ALG_MD5 },
+    { ATOM_STR("\x6", "ripemd160"), PSA_ALG_RIPEMD160 },
+
+    SELECT_INT_DEFAULT(PSA_ALG_NONE)
+};
+
+static const AtomStringIntPair cmac_algorithm_bits_table[] = {
+    { ATOM_STR("\xB", "aes_128_cbc"), 128 },
+    { ATOM_STR("\xB", "aes_128_ecb"), 128 },
+    { ATOM_STR("\xB", "aes_192_cbc"), 192 },
+    { ATOM_STR("\xB", "aes_192_ecb"), 192 },
+    { ATOM_STR("\xB", "aes_256_cbc"), 256 },
+    { ATOM_STR("\xB", "aes_256_ecb"), 256 },
+
+    SELECT_INT_DEFAULT(0)
+};
+
+static const AtomStringIntPair mac_key_table[] = {
+    { ATOM_STR("\x4", "cmac"), PSA_KEY_TYPE_AES },
+    { ATOM_STR("\x4", "hmac"), PSA_KEY_TYPE_HMAC },
+
+    SELECT_INT_DEFAULT(PSA_KEY_TYPE_NONE)
 };
 
 static term nif_crypto_mac(Context *ctx, int argc, term argv[])
@@ -911,25 +938,38 @@ static term nif_crypto_mac(Context *ctx, int argc, term argv[])
     GlobalContext *glb = ctx->global;
 
     term mac_type_term = argv[0];
-    bool is_hmac
-        = globalcontext_is_term_equal_to_atom_string(glb, mac_type_term, ATOM_STR("\x4", "hmac"));
-    if (UNLIKELY(!is_hmac)) {
-        RAISE_ERROR(make_crypto_error(__FILE__, __LINE__, "Unknown mac algorithm", ctx));
-    }
-
     term sub_type_term = argv[1];
-    psa_algorithm_t sub_type_algo
-        = interop_atom_term_select_int(hmac_algorithm_table, sub_type_term, glb);
-    if (UNLIKELY(sub_type_algo == INVALID_HMAC_ALGO)) {
-        RAISE_ERROR(make_crypto_error(__FILE__, __LINE__, "Bad digest algorithm for HMAC", ctx));
-    }
-    psa_algorithm_t psa_key_algo = PSA_ALG_HMAC(sub_type_algo);
 
     term key_term = argv[2];
     VALIDATE_VALUE(key_term, term_is_binary);
     const void *key = term_binary_data(key_term);
     size_t key_len = term_binary_size(key_term);
-    psa_key_bits_t key_bit_size = key_len * 8;
+
+    psa_key_type_t psa_key_type = interop_atom_term_select_int(mac_key_table, mac_type_term, glb);
+    psa_algorithm_t psa_key_algo;
+    psa_key_bits_t key_bit_size;
+    switch (psa_key_type) {
+        case PSA_KEY_TYPE_AES:
+            psa_key_algo = PSA_ALG_CMAC;
+            key_bit_size
+                = interop_atom_term_select_int(cmac_algorithm_bits_table, sub_type_term, glb);
+            if (UNLIKELY(key_bit_size != key_len * 8)) {
+                RAISE_ERROR(make_crypto_error(__FILE__, __LINE__, "Bad key size", ctx));
+            }
+            break;
+        case PSA_KEY_TYPE_HMAC: {
+            psa_algorithm_t sub_type_algo
+                = interop_atom_term_select_int(hmac_algorithm_table, sub_type_term, glb);
+            if (UNLIKELY(sub_type_algo == PSA_ALG_NONE)) {
+                RAISE_ERROR(
+                    make_crypto_error(__FILE__, __LINE__, "Bad digest algorithm for HMAC", ctx));
+            }
+            psa_key_algo = PSA_ALG_HMAC(sub_type_algo);
+            key_bit_size = key_len * 8;
+        } break;
+        default:
+            RAISE_ERROR(make_crypto_error(__FILE__, __LINE__, "Unknown mac algorithm", ctx));
+    }
 
     term data_term = argv[3];
     VALIDATE_VALUE(data_term, term_is_binary);
@@ -942,7 +982,7 @@ static term nif_crypto_mac(Context *ctx, int argc, term argv[])
     psa_key_id_t key_id = 0;
 
     psa_key_attributes_t attr = PSA_KEY_ATTRIBUTES_INIT;
-    psa_set_key_type(&attr, PSA_KEY_TYPE_HMAC);
+    psa_set_key_type(&attr, psa_key_type);
     psa_set_key_bits(&attr, key_bit_size);
     psa_set_key_usage_flags(&attr, PSA_KEY_USAGE_SIGN_MESSAGE);
     psa_set_key_algorithm(&attr, psa_key_algo);
@@ -958,7 +998,7 @@ static term nif_crypto_mac(Context *ctx, int argc, term argv[])
             RAISE_ERROR(make_crypto_error(__FILE__, __LINE__, "Unexpected error", ctx));
     }
 
-    size_t mac_out_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_HMAC, key_bit_size, psa_key_algo);
+    size_t mac_out_size = PSA_MAC_LENGTH(psa_key_type, key_bit_size, psa_key_algo);
     void *mac_out = malloc(mac_out_size);
     if (IS_NULL_PTR(mac_out)) {
         result = OUT_OF_MEMORY_ATOM;