4 * Copyright (c) 2010,2012 Apple Inc. All Rights Reserved.
8 #include "Security/SecPBKDF.h"
9 #include "Security/pbkdf2.h"
11 #include <CommonCrypto/CommonHMAC.h>
15 /* CC Based HMAC PRF functions */
16 void hmac_sha1_PRF(const uint8_t *key
,
20 uint8_t digest
[CC_SHA1_DIGEST_LENGTH
])
22 CCHmacContext hmac_sha1_context
;
24 CCHmacInit(&hmac_sha1_context
, kCCHmacAlgSHA1
, key
, key_len
);
25 CCHmacUpdate(&hmac_sha1_context
, text
, text_len
);
26 CCHmacFinal(&hmac_sha1_context
, digest
);
30 /* This implements the HMAC SHA-1 version of pbkdf2 and allocates a local buffer for the HMAC */
31 void pbkdf2_hmac_sha1(const uint8_t *passwordPtr
, size_t passwordLen
,
32 const uint8_t *saltPtr
, size_t saltLen
,
33 uint32_t iterationCount
,
34 void *dkPtr
, size_t dkLen
)
36 // MAX(salt_length + 4, 20 /* SHA1 Digest size */) + 2 * 20;
37 // salt_length + HASH_SIZE is bigger than either salt + 4 and digestSize.
38 const size_t kBigEnoughSize
= (saltLen
+ CC_SHA1_DIGEST_LENGTH
) + 2 * CC_SHA1_DIGEST_LENGTH
;
39 uint8_t temp_data
[kBigEnoughSize
];
41 pbkdf2(hmac_sha1_PRF
, CC_SHA1_DIGEST_LENGTH
,
42 passwordPtr
, passwordLen
,
48 bzero(temp_data
, kBigEnoughSize
);
52 void SecKeyFromPassphraseDataHMACSHA1(CFDataRef password
, CFDataRef salt
, uint32_t interationCount
, CFMutableDataRef derivedKey
)
54 pbkdf2_hmac_sha1(CFDataGetBytePtr(password
), CFDataGetLength(password
),
55 CFDataGetBytePtr(salt
), CFDataGetLength(salt
),
57 CFDataGetMutableBytePtr(derivedKey
), CFDataGetLength(derivedKey
));