]> git.saurik.com Git - apple/security.git/blob - AppleCSP/MiscCSPAlgs/MacContext.cpp
projects / apple / security.git / blob
? search:


1d2ee43406dffb25f0dc196ab4787cb8900807b5
[apple/security.git] / AppleCSP / MiscCSPAlgs / MacContext.cpp
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18 /*
19 * MacContext.cpp - AppleCSPContext for HMACSHA1
20 */
21
22 #include "MacContext.h"
23 #include <PBKDF2/HMACSHA1.h>
24 #include <Security/cssmerr.h>
25 #include <Security/utilities.h>
26 #ifdef CRYPTKIT_CSP_ENABLE
27 #include <CryptKit/HmacSha1Legacy.h>
28 #endif /* CRYPTKIT_CSP_ENABLE */
29
30 MacContext::~MacContext()
31 {
32 if(mHmac) {
33 hmacFree(mHmac);
34 mHmac = NULL;
35 }
36 }
37
38 /* called out from CSPFullPluginSession....
39 * both generate and verify: */
40 void MacContext::init(const Context &context, bool isSigning)
41 {
42 if(mHmac == NULL) {
43 mHmac = hmacAlloc();
44 if(mHmac == NULL) {
45 CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
46 }
47 }
48
49 /* obtain key from context */
50 UInt32 keyLen;
51 UInt8 *keyData = NULL;
52
53 symmetricKeyBits(context, mAlg,
54 isSigning ? CSSM_KEYUSE_SIGN : CSSM_KEYUSE_VERIFY,
55 keyData, keyLen);
56 UInt32 minKey = 0;
57 switch(mAlg) {
58 case CSSM_ALGID_SHA1HMAC:
59 minKey = HMAC_SHA_MIN_KEY_SIZE;
60 mDigestSize = kHMACSHA1DigestSize;
61 break;
62 case CSSM_ALGID_MD5HMAC:
63 minKey = HMAC_MD5_MIN_KEY_SIZE;
64 mDigestSize = kHMACMD5DigestSize;
65 break;
66 default:
67 assert(0); // factory should not have called us
68 CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
69 }
70 if((keyLen < minKey) || (keyLen > HMAC_MAX_KEY_SIZE)) {
71 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
72 }
73
74 CSSM_RETURN crtn = hmacInit(mHmac, keyData, keyLen,
75 (mAlg == CSSM_ALGID_SHA1HMAC) ? CSSM_TRUE : CSSM_FALSE);
76 if(crtn) {
77 CssmError::throwMe(crtn);
78 }
79 }
80
81 void MacContext::update(const CssmData &data)
82 {
83 CSSM_RETURN crtn = hmacUpdate(mHmac,
84 data.data(),
85 data.length());
86 if(crtn) {
87 CssmError::throwMe(crtn);
88 }
89 }
90
91 /* generate only */
92 void MacContext::final(CssmData &out)
93 {
94 if(out.length() < mDigestSize) {
95 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
96 }
97 hmacFinal(mHmac, out.data());
98 }
99
100 /* verify only */
101 void MacContext::final(const CssmData &in)
102 {
103 unsigned char mac[kHMACSHA1DigestSize];
104 hmacFinal(mHmac, mac);
105 if(memcmp(mac, in.data(), mDigestSize)) {
106 CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
107 }
108 }
109
110 size_t MacContext::outputSize(bool final, size_t inSize)
111 {
112 return mDigestSize;
113 }
114
115 #ifdef CRYPTKIT_CSP_ENABLE
116
117 MacLegacyContext::~MacLegacyContext()
118 {
119 if(mHmac) {
120 hmacLegacyFree(mHmac);
121 mHmac = NULL;
122 }
123 }
124
125 /* called out from CSPFullPluginSession....
126 * both generate and verify: */
127 void MacLegacyContext::init(const Context &context, bool isSigning)
128 {
129 if(mHmac == NULL) {
130 mHmac = hmacLegacyAlloc();
131 if(mHmac == NULL) {
132 CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
133 }
134 }
135
136 /* obtain key from context */
137 UInt32 keyLen;
138 UInt8 *keyData = NULL;
139
140 /* FIXME - this may require a different key alg */
141 symmetricKeyBits(context, CSSM_ALGID_SHA1HMAC,
142 isSigning ? CSSM_KEYUSE_SIGN : CSSM_KEYUSE_VERIFY,
143 keyData, keyLen);
144 if((keyLen < HMAC_SHA_MIN_KEY_SIZE) || (keyLen > HMAC_MAX_KEY_SIZE)) {
145 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
146 }
147
148 OSStatus ortn = hmacLegacyInit(mHmac, keyData, keyLen);
149 if(ortn) {
150 MacOSError::throwMe(ortn);
151 }
152 }
153
154 void MacLegacyContext::update(const CssmData &data)
155 {
156 OSStatus ortn = hmacLegacyUpdate(mHmac,
157 data.data(),
158 data.length());
159 if(ortn) {
160 MacOSError::throwMe(ortn);
161 }
162 }
163
164 /* generate only */
165 void MacLegacyContext::final(CssmData &out)
166 {
167 if(out.length() < kHMACSHA1DigestSize) {
168 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
169 }
170 hmacLegacyFinal(mHmac, out.data());
171 }
172
173 /* verify only */
174 void MacLegacyContext::final(const CssmData &in)
175 {
176 unsigned char mac[kHMACSHA1DigestSize];
177 hmacLegacyFinal(mHmac, mac);
178 if(memcmp(mac, in.data(), kHMACSHA1DigestSize)) {
179 CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
180 }
181 }
182
183 size_t MacLegacyContext::outputSize(bool final, size_t inSize)
184 {
185 return kHMACSHA1DigestSize;
186 }
187
188 #endif /* CRYPTKIT_CSP_ENABLE */
mirror of Security