]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * cchmac_init.c | |
3 | * corecrypto | |
4 | * | |
5 | * Created on 12/07/2010 | |
6 | * | |
7 | * Copyright (c) 2010,2011,2015 Apple Inc. All rights reserved. | |
8 | * | |
9 | * | |
10 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ | |
11 | * | |
12 | * This file contains Original Code and/or Modifications of Original Code | |
13 | * as defined in and that are subject to the Apple Public Source License | |
14 | * Version 2.0 (the 'License'). You may not use this file except in | |
15 | * compliance with the License. The rights granted to you under the License | |
16 | * may not be used to create, or enable the creation or redistribution of, | |
17 | * unlawful or unlicensed copies of an Apple operating system, or to | |
18 | * circumvent, violate, or enable the circumvention or violation of, any | |
19 | * terms of an Apple operating system software license agreement. | |
20 | * | |
21 | * Please obtain a copy of the License at | |
22 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
23 | * | |
24 | * The Original Code and all software distributed under the License are | |
25 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
26 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
27 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
28 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
29 | * Please see the License for the specific language governing rights and | |
30 | * limitations under the License. | |
31 | * | |
32 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ | |
33 | */ | |
34 | ||
35 | #include <corecrypto/cchmac.h> | |
36 | #include <corecrypto/ccn.h> | |
37 | #include <corecrypto/cc_priv.h> | |
38 | ||
39 | /* The HMAC_<DIG> transform looks like: | |
40 | <DIG> (K XOR opad || <DIG> (K XOR ipad || text)) | |
41 | Where K is a n byte key | |
42 | ipad is the byte 0x36 repeated 64 times. | |
43 | opad is the byte 0x5c repeated 64 times. | |
44 | text is the data being protected. | |
45 | */ | |
46 | void cchmac_init(const struct ccdigest_info *di, cchmac_ctx_t hc, | |
47 | size_t key_len, const void *key_data) { | |
48 | const unsigned char *key = key_data; | |
49 | ||
50 | /* Set cchmac_data(di, hc) to key ^ opad. */ | |
51 | size_t byte = 0; | |
52 | if (key_len <= di->block_size) { | |
53 | for (;byte < key_len; ++byte) { | |
54 | cchmac_data(di, hc)[byte] = key[byte] ^ 0x5c; | |
55 | } | |
56 | } else { | |
57 | /* Key is longer than di->block size, reset it to key=digest(key) */ | |
58 | ccdigest_init(di, cchmac_digest_ctx(di, hc)); | |
59 | ccdigest_update(di, cchmac_digest_ctx(di, hc), key_len, key); | |
60 | ccdigest_final(di, cchmac_digest_ctx(di, hc), cchmac_data(di, hc)); | |
61 | key_len = di->output_size; | |
62 | for (;byte < key_len; ++byte) { | |
63 | cchmac_data(di, hc)[byte] ^= 0x5c; | |
64 | } | |
65 | } | |
66 | /* Fill remainder of cchmac_data(di, hc) with opad. */ | |
67 | if (key_len < di->block_size) { | |
68 | CC_MEMSET(cchmac_data(di, hc) + key_len, 0x5c, di->block_size - key_len); | |
69 | } | |
70 | ||
71 | /* Set cchmac_ostate32(di, hc) to the state of the first round of the | |
72 | outer digest. */ | |
73 | ccdigest_copy_state(di, cchmac_ostate32(di, hc), di->initial_state); | |
74 | di->compress(cchmac_ostate(di, hc), 1, cchmac_data(di, hc)); | |
75 | ||
76 | /* Set cchmac_data(di, hc) to key ^ ipad. */ | |
77 | for (byte = 0; byte < di->block_size; ++byte) { | |
78 | cchmac_data(di, hc)[byte] ^= (0x5c ^ 0x36); | |
79 | } | |
80 | ccdigest_copy_state(di, cchmac_istate32(di, hc), di->initial_state); | |
81 | di->compress(cchmac_istate(di, hc), 1, cchmac_data(di, hc)); | |
82 | cchmac_num(di, hc) = 0; | |
83 | cchmac_nbits(di, hc) = di->block_size * 8; | |
84 | } |