AppleCSP/MiscCSPAlgs/MacContext.cpp

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 /*
  19  * MacContext.cpp - AppleCSPContext for HMACSHA1
  20  */
  21
  22 #include "MacContext.h"
  23 #include <PBKDF2/HMACSHA1.h>
  24 #include <Security/cssmerr.h>
  25 #include <Security/utilities.h>
  26 #ifdef  CRYPTKIT_CSP_ENABLE
  27 #include <CryptKit/HmacSha1Legacy.h>
  28 #endif  /* CRYPTKIT_CSP_ENABLE */
  29
  30 MacContext::~MacContext()
  31 {
  32         if(mHmac) {
  33                 hmacFree(mHmac);
  34                 mHmac = NULL;
  35         }
  36 }
  37
  38 /* called out from CSPFullPluginSession....
  39  * both generate and verify: */
  40 void MacContext::init(const Context &context, bool isSigning)
  41 {
  42         if(mHmac == NULL) {
  43                 mHmac = hmacAlloc();
  44                 if(mHmac == NULL) {
  45                         CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
  46                 }
  47         }
  48
  49         /* obtain key from context */
  50         UInt32          keyLen;
  51         UInt8           *keyData        = NULL;
  52
  53         symmetricKeyBits(context, CSSM_ALGID_SHA1HMAC,
  54                 isSigning ? CSSM_KEYUSE_SIGN : CSSM_KEYUSE_VERIFY,
  55                 keyData, keyLen);
  56         if((keyLen < HMAC_MIN_KEY_SIZE) || (keyLen > HMAC_MAX_KEY_SIZE)) {
  57                 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
  58         }
  59
  60         CSSM_RETURN crtn = hmacInit(mHmac, keyData, keyLen);
  61         if(crtn) {
  62                 CssmError::throwMe(crtn);
  63         }
  64 }
  65
  66 void MacContext::update(const CssmData &data)
  67 {
  68         CSSM_RETURN crtn = hmacUpdate(mHmac,
  69                 data.data(),
  70                 data.length());
  71         if(crtn) {
  72                 CssmError::throwMe(crtn);
  73         }
  74 }
  75
  76 /* generate only */
  77 void MacContext::final(CssmData &out)
  78 {
  79         if(out.length() < kHMACSHA1DigestSize) {
  80                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
  81         }
  82         hmacFinal(mHmac, out.data());
  83 }
  84
  85 /* verify only */
  86 void MacContext::final(const CssmData &in)
  87 {
  88         unsigned char mac[kHMACSHA1DigestSize];
  89         hmacFinal(mHmac, mac);
  90         if(memcmp(mac, in.data(), kHMACSHA1DigestSize)) {
  91                 CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
  92         }
  93 }
  94
  95 size_t MacContext::outputSize(bool final, size_t inSize)
  96 {
  97         return kHMACSHA1DigestSize;
  98 }
  99
 100 #ifdef  CRYPTKIT_CSP_ENABLE
 101
 102 MacLegacyContext::~MacLegacyContext()
 103 {
 104         if(mHmac) {
 105                 hmacLegacyFree(mHmac);
 106                 mHmac = NULL;
 107         }
 108 }
 109
 110 /* called out from CSPFullPluginSession....
 111  * both generate and verify: */
 112 void MacLegacyContext::init(const Context &context, bool isSigning)
 113 {
 114         if(mHmac == NULL) {
 115                 mHmac = hmacLegacyAlloc();
 116                 if(mHmac == NULL) {
 117                         CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
 118                 }
 119         }
 120
 121         /* obtain key from context */
 122         UInt32          keyLen;
 123         UInt8           *keyData        = NULL;
 124
 125         /* FIXME - this may require a different key alg */
 126         symmetricKeyBits(context, CSSM_ALGID_SHA1HMAC,
 127                 isSigning ? CSSM_KEYUSE_SIGN : CSSM_KEYUSE_VERIFY,
 128                 keyData, keyLen);
 129         if((keyLen < HMAC_MIN_KEY_SIZE) || (keyLen > HMAC_MAX_KEY_SIZE)) {
 130                 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
 131         }
 132
 133         OSStatus ortn = hmacLegacyInit(mHmac, keyData, keyLen);
 134         if(ortn) {
 135                 MacOSError::throwMe(ortn);
 136         }
 137 }
 138
 139 void MacLegacyContext::update(const CssmData &data)
 140 {
 141         OSStatus ortn = hmacLegacyUpdate(mHmac,
 142                 data.data(),
 143                 data.length());
 144         if(ortn) {
 145                 MacOSError::throwMe(ortn);
 146         }
 147 }
 148
 149 /* generate only */
 150 void MacLegacyContext::final(CssmData &out)
 151 {
 152         if(out.length() < kHMACSHA1DigestSize) {
 153                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
 154         }
 155         hmacLegacyFinal(mHmac, out.data());
 156 }
 157
 158 /* verify only */
 159 void MacLegacyContext::final(const CssmData &in)
 160 {
 161         unsigned char mac[kHMACSHA1DigestSize];
 162         hmacLegacyFinal(mHmac, mac);
 163         if(memcmp(mac, in.data(), kHMACSHA1DigestSize)) {
 164                 CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
 165         }
 166 }
 167
 168 size_t MacLegacyContext::outputSize(bool final, size_t inSize)
 169 {
 170         return kHMACSHA1DigestSize;
 171 }
 172
 173 #endif  /* CRYPTKIT_CSP_ENABLE */