AppleCSP/MiscCSPAlgs/MacContext.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 /*
  19  * MacContext.h - AppleCSPContext for HMAC{SHA1,MD5}
  20  */
  21
  22 #ifndef _MAC_CONTEXT_H_
  23 #define _MAC_CONTEXT_H_
  24
  25 #include <AppleCSP/AppleCSPContext.h>
  26 #include <PBKDF2/HMACSHA1.h>
  27
  28 /*
  29  * TLS Export Ciphers require HMAC calculation with a secret key
  30  * size of 0 bytes. We'd really like to enforce a minimum key size equal
  31  * the digest size, per RFC 2104, but TLS precludes that.
  32  */
  33 #define HMAC_MIN_KEY_SIZE               0
  34 #define HMAC_SHA_MIN_KEY_SIZE   HMAC_MIN_KEY_SIZE
  35 #define HMAC_MD5_MIN_KEY_SIZE   HMAC_MIN_KEY_SIZE
  36 #define HMAC_MAX_KEY_SIZE               2048
  37
  38 class MacContext : public AppleCSPContext  {
  39 public:
  40         MacContext(
  41                 AppleCSPSession &session,
  42                 CSSM_ALGORITHMS alg) :
  43                         AppleCSPContext(session),
  44                         mHmac(NULL),
  45                         mAlg(alg),
  46                         mDigestSize(0) { }
  47         ~MacContext();
  48
  49         /* called out from CSPFullPluginSession....
  50          * both generate and verify: */
  51         void init(const Context &context, bool isSigning);
  52         void update(const CssmData &data);
  53
  54         /* generate only */
  55         void final(CssmData &out);
  56
  57         /* verify only */
  58         void final(const CssmData &in);
  59
  60         size_t outputSize(bool final, size_t inSize);
  61
  62 private:
  63         hmacContextRef  mHmac;
  64         CSSM_ALGORITHMS mAlg;
  65         UInt32                  mDigestSize;
  66 };
  67
  68 #ifdef  CRYPTKIT_CSP_ENABLE
  69 #include <CryptKit/HmacSha1Legacy.h>
  70
  71 /* This version is bug-for-bug compatible with a legacy implementation */
  72
  73 class MacLegacyContext : public AppleCSPContext  {
  74 public:
  75         MacLegacyContext(
  76                 AppleCSPSession &session,
  77                 CSSM_ALGORITHMS alg) :
  78                         AppleCSPContext(session), mHmac(NULL) { }
  79         ~MacLegacyContext();
  80
  81         /* called out from CSPFullPluginSession....
  82          * both generate and verify: */
  83         void init(const Context &context, bool isSigning);
  84         void update(const CssmData &data);
  85
  86         /* generate only */
  87         void final(CssmData &out);
  88
  89         /* verify only */
  90         void final(const CssmData &in);
  91
  92         size_t outputSize(bool final, size_t inSize);
  93
  94 private:
  95         hmacLegacyContextRef    mHmac;
  96 };
  97
  98 #endif  /* CRYPTKIT_CSP_ENABLE */
  99
 100 #endif  /* _MAC_CONTEXT_H_ */